• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  13. 13
  14. 14
  15. 15
  16. 16
  17. 17
  18. 18
  19. 19
  20. 20
  21. 21
  22. 22
  23. 23
  24. 24
  25. 25
  26. 26
  27. 27
  28. 28
  29. 29
  30. 30
  • Level: GCSE
  • Subject: ICT
  • Word count: 6679

Information Security.

Extracts from this document...


Palestine Polytechnic University Department of Administrative Science and Informatics Information Technology Information Security By: Fadi Swate Mohammad A. Amro Mohammad M. Haddad Rana Al-Natsheh Somaya Al-Qwasmeh Presented to: Ms Ahlam Qura' 2004 Introduction What is computer security? Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you to stop unauthorized users (also known as "intruders") from accessing any part of your computer system. Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done. What's before applying security ? What resources are we trying to protect? A hacker who compromises or impersonates a host will usually have access to all of its resources; like files, storage devices, phone lines .. etc. and from a practical perspective , some hackers are most interested in busing the identity of the host , not only to reach its dedicated resources but also to have an opportunity to make a link or some connection to other target ,possibly more interesting targets. Other might actually be interested in the data on your machine , weather it is sensitive company material or government secrets. Many enhanced techniques enable the entering your computer although you have a security system. The strength of ones computer security defenses should be suitable to the threat outsiders. So computer security is not a goal it's a means toward a goal that is "Information Security". The last question to be answered before deploying a security is: How much security can be offered? We can spilt the cost in two parts direct financial expenditures such as building a firewall. so as a solution , machines with sensitive files may require extra level of passwords or file encryption , and we will talk about this later in this study. The fact is one or every one wants to protect all such resources , here the obvious answer is to stop attackers at the front door or not let them into the computer system in the first place. ...read more.


Back door and remote administration programs On Windows computers, three tools commonly used by intruders to gain remote access to user computer are BackOrifice, Netbus, and SubSeven. These back door or remote administration programs, once installed, allow other people to access and control user computer. Denial of service Another form of attack is called a denial-of-service (DoS) attack. This type of attack causes user computer to crash or to become so busy processing data that he is unable to use it. In most cases, the latest patches will prevent the attack. Being an intermediary for another attack Intruders will frequently use user computers for attacking other systems user computer is just a convenient tool in a larger attack. Unprotected Windows shares Unprotected Windows networking shares can be used by intruders in an automated way to place tools on Windows-based computers attached to the Internet. Mobile code (Java/JavaScript/ActiveX) There have been some problems with mobile code (e.g. Java, JavaScript, and ActiveX). These are programming languages that let web developers write code that is executed by your web browser. Although the code is generally useful, it can be used by intruders to gather information (such as which web sites you visit) or to run destructive code on your computer. It is possible to disable Java, JavaScript, and ActiveX in your web browser. its recommend that you do so if user are browsing web sites that he are not familiar with or do not trust. Chat clients Internet chat applications, such as instant messaging applications, provide a mechanism for information to be transmitted bi-directionally between computers on the Internet. Because many chat clients allow for the exchange of executable code, they present risks similar to those of email clients. As with email clients, care should be taken to limit the chat client's ability to execute downloaded files. As always, user should be wary of exchanging files with unknown parties. ...read more.


>> Confidentiality (a party to the transaction is assured of the identity of the other part) >> Nonrepudiation ( neither party can deny that the transaction took place) In an SET transaction , the merchant dose not have access to the credit card number because it is encrypted .The merchant forwards the encrypted credit card number to an authorization center , where it is decrypted and the purchase is authorized. This differs from the SSL approach, in the which the merchant has access to the credit card number. Security in e-commerce:- Established encryption methods such as Secure Sockets Layer (SSL), a protocol developed by Netscape Communications Corporation, encode credit card numbers and other information to foil would-be thieves. Shoppers can determine if the site they are using is secure by noting the "secure" icon at the bottom of their browser window. Also, the address bar of Internet browsers will carry the "https" prefix instead of the standard "http" prefix when the site is secured. Nevertheless, some consumers are reluctant to divulge credit card information over the Internet, and this reluctance has hindered the growth of e-commerce. An alternative to credit card information is digital cash, or e-cash. In this arrangement, shoppers pay for a number of virtual credits through a single source, then use those credits as dollars when shopping. After checkout, the online retailer ships the goods to the buyer and adds shipping costs to the purchase price. Few e-commerce sites, however, offer e-cash. Privacy :- In addition to credit card security, many shoppers worry about privacy. To put them at ease, many Internet stores post "privacy statements" that explain their policy of sharing or not sharing customer information with other businesses. This privacy policy may include refusing to give the customer's name and e-mail address to companies that send unsolicited and unwanted commercial e-mail messages, often known as junk mail or spam. The U.S. Congress is considering legislation to force online companies to safeguard the privacy of online shoppers. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Communications section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Communications essays

  1. Peer reviewed

    Describe what meant by terms structured and unstructured information. Explain using the examples, the ...

    4 star(s)

    We use sounds for different reasons and most of them don't have a structured data. Like for an example we have a mobile phone and we use it to text people, ring people and lots more. But when we receive a text there will always be a sound like 'ring,

  2. Peer reviewed

    Digital Security Within the Workplace

    3 star(s)

    letters and numbers in passwords * Easy to remember password Don't: * Don't use first or last name in the password * Don't use silly thing e.g. your partner's name * Don't write your password down on paper * Don't use the same password for all your password needs etc.

  1. Which properties of HTTP waste bandwidth? What is the additional problem using HTTP/1.0 together ...

    HTML is broadly used to describe the content of web pages in the World Wide Web. HTML was designed for standard desktop computers with relatively high performance, a colour high-resolution display, mouse, sound system, and large hard disks. Web pages using the current HTML often ignore these differences in end-systems.

  2. SK-II has already established as a leading brand within its' skin-care industry. By empowering ...

    advertising approaches that encourage participation * Set up an automated e-mail-based follow up system that contacts affiliates. * Appoint staff monitor the success of each affiliate. * Motivate affiliate coaches by paying a bonus when the affiliates profit. * Use e-mail for continual contact, and pick up the phone to make it personal.

  1. OCR GCSE Business & Communication Task 7 Report

    I can also use line spacing, which can help to space out my text which can add to the aesthetical standard of my letter. By using this it can also add to the professionalism of my letter and reflect my corporate image.


    Zip Disks In an organisation, they are most likely to use Jaz or Zip devices for backing up the system. Zip disks are more reliable than floppy disks. Output Devices Common output devices supplied with a PC include a screen (also called a visual Display Unit or VDU)

  1. Bussines and Communication Systems

    Placement I took part in my school's Work Experience Placement from 9th June 2008 to 20th June 2008. Work Experience was an enjoyable and pleasurable occasion for me. My parents were the engineers in where I worked. Duties that I carried out were easy and carrying out a lot of

  2. Comparing documents

    to write out an invoice they can just fill it in instead of having to type it all out and printing it out again. Coffee Control has just got a text box, which inside it is the receivers address; it is at the top left under the logo.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work