Wednesday, May 22, 2019
Effect of Technology and Network Security Support on Information Security Essay
IntroductionInformation shelter has become one of the challenges in ripping benefits of training engineering. It has been found out that to the highest degree people fear using modern education and communication technology due to fear of the privacy of their personalised details.Information technology has supported the crop of online services like e-commerce, e-banking, e-governance, and umpteen an(prenominal) others which required people to give their sensitive personal details. notwithstanding, practice like hacking and others which breach security of reading have gnaw at personal confidence in commit of ICT service. Information security derriere be described as the act of giving protection to instruction and systems by denying unauthorized access, hold, disclosure or modification.The effect of Technology on information securityThe following argon the technological methods that be used in turn up information security AuthenticationAuthentication is the wait on th rough which a person or any other things undergoes through a verification process to determine whether it is the one. It is the way through which something or someone is confirmed to establish whether the claim made is actually true (McNab, 2004). Authentication may involve proof of personal identity, origin of any artifact or basically making assurance that computer programs is trusted. Authentication is one of the commonly used methods of ensuring information security. It may be implemented through different methods includingPasswordA password can be outlined as private information that is only cognize to the owner. A password assigns a user identity which is associated with the password. The password so becomes the doorway for the user to access that particular identity (Information Resources, 2009). Passwords are personal and in that locationfore the standard of the password is very significant. Strong passwords are difficult to guess as compared to weak passwords and the refore they offer more than security to private information. It is important that user safeguard their password and once they mirthful that someone else has accessed their passwords they should con military positionr changing them to ensure security.TokenA security token is a hardware device that is used by the owner to authenticate their identity. Once the device is recognized by the net, the user is given access to the system. A token can be in different forms ranging from smart cards, key fob, and many others (Erin, 2005). Tokens provide high level security through two-factor authentication method. First, the owner has a personal identification number or PIN which authorizes them to access the device. Second the device displays that PIN number of the user to the system which allows them to access the system. Unlike passwords, token are more secure since even if the device falls in wrong hands, it will be difficult to guess the PIN. The four types of tokes include static passw ord, synchronised dynamic password, asynchronous password, and challenge response.BiometricsBiometric is one of the to the highest degree advance authentication techniques that are used when dealing with many people. It will be ascertained that today, everyone enters in a baseball match after their physical characteristics have been recorded in a system while in school kids use their thumb to access meals. These represent the commonly used biometric techniques where the emphasis is one authentication using personal physical characteristics (Down and Sands, 2004). Biometric uses different physical characteristics including eye, face, voice, fingerprints, shape of the hand, and many others.These characteristics are quite unique to every individual and they are one of the strong proofs to the personal identity. However, biometric authentication devices are very costly to buy and concord and therefore they are used in very sensitive situations. One of the greatest weaknesses of this method is that it is very easy to attacked stored comparison images than to copy those physical traits. In well-nigh cases, biometrics is used as a two factor authentication methods where a password is combined with personal physical appearance.Softwarethither are a number of softwares that have been developed to protect information in any network. The following are common software used in information securityAntivirusAntivirus are software developed to protect information from virus, spy ware, and malware. Antiviruses are used mostly in internet connected network where there is a high risk of spread of virus (Dhillon, 2007). Antivirus software mostly used includes MacAfee, Karspasky, NOD32, and many others.Content drool outingContent filtering is likewise known as information filtering. It encompasses the use of software to screen information on computers. It is also used in internet firewall e fussyly by corporations to guard some information considered private. Content filter ing helps to include or to exclude some information which can be accessed by a person and excluding information which is deemed objectionable (Dhillon, 2007).Content filtering is also used at home and at school in separate to filter information that can be accessed by children. In this case, it is used to filter out pornographic materials and violence oriented materials. In the internet content filtering can be classified into web filtering where some WebPages are filtered out and email filtering where e-mails are screened for spam. However, content filtering is criticized on the ground that some important information may be filtered out of the accessible content such that the information accessed does not really help the user.EncryptionWith the increased use of the internet, a great deal of sensitive personal information is sent from one person to another(prenominal)(prenominal) or to an organization. This raises serious questions regarding the safety of that information and the confidence that only the intended receiver receives and understands the information. To raise this level of confidence, info encoding method has been developed (Biham and Shamir, 1991). Although encryption has been used since the time of Roman Empire, it has become more complicated and with diverse use today.Encryption mainly involves conversion of a readable data to another form which can only be read and understood by a specified person or computer. This information is regarded as ciphered or encrypted data since it cannot be understood easily. It is recovered back to its original form through decryption. The level of protection and integrity in encryption is enforced by the use of message authentication code or digital signature.Message authentication code creates a secret key for the sender and receiver of the information which makes it more secure and authentic. Today, there are many softwares that are used in encrypting data. However, encryption is not one of the most secure methods of ensuring data security since there are diverse methods like traffic analysis, brute force, TEMPEST, and many others which can be used to crack the encrypted data (Biham and Shamir, 1991). It has been found that even some of the most complex algorithms like RSA, DES and others can be broken using these softwares.iii. HardwareFirewalls have also played an important role in enhancing information security. They can be used either in hardware or in software or when the two are combined. In day to day uses, firewalls are important in protection unauthorized access to a private network which is connected to the internet e sparely in the cases of intranets (Whitman and Mattord, 2007). Firewalls filters all communicate entering and leaving the intranet to ensure that it blocks those messages which are devoid of the set security standards. There are four major types of techniques used in implementing firewalls includingPacket filterThis is one of the most effective and transpare nt firewall techniques. Under this technique, each and every packet entering and leaving the network is filtered and only those which meet user defined criteria are allowed while the rest are blocked. However, the technique is quite difficult to configure and is more susceptible to IP spoofing.Application openingApplication gateway applies a defined security mechanism to some specific applications like FTP, Telnet servers, and others. Although it is quite effective, it can also lead to degradation of performance.Circuit level gatewayThis technique applies firewall security only when a TCP or UDP connected has been made. Once the connection is established, packets of data continue to flow without being checked since a secure connection has been made.Proxy serverProxy server technique intercepts in and out of a network. The server is quite effective in hide the network addresses and hence cannot be obtained easily.The effect of Network protective cover Support on information securi tyAlthough technology has been effective in deterring cyber crime, it is clear that technology alone cannot work. Even with the advanced technology and application of the various information security methods we have reviewed above, human support is still needed. There are various ways that have been employed in supporting technological method to fight cyber crimes. The following are some of these methodsHacker HuntersHacker hunters are surplus branches that have been set up in police department aimed at tracking passel cyber criminals. Hacker hunters are prowling cyberspace with an aim of tracking down and arresting professional cyber criminals who are motivated by big profits made online. Hacker hunters are employing gumshoe techniques to track down cyber crime suspect (Grow and Bush, 2005). They are employing various methods including infiltration of peon groups, monitoring the hackers through underground networks, and when possible, intercepting the hackers before they can cau se any damage. Most important, hacker hunters are relying on intelligence in order to track cyber criminals.They are using informants inside hackers group to get vital information regarding their operation. For example in 2004, Hacker Hunters in Washington unleashed Operation Firewall in which they targeted members of the ShandowCrew tracking them through their website shandowcrew.com with the help of an informant from the group. Hackers Hunters must therefore seek inside information from individuals in these groups in order to fight deter them. They are applying the same principles that were used in the 1960s to fight organized crime since both are similar in many aspects.Police OperationsPolice operations work in the same manner as hacker hunters. In most cases, police operations are carried out by a special group within the police force and reinforce the work of hacker hunters. For example in the above case, the modified Agents in the operation firewall got assistance from the l ocal police forces. Therefore police operations are important in pursuing cyber criminals to ensure security of information (Leyden, 2004).Unlike hacker hunters, police operations are carried out as fighting of routine crimes. This means that although there may be a special group carrying out police operations, it may not be entirely specialise in fighting cybercrime. In most countries, there are special internet police departments which are used in fighting internet crimes. These police departments are entrusted with carrying out important functions like fighting cybercrime, censorship, propaganda, online scams, manipulation of online opinions, and others.However one of their most important duties is to work closely with hacker hunters in intervening and apprehending cyber criminals. Internet police departments also collaborate with other police departments in other countries in enforcing internet security laws and apprehending cyber criminals. In the international front, Interpol has been important in enforcing international crimes.iii. Network gage overhaul CompaniesFor many companies, proving information security is an expensive endeavor. Companies are not only required to install hardware and software devices, but they must also collaborate with authority to ensure information security. However, the growth of corporate resources in provision of secure business environment has made many information security methods inefficient and expensive (Lighthouse Security Group, 2009). For this reason, most companies are finding it appropriate to outsource comprehensive and streamlined network security services from Network Security Services Company. Network Security Service Companies have also become important in enforcing information security.These are companies which are specialized in providing services to enforce information security. These companies offer Managed Security Services (MSS) which are security capabilities mostly outsourced by other companies. Th ese services vary from supplementing of an existing security system to offering a complete forward-looking MSS where the Network Security Service Company is entrusted with information security. However, MSS is just one of the different types of managed services others including routing, hosting, LAN, VPN, and others. Network Security Service Companies therefore offer specialized high quality network security services ensuring for many enterprises.ConclusionThe increased incidence of breach of privacy of information has had negative impact on adoption of ICT services. The emergence of e-commerce, e-banking, e-governance and other online services which required input of sensitive personal details have been affected by increased hacking of information.There are different methods that have been developed to increase information security mainly through the use of technology and network support on information security. technical methods include authentication through password, token, bio metrics software including antivirus, content filtering, or encryption and hardware through use of firewall techniques. Network security support includes hacker hunters, police operations, and security services offered by network security service companies.ReferenceBiham, E. & Shamir, A. (1991). Differential cryptanalysis of DES-like Cryptosystems. Journal of Cryptology, Vol. 4(1) 3-72Dhillon, G. (2007). Principles of information systems security text and cases. NY thaumaturgy Wiley & SonsDown, M. P & Sands, R. (2004). Biometrics An Overview of the Technology, Challenges and Control Considerations. Federal Computer Week, 21(13)Erin, B. (2005). Information security Token. Boston, Technology PressGrow, B. & Bush, J. (2005). Hacker Hunters An elite force takes on the dark side of computing. Retrieved 28th April 2009 from http//www.businessweek.com/magazine/content/05_22/b3935001_mz001.htmInformation Resources, (2009). Security tips Password protection. Retrieved 28th April 2009 from h ttp//www.utdallas.edu/ir/security/STpassword.htmLeyden, J. (2004). Enforcement is key in fighting cybercrime. Retrieved 28th April 2009 from http//www.crime-research.org/analytics/473/Lighthouse Security Group, (2009). Enterprise security solutions. Retrieved 28th April 2009 http//www.lighthousecs.com/Practices/Enterprise-Security-Solutions/McNab, C. (2004). Network Security Assessment. Sebastopol, CA OReillyWhitman, M. & Mattord, J. (2007). Management of information security. Boston, Technology Press
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.