Internet Threats and Security for Protection

net profit Threats and Security for ProtectionIntroductionTechnology is still under development in Saudi-Arabian Arabia and has not r for each oneed the advance level as its achieveed in UK and USA. Therefore profit Security is still a main as healthful as a major issues to al closely straines and organisations in Saudi Arabia.Media creationise surrounding the topic of Internet earnest displace weary the general public, as the novice users. The continual talk of the latest virus alerts, which stool down corrupted thousands and stories of teenagers hacking into engagements and stealing numerous trainings such(prenominal) as personal details, realisation card details separate details which relates to different institution, is enough to put whatsoever peerless forbidden the idea using their personal details over the Net. All this media hype needs to be addressed to see if it is save that, or is there a ground for wholly this sensationalism.The chances to actually u ndergo extensive look for and establish leads and ideas that I book not serve across before ab reveal Internet Security, it is a major challenge for me and I feel that by conducting this query it go forth broaden my k forthwithl rim about Internet Security and also hand stack understand the aspects of Internet Security which they warent come across before.AbstractThis dissertation looks at the question Is The Internet Secure?. Where reliable is defined as secure enough to trade or pass teaching via the Internet. With the constant media hype of Internet Security, it felt that this title to be one of interest and appealed. Therefore, investigate include, determining what types of organisations ar present on the net, and categorising them into several groups. Studying past literature to determine all possible threats on the Internet and then to demonstrate possible solutions to these threats.As society is in the information transformation, in which the Internet is the mai n channel for distribution, this atomic number 18a of research is related to each and every one of us. Internet trading is a common practice amongst the impertinent age. However, this is a subject that needs to be addressed to see whether all this Media Hype is just that, or is their just grounds for concern.With the issue of users on the Internet growing daily, and businesses becoming completely dependant on technology, serious issues of vulnerability need to be looked at. To ensure that no gaps appear in the security aspects of Internet, which will in turn trap the new users. Conclusions where made by in catched and researched based companies.This research removes to provide the reader with a deeper understanding of Internet Security. The Internet is a medium that will be a farewell of future generations, and it is paramount that it is managed mightily and to ensure it does not shoot devastating consequences for those involved in its operation. The research carried out dra ws the conclusion, that the Internet is not a secure for trading, and that a regulatory embody is required or a more structured policing.Therefore more actions from organisations are needed as well as from the government. Future research bottom of the inning concentrate on entropy recovery methods, application methods and interviewing in more depth and on a longer scale.AcknowledgementChapter OutlineChapter1The introductory of this chapter starts with the commentary of I.T security. It follows on with what the aims and objectives are and the methodology followed during the fact finding exercise. The chapter outlines the scope and the limitations of the project.Chapter 2This chapter describes how the internet was formed and how it has true. Finally it highlights the key developments of the internet throughout its earlyish life history cycle, and the produce of its user base.Chapter 3Defines the types of businesses that trade on the net categorising them into several divisio ns, which are further explained in the appendix. This chapter also talks about online riming and how to acquire over the Internet.Chapter 4Starts by discussing the dominance threats of viruses, how they work and how they spread. It also discusses what different authors believe to be the main threats of the Internet. It also talks about all the voltage threats and briefly defines each one.Chapter 5Discusses the potential answers to the security issues, broadly discussing all of the security applications available. The chapter introduces calculating machine security as well as the different application.Chapter 6The fact finding stage highlights the responses gained from the organisations, which were interviewed. The findings were incorporated into graphs to illustrate the answer.Chapter 7To conclude this study, the author discusses what the project aims were, how the findings were achieved and wherefore came to this conclusion. A SWOT analysis was also carried out to assist the conclusion.AppendixAny information that did not fit in the thesis, which the author felt important, is included in the appendices. There are also other documents and information, which has been referenced in the dissertation in the appendices.I.T security as defined in this dissertation is the practices, procedures, applications and services which ensure a security breach or loss of use of a computer system does not occur. Security provides protection for IT system resources from human action. The security products, services and procedures used will aim to protect each hardware or data in the system.1 IntroductionMedia hype surrounding the topic of Internet security can scare the general public, as the novice users. The continual talk of the latest virus alerts, which perk up corrupted thousands and stories of teenagers hacking into networks and stealing numerous informations such as personal details, credit card details other details which relates to different institution, is en ough to put anyone off the idea using their personal details over the Net. All this media hype needs to be addressed to see if it is just that, or is there a ground for all this sensationalism.1.1Human ActionHuman-inspired security breaches are defined as accidental or deliberate, passive or active attacks, which result in the loss or damage of I.T system hardware, software or data. This can come in some guises, as the following(a) shows viruses where a program is placed on a system with the intention of corrupting its processing.The theft of data.Hacking deliberately gaining unaccredited access to a computer system.The invasion of privacy, through the unauthorised disclosure of data and breaches of data protection legislation.Sabotage interfering with the processing of a system, such as the placing of a clone machine.1.2The Key areas of I.T SecurityI.T security involves a number of key areas. The most important of these are introduced under the following headings.1.2.1 E-Comm erceE-Commerce (Electronic Commerce) enables measures to secure entanglement merchants sites from external hacking and intrusion, with the aim to develop secure online transactions. E-Commerce requires the means to engage in electronic transactions without the fear that credit card details and bank details could get into the wrong hands. These involve, for example, the use of secure payment servers and secure software servers.1.2.2 Network SecurityThe aim of network security is to fashion a secure environment in which the users can send classified information and business applications solely to those people that they wish to receive them, preventing others from accessing the data. This is an issue of increasing concern, granted the growing importance of networks to companies. This aspect of security tends to resolve around using network management and security software tools, and developing network security policies.1.2.3 Virus ProtectionTo prevent computer viruses from infecting I.T systems, companies use anti-virus software and alert systems.The requirements for information security as well as the type of products and services used to have undergone a major transformation since 1995. The need for security has widened, where traditionally it was confined mainly to governments, protecting classified data, financial institutions and protecting messages with monetary value, today most medium-sized to large organisations require information security.The growth of computer networks, group working and mobile working, and the subsequent need to communicate with contacts outside the organisation, has made I.T systems more generate to external forces and more vulnerable to internal action. Today, security is demanded to handle conversations through the internet, intranet, extranet and Virtual Private Networks (VPNs). All of these technologies use common, standardised networking protocols and such networks are exposed to greater security threats than before.In a m odern computer network, employees share information with each other, and companies share information with their suppliers, partners and customers. This calls for a more educate security system, which is more comprehensive and flexible than the products and services used in the past, and which can be deployed to a large number of users in a consistent, achievable and secure fashion.1.3 Aims and ObjectivesIntroduce and provide an overview of the development of the Internet. How it was started and how it works.Identify the diverse nature of businesses that trade on the Internet, their roles and their functions.Identify and disseminate the literature available on threats essential in the use of the Internet including viruses and secure transmission of data.Identify and discuss the appropriate solutions for any potential threats for internet security.Evaluate and conclude the arguments, to discuss potential ways of enforcing a suitable security policy for web-based companies.1.4 Metho dologyInformation for this study was gathered from journals, books, Internet sources and certain company documentation pertaining to Internet security. The exceed form of methodology for this type of research would be to use Quantitative and Qualitative analysis as well as the use of secondary sources, as mentioned.Quantitative research was used to gain rich information, basically finding out the experts opinions from the relevant areas of expertise, for the research. The qualitative research consisted of a questionnaire with open ended and some(prenominal) closed questions. The main aim of this questionnaire was to elaborate on the authors literature review, basically agreeing or disagreeing with the literature presented on this study. For the quantitative aspect of the research a abruptly structured questionnaire was designed, this consisted of closed questions, which would give a statistical look to the fact-findings chapter. This questionnaire was distributed in Preston and J eddah (Kingdom of Saudi Arabia). Closed question questionnaires were used to obtain the awareness of the issues presented, to gain views, beliefs and carriage to these. The questionnaires were designed to ensure lenient reading, therefore overcoming any confusion on the respondents behalf. Questions were explained to ensure complete reliability in their responses1.5Limitations and scope of DissertationAs Internet Security is a very large topic, this author has limited his research to the followingTypes of businesses on the web, categorising them in several areas.Discussing threats that past authors identified.Discussing possible solutions to these threats that past authors identified.Carrying out a archetypal hand fact-finding excersing to either agree with the literature or disagree.Setting out the key differences.Summarising the thesis and presenting the findings.2What is the Internet and how it startedThe revolution in computer networking has made it possible for personal comp uters able to communicate with each other. This chapter is about the Internet and basically a history of its beginning. It provides a comprehensive view of literature regarding factors that promote e-commerce and aid the new era of online banking. The scale of the Internet is awesome and therefore more and more people are connecting to the net. Statistics continues to grow on a daily basis at an alarming rate. People from all walks of life, not just the scientist, teachers and computer experts use the Internet.2.1Origins of the InternetThe Internet has its roots in a network set up by the United States Department of defence in the early 1970s (Ellsworth 1994). This network (ARPANET) was a collection of 4 computers. By 1996 the Internet was a collection of over 50,000 networks. The methods they slowly developed included a Protocol (which is a computer language) allowing dissimilar computer systems to communicate, and a method that routed data through multiple communication paths usi ng groups of data with their own destination addresses built in packets. Prior to this technology, even with machines that were compatible, the used had physically carry magnetic tapes and insert them into another machine in order to transfer data from one computer to another. With the new technology, a computer only if has to put its data into envelope called an Internet Protocol (IP) packet, and address the packet correctly to send a message on the network. The philosophy was that every computer on the network could talk to any other computer.2.2NSF DevelopmentsIn the late 1980s the National Science Foundation (NSF), started expanding its own NSFNET using the technology developed by ARPANET.(Krol 192). Five supercomputer centres at major universities were created, and connections were used for e-mail, and for transferring data and information between sites. This created a communications problem, they needed a way to connect their centres together and to allow the clients of thes e access.In response, the NSF built its own network based on ARPANET Internet Protocol (IP) technology. (Eraase 1994) it connected these centres with telephone lines. Since the telephone lines were paid for the mile, it was obvious that each university could not be connected to a supercomputing centre, due to financial constraints. They instead created regional mountain ranges of networks, with each university being connected to its neighbours, at the top of this chain there was a connection to the super computer. Eventually any computer was able to communicate with any other computer by forwarding the conference through its neighbours.2.3Internet CreatedThe NSF agreed to commercial exploitation and on-line service sprang up. CompuServe, the first of these, started in 1970 and fifteen years later claimed 3.2 million users in 20 countries. It was part owned by commercial relationships with the German group Bertelsmann and the French group Hachette (Winston 1998). Prodigy belonged t o IBM and Sears claimed 1.4 million users. His World Wide Web was open for business in 1992. Meanwhile a commercial Internet Exchange had been established in 1991.Large multinational corporations have been on the Internet for years, although their access has been limited to research and engineering departments. In 1992, many of the restrictions on commercial use began to change. In fact, there are already more commercial sites on the Internet than educational and research sites combined, according to statistic, commercial addresses now comprise of 51% of the network domains. The Internet is made up of over 25,000 networks that can transfer data via many routes. However, it is near enough impossible to pin down any exact numbers concerning its size due to the fact its growth is unparalleled by any other industry. Ghosh 1998 states that the Internet has been adopted faster than any other technological development.2.4The use of the InternetBetween 1993 and 1998, more than 100 million u sers of the Internet were estimated, and the number of sites of the WWW has grown from 130 to 4.3 million sites. As of June 1999, the Internet users population has been placed at around 170 million people. It has been forecasted that the number users will reach 350 million by 2005 beingwide.In simple terms, the Internet allows millions of people all over the world to communicate and to share. The Internet is the first global forum and the first global library (Hahn and Stout 1994). Commercial businesses are the fastest growing segment of the Internet, you can gather information communicate and actually transact business on the Internet. Here are a few reasons why businesses are using the internetE-mail is a low cost method for maintaining communication at all levels.Messages can be win overd in minutes.E-mail is a domain for sharing information and is said to be one of the most important productivity packages around.The Internet allows businesses to be in touch with different bran ches and work teams at other locations.This creating a virtual community in which people are able to communicate on a daily basis.Using the Internet many organisations are able to bring a global edge to home grown businesses. For many companies, the use of the Internet creates a level playing field smaller businesses can create an image on the network to compete with larger businesses.Many corporations use the Internet to keep a check on the rate of emerging and new technologies, and the market response to these technologies (Ellsworth 1994). The public information and discussion groups available on the Internet provide insight and feedback that is hard to get in any other manner. Here people from all levels of industry, exchange information on merchandise research and technological developments. Having the most up-to-date information about your markets and your products allows you to keep or increase your competitive edge.In a business where the concept of getting closer to the cu stomer prime, the internet is becoming increasingly important as well. Internet sales, where customers are sought and served on-line through Gophers and variety of virtual storefronts, are also becoming more popular. Customers can be and are sought before the sale and supported subsequently sale. Companies are able to do actual product sales transactions on the Internet. In addition, in some cases it is possible to deliver the product via the Internet, as with software and information. Many companies have been using the Internet for the transmission of data. The major financial institutions in the world use the Internet extensively for exchanging information and files. incorporate users are now responsible for the transfer of the largest portion of data.2.5The World Wide WebThe WWW is the newest information resources to the Internet (Krol 1992). It is based on technology called Hypertext Mark-up oral communication (HTML). Hypertext is a method of presenting information where sele cted words in the text can be expanded at any time to provide other information about the word. These words are actually links to other documents, which may be text, picture or earpiece format. The presentation of information on the web is much friendlier that traditional methods and the interface provides for a user -friendly environment. The combined with the ability to use any of the Internets tools within the web has been a catalyst for the rush to get on the Internet (Ellsworth 1994).The WWW can be defined as a global, interactive, driving, cross platform, distributed, graphical, hypertext information system that runs over the Internet and is available globally (Lemay 2000 Online).In the early 1990s the advent of the World Wide Web on the Internet represented the tuning point for electronic ecommerce by providing an easy to use technology solution to the problem of information publishing and dissemination. The web made electronic commerce a cheaper way of conducting business and enable more diverse business activities.The WWW infrastructure is built around the following-Web sites A web site is a collection of web pages well-kept by a college, university, government, agency, company or individual.Web age A web page is document on the web. Web pages can include text, pictures, sound and videos.Web server A web server is a computer connected to the Internet that makes web pages available to the world.The Wold Wide Web is a dynamic structure, and due to the popularity of this new phenomenon it is expanding rapidly. The reason for it being so popular is the fact that information can be made available to anyone anywhere in the world in a matter of minutes (Kalakota, Whinston. 1997 p.145).What types of businesses are trading on the web contrast is changing. The way we do business is changing. The electronic commerce revolution is upon us, and perhaps represents the greatest single change to the way in which business operates. Companies of all sizes are now wor king together to establish their position and create opportunities in this world.The Internet phenomenon has result in a major shift in the way organisations do business, and how they intend to proceed in the future. Many organisations now realise that without an e-commerce strategy they will not survive. This realisation has affected, and will continue to affect business relationship of all sizes.E-CommerceE-Commerce (Electronic Commerce) is the buying and selling of goods and services on the Internet, especially the World Wide Web. In practice, this term and a newer term, e-business are often used interchangeably. For online sell selling, the term e tailing is sometimes used.E-Commerce can be divided intoE-tailing or Virtual Storefronts on web sites with online catalogues, sometimes gathered into a Virtual mall.The gathering and use of demographic data through web contacts.Electronic Data Interchange (EDI), the business to -business exchange of data.E-mail and fax and their use as media for reaching prospects and establish customers (for example, with newsletters).Business-to-Business buying and selling.The security of business transactions.Electronic messaging technologies streamline business processes by reducing paperwork and increasing automation. (Kalakota, Whinston. 1997 p.54).E-Commerce today, is a very wide area of study due to its phenomenon growth and thus, can be described as an umbrella concept, which will continue to grow. Therefore incorporating a variety of disciplines and can be described as following path of a hierarchical structure.Recent technology has increased the capacity of e-commerce transactions, resulting in noticeable paradigms in a number of daily transactions. There are unforeseen benefits not only to businesses, but also consumers, the government and even on a global trade level.The technology that is responsible for taking e-commerce to a global stage is the Internet. There are also other factors that have affected the growth of e-commerce, for example, the availability of hardware at affordable costs, as well as the increased power and ease of use of operating systems and software.With the prices of computer hardware and network equipment falling, e-commerce is seen as one of the strategic investments in line with marketing goals of most business, to stay competitive, improve productivity and to deliver quality services.Commonly, e-commerce is associated with the buying a selling of information, products and services via computer networks. It is also known as the paperless exchange of electronic information, whether it is by electronic data interchange (EDI), electronic funds transfer or other similar technologies methods.Overview of E-CommerceE-Commerce, evolved as early as the age of Alexandra Bell, followed by the launch of terrestrial television and radio communications. However recent developments in technology have increased the efficiency in commerce and have placed e-commerce under the spotli ght. During the mid 20th century, the channels through e-commerce took place were telephone networks, the television and the radio. In their infancy they impressed businesses and consumers, so did EDI in the early 1970s and now at present the Internet has bought back the same feelings.Below is an illustration of a generic framework for electronic commerce (Kalakota, Whinston.1997) The condition 1 below is an illustration of the e-commerce overview.Electronic CommerceB2AB2CC2AB2BThe Internet surroundfacsimile machineThe InternetTelephoneFaxCable Satellite, and Digital TVTelephoneFaxThe Internet including EDI, marketing, purchasing and e-mailCollaborativeWork GroupsEDI via InternetTelecomm unitingElectronic Funds TransferE-MailVideo ConferencingTelephoneFaxFigure 1Types of E-commerceE-commerce covers five main categories that are listed belowBusiness to Business (B2B)Business within Business (BWB)Business to Administration (B2A)Consumer to Administration (C2A)Business to Consumer (B2 C)These are discussed in detail in Appendix 3 titled Types of Web Traders.The introduction of e-commerce has facilitated consumer to business transactions, customers learn about products through electronic purchasing. From a consumer perspective electronic commerce facilitates for the followingSocial Interaction. Electronic Commerce enables consumers to communicate with each other through electronic mail, video conferencing and news groups. in-person Finance Agreement. Use electronic means to manage personal finance and management using the online banking toolsPurchasing Products and Information. Allows consumer to find online information about exiting and new products and services.(Kalakota, Whinston. 1997 p.139)The blowup in Internet traffic has created other problems. Mostly worryingly, there are continuing fears that many companies offering financial services online are not providing a secure environment to clients and customers.Purchasing on the WebThe Internet and the World W ide Web have dramatically changed the way consumers seek and use information online.Whether they are shopping for Information or shopping for goods and services on-line, todays consumers must learn how to manage the resources (Kelley, B Weibke, J. 2003).Most attention on e-commerce has focused on business-to-business transactions and analysts say the surging electronic business-to-business market is about to explode.On-line purchasing systems promise to streamline operations, save time and cut the costs of businesses drowning in order processing. Most buying over the Internet focuses on indirect materials, also known as non-production goods or maintenance, repair and operations.Typically, such applications let any employee order through managed access rights, non-production supplies and service from an on-line catalogue using on a web server. They simplify the process of buying day-to-day items such as office equipments, PCs and other electrical goods to run the company. According to a recent study carried out by Forrester Research (2000) has suggested that the on-line commerce will raise form 657 billion in 2002 and reach the figure of 6.8 trillion in 2004. The statistics suggested that more customers are shopping day by day and revenue enhancement is increasing for on-line shoppers. The view is supported by Swazey (1999) who believes that the on-line shoppers spend more time on-line shopping than normal high streets shoppers and the amount of funds spent rises with the amount of time spent on-line. The view point of Swazey (1999) is similar to Ghosh (1998) as he states that the On-line shoppers tend to get carried away within the cheer of their own home. However the above viewpoint have contrast in bearing to an article (Computer Fraud Security, Sept 2000, p.2) that seemed to suggest that although it may seems same(p) everyone is on-line, but its not true.Internet BankingInternet Banking is no longer a novelty. Banks have long ceased being worried abou t trading via the web, and instead have embraced the newest delivery channel with enthusiasm. All clearing banks, including the connected building societies, now offer Internet based banking services and all will have an online menses account in place. Some, including Barclays, Woolwich, Abbey National and HSBC have developed other channels of delivery including digital TV and mobile phone banking service. All e-banks promise engross current account users speed and convenience. There are no counter queues in cyberspace and e-banks are open 24 hours a day, seven days a week. On-line banking customers can check their balances, view recent transactions, transfers funds, set-up standing orders and direct debits and also option to pay bills on line.In the past, the banking industry was in the first place concerned with asset quality and capitalisation, if the bank was performing well along these dimensions than the banks would be profitable. Today performing well on asset quality and capitalisation is not enough. (Kalakota, Whinston.1997 p.30)The Internet is a medium that provides a new dimension and introduces much opportunity especially for banks the main advantages are outlined as follows change innovationCost savingsIncreased customer baseEnable mass customisationMarketing and communicationDevelopments of non core businessIn a makeup issued by the BE Agency (2000), it states that the experts believe that the slump in high street banking due to deregulation can be revived by this new medium e-commerce, offering the potential of reviving or at least halting the decline, by raising customer service standards, increasing the choice of retail financial products, reducing the charges and giving customers a more convenient way to manage their money.It is agreed with Patterson (2000) that the banks will have to go online, his reasons being as to why banks have to adopt this new medium is in short answer to win over new customers it is easier to leave it at that, bu t also the factors he has also said that it will also promote this new medium are lower cost of account servicing, cross selling opportunities, customer relations and because they have to.Customers can now deal with their accounts personally at any time from anywhere in the word for any reason. Customers can also have the same facility to compare and contrast the products and services of a multitude of banks and choose one that meets their requirements. Knowing how safe is it to use the website an