ABSTRACT
This chapter describes security threats that systems face when they are connected to the Internet. We discuss their security requirements, potential security threats and di erent mech-anisms to combat these. In addition, the text presents the two most popular protocols (SSL and its successor TLS) to secure data transmitted over the Internet. Finally, we describe well-known applications such as Secure Shell (ssh) and Secure File Transfer Protocol (sftp) that provide a reasonable level of security for common tasks. They may be utilized as underlying building blocks to create secure, Internet enabled applications.
INTRODUCTION
In order to provide useful services or to allow people to perform tasks more conveniently, computer systems are attached to networks and get interconnected. This resulted in the world-wide collec-tion of local and wide-area networks known as the Internet. Unfortunately, the extended access possibilities also entail increased security risks as it opens additional avenues for an attacker. For a closed, local system, the attacker was required to be physically present at the network in order to perform unauthorized actions. In the networked case, each host that can send packets to the victim can be potentially utilized. As certain services (such as web or name servers) need to be publicly available, each machine on the Internet might be the originator of malicious activity. This fact makes attacks very likely to happen on a regularly basis.
The following text attempts to give a systematic overview of security requirements of Internet-based systems and potential means to satisfy them. We de ne properties of a secure system and provide a classi cation of potential threats to them. We also introduce mechanisms to defend against attacks that attempt to violate desired properties. The most widely used means to secure application data against tampering and eavesdropping, the Secure Sockets Layer (SSL) and its successor, the Transport Layer Security (TLS) protocol are discussed. Finally, we brie y describe popular application programs that can act as building blocks for securing custom applications.
Before one can evaluate attacks against a system and decide on appropriate mechanisms against them, it is necessary to specify a security policy [23]. A security policy de nes the desired properties for each part of a secure computer system. It is a decision that has to take into account the value of the assets that should be protected, the expected threats and the cost of proper protection mechanisms. A security policy that is su cient for the data of a normal user at home may not be su cient for bank applications, as these systems are obviously a more likely target and have to protect more valuable resources. Although often neglected, the formulation of an adequate security policy is a prerequisite before one can identify threats and appropriate mechanisms to face them.
Disclaimer: Note this academic material is intended as a guide for your academic research work. Do not copy word for word. Note: For Computer or Programming related works, some works might not contain source codes
CITE THIS WORK
(2014, 09). Internet Security.. ProjectStoc.com. Retrieved 09, 2014, from https://projectstoc.com/read/3345/internet-security-7887
"Internet Security." ProjectStoc.com. 09 2014. 2014. 09 2014 <https://projectstoc.com/read/3345/internet-security-7887>.
"Internet Security.." ProjectStoc.com. ProjectStoc.com, 09 2014. Web. 09 2014. <https://projectstoc.com/read/3345/internet-security-7887>.
"Internet Security.." ProjectStoc.com. 09, 2014. Accessed 09, 2014. https://projectstoc.com/read/3345/internet-security-7887.
- Related Works
- Design And Implementation Of A Computerized Commodity Exchange Information System (case Study Of Enugu State)
- Parasitic Computing
- Development Of A Multi-drug Inventory System For A General Hospital
- Application And Challenges Of An Ad Hoc Network System
- Design And Implementation Of Tcp/ip Chat Client Server Option And Challenges
- The Design And Implementation Of A Computerised Career Choice Counselling System
- Industrial Application Using Neural Networks
- Design And Implementation Of Selective Encryption Of Still Image (case Study Of Woman Of Faith)
- Design And Implementation Of Online Drug Control Information System (nafdac Enugu State)
- Genetic Algorithm Based Train Simulation Using Concurrent Engineering