Sunday, March 3, 2019

Effect of Technology and Network Security Support on Information Security Essay

Introduction instruction warrantor has become single of the challenges in ripping benefits of schooling engine room. It has been bring a align that most people fear employ modern tuition and communication technology due to fear of the privacy of their soulal details. education technology has supported the growth of online services like e-commerce, e-banking, e-governance, and umteen an(prenominal) a(prenominal) others which need people to give their sensitive personal details. merely, practice like hacking and others which intermit certification of education have eroded personal confidence in ingestion of ICT service. In assortmentation credential butt end be described as the act of giving protection to reading and systems by denying unauthorized bother, use, revelation or modification.The effect of applied science on information securityThe avocation argon the technological methods that argon use in ensuing information security AuthenticationAuthentication is the butt with with(predicate) which a person or any other things undergoes through a verification process to determine whether it is the one. It is the way through which just ab awaything or someone is confirmed to render whether the claim made is actually true (McNab, 2004). Authentication may deal confirmation of personal identity, origin of any artifact or essentially making assurance that computer programs is trusted. Authentication is one of the everydayly utilize methods of ensuring information security. It may be implemented through different methods including passwordA password can be defined as clandestine information that is only when known to the owner. A password assigns a drug user identity which is associated with the password. The password hence becomes the gateway for the user to access that occurrence identity (Information Resources, 2009). Passwords ar personal and therefore the standard of the password is actually important. Strong passwords be difficult to guess as compared to weak passwords and therefore they bear more security to toffee-nosed information. It is important that user prophylactic gubbins their password and once they suspect that someone else has accessed their passwords they should consider changing them to condition security.TokenA security token is a hardware device that is used by the owner to authenticate their identity. Once the device is know by the nedeucerk, the user is given access to the system. A token can be in different forms ranging from smart cards, key fob, and many others (Erin, 2005). Tokens countenance spicy train security through two-factor authentication method. First, the owner has a personal identification number or PIN which authorizes them to access the device. punt the device displays that PIN number of the user to the system which allows them to access the system. strange passwords, token are more cook since even if the device go in wrong hands, it will be difficu lt to guess the PIN. The foursome types of tokes include static password, synchronous dynamic password, asynchronous password, and challenge response.biometryBiometric is one of the most advance authentication proficiencys that are used when transaction with many people. It will be observed that today, everyone enters in a baseball match after their animal(prenominal) characteristics have been recorded in a system while in school kids use their thumb to access meals. These represent the commonly used biometric techniques where the emphasis is one authentication using personal fleshly characteristics (Down and Sands, 2004). Biometric uses different physical characteristics including eye, face, voice, fingerprints, shape of the hand, and many others.These characteristics are quite unique to every individual and they are one of the unattackable proofs to the personal identity. However, biometric authentication devices are very costly to buy and state and therefore they are used in very sensitive situations. sensation of the greatest weaknesses of this method is that it is very easy to attacked stored comparison images than to copy those physical traits. In most cases, biometrics is used as a two factor authentication methods where a password is combined with personal physical appearance.SoftwareThere are a number of bundles that have been true to protect information in any lucre. The following are common software package used in information securityAntivirusAntivirus are software developed to protect information from virus, spy ware, and malware. Antiviruses are used more often than not in meshing connected engagement where there is a high risk of spread of virus (Dhillon, 2007). Antivirus software mostly used includes MacAfee, Karspasky, NOD32, and many others. direction filteringContent filtering is in any case known as information filtering. It encompasses the use of software to screen information on computers. It is in any case used in profit f irewall especially by corporations to guard some information considered private. Content filtering helps to include or to exclude some information which can be accessed by a person and excluding information which is deemed objectionable (Dhillon, 2007).Content filtering is excessively used at home and at school in company to filter information that can be accessed by children. In this case, it is used to filter out pornographic materials and violence oriented materials. In the internet guinea pig filtering can be classified into web filtering where some WebPages are filtered out and e-mail filtering where e-mails are screened for spam. However, content filtering is criticized on the ground that some important information may be filtered out of the accessible content such that the information accessed does not really help the user.encryptionWith the subjoin use of the internet, a great deal of sensitive personal information is sent from one person to another or to an organization . This raises serious questions regarding the safety of that information and the confidence that only the intended pass catcher receives and understands the information. To raise this level of confidence, information encryption method has been developed (Biham and Shamir, 1991). Although encryption has been used since the judgment of conviction of Roman Empire, it has become more complicated and with diverse use today.Encryption mainly involves conversion of a readable data to another form which can only be read and understood by a specified person or computer. This information is regarded as ciphered or encrypted data since it cannot be understood easily. It is recovered back to its original form through decryption. The level of protection and integrity in encryption is enforced by the use of message authentication code or digital signature. capacity authentication code creates a secret key for the sender and receiver of the information which makes it more secure and authentic . Today, there are many softwares that are used in encrypting data. However, encryption is not one of the most secure methods of ensuring data security since there are various methods like work analysis, brute force, TEMPEST, and many others which can be used to crack the encrypted data (Biham and Shamir, 1991). It has been found that even some of the most complex algorithms like RSA, diethylstilboestrol and others can be broken using these softwares.iii. HardwareFirewalls have also played an important role in enhancing information security. They can be used either in hardware or in software or when the two are combined. In day to day uses, firewalls are important in protection unauthorized access to a private network which is connected to the internet especially in the cases of intranets (Whitman and Mattord, 2007). Firewalls filters all electronic messaging entering and leaving the intranet to ensure that it blocks those messages which are devoid of the set security standards. There are four major types of techniques used in implementing firewalls includingpile filterThis is one of the most effective and transparent firewall techniques. Under this technique, from each one and every packet entering and leaving the network is filtered and only those which find out user defined criteria are allowed while the rest are blocked. However, the technique is quite difficult to configure and is more susceptible to IP spoofing. industry gatewayApplication gateway applies a defined security mechanism to some specific applications like FTP, Telnet servers, and others. Although it is quite effective, it can also mince to degradation of performance.Circuit level gatewayThis technique applies firewall security only when a TCP or UDP connected has been made. Once the data link is established, packets of data continue to flow without being checked since a secure connection has been made.Proxy serverProxy server technique intercepts in and out of a network. The server i s quite effective in hiding the network addresses and hence cannot be obtained easily.The effect of net income Security Support on information securityAlthough technology has been effective in deterring cyber crime, it is clear that technology alone cannot work. Even with the advanced technology and application of the various information security methods we have reviewed above, human support is still needed. There are various ways that have been employed in supporting technological method to fight cyber crimes. The following are some of these methods jade HuntersHacker hunters are special branches that have been set up in law of nature department aimed at tracking down cyber criminals. Hacker hunters are prowling lucre with an aim of tracking down and arresting professional cyber criminals who are incite by big profits made online. Hacker hunters are employing galosh techniques to track down cyber crime suspect (Grow and Bush, 2005). They are employing various methods including infiltration of hacker multitudes, monitoring the hackers through underground networks, and when possible, intercepting the hackers before they can drift any damage. Most important, hacker hunters are relying on intelligence in effect to track cyber criminals.They are using informants inside hackers group to beat back vital information regarding their operation. For congresswoman in 2004, Hacker Hunters in capital letter unleashed Operation Firewall in which they targeted members of the ShandowCrew tracking them through their website shandowcrew.com with the help of an informant from the group. Hackers Hunters must(prenominal) therefore seek inside information from individuals in these groups in order to fight deter them. They are applying the same principles that were used in the mid-sixties to fight organized crime since both are similar in many aspects.Police OperationsPolice operations work in the same manner as hacker hunters. In most cases, jurisprudence force opera tions are carried out by a special group within the jurisprudence force and reinforce the work of hacker hunters. For example in the above case, the Special Agents in the operation firewall got assistance from the local practice of law forces. Therefore police operations are important in pursuing cyber criminals to ensure security of information (Leyden, 2004).Unlike hacker hunters, police operations are carried out as fighting of routine crimes. This means that although there may be a special group carrying out police operations, it may not be entirely narrow down in fighting cybercrime. In most countries, there are special internet police departments which are used in fighting internet crimes. These police departments are entrusted with carrying out important functions like fighting cybercrime, censorship, propaganda, online scams, manipulation of online opinions, and others.However one of their most important duties is to work closely with hacker hunters in intervening and ap prehending cyber criminals. Internet police departments also join with other police departments in other countries in enforcing internet security laws and apprehending cyber criminals. In the planetary front, Interpol has been important in enforcing international crimes.iii. Network Security Service CompaniesFor many companies, proving information security is an expensive endeavor. Companies are not only necessitate to install hardware and software devices, but they must also collaborate with authority to ensure information security. However, the growth of corporate resources in furnish of secure business environment has made many information security methods inefficient and expensive ( lighthouse Security Group, 2009). For this reason, most companies are finding it usurp to outsource comprehensive and streamlined network security services from Network Security run Company. Network Security Service Companies have also become important in enforcing information security.These ar e companies which are specialized in providing services to enforce information security. These companies offer Managed Security Services (MSS) which are security capabilities mostly outsourced by other companies. These services qualify from supplementing of an existing security system to offering a complete unsanded MSS where the Network Security Service Company is entrusted with information security. However, MSS is just one of the different types of managed services others including routing, hosting, LAN, VPN, and others. Network Security Service Companies therefore offer specialized high quality network security services ensuring for many enterprises.ConclusionThe increased incidence of breach of privacy of information has had blackball impact on adoption of ICT services. The emergence of e-commerce, e-banking, e-governance and other online services which demand input of sensitive personal details have been affected by increased hacking of information.There are different meth ods that have been developed to increase information security mainly through the use of technology and network support on information security. Technological methods include authentication through password, token, biometrics software including antivirus, content filtering, or encryption and hardware through use of firewall techniques. Network security support includes hacker hunters, police operations, and security services offered by network security service companies.ReferenceBiham, E. & Shamir, A. (1991). derivative instrument cryptanalysis of DES-like Cryptosystems. Journal of Cryptology, Vol. 4(1) 3-72Dhillon, G. (2007). Principles of information systems security text and cases. NY John Wiley & SonsDown, M. P & Sands, R. (2004). Biometrics An Overview of the Technology, Challenges and Control Considerations. Federal Computer Week, 21(13)Erin, B. (2005). Information security Token. Boston, Technology PressGrow, B. & Bush, J. (2005). Hacker Hunters An elite force takes on the da rk side of computing. Retrieved twenty-eighth April 2009 from http//www.businessweek.com/magazine/content/05_22/b3935001_mz001.htmInformation Resources, (2009). Security tips Password protection. Retrieved 28th April 2009 from http//www.utdallas.edu/ir/security/STpassword.htmLeyden, J. (2004). Enforcement is key in fighting cybercrime. Retrieved 28th April 2009 from http//www.crime-research.org/analytics/473/Lighthouse Security Group, (2009). Enterprise security solutions. Retrieved 28th April 2009 http//www.lighthousecs.com/Practices/Enterprise-Security-Solutions/McNab, C. (2004). Network Security Assessment. Sebastopol, CA OReillyWhitman, M. & Mattord, J. (2007). Management of information security. Boston, Technology Press

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.