Thursday, February 21, 2019
Internet Security Essay
During the departed ten geezerhood, the saturation and variety of electronic monetary legal proceeding have profitd dramatic eachy. The delay decade was characterised by the rapid spreading of financial transactions involving the drop of online and/ or remote mechanisms. E- attends and e-transactions have become an essential element of the postmodern techno enterical reality. As the number of online financial services attachs, so do the number and variety of trade cling toion threats. Small and Brobdingnagian companies atomic number 18 evenly vulnerable to the risks of encourageive covering breaches in various types of financial transactions.These threats atomic number 18 become more and more complex and can chair full profit of the existing web and application vulnerabilities. The current state of technology provides many solutions to the existing and emerging security threats however, the success of the proposed countermeasures will depend on how well con trastes consider the seriousness of the major security threats and argon nimble to invest additional resources in the development and implementation of the complex security strategies. Security threats and statistical entropy The current state of literary worksA wealth of literature was written about the about serious security threats and the financial losses which security breaches and various types of system vulnerabilities ca work to stupendous and small businesses. The period between 2006 and 2008 was marked with the slight decrease in the number of financial frauds and security breaches in financial operations U. S. national Trade Commission asserts that frauds as a percentage of online revenue in the United States and Canada has decreased slightly over the past few years and stabilised at 1. 4 percent in 2008 (Paget 2009).Meanwhile, the losses caused by security breaches and financial fraud display a marked increase in 2008 alone, the American market lost over $4 one thousand thousand due to security breaches and financial frauds (Paget 2009). This is a 20 percent increase comp ard with 2008 (Paget 2009). presumption the new trends in technology-related financial services and businesses striving to funk their transaction costs, the development of new methods of e-payment and the use of open architectures will bring forth new technological challenges for professionals and new fraud opportunities for hackers (Glaessner, Kellermann & McNevin 2002).The current state of literature provides the sanctioned overview of the most serious security threats and proposes unique solutions businesses and individuals can take to address these threats. pecuniary transactions and security threats what literature says The news of security threats in the context of e-financial transactions is one of the most popular topics in scholarly literature. Today, the rapid growth of wireless technology and the increasing place of wireless solutions in daily financia l operations turn electronic security into the issue of the major public concern.Numerous authors tried to tell apart the most important security threats and to categorise them according to their severity and situate the risks they pose to the stability of the financial e-flows. For example, Glaessner, Kellerman and McNevin (2002) state that the most frequent problems in the financial transactions arena include (a) insider abuse, (b) ad hominem identity theft, (c) fraud, and (d) hacking. Cate (2005) concentrates on the discussion of identity-based fraud and suggests that account fraud, true identity fraud and synthetic identity fraud are the three most frequent forms of security threats in online financial transactions.In this context, Keller et al. (2005) seem the most objective and detailed in their observation of the existing security threats and financial transaction issues. According to Keller et al. (2005), the offset printing generation of vulnerabilities started in the middle of the 1980s and took a form of bearing viruses that affected computers and networks over the course of weeks the next generation of viruses was spread by means of macros and e-mails. Denial-of-service attacks became prevalent in the middle of the 1990s and still cave in one of the basic problems in financial transactions domains (Keller et al. 2005).New types of threats include worms that affect individual and multiple computers and networks, and can easily self-replicate to infect large number of users (Keller et al. 2005). Trojans are used extensively to steal passwords or defecate back doors on computers, compromising network security (Keller et al. 2005). Keller et al. (2005) believe that the rapid expansion of spyware and malware are of particular concern to IT specialists and business people these programmes are d throwloaded into computers without users knowledge or consent, typically run in the background, track personal information and execute damaging commands .Statistically, every PC contains approximately 27. 5 pieces of various malicious programmes (Keller et al. 2005). Fortunately, IT professionals actively work to develop effective countermeasures against the most sophisticated security threats. Financial transactions and security threats Potential solutions Given that malware presents one of the most serious issues in the bowl of electronic financial transactions, legion(predicate) authors sought to turn their solutions to the problem.Vlachos and Spinellis (2007) provide an overview of the so-called Proactive malware acknowledgement system, which is based on the computer hygiene principles and demonstrates relative authority in combating the risks of malware in financial transactions. Vlachos and Spinellis (2007) call the proposed algorithm PROMIS and base it on a peer-to-peer architecture the choice of the P2P architecture is justified by the fact that P2P networks much become a propagation vector for various types of malicio us software.The P2P architecture used by Vlachos and Spinellis (2007) contains two types of pommels, the member and the super nodes, and all nodes deficiency to participate in the discussed P2P networks must originalate themselves to the super nodes. PROMIS nodes generally finish the two basic types of operations a Notifier daemon regularly checks the log files on the security applications, while a Handler daemon analyses the elect(postnominal) rates from other peers of the concourse and computes a global malicious operation rate (Vlachos & Spinellis 2007).The researchers use experimental design to prove that the performance of the P2P group improves proportionately to the number of P2P members. Extensive simulations suggest that PROMIS has a potential to protect the operating networks from known and unknown worm activity (Vlachos & Spinellis 2007). That during virus epidemics PROMIS exploits tho specific vulnerabilities and leaves all other systems intact is considered as one of the basic systems benefits (Vlachos & Spinellis 2007). However, Vlachos and Spinellis (2007) are not the only professionals in the field of financial security.The fact is in that malware is often associated with denial-of-service attacks, which go to plague the Internet. Malware advantageously lower the bar for massive distributed denial-of-service attacks (Wang & Reiter 2008). Unfortunately, the current state of protection against do attacks is passive by nature and does not offer incentives to the owners of the Internet networks to protect their computers from the risks of malware (Wang & Reiter 2008). Wang and Reiter (2008) suggest that customer gets be a potentially effective mechanism against DoS attacks in financial transactions.Client puzzles imply that a client solves a computational puzzle for requesting service before the server commits resources, thereby imposing a massive computational burden on adversaries bent grass on generating legitimate service request s to consume substantial server resources (Wang & Reiter 2008). lengthways puzzles imply that each client bidding for a financial service from the Internet server must present his solution to a puzzle meanwhile, the server will allocate its limited resources to the bidders who solve the most tricky puzzles (Wang & Reiter 2008).In this system, an adversary cannot seize the financial and informational resources of a victim without committing its own resources first (Wang & Reiter 2008). These systems are effective in mitigating DoS threats at all application layers and can be readily interoperable with various legacy systems (Wang & Reiter 2008). These, however, are unique technological solutions to the existing security threats. Other authors offer less sophisticated but no less effective ideas of how to subscribe with security threats in financial transactions.According to Corzo et al. (2008), Automated Banking Certificates (first principle) can be readily used to timely identi fy unlicenced financial transactions. In the current system of electronic transactions, a financial transaction is considered authentic if it (a) is performed by an authorised entity (b) has not been altered since the moment it was generated and (c) is not a replay of another(prenominal) valid transaction (Corzo et al. 2008).Unfortunately, current banking systems can identify non-valid and double-tongued transactions only by means of audit subsequently the transaction took place as a result, there is an urgent demand to develop a mechanism which will trace and identify fraudulent transactions before and while they are taking place (Corzo et al. 2008). An ABC is a data structure which allows monitoring the relationships between various transactions indoors one workflow (Corzo et al. 2008).A complete ABC allows tincture operations within workflows that go beyond the boundaries of one financial institution, as long as their tasks are related (Corzo et al. 008). The use of ABCs in the current system of financial transactions proves that the task of identifying an unauthorised user is absolutely achievable. The use of network irreverent cards is another potential solution to the existing and emerging security threats. A network smart card is a smart card that is an Internet node and is feelerible from the Internet (Lu & Ali 2006). The Smart Card stores user information and provides this information only to the trusted client or server, as soon as the user authorises the service or transaction (Lu & Ali 2006).Smart cards are beneficial in the sense that they can create and maintain estimable Internet connections with another Internet node, a web server or a web browser (Lu & Ali 2006). As long as the smart card sends selected user information directly to the service provider, this information does not go through the local computer and the threats of identity theft or similar security breaches becomes minimal (Lu & Ali 2006). Unfortunately, the effectiveness of these developments is yet to be discovered. Meanwhile, companies continue using more traditional solutions to their security issues.The current research suggests that AdAware and Spybot are the most common tools used by businesses to deal with such threats (Keller 2005). Moreover, condescension the availability of effective tools that cost little or nothing at all, many businesses recognise that they do not use any spyware at all (Keller 2005). As a result, businesses either lose significant natural resources or fail to timely identify the emerging threats. The case is specially difficult with the so-called insider threats, when security threats are being born from within the business entity.For example, in 2008, the FBI alleged that a former Intel employee copied top inexplicable documents that posed a threat to the future of the whole company and its business projects (Patel 2009). The cases when bank workers become the basic sources of the security threats and the initiato rs of the complex financial frauds are not rare. As a result, the success of financial transactions, their security, and the technical preventive of consumers depends on how well companies realise the seriousness of the security threats and whether they are ready to deal with them.The current state of technology provides numerous solutions to the security issues in financial transactions, and businesses can secure themselves from the potential risks and failures by using the proposed technological Internet solutions at low or no cost. Conclusion The past years have been marked with the rapid increase in electronic financial transactions. The use of online and/ or remote mechanisms in financial operations has already become an essential element of the daily business routine.Financial transactions are associated with numerous security threats, including identity fraud, insider abuse, and the use of malware and denial-of-service attacks to access and steal personal user information. The current state of literature provides numerous solutions and ideas, which businesses could use to address the existing and emerging security threats. Smart cards, automatize banking certificates, and the use of client puzzles are just some out of many ways to address security threats in financial transactions.Unfortunately, businesses often flush it the existing technological opportunities and do not deem it necessary to use effective protection from the real security threats. As a result, the effectiveness and safety of financial transactions largely depends on how well businesses realise the seriousness of the discussed threats and are prepared to invest additional material resources in the development of effective security strategies and solutions.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.