security problems and solutions of the Internet
...ata had been abused in certain ways, not just the clients suffering from financial lose, but the operator will also suffer from reputation lose. When clients have no confident to shop from the site, the operator will suffer from lost far beyond just reputation. For this reason, kinds data security methods had been developed. One of the most commonly used one called Secure Socket Layer protocol (SSL) ˇ§The Secure Sockets Layer protocol (SSL) is a protocol layer which may be placed between a reliable connection-oriented network layer protocol (e.g. TCP/IP) and the application protocol layer (e.g. HTTP). SSL provides for secure communication between client and server by allowing mutual authentication, the use of digital signatures for integrity, and encryption for privacy.ˇ¨ (1) Another latest security system is Security Electronic Transactions (SET) ˇ§Security Electronic Transactions (SET) is a system for making payments securely over the Internet. It was developed by credit-card issuers and some major software and computer companies in the US. It uses encryption to make the transactions secure, and digital signatures to identify both merchants and buyers.ˇ¨(2) Email Security Business making use of email facilities to deliver their business correspondences is a common practice nowadays because email allow them to send text messages, attachment, photographs, images, and drawings better than traditional fax machines. Emails were sent via number of servers operating by companies, individuals, universities and government. Servers can be equipped with mail scanning to scan certain keywords such as ˇ§credit card numberˇ¨. Encryption before sending is a good way to protect your email. Symmetric key cryptography and Public Key cryptography are examples. The most commonly found encryption is public key cryptography, ˇ§an asymmetric scheme that uses a pair of keys for encryption: a public key, which encrypts data, and a corresponding private, or secret key for decryption.ˇ¨(3) A more secure way now been developed, PGP (Pretty Good Privacy). ˇ§PGP combines some of the best features of both conventional and public key cryptography. PGP is a hybrid cryptosystem. PGP then creates a session key, which is a one-time-only secret key. This key is a random number generated from the random movements of your mouse and the keystrokes you type. This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient. ˇ§(4) However, no matter how secure the encryption system is, we should understand that it was created by human being, That means there is chance to be cracked down. The speed of current computer cannot do so, but no guarantee for our future computers. It is a matter of time. Hackers and data theft treat security system as challenge instead of obstacles. The security threat is still on. Network Security Despite the perfection of available encryption system we have, if our network itself is not secured. All encrypted transmission will be a wasting of time. Imagine a man stand behind you watching you entering pin number in an ATM machine; the security system cannot actually help you from protecting your pin number. This applies to your network also. All your confidential information is stored in your network. If people break into your network, they get far more information than just sniffing emails and transmitting data. Therefore, enhancing network security is equally vital to security. ˇ§Hackers, come in many varieties. The term "hacker" usually brings to mind three of these -- people who break the security of computer networks, people who break the security on application software, and people who create malicious programs like viruses. These aren't mutually exclusive, but it's a simple way to divide the activities that fall under "hacking." (5) Both hacker and us understand that there is a lot of classified confidential information stored in database of certain sites. Online shopping and Electronic Exchange for online casinos where millions of personal information and credit card information stored. Web mail database stored millions of login names, email information and email addresses. This inf...