1. Find out about SET and the use of RSA 128-bit encryption for e-commerce.
- SET (Secured Electronic Transaction) is defined by Wikipedia which is a standard protocol for secured purpose for electronic payments and credit card transactions over insecure network in the internet. Furthermore, SET was not created to be a payment system rather than it is a security protocol that use cryptographic technology for authentication enabling users to employ the existing credit card payment infrastructure. However, SET has becoming less effect in heavy demanding security over the internet against frau because it needs to install client software, cost too much compare to SSL.
- RSA 128-bit encryption is defined by Wikipedia is an algorithm for public-key cryptography which has 2 parts: public key and private key. Furthermore, it has becoming popular in use as a electronic commerce protocol due to it provides good security in internet transaction. The process of RSA is the message is sent over internet with public key and the receiver is only the one has private key which can open this message. Therefore, it is harmless when the message is captured by third party.
References
Wikipedia (n.d.). Secure Electronic Transaction. Retrieved 15 October 2009 from http://en.wikipedia.org/wiki/Secure_Electronic_Transaction
Wikipedia (n.d.).RSA. Retrieved 15 October 2009 from http://en.wikipedia.org/wiki/RSA
2. What can you find out about network and host-based intrusion detection systems?
- An Intrusion detection system (IDS) is defined by Wikipedia is that a software or hardware is designed for detection any incoming attacks which try to access to network or client. Furthermore, IDS can be applied to network, applications and host.
Network intrusion detection system (NIDS) has function to monitor network traffic for any suspicious signals or messages which can contains Trojan, virus, etc come from outside network.
Host-based intrusion detection system (HIDS) has function to monitor computer system to find which is going on the computer by analyzing application logs, file-system to prevent a computer can be affected by virus or Trojan.
References
Wikipedia (n.d.). Intrusion detection system. Retrieved 15 October 2009 from http://en.wikipedia.org/wiki/Intrusion_detection_system
3. What is 'phishing'?
Phishing as defined by Webopedia is an action of a theft that sent an email to a user to get the sensitive information like password, credit card number by claiming to be an established legitimate enterprise asking for information update.
References
Webopedia (n.d.).Phishing .Retrieved 15 October 2009 from http://www.webopedia.com/TERM/P/phishing.html
4. What is SET and how does it compare to SSL as a platform for secure electronic transaction? Is SET in common use?
- SET (Secured Electronic Transaction) is defined by Wikipedia which is a standard protocol for secured purpose for electronic payments and credit card transactions over insecure network in the internet. Furthermore, SET was not created to be a payment system rather than it is a security protocol that use cryptographic technology for authentication enabling users to employ the existing credit card payment infrastructure.
- Secure sockets layer (SSL) is put in the server which has client payment information
- SSL has more advantages over SET like messages can not be modified and high cryptography making it unreadable, it only need to install on server not client like SET, etc.
5. What are cookies and how are they used to improve security? Can the use of cookies be a security risk?
According to one definition, Cookies are mall piece of information can be read back from web browser after be sent by a web server. Furthermore, they are used to remember to store password, links to interesting pages or online shopping carts. Cookies allow tracking website and which webs they visited. In addition, cookies using is a security risk due to sensitive information are store on web browser and these information always be sent to web server every time visiting. Therefore, this information is easily captured by third party.
References
What are cookies? (n.d.) Retrieved 15 October 2009 from http://www.cookiecentral.com/cm002.htm
6. What makes a firewall a good security investment? Accessing the Internet, find two or three firewall vendors. Do they provide hardware, software or both?
A firewall is defined by a Wikipedia is a part of computer system which has function to block unauthorized access, incoming message or signals. Furthermore, firewall can be implemented in software or hardware for monitor traffic comes in and out computer. Firewall is important for security in computer system so it is a good security investment.
References
Wikipedia (n.d.).Firewall. Retrieved 15 October 2009 from http://en.wikipedia.org/wiki/Firewall
7. Get the latest PGP information from http://en.wikipedia.org/wiki/Pretty_Good_Privacy. The use of digital certificates and passports are just two examples of many tools for validating legitimate users and avoiding consequences such as identity theft. What others exist?
The other tools for validating legitimate users and avoiding consequences such as identity theft are authentication for username/password, SSL certificate, etc.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment