4th Position paper

Rokeshia Robinson
4th Position paper
Internet Security & Security Issues
May 4, 2007

What is Internet Security? I believe to understand this question we would first have to look at the history of the “Internet”. Now we all may have heard the rumor that the “Internet” was created by Al Gore. Well in my quest to find the real creator of the internet, I stumbled across some interested information that would argue that Al Gore wasn’t the creator, but was a true activism for the concept that eventually turned into a reality.

According to wikipedia, the history of the internet goes all the way back to the fifies and early sixties, prior to the widespread inter-networking that led to the internet. Most communication networks were limited by nature to only allow communciations between the stations on the network. These networks only had bridges and gateways between them, and they were often limited or built solely for a single use. It wasn’t until the late 1980s when the Internet system was developed and ready, but was held up due to The Cold War. J.C.R. Licklider, Larry Roberts, and Robert Taylor were the three who engaged in the interconnected networking systems that envoled into the core of what the Internet would become.So now that we have a brief overview of “Internet”, I will like to talk about internet vulnerabilities, threats, and security around the world.

Internet-based, real-world applications require appropriate security mechanisms because potentially millions of users and their agents (or participants) will access billions of objects of information content in complex workflow processes (e.g., commerce, learning, healthcare). Security is one of the strategic technologies that will increase the value and utility of the Internet and Internet-based applications. Traditional security issues deal with the authentication and authorization of users in network domains. Today there are numerous security issues concerning information content, users, and application systems in information domains.

Effective Internet security systems combine several methods of protecting data and systems. These are some of the most common Internet security measures: Authentication: Authentication restricts access to designated systems or information until users "prove" their right of access by providing an authorized password or personal identification number (PIN). Password administration becomes vital to update the system frequently so only "authentic" passwords are active. In some systems, a digital signature can be used to verify that the message was sent by the authorized party and that it wasn't tampered with during transmission.

Antivirus software: Software can be loaded on an operating system to detect viruses and prevent them from entering the database where they can alter or delete data. Because new viruses are constantly being created, you should update your antivirus software on a regular basis.

Encryption: Data is encrypted--or translated into a code--to ensure that it can be read only by authorized users who have the software to decrypt the data. Encryption also protects material from unauthorized access or tampering while it's traveling on the Internet.

Firewalls: Firewalls provide a single point of entry for data, which allows the credit union or security service to screen out unauthorized users before they enter the internal computer system. You can usually dedicate a personal computer (PC) for firewall use. This PC is loaded with the appropriate software to filter all information passing to and from the in-house computer system.

Protocols: You use a set of rules, or "protocols," to determine how a network operates, including the cryptography that protects information. Intranet systems usually rely on transmission control protocol (TCP) or Internet protocol (IP).

One common protocol for Internet security is secure sockets layer (SSL), which helps secure data contained within networks. Secure electronic transaction (SET) is a protocol that's used to secure credit card transactions on the Web.

Routers: Routers, which connect two or more networks, are used to direct messages to the correct access point. A router may be either a computer or a software package. The router directs messages to the proper destination and is sometimes referred to as a "gateway." Routers are often employed in conjunction with firewalls.

According to Symantec’s Internet Security Threat Report, the high degree of malicious activity originating in the United States is likely driven by the expansive Internet infrastructure there. The United States accounts for 19 percent of the world’s Internet users. Furthermore, the number of broadband Internet users in that country grew by 14 percent between December 2005 and July 2006. Despite the relatively well developed security infrastructure in the United States, the high number of Internet-connected computers there presents more targets for attackers to compromise for malicious use. Symantec predicts that the United States will remain the highest ranked country for malicious activity until another country exceeds it in numbers of Internet users and broadband connectivity.

China was the second highest country for malicious activity during the six-month reporting period, accounting for 10 percent of all worldwide malicious activity. Germany was third, with seven percent. The prominence of both of these countries can likely be attributed to the high number of Internet users there, as well as the rapid growth in the country’s Internet infrastructure.