|
By:
Hamid
Zangeneh, Ph.D
The
need for privacy of information, both for corporations and individuals,
is very important for any transaction, but due to the potential
of theft at any Internet or Intranet gate, the possibility for mishaps
are much greater than other modes of transactions.
The problem of security could be looked at from two perspectives.
On the one hand, there does not, yet, exist fool-proof safeguards
or fire-walls that could be employed to prevent third party access
to sensitive data as the information travels through the web. On
the other hand, public policy is evolving and legal precedents are
being set. So, there is much less certainty with regard to commercial
rights and obligations of those involved in e-commerce, relative
to those rights and obligations consolidated over many generations
for the traditional transaction modes.
Unauthorized third party access to information could create economic
loss to the legitimate parties involved in a transaction. The third
party access could be for many unlawful and/or unethical reasons.
It could be thievery of information for the purpose of blackmail
or fraud. Modification of information to cause disruption, denial
of service, waste, abuse or destruction of proprietary information
stored in a loosely protected environment connected to the Internet.
There are different kinds of transaction securities, each characterized
by its singular type of data (information or content) that traverse
the net. The data could be public, which requires no security restriction
and could be read by anyone. However, the use of a copyrighted transaction
requires some payment or consent.
Security of confidential data is public knowledge, but it is not
available to the public. This type of information includes individuals’
bank accounts, which require a very high security so that only those
authorized could use the data.
Secret information is not available to the general public. This
type of information requires high security so that only those who
are given clearance could locate and use the data. Transaction security
requires privacy, confidentiality, and integrity.
Privacy could be compromised by interception of data through unauthorized
network monitoring or packet sniffing. This is one basic problem
that has not been resolved, yet. In this case, the attacker (sniffer),
breaks into a system and puts a sniffer program in the system that
monitors and obtains all of the information such as ID, passwords,
etc., necessary to intrude in the system and access any log-in information.
In this case, the legitimate users do not know or notice that they
are being monitored. After the intruder collects enough information
about the users of the system, they could log-in as legitimate users
and extract whatever is available to take.
Of course, sniffing is different from the common practice of web
sites that collect information about their visitors for future use.
Web sites such as Amazon.com and Borders.com regularly put cookies
in visitors' computers that contain their identity and past visits
and activities. These cookies are visible and could be removed,
accepted after inspection, or denied completely. Whereas sniffer
programs, on the other hand, are invisible and undetected by the
owner of the computer. These cookies have both positive and negative
aspects from the point of view of consumers.
On the positive side, they provide the consumer a personalized service,
by collecting a profile of the consumer, which the web site could
bundle and send individualized information of interest to the consumer.
On the negative side of the equation, these cookies could become
a Pandora's box from the individual's point of view, if their contents
are compromised, sold, confiscated, or subpoenaed by a court of
law. Therefore, an explicit policy by the collecting institutions
regarding the usage of these cookies would go a long way in allaying
the individuals' mind that the information is not going to be intentionally
abused or misused.
In France, the government established a commission, National Commission
on Information System and Freedom (Commission National de l'Informatic
et la Libertéé), that governs the handling of consumer
information. This could be used as a model for other countries in
the future. Clinton Administration in the US rejected a similar
proposal by the Federal Trade Commission for consumer privacy and
security. But, I suppose, eventually one will be written and accepted
in the near future, especially if abuses become rampant to provoke
consumers' ire.
Whatever laws and regulations are proposed, they must give the consumer
the right to know what is being collected. A pro-active institution
that voluntarily provides this service would have a competitive
advantage over those who do not.
Another aspect of transaction security, confidentiality, means that
traces of a transaction must be expunged from the network. That
is, no unauthorized intermediary should be allowed to maintain a
copy of the transaction or its history, leaving only the accounting
records of entry and delivery. Integrity of the message is paramount
for a proper and timely execution of any transaction. That is, in
order for a transaction to take place according to the mutual understanding
of the transactors, messages must be sent and received without modification
(i.e., deleting, adding, intermixing, concatenating, and/or changing
the message) by any unauthorized third party during submission,
validation, processing, or delivery of the message. This could be
performed by detection codes or checksums. This technique includes
checking the entire message or selected fields within a message
for errors, sequence numbering to prevent reordering, loss, or replaying
of the message by an intruder, and finally encrypting, which makes
it impossible for the intruder to see the content of the original
message.
Firewall security policies and methods employed in any institution
depend on the level of concern (minimal to paranoia) by the management
for the privacy, confidentiality, integrity, and efficient functioning
of their institution and protection of their proprietary data and
system. Even though the firewall technology has improved considerably
since the hey-days of hacking, they still leave much to be desired,
not because of the absence of technological knowhow, but rather,
because of the necessity of being connected to the net.
Firewalls are not impenetrable if there is modem access to the data
and to the system. Therefore, in general, if for some odd reason
classified data are to be accessed via the net, the management must
be cognizant of the fairly high possibility of unauthorized access
to them at some level. The choice of a firewall and what it should
or should not permit is a function of the security policy of the
institution. Therefore, the management must set their policies according
to their acceptable risk tolerance level and determine what the
firewall should monitor, permit, and/or deny. The dilemma, here,
is that higher security might mean bottlenecks for the institution
if it relies on the net to do a great deal of business, since all
these interactions must go through and be checked by the firewall.
Therefore, the institution must weigh the trade-off between security
and speed and decide, on balance, what is acceptable. One must always
remember that the ultimate security and privacy is nonparticipation,
which is not acceptable.
|
