This paper is about data security and what is done to try to keep data safe, especially on The Internet. The subject was chosen because it is very important in the information age of today. Also a majority of studies right now deal with Internet protocols and computer networking, for this reason I thought this paper would be beneficial to myself. Earlier computer systems based Dos, UNIX, Novell version 3. 12, and certain earlier versions of Windows did not incorporate the kinds of security needed today. Security has become a buzzword.
It has joined speed, ease of use, and interoperability as one of those things that technology vendors have to at least promise that their product delivers. (Intranet Security xvii). There is an uncountable number of computer breakins each month. Most breakins however are probably not reported due to unaware System Administrators. There was the 1993 case in which investigators in NYC found that three city employees had found a flaw in citys real estate tax computer system and erased 20,000,000 dollars in overdue property taxes (Secure Commerce on The Internet 12).
The orporation Citibank also had an incident in 1995 in which Russian hackers stole over 10,000,000 dollars in fraudulent wire transfers by exploiting a hole in its systems provision for money transfers. It cost the Italian government over 225,000 to repair a glitch in The Rome Air Force Bases system. The telecommunications giant of the west Southwestern Bell had a problem with a hacker named Christopher Schanot that cost them around 100,000 dollars. According to the CSI \ FBI Computer Crime and Security Survey, 246 organizations reported over 100,000,000 dollars in financial loses due to ecurity breaches in 1997 (Intranet Security xvii).
The survey, keep in mind, represents only 246 out of 1000s of businesss. This statistic only describes the reported computer crimes which are not always traceable. Many times an investigation is needed to try to catch the person stealing. Therefore, if it is a one time theft and the hacker covers his tracks effectively, the incident may go unreported. In a study done by the Department of Defense (DOD), approximately 9000 computers were tested and more than 87% were successfully cracked into, of which nly less than 1% of the break-ins were reported.
A popular computer security researcher, Dan Farmer, conducted a survey of high-profile, commerce-oriented World Wide Web Internet sites. Out of the 1700 servers tested more than 60% could be broken into and tampered with, meaning data changed, or even distroyed (Intranet Security 22). Even the United States government had a 22 year old man break into their computers. A hacker first broke into a Harvard database and stole thousands of students passwords and login information to use as online identities while hacking into the White
House computers. He then gained access to the White House computers, although no sensitive data was seen or lost (Secure Commerce on the Internet 14). There was another occurrence in the White House where a researcher, looking for information of the Iran Contra and Oliver North scandal, discovered some sensitive notes that had been deleted off the White House computers and mistakenly dumped into a mainframe. The classified documents were available to all users of the mainframe, none of which had any of the proper security clearance.
To enable communications between different computers on different networks, different protocols have been developed to try to securely pass data from Point A to Point B. Transmission Control Protocol \ Internet Protocol (TCP\IP) is Microsofts version which has been made the standard protocol of the Internet, partly because it is so easily routed. NWLink is the Microsoft implementation of the Internetwork Packet Exchange \ Sequenced Packet Exchange (IPX\SPX) standard that is used by Novell servers. This protocol is routeable but more simple than TCP\IP.
NetBeui is another rotocol that is more properly suited for smaller computer networks and intranetworks because it is not routeable. Apple File Protocol (AFP) is the protocol supported by Apple Computer. It is routeable but not as useful as TCP \ IP or NWLink. DLC is a protocol that is mainly used to communicate with IBM mainframes and Hewlett Packard printers (Networking with TCP\IP 37). All of the protocols have their very distinct advantages and disadvantages such as security, routeablity, speed, etc..
One of the most popular components used in trying to make a completely secure a etwork is Encryption, sending coded data. The only problem with this is that there has to be a key and if the key can be intercepted than the code is broken. Firewalls are also used against unauthorized entry into a organizations server. A fire wall is kind of like the moat around a castle it protects a server from outsiders getting in. The problem with this is that what if the problem is someone within the company or possibility someone who somehow has gotten access somewhere within the companys firewall which is very commonly the problem.
Now Operating Systems are starting to implement stricter file ystems to better protect each computer on an intranet from being used to do any real damage to a network or even itself for that matter. Viruses are a must when addressing the insecurities involved with computers. A virus is a program that can infect other programs by modifying them to include a, possibly evolved, version of itself. (Net Security Your Digital Doberman 52). In other words a virus is to computers what a virus is to people, it infects the host and caused damage or kills host.
Fred Cohen was a student at University of Southern California in 983 when he decided to develop the first computer virus to demonstrate the need for computer security (Net Security Your Digital Doberman 52). In conclusion I would like to say that any information that is transmitted on a network is not 100% safe. Regardless of what a company will tell you there is no such thing as completely secure commerce on the Internet although some are succeeding in keeping hackers out they are constantly changing the technology to do it. For every person out there making the programs there are at least ten studying and deciphering the same code.