Sunday, March 27, 2011

Internet Security

Internet security is a branch of computer security specifically related to the Internet. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet represents an insecure channel for exchanging information leading to a high risk of intrusionor fraud, such as phishing. Different methods have been used to protect the transfer of data, including encryption.

Types of security

Network Layer Security
TCP/IP can be made secure with the help of cryptographic methods and protocols that have been developed for securing communications on the Internet. These protocols include SSL and TLS for web traffic, PGP for email, and IPsec for the network layer security.

IPsec Protocol

This protocol is designed to protect communication in a secure manner using TCP/IP. It is a set of security extensions developed by IETF, and it provides security and authentication at the IP layer by using cryptography. To protect the content, the data is transformed using encryption techniques. There are two main types of transformation that form the basis of IPsec: the Authentication Header (AH) and Encapsulating Security Payload (ESP). These two protocols provide data integrity, data origin authentication, and anti-reply service. These protocols can be used alone or in combination to provide the desired set of security services for the Internet Protocol (IP) layer.
The basic components of the IPsec security architecture are described in terms of the following functionalities:
  • Security protocols for AH and ESP
  • Security association for policy management and traffic processing
  • Manual and automatic key management for the internet key exchange (IKE)
  • Algorithms for authentication and encryption
The set of security services provided at the IP layer includes access control, data origin integrity, protection against replays, and confidentiality. The algorithm allows these sets to work independently without affecting other parts of the implementation. The IPsec implementation is operated in a host or security gateway environment giving protection to IP traffic.

Malicious software and antivirus
Commonly, a computer user can be tricked or forced into downloading software onto a computer that is of malicious intent. Such programs are known as malware and come in many forms, such as viruses, Trojan horses, spyware, and worms. Malicious software is sometimes used to form botnets.
Viruses are programs that can replicate their structures or effects by infecting other files or structures on a computer. The common use of a virus is to take over a computer to steal data.
Trojan horse
A Trojan horse (commonly known as a Trojan) is a general term for malicious software that pretends to be harmless so that a user willingly allows it to be downloaded onto the computer.
The term spyware refers to programs that surreptitiously monitor activity on a computer system and report that information to others without the user's consent.
Worms are programs that can replicate themselves thoughout a computer network, performing malicious tasks throughout.
A botnet is a network of "zombie" computers that have been taken over by a "bot" that performs large-scale malicious acts for the creator of the botnet.
Antivirus programs and Internet security programs are useful in protecting a computer or programmable device from malware.
Such programs are used to detect and usually eliminate viruses; however, it is now common to see security suites, containing also firewalls, anti-spyware, theft protection, and so on to more thoroughly protect users.
Traditionally, a user would pay for antivirus software; however, computer users now can, and do, download from a host of free security applications on the Internet

Related Post:

No comments:

Post a Comment

comment bellow please! and put your request

Follow by Email