Today’s lecture will be cover Lecture 7 which is about Security in Applications. This lecture will focus on Electronic Mail Security, security provided in email, web security and biometric.
First of all, what is email? Email is an abbreviation of Electronic mail, is a method of exchanging digital messages, designed primarily for human use. Normally, email contains 2 parts, the header and the body. Header include sender, recipient, date, subject and delivery path while body consists of the message content. Originally a text-only communications medium, email was extended to carry multi-media content attachments, which were standardized in Multipurpose Internet Mail Extensions (MIME).
Security provided in email includes confidentiality, data origin authentication, message integrity, non-repudiation of origin and key management. Contemporarily, e-mail is the main vector by which computer viruses spread. Virus can be self-replicating code that embedded in email, exploits feature or vulnerabilities of email client. Spamming could be occurring in email. Spam has frustrated, confused, and annoyed e-mail users.
Next, web security is discussed. Web security can be provided in several form include SSL/TLS, SSH and SET. SSL is the predecessor of TLS, where both SSL and TLS are cryptographic protocols that provide security for communications over networks. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message. In application, SSL secure e-commerce and electronic banking such as amazon.com, airlines and etc. SSH is an abbreviation of Secure Shell which is initially designed to replace insecure RSH, telnet utilities. SSH provides security in application layer. SSH application include Anonymous FTP for software updates, Secure FTP, Secure Remote Administration and Guerilla Virtual Private Network. SET is an open encryption and security specification designed to protect credit card transactions on the internet. SET requires two pairs of PKs per entity. One is for signing and another is for exchanging keys.
Then, we move on to HTTPS which is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encryption and secure identification of the server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems.
S/FTP is an abbreviation for Secure File Transfer Protocol which is an interactive file transfer program. It is a terminal program that encrypts the files that you send and recieve to a remote system. SFTP is a secure form of the ftp command. The benefit of SFTP against FTP is that when using ssh's sftp instead of the ftp, the entire login sesion, including transmission of password, is encrypted.It is therefore much more difficult for an outsider to observe and collect passwords from a system using ssh/sftp sessions.
The last sub-chapter is about biometric. The word biometric can be defined as "life - measure." It is used in security and access control applications to mean measurable physical characteristics of a person that can be checked on an automated basis. Biometric identification systems can be grouped based on the main physical characteristic that lends itself to biometric identification:
- Fingerprint identification
Fingerprint ridges are formed in the womb; you have fingerprints by the fourth month of fetal development. Once formed, fingerprint ridges are like a picture on the surface of a balloon. As the person ages, the fingers get do get larger. However, the relationship between the ridges stays the same, just like the picture on a balloon is still recognizable as the balloon is inflated. - Hand geometry
Hand geometry is the measurement and comparison of the different physical characteristics of the hand. Although hand geometry does not have the same degree of permanence or individuality as some other characteristics, it is still a popular means of biometric authentication. - Palm Vein Authentication
This system uses an infrared beam to penetrate the users hand as it is waved over the system; the veins within the palm of the user are returned as black lines. Palm vein authentication has a high level of authentication accuracy due to the complexity of vein patterns of the palm. Because the palm vein patterns are internal to the body, this would be a difficult system to counterfeit. Also, the system is contactless and therefore hygienic for use in public areas. - Retina scan
A retina scan provides an analysis of the capillary blood vessels located in the back of the eye; the pattern remains the same throughout life. A scan uses a low-intensity light to take an image of the pattern formed by the blood vessels. Retina scans were first suggested in the 1930's. - Iris scan
An iris scan provides an analysis of the rings, furrows and freckles in the colored ring that surrounds the pupil of the eye. More than 200 points are used for comparison. Iris scans were proposed in 1936, but it was not until the early 1990's that algorithms for iris recognition were created (and patented). All current iris recognition systems use these basic patents, held by Iridian Technologies. - Face recognition
Facial characteristics (the size and shape of facial characteristics, and their relationship to each other). Although this method is the one that human beings have always used with each other, it is not easy to automate it. Typically, this method uses relative distances between common landmarks on the face to generate a unique "faceprint." - Signature
Although the way you sign your name does change over time, and can be consciously changed to some extent, it provides a basic means of identification. - Voice analysis
The analysis of the pitch, tone, cadence and frequency of a person's voice.
There are numbers of advantages in the biometric technology include:
- Provide extremely accurate, secured access to information; fingerprints, retinal and iris scans produce absolutely unique data sets when done properly
- Current methods like password verification have many problems (people write them down, they forget them, they make up easy-to-hack passwords)
- Automated biometric identification can be done very rapidly and uniformly, with a minimum of training
- Identity can be verified without resort to documents that may be stolen, lost or altered.
No comments:
Post a Comment