Internet Security Essay -- essays research papers

Security on the Internet How do you secure something that is changing faster than you can fix it? The Internet has had security problems since its earliest days as a pure research project. Today, after several years and orders of magnitude of growth, is still has security problems. It is being used for a purpose for which it was never intended: commerce. It is somewhat ironic that the early Internet was design as a prototype for a high-availability command and control network that could resist outages resulting from enemy actions, yet it cannot resist college undergraduates. The problem is that the attackers are on, and make up apart of, the network they are attacking. Designing a system that is capable of resisting attack from within, while still growing and evolving at a breakneck pace, is probably impossible. Deep infrastructure changes are needed, and once you have achieved a certain amount of size, the sheer inertia of the installed base may make it impossible to apply fixes. The challenges for the security industry are growing. With the electronic commerce spreading over the Internet, there are issues such as nonrepudiation to be solved. Financial institutions will have both technical concerns, such as the security of a credit card number or banking information, and legal concerns for holding individuals responsible for their actions such as their purchases or sales over the Internet. Issuance and management of encryption keys for millions of users will pose a new type of challenge. While some technologies have been developed, only an industry-wide effort and cooperation can minimize risks and ensure privacy for users, data confidentiality for the financial institutions, and nonrepudiation for electronic commerce. With the continuing growth in linking individuals and businesses over the Internet, some social issues are starting to surface. The society may take time in adapting to the new concept of transacting business over the Internet. Consumers may take time to trust the network and accept it as a substitute for transacting business in person. Another class of concerns relates to restricting access over the Internet. Preventing distribution of pornography and other objectionable material over the Internet has already been in the news. We can expect new social hurdles over time and hope the great benefits of the Internet will continue to ove... ...o that its confidentiality and integrity are preserved. That is, the data remains secret to those who do not posses the secret key, and modifications to the cipher text can be detected during decryption. Two of the most popular symmetric ciphers are the Data Encryption Standard (DES) and the International Data Encryption Algorithm (IDEA). The DES algorithm operates on blocks of 64 bits at a time using a key length of 56 bits. The 64 bits are permuted according to the value of the key, and so encryption with two keys that differently in one bit produces two completely different cipher texts. The most popular mode of DES is called Cipher Block Chaining (CBC) mode, where output from previous block are mixed with the plaintext of each block. The first block is mixed with the plaintext of each block. The block uses a special value called the Initialization Vector. Despite its size and rapid growth, the Web is still in its infancy. So is the software industry. We are just beginning to learn how to develop secure software, and we are beginning to understand that for our future, if it is to be online, we need to incorporate security into the basic underpinnings of everything we develop.