The Internet Security And Its Uses Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The recent proliferation of high-speed networks and processor technologies has enabled the Internet access to many people across the globe. Individuals and organizations across the globe can reach any point of the network without any geographical boundaries or time of day. However this convenience and easy access to information have brought new risks, such as the information loss, hacking, and its misuse. The information available on networked computers is more vulnerable than if the same information is printed on paper and kept in a locked cabinet. The Intruders no more require to break an office or home for their theft, and they may be operating from remote places. They can not only create new files, run their own programs, but also hide evidence of their unauthorized activity [6,1].

This report encompasses four different aspects of the Internet security and its utilization: at first, we will discuss which applications and protocols and technology can be used to prevent any theft or damage of electronic files or data from intruders. Secondly, how we can make the browser safe and secure to use. Thirdly, what is the various aspects of the information warfare. Finally, what are the challenges for internet security in the coming days?

Keywords: internet security protocols, information Revolution, Cyber Attack, browser security, Information Warfare, Future of internet security.

1 Introduction

The recent advancements in the Internet as an important way of communication and data transfer have globalized the everyday lives of billions of people. The major impact of the Internet is the change it has brought in our personal and private domains. This has enhanced the need to provide protection and security to the confidential data being transmitted through the Internet. Consequently, the Internet security has become an important research field in computer sciences. It encompasses various sub-fields, such as Internet security protocols, choice of browser, and information warfare among many others. In general, it helps to establish various protocols and steps to secure the information transfer over the Internet channels. This report covers these important topics in the Internet security research. It is divided into four topics.

Understanding Internet security protocols

Importance of choice of browser

Information warfare

The future of Internet security

We discuss these topics in the following sections. Section 2 discusses various protocols in Internet security. Section 3 gives an insight into the importance of choice of browser. Section 4 provides a discussion on information warfare. Section 5 discusses the future of Internet security. Section 6 concludes this report.

2 Internet Security Protocols

We mainly discuss the following Internet Security Protocols in this section.

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

IPv4 and IPv6 Security

S/MIME (Secure/Multipurpose Internet Mail Extension)

2.1. Security Socket Layer (SSL)

SSL is a security protocol developed by Netscape, used in almost 100% of secure Internet transactions. Importantly, a typical dependable transport protocol (e.g. TCP) is transformed into a secure channel that is suitable for conducting confidential data transactions.

The SSL protocol defines the methods by which a secure communications channel can be established. However, it does not specify the algorithms required for cryptography. It supports various such algorithms, and provides a framework, which can be utilized for convenient cryptographic methods for secure transactions of data.

It serves as a novel layer of security protocol that works on top of the TCP/IP and below the abstract application layer.

\\hadar\fmzou\fig1.gif

Figure 1: Secure Socket Layer Protocol

SSL makes use of TCP/IP as a higher-level protocols and allows its user an SSL-enabled server to authenticate itself to an SSL-enabled client. It also enables the client to first authenticate itself to the server. SSL allows two communicating machines to create an encrypted connection between both.

Its main purpose is to get servers and client`s authentication; however clients authentication is optional in SSL. Other objectives include the data integrity and confidentiality by creating an encrypted SSL connection to secure from eavesdroppers and hacker.

The SSL includes two sub-protocols:

SSL Record Protocol

SSL Handshake Protocol

SSL record protocol basically defines the format used to allow data transmission, whereas the handshake SSL uses the record SSL to communicate a number of messages between SSL-enabled Server and Client when a connection is established between them.

How SSL Works

First Step:

First of all a browser requests a secure page (ex https ://) and

In return the web server sends its public key with its certificate.

Second Step:

The browser confirms that the certificate was issued by an authentic party certificate is still valid and it is related to the site contacted. The browser then makes use of the public key, to encrypt a random symmetric encryption key and transmits it to the server with the encrypted URL needed and other encrypted http data.

Third Step:

The web-server performs decryption of the symmetric key and also decrypts the URL and http data with the help of its private key.

The web server re-transmits the requested html document and http data encrypted with the symmetric key.

Then finally, the browser decrypts http data and html document by utilizing the symmetric key and transmits the information on client side.

Private key/Public key and SSL Certificate

A method of encryption in which a pair of private and public key is used. It ensures that the data can be encrypted by one key but can only be decrypted by the other key pair.

The keys are similar in nature and can be used alternatively: the information encrypted by one key can be decrypted by another key. The key pair uses prime numbers and their length in terms of bits makes sure that they cannot be decrypted with the pair. The trick hidden in a key pair is to keep one key secret (the private key) and to distribute the other key (the public key) to everybody.

Anybody can send you an encrypted message that only you will be able to decrypt. In the contrary, you can confirm that a message was transmitted by only you, due to its encryption by your private key, and only the paired public key can correctly decrypt it.

SSL Certificates consist of small files that digitally connect a cryptographic key to the details of an organisation. When a certificate is installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser. Typically, SSL is used to secure:

Credit card transactions

Data transfer

Logins

Securing browsing of social media sites etc.

SSL Certificates includes following:

A domain name, server name or hostname

An organisational identity (i.e. company name) and location.

Importance of Choice of Browser and its Security

SSL Certificate Details

Figure 2: SSL Certificate

IPv4 and IPv6 Security

IPv4 means Internet Protocol version four and IPv6 means internet protocol version six. IPv4 is the commonly used IP address which consists of 32 bits. It can support up to 232 IP addresses. [7] For example:

192.168.10.50 & 10.4.5.7 etc.

IPv4 was published in 1981and its initial design was not able to cover rapidly increasing internet and it creates big issues. The limitations of the IPv4 are as follows:

Insufficient amount of IPv4 addresses: limited amount of IPv4 addresses causes a lot of problems. Most of the companies do not use all the provided IP addresses. On the other hand due to the scarcity of addresses some companies implemented NAT (Network Address translation) to map multiple private addresses to a single public IP address. NAT do not support network layer security standards and it also do not support the mapping of all upper layer security protocols and NAT can also create problem when two networks using the same IP address ranges of private addresses. Servers, workstations and devices on internet require more IP addresses but IPv4 `s scarcity of addresses comes as a major issue. [9]

Security Issues: When IPv4 was introduced in 1981, current security was not being taken as an issue for internet so it was not anticipated. But later on when IPsec was came into effect, it provides security to IPv4 packet but it's not built-in and only works as optional and can be implanted only on proprietary basis. [8,9]

Configuration Issues: As network and internet is growing rapidly, the implementation and configuration of static and dynamic IP addresses should be simplified.

Quality of Service (QOS): Quality of Service works on IPv4 but it relies on 8 bits of type of service field and the identification of payload. But when packet payload is encrypted, Type of service has very limited functionality and payload is not possible with encryption. [7, 9]

However due to the above mentioned reasons, IPv6 is going to replace IPv4. So we can say that IPv6 is developed as a replacement of IPv4. [8]

IPv6 is 128 bits long IP address and can support up to 2128 addresses to cover all future needs with better security and good network features.[7] For example;

1030:0:0:0:5:600:310c:325b:ff08:c3 & 0:0:0:0:0:0:194.1.57.12

Following are main features of IPv6 addressing.

Large space for addresses.

New packet format

Statefull and stateless address configuration.

Integrated IPsec.

Multicast

Neighbour discovery protocol

Extensionability and jumbograms.

S/MIME (Secure/Multipurpose Internet Mail Extension)

This is a protocol which adds encryption and digital signatures to multipurpose internet mail extension or MIME and it provides following cryptographic security services for electronic messaging applications. [10, 12, 11]

Message integrity.

Authentication.

Origin clarity by using digital certificates.

Encryption to enhance data security and privacy.

3 Importance of Choice of Brower and its Security

A few years back in history of internet only one browser was dominant, which was called Microsoft Internet explorer but now with a massive development in the technology internet world plenty of browsers out there to use. Among them, the most important are Google Chrome, Mozilla Firefox, Safari and Internet Explorer. Recently, Opera and Android are gaining popularity. According to w3schools.com website, the browser usage statistics are given in the following table [22].

Browser

Chrome

Firefox

I.E.

Safari

Opera

Usage(%age)

46.9

31.1

14.7

4.2

2.1

Our choice of internet browsers and its version can play a big role in internet experience and performance of online material which is being used on day to day basis. By upgrading to a newer version of an available internet browser can result with a better speed of uploading web pages and simply by degrading to an older version can result a shocking decrease in performance and even some of the functions will totally stop working with older versions [13,15].

I would like to highlight one aspect that it's not only browser or its version effecting internet access performance but there is another factor which is called Plug-ins that delays almost 20 sec loading a page on internet explorer. A couple of more factors like firewall settings and level of local traffic also put a great impact on processing delay.

Performance of an internet browser is not the only thing to consider but performance with security is a big challenge and choosing a web browser which is securing more than others is very important especially security is a big issue when we interact outside the corporate firewall boundaries [14].

In most of the cases now browser need to work well with internally developed web applications and software. The chosen browser must provide compatibility and security along with performance. The value of service can't be compromised with poor performance and less security. At this kind of circumstances needs a web browser which does not disrupts the business or breaks the chosen methodology. Definitely a level of confidence with browser maker and a high class support services would be a great advantage.

Companies should block other browsers after choosing one as they are not complaint with security policy. This helps the IT department in any organisation to work with controlling security and compatibility issues with other applications and software.

The fact is there is no browser in the market currently which can guarantee security or optimal app performance. But some companies prefer safari and Firefox for MAC users and Chrome and Firefox for windows users due to their support in compatibility and security [14, 15].

We should make sure the following things when working on browser to make it more secure [13]:

Stay on HTTPS wherever it's available.

Don't forget to Log off when using a shared computer.

Understand the common fraud tricks i.e. malware, phishing scams, etc

Using extensions like Adblock plus, Ghostery, and do not track plus etc. can avoid others tracking your web history.

Go anonymous by using Tor browsers and BT Guard torrenting tools when downloading torrents occasionally.

Use VPN services to secure everything doing remotely.

4 Information Warfare

Rapid growth in information and communication technology and their increasing effects in our life have revolutionised the communication process and the importance of information warfare in our society. [16]

The use of information and communication technologies has been of main interest to government, intelligence agencies, computer scientists and security experts for the last two decades.

Information warfare may involve obtaining important information, giving assurance that this information is valid, spreading propaganda or disinformation to the enemy or people. Information warfare called cyber warfare if we consider into computer and network security side.

It consists of use of hacking in broad sense, network attack tools, computer viruses during a conflict between states or substate groups in order to deny crucial military and other services for operational or propaganda purposes. It thus extends traditional e-war techniques such as radar jams by adding new hacking techniques. [18]

Some important forms of Information Warfare include the following:

Logistic networks, such as defence installations are disabled

Stock exchanges are hacked.

Govt websites are sabotaged.

TV or Radio transmissions are jammed.

Propaganda is spread over communication channels, such as Internet, TV, and Radio etc.

5 The Future of Internet Security

The Internet is a complex network of computers interconnected through high-speed switches, cables, and wireless technologies. It is difficult to comprehend the complexity of the Internet, in order to fathom its actual shape, size, and enormity, which are key factors to determine the security of its data transfers and its future. Since its origins in the late 1960s in ARPANET, and its popularity in the 1980s in European projects like CERN, it has inherited architecture suitable to transmit and route data in the form of packets. Keeping in mind, that there is no single authority to operate the Internet due to many right reasons (data manageability, information monopoly, size, and enormity), the security of Internet becomes an everlastingly important topic for the future research [23].

Traditionally, many methods, such as password protection, public and private key data encryption, and firewalls have been used. Later on, security protocols, based on various security and encryption methods, such as Secure Sockets Layer (SSL) and Private Communications Technology (PCT), were developed by Netscape and Microsoft, respectively. These two protocols were then merged together into a common standard named as the Secure Transport Layer Protocol (STLP). Most recently, IPv4 have been used as the first publicly used version of the Internet Protocol (IP).

The latest version of IP is termed as IPv6, also referred as the Next Generation Internet Protocol (IPng). It provides unique provisions to provide secure static IP addresses that can help to track the activities of a certain device used by a user. This causes a security concerns for the users. In order to tackle these concerns, the IPv6 generates a random host identifier for user's devices instead of static IPs to interact with external hosts. These identifiers are named as ephemeral addresses. The utilization of ephemeral addresses enables a secure channel between a user and host and makes it tough for a hacker to track the activities of the user. Such security extensions are created in all operating systems by default. In current and future networks, IPv6 will provide a new level of security to the users for secure transmission of their data. Major security features of IPng include [24]:

128-bit IP Address: Enable huge address space

New Header Format: More secure

Native Security: Enhanced by IP Security (IPSec) Protocol

Quality of Service (QoS): QoS to high-priority packets

Auto-configuration: Dynamic Host Configuration

New Extension Headers: For different purposes.

Authentication Header: For enhanced security of packets, Security Associations (SA) are defined for one-way communication between host and sender. This security channel is created by an Authentication Header (AH) that enables data integrity and authentication for the whole IPv6 packet.

Another header called, the Encapsulating Security Payload (ESP) header adds data integrity by providing authentication and secure communication. When the authentication is made for the ESP Header, a unique algorithm is applied to encrypt the payload data.

The migration to IPng will provide many interesting research questions and new issues, and the security algorithms will play a key role in its global acceptability.

6 Conclusions

In this report, we discussed various aspects of the Internet security. We discussed important security protocols, and their applications. Furthermore, we discussed the security of browsers and their choice. Then, we briefly elaborated the information warfare in recent times. Finally, we concluded the report by discussing the future of Internet security.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.