Epilogue

Previous page
Table of content
Next page
Team-Fly

As mentioned in Chapter 21, every new technology offers new possibilities but also introduces new vulnerabilities, threats, and corresponding risks. This is particularly true for TCP/IP networking and the Internet as a whole. In fact, we overviewed and briefly discussed many risks as well as security technologies, mechanisms, and services to counteract on these risks in the previous parts of this book.

No security technology, mechanism, or service is complete in the sense that it can be used to solve all security problems. This is true for the real world, but it is also true for the digital world. In the real world, we typically use a portfolio of very diverse technologies, mechanisms, and services to provide a good (i.e., safe and secure) feeling to the users. In this sense, the Internet is very comparable to other infrastructures, such as the highway system, the railway system, or even the airway system.

Referring to the highway system comparison (or analogy), for example, a TCP/IP communication problem is something similar to a pothole, a bridge failure, or a closed road. Similarly, a protocol problem is something like a wrongly marked exit sign or a failure of slower traffic to stay in the proper lane, and a network administration problem is something like a lack of emergency vehicle access or notification and response procedures for accidents. Finally, a host problem is something like a store proprietor along the highway leaving the doors open and the store unoccupied. The problem is not the proximity of the highway, but the carelessness of the corresponding store proprietor. Similar examples can be found for the other mentioned infrastructures.

Taking the highway system analogy one step further, it is interesting to have a closer look at the way we attempt to provide safety and security. In particular, we use and deploy several technical, legal, and organizational measures to achieve safe and secure traffic:

  • On the technical side, we (or, at least, the manufacturers) attempt to design and build cars that are safe in the sense that the risks of serious injury in an accident are minimized. Similarly, we build highways in a way that minimizes the risks of careless drivers being able to cause serious accidents (e.g., we separate the lines in opposite directions with physical obstacles).

  • On the legal side, we have traffic laws that define proper behavior on the street. Furthermore, many laws require drivers to have a license and vehicles (e.g., cars and motorbikes) to pass an emissions test.

  • On the organizational side, we have many educational programs and we teach children how to properly behave on the highway. Furthermore, we have police to enforce the traffic laws.

A similar portfolio of technical, legal, and organizational measures should be compiled to provide Internet security. As a matter of fact, several technical measures are currently under consideration for being deployed on the Internet. For example, it is always a good idea to design and develop communication protocols that minimize vulnerabilities and corresponding risks. If a connection-oriented transport layer protocol (e.g., TCP) is designed in a way that state information is maintained only after a connection has successfully been established, the protocol is generally less exposed to DoS attacks. Also, there are people who demand of Internet users some basic education with regard to the proper use of the Internet, and there are people who think that it would be a good idea to require Internet hosts to meet some baseline security requirements. The discussion is even more specific with regard to legal and organizational measures.

Last, but not least, the entire discussion about privacy and (pseudo-)anonymity on the Internet still remains to be held. Referring to the highway system analogy, we have established a system that supports the notion of pseudonyms in reality. In fact, every car license plate lists a unique number, and this number can be used to eventually trace an individual car owner. In the digital world of the Internet, the idea of using pseudonyms is not yet widespread and well understood. Instead, we generally use our real identities (e.g., user IDs and IP addresses) to interact with our peers. This is likely to change in the future. It is possible and very likely that we will see the development and wide proliferation of PETs for the Internet as we already mentioned at the end of Chapter 19. You may refer to [1], Chapter 13 of [2], or [3] for a more comprehensive overview about privacy issues and anonymity services related to the Internet and the WWW. In fact, it is possible and very likely that privacy will become more and more important in a world that is making more and more use of information technologies.

REFERENCES

  1. R. Oppliger, "Privacy Protection and Anonymity Services for the World Wide Web (WWW)," Future Generation Computer Systems, Vol. 16, Issue 4, February 2000, pp. 379–391.

  2. R. Oppliger, Security Technologies for the World Wide Web, Artech House, Norwood, MA, 2000.

  3. M. Caloyannides, Computer Forensics and Privacy, Artech House, Norwood, MA, 2001.

Team-Fly

Previous page
Table of content
Next page
Internet and Intranet Security
Internet & Intranet Security
ISBN: 1580531660
EAN: 2147483647
Year: 2002
Pages: 144
Authors: Rolf Oppliger, Rolf Oppliger
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Metrics and Models in Software Quality Engineering (2nd Edition)
An Introduction to Design Patterns in C++ with Qt 4
Ruby Cookbook (Cookbooks (OReilly))
File System Forensic Analysis
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy