Académique Documents
Professionnel Documents
Culture Documents
Trustworthy Computing
It is important for businesses to provide their customers with a trustworthy
environment
Trustworthy environment- customers feel safe to transact business
Creating a trustworthy computing environment is not a one-time activity;
it is a continuous activity
Businesses can take maximum advantage of computing devices and related
information systems only when they are dependable and trustworthy
Trustworthy Computing Framework
Trustworthy computing- term coined by Microsoft in its attempt to
enhance computer security and reliability to the same levels as modern
telephones
Environment in which computer systems, software, and information
resources are insulated from unintentional and intentional
unauthorized access, manipulation and destruction.
The trustworthy environment created for an e-commerce transaction requires
integration of systems, engineering, policy, procedures and processes and
attitudes if the users of the systems
Requirements for integration
Reliable computer systems
Software considerations
No loopholes which could be exploited
Conformity to the policies laid down by the business
Objective of Trustworthy Computing
Security- viruses and other malicious codes will not enter the customers
system via the business system; no unauthorized access
Quantum encryption relies on techniques that keep data secret through the
application of the law of physics. This solves the key distribution problem
How it works:
Quantum cryptography uses the physical phenomenon of light called
polarization
Polarization occurs when light waves are passed through a
polarized filter, which allows only light waves with the same orientation
as the filter to pass
Photon detector identifies information about the polarization of the
photons
Polarization states can therefore be used to encode data as zeros and
ones
Qubit single quantum information
Bases pairs of perpendicular polarization states
Quantum key distribution can be achieved by sending a string of
photons that have random polarizations, which are converted to a
series of binary numbers
If this string of numbers representing the encryption key is intercepted
by an eavesdropper, this is detected by the sender and the receiver.
The key is discarded and a new one is requested until a key that has
not been intercepted is received
Principle of quantum encryption does not operate on securing the
message as it is transmitted but on the retrospective realization of
whether it has been tampered along the way
Quantum encryption is not suitable for keeping the message secret but
for transmitting the encryption keys that could then be used with
traditional encryption schemes to protect the message itself
Quantum encryption protocols:
BB84 protocol most popular version of quantum encryption
protocols, that was developed by Bennett and Brassard
Privacy on the Internet
Business around the globe now have the capacity to reach the remotest parts
of the world without needing a physical presence there
The internet is unregulated, and the laws and legislation of any one country
do not apply to internet activities that originate in a different country
The cyber public needs to be extra careful about giving away personal
information, as there is always a chance of its being misused
Surfing history
HyperText Transfer Protocol (HTTP) has certain provisions that
allow for tracking the surfing history
Other information that could be sent through the HTTP are email
address and the last website visited
Information gathered by agencies
Many agencies such as universities, businesses such as telephone
services and government departments sometimes publish collected
information on their websites. This is done in order to provide their
users with an option for online searching
This information is gathered by different website companies, which sell
it to businesses and other agencies. This information could be used to
create a rough profile of a person
What can the user do?
Be cautious about providing information that could be published
on the internet
Freeware software
Some of the free software available on the internet might contain spy
programs (spyware) that relay usage data to the originator of the
software
This is extremely dangerous, as free software might also contain
viruses or malicious codes
Electronic Commerce
It provides a lucrative option to hackers in the shape of credit card
numbers
Although, when data is transferred, most of the businesses use Secure
Sockets and other security measures, there is no particular fool proof
security mechanism when data is stored in databases
In some instances, data from websites have been hacked
What can the user do?
The internet and its apparatus function as a global unit, and any
national government embarking to control information on the internet
cannot succeed
The solution to the issue of authenticity of information in cyberspace
lies in cooperation between communities, nations, commercial and
non-commercial organizations and supranational organizations
There needs to be a global convention for internet content, to which
every country needs to conform