1. Secure Electronic Transactions (SET) is an open protocol which has the potential to emerge as a dominant force in the securing of electronic transactions. Jointly developed by Visa and MasterCard, in conjunction with leading computer vendors such as IBM, SET is an open standard for protecting the privacy, and ensuring the authenticity, of electronic transactions (IBM 1998).
RSA 128-bit encryption as a standard feature to ensure that data stays secure. RSA encryption is the industry standard for use in securing applications, and RSA 128-bit encryption is widely considered unbreakable, therefore, when it applies to the e-commerce, it secures the credit card encryption while works over the transactions through the internet.(Information Management Online, 2005)
2. Network-based intrusion detection systems use raw network packets as the data source. A
network-based IDS typically utilizes a network adapter running in promiscuous mode to monitor
and analyze all traffic in real-time as it travels across the network. Its attack recognition module
uses four common techniques to recognize an attack signature:
· Pattern, expression or bytecode matching,
· Frequency or threshold crossing
· Correlation of lesser events
· Statistical anomaly detection
Host-based intrusion detection started in the early 1980s before networks were as prevalent,
complex and interconnected as they are today. In this simpler environment, it was common
practice to review audit logs for suspicious activity. Intrusions were sufficiently rare that after the fact analysis proved adequate to prevent future attacks (ISS, 1998)
complex and interconnected as they are today. In this simpler environment, it was common
practice to review audit logs for suspicious activity. Intrusions were sufficiently rare that after the fact analysis proved adequate to prevent future attacks (ISS, 1998)
3. The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. (Webopedia, 2008)
References
1. Information Management Online, 2005 , ' Increases Security by Providing RSA 128-bits Encryption as Standard Platform Security Level'
2. ISS, 1998, ' Network-base vs Host-based Intrusion'
3. Webopedia, 2008 ' Phishing'
No comments:
Post a Comment