Welcome

Welcome to Baqer J. Al-Lawati blog.

Tuesday, 18 February 2014

Online Services & Security and Privacy of Data

Online Services & Security and Privacy of Data

Need to Protect Confidentiality of Data:-

When we speak about data confidentiality, personal data has to be kept secret and should not be exposed to the public. In order to do that, encryption is used where data is being scrambled with some sort of code which cannot be interpreted. Any illegal security breach would be in vain because the encrypted data cannot be read. To read the encrypted data, a secret key or password is required to enable the reader to decrypt it. If this key is stolen by an illegal figure them, well, nuff said.
Unencrypted data is called plain text while the encrypted ones are referred to as a cipher text. 

Shop Security 

This would include extreme security, aka. public keys & private keys are used. Public key systems are used to encrypt information that is transmitted using the internet for payment purposes. Provided that you know an individual's public key, you can use it to encrypt a message a message to send to them. A private key is used by certain/specific personnel to decrypt the information.

 

Online Banking

Of course, online services such as online banking do use heavy encryption but encryption alone doesn't pay off in these situations. Online banking services use additional methods of security. (1) One of these are known as transaction numbers (TAN)s. They are basically temporary passwords which are only used once. The bank will send you these numbers and they'll be available for several minutes, thereby narrowing the hackers opportunities to intercept. (2) Another method is that the bank asks you to type in only a part of your password like input your third, fourth & fifth characters of your password. If a hacker was able to intercept, he/she will only be able to identify that part of the password which won't do them any good. (3) Yet, another method involves using a handheld chip & PIN device which is capable of generating single-use passwords (this is called 'two-factor authentication'). Once the customer have inserted their card into the device and enterd their PIN number, they will will be issued with an eight-digit code. This is the password they use to log in to pay somebody and it changes each time the information is entered. 

Online Shopping

Almost, the same encryption techniques are used for data transmission as are used by banks. Most sites use the "https" prefix rather than the more common "http" to ensure customers that they're using a safe, secure website. In addition to that, online shopping services now use 'Secure Socket Layer (SSL)' and/or 'Transport Layer Security (TLS)' protocols. Both protocols are used in the encryption of message between a client computer and a server, although TLS is now taking over SSL.. Customer should read the privacy police carefully. If the privacy policy is missing in a website or is difficult to understand, customers should consider buying from another website. 

 

 References:-

Applied ICT textbook by Brian Sargent & Graham Brown

0 comments:

Post a Comment