150 likes | 281 Views
Presentation of: Internet Privacy Issues, Modified SSL to the rescue. By Olalekan Habeeb Kadri. Outline. Introduction and Internet importance Problems with Internet Some Examples Modified SSL to the Rescue Challenges Conclusion References Questions. 1. Intro & Internet Importance.
E N D
Presentation of: Internet Privacy Issues, Modified SSL to the rescue By OlalekanHabeebKadri
Outline • Introduction and Internet importance • Problems with Internet • Some Examples • Modified SSL to the Rescue • Challenges • Conclusion • References • Questions
1. Intro & Internet Importance • Convenient • Fast • Cross-boarder trade easy • Increased sales But …
2. Problems Cyber-crimes and Privacy violation is a menace
3. Examples • Identity theft and Spam messages • Viruses and Trojan attacks (Nordea Bank Sweden) • Caching Servers • Windows Challenge
Identity Theft Identity theft is Britain's fastest-growing white collar crime, increasing at nearly 500% a year. Criminals search public databases for information about dates of birth, social security number and address and then apply for credit cards, bank accounts or mobile phones under false identities, run up debts and move on to another identity [7].
Viruses and Trojan The effect of a key-logging Trojan attack on Nordea Bank in Sweden reporting a loss of $1.1 million to Russian organised criminals over a three-month period. This was reported to have been done in relatively small amount within the three month period, with debits spread across the accounts of around 250 business and consumer customers. The implementation was via a custom Trojan that was sent to unsuspecting customers as anti-spam application [11].
Caching Server The latest terror that is unleashed on the internet against privacy is the vulnerability of internet users to privacy loss due to attacks that may hidden on caching servers of trusted companies like Google [8].
Windows Challenge • It is expected that more than 1 billion computers will run Windows soon [5]. • There are however security lapses associated with Windows operating system thereby creating a good avenue for hackers to delve into internet user’s privacy [3].
4. The Proposed modified SSL • Individuals and companies with their private and public keys • Private and public keys are unique • All transactions history based on Public keys. • Personal information centrally stored by Govt./CA • SSL used for secured communication
Products for delivery and feedback CA/Govt. Registration and Delivery Transaction initiation and reply Supermarket Individual Monetary claims and returns Transaction confirmation and authorisation Financial Institution 4. The Proposed modified SSL
5. Challenges • Synchronisation of new model • Thin clients • Other proactive measures
6. Conclusion • The model is expected to at least solve/reduce vulnerability as a result of storage of personal information in Public and Private companies’ Databases.
7. References • [1] Bech S. (2007) Punch your weight available at http://www.bcs.org/server.php?show=ConWebDoc.10577 (accessed on 25/09/2007) • [2] Chesher M, Kaura R & Linton P (2003) Electronic Business & Commerce, London: Springer-Verlag • [3] Cheswick W. R. (2005) ‘My Dad’s Computer’ in IEEE Spectrum August 2005 • [4] Earp J. B., Anton A. I., Aiman-Smith L. and Stufflebeam W. H. (2005) ‘Examining Internet Privacy Policies Within the Context of User Privacy Values’ in IEEE Transactions on Engineering Management Vol. 52 No. 2 pp 227-237 • [5] Forbes.com (2006) The Forbes 400 available at http://finance.yahoo.com/personal-finance/article/103513/The-Forbes-400 (accessed on 27/09/2007) • [6] Foreign and commonwealth Office (2007) Drugs & Crime available at http://www.fco.gov.uk/servlet/Front?pagename=OpenMarket/Xcelerate/ShowPage&c=Page&cid=1044901627149 (accessed on 26/09/2007) • [7] Penycate J. (2001) Identity Theft: Stealing your name available at http://news.bbc.co.uk/1/hi/business/1395109.stm (accessed on 24/09/2007) • [8] Rabinovitch E. (2007) ‘Protect your Users against the latest Web-based threat: Malicious Code on Catching Servers’ in IEEE Communication Magazine March 2007 • [9] Shabadash V. (2004) What is Hacking? available at http://www.crime-research.org/news/05.05.2004/241/ (accessed on 22/09/2007) • [10] Scroggs C. (2007) Gone Phisin’? available at http://www.bcs.org/server.php?show=ConWebDoc.10316 (accessed on 26/09/2007) • [11] Woollacott P. (2007) Cybercrime comes of age available at http://www.bcs.org/server.php?show=ConWebDoc.10571 (accessed on 26/09/2007)