Upload File

bridging the business-to-business authentication gap

  • Home
  • Documents
  • Bridging the business-to-business authentication gap
1
Abstracts of Recent ArCicles and Literature vast array of methods of communication. Sadly, it is a matter of fact that for every different type of system, there are many and varied methods for criminals to defraud and exploit them.This article explains some of the ways in which different systems can be exploited by criminals to gain unauthorized or fraudulent access, examining how and why it is done and the potential liabilities to business. There are many ways the fraudster can obtain the electronic information required to establish a clone; it can be collected using a radio scanner to monitor the frequencies used by the networks. Information can be read from the manufac- turer’s panel behind the battery, or from the display, or even obtained from the legitimate owner by some pretext. However, it is probably true to say that this is problem is on the decrease as a result of work by the network providers. More serious for the business user is the danger that analogue phones represent in terms of call security. Many users fail to appreciate the rela- tive ease with which analogue mobile phones can be monitored. Business users need to recognize the potential for fraud. Most dial-through fraud can be prevented by ensuring that remote engineering access is limited. A dial-back modem will go some way towards maintaining system integrity when coupled with ensuring that the password is a minimum of six random alphanumeric characters, and is changed at least every three months. The ~olrrnal or International Security, Vol. 7, Issue 718, 1997, pp. 261-263. In the line of fire,jan Guildentops. If you don’t take precautions you could be inviting others to take a look at your company’s network.You must make sure that your network, and all information in it, is safe from the prying eyes of the global Internet community. Because it is virtually impossible to safeguard every PC in the network, the firewall principle states that you should concentrate all your security efforts on one spot - the front door formed by the connection of the net- work to the Net - closing this gateway to all but the most harmless forms of Net traffic, and scrutinizing and verifying all data before allowing it to proceed. A firewall is of no use unless it is deployed as part of an overall security plan. It must be checked, maintained and updated regularly to do its job well. Before you start thinking about gadgets such as firewalls and encrypted connections, ask yourself some basic ques- tions. Which information has to be secured and on which systems does that information reside? If you’re using a standard Novell IPX network with all data held on the server and without and TCP/IP connec- tions, your security requirements will be different from those of a fully fledged TCP/IP network. It is also necessary to decide from who or what you wish to secure your valuable data. Make an inventory of the different ways someone can gain access to the net- work. Who is in charge of managing key security ele- ments such as a firewall and its configuration? Permanent Internet connections pose most security risks. Installing a firewall is therefore necessary to ade- quately shield the network from the Internet. Network Solutions, August 1997, pp. 17-30. Bridging the business-to-business authentica- tion gap, Christy Hudgins-Bonajeld. Public Key (PK) authentication and underlying encryption ultimately will determine whether businesses forsake private net- works to derive the savings, collaborative and compet- itive benefits of the Internet. Similarly, authentication, access control and privileges may underlie efforts to streamline staff previously needed for business-to- business transactions. Most businesses are just entering a pilot period for testing and building in-house public key certificate systems. Both businessses and vendors are discovering that the framework for this new child of the Internet has yet to be established and that there are many gaps and hurdles on the road ahead. On the plus side, users finally will have freedom of choice in what has been a narrow PK authentication market. One critical roadblock to widespread deployment is the fractured and overlapping nature of security stan- dards and approaches. In security, it is hard to make choices, but important to do so. One of the chief ways encryption will be implemented for authentication lies with an IETF standard known as IPsec. How will business handle Government key recovery require- ments? Many businesses will want to enhance securi- ty by using short-lived encryption keys. Vendors already have products that offer a different key for each packet, although most users will prefer longer time intervals. Network Computing,July 15, 1997, pp. 63-79. 512

Upload: helen-meyer

Post on 02-Jul-2016

215 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Bridging the business-to-business authentication gap

Abstracts of Recent ArCicles and Literature

vast array of methods of communication. Sadly, it is a matter of fact that for every different type of system, there are many and varied methods for criminals to defraud and exploit them.This article explains some of the ways in which different systems can be exploited by criminals to gain unauthorized or fraudulent access, examining how and why it is done and the potential liabilities to business. There are many ways the fraudster can obtain the electronic information required to establish a clone; it can be collected using a radio scanner to monitor the frequencies used by the networks. Information can be read from the manufac- turer’s panel behind the battery, or from the display, or even obtained from the legitimate owner by some pretext. However, it is probably true to say that this is problem is on the decrease as a result of work by the network providers. More serious for the business user is the danger that analogue phones represent in terms of call security. Many users fail to appreciate the rela- tive ease with which analogue mobile phones can be monitored. Business users need to recognize the potential for fraud. Most dial-through fraud can be prevented by ensuring that remote engineering access is limited. A dial-back modem will go some way towards maintaining system integrity when coupled with ensuring that the password is a minimum of six random alphanumeric characters, and is changed at least every three months. The ~olrrnal or International Security, Vol. 7, Issue 718, 1997, pp. 261-263.

In the line of fire,jan Guildentops. If you don’t take precautions you could be inviting others to take a look at your company’s network.You must make sure that your network, and all information in it, is safe from the prying eyes of the global Internet community. Because it is virtually impossible to safeguard every PC in the network, the firewall principle states that you should concentrate all your security efforts on one spot - the front door formed by the connection of the net- work to the Net - closing this gateway to all but the most harmless forms of Net traffic, and scrutinizing and verifying all data before allowing it to proceed. A firewall is of no use unless it is deployed as part of an overall security plan. It must be checked, maintained and updated regularly to do its job well. Before you start thinking about gadgets such as firewalls and

encrypted connections, ask yourself some basic ques- tions. Which information has to be secured and on which systems does that information reside? If you’re using a standard Novell IPX network with all data held on the server and without and TCP/IP connec- tions, your security requirements will be different from those of a fully fledged TCP/IP network. It is also necessary to decide from who or what you wish to secure your valuable data. Make an inventory of the different ways someone can gain access to the net- work. Who is in charge of managing key security ele- ments such as a firewall and its configuration? Permanent Internet connections pose most security risks. Installing a firewall is therefore necessary to ade- quately shield the network from the Internet. Network Solutions, August 1997, pp. 17-30.

Bridging the business-to-business authentica- tion gap, Christy Hudgins-Bonajeld. Public Key (PK) authentication and underlying encryption ultimately will determine whether businesses forsake private net- works to derive the savings, collaborative and compet- itive benefits of the Internet. Similarly, authentication, access control and privileges may underlie efforts to streamline staff previously needed for business-to- business transactions. Most businesses are just entering a pilot period f or testing and building in-house public key certificate systems. Both businessses and vendors are discovering that the framework for this new child of the Internet has yet to be established and that there are many gaps and hurdles on the road ahead. On the plus side, users finally will have freedom of choice in what has been a narrow PK authentication market. One critical roadblock to widespread deployment is the fractured and overlapping nature of security stan- dards and approaches. In security, it is hard to make choices, but important to do so. One of the chief ways encryption will be implemented for authentication lies with an IETF standard known as IPsec. How will business handle Government key recovery require- ments? Many businesses will want to enhance securi- ty by using short-lived encryption keys. Vendors already have products that offer a different key for each packet, although most users will prefer longer time intervals. Network Computing,July 15, 1997, pp. 63-79.

512

BRIDGING MEDICAL SCIENCE BUSINESS - MedEngine...BRIDGING MEDICAL SCIENCE . WITH. BUSINESS. Creativity, scientific expertise & greatest talents. Always with . exceptional quality. MedEngine

Bridging the Usability Gap New models for secure and usable authentication APGridPMA Plenary Meeting Taipei, 8 March 2010

Bridging the gap-where IT and business meet

Bridging Global Customer Experience to Business Strategy

BPX Community - Bridging The Gap Between Business & It

Business Record Authentication and the Confrontation

ISIC 2018 »Bridging Social and Business Innovation · »Bridging Social and Business Innovation ISIC 2018 Special Call for Papers »Social Innovation and Forced Migration« Simone

Bridging the Business to IT Gap

Silverlight Business Apps: Module 3 - Authentication, Validation

Business Continuity Management (BCM) – Bridging the gap

Bridging the gap between Business Transformation and IT Transformation

Bridging Business and Biodiversity: Innovative Approaches

Family business and regional science: 'Bridging the gap'liu.diva-portal.org/smash/get/diva2:899513/FULLTEXT01.pdf · Family business and regional science: “Bridging the gap” In

Bridging the Silos - Smart Business Transformation with Anaplan

Bridging BI with Our Business - IBM · Bridging BI with Our Business ... store, shift, cashier, register or any combination? ... Retail Identify the most profitable customers

Science and Action: Bridging Sustainability and Business ... · Science and Action: Bridging Sustainability and Business Strategy Bonnie Nixon, TSC Executive Director November 3,

Bridging the Gap Between Business and Education

5063 - IT Operations Analytics Bridging Business and IT

Bridging the Business Data Divide: Insights into Primary and

Authentication and Transaction Security in E-Business

ISIRC 2018 »Bridging Social and Business Innovation« · »Bridging Social and Business Innovation« Call for Papers and Panels 10th International Social Innovation Research Conference

Bridging physical and financial business water risk

Business Process Management 2 Bridging The Gap Between Business And Technology

Silverlight Business Apps: Module 3 - Authentication ...az12722.vo.msecnd.net/silverlight4trainingcourse1-3/la… · Web viewSilverlight Business Apps: Module 3 - Authentication,

Bridging business analysis and business architecture - The Open Group webinar

Bridging the Gap Between Academia and Business · Bridging the Gap Between Academia and ... education & training field in BI ... “Bridging the gap between Academic and Business”

Bridging the Generations in Golf: Syngenta Business Institute

EXPANDING BUSINESS OPPORTUNITIES BEYOND BORDERS: BRIDGING … · EXPANDING BUSINESS OPPORTUNITIES BEYOND BORDERS: BRIDGING THE TRADE GAP BEWEEN KENYA AND TANZANIA ... Gaps in Fulfillment

BRIDGING THE GAP OF FILIPINO ART AND BUSINESS THROUGH …€¦ · BRIDGING THE GAP OF FILIPINO ART AND BUSINESS THROUGH FILM ART • BUSINESS ... facchollywood.org follow us on FB,

Bridging Business and Research

bridging business culture politics

Bridging the Gap between Tech and Business

Dynamic Authentication for Cross-Realm SOA-Based Business Processes

Bridging the Business IT Communication Gapdownload.microsoft.com/download/e/d/a/eda0e538-7773-4700...Bridging the Business –IT Communication Gap Requirements Visualization with Serena

Augmented Reality & Business: Bridging Virtual & Physical … · Augmented Reality & Business: Bridging Virtual & Physical Gaps ... augmented reality for marketing purposes.6 Figure