To counter or reduce the security threast recived under this category, many protection methord are used. These protection methord are being discused briefly in the coming lines.
(1) Authorization: Authorization determines whether the service provider has granted access to the web service to the requestor. Basically, authorization confirms the serivice requestor's credentials. It determines if the service requestor is entitled to perfome the opration, which can range from invokingt the web servicde to executing a certain part of its functionalite.
Authorization is perfomed by asking the user a legal loging-id. If the user is able to provide a legal login-id, he/she is considered an authorized user.
(2) Autentication: Anthentication enures that each entity involved in using a web service- the requestor, the provider, aand the broker (if there is one) -is what it actually clamis to be. Authentication involves accepting credentials from the entity and validating them against an authority.
Authentication is also termed password-protection as the authorized user is asked to provide a valide password, and if he/she is able to this,he/she is considered to be an autheentic user.
(3) Encrypted Smart Card: Passsword in a remote log-in sesion generally pass over the network in unencrypted forms, any hacker(or craker) can simply record it and can use it later maliciouly to corrupt data/files or to harm anyone etc. To counter such threats, newer approaches are suggested such as encrypted smart cards .
An encrypted smart card is a hand-hald smart card that can generated a token that a computer system cn recognise. Everytime a new and diffrent token is generated, which even-thought craked or hacked, can not be used later.
(4) Biometric System: The biomatric sytstem from the most secure level of authorization. The biomatric system involve some unique aspect of a person's body such as finger-print, retinal patterns etc. To establish his/her identity.
(5) Firewall: A system designed to prevent unauthorized access to or from a private network is called firewall. Firewalls can be implemented in both hardware and software, or acombination of both. Firewall are frequently used to prevent unauthorized Internet user from accessing privent networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blockes those that do not meet the specified security criteria.
There are several types of firewll techniques:
Packet filter: Lookes a each packet entering or leaving the network and acceps or reject it based on user-defined rules. packet filtring is fairly effective and transpareant to user, but it is susceptile to IP spoofing.
Application gateway: Appplies security mechanisms to specific aplication, such as FPT and Telent erver. This is very effective, but can imppose a perfomance degradation.
Proxy server: Intercepts all message entering and leaving the network. The proxy server effectively hides the true network addresses.
Circuit-level gateway: Applise security mechanisms when a connection is established. One the connection has been made, packets can flow between the hosts without further checking.
In practice, many firewall use two or more of these techniques in concert. A firewall is considred a first line of defense in proctecting private information. For greater security, data can be encrypted.
No comments:
Post a Comment