Who Governs the Internet?

Basically, no one has ultimate control over the Internet. In other words, it operates without a central governing body. This is simply due to the fact that the Internet is made up from voluntarily connected networks. However, there is one corporation called the Internet Corporation for Assigning Numbers and Names (ICANN) which has more control over one aspect of the internet than any other. Click here Who governs the Internet?

ICANN is the international, self-governing body tasked with the authority to assign and control domain names and Internet Protocol (IP) addresses. The US government also has a role in controlling this system. Unfortunately, there are some issues on the Internet that ICANN had no authority over, such as pornography, gambling, and offensive writing. Click here Who governs the Internet?
.

Up till today, there is no one particular organization that has complete control or authority over the Internet. It is still governed by 3 volunteer groups:

Internet Activities Board (IAB)  - consists of Internet Engineering Task Force (IETF) and Internet Research Task Force (IRTF). IETF is responsible to develop and maintain Internet’s communication protocols, addresses problems and coordinates new services. IRTF is looks into long-term research problems that could be critical in five or ten years' time.

Internet Network Information Center (InterNic) provides various registry services needed for the Internet to operate effectively.
 

World Wide Web Consortium (W3C) is a joint initiative between the Massachusetts Institute of Technology (MIT), the European Council for Nuclear Research (or its French acronym: Conseil Européen pour la Recherche Nucléaire, CERN), andthe National Institute for Research in Computer Science and Control (or its French acronym: Institut national de recherche en informatique et en automatique, INRIA) to develop standards for the evolution of the web.

Click here Who governs the Internet?

Reference(s):

Shailendra Sial. (n.d.). Who governs the Internet? Retrieved Feb 6, 2011, from http://ezinearticles.com/?Who-Governs-the-Internet?&id=2002524

Who governs the Internet? (n.d.). Retrieved Feb 6, 2011, from http://www.webfaq.co.uk/#22

Who governs the Internet? (Aug 9, 2004). Retrieved Feb 6, 2011, from  http://www.w3concepts.com/w3Main/GoverningTheNet.htm

The application of 3rd party certification programme in Malaysia

Normally, the third party certification offers a measure of conformity, limit supplier cost without the expense of repeat tests, and satisfy the demand of the customer. Essentially, the assessment is carried out by an independent organization. When the assessment is successfully completed, the organization will then issue the certificate. Examples of such an organization include: 

MSC Trustgate.com Sdn. Bhd is a licensed Certification Authority( CA) operating within the Multimedia Super Corrider. It was established in the year 1999. It provides fully trusted services and security solutions to help companies securely perform open business transaction ands communications over the internet network. The government, enterprises, and many leading e-commerce sites, both locally and internationally, have recognised its  commitment in delivering high quality services.

MSC Trustgate is a member of VeriSign Trust Network and an affiliate of VeriSign in the South East Asia region. MSC Trustgate also is a subsidiary of the Multimedia Development Corporation. Among its objectives is catalyzing the growth of e-commerce by  creating a trusted e-environment that helps enlarge local businesses in the new economy. Click here Security and Trust
.

My key(MyKad PKI) is accepted by the courts of law in Malaysia and governed by the Malaysia Digital Signature Act 1997. It is the MSC Trustgate. MyKey Digital Certificate which is loaded into MyKad. The advantage for MyKey is that it is a proven technology that has been deployed by 4,500 corporations and government organizations as well as 366,000 e-commerce websites worldwide. Besides that, MyKey modules include MyKey Application Programming Interface (API), Signing module, Verification module, and MyKad Client Kit.
Click here MyKad PKI(MyKey)

Verisign SSL Certificates is the one of the trusted providers of Internet infrastructure services for the networked world. Billions of times each day, domain name services, and identity and authentication services can help consumers and companies all over the world to engage in trusted communications and commerce. Verisign Identity Protection (VIP) services can help you to securely log in your personal account through online services. Two-factor authentication, a powerful validation infrastructure and self-learning fraud detection offers a cheaper and secure solution from the trust brand on the Internet offered by VIP.

.

Authentication Services allows second factor authentication for a range of OATH- compliant credential form factors. Choose from tokens, mobile phone credentials, credit-card sized credentials to provide more reasonable price and convenient options for your valuable consumers. Apart from that, consumers conveniently log in to multiple web sites through one credential also is an advantage for enterprises. The VeriSign Fraud Intelligence Network to block the potential fraud source by warning of attacts and comprehensive watchlists. VIP Fraud Detection Services automatically responds  in regards to your intervention settings and detects anomalies through a behavior engine and a rules engine. In the year 1998, the .com and .net top-level domain names have been supported by VeriSign which operates the Internet infrastructure.
.

SSL certificate, InstantSSL certificates, wildcard certificates, and Verisign certificates. Users can enjoy network security environment and a secure ecommerce base because 256 bit encryption is provided from most SSL certificate vendors. Click here Verisign Authentication Services





Reference(s):

Security and Trust. retrieved feb8,2011 from http://www.msctrustgate.com/

Verisign Authentication Services retrived feb8, 2011 from http://www.verisign.com/ 

MSC Trustgate.com.Sdn.Bhd.MyKad PKI(MyKey).  retrieved feb8, 2011 from  http://www.trademal.com/global/index.php/id/17463/target/product/task/viewdetail/cat/31626
 

How to safeguard our personal and financial data?

Nowadays, the internet is a very essential and common utility and communication medium to everyone. You can do many activities through the  internet, like for example, financial transactions such as online banking in order to save time and inputting our personal data into the computer. However, the internet also presents a disadvantage to the users such as when hackers and scammers can easily access your  financial data and personal information without our knowledge nor permission. Therefore, computer users must take safeguards to secure their data on the internet.

HERE ARE SOME SIMPLE SAFEGUARDS

Use security software
Anti –virus softwares such as Kaspersky, AVG and other antivirus programs can help us scan our computer and e-mails to prevent viruses from destroying our data. A firewall program, too,can preven hackers  and viruses from gaining access to your financial data and personal information without our permission. In order to be well protected, you must alway make sure that your virus definitions are up to date. Click here Internet Security - Safeguard Your Personal and Financial Data
.
Use a password and a username
Use a strong password or pass-phrase to protect against hackers who could figure out simple passwords, just by learning our IC number, handphone number, and birth date. A mix of  uppercase and lowercase numbers, letters, and symbols will offer you  more security. Click here Safeguarding your data

Avoid accessing financial information in public
It will prevent hackers from easily  logging on to check your bank balance when one is working from a restaurant that offers wireless access.

Use a credit card with a small limit
Online purchases and mail-orders easily allow a dishonest sales clerk to use your credit card information and thieves won’t be able to rack up many bills before being blocked, if one makes purchases with a low credit limit.

Approach e-mail attachments with care: Hackers and other online criminals might persuade you to share your personal information such as account number, passwords and other sensitive information through e-mail. Click here Why can't we protect our data?

Encryption: The process of encryping a message in such a way that it is expensive, time consuming, and hard for hackers to decrypt it. This process only allows the authorized person with the correct password who can see and use it. For example: the symmetric (private) key system  uses a similar key to encrypt and decrypt the message, whereas the asymmetric (public) key encryption  uses a pair of matched keys to encrypt and decrypt the message. Click here Safeguarding Your Data

Always back up important files and delete cookies: You must always back up your important financial data and personal information in a safe place. Besides that, you must preferably delete cookies after using the computer because these cookies can easily track down the password and username of the owner of the computer. Click here Why can't we protect our data?






Reference(s): 

Silki Garg. (Mar 24, 2009). Internet Security - Safeguard Your Personal and Financial Data. Retrieved Feb 8, 2011 from http://www.artipot.com/articles/312434/internet-security-safeguard-your-personal-and-financial-data.htm

MS-ISAC. (March 2007). Safeguarding your data. Retrieved Feb 8, 2011 from http://www.msisac.org/awareness/news/2007-03.cfm

Steve Schuster. (2006). Why can't we protect our data?. Retrieved Feb 8, 2011 from
http://www.educause.edu/EDUCAUSE+Review/EDUCAUSEReviewMagazineVolume41/WhyCantWeProtectOurData/158084

US-CERT. (Feb 16, 2009). Safeguarding your data. Retrieved Feb 8, 2011 from http://www.us-cert.gov/cas/tips/ST06-008.html

Phishing: examples and its prevention methods

Phishing is an attempt made to steal personal data like user names, passwords or credit card details using online methods, especially email, for  fraudulent purposes, otherwise known also as identity theft. The process is started by sending fake emails to you with a link to a trusted source, such as your bank. When you enter your personal data at log-in  you are then redirected to a fake website. from where the pishers get your personal information. Another method is the phisher sends out messages with a file attachment. When you download the document which contains a virus, your computer is affected and the virus will send your personal data to the phisher.

Click on this link: http://www.ebay.com. The link will redirect you to amazon. This is an example of phishing. Click here What is Phishing – eBay Phishing Examples

Examples:-

PHISHING EMAIL

 

MESSAGE FROM EBAY MEMBER

UPDATE CREDIT CARD INFORMATION

RE-ENTER ACCOUNT INFORMATION

BANK PHISHING

 

ACCOUNT VERIFICATION

 

To prevent phishing, we have to know how to detect it. There are several ways to detect phishing messages.

• Remember that legitimate businesses will not ask for personal information through email. If they do, that kind of email is probably a phishing email.
• If an email asks you to "update your information" or "confirm your user and password", this is also likely a phishing message.
• normally, phishing mail will not address you personally.
• The email states consequences that will occur if you do not verify your details.
• The message gives us wrong information, for example, the bank below is a building society.
• Usually there are spelling and grammatical errors in the messages. Click here Fraudulent e-mails, are you aware?

Methods to prevent phishing are as below:

• Always check who is sending the email
• If there are phone number and address provided, match it with the address and the contact information provided originally by your bank.
• Re-confirm with the bank whether they have sent any email to you.
• use a strong password which does not display your personal data
• Install updated antivirus and anti-spyware software
• Never give your persosnal information by email and if  the web address begin with "https" rather than "http", this provides an additional security.
• Don't reply to any of the emails or pop-up messages that are asking for your personal or financial information
• Don't click on any of the links given in the suspected messages.
• Check your credit card statements to make sure that there are no unauthorized charges in them.
• Forward any suspected phishing e-mail to spam@uce.gov, or to the company or bank, if applicable. Click here Ways You Can Help Protect Your Computer to Avoid Phishing
  

Reference(s): 

Bustathief.com. (2010). What is Phishing - eBay Phishing Examples. Retrieved Feb 7, 2011 from http://www.bustathief.com/what-is-phishing-ebay-phishing-examples/

Nationwide Building Society. Fraudulent e-mails, are you aware? Retrieved Feb 7, 2011 from http://www.nationwide.co.uk/security/further-information/phishing/Fraudulent-e-mails.htm 

Jake Ruston. (Apr 1, 2010). Ways You Can Help Protect Your Computer to Avoid Phishing. Retrieved Feb 7, 2011 from http://business.ezinemark.com/ways-you-can-help-protect-your-computer-to-avoid-phishing-4efbed7ab34.html

The threat of online security: How safe is our data?

The internet is a public system where every transaction can be tracked, logged, monitored and stored in many places. Therefore, it is essential for a company or an individual who carries out business through the internet be aware of potential security threats that would easily harm their business. The same precaution applies to other individuals who are using the internet.

Online security threat occurs when some of the online users try to attack other online users by exploiting the internet's security loopholes through criminal behaviours. The following are related definitions and some of the harmful security threats on the internet.

Hacker - is the person who breaks into the computer site of the online computer users either for profit or for "challenging their security strength" purposes. Hacking simply means exploiting the vulnerabilities of the operating system.

 Malware - is a malicious software program designed to damage the computer system. Examples are viruses (or "worms") and spywares.

Virus - is a form of malware that accesses a computer system by attacking it in order to disable the system or otherwise harming it in other ways with or without the knowledge of the owner. Once a computer has been attacked by viruses, it will automatically spread to all other connected computers if there are no security steps taken.  

Spyware - is intended to steal confidential data from the computer users. It can be delivered in different ways such as being attached with legitimate softwares.

 

 

Adware - is an advertising-supporting program which automatically displays advertisements on websites in a computer. These advertisements can usually be viewed through pop-up windows. 

 

 

Trojans - is a malware that is contained in a seemingly harmless program but which gets control of and harms all other programs in a computer.

 

 

Phishing - typically means stealing confidential and sensitive personal information of online users by trickery. It is usually carried out by emails.

 

 

Keylogger - is a program installed on the computer to monitor each key that a user types on the keyboard. It is usually used to collect secret and personal information such as username, password and credit card information.

.

Security threats are usually transmitted through some of these applications and program vulnerabilities:

-File sharing application

-Instant messaging

-Web servers and services

-Weak passwords

-Outdated antivirus and anti spyware programs 
Click here Security Vulnerabilities and Threats

Well, several solutions can be carried out to prevent security threats.

-Don’t open any website links that you receive from unknown users.

-Install firewalls on your gateway computer.

-Never open an email attachment from the unauthorized source.

-Install an up-to-date antivirus program and anti spyware program on your computer.
Click here Security Solutions

Reference(s):

Security risk on Internet. (n.d.). Retrieved Feb 6, 2011, from http://www.networktutorials.info/advancenetworking/internet-security-threats.html

Security threats to Ecommerce. (n.d.). Retrieved Feb 6, 2911, from http://www.exampleessays.com/viewpaper/54196.html