1 / 27

Security, Privacy and Freedom

Security, Privacy and Freedom. By: Fong-Ting Yau and Ralph L Fidel. “There is no privacy in this digital world.”. What does it mean to be “digitally” secure?. All personal data and digital transactions are kept confidential

kagami
Download Presentation

Security, Privacy and Freedom

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security, Privacy and Freedom By: Fong-Ting Yau and Ralph L Fidel “There is no privacy in this digital world.”

  2. What does it mean to be “digitally” secure? • All personal data and digital transactions are kept confidential • Each user remain unique and their identity protected (from fraud, etc.) • Users granted freedom to access and modify their information freely

  3. Presentation Overview • Security of Online Banking • Security of Credit Card transactions • Local File/Network Security • Security of Digital Correspondence and Real Time Chats • Does privacy exist in the digital world?

  4. Online Banking You can now access your bank account online! • Check balance • Check recent transactions • Update direct deposit/withdrawal • Access credit card information • Make bill payments • Ability to consolidate multiple accounts • Apply for Investments and Loans • Financial Planning

  5. Form and Function Initial Purpose: Once limited to bank visits and telephone calls, online banking is a growing trend allowing bank customers the ability to access and manage all their accounts in the privacy of their homes or any other location (convenience). • When visiting your bank’s website, you are prompted to enter personal information that include your name, bank number and usually, if registering for the first time, a validation code that you receive from contacting an actual banking representative. • Although the majority of the process is automated, the user is usually required to first contact their bank (through telephone or by visiting a branch) to set up this feature. (Wikipedia: Credit Card, 2006)

  6. Case Study #1 Carol, an elderly woman, has just discovered that she is able to access her bank account online. She rushes to the library and quickly entering in the requested information, she transfers funds from her chequing account to her savings account. Satisfied, she smiles and leaves.

  7. Possible Security Flaws • She is using a public computer, leaving her information exposed to those who know how to access usage internet logs. • She may have inadvertently left the banking window open allowing the next user complete access to her accounts.

  8. Online Banking: The Now • Banks use various methods to ensure the security and feasibility of banking online: • Personal Verification Question • Access Logs • Session Time Outs • Last Sign On feature • 128-bit Encryption

  9. Online Banking: The Now • Users ought to be held accountable, at least in part, to ensure the protection of their own information: • Ensuring the website is legitimate • Ensuring aforementioned banking features are present • Obtaining a hardcopy of recent transactions • What to do if you are a victim: Contact your bank as soon as possible!

  10. Credit Cards What can you do with your credit card nowadays? • Make online purchases (Ebay, Amazon, PayPal etc.) • Make subscriptions (automatic withdrawals) • Means of insurance regarding transactions (collateral) • Means of personal identification • Establish a credit history

  11. Form and Function Initial Function: Credit Cards are a means of ensuring secure transactions - because they are processed without a long clearance period (unlike cheques). Credit card transactions are especially useful for making online purchases and have become the standard method when dealing with such exchanges. • With the advent of services such as Ebay and PayPal, consumers are free to sell their goods to other consumers safely.

  12. Case Study #2 Patrick is about to make his very first purchase online. The website has asked for his full name, address, and contact phone number. Credit card in hand he carefully fills in the form, enters the numbers on the card and confirms his purchase without much hesitation.

  13. Possible Security Flaws • Someone else could be recording Patrick’s information without his consent. • Someone, other than Patrick (but with his credit card), could’ve easily completed this transaction without any form of identity verification. • The source website may not be legitimate, and Patrick may never receive the item but would still be charged for it =(.

  14. Credit Cards: The Now • Credit Card companies use various methods to ensure the security of their clients: • Credit Card Insurance • Requiring a four digit personal identification number • Advent of forgery resistant smart cards • Implementation of Card Verification Value/Code (CVV/CVC) (CIBC, 2006)

  15. Credit Cards: The Now • Credit Card holder’s obligation to security: • Always report lost or stolen cards • Ensure source is credible before providing credit card information • Always obtain and review a hardcopy of recent transactions

  16. Local File/Network Security • Local files include those present on your computer’s hard drive • Local Network include all machines (computers, routers, modems, etc.) present in your home network

  17. Form and Function • Initial Purpose: Initial attraction of networking was to share disc space and laser printers • In the days before personal computers, a site might have just one central computer, with users accessing this via computer terminals over simple low-speed cabling • Through the development of CP/IM and DOS (Operating Systems), a single site began to have dozens and even hundreds of computers (as a result, more individuals may be at risk for having their information exposed to others). (Wikipedia; Local Area Network, 2006)

  18. Case Study #3 Sue is setting up her first wireless home network. After installing her wireless network cards, connecting her router, she logs onto the network and transfers files from her desktop to her laptop.

  19. Possible Security Flaws • Without knowing about network security, her home network is vulnerable to outsiders (her neighbors could easily access her files and even hijack her internet). • Without changing her default password, others could access her router settings and change its password, locking her out of her own network!

  20. Local File/Network Security: The Now • Various methods for securing your files: • Hardware/Software firewall • WEP • Local Computer/Network Access Passwords • External Media Backup • Stay Informed • What to do if your system/network is compromised: • Change your passwords immediately • That’s what backups are for! (Potter, 2006) (Tyson, How Firewalls Work, 2006)

  21. Digital Correspondence and Real Time Chat • What does this include? • Instant Messaging • Online Discussion Forums • Online Communities (MySpace) • Blogs (Livejournal, Xanga, etc.) • Chat rooms • Email

  22. Case Study #4 Cam, a young student, has accessed his school’s online discussion forum. He posts regularly and has met a new friend posting from a different school. This particular friend has invited Cam out to the movies, but has asked for his address in order to pick him up.

  23. Possible Security Flaws • Cam’s new “online” friend may not necessarily be who he expects • By giving out such personal information, his safety and that of his family may be in jeopardy

  24. Digital Correspondence and Real Time Chat: The Now • Precautions to Take: • Never give out personal information • Avoid meeting with strangers you meet online; if unavoidable, take all necessary precautions (McKenna, 2006)

  25. The Fine Line Between Security and Freedom Online Banking: “Almost 40 million people logged on to a banking Web site in the fourth quarter of 2005, according to comScore, based outside Washington, D.C. That was a 27 percent increase over the fourth quarter of 2004.” (http://bankwatch.wordpress.com/2006/04/15/statistics-us-online-banking/) Credit Card: The Federal Trade Commission shows that 42% of Identity theft cases involved credit card fraud (http://www.myidfix.com/creditcard-fraud.phphoth.lib.ucalgary.ca/uhtbin/cgisirsi/X/UCALGARY/0/5/) Local File/Network Security: 60% of all corporate data assets reside unprotected on PCs.
Source: Search Security Newsletter, April 4, 2002(http://www.pcsecurity.com/html/2178.html) Digital Correspondence: 25% of remote workers said they open unknown emails when using work devices (Furnell, 2006)

  26. So… Is there privacy in this digital world? Yes and no; Complete privacy in this technological era is something that must be constantly attained and re-attained. Through the use of the internet users are granted access to a plethora of information in the struggle against hackers, identity thieves, scammers, etc. (Alladin Securing the Global Village, 2006)

  27. References • Furnell, S. (2006). Securing the home worker. Network Security, vol 2006. Pp. 6-12. • McKenna, B. (2006). ‘Social networking’ study shows cybercrime risk. Network Security, vol 2006. Pp. 2. • Potter, B. (2006). The changing face of IT security. Network Security, vol. 2006. Pp. 16-17. Tyson, J. (n.d.). How Firewalls Work. Retrieved November 29, 2006, from howstuffworks Web site: http://computer.howstuffworks.com/firewall.htm • (n.d.). Credit Card. Retrieved November 22, 2006, from Wikipedia Web site: http://en.wikipedia.org/wiki/Credit_card • (n.d.). Local Area Network. Retrieved November 21, 2006, from Wikipedia Web site: http://en.wikipedia.org/wiki/Local_area_network • (2006). Online Banking Security. Retrieved November 22, 2006, from CIBC Web site: http://www.cibc.com/ca/legal/online-banking-security.html • (n.d.). Security Statistics. Retrieved November 29, 2006, from Alladin Securing the Global Village Web site: http://www.esafe.com/home/csrt/statistics/statistics_2005.as

More Related