Security Threats That Face People Online - Essay Example

Security The paper delves into the concept of online security which is indeed a very fundamental concern in the present world. In this regard, Google is heavily investing in a series of authentication through the use of two-step verification. There is a greater need to realize a stronger user security and device identification and limit much of the insecurity. The paper identifies some of the common security threats that face people online. However, it is realized that while people are reactive about aspects of online security, they only invest slightly to reduce this risk. This is majorly done through passwords without strong authentication. Some of the major security concerns related to passwords include phising, reuse and the use of easy to guess passwords. Malware infection is also a major challenge to the use of passwords realized in many situations. In light of these challenges, authentication is therefore very critical and this can be achieved through two-step verification. Google has introduced a verification feature called 2sv. In using the verification, one logs into the Google account and after the normal username and password process they are required to submit a six digit verification which might be sent to them through a phone text message. This feature also allows for revocation of the trusted computers. The major strength of the paper lies in the fact that it vividly provides much lucid information on the kind of security threats realized on Google and how users should identify them. In the same way, it presents a solution to this challenge while providing its benefits effectively. However, the paper does not provide clarity on the aspect of Service Accounts and Delegation. In addition, the paper is weak on the aspect of Service –Side technology especially in relation to certificate transparency. 2) The credit card fraud seen in the notice is a typical example of a cybercrime. Conventionally, cybercrime takes many forms and many of these criminals seek ways and means of illegally obtaining money online. Considering that credit cards are normally used online in making payments, they are certainly vulnerable to cyber criminals. As seen in the case, many of the criminals usually create a series of false identities through which they create several credit cards. Such credit cards are the pumped up with money from credit bureaus. Others create sham companies which are then used to provide the credit bureaus with false information on the credit worthiness of the credit card owners who are actually false identities. The fraudsters also use a tradelines which are black market businesses used in committing fraud. It is therefore realized that the credit card fraud seen in the notice is indeed an aspect of cybercrime. On the other hand, the nature of the frauds as realized in the case might raise several questions on the aspect of general security and not just cyber security. It is seen that it was not only the virtual world that mattered in the commission of the crime but even real organizations which were not much protected from such scams. The case can therefore be viewed as a typical case of bank fraud as opposed to cybercrime. More importantly, the case can be viewed on the perspective of credit card security and can therefore be addressed by increased security from the credit card providers. 3) The Identity Ecosystem as postulated in the report is a kind of online environment where organizations and individuals will work together on trust and follow a set of agreed-upon standards. Each of these parties will be able to authenticate and identify their digital identities. This Ecosystem is basically intended to offer stronger identification while protecting the identity of the parties within. Indeed, it is important to note that such an environment might be a challenge to realize in the actual sense. Considering that it basically relies on trust between the organizations and the individuals, it is almost difficult for every party to follow the standards and processes that will be agreed upon. More importantly, some of the parties within the system will seek to interfere with the operations of the system and this will eventually affect its functionality. One major issue with the Identity Ecosystem is the presence of many parties which actually brings its feasibility to question. The Trustmark used in finding out whether the service provider or products have met all the requirements is said to be tamper proof and therefore very safe. However, it should be realized that in a situation involving many parties as in this case, the Trustmark will definitely be forged and the participants would not be able validate its authenticity. In the example given of an Identity Ecosystem, the whole thing appears too simplistic and some of the challenges that might be realized are not really addressed. It cannot really be error-free and this makes it inappropriate and almost infeasible. 4) The authors talk about the question of trust in human and computer networks. It is seen that trust in this respect must be built on both behavioral and computational facets. The need for trust arises out of the continued use of networks and the increase in the number of people and organizations online. For instance social networking, crowdsourcing and other avenues have created situations where scams and frauds abound. In this case, it creates the need for trust where people can trust one another and the information they get across the networks. The authors present their arguments through the use of theory in establishing trust relations between the various parties. In the same way, it is seen that much focus has to be placed on security research in order to find efficient and workable solutions to the challenge of lack of trust realized presently. In providing a solution the authors provide some usable models of trust in the form of communication models which can be used in addressing the challenge of trust. The importance of trustworthiness is highlighted as opposed to correctness. It is highly important that all the parties on the internet appreciate the need for being trustworthy in their online operations. Read More