Retrieved from https://studentshare.org/other/1408656-computer-security
https://studentshare.org/other/1408656-computer-security.
A. Publicizing an attack. In 2009, a Black Hat conference was held and one of the topics was to educate the public about the vulnerabilities of Iphone. The group also warned Apple about the problems with Iphone so Apple engineers found ways to fix that. This is also the logic why commercial enterprises publicize an attack. This is an appropriate response from a commercial enterprise because they are concerned with customer relationship building. Such companies want to be ethical by being honest about the weakness of their products.
At least, the general public is forewarned and can seek preventive measures. Moreover, even if the vulnerabilities are exposed, it is likely that the hackers have used that information before. B.Keeping the attack confidential. This approach is being lauded by many organizations because this restricts the movements of hackers who are looking for exploits. This approach is good for government agencies because the general public can react hysterically once they learn that public agencies are not that secure.
Perhaps, this approach should be used by organizations and agencies that can compromise national security. 2. The symmetric type of encryption is more popularly used simply because it more convenient and faster to implement than asymmetric encryption. This is due to the fact that same key is used to encrypt and decrypt the code by both receiver and sender of the message. There are many two main types of symmetric algorithms – block and stream ciphers. Examples of symmetric key cryptography are: DES, IDEA, AES and RC2.
So far, DES is the most commonly used form of symmetric key. The only challenge presented to this method of encryption is that both parties must have a secure method when exchanging keys. Also, problems in verification can be encountered because both sender and user share the same key. Nevertheless, symmetric type is still used due to its speed and efficiency. The asymmetric type of cryptography uses two keys instead of a single key. These keys includes a public key that serves to encrypt messages and a private key that’s responsible for decrypting message.
Using a public key had benefits such as enabling it for use by anyone given the right to do so. However, asymmetric type is much slower to use since it utilizes more computer resources and there’s also a possibility that widespread security can be compromised. It is crucial that a private key be guarded or else access is very possible. Commonly, asymmetric is used for online entities to verify digital signatures. 3. Iris scan verification or “Iris recognition” is a biometric authentication that utilizes the irides of a person.
The technology was developed by John Daugman, a Harvard University professor, who was approached in 1989 by two ophthalmologists, namely: Aran Safir and Leonard Flom who originally patented the concept. Iris scan authentication has many advantages including the following: 1. Since the “iris” is part of an authentication that you already have, there is no risk of misplacing it or forgetting to bring it along with you unlike USBs, magnetic cards etc. There is also no need to remember any password which may be forgotten or hacked. 2. The iris is as unique as the fingerprint.
Its formation is determined as early as embryonic gestation in a random manner. No two people have the same iris formation. 3. The technology does not violate any personal space such as search, frisking, touching, or even getting into contact with an object such as fingerprint scanning. The person just has to stand in front of the camera and immediately be authenticated. However, this type of authentication has minor flaws. For example, that the eyelashes and eyelid covering the iris minimizes the accuracy of the shot.
Plus, it takes a large budget to employ this authentication method. Nevertheless, correctional facilities and some airports use this biotechnology authentication for it has more benefits. 4. There are two sides to this controversial issue. First, open source developers claim that not just because the codes are exposed, the system is already vulnerable. On the other hand, arguments coming from the public sector claim that open source cannot be used for very sensitive information because it has not yet attained the level of security warranted by proprietary systems.
My belief is that proprietary systems are just as vulnerable as open source systems. Open source systems can be secure since the developers can easily find vulnerabilities in the program since other people are also looking at it. Certainly, developers of open source programs have long thought of securing the codes since these would be used at an enterprise level. Also, it s easier to fix an open source vulnerability than a closed source since opens source is more flexible to use.
Read More