Security and privacy of electronic banking by
Yüklə 159,16 Kb. Pdf görüntüsü
|
|
a)
Education Your system is only as secure as the people who use it. If a consumer chooses a weak password, or does not keep their password confidential, then an attacker can pose as that user. This is significant if the compromised password belongs to an administrator of the system. In this case, there is likely physical security involved because the administrator client may not be exposed outside the firewall. Users need to use good judgment when giving out information, and be educated about possible phishing schemes and other social engineering attacks. b) Personal firewalls When connecting your computer to a network, it becomes vulnerable to attack. A personal firewall helps protect your computer by limiting the types of traffic initiated by and directed to your computer. The intruder can also scan the hard drive to detect any stored passwords. c) Secure Socket Layer (SSL) Secure Socket Layer (SSL) is a protocol that encrypts data between the consumer’s computer and the site's server. When an SSL-protected page is requested, the browser identifies the server as a trusted entity and initiates a handshake to pass encryption key information back and forth. Now, on subsequent requests to the server, the information flowing back and forth is encrypted so that a hacker sniffing the network cannot read the contents. The SSL certificate is issued to the server by a certificate authority authorized by the government. When a request is made from the consumer’s browser to the site's server using https://..., the consumer’s browser checks if this site has a certificate it can recognize. IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 4, No 3, July 2012 ISSN (Online): 1694-0814 www.IJCSI.org 442 Copyright (c) 2012 International Journal of Computer Science Issues. All Rights Reserved. |