Safeguards for Preventing Unethical Use of Computers


(6)

      Private devices are inevitably brimming with personal information, since internet-connected devices are used for a variety of purposes as a part of peoples' daily lives. Without a firm protection, this information is prone to the violation and manipulation of the fraudsters. Such risks can be lowered with the following use of adequate safeguards against the unethical use of computers.

1. Passwords


(7)

      A password is a set of characters or words used to access to a private device, web page, network resource, or data (1). Passwords secure these devices or data to be only accessed by those who have the right to view or access them.

Strong passwords should contain:

  1. at least six characters (1)
  2. a combination of numbers and special characters (1)

      It is not recommended to use a word that can easily be found in a dictionary or any reference to personal information in the password, because the existance of fraud programs can put the security at risk.(2) Instead, there is an alternative way to remember a password such as using the first letter of each word in the phrase (2).

For example: "HmWc@w2—How much wood could a woodchuck chuck."(2)

2. Firewalls


(8)

      Firewall, a network device that forms a barrier between networks depending on its reliability, inherited its name from the physical firewall (5). It's because similar to the physical firewall, which is constructed to halt the spread of fire, the firewall in the context of computer security is used to block the unethical usage of the computer technology (5).
The following are some of the different types of the firewalls:

a) Packet Filtering Firewall

Packet filtering firewall follows a rule that blocks the traffic based on IP protocol, IP address and/or port number (5).
As a result, it allows all web traffic into the network, including web-based attacks.
Since packet filtering firewall has no way to distinguish good and harmful web traffic, it is necessary to install intrusion prevention along with the firewall security.

Packet filtering firewall is also stateless (5), meaning it leaves no record of previous information, and each interaction request is managed entirely based on the information within the request (4).
As a result, an additional problem with this type of firewall is that it can't distinguish difference between a legitimate return packet and a packet that deceives the firewall management system configuration to believe it formed an established connection and convince the management system to allow either kind of packets into the network.


b) Stateful Firewall

Compared to the packet filtering firewall, stateful firewall keeps track of active connections, which allows them to distinguish and allow packets into the network that are part of an established outbound connection. However, inability to differentiate safe and harmful web traffic. In order to prevent web attacks, it is recommended to install intrusion prevention, which detects and blocks the attacks from harmful web traffic.

c) Deep Packet Inspection Firewall

This type of firewall detects application layer attacks by examining the data within the packet.
However, there are three disadvantages: (3)

  1. Some does not necessarily examine the entire packet, as its definition of "deep" extends to a limited depth in the packet (3).
  2. Depending on the hardware, a firewall may not have adequate processing power to handle the deep packet inspection. It is mandatory for the users to be aware of the amount of bandwidth a firewall can manage (3).
  3. Embedded firewall management technology may not be able to supervise each attack at the same time (3).


d) Application Proxy Firewall

An application proxy intercepts all requests and validates them before passing them along. As a consequence, it is troublesome to operate all-encompassing application proxy, especially when each proxy cannot handle multiple protocols, such as a web or an email (3)

In order to be effective, application proxy firewall must thoroughly understand the protocol and prevent the violations of the protocol. (3) If the examination of a protocol does not correctly follow another protocol, or if a software implementors add their own extensions to a protocol, proxy blocking valid traffic, or the false positives, will occur, repelling the end users from enabling these technologies. (3)

3. Biometric Data


(9)

      Simply put, biometry is the "measurement of the human body". There are two categories of biometric technologies: Physiological measurements and behavioural measurements (5).

Physiological Measurements

Physiological measurements analyze either morphological or biological characteristic of the human being.


Morphological analyses mainly consist of: (5)

Biological analyses requires usage of the followings: (5)

Behavioural measurement analyze specific movements of a person, such as: (5)

Identity and biometrics

There are three possible ways of proving identity of an individual: (5)
  1. by means of something that you possess. (e.g. key to a vehicle, document, card)
  2. by means of something that you know. (e.g. password)
  3. by means of individual's identity (e.g. fingerprint, hand, face)
In contrast to passwords, keys, or documents, biometric data cannot be forgotten, exchanged, or stolen, and cannot be forgotten (5). Moreover, biometrics is inextricably linked to the one's identity, as it is to be proven by the calculations made by Sir Francis Galton, the possibility of finding two similar fingerprints is "one in 64 billion", even with identical twins. (5)

Questions

  1. What are the requirements for a strong password?
  2. Why did the firewall in the context of security system inherit its name from the physical firewall?
  3. What are two categories of biometric technologies?
    4. Answers

Bibliography


1) Computer Hope, Password, https://www.computerhope.com/jargon/p/password.htm, 2017.

2) Xavier Becerra, Protect Your Computer, https://oag.ca.gov/privacy/facts/online-privacy/protect-your-computer, 2018.

3) Secureworks, ,Firewall, https://www.secureworks.com/blog/firewall-security, 2016.

4) Margaret Rouse, Stateless, http://whatis.techtarget.com/definition/stateless, 2005.

5) Gemalto, Biometric authentication and identification, https://www.gemalto.com/govt/inspired/biometrics, 2018.

6) Grayshelter, Safeguards Against Hardware Theft and Vandalism, https://grayshelter.wordpress.com/2014/09/18/safeguards-against-hardware-theft-and-vandalism/ , 2014.

7) Flaticon, Password protection symbol on monitor screen, https://www.flaticon.com/free-icon/password-protection-symbol-on-monitor-screen_48817, n.d.

8) Naveed, Splunking Microsoft Windows Firewalls, https://www.function1.com/2015/04/splunking-microsoft-windows-firewalls, 2015.

9) EU Science Hub, Smart borders: towards automatic fingerprint identification, https://ec.europa.eu/jrc/en/news/smart-borders-towards-automatic-fingerprint-identification, 2016.