An overview of Internet security

The Internet has brought an enormous advance in permitting access to a large variety of data and in enabling a large number of activities to have a global reach. Its growth has been explosive and new uses for it are being found every day. In this moment one of its most serious problems is its lack of security, some high-profile recent incidents have made users wary and perhaps delayed their use of the Internet. We analyze here security aspects of the Internet. We start by providing some basic definitions. We then consider specific types of generic attacks, followed by an analysis of the reasons for these vulnerabilities, followed by possible countermeasures and strategies to improve this situation. We end with a discussion of topics for future study.

[1]  Alan Boulanger Catapults and Grappling Hooks: The Tools and Techniques of Information Warfare , 1998, IBM Syst. J..

[2]  Yan Xu,et al.  High-Level Security Issues in Multimedia/Hypertext Systems , 1997, Communications and Multimedia Security.

[3]  Roland Awischus,et al.  Role based access control with the security administration manager (SAM) , 1997, RBAC '97.

[4]  Eduardo B. Fernández,et al.  An abstract authorization system for the Internet , 1998, Proceedings Ninth International Workshop on Database and Expert Systems Applications (Cat. No.98EX130).

[5]  Rita C. Summers Secure Computing: Threats and Safeguards , 1996 .

[6]  Eduardo B. Fernández,et al.  Coordination of security levels for Internet architectures , 1999, Proceedings. Tenth International Workshop on Database and Expert Systems Applications. DEXA 99.

[7]  Qun Zhong,et al.  Security Control for COTS Components , 1998, Computer.

[8]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[9]  Anthony J. Nadalin,et al.  The Evolution of Java Security , 1998, IBM Syst. J..

[10]  Stuart Harvey Rubin,et al.  Distributed denial of service attacks , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[11]  Eduardo B. Fernandez,et al.  Metadata and authorization patterns , 2000 .

[12]  Helen Collinson,et al.  Holes in the net , 1995 .

[13]  Rolf Oppliger,et al.  Internet security: firewalls and beyond , 1997, CACM.

[14]  E. B. Fernandez,et al.  Determining role rights from use cases , 1997, RBAC '97.

[15]  Ehud Gudes,et al.  A Method-Based Authorization Model for Object-Oriented Databases , 1993, Security for Object-Oriented Systems.

[16]  Elisa Bertino,et al.  An Approach to Authorization Modeling in Object-Oriented Database Systems , 1994, Data Knowl. Eng..

[17]  Trent Jaeger,et al.  A Flexible Security System for Using Internet Content , 1997, IEEE Softw..