Database Reference
In-Depth Information
award stamps-of-approval to sites that simply stick to whatever privacy policy promises they have
made. The oldest and most well-known privacy seal program is Electronic Frontier Foundation's
TRUSTe (www.truste.org), which was started in 1997 and has more than 1300 companies as
members including AOL and e-Toys.
The threat to information privacy and security can never be eliminated, but controls and tech-
nologies can be applied to reduce the risks to acceptable levels. The challenges faced by the various
enterprises in this regard are described in the following.
14.6.1 Privacy
There are a number of aspects to privacy:
1. The captured user behavior representing the navigation and interaction of the user with the
system(s). To identify a particular user, the Web server writes/updates a small
cookie
file,
which is stored on the user system, to record predetermined pieces of information, such as
identity of every page visited by the user and every search performed by the user. While this
enables enterprises to provide customer-focused services, the compilation of the historic log
of searches and Website visits has major implications for privacy-related issues.
2. The transmitted user data as these travel across public networks are vulnerable to being
tapped much like telephone calls or being scrutinized at the Web servers much like done for
calls passing through telephone exchanges. This is resolved by encrypting that is, employing
a special
algorithm
(i.e., a process) for converting a normal
plaintext
message into an appar-
ently unintelligible
ciphertext
message that can be converted back into plaintext by using a
deciphering key, which is usually a 40-bit (i.e., a large) number.
The two basic types of encryption algorithms are the following:
a. Symmetric key algorithms/schemes rely on a single key to both encrypt and decrypt a
message; it is vulnerable to the key being revealed publicly rendering the system unus-
able or the original message can be tampered with or without being detected playing
havoc with the integrity of the system.
b. Pubic key algorithms/schemes work on the principle that the keys can only work in
pairs: one private key (which is maintained private) matches with exactly one public
key (which is made public) and that the key used to encrypt a message cannot be used
to decrypt it and vice versa. When the user wants to send a message, the message is
encrypted with the publicly available public key of the target recipient and, on receipt,
only the recipient can decrypt the message using the corresponding private key available
solely with the recipient.
A common compromise solution is to use symmetric keys to encrypt the messages
but to use public keys to manage the symmetric keys; consequently, the symmetric
key can be used for a set of transactions, also termed as the
session key
.
However, the largest vulnerability is attributable to the use of the public network, which is
also the reason for its ubiquity. This is resolved by establishing a
virtual private network
(VPN)
between the various nodes of the network. A VPN effectively functions as an extremely
secure link via the Internet (termed as a
tunnel
) between these nodes, without the need to
