Database Reference
In-Depth Information
c. Level of trust indicating the degree of verification that has been undertaken to ascertain
the genuineness of the ownership of the key by a particular individual or party
6. Secure e-mail commonly uses S/MIME (secure multi-purpose Internet mail extensions) that
utilizes encryption and certification to provide the needed security to messages.
The totality of infrastructure and system for managing public keys is referred to as a
public key
infrastructure
(
PKI
),
which includes
a. A hierarchy of CAs starting with a
root Certification Authority (rootCA)
that focuses only on
verifying the veracity of all these layers of CAs
b. Resolution for a number of issues like Government regulation of CAs, legal admissibility of
the Certificates, and liabilities in the case of a failure or fraud
14.6.4 Business Disruption
The common ways in which an electronic attack could disrupt the enterprise's business are as
follows:
◾
Viruses that are the most common form of attack that can result in incidental damages like
wiping of hard disks, overwriting or deletion of files, program crashes, and computers or
networks slowing down or even grinding to a halt. Even relatively harmless e-mails/messages
in large volumes can also clog the networks and disk spaces to render the system unusable
for prolonged periods. E-mail that is the
killer apps
of the Internet is also the most frequent
conduit for entry and spreading of viruses within enterprises.
◾
Denial of Service (DOS) attacks though not fatal can be equally damaging. This is similar
to a telephone exchange or a call center to be swamped by a barrage of spurious calls during
a critically timed teleservice event.
Consider a user receiving a message “URGENT: A new virus 'Happy Valentine' has
been detected that, if opened, would wipe your hard disk. Please e-mail this message
urgently to everyone you know.” If this message itself has an infected attachment, it
will lead to an endemic! Even if this message is uninfected, the volume of the result-
ing messages itself may slow down or even paralyze the network pipes.
14.7 Applications outsourcing (Ao)
Applications are evolving from those that facilitated a single business function (e.g., accounting,
payroll) to integrated application environments that facilitate business processes spanning entire
enterprises or the extended enterprises. This evolution entails more people, planning, and ongo-
ing management, especially for mission-critical applications that must maintain a high level of
availability. With such increasing complexity and the increased amount of time and skill needed
to keep up with the rapidly changing technology cycles, organizations are increasingly seeking
outside assistance in deploying, managing, and enhancing their applications.
