Mar 3, 2010
Identify Verification
Identity verification technique using multi-factor
By FIRKHAN HAMID ALI KHAN
TRACKING SYSTEM USING THE BEST BETWEEN biometrics to verify INDIVIDUAL IDENTITY
--------------------------------------------------------------------------------
Now, security issues over access to an information system, especially for Internet applications become a major problem in a transaction, especially in affairs related to banking.
Processes and technologies used to manage user applications and their relationship with the network and Internet applications increasingly challenging from day to day.
So, multi-factor authentication system is the best alternative for the present to address security issues arising in the Internet application.
Application authentication system is a system of proof for a consumer real self and it will ensure that only authorized access to areas only accessible by the user.
Application authentication system can function at all levels of computer network infrastructure starting from the use of computer applications fire wall, E-mail application, database, router and applications of information technology is another.
Application authentication system will provide a very important safety information that is information with respect to whom and when an application is accessed or in and out of an information system and computer network.
Application authentication system that is used often to be based on several features of self-identification or identity of a user with the method as follows: --
1. Something that user knows, such as identification number (PIN), passwords and other.
2. Something that consumers have as identity cards, driving licenses and other.
3. Something about the physical self as a user or biometric fingerprint, voice, retina and other eye.
What will happen if the authentication system applications only focus on one factor only, such as smart card or password only.
What if you lose your smart card or password was obtained through the invasion on the Internet?
So, it is something that is very weak in security verification system user. Instead, the application authentication system based on biometrics is between very good and more secure with the addition of at least two-factor authentication is another.
This is because whatever you dimilliki equipment such as smart cards and others can be stolen by anyone and so are the things that you know, it can be guessed, shared or forgotten with arbitrary.
However, it is something that is difficult for you being intruded and became the strongest factor in the authentication system.
This combination will create a system of multi-factor authentication is more secure applications for penetrated by any party.
For example, in a process of withdrawal to an account that requires an account holder uses the card with fingerprint identification and electronic signature was also required on the withdrawal form.
This is the best example of which is multi-factor authentication system is used and it can be expanded to use in system verification applications on the Internet, especially those involving financial transactions such as Internet banking.
Use authentication techniques can be implemented for any purpose that is critical in an information system.
Kritikalnya situation that it can cause great loss to the organization.
Where, invasion activity of this verification system will result in loss of data, information or any sources of the important high-value.
Data that low-risk or low value is already sufficient to verify the system is often used.
System or process or verification techniques can be implemented more efficiently with several other components such as system identification with the name or log inSystem-level control of up to a level where a user can access to the information in the computerized system and others.
Combination of the three components is also more popular known as access control involving all three components of this control should answer to four basic questions like who is that yourself?
Are you a member here? What are your rights? Are you saying that you yourself is yourself?
Questions that must be answered before one is allowed access to information or resources that are protected either through the computer, application server, router and others.
However, existing applications authentication system known as the Management Information System Identity and sold in market access which includes the three elements and equipped with multi-factor authentication technique is.
It is up to the user or company concerned whether or not to use it.
This is because there are a few things or issues that need to be taken care before the implementation of knowledge such as user applications, information technology infrastructure needs, suitability of use with applications, and other costs.
Multi-factor authentication is also known as thick or strong authentication and two factor authentication techniques are also sometimes discussed under this category.
Irrespective of whatever technology and techniques used, kebolehgunaannya by users is a major factor and very important.
In addition, it helps to create a verification system applications more secure and reliable manner.
Users can use for identity verification security especially for their applications on the Internet that involves financial transactions more secure and confident with applications such as Internet banking.
lPenulis is a lecturer Faculty of Information Technology and Multimedia, Universiti Tun Hussein Onn Malaysia (UTHM).
by ismasyakila ended @ 9:03 AM
Feb 23, 2010
Wonder....
Write a short essay 'why I choose ICT subject rather than PA or biology?
Because ICT is moving very fast time to time. So, in future, I think most of the skills need to use ICT. All the industries nowadays using ICT in its process.
Intellectual property laws cover ideas,inuentions,literary creations,unique
names,business models,industrial processescomputer program codes and many more.
We need a laws and ethics to protect our property.
Define 'computer theft' and give an example of an activity that reflects computer theft.
Define of computer theft is as the anauthorized used of another person's property.
Example:
- Transfer of payment to the wrong accounts.
- Get online material with no cost.
- Tap into the data trnsmissian lines.
Hacking is a source of threat to security in computer.Define hacking and give an example of hacking.
Hacking refer to unauthorized access to the computer system by a hacker.
Example: Someone who accesses a computer network illegally but has to intent of destroying data.
by ismasyakila ended @ 10:30 AM
Differences of Computerised and Non-computerised Systems
COMPUTERISED AND NON-COMPUTERISED SYSTEMS
COMPUTER SYSTEM
A system is an arrangement of elements that when it is put together it becomes an organised and established procedure. A system typically consists of components connected together in order to facilitate the flow of information, matter or energy.
A computer system consists of a set of hardware and software which processes data in a meaningful way.
EDUCATION
• education is the science of teaching and learning of specific skills
• it also imparts knowledge, good judgement and wisdom
BANKING SYSTEM
BANKING BEFORE ICT
• banking was done manually by taking deposits directly
• transactions can only be made during working hours
• takes time to approve any loan applications
BANKING WITH ICT
• all transactions are done by computers
• transaction can be done at anytime and place
• online services, phone banking system, credit cards are available
INDUSTRY
INDUSTRY BEFORE ICT
Production was slow because everything was done manually and totally depended on human labour.
INDUSTRY WITH ICT
Computers and telecommunications industry became very opular and profitable since production can be increased through an all day operation.
COMMERCE
Commerce is an activity of exchanging, buying and selling of commodities on a large scale involving transportation from place to place.
COMMERCE BEFORE ICT
• Trading was made using the barter system and it was then later developed
into currency.
• Advertisement was in the form of word of mouth, billboards and printed
flyers.
• Trading globally was extremely slow, late and expensive. Traders had to find
ways to market local products in the global market.
COMMERCE WITH ICT
E-commerce plays an important role in the economic scene. It includes distribution, buying, selling and servicing products that are done electronically
by ismasyakila ended @ 10:24 AM
Feb 4, 2010
Question 2
People interact directly with computer in many fields in our daily life. ICT helps people in managing several sectors. But we have threat to computer such as viruses and natural disasters.
Questions :
- Name four main sectors that use ICT in their management
- Education sector : E-learning is used in many schools today. Teachers and students also can use a lot of information that are searched through the Internet that can be used in any subjects
- Health sector : Telemedicine is widely used in hospitals and clinics to transfer medical informations through Internet and telephones.
- Banking and business sectors : The use of ICT in banking is involve online transactions and online payments to save time and so do energy.
- Government sector : Using ICT for public sector to inform the people about taxes, parties and the people also can pay the taxes through this e-government.
- State two differences between worms and viruses
What Is a Virus?
A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can range in severity: some may cause 1. only mildly annoying effects while others can damage your hardware, software or files.
Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that 2. a virus cannot be spread without a human action, (such as running an infected program) to keep it going.
3. People continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending e-mails with viruses as attachments in the e-mail.
What Is a Worm?
A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but 1. unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.
The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example 2. would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that 3. the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding. In recent worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely.
- There are six types of security measures that can be used to protect our computer. Explain what is :
- Cryptography : Cryptography is a form of secret codes which is NOT known by anyone except for who invented it and to whom it refers to. This security measure is for protecting secret information and overcome computers and information being stole.
- Firewall : A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria.
by ismasyakila ended @ 10:09 AM