SECURITY FOR INTERNET AND WEB BASED
APPLICATIONS
Richard N. Zobel
Department of Computer Science
University of Manchester
U.K.
Abstract
The very nature of the Internet and the World Wide Web
provides an opportunity for easy access and communication.
However, experience has shown that, to be successful,
such freedom requires responsibility. or the majority,
the responsibility is a natural attribute. However,
for a minority, it is an opportunity for mischief and
criminal activities. This paper considers the opportunities
and problems of providing security for interaction and
transaction on the global networks so important and
useful in the everyday activities of an ever growing
proportion of the population of the world. In particular
it addresses the inevitable compromise between privacy
and national (and international) interests, between
private security and national security. These are inevitably
in conflict, and raise the issues of need to know, of
policing and of prevention, investigation and punishment
of crime. The development of e-business at all levels
is dependant on secure transactions, whilst allowing
governments and agencies such as Interpol and the United
Nations to have access for detection of illegal activities.
Naturally, human rights issues bring a further important
dimension to the discussion.
The paper addresses, amongst others, some or all of
the following topics and issues.
1. The provision of secure access to services.
2. The encryption and decryption of messages.
3. The technical problems associated with the various
current and future systems for providing such services.
4. The balance between the level of security and the
cost of providing it.
5. The issue of privacy and the security services.
6. Digital signatures
7. Authentication, certification authority, digital
certificates
8. Digital watermarks, map errors and copyright
9. Security and secrecy
10. Network attacks, forensics and profiling
11. National and cultural differences.
12. Some case studies - Mobile phones, Distributed interactive
simulation, Distance learning
Biography
Richard Zobel (rzobel@cs.man.ac.uk ) graduated in Electrical
Engineering from London University in 1963. His first
experience of simulation was obtained during 1962-66
at Sperry Gyroscope whilst working on naval surface
to air missiles, using mainly valve analog computers.
His Ph.D., obtained in 1970 at Manchester University,
concerned hybrid analog-digital computing. As Lecturer
and Senior Lecturer he became involved in digital signal
processing,
instrumentation and design environments with special
emphasis on the simulation aspects of real-time embedded
systems. He is a former Chairman of the United Kingdom
Simulation Society (UKSim), Former Secretary of the
European Federation of Simulation Societies (EUROSIM),
and is a European Director of SCSI, the Society for
Computer Simulation International. His current research
work concerns distributed simulation for non-military
applications, model re-use, distributed simulation model
databases, issues of verification and validation of
re-useable simulation models and security for distributed
simulation under commercial network protocols.