Internet security relies on specific resources and standards for protecting data that gets sent through the internet. This includes various kinds of encryption such as Pretty Good Privacy(PGP). Other aspects of a secure web setup includes firewalls, which block unwanted traffic, anti-malware, anti-spyware & anti-virus programs that work from specific networks or devices to monitor internet traffic for dangerous attachments. Internet security is generally becoming a top priority for both businesses & governments. Good internet security protects financial details & much more of what is handle by a business or agency’s servers & network hardware. Insufficient internet security can threaten to collapse an e-commerce business or any other operation where data gets routed over the web.
Web security may be termed as technological & managerial procedures applied to computer systems to ensure the availability, integrity & confidentiality of computer assets & services from associated threats & vulnerabilities.
Concept of Internet Security :
Three basics security concepts important to inforation on the internet are confidentiality, integrity, &availability. Concepts relating to the people who use that information are authentication, authorization & non-repudiation. Integrity and confidentiality can also be enforced on web services through the use of transport layer security(TLS).both SSL and TSL are the same.
The concept of integrity is divided in 2 forms:
A) Data integrity:
this property, that data has not been altered in an unauthorized manner while in storage, during processing or while in transit. another aspect of data integrity is the assurances that data can only be accessed and altered by those authorized to do so. often such integrity is insured by use of a number referred to as message integrity code or message authentication code. This are abbreviated as MIC and MAC respectively.
B) System integrity:
This quality states that a system has when performing the intended function in an unimpaired manner, is free from unauthorized manipulation. Integrity is commonly an organizations most important security objective, after availability. Integrity is particularly important for critical safety and financial data used for activities such as electronic funds transfers ,air traffic control ,and financial accounting.
Confidentiality is the requirement that private or confidential information should not be disclosed to unauthorized individuals. Confidentiality protection is applies to data in storage ,during processing ,and while in transit. For many organizations ,confidentiality is frequently behind availability and integrity in terms of importance. For some types of information ,confidentiality is a very important attribute. Examples includes research data ,medical and insurance records ,new product specifications ,and corporate investments strategies. In some locations ,there may be a legal obligation to protect the privacy of individuals. This is particularly true for banks and loans companies; debt collectors; businesses is that extend credit to their customers or issue credit cards ; hospitals ,doctor offices ,and medical testing laboratories; individuals or agencies that offer services such as psychological counseling or drug treatment; and agencies that collect taxes.
Availability is a requirement intended to assure that system works promptly and services is not denied to authorized users. This objective protects against , intentional or accidental attempts to either perform unauthorized deletion of data otherwise cause a denial of service or data. Availability is frequently an organizations foremost security objective. To make information available to those who need it and who can be trusted with it, organizations used authentication and authorization.