Technolegal Blog

Security Attacks Associated With Session Misconfiguration

noreply@blogger.com (Ankit) — Tue, 15 Sep 2020 10:47:00 +0000

When application have authentication feature then it is very important to manage the session securely. There are multiple vulnerabilities occurs due to misconfiguration of session. Mainly application manages the session via cookie which we can also say session ID. A session ID is a unique number assigned to identify a user accessing a web application. The application usually creates a session cookie and session ID for each valid session, and these cookies can contain sensitive data like username, password, etc. It is important to maintain the confidentiality of a session ID so other users or attackers do not use it to access the same account. On logout and on browser close event session cookie should be invalidated at server, so that it can not be reuse and for each session there should be new cookie.

Session ID must be validate at server end whenever it is getting any request from client, so that server can check if request is coming from legitimate user or not. Session ID entropy should also be excellent. There are multiple session related vulnerabilities occurs due to session misconfiguration which can be use by any attacker to perform attacks on application.

HOW TO CHECK SESSION COOKIE IN BROWSER

1. In Chrome, go to Options then More Tools and then developer tool on tab where your application is open.

2. After that on Developer Tools, go to Application and check for Cookies in Storage.

3. In below screen shot you can see JSESSIONID is cookie for this application:

4. After Authentication, new cookie has been assigned by server which is Session Cookie:

ATTACKS ASSOCIATED WITH SESSION ID

Session Hijacking

The Session Hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the Web Server. The session token could be compromised in different ways, the most common are:

· Predictable session token

· Session Sniffing

· Client-side attacks (XSS, malicious JavaScript Codes, Trojans, etc)

· Man-in-the-middle attack

· Man-in-the-browser attack

Session Fixation

Session Fixation is an attack that permits an attacker to hijack a valid user session. The attack explores a limitation in the way the web application manages the session ID, more specifically the vulnerable web application. When authenticating a user, it doesn't assign a new session ID, making it possible to use an existent session ID. The attack consists of inducing a user to authenticate himself with a known session ID, and then hijacking the user-validated session by the knowledge of the used session ID. The attacker must provide a legitimate Web application session ID and try to make the victim's browser use it.

Session Puzzling

Session puzzling is an attack that occurs when the application session variable is using more than one purpose. The other name of session puzzling is session variable overloading. This attack generally performed on forget password functionality. This vulnerability enables the attackers to bypass authentication, escalate privileges, user impersonation, bypass flow restrictions, and to perform multiple other attacks.

Session Replay

Session Replay also known as replay attack or playback attack, occurs if application session is managed via cookie and it do not have a set session expiration time. Some web applications allow reusing the old session ID to access the resources without re-authenticating the user, this can cause session replay attack.

Insufficient Session Expiration

Insufficient session expiration is a vulnerability in which session expiry is too long. Session timeout is comprised of two different types one is due to inactivity and other is absolute, both can be customized according to type of business and company policy. An inactivity timeout is, if user is inactive, not performing any task and is in idle state so session get timeout after particular amount of time. And absolute timeout is allowed active time per user per session.

Session Cookie Attributes

There are some cookie attributes which provide extra layer of security to session cookie from being stolen and use to perform malicious activity.

These attributes are:

· Secure – It will pass the session cookie only via encrypted tunnel.

· HTTPOnly – By this, client-side script will not be able to read cookie value.

· Domain – It signifies the domain for which the cookie is valid.

· Path – Should be set to application root rather than web server root.

· SameSite - Use for mitigating the risk of cross-origin information leakage.

· Expires – It signifies how long the browser should use the persistent cookie.

Web Cookies and its Legal Facet

noreply@blogger.com (Ankit) — Fri, 11 Sep 2020 13:53:00 +0000

Most of the experienced web visitors and even new visitors are now familiar with the use of cookies these days. Cookies are small data files that are being put on your hard drive by Websites when you visit them. They install cookies into your system for many different reasons. One of them is to identify you as a distinctive visitor by identifying your Web browser software. When your return to the Web site that has stored a cookie, it will search your computer for those cookies, and they will know past activities. It may also update your previous cookie. This way the site can customize its contents depending on previous activities. It will also allow the site to provide customized news, weather, sports information, and many other things based on stated interests. In theory, a cookie only transmits information back to the Web site that put it there and can’t be accessed by other parties. But some Internet advertising companies had crossed the limits of using their own cookies. These companies use cookies to create highly sophisticated profiles of online visitors, most of the time without visitors’ knowledge and usually without their consent.

As the use of cookies is for providing the user the better experience for their web pages visit but the excess use of cookies and mostly the sophisticated cookies which create an online profile of the user for the purpose of advertising has centrality raising the issue of breach of privacy of a user. In this paper the technical and legal issues regarding the cookies are addressed and also how to save the user from the breach of privacy has been discussed. Even though cookies serve an important role in today’s e-commerce and advertising industries, it is impossible not to think of them as a breach in user security. There is something about a seemingly forced piece of information being saved on your computer for the use of a computer hundreds or even thousands of miles away. One can only think of one word, Privacy. How does a user know that the companies are collecting cookies for their own advertising or e-commercial purposes rather than probing a user as a candidate for the ever-present adware? Does a user want vendors to know exactly what it is they usually shop for when they get online? Do they really need to save my shopping time by one or two clicks with the sacrifice of decreased privacy?

COOKIES:

A Cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information to “improve the user experience”. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some website features or services may not function properly without cookies. It is generated by a web page server, which is basically the computer that operates a web site. The information the cookie contains is set by the server and it can be used by that server whenever the user visits the site. A cookie can be thought of as an internet user's identification card, which tell a web site when the user has returned. They can be session based and expire after a session or persist beyond the current web session:

· Session internet cookies are used to ‘maintain state’ and allow websites to remember the actions of a user across a website during a session. For example, an online retailer may use session internet cookies to store information on items that have been added to the ‘basket’ ready to be purchased together with other items in a single transaction.

· Persistent internet cookies are stored on end users’ devices beyond the current session. They send information to the web page (server) whenever the user visits the site until the internet cookies’ expiry date. These internet cookies allow websites to remember the actions of a user across a website (or several websites) and across sessions. For example, persistent internet cookies enable websites to remember settings for personalized content.

Cookie text files contain several pieces of information, including the host and a name-value string. For our analysis, we consider a cookie to be the unique pair and the cookie’s value to be the value component of the name-value string. Our most fundamental analytical task was to effectively identify cookies with value strings that correspond to unique identifiers.

PIXEL TAGS

A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies.

SERVER LOGS

Like most websites, our servers automatically record the page requests made when you visit us sites. These “server logs” typically include your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.

TYPES OF COOKIES

A cookie is a small data file your browser uses to save information it sends. Personal information is never saved in cookies. Using cookies is safe. Cookies are used to track web statistics and to make the website easier to use. Cookies help the websites owner to tailor their marketing decisions according to the website visitors’ needs. Data collected by installation of cookies is not focus on or for specific people. Cookies can be broadly classified into two types:

1. Functional / Session Cookies:

Session cookies are the cookies which is use to track the user session, either user is logged in or not and after authentication server assigns authenticated session cookie to user by that server with check the request is coming from user or not.

2. Non-functional / Persistent Cookies

Persistent cookies are those which is used to track the user activity, in what article or product that particular user is interested, so that if that user have persistent cookie in his machine then he will receive ads related to his interest.

PROS AND CONS ON SAVING THE COOKIES

As every coins has either side so as the cookies too have. Installation of cookies no doubt increases the user experience but as the same time the sophisticated cookies can be installed for creating a digital profile of a user without the consent of the user thus violating the privacy rights of the user. This helps the company for the purpose of advertising and even to sell to the third party for their business need.

Pros of Installing Cookies

1. For Authentication, Security and Site Integrity

2. Advertisement

3. Localization

4. Site features and services

5. Performance

6. Analytics & Research

7. Preferences

8. Personalized Content

Cons of Installing Cookies

1. Privacy Concern

2. Unnecessary Storage

3. Illegal Activities

4. Security Threat

SECURITY ISSUES WITH COOKIES:

1. Direct Login

Some of the website provides access control schemes by the use of cookies like if any user logged in to any website with his/her credentials then the cookies is generated in the browser with the session details then if he/she open the same website on other tab of that browser then he/she directly get into the account without re-entering the credentials so this may have the security issue if the computer is used by multiple users.

2. Cookie Grabbing

When cookie is transfer between the client machines to server and can get access to the concerned website that gave the cookies, then it can be catch by the help of packet sniffer. “Since DNS is used to determine the cookies that are with a particular server it may be possible to cheat or play ahead with the browser to send a cookies to a server by subverting the DNS temporarily” like if intruder want to grab the users cookie then he just have to make the script and upload it on any hosting server and give the link of the script to the user then if that user click on that link then the cookies with the session details of users browser is grabbed and stored with a new file on intruders hosting server and then he/she can access the users account without knowing the credentials of user’s account.

3. Automatic Authentication

“Compromise of our login is a greatest privacy violation that we can imagine of and it’s a serious security implication as well. Some OLTP (Online Transaction Processing Systems) that use cookies should be very careful in providing privacy and security to the users of the system, the above scenario can happen and the users would never tolerate the compromise in the security. Some unauthorized transactions that may happen might have potential financial damages and customer dissatisfaction as well.”

PRIVACY CONCERNS ON COOKIES

As soon as we talk installation of cookies on users system on hard drive, the first question raises on the users mind about the breach of privacy. Cookies are simple un-compiled text files that help to coordinate the remote website servers and your browser to display the full range of features offered by most of the contemporary websites. These features include hassle-free automatic logins and authentication, third party ad serving, advertisement management, preference setting, language setting, etc. As cookie technology evolves along with website publishing and advertisement technology, privacy issues are sure to arise time and again.

Cookies basically coordinate the remote server and the user’s browser to display the full features which are offered by the server. The features given by the use of cookies are shopping cart functionality, ad management, automatic login and authentication and more. The technology of cookies develops the advertisement strategy in digital environment, so privacy issues on this is also arise time and again and they are as follows –

Invasion of privacy

It means that any act in which user’s interest, personal data, activity of user and behavior on internet is recorded, noticed or tracked with the consent of user and without consent is known as invasion of privacy. So this is the major privacy issue because the user can be tracked at any time by the intruder or by the government because under the Information Technology Act, 2000 government has the power to intercept or monitor intercepted in the interest of national security.

Storing Personal Information and Tracking User Behavior

The cookies are storing personal information in two ways, one is for form information and other is for ad tracking. Cookies itself cannot research the computer of user and his/her information. “Cookie-based ad tracking has evolved through the years. From simple operations like counting ad impressions, limiting popup, and preserving ad sequence, third party ad serving cookies have evolved to user profiling/website preference tracking. This latter group of activities—ad tracking, that has attracted a lot of controversy among online consumer privacy groups and other concerned parties. Many of the largest websites online use large-scale third-party ad serving networks which cover many sites. One of the largest is Google's ad serving network. For every click a valid user makes on a Google-served ad on their site, site owners make money ranging from pennies to dollars.

Flash cookies

This type of cookie is used in banking website which is neither browser based cookie or nor stored in computer. So it is difficult to find and delete the cookie, bank and other finance website stores the flash cookies to the user’s computer to authenticate the owner of account without any explicit notice that the flash cookie has been planted on the owner’s computer.

Cookies by themselves do not store or dig any information from your hard drive. It neither analyzes your system details and store. Cookies also do not contain any personal information so it should not be held for collecting the personal information of the users. This personal information is not generated by the cookies themselves but by your own input into websites' order forms, registration pages, payment pages, and other online forms. When we talk of ecommerce, these cookies are being protected by the remote server through security features such as SSL (Secure Socket Layer), certified pages and through other network security parameters

LEGALITY OF COOKIES

When we talk of legality of cookies, “The Information Technology Act (Amendment), 2008” have not defined the word “Cookies” nor the word “cookies” is used anywhere in The IT ACT, 2008. Thus it is quite clear that till now the government of India has not focused on the cookies installation or the use of same technologies and does not have any specific law on cookies, however, any person monitors the activity of user with the help of sophisticated cookies or collecting the traffic data of the user, can be dealt under the I.T. Act, 2008.

Under the section 69 of the I.T. Act, 2008 government has power to issue direction for interception or monitoring or decryption of any information through any computer resource can collect and monitor the traffic data or has power to authorize to monitor and collect traffic data or information through any computer resource for cyber security.

However Information Commissioners Office (ICO) has given New European Laws concerning cookies which came into effect on May 26th 2011 as “Guidance on the rules on use of cookies and similar technologies”.

CONCLUSION

Cookies play an important role for any website to provide some basic and necessary activities such as providing session and authentication to the users. Even the cookies help in providing ease and better experience with faster access to their websites, web application or web services. Cookies also help in remembering the preferences of the users which ease the user to show only the relevant posts, articles, news etc. Cookies also help online advertisement organization to place relevant advertisement which users usually tend to visit which may benefit the advertisement company. This activity is not performed only to sell their products rather than profiting by Pay-Per-Click (PPC) program of different companies like Google Adsense, Yahoo, etc.

In spite of having these benefits to the users, cookies can be used in other way too in order to get the personal or private details of the users. Some sophisticated cookies such as session cookies which are grabbed by the intruder to perform malicious activities. It can also be used to track the traffic data of the user for surveillance purpose. The cookie is an integral part of any website and also from user’s point of view, but it should ask the user either to install in or not with the option of Opt-in or Opt-out. Also the session cookies should be encrypted so that it can protect the user’s session cookies from being exploited by any intruder.

A Methodology for Development and Verification of Access Control System in Cloud Computing

noreply@blogger.com (Ankit) — Sat, 29 Aug 2020 10:01:00 +0000

In Cloud Computing, the feature of multi-tenancy gives privacy, security and access control challenges, because of sharing of physical resources amongun-trusted tenants so, a suitable encryption technique with key management should be applied before outsourcing the data. In this paper we develop the methodology of policy based file access using attribute based encryption with cipher text scheme to secure the storage and sharing the cloud data with the cloud user. In this we also discuss the policy of revocation for file assured deletion so that no one can recover the deleted file from cloud and also discuss the policy for access to data storing centre so that the right user will access the right file in cloud.

Download Paper From Here

Information Security Attacks And Their Prevention

noreply@blogger.com (Ankit) — Sun, 31 May 2015 09:51:00 +0000

Information security is very important in internet. Information security is the process to secure the information and we have to achieve its security goals these are confidentiality, integrity, availability we must not share our confidential data with anyone and while transferring the data from one system to another we must have sure the received data is not tempered and modification is not done by the any other person in that data. The receive data is same as the data which is sanded by the sender. The information created and stored by an organization needs to be available to authorized users and applications. There are several types of cyber attack done by the hacker to get this information...

Security Attacks:

The three goals of security—confidentiality, integrity and availability—can be threatened by security attacks. Below figure relates the taxonomy of attack types to security goals.

There are also several techniques by which we can secure our information over internet so we must have to use those techniques to achieve the information security. Some security services to achieve security goals and prevent from security attacks are:

Security Techniques:

Cryptography and Steganography are the best techniques for achieving the security goals. We must have to use best antivirus software so by that any malware and viruses will not infect our system.

ISO 27001:2005

noreply@blogger.com (Ankit) — Sun, 31 May 2015 09:50:00 +0000

ISO 27001 is an international standard which specifies the Information Security Management System, often shorted to ISMS. The ISO 27001 standard was published in October 2005, essentially replacing the old BS7799-2 standard. BS7799 was first published in nineties as code of practice and it was long standing standard. Now ISO 27001 enhanced the BS7799-2 content and matched it with other standards...

The main objective of the ISO 27001 standard is to provide requirements for establishing, implementing, maintaining and continuously improving an Information Security Management System (ISMS). The design and implementation of an organization's information security management system is influenced by the organization's needs and objectives, security requirements, the organizational processes used and the size and structure of the organization.

ISO 27001 has 5 mandatory clauses, 11 domain areas, 39 control objectives and 133 controls in all. The security controls represent information security best practices and the standard suggests that these controls should be applied depending on the business requirements and the need of the organizations. The five mandatory clause of this standard are-

1. Information Security Management System:

General requirements
Establishing and managing the ISMS
Documentation Requirements

2. Management Responsibility

Management Commitment
Resource Management

3. Internal ISMS Audits

4. Management Review of the ISMS

Review Input
Review Output

5. ISMS Improvement

Continual Improvement
Corrective Action
Preventive Action

PDCA Cycle:

The new 2005 version of the ISO 27001 standard heavily employed the PDCA, Plan-Do-Check-Act model to structure the processes, and reflect the principles set out in the OECG guidelines. However, the latest, 2013 version, places more emphasis on measuring and evaluating how well an organization’s ISMS is performing. A section on outsourcing was also added with this release, and additional attention was paid to the organizational context of information security.

The above figure shows the PDCA cycle; in this each part perform its respective roles-

Plan:

• Identify the business objective.

• Obtain management support.

• Selection of proper scope of implementation.

• Defining the method of risk assessment.

• Prepare inventory of information assets to protect, and risk assets according to risk classification in risk assessment.

DO:

• Manage the risk and create the risk treatment plan.

• Set up policy and procedure to control the risk.

• Allocate resources and train the staff.

Check:

• Monitor the implementation of information security management system.

• Prepare for the certification audit.

Act:

• Conduct periodic reassessment body-

 Continual improvement

 Corrective action

 Preventive action

Organization Affected by ISO 27001

The ISO 27001 standard is a model of information security and this standard is design for all type of organizations like non government, government and nonprofit organization. This standard requires the managing body of an organization that can plan, implement and maintain the information. The ISMS model ensures the selection of adequate security controls based on organizational objectives to protect all information assets, including both wire line and wireless assets.

Organizations comply with ISO 27001

An organization’s information security management system is driven by its security requirement, objective, processes and business need in light of its structure and organizational size. To comply with ISO 27001 organization must plan, establish, maintain and improve an policy of information security management system and ISMS includes objective, processes and procedure to increase security and handle any type of risk. The controls, processes and procedure are used by information security management system for planning, implementing and also for operating. The guidelines to implementing the security controls of ISO 27001 standard is guided in other standard that is ISO 17799 it tell about how to implement the security controls.

Advantage of ISO 27001:

1. It gives benefit to business.

2. Common understanding

3. Best practices, state of the art

4. It protects the businesses

5. Technical agreements

6. Compatibility with worldwide technology

7. Satisfactory to its customer

8. It is stable to any system

9. It is easy to upgrade

10. Global recognition of product quality

Disadvantage of ISO 27001

1. Expensive because it requires specific IT budget.

2. It also required special expertise

3. Time required to apply them

4. Resources required to provide ongoing training and awareness

5. Lack of knowledge

Conclusion

ISO 27001 standard is followed by most of the organization and it must be followed because by this they can implement the security for their important information in organization. There are many advantage to implementing this standard like it give benefit to business, protects the business, increase the growth of business by meeting it with worldwide technology but there are some disadvantage also like it is expensive, required time etc. But at last it give so much benefit to business, it is not mandatory for all organization but it must be followed to improve the growth of business.

Recover Deleted File

noreply@blogger.com (Ankit) — Sun, 31 May 2015 09:49:00 +0000

Some time we delete our data by mistake, so in these deleted data there may be our any important file which we want to recover any how and go to the expert for that and then pay whatever their fee is. So here I am going to tell you how you can recover your previous or deleted data from your hard drive or External drive without paying anything. The tool which we will use to recover the data named as Recuva. So just follow the steps to recover any file or data from your system.

Now we recover the file from Hard drive or Hard disk

Fig (1)

In fig 1 there is a Demo file now we delete that file by pressing shift+delete and recover it with the help of Recuva tool.

Fig (2)

In fig 2 we delete our Demo file and now we start Recuva tool to recover it.

Fig (3)

In fig 3 we select the document file and press next

Fig (4)

Now select the location from where we want to recover our file and press next

Fig (5)

Here in fig 5 we can see our Demo file now click on the check box of Demo file and click on recover then select the drive where we want to recover our Demo file and press ok.

Fig (6)

Here in fig 6 we can see that our Demo file is successfully recovered.

Email borne, Viruses and Worms

noreply@blogger.com (Ankit) — Sun, 31 May 2015 09:27:00 +0000

The security of network has become most important in past few years. Security professional works on implementing strongest security. So the security has become harder and strong to avoid. Now attacker adapted the new way to attack they do not try to find any loop hole in firewall they simply use the holes that are known to be open. So for this they use SMTP traffic or Email for propagation of malicious software to the victim’s computer...

People use email to keep in touch with their family and friends and they use it to communicate with companies sending their documents and etc. It is nearly impossible for a company to stay in business without using email because they have to communicate with their clients, customers, co-workers and others. So attacker use the malware like borne viruses and worms which spread by email.
Email is widely use among the people so attacker use email to spread the malware. Companies and people use email to communicate which gives an email-borne attack a statistically excellent chance of achieving its purpose and some of the people do not know how to protect from this virus which makes it easier for the attacker to fool them into launching an attack.

Email Borne Viruses

This is the virus and malicious code which is spread as attachment in the email messages. The attackers send this virus by attaching it in email and he can use any of the email ID to send this virus. Some time the email id of the sender is not real the attacker use it to spread the virus. This type of virus may arrive inside a spam or phishing message folder separately, or if someone’s computer is already infected then this type of virus may be send with the message so people sending this virus without knowing because their computer is infected. This type of virus can cause serious damage to the computer.

Email Borne Worms

Email borne worms are nothing but a worm which comes into your computer by emails, usually with the attachments of the email. The only difference in a normal worm and an email borne worm is normal worm can inject through downloading files, CD or through any removal disk but email born worm is inject through email and its attachment. The email borne worm is very harmful because it can disable our antivirus.

Identify Email Borne Virus and Worms

Understanding the nature of the attachment is the first step towards email safety. Any executable type attachment has the potential to be infected. This covers a wide range of extensions. Complicating matters is that, by default, Windows suppresses file extensions. Make sure you have file extension viewing enabled.

Preventive Measures of Threats

We all have some important data in our computer and we do not want to share it with any one and also we do not want to lose that data from our system. For that we take some preventive measures so attacker cannot succeed to inject the email borne virus and worm easily. These preventive measures are –

Implement an Email Gateway:
It is a logical single point of entry in which all email were checked before enter into a network. The purpose of implementing the email gateway is when any attack is caused by attacker then it detects and eliminates attack at entry point of network.

Antivirus Software:
Antivirus software is the program which can detect the malicious attachment and warn before installing the attachment. Good antivirus run on the email gateways and stops most of the email based attacks.

Content Filtering Software:
Content filtering software is that software which protect when our antivirus fails to detect the malicious attachment. It is implemented on email server to protect against email worm and virus. The effective content filtering software is that software which scans all the component of the email.

Firewall:
Firewall is locking the front door of your home and helps to keep intruders outside the home. It monitors all the incoming and outgoing file and check the malicious code in file. But choosing a firewall is a concern; one should choose a good firewall according to the needs and conditions and should install it properly to be effective.

Software update:
Software update is most important for prevention of newly develop threats; it updates the database to the latest definitions so that it can react accordingly. New threats are develop day by day so we also have to update our antivirus and other software regularly, when updating the antivirus it updates the signature of newly develop threats like virus and worms.

Other Prevention Measures

· Only open email or IM attachments that come from trusted sources and are expected.
· Have email attachments scanned by a reputable Internet security program prior to opening.
· Delete all unwanted messages without opening.
· Do not click on Web links sent by someone you do not know.
· If a person on your Buddy list is sending strange messages, files or Web site links, terminate your IM session.
· Scan all files with a reputable Internet security program before transferring them to your system.
· Only transfer files from well-known sources.
· Use a reputable Internet security program to block all unsolicited outbound communication.
· Keep security patches up to date.

Corrective Responses to the Threats

If an attacker succeed to inject the threats like email borne virus and worm in your system because some time you ignore the warning and install the attachment of the email which contain virus or worms then your system get infected with these threats and it may cause harm to system file. So you have to response quickly for minimal loss. The corrective responses are –

Run Antivirus:
When any email borne virus and worm is inject into your system then you have to run antivirus software and scan all the file of the system so infected files were filtered. But if your antivirus is not updated and if the threat is new then your antivirus cannot detect the threat.

Run Windows Defender:
If you do not have antivirus software or your antivirus software is expired then you can scan the virus by windows defender it is an inbuilt tool which is currently available only in windows 7 and windows 8. You can access it through start menu; go to start menu and type windows defender then click enter now scan for virus.

Scan by boot disk:
If the threat is inject in your bios then you can scan and remove these threat by using boot disk. It is very good method to remove the threats from the system.

Types of Disaster and Their Recovery Plan

noreply@blogger.com (Ankit) — Sun, 31 May 2015 09:12:00 +0000

Companies doing their business with the help of internet because to grow the business information technology is used for effectively and quickly process the information. The employee of the company uses Email system and voice over internet protocol to communicate with their clients and customers. For online payment company uses EDI that is electronic data interchange, we can transmit data with the help of EDI. To process the bulk of data and for storing it servers are used. Employee uses some wireless device, computers and laptops to communicate process or manage the data. If any of these information technology stops working then disaster occurs for the company...

Disaster in information technology means that if any part of the organization is damaged due to occurrence of any type of disaster it may be manmade or may be natural disaster due to which the processing, creating, maintaining and communication of data is stops working because the IT infrastructure components stops supporting them. This badly affects the working of organizations and if they don’t have disaster recovery plan then it is not possible for them to reopen the business for them again because they cannot recover the lost data.

IT systems need connectivity, software, hardware and data. If any component is missing then the whole system may not run. So strategy of recovery should be developed to minimize the loss of following system components:

• Computer room environment (secure computer room with climate control, conditioned and backup power supply, etc.)

• Hardware (networks, servers, desktop and laptop computers, wireless devices and peripherals)

• Connectivity to a service provider (fiber, cable, wireless, etc.)

• Software applications (electronic data interchange, electronic mail, enterprise resource management, office productivity, etc.)

• Data and restoration

Types of disasters and services ready to respond to such disaster:

The types of disasters and the services ready to respond to such disaster are –

Natural Disaster:

Natural disasters like hurricanes and floods can happen unexpectedly at any time. It is important to take special preventive steps to protect the organization in the event of occurrence of natural disaster. So Federal Emergency Management Agency (FEMA) recommended some instruction to minimize the loss from the natural disaster. Most of the organizations keep records in form of hardcopy and electronically which are essential for operations and some organizations also store productive inventory and raw material. In the event of natural disaster organizations have to face the loss of important files, records and other things. To get back in normal operation organization take time and due to this they lose their customers also.

Response of natural disaster:

To reduce the loss, organizations have to determine the important data, materials, record and file. The steps to respond while any natural disaster such as earthquake, flood, fire and hurricane is occurring are as following:-

• Move computers away from large window and raise them above the flood level.

• Move easily broken things and heavy object to low shelves.

• In the event of earthquake secure the moving and falling equipments.

• Store the important documents in off-site location to secure them.

• Install the fire extinguisher it may helpful in case of fire.

• Cover the electric equipment and protect the important document in case of hurricane.

• Regularly backing up the customer list, payment details, payroll records and other electronic files and store it in secure off-site location.

Man made Disaster:

Manmade disasters are the disaster which is not occurs naturally this disaster occur by the human which can range from operating error to intentional attempt to cause damage. In this most of disaster occurs by mistake of the employee of the organization and mistakes can cause serious damages like power outage, data loss and malicious attacks. Hackers can hack the system and compromise the data or render it unusable. The prevention of manmade disaster is easier then prevention of natural disaster because the response and planning of manmade and natural disaster id different. Terrorism is also the man made disaster and it is the biggest disaster under this category because it causes so much harm or damage including death.

Response of man made disaster:

To reduce the loss, organizations have to use surveillance and mitigation planning which help to avoid the damages and minimize them from the manmade disaster. The steps to respond the manmade disasters are as following:-

• Scan the whole computer if found any virus in a file and remove the viruses.

• Install the generator it will help when power outage is occurs.

• Regularly update the antivirus, download and install the new patches of the antivirus.

• When found any malicious activity then block the traffic immediately.

• Hire security guards and install the camera in the organization this will help to avoid the terrorist activity and guard will respond to this activity.

• Regularly backing up the customer list, payment details, payroll records and other electronic files and store it in secure off-site location.

• Use good antivirus and good firewall which may prevent from the malicious activity and also scan the incoming attachments.

• If any type of failure occurs in the infrastructure then use backups.

• Activate security alert network.

Advance IT disaster preparedness plan:

There are many organizational business applications and some of them cannot tolerate the downtime. There is a solution for that which is very expensive and only big organizations can afford that. The solution is that they have to utilize a dual data center which is competent of handling the needs in data processing. The other solutions which are not so expensive and any business can use it are as following:-

• Always use latest version operating system and regularly update the virus protection software.

• Understand what data and systems are critical to business continuity.

• Install the generator it will help when power outage is occurs.

• Regularly backing up the customer list, payment details, payroll records and other electronic files and store it in secure off-site location.

• Identify and fix single points of failure in your network, business processes, and people.

• Make a disaster recovery plan which include –

 Risk and threat analysis

 Leadership and succession plan

 Emergency response plan

 Internal and external communications requirements

 Human resources responsibilities

 Facilities management

 Availability of information and communications technology

 Cooperation with first responders, public officials, vendors, partners, and customers

• Conduct awareness and training program of disaster response for employees

Wireshark Basic Tutorial

noreply@blogger.com (Ankit) — Sun, 31 May 2015 09:11:00 +0000

In 2008, Wireshark is arrived after ten years of development. Wireshark is a tool use to analyze the packet in the network. This tool captures the packet flow in the network and displays the data of that packet in detail to analyze them. Wireshark is also known as network packet analyzer, as the name suggest this tool is use to examine that what is going inside the network like what type of packets were flow in the network. The network packet analyzer tools were very expensive in the past and but now a days wireshark is the best open source tool available to analyze the packet.

Wireshark have so many features like it is available for both the operating system like UNIX and Windows. It also captures the packet data that are flow within the network. Wireshark imports the packets from the text files containing hex dumps of packet data. The packets which were captured from the interface of the network is display in detailed information and save them. It also filter the packets on many criteria, colorize the packet display and make various statistics.

Purpose of Wireshark

Wireshark tool is used for many purposes but people mainly use this tool for:

It is used to troubleshoot the network problem.
It is used to scrutinize the security problem.
It is used to debug protocol implementations.
It is also used to learn network protocol internals.

Wireshark software has been developed to work on many operating systems like Microsoft Windows, Linux, Solaris and Mac OS X. The wireshark strength in market is increased due the support in these OS. On a computer or Windows network, it must be used along with the WinPCap application, the full form of which is Windows Packet Capture. This software allows the capturing of packets in Windows, and those files can then be analyzed using Wireshark. Similarly, Wireshark can be used to view packet information obtained by many other packet capture programs.

Fig (1)

This figure shows the structure of packet sniffer which is use to sniff the packet in the network. In this figure there are some internet protocols and application. And on other side there is packet sniffer which consist two things packet analyzer and packet capture (Pcap). Pcap receives links which is sent or receive by computer. And the message is transmitted using the protocols like UDP, HTTP, TCP, FTP and etc. These protocols are encapsulated in link-layer frames and it operates in computer using Ethernet cable, 802.11 wireless LANs, FDDI, Token-Ring.

Where to use Wireshark:

In the wireshark tool we first have to decide where to capture the packets and do analysis on it like if there is a situation in which there are many switches, file server and number of terminals. If by any unknown reason the performance of the network is drop and there is not any malware detection tool or system like intrusion detection system and in that local area network transfer rate of file have no problem. And there is also not any netflow protocol which helps to analyze the traffic remotely. So this is the situation where we can use wireshark.

Procedure for capturing and analyzing data:

1) The very first step is starting the wireshark then you should see the home screen.

Fig (1)

2) Then the second step is to select the interface that is being used for internet connection and then click on start.

Fig (2)

Fig (3)

3) Now start running your web browser and use it normally to browse webpage’s. In figure 4 it shows that how the packets are being captured.

Fig (4)

4) After a minute or so, go to capture and stop capturing of the packets as shown in Figure-5

Fig (5)

These are the procedure to capture the data through wireshark now let’s see how these packet were analyze.

5) Now to analyze the packet we can filter the packet out from this collection of packet, to do this we have to use this filter tool in wireshark as shown in the figure.

Fig (6)

7) Now, analyze the packets that are listed. If you select any packet in the list, the details about that particular packet will be displayed in wireshark we have to just double click on that packet then the dialog box is open which tells all about that packet as shown in Figure-7.

Fig (7)

These all procedures which show that how the wireshark tool uses to capture the traffic or packet in network and then how can you analyze these packets.

Find Your Lost Phone

noreply@blogger.com (Ankit) — Sun, 31 May 2015 09:10:00 +0000

How many of you have an issue to forget your mobile phones? I guess, most of us.

Sometimes in our homes, sometimes in our offices, sometimes in our cars and sometimes we even don’t remember the exact place where we left our phones.

Now, finding your phone is as simple as searching something on Google...

Instead of searching your phone everywhere, just ask Google where your phone is, and the search engine giant will answer you the exact place where you left your smartphone.

How does it work?

Log-in to the same Google account on your desktop computer’s browser that you use on your Android smartphone, but before that make sure you must have the latest version of the Google app installed on your smartphone.
Now type "Find my phone" into Google's search engine, and that’s it.
As soon as you press the enter button, Google will display a map that eventually shows you a location on the map that is accurate to a certain distance.

However, what if your phone is not visible to you?

Google also offers you a Ring button on the map in order to pinpoint your phone.
You just need to click on Ring icon and the search engine giant will ring your smartphone at full volume for up to five minutes. Moreover, once you hand on it, simply press the power button to turn off the ringing.

Legality of Sting Operation in India

noreply@blogger.com (Ankit) — Tue, 23 Dec 2014 17:44:00 +0000

Sting operation is designed to catch the person committing a crime by means of deception. The word “sting” means set a trap to catch a crook. It is an information gathering exercise; it looks for the facts, “Every citizen strives for a corruption free society and must expose corruption whenever it comes to his knowledge. He shall also try to remove corruption at all levels of the State administration for better management of the State.Although there is no clear law which specifically allows or legalizes sting operation, but the court derived the right to conduct sting operation

under Article 51A (b) of the Constitution of India.This particular Article imposes a duty upon the citizens to cherish and follow the noble ideals which inspired our national struggle for freedom.

Sting operation can be classified into two types based on their purpose these are as follows:

1. Positive sting operation

In positive sting operation society is benefited because it makes government responsible and accountable. It leads to the transparency in the government.

2. Negative sting operation

In negative sting operations, it does not benefit the society, but they do harm the society and its individuals. It unnecessarily violates the privacy of the individual without any beneficial results to the society.

POSITION OF STING OPERATION IN INDIA:

In India till now we don’t have any direct provision or law on sting operation which guides such operations. But person can go to the court under different laws to protect his right. Wiretapping is a part of sting operation which is regulated under Telegraph Act, 1885. Court also gives the guideline for wiretapping by the government, which says that who can tap the phone and etc. The government is required to show that the information cannot be obtained through any other means and after that review committee check the legality of each wiretape. . These sting operations also violates right to privacy which according to the Supreme Court is guaranteed under Article 21- right to life and personal liberty. As we are provide that the freedom of expression guarantee in Article 19(1)(a) is not absolute therefore the constitution provides with Article 19(2) which protects the public interest morality and decency. A person who welcomes media interest in his life will not be able to claim a right to privacy as easily as a ‘private individual.

LEGALITY OF STING OPERATION IN INDIA:

Supreme Court of India said that sting operation is not a legal method of law enforcement, “A bench headed by Chief Justice P. Sathasivam said the apex court had approved sting operation carried out in public interest in R.K. Anand case but it will be difficult to understand the ratio in the said case as an approval of such a method as an acceptable principle of law enforcement in all cases.

Another issue that arises from such an operation is the fact that the means deployed to establish the commission of the crime itself involves a culpable act

It said unlike the U.S. and certain other countries where a sting operation is recognized as a legal method of law enforcement, though in a limited manner, the same is not the position in India.

The bench said questions are raised on what would be the position of such operations if conducted by a private individual who had stained his own hands while entrapping what he considers to be the main crime and the main offender.

Law of Encryption in India, U.S. and U.K.

noreply@blogger.com (Ankit) — Tue, 23 Dec 2014 17:35:00 +0000

Law relating to encryption deals with the legislation which ensures that information is safe and delivered confidentially. Many countries have different policies which are designed to keep encryption secure from the intruders or unauthorized persons. Government of every country develops tools to transform data via encryption technology to prevent modification and unauthorized access on any sensitive information. Issues regarding cryptography law fall into four basic categories: export control, import control, patent issues, and search and seizure.

ENCRYPTION LAWS IN INDIA:

India does not have any encryption policy nor is there specific legislation governing the use of encryption techniques to secure electronic communication. The basic legislation concerning electronic data and communication and its processing, the Information Technology Act, 2000 (IT Act) is also silent on the level and type of encryption that a person or organization can deploy to protect electronic communication and data.

Information Technology (Amendment) Act, 2008 provides for encryption under Section 84A, which says that “The Central Government may, for secure use of the electronic medium and for promotion of e-governance and e-commerce, prescribe the modes or methods for encryption.”

In addition to the ISP Guidelines and the ISP License Agreement, there are various industry-specific regulations already in place these are as follows:

Department of Telecommunications
Securities and Exchange Board of India Guidelines on Internet Based Trading and Services
Reserve Bank of India Guidelines on Internet Banking
The Information Technology (Certifying Authorities) Rules, 2000
Data Security Council of India views

1. Department of Telecommunications:

“Use up to 40-bit key length in the symmetric key algorithms or its equivalent in other algorithms without having to obtain permission from the DoT, but for use of any encryption equipment higher than this limit, the same can be done only with the prior approval of the DoT.”

2. Securities and Exchange Board of India Guidelines on Internet Based Trading and Services:

The Securities and Exchange Board of India (SEBI) prescribes a 64-bit/128-bit encryption for standard network security and mandates the use of encryption technology for security, reliability and confidentiality of data. SEBI recommends use of secured socket layer security preferably with 128-bit encryption, for securities trading over a mobile phone or a wireless application platform.

3. Reserve Bank of India Guidelines on Internet Banking:

The Reserve Bank of India recommended 128 bit encryption and public key infrastructure for secure internet banking in June 2001. Banks should use secured socket layer for securing the browser to server communication and make the password and other sensitive data in encrypted form.

4. The Information Technology (Certifying Authorities) Rules, 2000:

In this rule it says that electronic communication systems used for the transmission of sensitive information, such as routers, switches, network devices and computers, must be equipped with suitable security software and, if necessary, with an encryption software. . The Rules also provide that stored passwords must be encrypted using ‘internationally proven encryption techniques’ to prevent unauthorized disclosure and modification. The standards use for encryption according to rule are PKCS#1 RSA, PKCS#5 or PKCS#7. The encryption algorithms provided by these rules are very strong and secure.

5. Data Security Council of India views:

The DSCI in its recommendations of 13 July 2009 recommended adoption and implementation of an Encryption Policy and suggested that, Use of symmetric encryption for e-commerce applications, including SSL for end-to-end authentication, be allowed with encryption of up to and including 256 bits with AES algorithms, or equivalent algorithms.

ENCRYPTION LAWS IN U.S.:

Encryption is subject to the law in the United States for two reasons: public key cryptography is subject to several patents in the United States; and U.S. law currently classifies cryptography as munitions, and as such, regulates it with export control restrictions.

While these restrictions have hampered the widespread use of cryptography within the United States, they have done little to limit the use of cryptography abroad, one of the putative goals of the export control restrictions.

ENCRYPTION LAWS IN U.K.:

In UK there is a law known as key disclosure law in this it every individual have to surrender his cryptographic key to law enforcement for the purpose to allow the access to the encrypted content for confiscation or digital forensics purpose and use it either as evidence in a court of law or to enforce national security interests.

Files that look encrypted, such as radio telescope noise, can land you in jail. If the UK police really want you jailed, they can demand you decrypt files hidden using Stenography inside your vacation photos. Can't do it? Off to jail. The UK now can send you to jail if you can't decrypt what they think is encrypted.

Security Aspects in Sensor Networks and Secure Wireless or Mobile Data Management

noreply@blogger.com (Ankit) — Tue, 23 Dec 2014 17:26:00 +0000

Sensor networks offer economically viable solutions for a variety of applications. For example, current implementations monitor factory instrumentation, pollution levels, freeway traffic, and the structural integrity of buildings. Other applications include climate sensing and control in office buildings and home environmental sensing systems for temperature, light, moisture, and motion. Sensor networks are key to the creation of smart spaces, which embed information technology in everyday home and work environments...

The miniature wireless sensor nodes, or motes, developed from low-cost off-the-shelf components at the University of California, Berkeley, as part of its smart dust projects, establish a self-organizing sensor network when dispersed into an environment. The privacy and security issues posed by sensor networks represent a rich field of research problems. Improving network hardware and software may address many of the issues, but others will require new supporting technologies.

Potential applications of sensor networks include:

· Industrial automation

· Automated and smart homes

· Video surveillance

· Traffic monitoring

· Medical device monitoring

· Monitoring of weather conditions

· Air traffic control

· Robot control

SECURITY ASPECTS IN SENSOR NETWORK:

Security is a broadly used term encompassing the characteristics of authentication, integrity, privacy, nonrepudiation, and anti-playback For the secure transmission of various types of information over networks, several cryptographic, steganographic and other techniques are used which are well known. Techniques are meant for wireless sensor networks are –

Cryptography
Steganography
Physical Layer Secure Access

ATTACKS IN SENSOR NETWORKS:

Attacks against wireless sensor networks could be broadly considered from two different levels of views. One is the attack against the security mechanisms and another is against the basic mechanisms (like routing mechanisms). Here we point out the major attacks in wireless sensor networks.

Denial of Service
Attacks on Information in transit
Sybil Attack
Blackhole/Sinkhole Attack
Hello Flood Attack
Wormhole Attack

SECURE WIRELESS OR MOBILE DATA MANAGEMENT:

Complete mobile security encompasses a written mobile security policy, the security of the mobile device and its data, the security of the mobile communications to and from the mobile device, and the optimization of the corporate network to support business mobility. The mobile device and its data are secured by controlling access to the device, ensuring the security of stored or removable data on the mobile device, protecting it from viruses and malware, and the securing of Bluetooth connections. Communications to and from the mobile device need to be secured through confidentiality, integrity and authentication over the network.

The rise in the mobile workforce is putting more demand on IT departments for greater access to mobile devices and greater access to corporate data stores through those mobile devices. Responsible organizations recognize the inherent risks this carries and take the necessary steps to maintain the security of their sensitive data. In many cases, solutions that work in a desktop environment are impractical for mobile computing, given the constrained processing, memory and battery resources of mobile devices. To be effective, an enterprise wireless security strategy needs to address:

Securing the mobile device and its data
Securing the communications to and from the mobile device to the Corporate network
Optimizing the enterprise network to support business mobility

Dependable Infrastructure and Data Management

noreply@blogger.com (Ankit) — Tue, 23 Dec 2014 17:17:00 +0000

Dependable data center infrastructure is more important than ever when operating in a complex and challenging environment where the demands for security, speed and reliability are tested with every transaction and interaction. Organizations are also realizing that well-managed data centers can make a significant impact to their bottom-line by enabling them to respond more quickly to market demands...

The Data Center Infrastructure Management (DCIM) professionals from CA Services have the expertise and skills to implement a unique solution that enables you to effectively manage your three biggest data center infrastructure management challenges: power and cooling, capacity and inventory, and IT and business facility resources.

Major components of dependable systems include dependable networks, dependable middleware including infrastructure, dependable operating systems, dependable data managers, and dependable applications. That is, we need end-to-end dependability. By dependability we mean security, integrity, fault tolerance, data quality, privacy, and real-time processing.

DEPENDABLE INFRASTRUCTURE:

For dependable systems, we need appropriate operating systems and infrastructure possibly based on object request brokers. We need to host sensor data managers and applications such as multisensor data integration and fusion on the infrastructure. We need to ensure that the system is secure and survivable. We also need to ensure that the infrastructure is secure. That is, security has to be built into the system and not considered as an afterthought. Essentially we are proposing a layered architecture for sensor information management. The infrastructure consists of middleware possibly.

Another aspect that is important is end-to-end dependability. This includes security, real-time

processing and fault tolerance for not only all of the components such as infrastructures, data managers, networks, applications and operating systems; we also need to ensure the dependability of the composition of the entire system. This will be a major challenge even if we consider security, real-time processing and fault tolerant computing individually. Integrating all of them will be a complex task and will have to address many research issues and challenges.

DEPENDABLE DATA MANAGEMENT:

Dependable data management systems are needed to process stream data. For example, much of the data may be transient data. Therefore, the system has to rapidly analyze the data, discard data that is not needed and store the necessary data. Special query processing strategies including query optimization techniques are needed for stream data management. Many of the queries on stream data are continuous queries. We need special query strategies for processing such continuous queries. Researchers are also examining special data models as well as extensions to the relational data model for stream data management. Query languages such as SQL (Structured Query Language) are being extended with constructs for querying stream data. Research efforts are also under way for extending XML (eXtensible Markup Language) with constructs for sensor data management. We also need to determine the types of metadata to collect as well as develop techniques to store and manage the metadata.

SECURITY ISSUES FOR DEPENDABLE INFRASTRUCTURE AND DATA MANAGEMENT:

These systems are vulnerable to unintentional errors: equipment failure, human errors, weather, and accidents
They are also the object of intentional attacks: external (hackers) and insiders (internal attacks).
We need to conduct research on security for sensor databases and sensor information systems.
We need to examine security policies for sensor data.
We need end-to-end security. That is, the infrastructures, data managers, applications, networks and operating systems have to be secure.
We also need to investigate the composability of the dependable objects.

Database Security

noreply@blogger.com (Ankit) — Tue, 28 Oct 2014 17:08:00 +0000

Every organization must deal with information, network and system security. Security is a difficult concept to define in relation to computer and system security. Confidentiality, integrity and availability also known as Information Security Triad are the most important elements of information security. Databases have various designs and to achieve security is difficult. To make a database secure the five primary aspects of security should be considered including the CIA triad.

1. Confidentiality: Confidentiality is the prevention of unauthorized access, disclosure and use of information. Loss of confidential information may lead to both tangible and intangible losses.

2. Integrity: This refers to the reliability and trustworthiness of information and quality of a system itself. Integrity means that there has been no unauthorized data manipulation and that the information received is the same as the information sent.

3. Availability: Availability is the ability to access necessary services and resources.

4. Authentication: Authentication provides the ability to confirm the identity of a person or the origin of the artifact, or to ensure that a computer program is trusted one.

5. Nonrepudiation: This guarantees that the sender has sent the message and the receiver has received the message, eliminating the possibility of denial on both ends.

THREATS TO DATABASE SECURITY

With the increase in usage of databases, the frequency of attacks against those databases has also increased. Here we look at some of the threats that database administrators actually can do something about.

Database attacks are an increasing trend these days. Reason is the increase in access to data stored in databases. When the data is been accessed by many people, the chances of data theft increases. In the past, database attacks were prevalent, but were less in number as hackers hacked the network more to show it was possible to hack and not to sell proprietary information. Another reason for database attacks is to gain money selling sensitive information, which includes credit card numbers, Social Security Numbers, etc.

TYPES OF THREATS TO DATABASE SECURITY

Privilege abuse:

When database users are provided with a privilege that exceeds their day-to-day job requirement, these privileges may be abused intentionally or unintentionally.

Operating System vulnerabilities:

Vulnerabilities in underlying operating systems like Windows, UNIX, Linux, etc., and the services that are related to the databases could lead to unauthorized access. This may lead to a Denial of Service (DoS) attack. This could be prevented by updating the operating system related security patches as and when they become available.

Database rootkits:

A database rootkit is a program or a procedure that is hidden inside the database and that provides administrator-level privileges to gain access to the data in the database. These rootkits may even turn off alerts triggered by Intrusion Prevention Systems (IPS). It is possible to install a rootkit only after compromising the underlying operating system.

Weak authentication:

Weak authentication models allow attackers to employ strategies such as social engineering and brute force to obtain database login credentials and assume the identity of legitimate database users.

Weak audit trails:

A weak audit logging mechanism in a database server represents a critical risk to an organization especially in retail, financial, healthcare, and other industries with stringent regulatory compliance. Regulations such as PCI, SOX, and HIPAA demand extensive logging of actions to reproduce an event at a later point of time in case of an incident. Logging of sensitive or unusual transactions happening in a database must be done in an automated manner for resolving incidents. Audit trails act as the last line of database defense. Audit trails can detect the existence of a violation that could help trace back the violation to a particular point of time and a particular user.

VULNERABILITIES IN DATABASE:

Databases contain the largest and most sensitive store of enterprise data, making them a prime target for attackers. But it's often the enterprise's internal staff database developers, administrators, and even users who create the vulnerabilities that attacker exploit to compromise that data.

Here are some of most common areas of database security weaknesses, based on the issues we've seen in customer environments we've evaluated during the last decade.

Platform Vulnerability:

Servers are used to store data and provide services to the users and to other systems. Server may run Linux or Windows or any other Operating System. The OS are heavily targeted because of their critical use. If an attacker penetrates or damage the operating system, then the database service running on the server may damaged or disrupted. Servers are mostly compromised due to unpatched known vulnerability and misconfiguration. The database administrator should regularly visit the websites to keep the system update.

Database Server:

Database is the primary target of any attacker. Windows Server provides Windows Authentication either with the local accounts or active directory domain accounts; in addition they also support SQL Logins. The administrator should activate any one service for authentication, leaving the unnecessary services enabled increases the security complication.

Network:

Now the network are no more wired only, wireless networks have become more popular, therefore, the administrator must consider the vulnerabilities of both the wired and wireless networks. Wired network can be exploited by gaining access to unsecured ports. If the private wired network is connected to the Internet, then they may also be exploited. Attacker also tries to install rogue wireless access points on internal wired network to gain access from outside the range of wired network. The administrator should block the unnecessary open ports.

SQL Injection:

In a SQL injection attack, an attacker typically inserts (or “injects”) unauthorized SQL statements in the entry field for the execution of the statement and in response error are received with vital information that helps the attacker to gain access into the system.

Denial of Service:

Denial of Service (DoS) attack is a type of attack in which the resources are denied to intended users. Denial of service may be created via many different techniques. For example, DoS attack can be achieved by taking advantage of a database platform vulnerability to overload a server. Other common DoS techniques include network flooding, data corruption, and server resource overloading (memory, CPU, etc.). Resource overloading is particularly common in database environments.

PROVIDING SECURITY TO DATABASE:

An ever increasing number of databases are needed in business and, with the advent of the Internet, threats or risks to these databases are increasing apace. In this series, we provide a definition of database security, and look at how security is provided to database.

Privileges:

In a database highest number of data breaches is due to the improper privilege grants. When someone wants to access database, the user can only perform those operations which are granted to him.

Least Privileges:

When a user is granted privileges more than the requirements to fulfill their intended job function, these privileges are misused. For example a person is only needed to read a particular data but he has been granted read and write privilege then he can also write and it will be a misuse of his rights. The best practice is to grant only those privileges which are required to perform intended duties.

Data Encrypting on Database Server:

Encrypting the data across the database improves the security. In case if any users security is compromised then the unintended data will be possess by the intruder but due to encryption he will not be able to read that data and the confidentiality of the data will be maintained even after the compromise. In some recent cases the database server storing the credentials of the customer were compromised but the encryption in the data was protected and the credential were not leaked. Encryption will protect both the production and backup copies of the data and even the backup data is theft will still be undisclosed.

Monitoring and Blocking:

Real time monitoring of database activity can help to detect any data leakage on real time basis, unauthorized SQL commands and system attacks can be monitored and blocked according to the procedure stored by the administrator and can be notified on real time basis. Administrator can create a profile of each user’s normal activity and on these baselines, if any operation other than normal activity is monitored is blocked or reviewed in more detail to check whether the activity is for malicious intent or for authorized usage. This helps to detect the SQL injections and any compromised users activity by the attacker can be detected.

Auditing:

Implementing automated auditing increases the performance, flexibility and scalability of a database server. Database Auditing and Protection Platform can address most of the weakness associated with native audit tools.

Data Security Policy:

Data security includes mechanisms that control access to and use of the database at the object level. Your data security policy determines which users have access to a specific schema object, and the specific types of actions allowed for each user on the object. For example, user can issue SELECT and INSERT statements but not DELETE statements using the employees table. Your data security policy should also define the actions, if any, that are audited for each schema object.

Liabilities of Online Service Provider

noreply@blogger.com (Ankit) — Fri, 17 Oct 2014 17:39:00 +0000

Now a day the growth to technology is increasing rapidly many of the organization uses online medium to grow the business and with this the issues and crime are also increasing. As the technology increases like as the growth of technology the issue of infringement of copyright and in digital environment is increases. This is intellectual property issue and for the protection of this issue the copyright Act is adopted. This Act gives the law to punish the infringers and also give the direction of fair dealing.

In this the service provider plays the important role they provide services to the user. Service provider provides the services in two modes one is online and other is offline. Service provider is not liable for every activity of their user. The U.S. government adopts Digital Millennium Copyright Act (DMCA) to protect the service provider from the liability of infringement done by their users. In section 512 of DMCA it says about the Limitations on liability relating to material online.

Service Provider:

“As used in subsection (a), the term ‘service provider’ means an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user’s choosing, without modification to the content of the material as sent or received.” It is abbreviates as OSP, the work of online service provider is providing the services online. There are many companies and organization that provide the online services. The online services include discussion group, chat rooms, websites or it also provides the dial-up access to the internet.

Liability of service provider:

Digital Millennium Copyright Act protects the online service provider from the liability of infringement done by their subscribers. If the service providers were held liable for the activity performed by their users, then it will affect the growth of internet and accessibility. The main service of service provider is facilitating the transmission of data from one user to another. Service provider cannot modify content which is transmitted. Service provider are held liable –

1. If the service provider initiates the transmission and modifies the content which is send by the user and if the service provider selects the recipient to whom the data is transmitted.

2. If the service provider stores the material more than the time required then it is liable.

3. If the material is available by the service provider and not by the person.

4. If the service provider have the knowledge about the infringing material and it receives any financial benefit by it.

5. The service provider will be held liable for referring or linking users to an online location containing infringing material.

Limitation of service provider:

According to DMCA the service providers are not liable if the person initiates the transmission other than the service provider and modification is done on the material which is send by the user and if the service provider had not selects the recipient to whom the data is transmitted and transmitted material is not modified by the service provider. During transmission service provider stores the material which is known as system caching and it cannot store the material more than the time it is required, service provider is not liable for any monetary relief if they do not have the knowledge about the infringing material. The material is temporarily stored to increase the availability and reduce the response time and bandwidth and the whole process is carried out through an automatic technical process. DMCA also provides the limitation of liability when non-profit educational institutes are a service provider.

Anonymity in Cyberspace With Reference to India

noreply@blogger.com (Ankit) — Fri, 17 Oct 2014 17:30:00 +0000

In cyberspace our every action leaves traces and tells our way of life. We put our so much personal data on cyberspace so all these information compose our digital identity. Some of our personal information may be available even after the deletion of the data and it may accessible through mechanisms storage such as cached. Many people want to hide their identity while posting on cyberspace because they do not want to connect with the things which they posted on the cyberspace. They worried about political or economic revenge so because of this sometimes they want to hide their identity while posting on cyberspace.

So to communicate to these people they choose to communicate anonymously or pseudonymously. This type of communication is used for our political and social discourse.

There are some special and political groups who use the tool which provide and maintain the anonymity. While sending the mail to take advice about their disease and other thing, many people asked to remain anonymous because they don’t want to highlight their name. It is important for this kind of user who seeks to access sensitive information to remain anonymous, and it should be his or her right to do so.

Internet privacy protesters have developed a program known as anonymous re-mailer program by the help of which person can speech freely in the cyber world. By the help of anonymous re-mailer person can sends the e-mail and files to other person over internet. And this re-mailer also strips off the header part of the mail which tell where they come from. Re-mailer also uses the asymmetric cryptography which provides the better anonymity to those who want to speak in full privacy and also to whistle blowers who want to remain anonymous because of the fear of harassment. The anonymous re-mailer also doesn’t maintain the database of the addressee.

Now a day tracking the activity of user is main issue for government and private companies, business and political motivations are pushing on the development of monitoring and surveillance systems. If politicians oppose the anonymity in cyberspace due to disclosure of their activity so by this the monitoring is implemented by the government and its consequences for protester that have been tracked and persecuted thanks to the censorship.

Anonymity and Freedom of Expression:

Freedom of speech and expression are frequently conceived as right and interest of the person. Those who were in oppose of anonymous re-mailers or internet anonymity may fail to recognize the cost of such action to the online community in terms of fundamental rights. If the anonymity in cyberspace is restricted then it would negative impact on right to freedom of speech and expression over internet. Though freedom of speech and expression is not an absolute right under the Constitution of India and it may be restricted under clause 2. Anonymity is legal under Copyright Act it protects the anonymous writing. So people have right to speak anonymous over the internet or cyberspace in India, if it do not affect the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence.

Article 19 of Constitution of India says that –

“Protection of certain rights regarding freedom of speech, etc-

(1) All citizens shall have the right—

(a) To freedom of speech and expression;

(b) To assemble peaceably and without arms;

(d) To move freely throughout the territory of India;

(e) To reside and settle in any part of the territory of India”

And clause 2 of Article 19 of Indian Constitution says that –

“Nothing in sub-clause (a) of clause (1) shall affect the operation of any existing law, or prevent the State from making any law, in so far as such law imposes reasonable restrictions on the exercise of the right conferred by the said sub-clause in the interests of 4[the sovereignty and integrity of India,] the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence.”

Is Consideration Necessary For Contract?

noreply@blogger.com (Ankit) — Fri, 17 Oct 2014 17:19:00 +0000

An agreement between two or more parties which is enforceable by law is contract. Parties involve in the contract form a legal relationship to perform their task and if one of the party having the intention of fraud then this contract will become voidable. A contract is valid only when the object and the acts are legal Contract is also based on the offer and acceptance between parties. When one party is offering to perform any task and other party is accepting that offer then it becomes contract. According to section10 of Indian Contract Act, 1872 it stat that...

"All agreements are contracts if they are made by the free consent of parties competent to contract, for a lawful consideration and with a lawful object, and are not hereby expressly declared toq be void. Nothing herein contained shall affect any law in force in India, and not hereby expressly repealed, by which any contract is required to be made in writing or in the presence of witnesses, or any law relating to the registration of documents."

CONSIDERATION IN CONTRACT:

Consideration is the price for which the promise of the other is bought and the promise thus given for value is enforceable. Consideration is of three types one is past consideration, present consideration and future consideration. According to section 2(d) of Indian Contract Act, 1872 Consideration is When, at the desire of the promisor, the promise or any other person has done or abstained from doing, or does or abstains from doing, or promises to do or to abstain from doing, something, such act or abstinence or promise is called a consideration for the promise.

Elements of a consideration:

1. There must be bargaining between parties in terms of exchange.

2. There must be mutual exchange (both parties must get something from the contract).

3. The exchange must have some value.

IS CONSIDERATION NECESSARY FOR CONTRACT?

Consideration is the important component of contract the concept of consideration brings the evidence of bargaining for exchange as the intention to be legally bound. According to section 10 of Indian Contract Act, 1872, to become a contract consideration is mandatory element for an agreement. If there is no consideration in agreement then it will not become contract but on the other side section 25 of Indian Contract Act, 1872 says that agreement without considerations are void but there are certain exceptions to it –

“An agreement made without consideration is void, unless –

(1) it is expressed in writing and registered under the law for the time being in force for the registration of documents, and is made on account of natural love and affection between parties standing in a near relation to each other; or unless

(2) it is a promise to compensate, wholly or in part, a person who has already voluntarily done something for the promisor, or something which the promisor was legally compellable to do; or unless

(3) it is a promise, made in writing and signed by the person to be charged therewith or by his agent generally or specially authorised in that behalf, to pay wholly or in part debt of which the creditor might have enforced payment but for the law for the limitation of suits. In any of these cases, such an agreement is a contract.

Meaning of Bespoke Software and its Legal Liability

noreply@blogger.com (Ankit) — Wed, 27 Aug 2014 16:45:00 +0000

Bespoke word is come from England where it is firstly called to clothing which is tailor made or custom. In this modern era the term Bespoke is used in information technology where it is refers to custom products and services. Like in information technology the bespoke term is generally used in custom software which is known as bespoke software, this type of software is customized for specific function. For specific network the bespoke program has the tool to monitor the whole network and it also has custom accounting software for convinced business. Bespoke programs are vertical market software because it can be customized for particular purpose.

Now mostly business is going online through company’s website, so website is new area in computer industry where bespoke is used. The website which is customized by the client to suit his business needs is known as bespoke website. These types of website include custom features, layout and integration of database. The bespoke website takes longer time to develop and these website are also very expensive because they are customized by the client according to their requirement.

In computer industry bespoke is also used in hardware. There are many companies which provide the custom options to their client to choose the hardware configuration according to their requirement. Like some people requires additional ram to perform multiple task or run multiple program at same time and some people who are in video production field may requires high end graphics card. So this customization of hardware is referred as bespoke system.

The bespoke software accommodates the clients for their particular preferences and expectations. Software customization processes include various stages which include issues that are not including in terms and other issue is allowing all the possible hidden danger to be taken into account. For performing critical functions big firms or large scale companies uses custom software. These critical functions include management of human resource, inventory, content or customer. This bespoke software is legacy software, whatever the customer demands the developer fulfill the requirements.

Benefits of Bespoke software:

· The functions of bespoke software is design according to the customer requirement that how they want to operate it.

· The custom software can do what the customer want it to do and this type of software can also help to solve the problem.

· This custom software is easy to use because it is design according to customer requirement so the staff can use it easily.

· The bespoke software is created in which it can be easily integrated into the current configuration of the system and future system.

· Bespoke software is an asset to the business because the investment on bespoke software is unique to business and it also adding value to the company.

· In bespoke software the customer directly deal with the developer of that software so he can understand the importance of that software in customer’s business and he also give the high quality support to that software.

· The main advantage of bespoke software is that it can be changed or update as the business change to improve the performance.

· There are many successful industries which makes the bespoke software to serve the customer requirements.

· The bespoke software is explicit only to one business and it is unavailable to the competitor’s business. This feature can give the unique advantage to bespoke software.

Legal liabilities of bespoke software:

The legal liability of bespoke software is depending on agreement between both the parties, developer of the custom software and customer of that software. This agreement is known as software licensing agreement. It includes details of development of software, ownership, payment terms, training, maintenance, warranty confidentiality and etc. this agreement gives the relationship between the developer and customer. This agreement is also help to protect against the service related problems in future.

Liable for violation of contract:

While developing any software there is a contract between the customer and the developer or we can say seller. So in India if any one of them violates the terms which is written in the contract of bespoke software on which both of them were agreed upon, then that party is liable under the Indian Contract Act, 1872 for violating the contract between them.

It may happen that the bespoke software is functioning perfectly at the time of purchasing but after some time it causes some problem and unable to perform its task. In this case the contractual liability disclaimers by the vendors of the software may not be effective and customer cannot seek protection under Indian Contract Act, 1872 so to get the protection Sale of Goods Act, 1930 can play a role in that case.

Conclusion:

Bespoke software add value to the business as well as it also give the major advantage to business which the off the shelf software cannot offer. In bespoke software we have to pay more than the packaged software but the bespoke software is important asset to the business. As we understood what is bespoke software and what are their legal liabilities. In bespoke software the customer or developer can seek the protection under their software agreement. And if the customer wants to take protection if the software is not working properly then he can also take protection under the law.

Development of E-Commerce

noreply@blogger.com (Ankit) — Wed, 27 Aug 2014 16:43:00 +0000

E-commerce means electronic commerce or we can say it internet commerce by the introduction of E-commerce we can sale and purchase the goods and services and it also include the service and support after the sale of the product. The electronic commerce brings new way of shopping by the introduction of new technology to the business. But there are some fundamental business problems which face by the merchants since thousands of year that if you have something to sale then you have to make it known to the buyers of that product of goods and also have to deliver the proper service after the sale. So by the introduction of this new technology of internet commerce it gives the facility of advertising and distributing product information and it also enables the complete business transaction.

Zwass defines e - commerce as “The sharing of business information, maintaining business relationships, and the conducting business transactions by means of telecommunications networks” He pointed out that e - commerce includes not only buying and selling goods over

Internet, but also various business processes within individual organizations that support the goal. Four different types of information technology are converging to create the discipline of E-commerce:-

· Electronic messages, email and fax

· Sharing a corporate digital library

· Electronic document interchange utilizing EDI and electronic funds transfer

· Electronic publishing to promote marketing, advertising, sales, and customer support

Development of E-commerce:

The E-commerce was developed and came into existence in 1990’s. This new technology of buying and selling goods and service via internet is very new to the people. There is a problem of trust that time but now a day’s most of people go online for buying and selling goods and services because now E-commerce develop the trust among the people. The phase wise developments of E-commerce are as follows:

Development of E-commerce from year 1995 to 2000:

This was the first generation of E-commerce because the key concepts of e-commerce were being developed at that time and it was technological driven approach. The developments in this phase are:

Netscape version 1.1 was released on 6 March, 1995 which was the first GUI program to read HTML Tags. This plays major role to develop the E-commerce because it facilitates the graphical interface to the user so that they can easily access the E-commerce website.
In same year 1995 two major websites which were totally based on E-commerce was launched these website were Amazon and E-bay. These both website introduce online payment method.
Then in the year 1997 the Dell INC was launched this website contributes the development of E-commerce. The Dell Inc gives the customer to customize the configuration of computer and they directly sell the product to the customer without involving any mediator. By providing this facility Dell Inc becomes the first E-commerce website which cross the millions of sale of their product.\
In the same year 1997 most popular search engine launched named Google. Now a day the Google become the key source of the information of any product many E-commerce website uses some techniques to appear on the first page on Google search result. Google also give the rank to the entire website according to the traffic of that website.
In year 1999 file sharing software is introduce by the use of this software provides peer to peer file sharing service. We can share the file directly with the recipient without involving any third party in between. This peer to peer file sharing plays important role in development of E-commerce.

Development of E-commerce from year 2000 to 2007:

In this phase the development of E-commerce was different from the first phase as it was based on business driven approach. The main objective of the E-commerce website holder was to engage more traffic on their website and earn more profit from them. In this phase most of the people uses internet as compare to first phase there are more no. of users of internet because it is available easily to all in form of cyber cafes. The developments of E-commerce in this phase are:

· In year 2000 uses of E-commerce website used online payment by the use of credit card, debit card and etc. They directly give payment to the website for the product by secure connection.

· In December 2001 the “Goner” virus was discovered with an estimated damage of over Eight Million Dollars and due to this some of the E-commerce website shutdown their business.

· In year 2002 the most popular E-commerce website E-bay was acquire by PayPal.

· In year 2003 windows mobile was launched, which give the facility to access the E-commerce website on mobile.

· In year 2004 Payment Card Industry Security Standards Council (PCIDSS) was introduces which facilitates the secure payment on E-commerce website through debit and credit card.

· In year 2005 YouTube was launched and become the first digital music retailer.

Development of E-commerce from year 2007 to 2014:

This was the phase where the E-commerce is on its peek as of now. In this phase E-commerce industry has grown a lot. This phase mainly focus on providing the security while customers do transaction on E-commerce website. This phase was very changing phase in this phase E-commerce is now very demanding among the people. They use to do shopping online rather than go to the physical store because E-commerce reduces the shopping time. People can buy and sell any produce in less time. In this phase the E-commerce website develop the trust on their customer. Now the E-commerce website holders mainly focus to increase the traffic on their website by putting ads on social media websites and also by developing the attractive website or giving so many offers.

Authors Moral Rights in Digital Environment

noreply@blogger.com (Ankit) — Wed, 05 Mar 2014 15:34:00 +0000

If any literary, dramatic, musical or artistic work is generated by computer then the person who causes the work to be created is the author of that work and if he owns the copyright of his work then he got some rights by which he can protect his work from being infringe. In those rights moral rights of an author is very important right. Moral rights are personal rights which are granted to author who owns the copyright...

The categories of moral rights of author are:

The right of creation: This right facilitates the author to produce or demolish his own work.
The right of attribution of authorship: This right facilitates the author to be identified on his own work when it is communicate to public. The acknowledgement of the author is important if someone uses the work of others.
The right of integrity: This right facilitates the author to prevent his work from being altered or damage which affect the reputation of author or which destroying his original work.

In BILETA conference paper, Moral rights in the Digital Environment: “Authors” absence from Authors’ rights debate, Smita Kheria says that- However the digital environment not only brought opportunities for authors, but also came with threats to their personality interests. Moral rights, protecting such interests were faced in the digital environment with practical and conceptual challenges like concerns over definition and scope of such rights and wider questions going to the heart of moral rights doctrine being the bond between author and work in the digital environment.

CAN MORAL RIGHTS BE SOLD?

There is difference between moral rights and copyright, it is completely separate thing from copyright. Even if the copyright is sold or passed to other person the moral rights of author are still remains with him because it cannot be sold, waived or transferred to any other person.

Authors Special Right:

The authors special rights are define under section 57 of copyright Act, 1957 that is –

1. Independently of the author's copyright and even after the assignment either wholly or partially of the said copyright, the author of a work shall have the right-

a) To claim authorship of the work; and

b) To restrain or claim damages in respect of any distortion, mutilation, modification or other act in relation to the said work which is done before the expiration of the term of copyright if such distortion, mutilation, modification or other act would be prejudicial to his honor or reputation.

2. The right conferred upon an author of a work by sub-section (1), other than the right to claim authorship of the work, may be exercised by the legal representatives of the author.

HOW TO DEAL WITH MORAL RIGHTS OF AUTHOR:

To avoid the infringement of moral rights of author we have to follow these steps –

We have to always attribute the name of author and title of his work where it is reasonable and where his work or film is reproduced and communicated to public.
In case of musical or dramatic work attribute the name of author where the work is performed. This will protect his work from been infringed.
Do not alter, edit and adapt the film or work of author unless it is reasonable in circumstances.
Always take the author’s consent in written before doing such act which would infringe the moral rights of author.

CONCLUSION:

The issue of protecting the moral rights of the authors in digital environment has been the topic of discussion from a long time. As the technology is developing and changing, new methods to infringe the copyrighted materials are also developed. People use the work or film of author and infringe his moral rights. Once the work of author is made available online it is difficult to control its accessibility. We should ourselves determine that whether we want to respect the work developed by the author by his hard work or abusing it by accessing the infringed work.

Can A Bank Be Term As An Intermediary

noreply@blogger.com (Ankit) — Wed, 19 Feb 2014 06:27:00 +0000

The term intermediary is define in Information Technology Act, 2000 it is - With respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes...

INTERMEDIARY BANK:

Intermediary bank is a financial institution which acts as a facilitator between two parties for their different types of agreements like financial arrangement, contract of business, sale of property, loan or other agreements which require the payment guarantee to one party or to provide access to funding for completion of agreement.

Intermediary bank is a bank which act as a router, it is a pass through of any payment like when a person transfer money from his account to another person’s account then before it credit in to the recipient account first it goes to the intermediary bank and it holds the money until the receiving bank is available or it clears the payment. Intermediary bank acts on behalf of beneficiary bank because any payment is firstly reaching to it then after it is credited in to the recipient’s account.

Figure (a)

The above diagram shows flow of money from your (sender’s) bank to recipient bank. In this first the sender transfer the money to recipient so before the money reaches to recipient it first transfer to intermediary bank and if there is more intermediary bank then it transfer to them then it goes to the recipient’s bank and then the recipient bank credit it in to his account.

FINANCIAL INTERMEDIARY:

Financial intermediaries include a large number of entities in terms of scale and size of operation which is vary from a brokerage of small insurance to huge universal institutions that offer a complete range of financial services including management of asset, commercial and investment banking.

Some areas such as advances in technology and investing the money, threaten to remove the financial intermediary, a fact known as disintermediation. For example, by the introduction of online brokerages system resulted as many of the investor directly investing in the markets and bypasses the traditional full-service brokerages. Disintermediation is much less of a threat in other areas of finance such as banking and insurance.

As we discuss above the term intermediary and intermediary bank, it can said that yes bank can be term as an intermediary because bank is acts as a facilitator between two parties for their different types of agreements which require the payment guarantee to one party or to provide access to funding for completion of agreement.

Facebook Law and Privacy Issue in India

noreply@blogger.com (Ankit) — Sun, 02 Feb 2014 18:15:00 +0000

The purpose of this research is to identify the privacy issues of facebook and the Indian law of facebook. The first phase of the project involves the introduction of facebook, privacy issues and policy of facebook and then the second phase involves the law of facebook in India. In this we also discuss about the offences related to facebook and also about the punishment which comes under those offences, so by this users can know which type of content they can post, comment or message on facebook.

Download Paper From Here

Legal Consequences of Online Defamation in India

noreply@blogger.com (Ankit) — Sun, 02 Feb 2014 18:12:00 +0000

As the use of electronic medium like emails, social networking sites and other discussion groups is increasing day by day to convey our thoughts and information in our daily life; peoples are sharing their views and thoughts via them. Politicians are using them as a way to increase their popularity and propagating their parities as well as these sites is becoming a platform of online defamation. As it is always said that there are two faces of a coin so we can use social media in creating a change in our social life also it can be used as platform to destroy the reputation of anyone. The sting operations and posting the cartoon images of someone can be taken as an example of it. In this project I have tried to cover the online defamation, how they take place and what are its legal consequences in India.

Download Paper From Here

Types of Hackers and Disclosure of Vulnerabilities

noreply@blogger.com (Ankit) — Fri, 24 Jan 2014 17:55:00 +0000

In Information security vulnerability means any loop holes to the security by which attacker may exploit that defect on programming error and get the access to the computer or servers. After successfully exploit the attacker can violate the integrity of that system, access the confidential data and also he may modify it for the harm of reputation of any organization.

Vulnerability is also referring to the weakness in the computer system, weakness like any system without any type of security or any weak point from where attacker can exploit it, attackers always searching for the weakness and loopholes to exploit them and get access to the victim’s computer or server. Different types of weakness are technology weakness, configuration weakness and security policy weakness.
Some information security experts also searches for the vulnerability in any software and servers to protect the customers or clients who use it. After finding the vulnerabilities the information security expert disclose it openly then as these vulnerabilities become known, software publishers develop "patches", "fixes" or "updates" that you can download to fix the problems.
Open disclosure of vulnerability is good because if we do not disclose the vulnerability then it would be unsure that the security process is improved or not because after the disclosure of vulnerability the publisher of that software develops the patches for that vulnerability. Without open disclosure it is like we found the vulnerability and do not disclose it to any one and this turns into security through obscurity which is not good so open disclosure of vulnerability is good for the security. Due to this the vendor of the software is always trying to create more secure software because they are under the watchful eye of public.
There are many types of hackers like white hat hackers, black hat hackers and grey hat hackers so open or full disclosure of vulnerability gives typical positions to these hackers. If it is beneficiary for someone then it could also be harmful to someone. Some take advantage of full disclosure of vulnerability and some people have to remove it as soon as possible. So these types of typical positions arise while open or full disclosure of vulnerability in information security.

Types of hackers:

There are three types of hacker -
· White hat hackers
· Black hat hacker
· Grey hat hacker

White hat hacker:

He is the information security specialist who tests the security of computer by breaking the protected system and access the security. White hat hackers always try to improve the security by exposing the weakness or vulnerability before those unauthorized person who find the vulnerability and exploit it. White hat hackers have permission to perform hack and find the vulnerability against the organization.

Black hat hacker:

He is a person who searches for vulnerabilities or any type of security flaws and exploit them to harm or to perform other malicious activity. They are different from white hat hacker who perform hack to find the security flaws and vulnerabilities that black hat hacker may exploit. Black hat hackers can cause harm on both individual computer users and large organization by stealing financial information, by modifying the content of websites.

Grey hat hacker:

He is a person who knows the hacking techniques and performs the activity of hacking to show off their skills. He is differ from white hat because they perform the hacking activity without permission or illegally and he is also differ from black hat hacker because they do not perform the hacking activity for personal gain but they perform hack just for show off purpose. He is the mixture of black hat hacker and white hat hacker because some time he perform hack for good reason and some time he do it with malicious intension.

Typical position of hackers in full disclosure of software problem:

Position of white hat hacker:

The position of white hat hacker in full disclosure of software problem is the white hat hacker have to check the security and find the vulnerability and full disclose it, after disclosing it the software publisher have to develop the patch of that vulnerability and after developing the patch he have to distribute this patch as soon as possible otherwise the black hat hacker may exploit that vulnerability and get the unauthorized access. So the position of white hat hacker is to check the security and that vulnerability time to time and protect the customers and client of the organization from being hacked.

Position of black hat hacker:

The position of black hat hacker in full disclosure of software problem is the black hat hacker is always searches for the vulnerability to exploit it and after full disclosure of software problem he can get the details of the vulnerability on that particular software so it become easy for the black hat hacker to attack on the software because after getting the vulnerability the he may exploit it easily. But he can exploit that vulnerability prior to patches or new version of software being made available in market place because the software publisher have to fix that vulnerability as soon as possible to protect their client.

Position of grey hat hacker:

The position of grey hat hacker is very sensitive in full disclosure of software problems, the grey hat hacker can do anything like he can make the patch and fix the vulnerability and inform the software publisher that how to fix that problem or he may exploit the vulnerability. The grey hat hacker can perform the role of black hat hacker or white hat hacker because he is hybrid of both.

Summary:

The open disclosure of vulnerability is good because the security process is improved through it and the developer always tries to develop secure software because they are under the watchful eye of public. The white, black and grey hat hackers have different typical position in full disclosure of software problem they can develop patch or exploit that vulnerability but if the new patch and newer version of software is available in market of the problem in the software then these hackers have to find the new vulnerability in that software.