Computer Security, Research Paper Example

Introduction

It is the twentieth century where improved communication technologies are inventing one after another. Internet has become a powerful and interactive carrier providing extensive activities and web services. Organizations expand their resources with the help of Internet. Websites are created for informational purposes, advertisement, online shopping etc. In the modernized countries, Internet is utilized for education, electronic shopping, blogs, social networking and information.

Even today where every technology interrelated to Information technology involves the dot com phenomenon; Internet is relatively an evolving field which is persistently changing. New fields are emerging from Internet, Wu and Hisa describes it as “Internet-Enables Commerce (I-commerce) and mobile commerce (M-commerce) is based on developments pertaining to the Internet and on prior technological innovations arising from the combination of telecommunication, and organizational computing”. Generally the business functions and processes which involves electronically and digitally within the organization are referred as E business. The web users provide a lot of personal information on E commerce enables websites and services in order to register, purchasing a product or service. The privacy of this information which is provided by the user on the website needs to be protected. The personal information has enormous vulnerabilities and financial security threats. The personal information may include credit cards and bank account numbers etc. The privacy policies of websites do not satisfy the users for disclosing their personal data. There is no assurance for the security of the personal data of the web users. This is one area which needs research, for providing a mechanism for securing data Privacy policies are used by web services for the ease of the privacy concerns of their clients and adhere to legislative measures, stating what they would do or not with the personal information of their clients.

Research has been done in the past for evaluating data privacy issues. The technology web services were implemented in this context. Web services architecture working group ‘W3C’ defines it as “a software application identified by a URI, whose interfaces and bindings are capable of being defined, described, and discovered as XML artifacts. A Web service supports direct interactions with other software agents using XML-based messages exchanged via Internet-based protocols”. The ‘P3P’ is the organization developed by the worldwide Web consortium (W3C). It works for the website users to gain control over the information they provides. ‘P3P’ do not guarantee the defense of private data provided by the user to any website. For all the organizational bodies, no one is bound for performing activities related to website data security.          A mechanism is required which will be mandatory for every website or organization to follow. One more research was conducted, a “Trust worthy web services provisioning for differentiated customer service” was a proposed solution of the issue (Xiong and Perros 171-185).

A recent research has been conducted in the year 2010 for addressing this issue, framework consisting of web service negotiation by a negotiation message and a negotiation protocol between two parties. (State machine based formalism) is used for defining the high level support of data flow and privacy in web services. This technology is based on “Semantic Web”. The semantic web is a visionary venture aiming to endeavor advanced usability and creativity of the web by involving the computing equipments to read, search and recognize the web contents of web documents to accomplish tasks using automated agents and web based services (Kay 32-32).

Technical Description

Privacy Model

The privacy model will consist of

Data-Right

Access right will be already allocated to him to make changes, before doing any activities on data,. There will be two types of actions, any service activity completion for the current purpose for which the action was provided and donated by ‘OP CURRENT, the other action that will be used by the service for performing other activities and is donated by ‘OP EXTRA ACTIVITY’.

Data Obligation

Data obligation is performed by the website service provide when operating the personal data of the web user

Extended W-S Agreement

The extended W-S agreement complies with the web service providers meeting the guarantees interconnected to the services they develop. The web servers will also provide the undertaking to defend the private information of the customers. There is a requirement of signatures from both the parties on an agreement, the web services provider and the customer. The current W-S structures do not sustain the data model. The features of the update process in runtime are not supported by the current privacy model.

Privacy Agreement

To deal with the privacy concept a logic mechanism is provided. The initial step is to represent the model which shows the flow of the personal data from the web user or customer. The set of operations is carried out to tackle it.

Agreement Negotiation Protocol

The agreement between the web service providers and the customer will not be a manual procedure as this functionality will be integrated on the Internet. Protocol is required for implementing this methodology. The Address Resolution Protocol (ANP) will be used for this rationale. ANP supports negotiation language and it was built earlier.

Certain actions are required from both the customer end and the service provider end in order to complete the negotiation and agreement process. The customer will be notified by the web services provider on a certain period of time, to start the negotiation process. A privacy statement proposal will be presented to the customer to accept or reject the proposal. If the customer rejects the proposal, justification is required for the rejection so that the web service provider can evaluate the criteria best suited for the customers.

Implementation and Architecture

An infrastructure or platform is required for the management and evaluation of the proposal. For this purpose, an implementation of the framework is required. The framework will assist the service provider to conduct a negotiation process with ease. The customers will be allowed only to ‘accept’ or ‘reject’ the proposal

Reflection on the Research

This technology reflects a logical thinking of the issue of data privacy. The Semantic web and a dynamic Data privacy model for web services were interesting area under discussion. Semantic Web is the contribution of computing equipments in the processes associated on the web triggered by agents.  Enormous amount of research is in process related to Semantic web and ambiguous computing. Every website has the label named as “Privacy” but one cannot guarantee for the use of personal data as there is no acknowledgement from the user of any kind. This technology is a unique one, as the awareness of data privacy issues is increasing. If the web users do not trust the website, they will not visit the website. There are so many threats associated by providing information to the online web services. There was some difficulty in understanding the framework of negotiation with the web services provider and the customer. This can be understood by providing a logical interface within the website. The customers can accept or reject the proposal, providing justification of the rejection. For under the material which was difficult, I conducted a quantitative research and a self directed learning. The quantitative research is a process in which many researches and contributions are collected from different articles and journals. The focus on the subject is an essential part of the process. The subject has been understood easily after reviewing several articles of the same research provided by different scholars.

References

Hassina Meziane and Salima Benbernou. 2010. A dynamic privacy model for web services. <em>Comput. Stand. Interfaces</em> 32, 5-6 (October 2010), 288-304. DOI=10.1016/j.csi.2010.02.001 Works Cited

Kay, Russell. “Semantic Web.” Computerworld 40.9 (2006): 32-. Print.

Xiong, Kaiqi, and Harry Perros. “Trustworthy Web Services Provisioning for Differentiated Customer Services.” Telecommunication Systems 39.3 (2008): 171-85. Print.

Jen-Her, Wu, and Hisa Tzyh-Lih. “Developing E-Business Dynamic Capabilities: An Analysis of E-Commerce Innovation from I-, M-, to U-Commerce.” Journal of Organizational Computing & Electronic Commerce18.2 (2008): 95-111. Computers & Applied Sciences Complete. EBSCO. Web. 8 Nov. 2010.