Pervasive Computing in Security Essay Example | Topics and Well Written Essays - 1750 words

Pervasive Computing in Security - Essay Example Authentication is the process of proving that you are who you say you are and establishing proof of identity. Authentication can be achieved through the use of passwords, smart cards, biometrics, or a combination thereof. People are the next most important security component. Often, people are the weakest link in any security infrastructure. Most corporate security relies on the password a user chooses. If the user chooses his or her first name as the password, the time, energy, and money spent evaluating, purchasing, and implementing security solutions go out the window. Numerous methods exist to gain access to a system. Social engineering preying on the weakest factor in any security infrastructure, the human-is one of the most successful methods. From pretending to be a helpdesk worker and asking users to change their passwords, to dressing up as the copy machine repair technician to gain physical access to a building, social engineering is effective in gaining access to an organization's systems. (Andress, 2003) Other methods include trying to guess username and password combinations and using exploits in operating systems and applications to gain access to systems. Some common exploits include buffer overflows, Windows exploits, and Web server application exploits. The most popular tool for information theft attacks is the network sniffer. With a sniffer, an attacker monitors traffic on a network, usually looking for username-password combinations. (Andres, 2003) The use of sniffers is known as a passive attack because the sniffer's snooping does not require any action on the part of the attacker. Active attacks, on the other hand, do require action. Examples of active attacks are "dumpster diving" or calling up an individual at a target company and asking for information. Security Awareness Security awareness can be provided at the utmost by conducting seminars and awareness campaigns. Such campaigns work well in explaining topics like password selection, screen locking, document labeling, and physical (door) security. Posters, e-mails, screensavers, and mouse pads printed with security tips and expectations help provide day-to-day reminders. Some companies even establish security incentive programs for their employees. Multifactor Authentication The three major types of authentication which are commonly used now a days are: Something you know-personal identification number (PIN), password. Something you have-SecurID, smart card, iButton. Something you are-that is, some measurable physical characteristic of you, such as fingerprints

Psychological Testing Essay Example | Topics and Well Written Essays - 2750 words

Psychological Testing - Essay Example There is no physician or psychiatrist at the end of these assessments. Only a paragraph or two stating that because of the answers of a specified number of questions, the person taking the quiz is or is not depressed, happy, etc. The concept of fun online surveys is great. Take a test to find a person's "RealAge" (Buchanan, 2002; Buchanan, 2003; Live Life to the Youngest with RealAge) or knowledge of books and movies, or even what job is the best, plus there are thousands more. The developers of these web sites that deal with medical issues create a very small medical disclaimer, usually at the bottom of the page, stating that the tests are for fun, and if a person has a true concern, medical attention is advised. This covers the developer, but allows for hundreds of thousands of people to take his/her word as the word of the doctor (Buchanan, 2002; Buchanan, 2003; Live Life to the Youngest with RealAge). Online surveys, if answered truthfully, could possibly lead to help people who think they may be depressed. For these people there is no differentiating a good and healthy test or quiz with an online game. These people could be misdiagnosed, or even worse, given a treatment that does not work and is potentially dangerous (Buchanan, 2002; Buchanan, 2003). This is the basis for which all new clinical studies should be considered. The majority of people in most western civilized countries will take these online tests and take the results as if from a real doctor. It is therefore important to analyze the differences between the games and the real questionnaires. The reliability, validity and statistically analyzed data need to be better understood by both the public and physicians to ensure the person/patient is not receiving incorrect information. Everyone must be diligent in this area and work harder to standardize the online and clinical questionnaires to build a broader base for data collection. Literature Review Even with the internet being fairly new in the last 20 years or so, there are more tests for personality and such on the internet than in most hospitals. Many of these are placed on websites that are not secure, are not authorized by any type of psychologist, psychiatrist or physician (Buchanan, 2002; Buchanan, 2003; Buchanan, Johnson, & Goldberg, 2005). But before the discussion turns to the website, the tests themselves need to be considered. When conducting any test, it is important to have the foundation of the population that will be tested as well as some basic norms to be used in the evaluation process. From these norms come labels or concepts that are often associated with web-surfers. In a comparative study on the preconceptions of internet based tests (Gosling, Vazire, Srivastrava, & John ,2004). The study listed six ideas, but for the purpose of this study, only a few will be considered. The first is the idea that the internet will not be as diverse as traditional methods of research. The group stereotyped internet users to be computer techs or loners (Gosling et al, 2004). These stereotypes did not necessarily coincide with previous research on the subject. In fact, the volunteers who take the online test are quite diverse and located around the