privacy and trust in virtually slide

8/8/2019 Privacy and Trust in Virtually Slide

http://slidepdf.com/reader/full/privacy-and-trust-in-virtually-slide 1/44

PRIVACY AND TRUST IN VIRTUALLY

ON SOCIAL NETWORKING



INTRODUCTION

Social networking sites are a type of virtual

community that has grown tremendously in

popularity for over the past few years.

Type of social networking

Facebook MySpace Friendster

LinkedIn Ning Plaxo



MAIN PURPOSE

Communication

Making Relationship



USERS’ CONTROLS OVER THE PRIVACY ON THEIR

INFORMATION AND PRIVACY CONTROLS ON SOCIAL

NETWORKING SITES.

This is one of the major concern on social

networking services.

People’s complaints about social networking

sites indiscriminately distributing their

personal data on the Web are unconvincing

when they have already made an explicit

choice to expose that data in a public space.



o With expectations that these services will respect user

intentions, they publish their information.

o

Different social networking sites give users different rights foreach data type.

o Eg Facebook

• provides complete privacyOnly Me

• permits an explicit list of people to access the

ObjectSome Friends

• permits all friends to access the Object—of course,

implying friends within the Facebook networkOnly Friends

• broadens access to all of a user’s

friends, plus friends of their friendsFriends of Friends

• makes the Object completely publicEveryone on

Facebook



Although Facebook has

modified their privacy settingbut it still looks like the site

provides control at the wrong

level of granularity. The

categorization of Friends,

Friends of Friends, and

Everyone is too coarse, but

the ability to specify a list of

individuals is too fine.



•

It's also clear that users should have differentrights with respect to each data type.

• We should be allowed to export, change, and

delete disclosed data, even if the social

networking sites don't want us to.

• It's less clear what rights we have for

entrusted data, and far less clear for incidental

data.



TRUST IN THE SOCIAL NETWORKING SITES AND TRUST

IN OTHER MEMBERS ON SOCIAL NETWORKING

Facebook and MySpace will be an example as

a study about comparison between Facebook

and MySpace have been conducted and

presented at Americas Conference on

Information Systems (AMCIS) 2007



MySpace

• MySpace members are more experience using the siteto meet new people.

• In other word making new relationship developmenteven though MySpace have weaker trust result in thisstudy.

• This show that MySpace members have confidence intheir capacity to evaluate others and true is not asnecessary in the building of new relationships.

• The ability to ignoring messages or blocking accessminimizes the risk exploring online relationships.



FACEBOOK• Facebook members are more willing to share identifying

information; they are exposing to the identity thief

• In late 2009, Sophos conducted an experiment to see how

easy it can be to steal vital personal data from Facebook users

by creating 2 fake accounts.

• RESULTS

• In the hands of an identity thief, this valuable information can

be easily exploited

46% of users accepted the friend requests even though the owners of

the Facebook accounts are strangers for them.

89% of the friended users in their 20s reveal their full birthdate on

their profile.



Best Practice on Security Recommended by

Sophos For Facebook Users

Disable options, then open them one by one.

Show “limited friends” a cut-down version of your profile

Think carefully about who you allow to become your friend

Read the Facebook guide to privacy

Adjust Facebook privacy settings to help protect your identity



TRUST IN ONLINE SELLING ON SOCIAL NETWORKING

In the grand scheme of online marketing, the catchphrase “People Trust

People” is a foundational principle. We can see many advertisements at the right side of the Facebook page.

Most of these advertisements are about online marketing on selling their

products

Users of Facebook also create the accounts to sell their product which

they update the new product, information of the product, and picture of the product easily

The main problem is the users trust on this kind of marketing

Some users that they have been lied by those owner of the Facebook

account that sell product such as clothes, watch, and others.

.This will give effect to others people or company to do this kind of

marketing as people start to distrust this kind of marketing



Ways to gain trust from users if making online

marketing on social networking.

• Get verification from Trust Guard

One of their products provided to on-line businesses is their Security

Verified Seal. The seal shows online consumers that the site they are

patronizing has gone through various steps to verify to the general public

that they have a valid SSL and that consumers will be able to locate them if

ever there are issues.

• Get verification from Shopper Approved.

Shopper Approved social proof which brought us the proof in the form of

testimonials and ratings (from 1-5) from previous consumers.

• Having an active presence within social networks provide an ideal way for

buyers and sellers to build genuine, personal relationships with each other

from which trust, loyalty, and advocacy can grow.



•Facebook “Like” Button

As a conversion expert

Charles Nicholls said that theimpact of the Facebook "Like"

button cannot be

underestimated. It is

becoming an "index of

content on the web, where

the index is built based onmass popularity, as opposed

to an arbitrary Google

algorithm," said Nicholls. As

such, its importance has

implications not only where

social media is concerned,but for search engine

marketing as well.



FUTURE INTERNET



Meaning

Future Internet is a summarizing term for

worldwide research activities dedicated to the

further development of the original internet

Internet has become essential for enabling data

information and flow exchanges all over the

world enabling in turn a wide range of

applications and services. Future Internet socio-economics studies the

relationship between any sort of economic

activity and the social life of users



Advantages

Communication

• Communication will be faster and reliable.

Information

• Any kind of information on any topic under sun isavailable on the Internet.



Service

• More service provided such as online banking, job seeking

Entertainment• There are numerous things that can be found. Music,

hobbies, news can be found and shared on the Internet.



Ecommerce

• Ecommerce is the concept used for any typeof commercial maneuvering, or business

deals that involves the transfer of

information across the globe via Internet



Virus threatVirus is nothing but a program which disrupts the normalfunctioning of your computer systems. Computers attachedto internet are more prone to virus attacks and they can endup into crashing your whole hard disk, causing youconsiderable headache.

Pornography:This is perhaps the biggest threat related to your children’shealthy mental life. A very serious issue concerning the

Internet. There are thousands of pornographic sites on theInternet that can be easily found and can be a detrimentalfactor to letting children use the Internet.



E-COMMERCE



what

E-commerce is the buying and selling of goods and services on the Internet, especiallythe World Wide Web.

E-commerce can be divided into: E-tailing - sites with online catalogs, sometimes gathered

into a "virtual mall

Electronic Data Interchange (EDI), the business-to-

business exchange of data

E-Mail and fax and their use

Business-to-business buying and selling

The security of business transactions



e-commerce

E-tailing

• sites withonline

catalogs,sometimesgathered intoa "virtual mall

EDI

• ElectronicData

Interchange• business-to-

businessexchange of

data

E-Mail & Fax

• use as mediafor reaching

prospects andestablishedcustomers(for example,

withnewsletters)



Business-to-businessbuying and selling

• Web provides notonly a 24-hour-a-dayshowcase for theirproducts but a quickway to reach theright people in acompany for moreinformation.

E-Mail, Fax, andInternet Telephony

• Most of this is

business-to-business, with somecompaniesattempting to use e-mail and fax forunsolicited ads

(usually viewed asonline junk mailor spam) toconsumers and otherbusiness prospects.

Security of BusinessTransactions

• ontrolling access toresources such asWeb pages forregistered orselected users,encryptingcommunications,and, in general,ensuring the privacyand effectiveness of transactions.



Best practise

Web server access

* Ensure no update orwrite access

User authentication

* Customers must be

identified throughthe use of a User IDand password

Session security andtimeouts

* can be misused to gainaccess to a customer'saccount.

Content management

* no erroneousinformation

Redundancy

* improve the availabilityof the E-commerce-supporting systems



Privacy policy

• Lack of a privacypolicy may result inlitigation

Physical security

• could result inunauthorizedchanges to thesystems.

System andconfiguration file

security

• could result inmodifications byunauthorizedpersonnel



What is internet banking??

Online banking orInternet banking

provides a fast andconvenient way of

performingcommon and allows

customers toconduct financialtransactions on a

secure websiteoperated by their

retail or virtualbank, credit unionor building society.

The concept of Internet banking

has thus become arevolution in the

field of banking andfinance.

If you have acomputer with

Internet access, aweb browser and a

registered accountfor Internet bankingfrom your banking

institution, you’ll beable to do your

banking from thecomforts of home,

office or virtuallyanywhere else in the

world.



History!!

concept

• The concept of Internet banking has beensimultaneously evolving with the development of theWorld Wide Web.

1980

• .Programmers working on banking data bases cameup with ideas for online banking transactions, sometime during the 1980's.

1983

• In 1983, the Nottingham Building Society, commonlyabbreviated and refereed to as the NBS, launchedthe first Internet banking service in United Kingdom.



Advantages…..

*The account holder does nothave to personally visit the bank.

*With the help of Internetbanking many transactions canbe executed by the account

holder.

*When small transactions likebalance inquiry, record of recent

transaction, etc. are to be

processed, the Internet bankingfacility proves to be very handy.

People can

expend theservicessitting athome, totransact

business.



Cont. advantages

Bouncing a checkaccidentally should be athing of the past because

you can monitor youraccount online any time,

day or night.

*You can track yourbalance daily, see what

checks have cleared and

when and know whenautomatic deposits and

payments are made.

*This is all possible bysimply going online tothe banks website and

logging into youraccount.



Disadvantages…

*In addition to this, a few cases of forgery have been reported in online

banking.

*There are some fraud or proxywebsites, which can hack

information (user name andpassword) entered by a person for

some transaction, and later misuseit.

* In such cases, people lose theirmoney without knowing and by the

time, they get the bill, huge losesmay have been incurred.

Security concerns,like "hackers"

accessing your bankaccounts.



Cont. disadvantages

Lack of trust

*Let's face it, many people stilldon't trust the internet.

*For the new users who haveperformed financial transactions

for only a few times, they may stillhave this doubt whether or notthey did the right thing such as

clicked the right button and so on.

*They can only be comfortableonce they print the transaction

receipt and the transactionappeared on the bank statement.



Cont. disadvantages

Securityfraud

*Many people shy away from internetbanking because of the security threat.

*They can't help but worry about this

aspect what with news on fraudulent banktransactions that pop up every now andthen.

*However, this should not be a problemas banks that provide internet banking

services prioritize security above anythingelse.

*Since they value their customers, theyalways use the most advanced securitytechnology in protecting their websites.



Suggestion..

To prevent online banking from remainingan expensive additional channel that doeslittle to retain footloose customers, banksmust act quickly

The first and most obvious step they should

take is to see to it that the basic problemfueling dissatisfaction has been addressed



Cont. suggestion

After repairing this basic deficiency,banks must ensure that their servicesare competitive

Obviously, it should include checking,

savings and brokerage services, whichanchor customers to the institution.



PRIVACY AND TRUST IN

VIRTUALLITY WHILE USING

EMAIL



E-mail systems are commonly used due to :1)simplicity2)flexibility3)low costs for their implementation and usage.

This systems suffer problems caused by fragilities inthe protocols involved in the communication. There are problems concerning the absence :

1)robust mechanism for sender authentication2) poor confidentiality

3)integrity mechanisms for message delivery4) lacking of a consistent reputation mechanism forusers5)e-mail servers.



1. THREATS TO E-MAIL SYSTEMS

The main techniques are based in trustful and non-trustfulservers’ lists, or in scanning received messages to find suspectcontent which are:

• Black Lists: distributed RBL (Real-time Black hole Lists) servers

keep lists of IP address from spam spreaders or sources, whichcan queried through DNS to verify the sender trustworthiness,• White Lists: each e-mail server can keep a list of trustedsenders; this list is commonly managed through a web basedacknowledging mechanism. A variant of this approach is greylisting, in which the list of trusted senders is dynamically built

and managed;• Message Filters: these are programs that filter e-mails accordingto their contents, using statistical techniques,Bayesianclassification, neural networks, header analysis.



2. SENDER AUTHENTICATION

The first step in e-mail security is senderauthentication.

It aims to guarantee that the source of a

message is surely known There are manytechniques have been

developed with this goal which are:1)PGP (Pretty Good Privacy),

2)SPF (Sender Policy Framework),3)SenderID4)DKIM



3. ARCHITECTURE

The system architecture use concepts of trustnetworks, anti-spam tools, anti-virus tools,and an authentication model to build a trust

management system among e-mail servers(Mail Transport Agents - MTAs).



• SMTP Server: responsible for messagesreception; it implements the SMTP protocol.

• Sender authentication: implements a domain

authentication method, like SPF or DKIM. • Anti-spam and anti-virus: classifies messages

legitimate or malicious. The filter results areused by the trust management system.

• Trust management system: maintains trustinformation about outside servers, according tothe messages received from them.

privacy and trust in virtually slide

Documents