Featured Research

from universities, journals, and other organizations

High Stakes In Business-To-Business Online Transactions Prompt Research To Enhance Information Security

Date:
March 22, 1999
Source:
Georgia Institute Of Technology
Summary:
While the security of the average consumer's online transactions grabs the public's attention, researchers at the Georgia Institute of Technology are studying electronic commerce with more far-reaching consequences.

While the security of the average consumer's online transactions grabs the public's attention, researchers at the Georgia Institute of Technology are studying electronic commerce with more far-reaching consequences.

"The largest chunk of electronic commerce, an estimated $800 billion a year by 2003, is conducted business to business," said Dr. Blaine Burnham, director of the Georgia Tech Information Security Center (GTISC). "That's where the consequences of information system failure are highest and where GTISC can make the largest contributions."

Burnham believes business-to-business electronic commerce deserves the attention of researchers because breaches in its information security could greatly affect everything from airline and rail travel to power generation to manufacturing. And the same technologies that affect security of business-to-business online transactions also apply to the consumer world.

"As businesses become more reliant on electronic commerce, they are becoming very susceptible to failure in their information systems," he warned. "These disruptions could have a fairly significant effect."

For example, manufacturers adopting lean manufacturing practices are moving away from warehousing large stocks of parts. They order parts electronically for "just in time" delivery to assembly lines. Disruption of the information system would halt assembly lines and cost factories millions of dollars.

"Historically, information security meant to protect and confine information," Burnham said. "Now, the emphasis is on making sure the information is correct, or authentic, and timely."

GTISC researchers are addressing technical issues related to this shift in emphasis, developing programs to detect external attacks and manage the tradeoff between system performance and security. Policy studies address sources of information security breaches and the importance of information security to economic growth.

"We want to make information systems more reliable," Burnham said. "They must be more robust and able to deal with malicious, as well as accidental, disruptions."

Detecting Attacks with Neural Networks

While internal attacks on information security are actually more widespread, the threat of external attacks by hackers is very real and quite complex.

"The individual creativity of attackers, the wide range of computer hardware and operating systems, and the ever-changing nature of the overall threat to targeted systems have contributed to the difficulty in identifying network system intrusions," said Jim Cannady, a research scientist at the Georgia Tech Research Institute (GTRI).

Cannady is using the power and flexibility of artificial neural networks — which are capable of learning from their experiences — to detect both known and new types of external attacks. Neural networks consist of collections of processing elements that are highly interconnected, each transforming a set of inputs to a set of desired outputs.

In a neural network demonstration project called SENTINEL, Cannady is developing an intrusion detection system that identifies not only previous types of attacks, but new ones — something current rule-based systems cannot do. The system gains experience with each effort so that it "learns" the characteristics of attacks. That should allow the system to eventually predict attacks and monitor activities, collecting information for responses to attacks and the prosecution of those behind them.

Information Security Trade-offs

Tradeoffs must be made between information security needs and application performance. Security computations consume processing resources, affecting the performance of shared, collaborative, real-time and electronic commerce programs. As a result, host computers often cannot handle Internet applications that require high levels of security.

Dr. Karsten Schwan, a professor in the College of Computing, and Ph.D. student Phyllis Schneck have addressed the problem with adaptive security protocols that adjust to changes in security requirements and computing resources.

"Our mission is to address performance versus security tradeoffs by adapting to the constantly changing availability of computation and communication resources," Schneck said. She and Schwan conducted the research with Dr. Santosh Chokhani, president and CEO of CygnaCom Solutions, an information security company in McLean, Va.

"We want to provide an on-line management of these resources over time," Schwan explained. "The goal is to reduce overall risk by borrowing available security processing resources on one communication stream to 'lend' to other application streams that may currently be lacking."

Schwan and colleagues have developed a suite of dynamic authentication heuristics (exploratory problem-solving techniques) to help achieve high levels of security with scarce computation resources. The suite optimizes use of host computer resources, while providing appropriate levels of security and providing feedback to users when changes are made.

A Georgia Tech Research Corporation patent is pending on the suite. The technology will be licensed to a company that Schneck is starting.

Economic Impact & Policy Studies

Issues such as defining the standard for information security represent the theoretical side of the problem, said Dr. Philip Enslow, a professor in the College of Computing.

"Security systems operate in an environment created by government regulation, criminal law and the mores of society," he said. "These are political issues that are important to business, society and government."

Educating stakeholders about security issues is Enslow's focus. He wants to emphasize the importance of information security to economic growth.

"There's been a lot of focus on the Y2K problem, but after it is dealt with, I think more businesses will start to realize that their economic survival depends on the security of their information," he added.


Story Source:

The above story is based on materials provided by Georgia Institute Of Technology. Note: Materials may be edited for content and length.


Cite This Page:

Georgia Institute Of Technology. "High Stakes In Business-To-Business Online Transactions Prompt Research To Enhance Information Security." ScienceDaily. ScienceDaily, 22 March 1999. <www.sciencedaily.com/releases/1999/03/990322061918.htm>.
Georgia Institute Of Technology. (1999, March 22). High Stakes In Business-To-Business Online Transactions Prompt Research To Enhance Information Security. ScienceDaily. Retrieved July 30, 2014 from www.sciencedaily.com/releases/1999/03/990322061918.htm
Georgia Institute Of Technology. "High Stakes In Business-To-Business Online Transactions Prompt Research To Enhance Information Security." ScienceDaily. www.sciencedaily.com/releases/1999/03/990322061918.htm (accessed July 30, 2014).

Share This




More Computers & Math News

Wednesday, July 30, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

It's Not Just Facebook: OKCupid Experiments With Users Too

It's Not Just Facebook: OKCupid Experiments With Users Too

Newsy (July 29, 2014) — If you've been looking for love online, there's a chance somebody has been looking at how you're looking. Video provided by Newsy
Powered by NewsLook.com
Why Facebook Wants You To Download Its Messenger App

Why Facebook Wants You To Download Its Messenger App

Newsy (July 29, 2014) — Facebook will start requiring users to download a separate Messenger application if they wish to continue using Facebook for mobile messaging. Video provided by Newsy
Powered by NewsLook.com
Teen's Phone Ignites Under Her Pillow; How Real Is The Risk?

Teen's Phone Ignites Under Her Pillow; How Real Is The Risk?

Newsy (July 28, 2014) — A Texas teen's Samsung phone apparently ignited while she slept, but what was the real problem here? Video provided by Newsy
Powered by NewsLook.com
Zillow Snaps Up Web Real Estate With Trulia Deal

Zillow Snaps Up Web Real Estate With Trulia Deal

Reuters - US Online Video (July 28, 2014) — Zillow's decision to buy rival Trulia is just one step in a continuing string of acquisitions, and Zillow CEO Spencer Rascoff is already thinking about his next big deal. Bobbi Rebell reports. Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins