12.1 Introduction

The remarkable popularity of multimedia services and applications is accompanied by a significant expansion in the opportunities for network-related cyberintrusions that range from data interception and malicious code attacks to insider sabotage and theft and insertion of misinformation. Cyberbvandals determined to break into networked computers are always on the lookout for new ways to snoop around, eaves-drop, modify, destroy, or steal data.

12.2 Purpose

The pervasive use of communications technologies for enabling virtually ubiquitous and instantaneous connectivity to Web resources is accompanied by an expanding need for security solutions. This chapter examines various procedures, protocols, and techniques to counteract network incursions and safeguard data confidentiality and integrity. Authentication mechanisms are described. E-commerce security risks and solutions are indicated. Features and functions of school security policies are noted. Techniques for minimizing network vulnerabilities are explored. Approaches for dealing with system abuse, commodity fraud, and abrogation of personal privacy rights are indicated.

12.3 Security Incidents and Cyberinvasions

Currently, network intrusions outpace security options available to create protected internetworking environments. System vulnerabilities have contributed to cyberintrusions at Web sites maintained by the San Diego Supercomputer Center (SDSC), the Pentagon, the FBI, the Defense Information Security Agency (DISA), and the U.S. Department of Justice.

Cyberhackers intent on disabling a network masquerade as legitimate users in order to read, monitor, and overwrite network files and assume control of network functions. Cyberintruders also exploit security holes and configuration errors for gaining access to sensitive data such as credit card numbers, hospital records, and personnel...