Secure-adaptive architecture

Last updated

Pertaining to web services, Secure-Adaptive Architecture (SAA) refers to a particular approach towards the security management issues inherent in data transfer over computer networks, relating to certain services, such as micropayments.

The term web service is either

Computer network collection of autonomous computers interconnected by a single technology

A computer network is a digital telecommunications network which allows nodes to share resources. In computer networks, computing devices exchange data with each other using connections between nodes. These data links are established over cable media such as wires or optic cables, or wireless media such as Wi-Fi.

A micropayment is a financial transaction involving a very small sum of money and usually one that occurs online. A number of micropayment systems were proposed and developed in the mid-to-late 1990s, all of which were ultimately unsuccessful. A second generation of micropayment systems emerged in the 2010s.

Contents

Minimalist Approach

In SAA, personal information (such as an end-user's name, banking information, or personal identity numbers such as Social Security numbers) is not retained. This has two main benefits: For the end-user, the chance of identity theft and fraud is considerably reduced. For the service provider, it means that direct communication with the end-user's financial institution is unnecessary.

Social Security number nine-digit number issued to U.S. citizens, permanent residents, and temporary working residents

In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary (working) residents under section 205(c)(2) of the Social Security Act, codified as 42 U.S.C. § 405(c)(2). The number is issued to an individual by the Social Security Administration, an independent agency of the United States government. Although its primary purpose is to track individuals for Social Security purposes, the Social Security number has become a de facto national identification number for taxation and other purposes.

Identity theft

Identity theft is the deliberate use of someone else's identity, usually as a method to gain a financial advantage or obtain credit and other benefits in the other person's name, and perhaps to the other person's disadvantage or loss. The person whose identity has been assumed may suffer adverse consequences, especially if they are held responsible for the perpetrator's actions. Identity theft occurs when someone uses another's personally identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been statutorily prescribed throughout both the U.K. and the United States as the theft of personally identifying information, generally including a person’s name, date of birth, social security number, driver’s license number, bank account or credit card numbers, PIN numbers, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person’s financial resources.

A service provider (SP) provides organizations with consulting, legal, real estate, communications, storage, processing. Although a service provider can be an organizational sub-unit, it is usually a third party or outsourced supplier, including telecommunications service providers (TSPs), application service providers (ASPs), storage service providers (SSPs), and internet service providers (ISPs). A more traditional term is service bureau.

Security Techniques

SAA uses "best in class" proven security techniques to ensure the safe transfer of data through network resources. These include protocols such as SSL communications, client-side authentication and AES encryption.

Client-side refers to operations that are performed by the client in a client–server relationship in a computer network.

Authentication act of confirming the truth of an attribute of a datum or entity

Authentication is the act of confirming the truth of an attribute of a single piece of data claimed true by an entity. In contrast with identification, which refers to the act of stating or otherwise indicating a claim purportedly attesting to a person or thing's identity, authentication is the process of actually confirming that identity. It might involve confirming the identity of a person by validating their identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product is what its packaging and labeling claim to be. In other words, authentication often involves verifying the validity of at least one form of identification.

Advanced Encryption Standard block cipher standard

The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.

Monitoring

SAA requires consistent and pervasive, real-time monitoring of network resources to ensure security.

See also

Related Research Articles

Virtual private network virtual network extending a single private network across a public network like the Internet, appearing to users as a private network link

A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network.

Information privacy is the relationship between the collection and dissemination of data, technology, the public expectation of privacy, legal and political issues surrounding them. It is also known as data privacy or data protection,

Internet security is a branch of computer security specifically related to not only the Internet, often involving browser security and the World Wide Web, but also network security on as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet represents an insecure channel for exchanging information which leads to a high risk of intrusion or fraud, such as phishing, online viruses, trojans, worms and more.

Representational State Transfer (REST) is a software architectural style that defines a set of constraints to be used for creating Web services. Web services that conform to the REST architectural style, termed RESTful Web services (RWS), provide interoperability between computer systems on the Internet. RESTful Web services allow the requesting systems to access and manipulate textual representations of Web resources by using a uniform and predefined set of stateless operations. Other kinds of Web services, such as SOAP Web services, expose their own arbitrary sets of operations.

Identity management, also known as identity and access management (IAM) is, in computer security, the security and business discipline that "enables the right individuals to access the right resources at the right times and for the right reasons". It addresses the need to ensure appropriate access to resources across increasingly heterogeneous technology environments and to meet increasingly rigorous compliance requirements.

Software as a service is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft. SaaS is typically accessed by users using a thin client, e.g. via a web browser. SaaS has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.

Cloud storage is a model of computer data storage in which the digital data is stored in logical pools. The physical storage spans multiple servers, and the physical environment is typically owned and managed by a hosting company. These cloud storage providers are responsible for keeping the data available and accessible, and the physical environment protected and running. People and organizations buy or lease storage capacity from the providers to store user, organization, or application data.

Privacy-Enhancing Technologies (PET) are the methods of protecting data in accordance with the law. PET allow online users to protect the privacy of their personally identifiable information (PII) provided to and handled by services or applications. PET uses techniques to minimize possession of personal data without losing the functionality of an information system.

Information Card

Information cards are personal digital identities that people can use online, and the key component of an identity metasystem. Visually, each i-card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select one they want to use for any given interaction. The information card metaphor is implemented by identity selectors like Windows CardSpace, DigitalMe or Higgins Identity Selector.

Cloud computing form of Internet-based computing that provides shared computer processing resources and data to computers and other devices on demand

Cloud computing makes computer system resources, especially storage and computing power, available on demand without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet. Large clouds, predominant today, often have functions distributed over multiple locations from central servers. If the connection to the user is relatively close, it may be designated an Edge server.

Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence.

Cloud computing security or, more simply, cloud security refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services, and the associated infrastructure of cloud computing. It is a sub-domain of computer security, network security, and, more broadly, information security.

Security service is a service, provided by a layer of communicating open systems, which ensures adequate security of the systems or of data transfers as defined by ITU-T X.800 Recommendation.
X.800 and ISO 7498-2 are technically aligned. This model is widely recognized

The 2011 PlayStation Network outage was the result of an "external intrusion" on Sony's PlayStation Network and Qriocity services, in which personal details from approximately 77 million accounts were compromised and prevented users of PlayStation 3 and PlayStation Portable consoles from accessing the service. The attack occurred between April 17 and April 19, 2011, forcing Sony to turn off the PlayStation Network on April 20. On May 4 Sony confirmed that personally identifiable information from each of the 77 million accounts had been exposed. The outage lasted 23 days.

Cloud computing architecture refers to the components and subcomponents required for cloud computing. These components typically consist of a front end platform, back end platforms, a cloud based delivery, and a network. Combined, these components make up cloud computing architecture.

Crypto cloud computing is a new secure cloud computing architecture. Cloud computing is a large-scale distributed computing model that is driven by economies of scale. It integrates a set of abstracted, virtualized, dynamically-scalable, and managed resources, such as computing power, storage, platforms, and services. External users can access to resources over the Internet using terminals, especially mobile terminals. Cloud architectures are developed in on-demand fashion. That is, the resources are dynamically assigned to a user according to his request, and relinquished after the job is done.

IMS is a set of specifications to offer multimedia services through IP protocol. This makes it possible to incorporate all kinds of services, such as voice, multimedia and data, on an accessible platform through any Internet connection.

The following outline is provided as an overview of and topical guide to computer security: