EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Looking for Love in All the Wrong Places: A Security Case Study on Online Identity Theft

Doug White and Alan Rea

Journal of Information Privacy and Security, 2007, vol. 3, issue 3, 3-24

Abstract: Information systems are only as strong as their weakest elements. A truly secure environment requires effective network security, secure application development guidelines, well written policies and procedures, and a strong user educational component to account for the many potential attacks that can occur on a given day. In this case, the authors cover failed aspects of networking security, Web development, policies and procedures, as well as inadequate user education to illustrate how easily an attacker can glean critical business data from an organization via simple techniques known to the hacking community. This case demonstrates that even with basic physical security in place, social engineering practices, combined with well-known hacking techniques, can thwart an organization’s security procedures and practices. In our discussion, we analyze threats to Web servers and Web services using a sample business: MrLuv’s Online Dating Service. We also provide a scenario analysis to forensically explain the break-in and discuss possible techniques used to acquire customer identity information. Ultimately, we find that although secure technical solutions must be implemented, organizations must also educate system users about potential threats. Throughout the case we provide an explanation of common attacks on Web servers and Web services, as well as include a detailed glossary of relevant security terms to explain the technical vocabulary businesses must understand in order to effectively protect their digital assets.

Date: 2007
References: Add references at CitEc
Citations:

Downloads: (external link)
http://hdl.handle.net/10.1080/15536548.2007.10855819 (text/html)
Access to full text is restricted to subscribers.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:taf:uipsxx:v:3:y:2007:i:3:p:3-24

Ordering information: This journal article can be ordered from
http://www.tandfonline.com/pricing/journal/uips20

DOI: 10.1080/15536548.2007.10855819

Access Statistics for this article

Journal of Information Privacy and Security is currently edited by Chuleeporn Changchit

More articles in Journal of Information Privacy and Security from Taylor & Francis Journals
Bibliographic data for series maintained by Chris Longhurst ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-20
Handle: RePEc:taf:uipsxx:v:3:y:2007:i:3:p:3-24