Categories
Free Essays

Prominence of Computer Security and Forensics

INTRODUCTION

Forensics and related courses are fast flattering current career of the students. It has a global reputation for excellent in the development of the techniques of forensics. The forensics is the investigation process which is related to the police services.

Many students are focused in forensics some of the area are the following

Criminology
Toxicology
Questioned Documents
Odontology
Pathology / Medical Examiner
Physical/ Forensic Anthropology
Forensic psychiatry/psychology

Many opportunities are waiting for the students who are pursuing forensics science and other related courses. The main criteria in the forensic science are

Chemistry -analysis of paint, chemicals counting fire investigation and reconstruction of accidents.
Biology – It is associated to crimes in contradiction of people murder, assault and rape cases.
Drugs and toxicology.

Research Enterprises of Forensics

Consulting with people on the front appearances and document their problems.
Eavesdrop to law enforcement and relate our own knowledge of computer forensics according to those problems.
Learn current investigating techniques and suggest alternatives, measuring the alternatives in real world and reporting the results.
Pay attention to the sufferers and give them a good solution to analyse what happened to them and report it appropriately.

Job availability segments for forensic students

Law enforcement
Financial
Consulting and
Academic.

Forensics courses develop the unique skills which means a person cannot handle the networks without any knowledge of it and for example a computer engineer cannot survive in the forensic field just because he can knows only about the system management. So the above are the sectors for the computer forensic students.

Importance of security

Security is the most important thing in everyone’s day to day life. A mail can be hacked by fetching the original information and it is replaced by a fake data to cheat people with the help of some software’s.

A fake websites are there by collecting the personal bank information of an individual person, it happens like a person is asked to buy some stuffs by sending them a portal of the bank information to be filled and after sometime that pages are fetched and hacked by some frauds .

These are all the techniques used to hack the personal information and trouble them so computer security is there to give some surety to the companies by protecting the secrets of each and every person’s information.

Anonymous tools

It could be used to create an unidentified data form the original data. Forensic researchers will be having packet dumps, email messages, document files, disk images, etc..,

Types of forensics

Disk forensics
Network forensics
RAM forensics
Phone forensics
Document forensics and
Software forensics

Services of forensics

Examining the evidence of hacking
Analysing of electronic mail, chatting capability and deleted files for worker annoyance.
Checking the computer system for the evidence of IP address theft
Examining the erased internet action and server log files for evidence of unauthorised activity of a person.
Investigation into the denial of data systems and computer strategy
Extracting the evidence for non-computer concerned with investigations.
Producing reports to the industrial courts.
Observing the common employees misusing the computer
Developing the software’s to solve some specific problems.

Available Job Opportunities by studying computer security and forensics

In detecting and investigating the cyber related crimes
In using tools of forensics
Handling the cyber-crimes with intelligence of tackling them
Finding the loss of account and recovering them

The techniques gained by studying computer security and forensic course

Trouble shooting the operational issues:

Finding the incorrect physical location of the network and resolving the problem in the correct way in the host.

Log monitoring:

Analysing log entries and correlating log entries from multiple systems.

Recovering data from the system:

Fetching the lost data that has been hacked by anyone or modified with help of tools etc…

Mobile Forensics

Mobile devices are terribly increasing in the recent trend. Many communication protocols like Bluetooth, WiFi and 3g allow the free data transfer across international restrictions. Users are allowed to transfer the data, browsing and send and receive e-mail with attaching files.

Analysis of call data records

The records of the call data has been showed below

Date of call
Time of call
Call duration
Number making the call (originating)
Number receiving the call (terminating)
IMEI – International Mobile Equipment Identity
CI – Cell site identity number

Description of Audio and Video

Audio Analysis

Audio can be recorded in high diverse range including mobile phones, dicta phones, covert recording devices, cameras and mobile phones CY4OR is a full enhanced and transcription service in the forensic audio and video suite.

Video Analysis

The propagation CCTV equipment on virtually every street corner, outside business buildings and even for domestic properties is increased for some evidence are available for inspection.

This type of evidence is seriously trusted upon in court but often needs improving to ensure that is obviously presented. CY4OR’s practiced video team uses formal of the art equipment to enable the augmentation, de-multiplexing and restoration of material.

Data Recovery

Data recovery is the process of recovering data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally. Data can be retrieved from storage media such as hard disk drives, storage tapes, RAID, CDs, DVDs, and other electronics.

Recovery may be required due to physical damage to the storage device or logical damage to the file system that prevents it from being mounted by the host operating system.

Conclusion

The skills that are gained from computers security and forensic course include the broad knowledge of forensic principles, procedures, tools and techniques to handle the problems. So it develops the skills required by the employers and fulfills them. Apparently there is more possibility of new techniques as well as advancements yet to develop in the area of forensics because “computer security and forensics is only a journey but not a destination” student who currently learns will say many things new to this world by studying this course. Hence this paper briefly explains about the required skills by the employers to work in the forensic field and also in pertinent sector by attaining this course.

Reference:

http://www.cy4or.co.uk/forensic-services/mobile-device-forensics

www.intaforensics.com

www.krollontrack.co.uk

Categories
Free Essays

“The effects of security techniques on the performance of the IP addressing schemes used in different Operating Systems In the Wireless 802.11n Networks”

1. Introduction:

Utilization of Bandwidth Efficiently is the most Challenging factor, in today’s IT Revolution. Providing security for the data transmission over wired and wireless networks is again a very important factor in order to avoid piracy, illegal and unauthorized accesses.

Here we are investigating the effect of WPA2 security technique on the IP addressing schemes with the client-server configuration on Windows 7 – Windows Server 2008 and Windows XP – Windows Server 2008 Operating systems respectively. When comparing the techniques each other, we need to enable and disable the encryption techniques used respectively, in order to study the proper impact of security techniques on the performance of the 802.11n wireless networks.

The most important factor is to provide the better security for the data transmission over wired and wireless communication with less processing time and should use the low bandwidth as much as possible without reducing the performance; and also security is the main factor which decreases the performance of the setup by increasing the processing time [8]. This also leads in decreasing the system throughput.

Providing the better security with efficient utilization of bandwidth with reduced processing time during the transmission of data, will become the most effective and supportive step for today’s growing IT World.

IPv6 replaced IPv4 as IPv4 has failed to provide enough IP addresses to all the end user systems. Recently developed operating systems by different organizations support both IPv4 and IPv6 Protocol Stacks and Infrastructures [2].

802.11n IEEE standard is the recent development by the IEEE group, in the Wireless Fidelity category [9]. This standard provides the improved bandwidth compared to previous wireless standards. 802.11n is able to provide the improved bandwidth as it utilizes multiple antennas and wireless signals technology – The MIMO technology, where the other previous version of IEEE standards were not using this technique for the Data Transmission and Reception. 802.11n standard was finalized on nov-2009 [9].

After the successful development of 802.11n, the industries started implementing the wireless devices that provides and supports the data transmission rate more than 100Mbps in the current real world, which is the much more compared to any other wireless standards previously developed. This is one of main advantages of the 802.11n.

IPv6 is replaced by IPv4, which is new and have also been upgraded in newly developed operating systems. Windows 7 is the most recent successful development by the Microsoft Windows organization which works on both IPv4 and IPv6 addressing schemes. Most of the companies have decided to move to the new operating systems like Windows 7. Some of the companies and organizations are still using Windows XP which runs on IPv4 addressing scheme [6]. Some of the companies are addicted to Windows vista even though Vista has few bad reviews and disadvantages compared to newly developed operating systems. The working of Vista and Windows 7 are almost same. Windows Server 2008 is the new and advanced version of Microsoft [6]. This has many upgraded features, technologies, better authentication and rights of admission controls and also the added active directory services as compared to the other previous versions of Server Operating Systems from the Microsoft [6].

WPA (Wireless Protected Access) and WPA2 are the security protocols used in securing the data from unauthorized accesses during Data Communication, in Wireless Computer networks[10]. This was developed by ‘Wi-Fi Alliance’. This was developed in order to overcome the disadvantages and solve the queries that were found during research on WEP technique in various organizations and institutes as well. This WPA2 technique provides better encryption than WEP, and consists of more advanced features and techniques [10].

2. Background:

In 2009, Samad Salehi Kolahi, and the co-authors et al [1] conducted a study on Impact of Security on the IPv4 and IPv6 using 802.11n Wireless LAN on Windows Vista, Windows Server 2008 and Windows XP operating systems[1]. The main contribution of their paper was to compare the performance of IPv4 and IPv6 on a client-server configuration, in wireless 802.11n networks, using the operating systems like Windows Vista, Windows Server 2008, Windows XP and Windows Server 2008. WPA2 security encryption technique was used and then they compared the outputs with the open system 802.11n networks [1]. This paper gave me the motivation to compare and verify the performances of both IP addressing schemes and the outputs on different operating systems, when the MTU is increased and to compare the time taken to transmit the data (ex: how much time does setup1 and setup2 takes to transmit the 1Gigabyte of data respectively and compare them with each other).

MTU (Maximum Transmission Unit) is a protocol which used in the higher layers. This protocol forwards the data using MTU parameters; these parameters are always associated with the communication interface like network interface card, serial and parallel ports [13]. The MTU size is fixed by the standards or protocols which are used. For a larger MTU, the packets contain data where the protocol headers and delays are remaining fixed. The efficiency of the MTU is calculated when we use bulk data throughput. The Per-Packet-Processing technique used in this protocol may limit the performance of the system. Usually when large packets are being transmitted the transmission link used appears to be slow for some amount of time [13]. This Latency may become a factor in decreasing the overall efficiency of the setup. Sometimes when transmitting the larger packets due to some communication errors which cause the data bit loss in the arrived packets at the destination, irrespective of the error is present in all of the bits or in a single bit or in some bits of the packet, whole packet has to be retransmitted, this retransmission takes much time which is again a main factor which decreases the throughput of the setup also causes increased MAC delay. The retransmission of IP packet can be done without the fragmentation technique [13]; this fragmentation includes only the IP header except all other low level headers of the OSI layers. The minimum size of reassembled packet for IPv4 is 576 and IPv6 is 1500 bytes. The MTU for a wireless 802.11 networks is 2272 bytes [13].

3. Problem Description:

The above diagram shows the client-server configuration setup, the server is connected to the 802.11n wireless access point using a CAT 5e straight through cable. The client is connected to the access point using 802.11n NIC (Network Interface Card). Here we are investigating the performance of the 802.11n in different phases.

In the phase 1,

Step1: The Server is installed with Windows Server 2008, and client is installed with windows 7 operating system. IPv4 addressing scheme is used here in this step, no encryption technique is used during the data transmission to verify the throughput of the setup without any security encryption to verify the performance, and also to investigate the performance when MTU is increased beyond the range of 128–1408 bytes.

Step2: Here in this step the Server is installed with Windows Server 2008, and client is installed with windows 7 operating system. IPv6 addressing scheme is used instead of IPv4 addressing, no encryption technique is used during the data transmission to verify how the security factors affect the throughput performance, and also the performance when MTU is increased.

Step3: Here in this step the server remains with the same operating system and client as well, the IPv4 addressing scheme is used again instead of IPv6 but the WPA2 encryption technique is enabled. Encrypted data is transmitted in order to verify the weather the security factor affect the throughput performance and also the time taken to transmit the encrypted data and this time is compared with the time taken in the steps 1 and 2 respectively fro different MTU ranges.

Step4: The Server operating system remains same with windows server 2008, and client with the Windows 7, but the IP addressing scheme is changed back to the IPv6 then the WPA2 encryption technique is used for the transmitting data, and the outputs are measured and compared with the results of the above steps.

The outputs obtained from all the above 4 steps are compared with each other to decide which Operating system configuration and IP addressing schemes going to provide the required high throughput and better performance by plotting the respective graphs to the obtained respective outputs; and also how does the encryption technique impact on the performance of the IPv4 and IPv6 in Wireless 802.11n Networks and the system output as well.

In the Phase 2,

Step1: Windows Server 2008 is installed in the server, and client is installed with windows XP. First the IPv4 addressing scheme is used, no encryption technique is used all the encryption techniques are disabled during the data transmission to investigate the time taken to transmit data and verify the Throughput as well, and also the performance of the system when MTU is increased.

Step2: The Server is installed with Windows Server 2008, and client operating system will be Windows XP. We are using IPv6 addressing scheme instead of IPv4, all the encryption techniques are disabled during the data transmission to verify whether the security factors affect the throughput performance, and also the performance when MTU (Maximum Transmission Unit) is increased beyond its maximum limit with respect to the operating system used.

Step3: Here in this step the Server operating system will be Windows server 2008, but the client operating system is installed with Windows XP, the IPv6 addressing scheme is changed back to IPv4 but here in this step the WPA2 encryption technique is enabled during transmission. Encrypted data is transmitted in order to verify the weather the encryption security factors affect the throughput performance and also the time taken to transmit the encrypted data.

Step4: The Server operating system is installed with Windows Server 2008, , and client operating system will be Windows XP, but the IP addressing scheme used here is IPv4, but the WPA2 encryption technique is enabled here and encryption is used for the data transmission, the outputs are measured and compared with the above steps respectively.

The outputs obtained in all the steps are compared individually with each other by plotting the respective graphs which helps us in knowing which Operating system Configuration performs better and gives better throughput and the performance as well. Similarly, whether the IP addressing schemes used in the respective steps going to fetch the required high throughput and provide the better performance; finally how does the encryption technique impact on the performance of the IPv4 and IPv6 in Wireless 802.11n Networks and the system output.

Finally the outputs from both phases are compared and plotted a graph TCp Throughput versus packet size (bytes) and this graph helps us to investigate the performance of the IP addressing schemes and the security encryption techniques and their impact on the throughput performances used in the respective setups.

The outputs will be verified for different packet sizes like 128, 384, 640, 896, 1152, 1408 bytes of packet sizes in each steps of their respective phases which takes a minimum of 48 different scenarios and setups in order to clearly verify the performance of the IP addressing schemes by plotting the graphs.

The client-server setup is installed by windows 7, windows server 2008 and windows XP operating systems to compare whether the operating systems affect the throughput performance of Wireless 802.11n Networks. We also compare the WPA2 encryption security techniques with the Open system to investigate how the encryption technique affects the performance of the setup.

The IEEE paper which is published in the year 2009, the paper “The Impact of security on the performance of IPv4 and IPv6 using 802.11n Wireless LAN” which gave me a motivation to come through this idea, where the author has failed to clarify what happens if the MTU values are increased beyond the 1408 bytes, and the author has failed to give us (reader) a clear idea how does the IPv4 and IPv6 TCP/IP stack works on both Windows 7and Windows XP operating systems from the Microsoft organizations. We also investigate the time taken in the encapsulation process inside the TCP/IP stack.

4. Current Status and Development:

4.1 Literature or Technology Survey and Analysis:

In 2009, S.S.Kolahi, Zhang Qu, Burjiz K.Soorty, and Navneet Chand et al [1] compared the performance of IPv4 and IPv6 addressing scheme on a client-server Wireless 802.11n networks. The author concluded that enabling the encryption technique WPA2 results in approximately 7.07% less throughput for IPv4 and 5.42% less throughput for IPv6. The highest bandwidth obtained here is 120Mbps in 802.11n achieved in XP and IPv4, which is the highest as compared to all the other setups [1].

In 2009, et al [7]; Vasaka Visoottiviseth*, Thanakorn Piroonsith*, Siwaruk Siwamogasatham, the authors made a “ Emperical Study on achievable throughputs of IEEE 802.11n devices”, here the performance of 802.11n network is compared with the 802.11g network device,[7] the performance improvements of IEEE 802.11n are measured approximately about 85% of UDP downlink Traffic, 68% of TCP Downlink traffic, 90% of TCP and 50% of UDP Uplink Traffic, the TCP results are quite balanced throughout all the trials where the UDP results are bit more variations[7].

In 2008, et al [3] S.S.Kolahi, the author’s made a detailed study on the impact of security techniques for 802.11g on Windows Server 2003, Windows Vista and Windows XP [3]. The author’s contribution was to verify the impact of security on throughput and Round Trip Time (RTT) on the respective operating systems, when the encryption techniques are activated on the Open systems, the TCP throughput reduced by 10% on WEP-64 and 14% for WEP-128 on Windows XP [3].

In 2007, et al [4] Filho investigated the bandwidth security Trade-off in Windows XP Operating System. The outputs showed that there is a drop in the throughput about 4%, 7% and 5% when the encryption techniques WEP-64, WEP-128 and WPA are used in Open Systems [4].

In 2006, B.E Zedin et al [5] published a paper based on the impact of security on the performance of the wireless 802.11n networks.th authors were successful to prove that TCP throughput is reduced about 4% on Windows XP when WEP-64 is enabled and 7.14% when 128 bit key is enable [5].

References:

[1] The impact of security on the performance of IPv4 and IPv6 using 802.11n

Wireless LAN.

Authors: Kolahi, S.S; Zhang Qu; Soorthy, B.K; Chand, N; — Publication year

2009. New Technology Mobility and Security 2009, 3rd International

conference.

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=538467

[2] Comparison of end system IPv6 Protocol stacks.

Authors: Zeadally, S; Waseem, R; Raicu, I; — Publication Year 2004, page(s):

238-242.Communications IEE Proceedings, Vol 151, Issue 3.

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1309776

[3] The Impact of Wireless LAN Security performance of different windows

operating systems. Computers and Communnications, 2008.ISSC 2008. IEEE

Symposium

Authors: Kolahi, S.S; Narayan, S.; Nguyen, D.D.T.; Sunarto, Y.; Mani,P.;

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4625636

[4] “Security versus Bandwidth: The support of Mechanisms WEP e WPA in

802.11g Network,”

Authors: E.J.M.A. Filho, P.N.L. Fonseca, M.J.S Leitao, and P.S.F. de Barros,

IFIP International Conference on Wireless and Optical Communications

Networks, 2007.

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4284142

[5] Impact of Security on the performance of Wireless-Local Area Networks,

Author: Ezedin, B.; Mohammed, B.; Amal, A; Hanadi, al, S.; Huda, K.;

Meera al, M.; Innovations in Information Technology, 2006, pp 1-5.

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4085411

[6] Windows Server 2008, Microsoft Corporation, Published June 2008.

Link: http://www.winsupersite.com/blogs/tabid/3256/entryid/74766/windows-

server-2003-vs-windows-server-2008.aspx

(Click on Windows server 2008 White paper)

[7] An Empirical Study on achievable throughputs of IEEE 802.11n devices.

Author: Visootiviseth, V.; Thanakorn; Piroonsith; Siwaruk Siwamogsatham.

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5291578

[13] Structure of the IEEE 802.11 MAC Frames – Wireless WLAN Wi-Fi

Configuration and Optimization tips.

Link:http://www.wireless-center.net/Wireless-Internet-Technologies-and-

Applications/1925.html

Text Book and Timelines:

[8] CCNA – Fundamentals of Wireless LANs, Cisco Networking Academy

program.

[9] S.McCann.; Official IEEE 802.11 Working group project timelines – 2009.

Link: http://www.ieee802.org/11/Reports/802.11_Timelines.htm

[10] Wikipedia 802.11n,

Link: http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

Additional references:

[11] “Measurement and analysis of TCP performance in IEEE 802.11 networks.”

Author: W.Ge,; Y. Shu; L.Zhang, L.Hao; O.W. Yang – Published year 2006.

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4055002

[12] IEEE 802.11n Development: History, Process and Technology.

Author: Perahia.E – Communication Magazine, IEEE, Vol 46, Issue 7.

Link: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4557042

Categories
Free Essays

A report on transport layer security (TLS) and secure shell (SSH)

Introduction

Transport Layer Security (TLS) vs. Secure Shell (SSH) – A battle for security.

In this modern time, individuals, businesses and organizations worry about security on a regular basis, be it online or offline, over a network computer or just with a personal computer.

Security of a computer connected to the internet and within a network is very essential as people need to protect their information and data from unwanted or unauthorised access.

My task here is to look into two most widely used security protocols on the internet network, these protocols are Transport Layer Security (TLS) and Secure Shell (SSH). I will be comparing these two protocols, looking into their similarities and differences, advantages and disadvantages and giving related examples where necessary.

An Overview of the Protocols

First and foremost what is TLS It is the replacement for secure socket layer (SSL) and it is a protocol that makes sure that there is privacy between a communicating application and its users on the internet. TLS offers an end point authentications and communications privacy over the internet using encryptions.

For instance, if a server and a client communicate, TLS makes sure that no one without the right authority can listen, intrude or forge any messages between them.

TLS has two layers, the TLS record protocol and the TLS handshake protocol.

The TLS Record Protocol is at a lower level where it is placed on top of some reliable transport protocol as Transport Control Protocol (TCP). This is needed in other to send messages in two directions, forward and backward and it also has a security property that is used to establish a reliable and private connection. The record protocol is then responsible for changing position of data between two ends of the link using the values agreed through the handshake protocol.

The information that then come from the application to the TLS record protocol, are compressed and encrypted as required before they are sent to the other end. And if the other end is valid, the information is then uncompressed and decrypted before delivery. The TLS handshake protocol also uses the record protocol to send its messages during the hand shake stage.

There are additional offers that are commonly overlooked which are provided by TLS, “integrity guarantees and replay prevention”.

TLS streams communication have inbuilt controls to prevent tampering with any portion of its encrypted data. And there are other inbuilt controls to stop captured streams of TLS information from being replayed at other times.

On the other hand, SSH is a protocol that determines the performance of a secure communication over a network. This has been used to replace telnet, rsh, rlogin for insecurity. Prior to any transfer taking place, the SSH client and server must first establish a secure connection. This will then allow them to share private information between each other.

The SSH protocol is responsible for authentication, encryption, and the way data is transmitted over a network.

“The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet”.

There are two types of versions for the SSH, the first is SSH1 and the second is SSH2. Although, these two protocols are different.

The SSH1 is the original protocol and it has its own shortfalls, so it is not normally recommended or in use today. But SSH2 is the common of the two SSH protocols and is commonly used today as it is more secure and efficient than SSH1. The SSh1 uses server and host keys to verify the networks while SSH2 uses just the host keys to verify the networks and even more, they are not compatible with each other.

SSH works in the following way

When a client contacts a server, they disclose the SSH protocol versions that they support. Then, they switch to a packet based protocol. When the server identifies itself to the client and provides session parameters, the client then sends the server a secret key. Both sides turn on encryption and complete server authentication. Then, a secure connection is created.

Similarities and Differences

Similarities

In terms of similarities, one can say they provide the same level of security within any giving scenario. They both make sure that information passed about over the internet is protected with dependable encryption. They can also make sure that the server a user connects to is the right one.

The two protocols provide 128-256 bit encryption.

Differences

In respect to their similarities, they do have some differences as well. Most obvious is the fact that SSH uses username and password to authenticate its users which is inbuilt. While TLS “authentication is left up to the daemon receiving the connections”

SSH is at the top of the model at the application layer while, TLS is able to offer security at the transport layer.

SSH is connection oriented which use TCP only, and it is primarily used for shell based solutions.

SSH offers number of client authentication options, TLS only uses the public key option.

There are SSH components such as its connection protocol SSH-CONN. SSH-CONN provides multiple logical data channels to the applications using SSH-TRANS which TLS does not have.

SSH Advantages and Disadvantages

Advantages

It is reliable, it is available free and also in commercial versions

It never trusts the network

If the network is experiencing a hostile takeover, it will only disconnect the SSH, but any decryption or connection take over is impossible.

It is possible to tunnel TCP based applications through SSH, e.g., email protocols.

For system administrators, SSH is a popular remote administration platform.

Although, the server runs on UNIX, Linux and VMS, SSH clients can run on most platforms.

“Many authentication methods including Kerberos, TIS, SecurID and RSA.Can be SOCKS5 proxy aware”

Disadvantages

SSH is not designed to be added into network gateways such as routers or firewalls.

Performance for SSH can be a problem on old machines.

Its port range and dynamic ports cannot be forwarded.

A client on the Internet that uses SSH to access the Intranet can expose the Intranet by port forwarding.

When a user authenticates themself on a server, it is always sent in clear text

TLS Advantages and Disadvantages

Advantages

TLS is easy to use. Probably the most used security on the internet.

TLS do not need any Operating system support.

When messages are exchanged over the Internet, they are checked while transmitting from one computer to another. This feature offers reliability of the web based communication.

TLS protocol stops unauthorized user access from interfering as a third party in the middle of a communication on the Internet. The third party will only take part in the communication when it has been noticed by two authorized users

TLS is in use by most web browsers

It is widely recognized as the secure HTTP (HTTPS) Protocol

Disadvantages

TLS often mistake firewalls as man in the middle attack.

It is exposed to clogging over TCP

Security Weakness

Examples

TLS can be used in many applications; client/server applications but it has mostly been used with the Hypertext Transfer Protocol “HTTP” for security. This allows it to offer an encrypted conversation and to securely identify a network web server. The added security it offers allows HTTPS to be used for all level of transaction over the internet world wide.

Secure Multipurpose Internet Mail Extensions “SMIME” when combined TLS can be used to secure IETF VoIP signalling.

TLS can also be used in these following applications: PKIX, LDAP, BEEP, SASL, L2TP, SMTP, IMAP, and POP3.

An example can be seen below with my home web browsers. I have two screenshots from Internet Explorer and Firefox web browsers.

Internet Explorer 9Firefox version 3.6.15

SSH can also be used in some applications as well. SSH do have some features such as port forwarding and secure tunnelling.

Port forwarding can tell the SSH daemon to listen to information conversations on a particular port and forward this conversation to an encrypted SSH session. This allows protectection for other services as well.

Summary

there are no magical solution for web, but good enough protocols, the real deal is that there is no better protocol, they all have their benefits.

In order to decide which one to use, one really need to understand what one is trying to secure.

References

I have been able to obtain and generate ideas from the following sources

Books

Mark Minasi, Christa Anderson, Michele Beveridge, C.A. Callahan

Mastering Windows Server 2003, copyright, 2003 Sybex Inc

O’Reilley. Daniel J Barrett, Richard E Silverman and Robert G Byrnes

SSH, the secure shell, the definitive Guide, copyright, 2005

William Stallings. 2006 Fourth Edition

Cryptography and Network Security

Bill Ferguson (Sybex)

Network + Fast Pass, copyright 2005

IBM TCP/IP Tutorial and Technical Overview

December 2006

Internet Research

Wikipedia

http://en.wikipedia.org/wiki/Secure_Shell#Definition

Last modified on 16 March 2011 at 10:48

http://en.wikipedia.org/wiki/Secure_Shell#Definition

Last modified on 16 March 2011 at 13:11

Categories
Free Essays

Critical Investagtion of the importance of Computer security (SME) within Business

ABSTRACT

The development of computer system has revolutionised business firms in the world. Business firms virtually rely on computer systems in storing information which is a very vital resource in any business because it is the success of the business. However, the safety of the computer systems needs to be ensured considering the importance and relevance of the information stored in it.

One of the most important barricades in the success of the use of computers in business firms, most especially in Small and Medium-Sized Enterprises (SME) is the negligence to computer security. Over the years, it has been discovered that small and medium-sized enterprises (SME) are more prone to potential intruders than the larger enterprise due to common and vast knowledge of popular operating systems and application software’s (e.g. MySQL Database and Microsoft respectively). The internet has created opportunities in the implementation of innovative business applications such as electronic commerce, electronic data interchange and inter-organisational systems (Sousa, KJ et al. 2005), which has kept both business firms and customers vulnerable to threats. We will critically outline the various computer threats in our introduction chapter. Computer security threats keeps multiplying and is still expected to multiply [4]. Taking all of those into consideration, the importance of computer security in business (SME) cannot be over emphasized.

Accordingly, the general purpose of this academic write-up is to outline the importance of computer security in business; basically in Small and Medium-Sized Enterprise (SME). First and foremost, we would critically define computer security, the various kinds of computer threats and their respective security measures. Also, we would explain what SME is all about, some examples of SME and the use of computer in SME. At last, we would critically outline the importance of computer security in business (SME).

INTRODUCTION

The basis of computer security comprises of the reply to the question “What is computer security”. The word “Security” means to protect or could mean to freedom or prevention from danger, risk or damage. Therefore, computer security which is also referred to as Information Security can be defined as the protection of data and information in a system from or against authorized users or recipients. In other words, computer security is the ability of the computer system to guard data and information against intruders, unauthorized users or malicious users with confidentiality and integrity.

Furthermore, computer security is broken down into an acronym CIA which describes the basic goals of computer security and its aim is to protect the data and the system processing the data. The acronym means Confidentiality, Integrity and Availability.

Confidentiality ensures that data and information is kept away from intruders, unauthorized users or malicious users but yet still made available to those users who are authorized to access the data and information. This is also applied to the system processing the data, the network and other devices that are in the network and the computer system itself. Most times, these data are classified into three (3) levels. Some data are classified as public which means that anyone can access the data; some data are classified as company property which means that only users within the company can access the data and while some data is classified at the government level such as top-secret data which is only accessible by users within the government. To ensure the confidentiality of data and information, some security measures are implemented known as “Controls” such as authentication controls, encryption controls, etc.

Integrity ensures that the data and information in the computer system has not been tampered or altered by intruders, unauthorized users or malicious users and even the authorized users. It guarantees that the data and information has not been changed or destroyed either accidentally or intentionally by intruders, unauthorized users or malicious users. It also ensures that the data and information remains in its authorized state or form. In order to ensure the integrity of data and information, several measures such as hashing or encryption, auditing is implemented.

Availability ensures that data/information and systems are made available to only authorized users for use. It protects the authorized users from all sorts of events that may not allow them access to the system and data in the system e.g. accidental events and malicious events. In order to protect the availability of data, some measures are implanted such as backups, server clusters, and redundant systems.

Other terminologies associated with computer security are “Vulnerability” and “Threat”. Every part of a network such as the computer, people, network devices, operating systems, etc. have unique weaknesses which is called Vulnerability. In order words, vulnerability is a weakness in computer systems. Vulnerability can be exploited. Exploiting vulnerability is the use of weaknesses in diminishing the system security. Therefore, an action taken to exploit against vulnerability by unauthorized or malicious users is known as Threat. Threats can be natural or man-made, intentional or accidental, technology.

REFERENCES

David A. Bradbard, Dwight R. Norris, Paramjit H. Kahai 1990, ‘Computer Security in Small Business: An Empirical Study’, Journal of Small Business Management, vol 28.

Sousa, Kenneth J; MacDonald, Laurie E; Fougere, Kenneth T 2005, ‘Computer Security in the Introductory Business Information Systems Course: An Exploratory Study of Textbook Coverage’, Journal of Education for Business, vol 81, p. 15.

Categories
Free Essays

Investigation of effective Bluetooth security features

Introduction

Bluetooth signals can be easily intercepted, as can any other type of wireless signals. Therefore, the Bluetooth specification calls for the built-in security to discourage eavesdropping and attempts to falsify the origin of messages, which is called “spoofing”. This section provides an overview of the security mechanisms included in the Bluetooth specifications to illustrate their limitations and provide a foundation for some of the security recommendations.

In this example, Bluetooth security is provided between the mobile phone and the laptop computer. IEEE 802.11 security protects the wireless local area network link which is between the laptop computer and the IEEE 802.11 AP. The communications on the wired network are not protected by the Bluetooth security.

1. Three Basic Security Services

The three basic security services specified in the Bluetooth standard are authentication, confidentiality and authorization.

Authentication

­Prevents spoofing and unwanted access to critical data and functions. It is the process of verifying the identity of the communication devices. User authentication is not provided natively by Bluetooth.

The Bluetooth device authentication procedure is in the front of a challenge-response scheme. The device attempting to prove its identity in an authentication process is the claimant and the device validating the identity of the claimant is the verifier.

The challenge-response protocol validates devices by verifying the knowledge of a secret key, which is the Bluetooth link key.

Steps in Authentication Process

Step 1: The verifier transmits a 128-bit random challenge (AU_RAND) to the claimant, which is obtained from the random number generator derived from a pseudo-random process within the Bluetooth device.
Step 2: The claimant uses the E1 algorithm to compute an authentication response using its unique 48-bit Bluetooth device address (BD_ADDR), the link key, and AU_RAND as inputs. The verifier does the same computation.
Step 3: The claimant returns the most significant 32 bits of the E1 output as the computed response, SRES to the verifier.
Step 4: The verifier uses a comparator to compare the SRES from the claimant and its own computed value from the E1 algorithm.
Step 5: If both the values are the equal, the authentication is considered successful. If not, the authentication has failed.

The 5 steps accomplishes one-way authentication. The Bluetooth standards allow both one-way and mutual authentication to be performed. For mutual authentication, the steps are repeated with the verifier and claimant switching roles.

Confidentiality

Preventing information compromise caused by ensuring that only authorised devices can access and view data.

To provide confidentiality to the user’s data, encryption technique is used by the Bluetooth technology. Bluetooth has three Encryption Modes.

The modes are as follows:

Encryption Mode 1: No encryption is performed on any traffic.
Encryption Mode 2: Individually addressed traffic is encrypted using encryption keys based on individual link keys. Broadcast traffic is not encrypted.
Encryption Mode 3: All traffic is encrypted using an encryption key based on the master link key.

The encryption key is produced using an internal key generator (KG). The KG produces stream cipher keys based on 128-bit link key, 128 bit EN_RAND and 96-bit ACO value which is the least significant bits from the E1 algorithm of authentication process. A key stream output is exclusive-OR-ed with the payload bits and sent to the receiving device. This stream key is produced using a cryptographic algorithm based on linear feedback shift registers (LFSR). The clock provides the slot number. The encryption function E0 output is exclusive-OR-ed with the sender data and transmitted. The received data is exclusive-OR-ed with the keystream and original data is retrieved.

Trust levels, Service levels, and Authorizations

The Bluetooth levels of trust are

Trusted device: fixed relationship with another device and has full access to all services.
Untrusted device: does not have an established relationship and hence restricted access to services.

The security services defined for Bluetooth devices are

Service level 1: requires authorization and authentication. Automatic access is granted to trusted device; untrusted devices need manual authorization.
Service level 2: requires authentication only; authorization is not necessary. Access to an application is granted only after an authentication procedure.
Service level 3: open to all devices, with no authentication required. Access is granted automatically.

2. Security Modes

The various versions of Bluetooth specifications define four security modes. Each Bluetooth device must operate in one of the four modes.

Security Mode 1: a non secure mode. Authentication and encryption are bypassed leaving the device and connections susceptible to attackers. This mode is only supported in v2.0 + EDR devices.

Security mode 2: a service level-enforced security mode. The security procedures are initiated after LMP link establishment but before L2CAP channel establishment. The authentication and encryption mechanisms in this mode are implemented at the LMP layer. All Bluetooth devices support this security mode 2.

Security Mode 3: link level-enforces security mode. The Bluetooth device initiates the security procedures before the physical link is fully established. This mode mandates authentication and encryption for all connections to and from the devics. This mode is supported only in v2.0 + EDR devices.

Security Mode 4: a service level-enforced security mode like the security mode 2. But the security procedures are initiated after link setup. Authentication and encryption algorithms are identical to the algorithms in Bluetooth v2.0 + EDR and earlier versions. This is mandatory for v2.1 + EDR devices.

Appendix D—Online Resources

References

Bluetooth Special Interest Group, Bluetooth 2.0 and 2.1 specifications, http://www.bluetooth.com/Bluetooth/Technology/Building/Specifications/

Bluetooth Special Interest Group, “Bluetooth Security White Paper”, May 2002, http://www.bluetooth.com/NR/rdonlyres/E870794C-2788-49BF-96D3- C9578E0AE21D/0/security_whitepaper_v1.pdf

Bluetooth Special Interest Group, “Simple Pairing Whitepaper”, August 2006, http://bluetooth.com/NR/rdonlyres/0A0B3F36-D15F-4470-85A6- F2CCFA26F70F/0/SimplePairing_WP_V10r00.pdf

Defense Information Systems Agency (DISA), “DoD Bluetooth Headset Security Requirements Matrix”, Version 2.0, 07 April 2008, http://iase.disa.mil/stigs/checklist/dod_bluetooth_headset_security_requirements_matrix_v2-

0_7april2008.pdf

Defense Information Systems Agency (DISA), “DoD Bluetooth Smart Card Reader Security Requirements Matrix”, Version 2.0, 01 June 2007, http://iase.disa.mil/stigs/checklist/DoD-Bluetooth- Smart-Card-Reader-Security-Requirements-Matrix.pdf

Y. Lu, W. Meier, and S. Vaudenay, “The Conditional Correlation Attack: A Practical Attack on Bluetooth

Encryption”, http://lasecwww.epfl.ch/pub/lasec/doc/LMV05.pdf

Categories
Free Essays

What are the effects on trade regulation for food security under the world trade organization system

Abstract

With the launch of new negotiations on international trade called ‘Doha Development Agenda’ (DDA), agriculture is once again expected to be a central and difficult issue. As a solution to the problems associated with food security in the DDA negotiation on agriculture, this article suggested a creation of a food security box.

The basic idea of the food security box is, (i) to allow, like other existing exemptions (such as Green and Blue Boxes), a series of exemptions to the AoA for members whose agriculture was not meeting basic food security needs (hereinafter the members); (ii) to allow the members to protect and enhance their domestic production capacity under certain conditions; (iii) to provide flexibility to the members so as to increase domestic support for agriculture until they have achieved a certain level of food self-reliance; (iv) to obligate developed countries to give to developing countries technical assistance for improvement in the productivity; (v) to balance the rights and duties between food-exporting countries and food-importing countries.

Free trade alone cannot solve the global food security problems, since free trade may have both positive and negative effects on food security. It should be noted that the policy to achieve food security based only on food aid and trade liberalization is too risky in terms of long term public policy. Given the instability of agricultural production and food aid, it is in the special interests of many food-importing countries such as the Republic of Korea and Japan to increase domestic agricultural production to ensure food security.

I . Introduction

The Doha Ministerial Declaration, issued at the fourth World Trade Organization (WTO) Ministerial Conference on 14 November 2001, launched new negotiations on a range of subjects, and included the negotiations already underway in agriculture and services. With the launch of new negotiations on international trade entitled “Doha Development Agenda (DDA),” agricultural trade is expected to be the most contentious and difficult issue.’) It is agreed that the non-trade concerns (NTCs) such as food security and environmental protection will be taken into account. At the DDA agricultural negotiation, food security

* Professor, College of Law, Kyung Hee University, Seoul, Korea E-mail: <[email protected] >

This work was supported by the Korea Research Foundation (KRF-2001-013-000021). is a key element of NTCs. The NTC Group (comprising the European Communities, Japan, Norway, Switzerland, South Korea and Mauritius), often called as the ‘Friends of Multifunctionality’, raised NTCs as a central part of their negotiating positions.

The United States and the Cairns Group rejected, however, the concept. Some countries argue that there is no food security issue for developed countries because they can afford to purchase if necessary. Food security is, however, fundamentally a matter of national security, justice and human rights where all countries have a great concern.

The focus of the Agreement on Agriculture (AoA) is, unfortunately, not on food security but on trade liberalization. The existing provisions of the AoA can not only not solve the global food security problems but also have detrimental impacts on food security and sustainable development, consumer health and safety and the environment. The AoA does not adequately and equitably address the food security needs of both developing countries and developed countries. As a solution to the problems associated with food security in the WTO negotiation on agriculture, this article suggests a creation of a food security box. This article will not attempt to explain or describe the details of the AoA.

Section II describes the concept of food security under the context of the WTO system and international law. Section HI points out some problems and shortcomings in the current AoA. Section IV describes the concrete contents of a proposed food security box. Section V provides a brief summary and conclusion.

II. The Concept of Food Security

1. Definition of Food Security

The term ‘food security’ has been defined in diverse ways. Both developing countries and developed countries have adopted some kind of food security policy. One starting point in understanding the concept of food security is a widely accepted definition adopted by the United Nations Food and Agriculture Organization (FAO) at the World Food Summit in 1996: “Food security exists when all people, at all times, have physical and economic access to sufficient, safe and nutritious food to meet their dietary needs and food preferences for

an active and healthy life.” 2) There are four elements implicit in this definition: availability, accessibility, reliability (or stability), and sustainability. Adequate food availability means that sufficient food supplies should be available to meet consumption needs. Access to food means that both physical and economic access to food should be guaranteed. 3) A reliable food supply means that an adequate food supply should be continued even during seasonal or cyclical variations of climate and socio-economic conditions. Access to adequate food is essential for good nutrition, but it is not in itself sufficient. Food should also be safe in order that people may survive and be free from disease. Food security, therefore, inevitably requires food safety. In addition, food security requires agricultural sustainability in terms of long-term food security. If agricultural production is managed through exploiting non-renewable natural resources or degrading the environment, it may threaten long-term agricultural sustainability and global food security. 4) Thus, food security requires available, accessible, reliable and sustainable food supply at all the times.

Food security has three dimensions: individual, national and multinational levels. 5) At the individual or household level, poverty or gender inequality may influence the distribution of food affecting individual food security even when food supply is sufficient. At the national level, natural disasters or socio-economic conditions such as armed conflicts may seriously disrupt food production and supply. States may have sufficient food at the national level, but have some food insecure individuals because of unequal distribution of food. At the multilateral level, especially within the context of WTO, food security is considered as a State affair, and discussion tends to focus on liberalization of agricultural trade, trade regulation and adequate supplies of imported food to members.

2. Food Security as a Food Sovereignty

“Food sovereignty is the right of each nation and its people to maintain and develop its own capacity to produce the people’s basic food, while respecting productive and cultural diversity.”6) Food may be used as a tool by nations to impose political and economic pressures on others. The effective realization of food security is essential to national sovereignty since the use of food as a political weapon among nations may limit and jeopardize the sovereignty of individual nations.

Thus, in the Rome Declaration on World Food Security, government delegates agreed that “[alttaining food security is a complex task for which the primary responsibility rests with individual governments.” Because of the responsibility assigned to governments for achieving food security, they emphasized that “Mood should not be used as an instrument for political and economic pressure.” Food sovereignty is, therefore, a pre-condition for a genuine food security.

The term ‘food sovereignty’ was elaborated by NGO. In an Action Agenda adopted at NGO/CSO Forum on Food Sovereignty, food sovereignty was affirmed as “a right of countries and peoples to define their own agricultural, pastoral, fisheries and food policies which are ecologically, socially, economically and culturally appropriate.” 7)

3. Food Security as a National Security

One of the major tasks of a State is to ensure enough food to feed its own people. Adequate food is indispensable for the survival of a sovereign State. When we are, therefore, talking about food security, we are really talking about a national security issue. Thus, some commentators justify the maintenance of a certain minimum level of production of agricultural products in the name of national `safety and security’.

Although the WTO members have not resorted to Article XXI (national security exception clause) of the GATT (General Agreement on Tariffs and Trade) to protect their domestic agricultural industry, the relevance of national security was pointed out at the Special Sessions of the WTO Committee on Agriculture. “Under GATT Article XXI, national security issues may be exempted from Wf0 trade disciplines. Food security is also inextricably connected to national security and political sovereignty. Chronic food insecurity puts national security in jeopardy by placing at risk the health of a large number of people, and also it incites internal turmoil and instability. ”

4. Food Security as a Human Right

Access to adequate food is recognized as a human right. Food security is fundamentally a matter of human right. Many commentators agree that “under international law there is currently found, to a minimal extent, a treaty right conjoined with a customary right to be free from hunger.”il)) International Agreements such as the Universal Declaration of Human Rights”) and the International Covenant on Economic, Social and Cultural Rights 12) support this view.

In the Rome Declaration on World Food Security, government delegates reaffirmed “the right of everyone to have access to safe and nutritious food, consistent with the right to adequate food and the fundamental right of everyone to be free from hunger.•..” 13) Food security is a global issue. National disaster or armed conflict in one agriculture exporting country can seriously affect the food security of other countries. International cooperation is, therefore, indispensable in order to ensure universal food security. Thus they also reaffirmed “the importance of international cooperation and solidarity as well as the necessity of refraining from unilateral measures not in accordance with the international law and the Charter of the United Nations and that endanger food security.” 14) “Each nation must – cooperate regionally and internationally in order to organize collective solutions to global issues of food security. In a world of increasingly interlinked institutions, societies and economies, coordinated efforts and shared responsibilities are essential.” 15)

III. Problems and Shortcomings in the Agreement on Agriculture

1. Lack of Food Security Provision

The focus of the AoA is not food security, but trade liberalization. Its main objective is to establish “a fair and market-oriented agricultural trading system” through “substantial progressive reductions in agricultural support and protections”(Preamble). The AoA aims to liberalize agricultural trade in three principal ways: increase of market access, reduction of both domestic support and export subsidy.

The AoA has no provision on food security, and no definition on food security. There are, however, a few provisions mentioning the term ‘food security’ in a very narrow sense. Commitments under the reform programs should be made in an equitable way among all members, having due regard to non-trade concerns, including “food security”(Preamble). Article 12 of the AoA provides that members instituting ‘export prohibition or restriction’ shall give due regard to the effects of such prohibition or restriction on importing members’ “food security”. Annex 2 of the AoA articulates ‘public stockholding’ (para3) for “food security purposes”. 16) Para.4 (“domestic food aid”) of the Annex 2 is also a provision for food security, although the term food security is not used. Thus, the term ‘food security’ in the WTO is used in a very narrow sense and relates primarily to the adequate supply of food to member states through free trade.

2. Inequity between Food–Export and Food–Import Countries

The AoA has a lack of due consideration for non-trade concerns such as food security. The AoA enables food-export countries to continue to subsidize and protect domestic producers while requiring food-import countries to open up their markets to foreign competition. Consequently, it failed to balance the interests of food-exporting and food-importing countries. It should be noted that there are special provisions for developing and least-developed countries, not for food-importing countries. Even the net food-importing countries (NFICs) are merely a subcategory of developing countries. 17)

The AoA, like other WTO Agreements, specifies different types of legal rights and obligations concerning market access, export subsidies, and domestic support, according to different categories of countries. The principal classifications are developed and developing countries, with the latter receiving ‘special and differential (S&D) treatment.’ It should be also noted that commitments under the reform programs for agricultural trade should be made ‘in an equitable way’ among ‘all’ members, having due regard to non-trade concerns, including food security (Preamble).

3. Insufficient Recognition of S & D Treatment for Developing Countries

As pointed out above, the AoA confers more beneficial legal rights and obligations concerning market access, export subsidies, and domestic support on developing countries. Developing countries were given different timetables, different target reduction rates, and different exemptions. The implementation period for making reductions was six years (until 2000) for developed countries and ten years (until 2004) for developing countries. Developing

17) The net food-importing countries (NFICs) are a subcategory of developing countries, which is defined by the WTO Committee on Agriculture based on trade profile data and negotiation among members. As of February 2000, there are 19 NFICs.

countries were allowed to apply lower rates of reduction in the areas of market access, export subsidies, and domestic support (but not less than 2/3 of those to be applied by developing countries). Least-developed countries were exempted from reduction commitments, although they were required to bind their tariffs and domestic support and not exceed those amounts.

Most of the current S&D provisions for developing countries are, however, largely irrelevant and ineffective because they lack the funds and means to use export subsidies, and domestic supports. The AoA enabled developed countries to continue to subsidize and protect domestic producers while requiring developing countries to open up their markets to foreign competitors. The AoA provisions systematically favor agricultural producers in developed countries and multinational agribusiness, and are unfair to developing countries. No WTO Agreement is more iniquitous than the AoA. Thus, the AoA enabled developed countries to maintain trade-distorting subsidies and import restrictions, and failed to achieve its stated objective of establishing a fair and market-oriented agricultural trading system. 18) It should be noted that the Doha Declaration articulated that S&D treatment for developing countries shall be “an integral part of all elements of the negotiations.”(para.13)

4. No Recognition of Uniqueness of Agricultural Products

Agricultural products are unique and most essential commodities in every country. In addition to its primary function of producing food, agriculture also provides non-food services to our societies jointly produced from agricultural activities. Non-food services of agriculture that have characteristics of public goods include the viability of rural areas, food security, environmental protection, rural employment, and preservation of cultural heritage and agricultural landscape. In this context, the multifunctional role of agriculture, in both developed and developing countries, should be recognized. 19)

In addition, agricultural production is biological and site-specific. Demand and production in agriculture is inelastic. Supply is heavily dependent upon the weather, and very sensitive to climate change. Over 90% of global rice production depends on the same monsoon area. 201 All these unique and multifunctional characteristics of agriculture need to be recognized and should be reflected in the revised AoA. “[T]o ensure that international trade plays a positive role in ensuring food security…, it is essential that trade rules respect the characteristics that distinguish agriculture from other sectors.” 21 )

5. Insufficient Recognition of Importance of Domestic Production for Development and Food Security

The AoA is premised on the idea that trade liberalization can enhance national and global food security. There is, however, widespread public concern that the current direction of trade liberalization under the AoA has a detrimental impact on food security and development. To date, the AoA’s objectives of removing trade barriers and protection have failed to promote the goals of sustainable agriculture and food security. The AoA overestimates the importance of free trade, but underestimates that of domestic production, in terms of sustainable development and food security.

In order to reduce the risks that are often associated with an excessive reliance on imports, a certain degree of domestic agricultural food production is essential for food security and development.22) Domestic production may play a role of insurance against risks such as import interruptions and poor harvests in exporting countries. 23) Agriculture is a way of life in many developing agrarian countries, and support of agricultural production is essential for ensuring food security, rural employment, and poverty alleviation. Agriculture continues to be an important source of foreign exchange and revenue for developing countries. In this context, domestic production should be recognized as an essential means to secure food security and development in the revised AoA.

6. Non–Implementation of the Marrakesh Decision

For countries that may be adversely affected by trade liberalization, a separate ‘decision’ was adopted, called ‘the Marrakesh Ministerial Decision on Measures Concerning the Possible Negative Effects of the Reform Programme on Least-Developed and Net Food-Importing Developing Countries’ (Marrakech Decision). 25) The Marrakech Decision was supposed to protect LDCs and NFIDCs from food insecurity caused by trade liberalization through ensuring a continued flow of financial resources, food aid, and technical assistance.

To date, the Marrakech Decision has not been sufficiently implemented. The Marrakech Decision is ineffective because it does not adequately define the problem (what are the negative effects?), it does not assign responsibilities, and it has no implementation mechanism. The requirement for providing a proof of damage and causality makes it also very difficult to invoke the Decision.

N. Proposals for Food Security Box

Food security is a key element of non-trade concerns and agricultural problems. As pointed out earlier, however, the existing provisions of the AoA can not only not solve the global food security problems but also have a detrimental impact on food security and sustainable development, consumer health and the environment. The AoA does not adequately and equitably address the food security needs of developing countries and developed countries.

The AoA needs, therefore, fundamental reform from the perspective of food security, and food security should have top priority in the DDA agricultural negotiations and a revised AoA. Food security should be mentioned in the preamble of the AoA as a central objective,and specifically reflected in its Articles. As a solution to the problems associated with food security in the DDA negotiations on agriculture, this section will suggest a creation of a `food security box’; the provisions of which will be elaborated in detail, based on the four elements of food security mentioned above.

It should also be noted that the food security box is different from the concept of a `development box’ in that the latter is concemed with S&D treatment for developing countrie s,26) while the former reflects the food security concerns of both developing countries and (net food-importing) developed countries. 27)

The basic idea of the food security box is, (i) to allow, like other existing exemptions (such as Green and Blue Boxes), a series of ‘exemptions’ to the AoA for ‘members whose agriculture was not meeting basic food security needs’ (hereinafter “the members”); (ii) to allow the members to protect and enhance their domestic production capacity under certain conditions; (iii) to provide ‘flexibility’ to the members so as to increase domestic support for agriculture until they have achieved a certain level of food self-reliance; (iv) to obligate developed countries to give to the members technical assistance for improvement in productivity; (v) to balance the rights and duties between food-exporting countries and food-importing countries.

(1) Tariffs

Basic food security crops should be exempt from tariff reduction commitments. Each member may nominate, based on a negative list approach, a list of staple food security crops for exemption from reduction commitments. The ‘basic food security crops’ or ‘staple food security crops’ are crops which are either staple foods in the country concerned, or the main sources of livelihood for low-income farmers 2 8) To be qualified as ‘basic food security crops’, they should be sensitive in terms of food security and sustainable development.

26)Some members proposed a Development Box at the Committee on Agriculture. See The Development Box, Non-papa by Dominican Republic, Kenya, Pakistan and Sri Lanka, Special Session of the Conunittee on Agriculture Informal Meeting, 4-6 February 2002.

(2)TRQs

Tariff rate quotas (TRQs) were introduced in the Uruguay Round to ensure that existing access conditions were not undermined and as a means to create new market access opportunities. The expansion of TRQs may help to ensure greater market opportunities, for exporters especially in developing countries, and to further liberalize and increase trade in agricultural products. Since TRQs have contributed positively to increased market access and the food security of net-food importing countries, much flexibility in connection with the TRQs administration should be given to the basic food security crops of net-food importing countries. Some members proposed at the Committee on Agriculture ‘auctioning’ as an efficient and transparent method of TRQ allocation. 29

(3)SSG

The Special Safeguard (SSG) provisions were introduced to facilitate the reform process and as a means of protecting domestic farmers injured by increase in imports. Given the special nature of agricultural products, the SSG mechanism should be continued, in order to minimize serious injuries caused to the domestic industry by sudden import surges and price fluctuations in ‘food security crops’. Consideration should also be given for extending the SSG to cover crops which have the potential to substitute for local food security crops.

(4)Domestic Support

At the WTO Committee on Agriculture, many delegates emphasized the importance of domestic production in achieving food security. 30) Most delegates contended that the most efficient solution should lie in a combination of domestic production, imports (trade liberalization), food aid and stockpiling, but they varied a lot in the emphasis they gave to various means.

Food aid and free trade can play important roles in achieving food security. The heavy dependency on imported foods and foreign food aid is, however, too risky especially to net food-importing countries in terms of food security policy, since they can provide major food-exporting countries with a powerful political weapon. They can foreclose the potential of domestic production as an engine of rural development and economic growth. It should be noted that the policy to achieve food security based only on food aid and trade liberalization is, therefore, too naive and risky in terms of a long term public policy.

The maintenance of a certain degree of domestic food production is, therefore, an essential element in national food security policies, in each country whether it is a developing or a developed country, and no matter how high its optimum self-sufficiency ratio may be. All domestic support taken to increase domestic production of basic food security crops for `domestic consumption’ should, therefore, be exempted from any form of domestic support reduction commitments. 32)

It should be emphasized that greater diversity in food production systems may contribute to achieve food security by enabling the access to food within a region 33) Developing countries should have the flexibility to take any domestic support measures including price support for food security, rural development and poverty alleviation, regardless of its impacts on trade.34)

(5) Export Subsidies

Export subsidies provided by developed countries may impact negatively on the food production system of importing countries and have detrimental effects on their domestic markets.35) Thus, they may impact negatively on the food security situation of net food-importing countries and developing countries. It may be contended that net food-importing countries and developing countries may also benefit from lower world agricultural prices caused by export subsidies provided by other countries. These benefits are, however, highly unreliable, and export subsidies are the most trade distorting of policy tools used in the agricultural sector. Therefore, at the Doha Ministerial Declaration, it was agreed to reduce, with a view to phasing out, all forms of export subsidies. 36) Developing countries should have the flexibility to use export subsidies in order to promote exports, especially when these exports are critical for achieving their food security needs.

(6) Dumping

Export subsidies may contribute to the problem of dumping which has also detrimental effects on the food production system of importing countries. The US and EC farmgate prices for many crops are less than many countries’ cost of production, because of huge amount of export subsidies. Producers from other countries cannot compete with dumped products from the US or EC based grain multinationals such as Cargill. The existing AoA does not address the problem of dumping of agricultural products. Thus, “[Ole lack of rules in agricultural trade that preceded the AoA contributed directly to food insecurity in the world.”37) Therefore, dumping of agricultural products should be prohibited, and food-importing countries should be allowed to take appropriate border measures against the dumped products, if they impact negatively on the food security policy of importing countries.

(7) Export Credits

Subsidized export credits, along with export guarantees and insurance, could be used to circumvent export subsidy commitments. 381 For this reason, strict rules and disciplines on export credits should be established in the revised AoA. Export credits may be, however, useful for food security in food importing countries suffering from financial crises or food supply problems,39) and should be allowed to be invoked through specific criteria, so long as they are not used as a means of circumventing export subsidy commitments. As of August 2002, export credits covering exports of agricultural and food products are not governed by any specific discipline within the AoA. 401 Rules and disciplines on export credits should ensure that export credits conform to commercial practices and do not confer an export subsidy.41) Developing countries should be, however, allowed to have the flexibility to use export credits.

(8) Export Restrictions and Taxes

Export restrictions and export taxes may be necessary for the food security of food-exporting countries in cases of emergencies like food shortages. For this reason, article XI of GATT 1994 prohibits quantitative export restrictions but makes an explicit exception for “export prohibitions or restrictions temporarily applied to prevent or relieve critical shortages of foodstuffs or other products essential to the exporting contracting countries.” Export restrictions and export taxes may, however, have detrimental effects on the food security of food-importing countries by promoting price variability and uncertainty.

At the WTO Committee on Agriculture, a number of food-importing countries, like South Korea and Japan, contended that their food supplies could be disrupted and their food security jeopardized if exporting countries restrict exports of agricultural products. 42) Article 12.1 of AoA further obligates the member instituting the export restrictions to give due consideration to the effects of such restrictions on importing countries’ food security.

However, given their significant distortion effects on world agricultural markets, strict rules and disciplines on export restrictions and export taxes should be established in the revised AoA. Above all, the period of export restrictions should not exceed more than three months, and a certain amount should be exempt from exporting restrictions during its implementation, for the food security of importing countries. Differential export taxes which encourage exports of processed products and discourage primary product exports should be prohibited.43) Developing countries should be, however, allowed to have the flexibility to use export restrictions and export taxes.

(9) State Trading Enterprises

Many countries have used state trading enterprises to control domestic markets and to regulate trade. State trading enterprises with exclusive or special rights and privileges may have negative effects on the establishment of a fair and market-oriented agricultural trading system. From the viewpoint of food security of importing countries, import state trading enterprises may, however, play an important role to ensure stable food supply. On the contrary, export state trading enterprises with monopolistic power may have a significant and direct impact on the international market.

More stricter rules and disciplines on export state trading enterprises should be, therefore, established in the revised AoA. New disciplines on state trading enterprises should ensure export and import transactions are non-discriminatory and transparent. Developing countries should be, however, allowed to have the flexibility to use state trading enterprises. 44)

(10) Food Aid and Stockholding

Article 10.4 of the AoA does not prohibit the use of food aid as a means of surplus disposal or market expansion. 45) Food aid may, however, have negative effects on food security, and be used to circumvent export subsidy commitments. 46) At the WTO Committee on Agriculture, MERCOSUR group contended that there was an urgent need to establish more detailed rules on food aid in order to ensure that WTO commitments on reducing export subsidies are not circumvented while at the same time preserving the humanitarian dimension of food aid. Strict rules and disciplines on export restrictions and export taxes should be, therefore, established in the revised AoA. 47)

Above all, food aid should only be in the form of grants rather than credits, should respond genuinely to demand, and should be targeted at the needs of the recipient countries. It should not harm the domestic production systems of the recipient countries, should not distort international trade, should not amount to the disposal of price-depressing surpluses, should not allow countries to circumvent their export subsidy commitments, and should not be used as a means of expanding market share by subsidizing countries. Developing countries should be provided with the technical and financial assistance to improve their domestic food production capacity.48)

Public stockholding of basic food security crops for food security purposes should be given a wider definition under the Green Box provision. According to para.3 of Annex 2 to the AoA, the volume and accumulation of stocks shall correspond to predetermined targets related solely to food security, and there are strict criteria for how such stocks are purchased and sold. The AoA should also provide for regional food security plans, including joint maintenance of emergency food stocks. 49) Some countries at the WTO Committee on Agriculture proposed creating an international food stockholding system in order to effectively address food security concerns of developing countries. 50) Developing countries should be allowed to have the flexibility to use food security stocks.

(11) Food Safety

Recently, food safety has been an emerging NTC issue. Public concerns on food safety increases as the trade of agricultural products increases. Food safety requirements may be used as a means of disguised protectionism. Food safety can’t be, however, given up in the name of trade liberalization, because food supplied to people should be safe, at least from the perspective of food security. Without consumers’ confidence in food safety, trade liberalization of agricultural products can’t be accomplished successfully. Strict rules and disciplines on food safety should be, therefore, established in the revised AoA. Since food safety issue may also be discussed in the SPS and TBT Committees, this article proposes a written ‘Understanding’ to be adopted, which may be annexed to the AoA or SPS Agreement.51 )

The Understanding should, among other things, deal with the precautionary principle, burden of proof on food safety, mandatory labeling for GM (Genetically Modified) crops or foods, cooperation with other organizations such as OECD and Codex. Since most food-importing countries lack technical capacity to show scientific evidence against imported foods, technical and financial assistance should be provided to members, especially to developing countries. 52)

(12)Peace Clause

Article 13 (“due restraint”) of the AoA is due to expire at the end of 2003. This Peace Clause protects members using domestic support measures from being challenged under the GAIT 1994 and the Agreement on Subsidies and Countervailing Measures, so long as they comply with their commitments on export subsidies and domestic support under the AoA. The Peace Clause should be preserved and extended for all measures that are taken to achieve the food security policy of developing countries.

(13)Environment and Sustainable Agriculture

Agricultural activities have both positive and negative effects on the environment. Agriculture contributes to environmental goods such as biological diversity and landscape conservation, which may enhance agricultural sustainability. It should be noted that agriculture in many developing countries is based on small-sized farms, and this type of farming is ecologically sustainable. “[There is an emerging realization that agricultural systems in both developed and developing countries face challenges to achieve long-term sustainability and food security,” 53)especially in light of growing populations and resource degradation. Without local agriculture there would be no positive effects, and without some level of support and protection there would be no agriculture.

A certain degree of domestic production should be, therefore, maintained for sustainable agriculture and long-term food security. Green Box measures alone are not sufficient, 54) and the criteria for Green Box need to be broadened and flexible enough to enhance sustainable agriculture and long term food security. 55) Domestic supports for sustainable agriculture should be also allowed under the Blue Box.

V. Conclusion

At the DDA agricultural negotiation, food security is a key element of the NTCs and the most contentious issue. Trade liberalization may enhance national and global food security by expanding sources of food supply, encouraging more efficient allocation of resources, lowering food prices in importing countries, and increasing economic growth rate.

However, the proposition that free trade can solve the food security problems is wrong for the following reasons. Agricultural products are different from industrial products in some respects and agriculture has the characteristics of a public good. Thus, when we are talking about agriculture, we are really talking about food security, rural development, environment, employment, culture, as well as production of food for sale in a market. Agricultural production heavily depends on climate and land conditions, unlike industrial products. Given the uncertainty of food supply in the world food market, there will always remain a residual threat to food security. The policy to achieve food security based only on free trade is too risky in terms of long term public policy. The maintenance of a certain level of domestic agricultural food production is, therefore, essential for food security of both developed and developing countries.

The current AoA does not, however, adequately and equitably address the food security needs of developing and developed countries. With a view to redressing the imbalance and inequity of rights and obligations under the AoA between food exporting and importing countries, this article proposed a food security box. Among other things, basic food security crops should be exempt from tariff reduction commitments. Much flexibility in connection with TRQs administration should be given to basic food security crops. All domestic support measures taken to increase domestic production of basic food security crops should be also exempted from any form of domestic support reduction commitments.

The agricultural negotiations are scheduled to end by 1 January 2005, along with almost all the other negotiations under the DDA. It should be noted that the DDA negotiations are a single undertaking. No element of them will be agreed until all areas are agreed on. As of 23 November 2003, the 31 March deadline for establishing ‘modalities’ in the agricultural negotiations was not met. WPO members failed to set guidelines on tariff and subsidy cuts to use in subsequent negotiations. The first and revised draft of modalities for the future commitments prepared by the chairperson of the Committee on Agriculture failed to reflect the food security concerns of net-food importing and developing countries.

This agricultural impasse may, therefore, spill over into other areas of negotiations, including services, and threaten the entire DDA round of multilateral trade negotiations. Without a system or compromise to solve the food security problems of both net-food importing countries and developing countries, the DDA round can’t reach a successful and satisfactory settlement.

Categories
Free Essays

Are You Safe? The Threat of Hackers, PC Hijacing, Worms, and Web security

ABSTRACT

Web security is one of the complicated stuff and basically these subject is only handle by good trainers and well experience persons now a days as people are widely using WIRED networks so, first we need to understand the basic concepts of security in this network world. Web security is branch of computer science especially related to the internet. Itsmain objectives is to establish the rules and measurements to be taken against the attacks caused over internet. Network is defined as a set of interlinking lines resembling a net and the computer network is a system of interconnected computers. Internet was created to share information and in last few decades, the internet has been affected by many of the security attacks. some of these threats which are caused in the internet are spoofing man in the middle attack, denial of service ,hijacking ,worms, hackers, password sniffing etc……

Introduction:

Internet provides many benefits at the same time it also creates very tremendous security problems. According to study

Which is conducted by United States of America Online and the national internet security, almost eighty %of the computers in the US are affected by spyware and almost twenty % of the machines have viruses.

The internet represents an incorrect channel for information which has to be exchanged were leading to high risk of fraud. so ,to protect the transfer of data we use different kinds of methods. and the strategies and methodologies of web security often differs some, how from other web technologies because of it’s elusive objectives network security is generally considered as security protector of an organisation by keeping out rid of intruders. data is to be protected in the organisation from the hackers who are trying to capture the messages .

Network security:

Network security is generally considered as giving protection for the organization by keeping far from the hackers. Information security mainly focuses on protecting the data resource from malware attacks or simple mistakes which are done by people in organisation with help of DLP techniques.

Information security:

Information security means protecting information from the unauthorised users, the two terms information security and computer security and information assurance which are often used differently. These all fields which are interrelated and share some common goals of protectingconfidentiality, integrity and availability.

Governments, corporations, military, hospitals, financial institutions, and some private businesses. Huge amount of confidential information about all their specific employees, products, customers and research. All these information will be collected with processed and store computers and also can be transmittedacross all other network .protecting confidential information is very important in business requirement and in all cases an ethical and legal requirement should be done.

Three core principles of information security:

Confidentiality
Integrity
Availability
Confidentiality:

in this confidential information can only accessed or copied by users who are right to authorised so confidentiality is maintained. When there is only correct need to use. When the external user tries to access the information who are not actually authorised to use the information then confidentially failure occurs

Integrity:

This helps to protect the un-authorised modification or any information destruction from external. Means data cannot be change without proper authorisation.

Availability:

In this the information which is present in computer systems and that information is protected by security controls whenever information is needed.

ex:

Denial of service attack

Security vulnerabilities:

The internet explorer has thrall down to one and many security vulnerabilities and some of these vulnerabilities like spyware, computer viruses and adware are made possible by exploitable errors and bugs in the architecture of internet explorer. The errors may be as Spyware which is installed in computers in which important information will be copied without our knowledge and this kind of malware is very hard to detect. Adware as well is one of malwares which is in the form of advertisement on computer when you are

downloading anything on the system .lastly Computer virus is one of the viruses which are created by computer itself.

Software security is most important for consumers, vendorsbecause attackers that create attacks even may cause fairly large sequential effects and when all these attacks has been discovered then required software is sold for the consumers depending on the vulnerabilities.

Some of the vulnerabilities are:

Web servers

Exposures

Workstation Service

Windows authentication

Windows RAS

MSQL

Instant Messaging

File Sharing Applications

Mail Client

Instant Messaging

Protection against these vulnerabilities:

Apply latest service packs and require security updates and http services also for the operating system and any other applications are loaded to that same host. And for the high level security we consider the automatic update features so that they are up to date.

1) It’s better to install the host based antivirus and also intrusion detection software in the system. so that the updates are done for log files frequently.

2) It’s better to disable all unused script interpreters like for ex: perl, perlscript, vb script, jscript and javascript and php.

3) If it’s possible enable logging option and check the logs frequently .so, that we can summarise the updates events which are occurred in the system.

4) Use the sys log so that system can store an operating system and http logs safely to another system.

5) Remove all the system tools which are often used by attackers for ex: tftp (.exe), ftp.exe, cmd.exe , bash, net.exe and remote.exe and telnet (.exe).

6) Limit all the applications which are running on host-http and also its which are the services supporting it.

7) Use unique passwords and naming conventions on all public facing system rather than on internal system. Because when ever any information leaked from the public system shouldn’t make any attacks in the internal systems.

IPSec:

Internet protocol security is a communication protocol which is based on IP and internet protocol. Security appends

security of communication to IP .both TCP/IP and UDP/IP acquire the security from it.

IPSec also provides integrity ensurance , encryption , Authentication of each data stream. Internet protocol security is a protocol which suite in protecting the internet protocol communications by authenticating, encrypting the each of data stream.

IPSec is internet protocol security in which windows XP 2000 , 2003 machines had built this mechanism .IPSec is like a protocol were it is designed for protecting all individual TCP/IP packets which are travelling in our network by using public encryption key.

IPSec is used to protect the servers and workstations by using mechanism called as firewalls. Were firewall is like a software which is design to permit or reject the network transactions by creating some rules and it is used to protect the network by allowing correct information to pass from it.So, many computers are included by software firewall to protect unauthorised threats from outside.

We can block the specific users with the help of IPSec:

It is easy by creating simple policy which will tell a computer to block all the specific IP traffic which are created by them. Internet traffic uses HTTP, HTTPS, which uses tcp ports like 80 and 443 as their destination ports respectively. so, by blocking these specific traffics you will be able to manage stopping the specific require computer from browsing internet. You can also block specific user when the person is surfing or browsing the internet.

IPSec policy must be created for blocking all the internet traffics in computer. Which will block all HTTP traffic. For this we can change this policies specifically for any computer by influncing the computer IPSec policy and we can also configure the group policy object on the specific site and as a domain or as a organisation unit.

For example:

Finding the correct balancing between taste of user and function is very difficult .let us consider one of the site www.LLOYDS.com, this is online banking system site which is used by all users but, specific people can only login account which has account in this in this bank. The new users can access total information about the bank. So, the admin can manage all users information that when the visitor is login and if any transactions are made by him and this information is kept confidential for the bank safety. Here admin can track the user information regarding his visiting the pages.

Web traffic is defined as the amount of data sent and received by users to specific web site. Internet traffic is defined as flow of data in this we can able to know no of persons visited and number of pages used

by persons. These site checks the incoming and outgoing traffics so that no of pages which are popular and able to know these pages are viewed by the people in particular country.

Web traffic measuring:

Web traffic is measured to check the popularity of internet sites and single pages within sites.

Web traffic is also measured by packet sniffing.

Types:

No of visitors
Pages viewed by each user
Duration of visit
Duration of pages
Domain class
Important requested pages
Requested entry and exit pages
Busy times
And Top paths

The fundamental truth of success of web product development is made by keeping user in mind. Direct correlation exists between the techniques which are used for customers experience who are using the online services. Now a days both personal and professional activities are done online and most of the organisations uses multiple sites .so, online success depends on website and its applications.

Measurements of user experience:

There are different kinds for user experience they are classified in 3 types depending on the customer and his satisfaction.

First stage: General Knowledge

In this type it provides basic idea of the site or its performance

Second stage: understanding behaviour of user

In this understanding what the user is doing and were problem exists.

Third stage: influencing the users

This is last stage were websites and applications are forced to all users to influence Success to create positive experience.

COOKIES:

Cookie is also known as web cookie and browser cookie and HTTP cookie, it is like piece of text which is stored on user computer by their net browser .cookies are created by Netscape to give memory for servers and browsers. server will not remember about the web pages which sent to browser for this problem cookies were introduced .these cookies are very easy to maintain.

Cookies working:

Name-value
Expire date

Domain
And path

Name and value:

Every cookie has name and value which contains the actual information. these two pairs are used for our benefit as easy for searching by name and what value is assigned for it.

Expire date:

Every cookie has expiry time after that cookies are smashed so, we have to specify expiry time for cookies or else when ever browser closes it will smash.

Domain:

Each cookie has domain and path were domain specifies the browser to which a particular cookie should sent. Path has to set a specific directory where the cookies are active.

Conclusion:

As lots of information available at web services i.e. World Wide Web and these are successful in providing services to all the user with the help of web security that provides all the benefits of using a safe web access and continuous data transmission between both the end devices. Machine surviving has been changed because of increase of internet population It figures out, all the relevant information regarding the user at client side and traces out web sites accessed during the web session.

References:

http:///www.semissourain.com

http:///www.econ.berkeley.edu.com

http:///en.wikipedia.org

http:///www.tu-dresden.de

http:///en.wikipedia.org//websecurity

http:///www.sans-ssi.org

http:///www.freewebs.com

http:///www.myfastpc.com

http:///www.foruxfund.ees.net.nz

http:///en.wikipedia.org//ipsec

Categories
Free Essays

Bio-metric technologies are capable of providing the secured way of identification and personal activities to overcome the security issues in the process of Internet banking in banks

INTRODUCTION:

The purpose of this literature is to identify whether Bio-metric technologies are capable of providing the secured way of identification and personal activities to overcome the security issues in the process of Internet banking in banks. This literature also discusses about the possible security threats which most affect the online banking and the progress of counter measures taken to overcome the security issues. The main aim of this research is to analyse the capability of Bio-metric technologies and also about the benefits of using Bio-metric technologies for the security purpose in Internet banking.

GROWTH OF INTERNET BANKING:

According to Aravind Duraiswamy (2009), traditional way of banking requires their customers to visit the banks every time even to perform their basic banking needs like checking their bank account balance. As the usage of Internet becomes popular banks came up with the concept of Internet banking where customers could perform most of the transactions from their homes or anywhere for that matter. The Internet banking application has features that help to meet most of the banking needs of a bank account holder over the internet.

A recent paper (Hisamatsu et al, 2010) mentioned that the concept of online banking started in the 1980’s and it first became available for client use in 1995. Since then, the number of banks offering online banking services as well as demand for the service has increased. In the UK alone, the number of people using online banking has increased by 174% in just 5 years from 2001 to 2006. In the US, 53 million people, or one out of every 4 adults, used online banking in 2005.

According to Lee (2008, p.130-141) However, despite the fact that online banking provides many advantages, such as faster transaction speed and lower handling fees, there are still a large group of customers who refuse to adopt such services due to uncertainty and security concerns.

Binshan et al. (2010) indicates that trust is the “heart of the system” for online banking. Thus, we can say that internet banking is susceptible to greater sense of insecurity than older banking services and thereby importance of trust is also relatively higher in adoption of internet banking. A review by Michal et al. (2009) mentions that, a high level of perceived risk is considered to be a barrier to propagation of new innovations. Influenced by the imagination-capturing stories of hackers, customers may fear that an unauthorized party will gain access to their online account and serious financial implications will follow.

Rise of Security Attacks in Internet Banking:

A paper (Zakaria et al, 2009) reported that information security means the protection of information and information systems from illegal and unauthorized access, use, destruction or modification of data or information. However at the same time, information security issues are considered as the major factors affecting the growth of online banking as the fraudulent activities are prominently increasing. Also it has been reported that one-third of account holders who had signed up for e-banking had stopped using it due to unsatisfactory security service or the complexity of using the service.

A review by Laerte et al. (2011) indicates that the number of malware and exploits focused on online banking systems vulnerabilities has been steadily growing during past years. Recent reports indicate that banking Trojans were among the 50 main security threats in 2009. While Brazil figures as the source and destination of most of those attacks performed in Latin America.

Rachwald (2008, p.11-12)argues that in the physical world attackers are limited by their ability to manipulate physical items like making an extra copy of your account number. In the online world attackers are essentially unlimited in the resources they can bring to bear.

A review by Francisco et al. (2010) mentions that, Banking is considered a highly dynamic business, even more so when price reductions or better conditions are offered to customers contracting services over the internet. However some groups of customers are reluctant to use such services. Regarding electronic commerce in general, consumers show more concern about the use of banking services when the amount of money potentially exposed to fraud is significantly larger, than with other types of services or organizations.

Various types of possible Security Attacks:

Most internet banking fraud occurs in a two-step process. First, the offender must get their hands on the customer’s account information, like their username and password. Second, the offender will use that information to move his victim’s money to another account or withdraw it to make fraudulent purchases, which can be found online (Internet Banking Fraud: Why is Online Banking so Popular, 2009).

These fraud schemes include,

Phishing:

Hossain et al. (2011) argues that, Phishing is a web-based attack that allures end users to visit fraudulent websites and give away personal information (e.g., user id, password). The stolen information is the beginning point of many illegitimate activities such as online money laundering. Phishing attacks cost billions of dollars in losses to business organizations and end users.

A recent paper (Pravin et al, 2011) argues that, although phishing is a simple social engineering attack, it has proven to be surprisingly effective. Hence, the number of phishing scams is continuing to grow, and the cost of the resulting damages is increasing. One of the main reasons why phishing attacks are possible is because mails can be spoofed easily.

Butler (2007, p.517-533) found that a White Paper on Phishing explains that use of the term “phishing” originates in the term “password harvesting fishing”. Phishing attacks are popular, as they are relatively inexpensive to launch, while the potential returns for the phisher could be significant. Phishers succeed in their attacks as consumers are not adequately informed about the risks of disclosing their personal details.

A review by Gerald et al. (2008) indicates that the term ‘phishing’ has its origins from the analogy that identity thieves are using lures usually in the form of e-mails to ‘fish’ for passwords and financial data from the ‘sea’ of Internet users. As users are getting more aware of the modus operandi of phishing attacks over the Internet, identity thieves are taking measures to deceive the public and to continue harvesting stolen identities online. A variant of phishing that is yielding potent results to these perpetrators is spear-phishing which is more targeted and specific if compared to its predecessor.

A review by Petr et al. (2010) mentions that in the Phishing kind of attack, the attacker tries to obtain victims private information like credit card number, passwords or account numbers. It is based on sending bogus e-mails, which pretend to be an official request from victim’s bank or any other similar institution. These e-mails requests to insert victim’s private information on referenced page. This page looks similar to official internet banking and the user fills in all requested fields in good faith that all his information will be safe, which leads to the compromising of all of his information.

Malware, Botnets and DDoS Attacks:

According to Wajeb et al. (2011) nowadays, there is a huge variety of cyber threats that can be quite dangerous not only for big companies but also for an ordinary user, who can be a potential victim for cybercriminals when using unsafe system for entering confidential data, such as login, password, credit card numbers, etc. Among popular computer threats it is possible to distinguish several types depending on the means and ways they are realized. They are: malicious software (malware), DDoS attacks (Distributed Denial-of-Service), botnets.

Shrutiet al. (2010) argues that Botnets are the network compromised machines under the control of a human operator. Using botnet attacker can perform various attacks like distributed denial of service (DDoS), email spamming, key logging, click fraud etc. DDoS attack is used to perform overloading in a network or system, so that an authorized user cannot use the service.

Starting a distributed denial of service attack needs a whole bunch of machines. According to various sources, it’s very easy to compromise a computer. As soon as a computer is compromised it can be used to engage in malignant activities. A so called “Bot” is created. One bot as itself cannot be very harmful but as a user gathers a collection of bots and binds them together, the user is creating a “BotNet” which has a much high bandwidth capability. The communication between the bots is using a specific control channel which is owned by the bot herder or bot master (Burkhard et al., 2011, p.22).

Malware infects PCs, waits for the user to log onto a list of targeted banks and financial institutions, and then steals their credentials which are sent to a remote server in real time (Gendron, 2010).

A recent paper (Shih-Yao et al., 2009) indicates that malware is designed specifically to expose confidential information, such as system data, confidential files and documents, or logon credentials that are stored on the infected computer. With the widespread use of online shopping and Internet banking, the compromises of this nature results in significant financial loss, particularly if credit card information or banking details are exposed.

Viruses:

Online banking customers are being targeted by international cyber criminals who are using sophisticated computer viruses to empty their accounts. A new version of a well-known Trojan virus has stolen ?675,000 from about 3,000 online customers of an unnamed British bank, according to an internet security company (Griffiths and Harvey, 2010). The cash has been remotely transferred out of the accounts, held by businesses and individuals.

The virus checks to see how much money is in the accounts, steals it and shows the customer fake bank balances to cover its tracks, the company said. It uncovered the scale of the theft after penetrating the criminals’ command-and-control server, which is based in Eastern Europe. The company said that it had informed the financial institution concerned and the police two weeks ago and the attack appeared to be continuing. Zeus v3 is one of a new wave of viruses that often invade consumers’ machines when they visit legitimate websites, in what is termed a “drive-by” infection (Griffiths and Harvey, 2010).

Burton (2008) identified a Trojan virus labelled SilentBanker. SilentBanker is aptly named because this virus embeds itself on home computers after users have visited random websites and it has the ability to redirect money from customer’s accounts during a normal Internet banking session, all without any outward signs that a virus is at work. And most worrisome of all is that the usual indicators of a secure website; the locked padlock symbol and the letter “s” in a website address (https :), no longer guarantee that a website is secured.

Spyware and Adware:

Clutterbuck (2010) highlighted that, Spyware has been described as a software paradigm designed to illicitly collect and distribute targeted consumer information. “It is difficult to define spyware with precision. The working definition proposed … was software that aids in gathering information about a person or organization without their knowledge and which may send such information to another entity without the consumer’s consent, or asserts control over a computer without the consumer’s knowledge.”

In the analysis of Aycock (2010, pp.2) Adware can be considered a somewhat less harmful and usually more obvious form of Spyware. Spyware is covert; adware is overt. Just as for Spyware, there are behaviours that could be thought of as being characteristic of adware.

Janice et al. (2008) defines Adware, a type of spyware, delivers specific advertisements and offerings, customized for individual users as they browse the web. These advertisements can take the form of pop-up or pop-under ads, web banners, redirected webpages, and spam e-mail. Some adware however, may alter a homepage by hijacking a web browser, or add URLs to bookmarks, to persistently present a competitor’s website or a look-alike site, disallowing the user web access for his own purposes.

According to Janice et al. (2008) personal information such as financial data, passwords, and identification-tagged downloads can be transmitted, without the user’s knowledge or consent, to the spyware author or third-party sites. These sites can “phish” for data from user inputs while surfing, banking, and making purchases. The data could then be used to promote gambling, pornography, or fraudulent schemes, such as identity theft, to unsuspecting users.

Insider Attacks:

(Hui et al., 2010) defines insider and insider threat as “An insider is a current or former employee, a contractor or a business partner who has or had authorized access and intentionally exceeded that access in a manner that negatively affected the confidentiality, integrity or availability of the organization’s information or information systems’.

Fyffe (2008, p.11-14) argues that, In response to the increase in data breaches and the need to monitor and prevent attacks at every level, security professionals are proactively seeking ways to combat the insider threat. Despite this increased focus, internal attacks remain difficult to prevent. The motivation of those behind the breaches can be difficult to identify and the perpetrators often hide in plain sight. In many cases, insider attacks are premeditated and deliberate, but organisations must also recognise that non-malicious insiders can inadvertently access and distribute sensitive information.

Existing counter measures and why they are not effective:

(Paget, 2009) argues that financial fraud often starts with the diversion of personal information. A trash or recycling bin, a telephone conversation, or a poorly protected computer can be the starting point for fraud. Businesses are often vulnerable as well. Stolen laptops and data loss can lead to lasting damage to its brand image and heavy financial consequences for the company itself or its customers. In this respect, banks find themselves on the front line. Although it is impossible to completely eliminate the chance of becoming a victim of identity theft, individuals can effectively reduce their risk by following some commonsense recommendations.

Anti-Phishing Counter measure:

A recent paper (Abdullah and Malcolm, 2009) indicates that there have been different proposed anti-Phishing solutions to mitigate the problem of Phishing. Security toolbars have been used to prevent Phishing attacks such as SpoofStick. There are also anti-Phishing approaches that make users aware of Phishing emails and websites and how to avoid them. The most basic approach is publishing guidelines for the Internet users to follow when they go online.

According to (Abdullah and Malcolm, 2009) Anti-Phishing training will make the end-user aware and it will erect an effective barrier against Phishing attempts. Anti-Phishing awareness was shown to have a great positive effect in mitigating the risk of Phishing. There is a variety of anti-Phishing training approaches to make users aware of Phishing emails and websites and to learn how to avoid them.

People are vulnerable to phishing attacks because spoofed websites look very similar to legitimate websites. People have trouble identifying phishing sites even in tests in which they have been alerted about the possibility of such attacks. Furthermore, when phishers personalize their emails, they can further increase the likelihood that the attack will be successful. Researchers have developed several technical approaches to countering phishing attacks, including toolbars, email filters, and verified sender addresses. However, these approaches are not foolproof. In a recent study of 10 anti-phishing tools, only one tool was able to correctly identify over 90% of phishing websites, and that tool also incorrectly identified 42% of legitimate websites as fraudulent. Furthermore, while automated phishing detection is improving, phishers continuously adapt their attack techniques to improve their chances of success (Johnny, 2007).

According to (Cranor, 2008) with so much of money at stake, the computer security community has been scrambling to develop tech­nologies to combat phishing, such as filters for e-mail and Web browsers that flag phishing at­tempts. Although such software has helped stop many attacks, phishers are constantly evolving their tactics to try to stay a step ahead of such technologies. Since phishing plays on human vul­nerabilities, a successful attack requires a victim to succumb to the lure and take some action and it is also not strictly a technological problem.

A review by Ponnurangam et al. (2010) indicates that most anti-phishing research has focused on solving the problem by eliminating the threat or warning users. However, little work has been done on educating people about phishing and other semantic attacks. Educating users about security is challenging, particularly in the context of phishing, because users are not motivated to read about security in general and therefore do not take time to educate themselves about phishing for most users, security is a secondary task (e.g. one does not go to an online banking website to check the SSL implementation of the website, but rather to perform a banking transaction) and it is difficult to teach people to make the right online trust decision.

Malware, Botnets and DDoS Counter Measures:

Traditional ways of counter-measuring botnets is generally restricted to spotting a central weak point in their infrastructure that can be manipulated, disrupted or blocked. The most common way is to cooperate with an Internet service provider to gain access and shut down the central component, resulting in a loss of control for the botnet owner: The botnet cannot be commanded anymore. Such actions are often performed during emergency response to an ongoing incident like a DDoS attack (Felix et al., 2009).

According to (Felix et al., 2009) the most promising approach is to remove the base of a botnet, which is the C&C server. Pulling the plug of the command-and-control host allows to extinguish the whole botnet in one go. Unfortunately this is only possible if all of the following conditions are met:

1. The botnet uses a centralized structure

2. The location of the C&C server is known

3. The provider cooperates

If any one of those conditions is not met, the C&C server cannot be removed.

A review by Muththolib et al. (2010) mentions that Static Passwords, also the most common type of authentication method used in e-banking websites. It is based on proof knowledge. This type of mechanisms is prone to all type of attacks and usually attacks like capture, replay, guessing or phishing are common and effective attacks. Soft-token Certificate/SSL-TLS,this mechanism conducts mutual authentication between the user terminal and internet banking server, based on the certificates stored on the user’s web browser. The mechanism is prone to malicious software attacks such as key logger screen captures and also allows access to the user’s certificate stored on the browser which would also result in identity theft Muththolib et al. (2010). Hard-token Certificate/SSL-TLS:in this mechanism it uses a token for the authentication process. This mechanism is prone to token attack tools, malicious software attacks and also these tokens can be stolen. One-time Password/Time-based Code Generator: in this mechanism a one-time password is generated by a random calculator, using a seed that is pre shared between a PIN protected user’s device and the Internet Banking Server. This mechanism is also prone to number of attacks including device theft.

Viruses, Spyware and Adware Counter Measures:

(Miko, 2010) argues that using trusted HW deviceslikeHW calculators, HW password generators, smart cardreaders, mobile phonewill help to block the viruses. Assume that the computer is under attacker control (e.g. via Trojan Horse). Using alternate channel (OOB – out of band) SMS messages, phone calls will help to overcome from the attack. Assume that all the communication computer -Internet is under attacker control.

According to (Kishore, 2009) to protect the systems against Trojan horses, users should use virus scanners and be careful with downloaded software or e?mail attachments. However usage of one-time passwords (OTP) solves only credential stealing and the confirmation codes are not linked with authorising transaction which made more vulnerable to the viruses.

Summary:

Finally, from the above discussions we can understand that the bank industries faces an enormous growth with the help of Internet banking facilities and also we can realize that how Internet banking becomes a negative aspect for the banking industry in the means of security issues which cannot be able to completely prevented with the use of existing counter measures. In the next step we can find out and analyse whether Bio-Metric technology is capable of providing a secured way of authentication in Internet banking to overcome the security threats.

References:

(Butler, 2007; Johnny, 2007; Burton, 2008; Cranor, 2008; Fyffe, 2008; Gerald Goh Guan Gan, 2008; Janice C. Sipior, 2008; Lee, 2008; Rachwald, 2008; Internet Banking Fraud: Why is Online Banking so Popular?

, 2009; Abdullah Alnajim, 2009b; a; Aravind Duraiswamy, 2009; Felix Leder, 2009; Kishore, 2009; Paget, 2009; Shih-Yao Dai, 2009; Zakaria Karim, 2009; Michal Polasik, 2009

; Aycock, 2010; Binshan Lin, 2010; Clutterbuck, 2010; Francisco Munoz-Leiva, 2010; Gendron, 2010; Griffiths, 2010; Hui Wang, 2010; Miko, 2010; Muththolib Sidheeq, 2010; Petr Hanaeek, 2010; PONNURANGAM KUMARAGURU & LORRIE FAITH CRANOR, 2010; Shruti Singh, 2010; Hisamatsu, 2010

; Burkhard Stiller, 2011; Hossain Shahriar 2011; Laerte Peotta & Jr, 2011; Pravin Soni, 2011; Wajeb Gharibi, 2011)

Abdullah Alnajim, M. M. (2009a) ‘An Approach to the Implementation of the Anti- Phishing Tool for Phishing Websites Detection’, 2009 International Conference on Intelligent Networking and Collaborative Systems. IEEE. [Online]. Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=05370926 (Accessed: 30 March 2011).

Abdullah Alnajim, M. M. (2009b) ‘An Evaluation of Users’ Anti-Phishing Knowledge Retention’, 2009 International Conference on Information Management and Engineering. 18 June 2009. IEEE. [Online]. Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5077029 (Accessed: 30 March 2011).

Aravind Duraiswamy, S. (2009) Security Testing Handbook for Banking Application. Cambridgeshire: IT Governance.

Aycock, J. (2010) Spyware and Adware. [Online]. Available at: http://books.google.co.uk/books?hl=en&lr=&id=UKNgoM3nLe0C&oi=fnd&pg=PR7&dq=spyware+and+adware&ots=ISwyV-b5-s&sig=EmiqG3ChX6bB5CZKkm_Lnc4cTKs#v=onepage&q&f=false (Accessed: 21 March 2011).

Binshan Lin, A. Y.-L. C., Keng-Boon Ooi, Boon-In Tan (2010) ‘Online banking adoption: an empirical analysis’, International Journal of Bank Marketing, 28 (4), pp. 267-287 [Online]. Available at: http://jr3tv3gd5w.search.serialssolutions.com/?ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Online+banking+adoption%3A+an+empirical+analysis&rft.jtitle=International+Journal+of+Bank+Marketing&rft.au=Binshan+Lin&rft.au=Alain+Yee-Loong+Chong&rft.au=Keng-Boon+Ooi&rft.au=Boon-In+Tan&rft.date=2010-01-01&rft.pub=Emerald+Group+Publishing+Limited&rft.issn=0265-2323&rft.volume=28&rft.issue=4&rft.spage=267&rft.epage=287&rft_id=info:doi/10.1108%2F02652321011054963&rft.externalDBID=n%2Fa&rft.externalDocID=10_1108_02652321011054963 (Accessed: 17 March 2011).

Burkhard Stiller, H., Fabio Hecht,Guilherme Machado,Andrei Vancea,Martin Waldburger (2011) Economic and Technical Analysis of BotNets and Denial-of-Service Attacks. Zurich University of Zurich [Online]. Available at: http://csg.ifi.uzh.ch/publications/ifi-2011.0001.pdf#page=19 (Accessed: 20 March 2011).

Burton, J. (2008) Internet banking virus threatens bank accounts – consumers need to fortify home computer security. Burnaby: BC Crime Prevention Association [Online]. Available at: http://www.bccpa.org/bccpa/newsroom/latest/Feb_14_08_SilentBanker_trojan.pdf (Accessed: 27 March 2011).

Butler, R. (2007) ‘A framework of anti-phishing measures aimed at protecting the online consumer’s identity’, The Electronic Library, 25 (5), pp. 517-533 [Online]. Available at: http://www.emeraldinsight.com/journals.htm?issn=0264-0473&volume=25&issue=5&articleid=1634496&show=html (Accessed: 20 March 2011).

Clutterbuck, P. (2010) ‘Spyware Security Management via a Public Key Infrastructure for Client-Side Web Communicating Applications’, 2010 10th IEEE International Conference on Computer and Information Technology : (CIT 2010). Brisbane IEEE. [Online]. Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5578087 (Accessed: 21 March 2011).

Cranor, L. F. (2008) Can Phishing be FoiledCarnegie Mellon University [Online]. Available at: http://www.cs.virginia.edu/~robins/Can_Phishing_be_Foiled.pdf (Accessed: 30 March 2011).

Felix Leder, T. W., Peter Martini (2009) Proactive Botnet Countermeasures – An Offensive Approache. Germany: University of Bonn [Online]. Available at: http://net.cs.uni-bonn.de/fileadmin/user_upload/leder/proactivebotnetcountermeasures.pdf (Accessed: 31 March 2011).

Francisco Munoz-Leiva, T. L.-M., Juan Sanchez-Fernandez (2010) ‘How to improve trust toward electronic banking’, Online Information Review, 34 (6), pp. 907-934 [Online]. Available at: http://www.emeraldinsight.com/journals.htm?issn=1468-4527&volume=34&issue=6&articleid=1896453&show=html (Accessed: 19 March 2011).

Fyffe, G. (2008) ‘Addressing the insider threat ‘, Network Security, 2008 (3), pp. 11-14 [Online]. Available at: http://jr3tv3gd5w.search.serialssolutions.com/?ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Addressing+the+insider+threat&rft.jtitle=Network+Security&rft.au=Fyffe%2C+George&rft.date=2008-01-01&rft.issn=1353-4858&rft.volume=2008&rft.issue=3&rft.spage=11&rft.epage=14&rft_id=info:doi/10.1016%2FS1353-4858%2808%2970031-X&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_S1353_4858_08_70031_X (Accessed: 21 March 2011).

Gendron, M. (2010) ‘Trusteer Warns Financial Malware is Attacking; Leading US Banks Using Visa and MasterCard Hoax Trojan Injects Enrollment Screen for Verified by Visa and MasterCard SecureCode Security Programs during Online Banking Sessions’, M2 Presswire, 14 July [Online]. Available at: http://jr3tv3gd5w.search.serialssolutions.com/?ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=news&rft.atitle=Trusteer+Warns+Financial+Malware+is+Attacking%3B+Leading+US+Banks+Using+Visa+and+MasterCard+Hoax+Trojan+Injects+Enrollment+Screen+for+Verified+by+Visa+and+MasterCard+SecureCode+Security+Programs+during+Online+Banking+Sessions&rft.jtitle=M2+Presswire&rft.date=2010-01-01&rft.pub=Normans+Media+Ltd&rft.externalDBID=n%2Fa&rft.externalDocID=231533464 (Accessed: 26 March 2011).

Gerald Goh Guan Gan, T. N. L., Goh Choon Yih & Uchenna Cyril Eze (2008) ‘Phishing: A Growing Challenge for Internet Banking Providers in Malaysia’, Journal of Internet Banking, 5, pp. 133-141 [Online]. Available at: http://www.ibimapublishing.com/journals/CIBIMA/volume5/v5n17.pdf (Accessed: 20 March 2011).

Griffiths, M. H. K. (2010) ‘Online banking hit by new trojan virus: Criminals plunder accounts without trace’, The Times August 11, p. 3. [Online]. Available at: http://jr3tv3gd5w.search.serialssolutions.com/?ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=news&rft.atitle=Online+banking+hit+by+new+trojan+virus&rft.jtitle=The+Times&rft.au=Katherine+Griffiths&rft.au=Mike+Harvey&rft.date=2010-08-11&rft.issn=0140-0460&rft.spage=3&rft.externalDBID=TOFL&rft.externalDocID=2106969741 (Accessed: 21 March 2011).

Hisamatsu, A. P., D. Nishantha, G.G.D. (2010) ‘Online banking and modern approaches toward its enhanced security’, Advanced Communication Technology (ICACT) 2010 : The 12th International Conference onPhoenix Park 7-10th February IEEE Xplore pp. 1459 – 1463

[Online]. Available at:

(Accessed: 17 March 2011).

Hossain Shahriar , M. Z. (2011) ‘Trustworthiness testing of phishing websites: A behavior model-based approach’, Future Generation Computer Systems, [Online]. Available at: http://www.sciencedirect.com/science?_ob=MImg&_imagekey=B6V06-5265S47-1-1&_cdi=5638&_user=122879&_pii=S0167739X11000045&_origin=gateway&_coverDate=02%2F16%2F2011&_sk=999999999&view=c&wchp=dGLbVlW-zSkWA&md5=244583ca30474732386b5fab04504a2f&ie=/sdarticle.pdf (Accessed: 19 March 2011).

Hui Wang, D. H., Shufen Liu (2010) ‘Research On Security Architecture MSIS For

Defending Insider Threat’, Proceedings of the Third International Symposium on Computer Science and Computational Technology : (ISCSCT ’10). China 14-15 August. China: academy publisher.com pp. 389-392. [Online]. Available at: http://academypublisher.com/proc/iscsct10/papers/iscsct10p389.pdf (Accessed: 21 March 2011).

Internet Banking Fraud: Why is Online Banking so Popular?. (2009) [Online]. Available at: http://www.spamlaws.com/onlinebanking-fraud.html (Accessed: 26 March 2011).

Janice C. Sipior, B. T. W. (2008) ‘User perceptions of software with embedded spyware’, Journal of Enterprise Information Management, 21 (1), 2008, pp. 13-23 [Online]. Available at: http://jr3tv3gd5w.search.serialssolutions.com/?ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=User+perceptions+of+software+with+embedded+spyware&rft.jtitle=Journal+of+Enterprise+Information+Management&rft.au=Janice+C.+Sipior&rft.au=Burke+T.+Ward&rft.date=2008-01-01&rft.pub=Emerald+Group+Publishing+Limited&rft.issn=1741-0398&rft.volume=21&rft.issue=1&rft.spage=13&rft.epage=23&rft_id=info:doi/10.1108%2F17410390810842228&rft.externalDBID=LIM&rft.externalDocID=10.1108%2F17410390810842228 (Accessed: 27 March 2011).

Johnny (2007) Does Anti-Phishing Training Work [Online]. Available at: http://www.cs.cmu.edu/~jasonh/publications/apwg-ecrime2007-johnny.pdf (Accessed: 30 March 2011).

Kishore, K. L. (2009) E – Banking(CS05B034 ) [Online]. Available at: http://netlab.cs.iitm.ernet.in/cs648/2009/assignment1/cs05b034.pdf (Accessed: 31 March 2011).

Laerte Peotta, M. D. H., Bernardo M. David, Flavio G. Deus, Rafael & Jr, T. d. S. (2011) ‘A FORMAL CLASSIFICATION OF INTERNET

BANKING ATTACKS AND VULNERABILITIES’, International Journal of Computer Science & Information Technology (IJCSIT), 3 (1) [Online]. Available at: http://airccse.org/journal/jcsit/0211ijcsit13.pdf (Accessed: 18 March 2011).

Lee, M.-C. (2008) ‘Factors influencing the adoption of internet banking: An integration of TAM and TPB with perceived risk and perceived benefit ‘, Electronic Commerce Research and Applications, 8 (3), pp. 130-141 [Online]. Available at: http://jr3tv3gd5w.search.serialssolutions.com/?ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Factors+influencing+the+adoption+of+internet+banking%3A+An+integration+of+TAM+and+TPB+with+perceived+risk+and+perceived+benefit&rft.jtitle=Electronic+Commerce+Research+and+Applications&rft.au=Lee%2C+Ming-Chi&rft.date=2009-01-01&rft.pub=Elsevier+B.V&rft.issn=1567-4223&rft.volume=8&rft.issue=3&rft.spage=130&rft.epage=141&rft_id=info:doi/10.1016%2Fj.elerap.2008.11.006&rft.externalDBID=LCRP&rft.externalDocID=000266272200003 (Accessed: 17 March 2011).

Michal Polasik, T. P. W. (2009) ‘Empirical analysis of internet banking adoption in Poland

‘, International Journal of Bank Marketing 27 (1), pp. 32 – 52

[Online]. Available at:

&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Empirical+analysis+of+internet+banking+adoption+in+Poland&rft.jtitle=International+Journal+of+Bank+Marketing&rft.au=Tomasz+Piotr+Wisniewski&rft.au=Michal+Polasik&rft.date=2009-01-01&rft.pub=Emerald+Group+Publishing+Limited&rft.issn=0265-2323&rft.volume=27&rft.issue=1&rft.spage=32&rft.epage=52&rft_id=info:doi/10.1108%2F02652320910928227&rft.externalDBID=IJB&rft.externalDocID=10_1108_02652320910928227> (Accessed: 17 March 2011).

Miko, K. (2010) Internet Banking Attacks. Prague: DCIT [Online]. Available at: http://www.dcit.cz/cs/system/files/CEPOL_Internet-Banking-Attacks.pdf (Accessed: 31 March 2011).

Muththolib Sidheeq, A. D., Geetha Kananparan (2010) ‘Utilizing Trusted Platform Module to Mitigate Botnet Attacks ‘, International Journal of Advancements in Computing Technology, 2 (5), pp. 111-117 [Online]. Available at: http://www.aicit.org/ijact/ppl/12_IJACT6-187020.pdf (Accessed: 31 March 2011).

Paget, F. (2009) Financial Fraud and Internet Banking: Threats and Countermeasures. California: McAfee [Online]. Available at: http://www.mcafee.com/us/resources/reports/rp-financial-fraud-int-banking.pdf (Accessed: 30 March 2011).

Petr Hanaeek, K. M., Jiri Schafer (2010) ‘E-banking security – A comparative study’, IEEE, 25 (1), pp. 29-34 [Online]. Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5442151 (Accessed: 26 March 2011).

Ponnurangam Kumaraguru, S. S., ALESSANDRO ACQUISTI, & LORRIE FAITH CRANOR, J. H. (2010) ‘Teaching Johnny Not to Fall for Phish’, ACM Transactions on Internet Technology, 10 (2), pp. 1-31 [Online]. Available at: http://delivery.acm.org/10.1145/1760000/1754396/a7-kumaraguru.pdf?key1=1754396&key2=0657261031&coll=DL&dl=ACM&ip=192.173.4.219&CFID=16000505&CFTOKEN=34623913 (Accessed: 30 March 2011).

Pravin Soni, S. F., B. B. Meshram (2011) ‘A Phishing Analysis of Web Based Systems’, ICCCS ’11 : Proceedings of the 2011 International Conference on Communication, Computing & Security New York New York: ACM, pp. 527-530. [Online]. Available at: http://delivery.acm.org/10.1145/1950000/1948049/p527-soni.pdf?key1=1948049&key2=9596401031&coll=DL&dl=ACM&ip=192.173.4.213&CFID=15108157&CFTOKEN=79387292 (Accessed: 20 March 2011).

Rachwald, R. (2008) ‘Is banking online safer than banking on the corner?’, Computer Fraud & Security, 2008 (3), pp. 11-12 [Online]. Available at: http://jr3tv3gd5w.search.serialssolutions.com/?ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info:sid/summon.serialssolutions.com&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Is+banking+online+safer+than+banking+on+the+corner%3F&rft.jtitle=Computer+Fraud+%26+Security&rft.au=Rachwald%2C+Rob&rft.date=2008-01-01&rft.issn=1361-3723&rft.volume=2008&rft.issue=3&rft.spage=11&rft.epage=12&rft_id=info:doi/10.1016%2FS1361-3723%2808%2970045-9&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_S1361_3723_08_70045_9 (Accessed: 19 March 2011).

Shih-Yao Dai, Y. F., Jain-Shing Wu, Chih-Hung Lin, Yennun Huang, Sy-Yen Kuo (2009) ‘Holography: A Hardware Virtualization Tool for Malware Analysis’, 2009 15th IEEE Pacific Rim International Symposium on Dependable Computing. Shanghai 16-18 Nov. 2009 Taiwan IEEE, p. 263. [Online]. Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5370996 (Accessed: 26 March 2011).

Shruti Singh, M. G. (2010) ‘Analysis of Botnet Behavior Using Queuing Theory’, International Journal of Computer Science & Communication, 1 (2), pp. 239-241 [Online]. Available at: http://www.csjournals.com/IJCSC/PDF1-2/49..pdf (Accessed: 20 March 2011).

Wajeb Gharibi, A. M. (2011) ‘Software Vulnerabilities, Banking Threats, Botnets and Malware Self-Protection Technologies ‘, IJCSI International Journal of Computer Science, 8 (1), pp. 236-241 [Online]. Available at: http://www.ijcsi.org/papers/IJCSI-8-1-236-241.pdf (Accessed: 20 March 2011).

Zakaria Karim, K. M. R., Aliar Hossain (2009) ‘Towards secure information systems in online banking’, Internet Technology and Secured Transactions, 2009 : ICITST 2009. International conference for London9-12 Nov, 2009. pp. 1-6[Online]. Available at:

(Accessed: 18 March 2011).

Categories
Free Essays

Security threats and features of LDAP

1. Introduction to LDAP:

There are many protocols listed in the networking communications such as HTTP, FTP and one among them is LDAP, which is expanded as Light Weight Directory Access Protocol. LDAP is primarily used in the communication of directory services. This protocol runs depending on four models categorized as: informational model (describes about the directory), naming model (structuring and referring the directory data), functional model (describes about the mechanism of protocol on directory services access), security model (describes about the protection of data in a directory from malicious programs or any unauthorized access).

This coursework explains about the various security threats that may raise during the design of a directory service and the security features that LDAP supports. Prior to that, there is a need of understanding the functionality involved and the data transfer or access between client and server needs to be discussed. Later, the directory cannot be used for storing public data if the mechanism or security support is not available for LDAP services for the applications and users. In a reason for developing trust from the users and applications, there is a need of providing some of the important security features along with LDAP systems and services.

2. Protocol Operation:

LDAP is a message oriented protocol, where the LDAP client sends a request for data to LDAP server and server processes the request and returns the client with multiple messages with unique message_id as the result. The following figure explains about the protocol operation about client server communications.

3. Auditing features in LDAP:

What security auditing features does LDAP support and is it possible to detect brute forcing attacks (such as NAT) against a LDAP server?

The initial security feature while designing a directory can be developed based on security threat or issues that generally make a service insecure. The security problems are difficult to fix if there is no clue form the threats occurred. So, there is a need to maintain a track record of whoever has access the system and the timestamp that the system was accessed. There should be additional information about the operations performed and the impact of the operations with results of some errors or unusual conditions. With the help of such information, it can be easier to analyze the logs which can narrow down the technical security problems insight. Some of the security features in LDAP examples include break-in attempts, trawling attempts, misconfigured applications. The auditing features help in detecting the brute force attacks and supports LDAP operations with the following methods:

Break-in attempt triggers when there is a multiple failures that occurred repeatedly that were noted down in the error logs due to login failure which raises a choice of break-in attempt.

Trawling refers to unauthorized bulk downloads from the directory services or data from the systems. The trawling attempt is to monitor the repeated search results such that the limit for download exceeds the allotted administrative limits.

Misconfigured applications: Some of the applications retrieve certain data that is not relevant to the directory systems or the data of directory services. Such application even place unnecessary load on the servers and these are rated as misconfigured applications. Auditing such information helps the administrator of the directory server to counter such threats or can also help in identifying the solutions to make the server with optimal solutions.

The auditing feature is available on LDAP based account or through a local file system access in /etc directory. In most of the cases, the auditing feature is disabled by default on LDAP accounts. The command line option with audusr –a or –d makes the accounts active and disable respectively for auditions.

Once the account of LDAP or local user account was authorized, then the flag for system auditing can be set to enable. Such configuration can be enabled by defining the parameter “initial_ts_auditing” in the client configuration file “/etc/opt/ldapux/ldapux_client.conf”. Auditing feature is dependent on the host specifications where the setting needs to be enabled for each and exclusive hosts. They share unique audit Ids for different LDAP based accounts which are not synchronized when they are executing in trusted mode.

If the LDAP account changes or gets updated, a unique id is generated for each host that the account is created on. Initially, as discussed auditing flag will be set to disable in “/etc/opt/ldapux/ldapux_client.conf” file. Else,, if the account is deleted in the directory server, related information will not be completely deleted from the local system. Reason is that the information that is stored in the local system can be re-used when there is a need to use the account again. However, such accounts can be removed from trusted mode manually which can be specified in the directory: /tcb/files/auth/… directory, and … represents the initial of the account name.

4. Security features of LDAP: (RFC 2829)

Authentication security feature for LDAP can be done in two approaches – one way communication, where client enters the simple password texts to the directory server in a LDAP bind operation or the server provides a SSL Secure Socket Layer certification to the client where the connection will be encrypted. Another type of network in LDAP is two way communications, where client and server exchange SSL certificates.

SSL layer divides the data sent across into multiple blocks where each block is associated with check sum value to make sure that the blocks are not tampered in the transit. So, if the data sent will be signed with SSL certificate from the indicated party, there is a little chance of the data to be tampered in the transit and such security feature was termed as Signing.

Encrypted data has very interesting feature that only the receiver for the data can decrypt the data with the code and possibly the sender will know the code to undo from the original. There is minimum chance for the data to get scrambled when sent through the security mechanism of encryption. There needs to be a feature developed in any directory system when the data sent needs to be acknowledged with a end to end security enabled. This feature needs to be implemented to track the data if the security was compromised and in what manner the security was lost. Such information will be logged inside the error logs of every directory server and such mechanism of tracking records and error logs is defined as auditing security feature.

Firewall is the vital security feature available on LDAP directory systems which prevent unauthorized access on the resources or data inside the network or directory server. Examples are e-commerce websites that are equipped with efficient firewalls which create multiple zones of security where the zones are included with public Internet sites and internal database servers with sensitive information.

These above mentioned mechanisms are the security features which are available inclusive in LDAP In the next section, the area that will be discussed on the security systems that support LDAP in keeping the directory systems more secure.

Intrusion detection systems are mainly supportive while a intruder tries to look-up information and access certain secure data. These systems help in detecting such attack and signals that an attack has occurred on the directory systems. They consists of network intrusion detection systems NIDS, which identifies the network packets and system integrity verifiers SIVs, which monitor system resources such as registry settings.

SSL – Secure sockets layer protocol, as explained earlier is a protocol which was mainly developed for the use of making certain protocols like LDAP, HTTP etc more secure. It is mainly based on the public key cryptography that comprises of authentication, signing and encryption features of additional security to the directory systems. Kerberos provides authentication and encryption features as well with the directory systems in LDAP. SASL, Simple authentication and Security layer will be applicable for application layer protocols that can negotiate the authentication by supporting encryption, signing and authentication services. Internet Protocol Security, IPsec helps in providing a security mechanism on transport layer connections where LDAP runs on TCP Transfer Control Protocol between machines. IPsec is mainly dependent on public key technology that can be useful in administrative tasks on the directory systems.

5. Implementation of ACL over LDAP

How is it possible to implement an access control list on a LDAP server?

Introduction:

Access control lists (ACLs) over LDAP server has the underlying reason for their implementation as to monitor the individual’s rights and permissions of access on the different resources and directories. The configuration syntaxes are defined for ACL as: {*, self, anonymous, users, Regular expression} where

* represents any connected user (can be self or anonymous user)
Self represents DN, distinguished name of the currently connected user who was successfully authenticated in the previous LDAP bind operation or request.
Anonymous represents non-authenticated user connections
Users represent the opposite of anonymous as the authenticated user connections
Regular expression represents DN or a SASL identity.

(Source: Carter, 2003).

Example syntax for ACL syntax on LDAP server:

The individual login username will be considered as the form of DN as

(DN=”`cn = Gopal Krishna, ou=people, dc=Glamorgan, dc=org”) or as the form of SASL identity as (DN=”uid = gk123, cn=Gopal Krishna, cn=auth”). The access privileges vary from one user to another user narrowing from top to bottom where the intensity of access also varies accordingly. Write permission is on the top access level followed by read, search, compare, auth, none. The simplest way to monitor the access level is initially defining a default access level of authorization. The configuration file that includes all such information of LDAP is: “slapd.conf”. When there are no rules or roles generated or provided for any user, slapd.conf file has all the parameters that define the access levels for the unspecified users.

Example:

To assign the role or privilege of “searching the directory” is given to all the users. It can be implemented in the slapd.conf file as shown below:

The next implementation of ACL on LDAP is to define the entry and attributes that needs to be applied on directories. They are categorized as: regular expression, LDAP search filter, comma-separated list of attributes. (Source: Carter, 2003).

Regular expression:

It defines the distinguished name (DN) of the proposed or desired ACL that needs to be set on directory systems. Then, the syntax will be written as: “dn.targetstyle=regex” where,

Target style represents one of the bases (can be sub tree, one or children). It has the default value of sub tree where it is used to broaden or narrow down the scope of ACL for the authenticated or non authenticated users (anonymous users). If we consider example of sub tree comparing the target style value as one, then the scope of ACL limits to the value of children immediately next to the defined DN. However, in most of the real time scenarios, the default value does not gets changes as most of the users need to be provided the privilege of sub tree scope of limit on ACL over LDAP.

Regex term represents the actual regular expression specification of DN. It follows the most commonly used normal regular expression rules such that the regular expression will not affect the DN value to make it in a normalized form.

LDAP search filter:

LDAP search filter is configured by specifying the filter as “Filter = ldapFilter”. If the LDAP query searches all entries of an “object class attribute”,

Search scope defines the “LDAP search queries”, by default has sub tree as the target list searches for all the entries from the directory server that was defined by –b option. When the search filter targets with target style = children, number valued as one; the immediate children of the base suffix entry or searching the single entry. The entries are specified as sub, base, or one are identified by the search scope –s (RFC 2820).

Comma separated attributes:

The file “slapd.conf”, with the query of “slapd” returns the attributes which are non-operational. For every entry in the directory, there will be an extending list of attributes inside the directory. When the results target operational attributes, the examples of such attributes are: modify Timestamp and modifiers name.

A comma separated list of attributes is written with the syntax:

”attrs= attribute List”. The ACL applies to all the attributes held by such entries which match the distinguished name regular expression pattern. If there are no such search filters present and the requirement shifts towards the asterisk (*) which will be used as a placeholder that consist of every attribute list filters. If the access needs to be provided for every user, for example when a read operation needs to be allotted for all the available users, the syntax is written in the form as:

Space indicates that the other line is continuation of the earlier command. The entire syntax can be written in a single line where most of the complex ACLs makes the easier readable format in such spaces.

If the user needs to be restricted on the access with a password attribute, user can access and does not have any explicit permissions of read and write permissions. The implementation can be written as follows:

Else, if the password permission for updating by the user, implementation of ACL on LDAP can be obtained by:

(Source: Carter, 2003).

6. References

LDAP System Administration by Gerald Carter, Copyright 2003 O’ Reilly & Associates, Inc published on March 2003 First Ed.
Understanding and Deploying LDAP Directory Services, Second Edition By Timothy A. Howes Ph.D., Mark C. Smith, Gordon S. Good
Access Control Requirements for LDAP (RFC 2820). E. Stokes, D. Byrne, B. Blakley, and P. Behera, 2000. Available on the World Wide Web at http://www.ietf.org/rfc/rfc2820.txt.
Authentication Methods for LDAP (RFC 2829). M. Wahl, H. Alvestrand, J. Hodges, and R. Morgan, 2000. Available on the World Wide Web at http://www.ietf.org/rfc/rfc2829.txt.
Chris McNab, Network Security Assessment: Know Your Network, Second Edition, O’Reilly, 2007, ISBN: 0-596-51030-6.

Categories
Free Essays

The End of the Cold War and the New Threats to Global Security

Introduction

The end of the Cold War marked a new beginning for the international security agenda, and the demise of the simple bipolarity brought forward a revised agenda for human rights, international peace and cooperation and stability. The end of the Cold War triggered the rise of new threats and challenges to international security, and the advance of globalization led to the redistribution of power in the international system (Baylis & Smith, 2007; Brown, 2005). In the context of globalization, the capacity of the state was undermined and as a result state-to-state relations dramatically changed (Strange, 2002). Classic wars were gradually transformed into “modern wars” (Kaldor, 1999; Smith, 2006; Shaw, 2005). In this different political environment, the security challenges were no longer existent on a state-to-state level, because of the growing importance of sub-state actors.

This essay will focus on the reorganization of the international system after the end of the Cold War, and will discuss the new challenges to global security, posed by the demise of the bipolar regime. The essay will support the view that with the end of the Cold War, the world became a more dangerous place, because of the multiplicity of actors on the international scene and the changed perceptions of military force, war and security.

Changing perceptions of military force and war

The end of the Cold War brought forward the change of the perceptions of military force in several different aspects. The impact of these changed perceptions upon the international security agenda has been undisputed, and will be discussed in detail. For clarity, the author has chosen to focus only on the most important security-related transformations following the Cold War – the new sources of threat such as nuclear weapons and terrorism, and the changing notions of war in the context of globalization. Their features will be discussed in the context of the changed dynamics of the international system.

2.1 New sources of security threat

The end of the Cold War led to new security challenges, because of changing notions of military force and the new sources of security threat (Smith, 2006; Shaw, 2005). The first one is related to the rise of nuclear power. With the demise of the USSR, the simple bipolarity of the Cold War world was replaced by a multipolar world, where the centrality of power was no longer clearly defined (Brown, 2005; Jackson & Sorensen, 2003). The rise of the Asian economic powers, the advance of nuclear and biological weapons in countries such as Iran, Israel and Iraq challenged the stability of the mutual deterrence principle, comfortably sustained during the Cold War (Hammes, 2005).

Another source of security threat after the Cold War was related to terrorism, and the rise of sub-state actors (Smith, 2006). The War on terror, embedded in the Bush doctrine, was a clear demonstration of the changing nature of war, and the elusive image of the new enemy (Shaw, 2005). After 9/11 it became clear that terrorism was not a war against an enemy, but against tactics (Baylis & Smith, 2007). Its manifestations and capacity to destroy were as much the result of political construction, as of historically embedded perceptions about the East and the West and their manipulation by mass media and policy-makers. After the end of the Cold War non-state actors such as Al Qaeda and Hamas, became a new source of security threat because of their ability to operate internationally but at the same time to exist inside the state (Shaw, 2005). Also, the controversies, around states labelled as rogue and unable to comply with the international standards for peace and democracy such as Afghanistan, Iraq, North Korea, Libya and Syria necessitated new means for meeting the challenges to threat and security. They will be discussed in section 3.

2.2 Changing notions of war in a global world

Here it is important to mention globalization as a factor, which led to re-examination of the capacity of the state to observe human security and human rights (Strange, 2002). In the context of a borderless world, the international human rights agenda is inevitably revisited, and the main carriers of legal standards are no longer represented solely by state actors, but by the global civil society, comprising of International non-governmental organizations (INGOs). Because of these inevitable transformations, the very perception of security, threat and war changed in several important aspects. As Mary Kaldor famously observes, the end of the Cold War saw the rise of the modern wars, which lack time and space, because they are based on non-quantifiable demands often related to ideology, ethnicity, religion and the social construction of history (1999). The old wars were pushed away by new types of threats and conflicts, such as organized crime, and religious and civil wars. The early 1990s saw the bloody demise of former Yugoslavia, and a series of conflicts in Rwanda, Congo, Sudan and Somalia, triggered by the redefinition of political borders, the struggle over economic resources and ethnic and religious factionalism. In the context of globalization, the modern wars are interstate conflicts, executed by sub-state actors. In this sense, it is important to mention that the growing presence of the sub-state actors has posed new challenges to the classic perceptions of security, because of non-tangible variables such as perceptions, as opposed to old-time military ambitions related to territorial invasion and economic gain.

Meeting the new security challenges: a revised agenda for peace

In order to meet the new security challenges, identified earlier, the international community had to devise a new agenda in the post-Cold war era.

First, humanitarian intervention became important, and triggered as an effect of the revised agenda, where the security of foreign nationals, whose human rights have been violated by their home state became important (Jackson & Sorensen, 2003). Despite the ongoing political debate about the legality and legitimacy of humanitarian intervention, a norm of intervention was authorized by the UN Security Council in the 1990s, which was followed by operations in the Democratic Republic of Congo in 1996 and Kosovo in 1999 (Baylis & Smith, 2007). Despite the criticisms that humanitarian intervention might stop the immediate killing of civilians but is not a reliable strategy for long-term piece, it reveals a shifted emphasis from military to human security in the years following the end of the Cold War. In this relation, another trend in dealing with conflicts became prominent – the imposition of economic sanctions for the purpose of exerting political, rather than military pressure upon non-compliant states and communities.

The post-Cold War agenda for peace also involved the reorganization of military forces, where the deviation from the Clausewitzian concept of war was obvious in the attempt to ameliorate and contain, rather than destroy or simply conquer (Smith, 2006). Examples of such wars of containment are the conflicts in Iraq and Afghanistan.

In addition, the role of the global civil society and the growing influence of INGOs as advocates of peace and human rights deserve a mention. The importance of international non-governmental organizations in global policy-making has been undisputed because of the more complicated security agenda in the post-Cold War era. Also, because of the multiplicity of actors in the international system, and the new security needs, states and intergovernmental organizations are unable to deal with international crises without the development programmes and research, provided by the INGOs. Although their political success remains disputed, their role as independent observers and proponents of policy change is growing.

Conclusion

This essay has attempted to show the changing nature of the international system after the end of the Cold War. Today the international community faces different security threats based on a new perception of military force. Terrorism and the spread of nuclear power have shunned classic state-to-state conflicts, and as a result a new security agenda for peace and cooperation has been embraced. In the era of globalization, the transition towards collective security as a model of global governance, remains a challenge but also a prerequisite for peace.

Bibliography:

Baylis, J. & Smith, S. (2007) eds, The Globalization of World Politics. Oxford: Oxford University Press

Brown, C., (2005) Understanding International Relations, Palgrave: Macmillan, Ch. 6, pp. 106-123

Clausewitz, C. (1977) ‘What is War?’, On War, Princeton: Princeton University Press

Hammes, T.X (2005) ‘War evolves into the fourth generation’, Contemporary Security Policy, Vol.26, No.2pp.189–221.

Jervis, R. (1991/1992) ‘The Future of World Politics: Will It Resemble the Past?’ International Security 16, no. 3

Jackson, R. & Sorensen, G. (2003) Introduction to International Relations, Oxford: Oxford University Press

Kaldor, M. (1999) New and Old Wars: Organized Violence in a Global Era. Cambridge: Polity Press

Shaw, M. (2005) The New Western Way of War: Risk Transfer war and its Crisis in Iraq Cambridge: Polity Press

Smith, R. (2006) The Utility of Force: The Art of War in the Modern World London: Penguin

Strange, S. (2002) The Declining Authority of States, in The Global Transformations Reader: an Introduction to the Globalization Debate, 2nd edition, Held and MacGrew (eds) Cambridge: Polity Press, pp.127-134

Van Creveld, M. (1991) The Transformation Of War NY: Free Press

Categories
Free Essays

The extent to which security is a necessary precondition for development

Introduction

In order to have a better understanding of the role that is played by security in national or global progress, it is vital to first provide an in-depth definition of the term security. There are different definitions of that are used in literature. For instance, Spear and Williams (2012, p.7) argue that security is not only the capability of a nation to offer protection of its external and internal values and resources from threats. It also encompasses the manner in which countries plan, implement and evaluate their strategies, issues and policies so as to increase their all-round stability while at the same time reducing their vulnerability levels to threats. Norman (2010, p.299) also defines security as a combination of all components that assure citizens that their property and lives are safe. For countries and the globe at large to prosper, security is among the most vital preconditions (Dobbins, 2009, p.1). In this regard, this paper intends to critically analyze the extent to which security is a prerequisite for development. Whereas it agrees that indeed, security is required for development to take root, some arguments against this statement are also presented.

The Role played by Security in Development

There is a wide scope over which security or insecurity can be explained. One of these refers to the peace and cohesion among people. Regions that are characterized by peace and minimal conflicts are regarded to as having security (Colletta et al., 2001, p.439). On the contrary, regions without peace are referred to as being insecure because existent tensions often result in violence or war as a result of the inherent differences. Security also refers to how prepared a nation is to defend its citizens from threats that may be either internal or external. This often refers to how well the defence forces or police forces are equipped (Bandyopadhyay & Sandler, 2011, p.552). In this context, insecurity is often characterized by high frequencies of terrorism attacks and armed violence. Security also refers to how effectively public resources are managed to serve the interests of all its citizens (Okubo & Shelley, 2010, p.136). In many cases, this form of security can be breached by the existence of corruption among some government officials or the political elite. Ensuring an all-round security might be challenging, but it facilitates the attainment of development goals that have been set to be achieved.

Security is regarded as both a crucial aspect of, and a precondition for development. In situations that are characterized by high insecurity levels, development becomes more difficult to attain (Dobbins, 2009, p.1). Instead, there are failures in economic growth with affected countries registering negative growth. Social cohesion and integration among communities is also adversely affected, and may further lead to other disasters like war, food shortages, and other humanitarian crises. Such scenarios have existed in the past, and continue to exist across the globe in countries like the Democratic Republic of Congo (Grenfell & James, 2008, p.4). Even with the democratic republic of Congo being endowed with numerous natural resources and a good climate for Agriculture, war and insecurity have stunted its development. It is currently featured on the UN’s list of the 48 least developed nations (UNCTAD, 2013). Even in nations that are regarded as being comparatively peaceful, incidents of insecurity have a direct impact on their development. Any form of crime can be referred to as a security threat. These also include corruption and nepotism, which impose heavy burdens on taxpayers, adversely affecting the economic and political development of a nation. However, one of the issues that can be pointed out about the UNCTAD report is the fact that most of its data focuses on developing countries. Even though it is apparent that developing countries are the most prone to crime and insecurity and crime, it also affects developed nations. For instance, the United States has 14,612 annual homicide cases per 100,000 people (UNODC, 2012). Development can also be hampered by the simple fact that there are inefficient security structures in place (Dobbins, 2009, p.1). Therefore, it is vital for governments to ensure that their security sectors are efficient because it is the only way in which development programs are likely to succeed.

Relation between Insecurity and Underdevelopment

Several studies have been carried out in the past to evaluate the relationship that exists between insecurity and underdevelopment (Geneva Declaration, 2010, p.21). For instance, armed violence, which either results from crime or war, has an adverse impact on the attainment of millennium development goals in several countries. These goals are even made more difficult to attain in cases where there are higher internal and external risk factors, continuum of conflict and high insecurity levels. From a recent study that was carried out by Howe (2012, p.349) on how unstable or in a fragile states are doing in terms of their progress towards attaining MDGs, it was established that no fragile nation has made any reasonable progress. Insecurity or armed violence, for this matter, adversely affects other contributors towards development like accessibility to education (Geneva Declaration, 2010, p.20). Some of the effects of insecurity or violence on national development are summarized in the table below.

While armed violence or insecurity leads to underdevelopment, it has also been established by other researchers that underdevelopment also triggers insecurity. Countries that are characterized by severe economic and social inequalities – also referred to as horizontal inequality – are at high risks or getting into recurrent conflict. Therefore, more security can be attained if wealth or power distribution is done more evenly (Geneva Declaration, 2010, p.22).

Typically, it is expected that since insecurity or conflict hampers development, peace will lead to increased development. However, the correlation between conflict and underdevelopment, does not match with that between peace and development (Spear & Williams, 2012, p.313). Prevalence of peace does not necessarily translate to high levels of development. In addition to this, Denney (2013) argues that high development levels in a certain nation or geographical region does not directly denote lower violence levels. A good example is the sub-national conflicts in Asia, which is arguably the most enduring and widespread conflict in the entire Asian continent. Within the past two decades that spread from 1992 to 2012, the Southeast and South Asian regions have witnessed approximately 26 conflicts (Parks et al., 2013). However, amidst these conflicts, these regions have registered significant development over the recent past. This evidence clearly indicates that development is not necessarily dependent on peace. Therefore, it be argued that violence or insecurity inhibits the countries’ potentials of attaining their projected development goals within the appropriate timeframe.

Effects of National security on FDI

Development in many countries partly relies on foreign direct investments. However, for a company to set up operations in a certain country, several factors are considered. Key among these is security (Waziri, 2012, p.93). Nations that assure investors of security of their business assets and workforce are likely to benefit from FDI than those marred with insecurity or civil wars. It is worth noting that foreign direct investments contribute to the development of a country by paying taxes, creating employment for citizens and also encouraging innovation in local businesses as they compete with these multinationals (Waziri, 2012, p.93). While relatively secure nations benefit from increased FDI inflows, insecure nations continue grappling with unemployment and poor economic growth. Insecurity also contributes to an increase in levels of immigration, especially of potentially resourceful individuals, to more secure countries. As a result of this, insecure countries are deprived of human intellectual capital while secure nations continue benefitting from an increased influx of the same. One of the nations that are regarded as insecure for FDIs is Somalia (Mihalache?O’keef & Li, 2011, p.83). Indeed, it is among the least developed nations in the world, characterized by existence of extremist groups like the Al-Shabaab, unending wars, famine and poverty (Muggah, 2013, p.135). Whereas it is expected that inflow of FDI is more in countries that are secure and corruption free, the levels of insecurity that investors face are dependent on several factors. For instance, government officials in countries where many foreign companies wish to invest are likely to develop corruption traits. On the other hand, countries with minimal inflow of FDI may want to portray a corruption-free image so as to attract investors.

Security, Democracy and Development

According to Dobbins (2009, p.3), there is a strong link that exists between security, democracy and development. Security is needed to assure a nation of sustainable economic growth and democracy. Even in cases of minimal or no foreign aid, ensuring that there are security measures in place to minimize possibilities of conflict will definitely lead to a reasonable economic growth and political stability (Harms, 2013, p.32). Conversely, even with foreign economic assistance, lack of sufficient security will undermine the development potential that can be attained. For a long time, democracy has been credited for long-term stability and peace in nations and as a consequence, associated economic development, social cohesion and overall prosperity of the nation. Without democracy, security and development may not be sustainable. Diamond and Plattner (2001, p.10) posit that democracy has both intrinsic and instrumental roles in development. Intrinsically, democracy makes people capable of living a free and autonomous life. Instrumentally, democracy provides a guarantee that the created laws and policies are in sync with the needs and interests of citizens. Therefore, it can be argued that democracy determines people’s quality of life and overall development. This clearly indicates that there are other factors alongside security that contribute towards sustainable development.

The best way in which the effects of security on development can be evaluated is by comparing the levels of security across different countries with their levels of development. The most secure countries, as presented by the Human Security Bulletin (2010), include Norway, New Zealand and Denmark. These countries also feature among the most developed nations in the world. This indicates that security is among the factors that contribute towards development. Even though the role played by security in development is evident, it should be noted that development also has several other preconditions apart from security. These include education, food security and democracy (Vitola & Senfelde, 2010, p.327). Development also contributes towards ensuring that high levels of security are maintained in a country. Therefore, while security is regarded as being a prerequisite for development, development is also a precondition for security.

Conclusion

Security is one of the key contributors to national development. As presented in this paper, the wide scope over which security affects a country can make it challenging to wholly implement. Countries that are known to be safe or secure have the highest levels of development, while those that have high occurrences of unrest and insecurity are classified as the least developed. Some of the least developed nations that are also known to have high insecurity include Somalia and Afghanistan. Whereas the main argument presented in this paper is that security is a prerequisite for development, it has been explained that there are other contributing factors like education, which combine with security to facilitate development. Another argument that has been presented in this paper is that the levels of development in a nation also have a direct impact on the levels of security. Developed countries have less insecurity incidents than developed countries. Future research should address strategies that less secure countries, which are also less developed, can use to increase their levels of security so as to increase their development.


References

Bandyopadhyay, S. & Sandler, T., 2011. The Interplay Between Preemptive and Defensive Counterterrorism Measures: A Two?stage Game. Economica, 78(311), pp.546-64.

Colletta, N.J., Lim, T.G. & Kelles-Viitanen, A., 2001. Social Cohesion and Conflict Prevention in Asia: Managing Diversity Through Development. New York: World Bank Publications.

Denney, L., 2013. Insecurity disrupts development, but peace doesn’t drive it. [Online] Available at: http://www.thebrokeronline.eu/Blogs/Post-2015-shaping-a-global-agenda/Insecurity-disrupts-development-but-peace-doesn-t-drive-it [Accessed 4 January 2014].

Diamond, L. & Plattner, ?.F., 2001. The Global Divergence of Democracies. Maryland: JHU Press.

Dobbins, J., 2009. The Role of Security in Development. [Online] Available at: http://www.l20.org/publications/18_M7_ODA_Dobbins.pdf [Accessed 4 January 2014].

Geneva Declaration, 2010. More Violence, Less Development: Examining the relationship between armed violence and MDG achievement. [Online] Available at: http://www.genevadeclaration.org/fileadmin/docs/MDG_Process/MoreViolenceLessDevelopment.pdf [Accessed 4 January 2014].

Grenfell, D. & James, P., 2008. Rethinking Insecurity, War and Violence: Beyond Savage GlobalizationOxon: Taylor & Francis.

Harms, P., 2013. Demographic structure and the security of property rights: The role of development and democracy. European Journal of Political Economy, 5(7), pp.23-37.

Howe, B.M., 2012. Governance in teh Interests of the Most Vulnerable. Public Administration and Development, 32(4-5), pp.345-56.

Human Security Bulletin, 2010. Top 3 most safe countries in teh World. [Online] Available at: http://www.humansecuritybulletin.info/safe_countries.html [Accessed 4 January 2014].

Mihalache?O’keef, A. & Li, Q., 2011. Modernization vs. Dependency Revisited: Effects of Foreign Direct Investment on Food Security in Less Developed Countries. International Studies Quarterly, 55(1), pp.71-93.

Muggah, R., 2013. Stabilization Operations, Security and Development: States of Fragility. New Jersey: Routledge.

Norman, T.L., 2010. Risk Analysis and Security Countermeasure Selection. Florida: CRC Press.

Okubo, S. & Shelley, L., 2010. The anti-corruption industry: from movement to institution. New Jersey: Taylor & Francis.

Parks, T., Colletta, N. & Oppenheim, B., 2013. The Contested Corners of Asia: Subnational Conflict and International Development Assistance. Washington, DC: The Asia Foundation The Asia Foundation.

Spear, J. & Williams, P?.D., 2012. Security and Development in Global Politics: A Critical Comparison. Washington, DC: Georgetown University Press.

UNCTAD, 2013. UN List of Least Developed Countries. [Online] Available at: http://unctad.org/en/pages/aldc/Least%20Developed%20Countries/UN-list-of-Least-Developed-Countries.aspx [Accessed 3 January 2014].

UNODC, 2012. Intentional homicide, count and rate per 100,000 population (1995-2011). New York: UNODC United Nations.

Vitola, A. & Senfelde, M., 2010. The Optimization of National Development Planning System as a Precondition for Competitiveness and Sustainability of National Economy. Economics & Management, 15, pp.325-31.

Waziri, K.M., 2012. Industrial Property Rights Protection and Entrepreneurship Development in Nigeria: The Economic Implication. Journal of Politics and Law, 5(1), p.93.

Categories
Free Essays

Is terrorism a serious threat to international and national security

Introduction

The notion of ‘terrorism’ began to attain a great deal of relevance to the international community during the 1970s. To be sure, political organisations, such as the Palestinian Liberation Organisation (PLO) and the Irish Republican Army, began to use violent methods for the purposes of voice out their grievances and force certain political outcomes (Gupta, 2008: 33). In the context of globalisation, it could be argued that terrorism has become a force of high magnitude, since it threatens to disrupt the viability of nation-states as well as the whole foundations of the international political system. It must be underlined that the modern manifestations of the phenomenon of terrorism exceed the scope of the propagation of violent acts by extremist groups of Islamic extract. Instead, terrorism must be examined in broader terms, to encompass the aspects of nuclear proliferation, natural disasters and the spread of epidemics (Bobbitt, 2008: 190). In order to assess to what extent terrorism constitutes a serious threat to international and national security, this essay begins by appraising the argument put forward by James and Brenda Lutz, who argue that this phenomenon constitutes a ‘continuing threat to state security’ (Lutz., Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 61). This essay then tackles the formulation presented by Ian Lustick, who maintains that the magnitude of the threat posed by terrorism appears to be much smaller than realised (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 66). The evaluation of both arguments will be made by referring to the ways in which the War on Terror has altered the manner in which states and the international community as a whole is dealing with the phenomenon of terrorism.

Terrorism as a continuing threat to national and international security

James and Brenda Lutz put forward the view that terrorism actualises the threat it poses to the viability of nation-states by referring to the way in which extremist movements, such as Fascism and Nazism, managed to topple the existing order of things in democratic countries, such as Italy and Germany. In addition, the tactics of terrorism was successfully implemented by the liberation movements that ridded Algeria, Jewish Palestine and Cyprus of French and British colonial rule (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 61-2). Nevertheless, the increased access to digital technologies that facilitate instantaneous communications and the wider availability of weapons of mass destruction magnify the scope of the threat posed by terrorism (Silverstone, 2007: 17). The authors also outline that the modern notion of terrorism differs from past manifestations as it can contribute to the profound alteration of the political foundations of the states that are compelled to deal with the phenomenon (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 64). It must be underlined that enhanced magnitude of the terrorist threat impels states to commit a large amount of resources to the fight against terror and; in some cases, enter into a diplomatic framework of negotiation which might result in bestowing a modicum of legitimacy to terrorist organisations (Elshtain, 2004: 96). States are forced to respond to the threat of terrorism by recalibrating their judicial systems in a way that reflects the changed nature of the crimes committed by terrorist organisations (Napoleoni, 2004: 70). These states of affairs can in turn lead to an enhanced perception of the threat posed by extremism and inject a measure of authoritarian legalism into the democratic system of states (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 65). The threat posed by Al-Qaeda in the context of the War on Terror exemplifies the augmented threat of terrorism. To begin with, terrorist organisations affiliated to Al-Qaeda do not abide by the international legislation regarding the conduct of war. These organisations target civilians as part of their grand political strategy, geared towards creating an environment of terror in democratic societies (Fotion, 2007: 77). In addition, the War on Terror has resulted in the militarisation of the political discourse, by which the notion of the enemy is reformulated by including domestic ideologies that are hesitant to confront the phenomenon of terrorism. This situation has been outlined by the authors, who argue that the threat of terrorism compels states to react to extremist violence, as not doing so would eventually enhance the ability of terrorist organisations to inflict damage on the populations affected (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 65). These arguments seem to be quite persuasive in describing not only the threats posed by terrorist organisations, but also the dangers related to the fight against the phenomenon of extremism. In order to assess the validity of these claims, they will be parried against the opposite view regarding the nature and extent of the terrorist threat.

Is terrorism a continuing threat to national and international security

Ian Lustick poses the view that even if there is an acknowledged threat of terrorism, the magnitude of the threat presented by this phenomenon is much smaller than realised (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 66). The author maintains that the enhanced ‘perception of the threat’ has enabled the United States to articulate clear cut moral demarcations in the context of the War in Terror, in which the ‘enemy’ (Islamic extremism) is portrayed as a-moral and deemed to be extirpated. Furthermore, this stance entails that Washington claims the right use of pre-emptive tactics against terrorism, even if the threat is perceived as infinitesimally small (Crawford in Rosenthal and Barry (eds.), 2009: 41). Accordingly, preventive force has been deployed by the United States in Afghanistan (2001), of Iraq (2003), as Washington claimed that those states harboured terrorist organisations in their midst (Frum and Perle, 2004: 118). Citing the small occurrence of terrorist activity, the author emphasises the fact that the United States is committing a substantial amount of resources to defend itself from a threat which is relatively small in nature and magnitude (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 67). Lustick also highlights the fact that the response to the terrorist phenomenon, marked by a visceral attitude on the part of the authorities, might serve narrow political agendas (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 69). In this context, it is important to underline that the War on Terror entails the possibility that the United States might utilise the fight against terrorism for the sake of ensuring that the process of globalisation remains firmly tied to the American ideations of liberal democracy, the rule of law and free market economics being spread to the wider world (Chan, 2012: 72). Lustick also underlines how the media is responsible for portraying the threat of terrorism in an imbalanced way. To be sure, the mainstream media devotes more time to the coverage of news related to putative threats than to issues which affect citizens in a more visible manner. In addition, the author notes how ‘threat inflation’ is used as a political tool by the two parties of government in the United States, which have become accustomed to pinning the blame for the so-called pervasiveness of these threats to either the Republican or Democratic Party, as the case might be (Patterson, 2007: 38). The author argues that the augmented perception of the threat, which serves narrow political and economic interests, constitutes an additional threat to be imputed to the phenomenon of terrorism (Lutz, Lutz and Lustick in Jackson and Sinclair (eds.), 2012: 70-71). It is possible to argue that these views on the threat of terrorism relativise the claims put forward by James and Brenda Lutz. The existence of a terrorist threat has the potential to be magnified out of proportion and establish itself as an added political element to be borne in mind in the context of the war of West against Islamic extremism (Hewitt, 2008: 88). It is now incumbent upon us to draw some conclusions pertaining to the views espoused by the author and see which ones has a higher degree of validity.

Conclusion

In conclusion, it is possible to argue that whilst the threat of terrorism is an important phenomenon to be reckoned with in the grand political chessboard of the twenty-first century, its magnitude might not be as extensive as purported (Halper and Clarke, 2005: 73). The radical forces of terrorism that managed to induce change in the past did so for the sake of fighting for causes which were seen by many in the international spectrum as politically legitimate, as in the case of the PLO and the IRA. Whilst people condemned the methods used by these organisations, they questioned their political motivations less stringently. At the same time, since globalisation has created a convergence of ideas, there is a reduced scope for the type terrorist attacks seen in 9/11 (Held and McGrew, 2002: 119). Lustick rightly postulates that the spectrum of the threat posed by the phenomenon of terrorism has been artificially enhanced in order to serve narrow political and economic interests. Consequently, it may be posited that terrorism does not threaten the foundations of international and national security in the way depicted by James and Brenda Lutz.

Bibliography

Bobbitt, P. (2008) Terror and Consent-The Wars for the Twenty-First Century, Alfred Knopf, New York, NY

Chan, D. (2012) Beyond Just War: A Virtue Ethics Approach, Palgrave Macmillan, Basingstoke and New York, NY

Crawford, N. (2009) The Slippery Slope to Preventive War in Rosenthal, J. and Barry, C. (eds.) Ethics and International Affairs: A Reader, Georgetown University Press, Washington, DC

Elshtain, J. (2004) Just War Against Terror: The Burden Of American Power In A Violent World, Basic Books, New York, NY

Fotion, N. (2007) War and Ethics: a new Just War theory, Continuum, London

Frum, D. and Perle, R. (2004) An End to Evil: How to Win the War on Terror, Random House, New York

Gupta, D. (2008) Understanding Terrorism and Political Violence, Routledge, London

Halper, S. and Clarke, J. (2005) America Alone: The Neo-Conservatives and the Global Order, Cambridge University Press, Cambridge

Held, D. and McGrew, A. (2002) Globalisation/Anti-Globalisation, Polity Press, Cambridge

Hewitt, H. (2008) The War Against the West: Crucial Conversations with the Most

Informed Experts About Our Enemies, Our Defenses, Our Strategy and Our Leaders in the Long War Against Islamist Extremism, Townhall Press, New York, NY

Lutz, B., Lutz, J. and Lustick, I. (2012) Is terrorism a serious threat to international and national security’, in R Jackson & SJ Sinclair (eds.) Contemporary Debates on Terrorism, Routledge, London

Napoleoni, L. (2004) Terror Incorporated, Penguin Books, London

Patterson, E. (2007) Just War Thinking: Morality and Pragmatism in the Struggle against Contemporary Threats, Lexington Books, Lanham, MD

Silverstone, S. (2007) Preventive War and American Democracy, Routledge, London

Categories
Free Essays

Critically examine the circumstances under which the United Nations Security Council can trigger the exercise of jurisdiction by the International Criminal Court.

Abstract

Human rights and fundamental freedoms are an important element of international law and foreign policy. This has led to many interventionist measures being employed by various international bodies. The ability of the United Nations Security Council to trigger the exercise of jurisdiction by the International Criminal Court is an important measure, which seeks to ensure that the international community is being protected from crimes against humanity, war crimes and genocide. The extent to which the Security Council enforces its powers will be examined by looking at the various circumstances which trigger the Security Council to refer situations to the ICC.

Introduction

The maintenance of international peace and security is the responsibility of the United Nations Security Council. This is provided for under the United Nations Charter to maintain international peace and security. In doing so, the Security Council has the power to refer situations to the International Criminal Court although it is questionable what extent the ICC enforces such powers as much critique has surrounded the Security Council’s ability to protect individuals. This essay will therefore critically examine the circumstances under which the United Nations Security Council can trigger the exercise of jurisdiction by the ICC. This will be done by first reviewing the role of the ICC and then looking at its jurisdiction. It will then be considered under what circumstances the Security Council can refer situations to the ICC, followed by an explanation of some of the referrals that have been made. Once this has been done, a critical evaluation of the relationship between the Security Council and the ICC will then be made.

International Criminal Court (ICC)

The International Criminal Court (ICC) is a permanent international judicial body that has the power to prosecute individuals for crimes that national courts are unwilling or unable to prosecute such as; crimes against humanity, war crimes and genocide.[1] The ICC was established in 2002 by the Rome Statute and is currently located in The Hague and the Netherlands, although individuals can be tried anywhere in the world. The ICC has been considered one of the most significant developments that help to prevent harm or death to individuals all over the world. In order for the ICC to be effective, however, States need to be a party to it. Nevertheless, only 122 States are currently party to the ICC, which signifies how the ICC will not be workable in all countries. Regardless of this, there is generally a universal consensus in respect of these types of crimes, which gives all States the ability to try individuals found to have committed such crimes irrespective as to where there were allegedly committed.[2] This subsequently provides the international community with some comfort that such crimes will not be tolerated and enables States to take steps to prevent these crimes in other countries. The International Criminal Court Act 2001 was enacted by the UK to incorporate the ICC into UK and Northern Ireland law and thereby provides some assistance to these countries when trying criminals for crimes against humanity, war crimes and genocide.

The European Union works closely with Member States to enforce the law and prosecute individuals for these crimes by compelling Member States to inform law enforcement authorities as soon as they suspect that an individual has committed, or is likely to commit, one of these crimes. Once Member States have informed the relevant authorities, such individuals will then be capable of being tried in that Member States or by the ICC if necessary.[3] Crimes against humanity are those acts that are committed as part of a widespread or systematic attack, such as murder, deportation, torture and rape, that is directed against any civilian population.[4] War crimes are those which are considered to be a grave breach of the Geneva Convention 1949 such as; torture, willful killing and inhuman treatment. Genocide are those acts that are committed with the sole intent to “destroy in whole or in part, a national, ethnic, racial or religious group, as such, including killing members of the group, imposing measures intended to prevent births within the group and forcibly”[5]. Consequently, the international community is required to prevent such acts from occurring under the Rome Statute. Therefore, any individual who commits one of the said offences, whilst on the territory of the consenting State, will be capable of being tried by the ICC.

Jurisdiction of the ICC

Once a State ratifies the Rome Convention and becomes a party to it, jurisdiction of the ICC is accepted automatically in respect of all crimes that fall within the ambit of crimes against humanity, war crimes and genocide. Accordingly, there are four different ways in which jurisdiction can be granted which are; 1) if the accused is a national to a consenting State party under the Rome Convention; 2) if the crime took place on one of the State parties territories; 3) if the UN Security Council (Security Council) refers a situation to the court; and 4) if a State party accepts the jurisdiction. This ensures that the protection of the international community is being preserved at all times. Nevertheless, many questions have been raised as to the relationship between the ICC and nonparty States, and whether or not it is acceptable to enforce jurisdiction upon non-participating parties.[6] However, as pointed out by Akande that; “not only is this delegation of jurisdiction to the ICC lawful, but it is also a desirable way of preventing the impunity from prosecution which characterized the twentieth century.”[7] Thus, it has been said that the ICC is better placed at preventing the worst type of crimes from being committed[8] although Akande notes that; “it is probably the case that continued refusals to prosecute these persons encourage them and others to commit crimes.”[9] It is unclear how accurate this assertion is, yet it is evident that great difficulty would ensure when trying to prosecute such individual’s if the ICC had not been established.

Security Council’s ability to trigger the ICC’s exercise of jurisdiction

Whilst the International Court of Justice (ICJ) is independent from the United Nations (UN), the UN has played a vital role in the development of the ICC. Co-operation with the UN is thereby one of the main priorities of the ICC.[10] (Coalition for the International Criminal Court, 2013: 1). Consequently, the Security Council thereby a responsibility to ensure international peace and security is being maintained by all States. Essentially if the Security Council is of the view that international peace and security is being threatened, they may decide on the appropriate measures to take, which includes referring a situation to the ICC.[11] If the Security Council refers a situation to the ICC, the ICC will be empowered under Articles 13 (b) and 15 of the Rome Statute to investigate all of the crimes contained with the Rome Statute without further conditions being imposed upon them. Essentially, the exercise of jurisdiction by the ICC is the only way in which the ICC is capable of investigating such crimes without the consent of the States involved. As such, the Security Council has significant powers to exercise the jurisdiction of the ICC and as put by Shouman; “a Security Council deferral can be invaluable to attaining peace during a period of armed conflict.”[12] In effect, the Security Council plays a vital role in the international community and is integral to the maintenance of peace and security and has been considered the most powerful trigger mechanism of the ICC.[13]

Security Council Referral’s

In March 2005, the Security Council referred the situation in Darfur to the ICC under Resolution 1593. This provided the ICC with the ability to prosecute crimes that had been committed in Darfur, with the main focus being on the barbaric civil war in Sudan, which led to the deaths of over 300,000 individuals. This was considered to be one of the biggest disasters that had ever occurred[14] and as such the referral to the ICC was considered integral to preserving international justice[15]. The referral was made under Article 13(b) of the Statute of Rome which states that the ICC may exercise its jurisdiction in situations whereby “one or more of such crimes appears to have been committed.” This was an important breakthrough for the ICC in that it enabled its ability to prosecute the most serious of crimes to be tested. The Security Council essentially used its powers to extend the jurisdiction of the ICC to a significant degree, which was important in allowing the ICC to demonstrate its capabilities. However, because the United States limited the scope of the ICC and thus introduced its own national interests into the Statute of Rome’s framework it has been questioned whether the powers of the Security Council are as effective as one may have anticipated. This is because the United States has the ability to control the referrals that are made to the ICC by setting precedents for the referral process.[16] Arguably, this weakens the powers of the Security Council and is likely to influence the way future referrals are made.

This is evidenced by the so-called ‘Bush doctrine’ which enables serious crimes to be committed in circumstances where there is no evidence of a pending attack. Thus, after the Bush doctrine was publicised, an attack was made by the US, the UK, Australia and various other states against Iraq. No consent had been obtained from the Security Council under Chapter VII to lead such an attack, which appeared to suggest that the attacks were illegal and thus amounted to a war of aggression. Hence, the attacks could not be justified as a matter of self defence, and had the possibility of being an “abuse of power and force”[17] This provides a clear example of how national law is capable of conflicting with international law and thus undermining the powers of the Security Council. Furthermore, even when the Security Council does impose sanctions on States, these often come under criticism. This was exemplified by Kondoch when it was made clear that the Security Council’s sanctions during the last decade have “come under harsh criticism and the experience of the economic sanctions imposed on Iraq in 1990 show the ethical and legal ambiguity of sanctions.”[18] Therefore, even when the Security Council’s powers are enforced, they are often deemed ineffective. In addition, even though the Security Council has the ability to make referrals to the ICC, it is questionable whether it uses its powers effectively since it has been argued that protection is not always being afforded to the international community.

An example of this can be seen in relation to the lack of protection that was afforded to the Palestinians under the Israel system, also known as the Gaza war. Essentially, the UN and the international community were said to have failed in “exerting effective pressure on the parties to achieve accountability and justice for the victims”.[19] The Security Council was thus reluctant to establish an independent committee of experts to monitor investigations into Palestinian victims and appropriate protection was therefore lacking. In order to ensure that the main objectives of the ICC and the powers of the Security Council are being effectuated; proper investigations into suspected violations of the appropriate protection that is to be afforded to the international community must be made. Civil conflicts can have devastating effects on communities and unless there is some form of protection in place, justice will not be done. Given that the ICC “stands at the pinnacle of international obligations to see that justice is served”[20] it is necessary for the ICC to take the lead in preserving the interests of communities and ensuring that applicable measures are in place for dealing with any post conflict re-construction. The relationship between the Security Council and the ICC is important since the Security Council has the ability enforce its Resolutions onto the ICC and can obstruct it’s complementarily principle.

Resolution 1422, which was adopted in 2002, enabled peacekeeping personnel to be exempted from the Rome Convention for a period of 12 months. Accordingly, this resolution prevented the ICC from making any further investigations into US troops in order to protect them whilst they were engaging in peacekeeping missions.[21] Although it was claimed by the Security Council that the Resolution was in accordance with Article 16 of the Rome Statute as it was in the interests of ‘peace and security’ much criticism ensured from the adoption of this Resolution. It was argued by Canada that this Resolution was in fact, broader than the scope of the ICC[22] and by the UK that this seriously restricted the ICC’s powers.[23] It was also said that Resolution 1422 exceeded “the powers granted to the Security Council by the ICC under Article 16, as well as for violating the UN Charter”[24]. It was also argued by that the Resolution violated the Rome Statute and because of this it has been questioned whether the Security Council has acted ultra vires in respect of Article 16.[25] This may be the case given the requirements of Article 16 since it is provided for under this Article that there must be a threat of peace and security, which appeared to be lacking when the Resolution was adopted. Arguably, the scope of this Resolution largely conflicts with Article 16 and does not appear to preserve the interests of the international community.

More recently, the Security Council referred the Libya situation in its 1970 Resolution to the ICC after they expressed concerns over the violence and use of force against civilians. As put by Alston and Goodman; the Security Council had deplored the “gross and systematic violation of human rights, including the repression of peaceful demonstrators”[26] and thus expressed deep concern over the deaths of many civilians. This highlights the type of circumstances the Security Council ought to refer to the ICC, although it is evident that the Security Council has previously ignored conflicts in Liberia.[27] Essentially, had the Security Council been a lot more pro-active in preserving the interests of the international community, it is likely that much of the damage that was caused as a result of this conflict could have been prevented early on. In effect, the protection of civilians against war crimes, genocide and crimes against humanity is not always being preserved within the international community and much more needs to be done to refer situations to the ICC. One of the main problems that occur is the lack of co-operation between Nation States. Thus, whilst the United Nations seeks to achieved international co-operation Article 1 of the Charter, this cannot always be achieved. Despite this, human rights and fundamental freedoms have, in recent years, become an essential part of international law and foreign policy. This has resulted in many States adopting various mechanisms that will help to maintain peace, and democracy.

As Maiese points out; “there is growing consensus that the protection of human rights is important for the resolution of conflict and to the rebuilding process afterward.”[28] Therefore, the preservation of human rights is at the forefront of all conflict resolutions, although it is questionable whether the Security Council has been as effective in preventing such conflictions as one would have thought. There is a growing need for further international intervention by the Security Council so that citizens are being adequately protected. The international community have, nonetheless, “identified a number of mechanisms both to bring an end to human rights abuses and to establish an environment in which they will be respected in the future”[29]. However, it is unclear whether such adoptions have proven effective given the widely accepted notion that human rights continue to be subject to abuse. However, “given this interdependence, international cooperation and shared responsibility have been entrenched as the twin principles upon which the fundamental and collective values of human rights are to be realised”[30]. Still, the protection of human rights is at the forefront of international principles, yet a balance needs to be struck between protecting individual freedom with the protection of national security.[31] This is extremely difficult to achieve and whilst the Security Council has made some attempts to intervene where necessary, this does not appear to suffice.

Conclusion

Overall, whilst the UN Security Council has played a vital role in the development of the ICC, it is questionable how effective it is in preserving international peace and security. This is because, although the Security Council has referred various situations to the ICC, there are instances where the Security Council has failed to protect the interests of civilians. In accordance with this, it is evident that further intervention is required if international peace and security is to be preserved. Essentially, the preservation of international human rights protections are at the forefront of all post conflict resolutions, which is why it is integral that the Security Council makes applicable referrals to the ICC in order to preserve international peace and security. Because of the lack of co-operation that currently exists between States, nonetheless, it is likely that difficulties will continue to arise in this area. Hence, not all States will ratify the Rome Statute, which will make it difficult to achieve conformity when adopting various Security Council Resolutions.

Bibliography

Books

Erik K Leonard, The Onset of Global Governance: International Relations Theory and the International Criminal Court, (Ashgate Publishing Ltd, 2005).

IIias Bantekas, International Criminal Law, 4th Edition, (Hart Publishing 2010).

Max Hilaire, United Nations Law and the Security Council, (Ashgate Publishing Ltd 2005).

Journal Articles

Amnesty International, ‘International Criminal Court: Security Council Must Refuse to Renew Resolution 1422’ (2003) AI Index: IOP 40/008/2003.

Boris Kondoch, The Limits of Economic Sanctions under International Law: The Case of Iraq (2008) http://www.casi.org.uk/info/kondoch01.pdf 12 December 2013.

Cartsen Stahn, ‘The Future of International Criminal Justice’ (2003) The Hague Justice Portal, http://www.brandeis.edu/ethics/pdfs/internationaljustice/biij/BIIJ2013/stahn.pdf 16 December 2013, 85.

Coalition for the International Criminal Court. ‘About the Court’ (2012) ICC Now, http://www.iccnow.org/?mod=court 11 December 2013.

Coalition for the International Criminal Court. (2012) A Universal Court with Global Support – UN and the ICC, ICC Now, [Online], Available: http://www.iccnow.org/?mod=unicc [11 December 2013].

Corrina Heyder, ‘The UN Security Security Council’s Referral of the Crimes in Darfur to the International Criminal Court in Light of US Opposition to the Court: Implications for the International Criminal Court’s Functions and Status’ (2006) Berkeley Journal of International Law, Volume 24, Issue

Dapo Akande, ‘The Jurisdiction of the International Criminal Court over Nationals of Non-Parties: Legal Basis and Limits’ (2003) Journal of International Criminal Justice, Volume 1.

David Blunkett and Geoffrey Bindman, ‘Government versus the law’ (2002) Law Society Gazette, Issue 38, LS Gaz, 03 Oct.

David Wippman, ‘Atrocities, Deterrence and the Limits of International Justice’ (1999) Fordham International Law Journal, Volume 23.

Donald Hafner and Elizabeth King, ‘Beyond traditional notions of transitional justice: how trials, truth commissions and other tools of accountability can and should work together’ (2007) International and Comparative Law Review, Volume 30, Article 6.

Europa, ‘Genocide, Crimes Against Humanity and War Crimes: Criminal Investigation and Prosecution’ (2003) Summaries of EU Legislation, http://europa.eu/legislation_summaries/justice_freedom_security/judicial_cooperation_in_criminal_matters/l16005_en.htm 11 December 2013.

Global Campaign for the Crime of Aggression, ‘The ICC and the UN Security Security Council’ (2013) Crime of Aggression, http://crimeofaggression.info/role-of-the-icc/the-icc-and-the-un-security-Security Council/ 12 December 2013.

Margot E Salomon, Global Responsibility for Human Rights: World Poverty and the Development of International Law (OUP Oxford, 2007).

Maximo Langer, ‘Universal Jurisdiction as Janus Faced’ (2013) Journal of International Criminal Justice, Volume 11, Issue 4.

Michelle Maiese, ‘Human Rights Protection’ (2004) http://www.beyondintractability.org/essay/human_rights_protect/ 12 December 2013.

Mohamed El-Zeidy, M, ‘The United Nations Dropped the Atomic Bomb of Vanderbilt’ (2002) Journal of Trans National Law, Volume 35.

Scott Straus, ‘Darfur and the Genocide Debate, International Commission for Inquiry on Darfur’ (2005) Report of the International Commission for Inquiry on Darfur to the United Nations Secretary General, http://www.un.org/News/dh/sudan/com_inq_darfur.pdf 12 December 2013.

Tomasz Iwanek, ‘The 2003 Invasion of Iraq: How the System Failed’ (2010) Journal of Conflict and Security Law 89, Volume 15, Issue 1.

SIPRI, ‘UN Arms Embargo on Libya’ (2011), http://www.sipri.org/databases/embargoes/un_arms_embargoes/libya/libya_2011 [17 December 2013].

United Nations, ‘International Organisations’ (2010) International Relations Law, Volume 61, 5th Edition.

Luigi Condorelli and Annalisa Ciampi, ‘Comments on the Security Security Council Referral of the Situation in Darfur to the ICC’ (2005) Journal of International Criminal Justice, Volume 11, Issue 5.

United Nations, General Assembly, Human Rights Security Council, (2010) Thirteenth Session, Agenda item 7, Human Rights Situation in Palestine and other occupied Arab territories, http://unispal.un.org/UNISPAL.NSF/0/2B74828D74985F67852576D9005AA5EE, 12 December 2013.

United Nations, ‘International Organisations’ (2010) International Relations Law, Volume 61, 5th Edition.

Mohammad Shouman, ‘The Role of the UN Security Security Council in the ICC’ (2012) ICJ Central, http://ijcentral.org/blog/the_role_of_the_u.n._security_Security Council_in_the_icc/ 11 December 2013.

Categories
Free Essays

Is terrorism a serious threat to national and international security?

Introduction

The aim of the following essay will be to critically evaluate the existing evidence, which supports the argument for considering terrorism as a threat to both national and international security. The topic of terrorism and the acts of violence associated with is one that is deeply embedded in the fabric of the late-modern period (Young, 2007), but paradoxically this does not make it an easy concept to define (Bolanos, 2012; Martin, 2012, Hoffman, 2006; Silke, 1996). This largely reflects the different priorities which both national and international organisations have, thereby making the achievement of consensus quite difficult (Senu, 2013). However, for the purposes of the present study, terrorism will be defined as the systematic use of violence in order to create a general climate of fear in a population and thereby bring about a particular political objective[1]. Although the acts of terrorism are far from a modern phenomenon (Rapoport, 1984), in can be argued that the prior to 11th September it attracted little public attention (Hoffman, 2006). Post 9/11, terrorism occupied the forefront the political agenda and media attention, a trend that is observed to date and one that will not wither away easily in the future, thus the significance of the current essay. Having outlined some of the conceptual debates associated with the definition of terrorism, the following section will present some of the evidence which could suggest that terrorism should be taken seriously and prioritized over any other social problem on both national and international level.

Terrorism as a threat to national and international security

The rise of the threat of terrorist attacks is one that has more recently been linked to the concept of ‘world risk society’ (Beck, 2002), according to which the shifts from industrial to post-need and consumer societies has also had an impact on the risks to which we are exposed (Beck, 1992; Mythen and Walkate, 2006). But even prior to the occurrence of these transformations in the social fabric, terrorism seems to have had a significant impact on the course of world history, particularly in campaigns which can be described as anti-colonial, such as the one in Algeria against French dominance, the Cypriotic and Palestinian against British governance (Hoffman, 2006; Lutz and Lutz, 2012). Prolonged terrorist campaigns in Iraq and Afghanistan (Tan, 2006), as well as India and Pakistan (Lutz and Lutz, 2011) seem to undermine national security and could pose a serious threat to international security as well, as some of the above-mentioned countries are well-known for their possession of nuclear weapons (Lutz and Lutz, 2012). The presence of terrorist groups within the borders of a country could also result in passivity of the security services, due to fear of reprisals and campaigns of violence (Lutz and Lutz, 2011). Moreover, prolonged terrorist campaigns and perceived level of threat could also have an impact on the politics of a specific country in the long run (ibid.). The introduction of special anti-terrorist legislation in many of the Western world countries post-9/11 has called for the tightening of borders and reducing immigration, as well as increased target-hardening of potential targets of future terrorist attacks. As a result of that, the ‘new terrorism’ is said to have become more lethal and indiscriminate, with the potential to strike occur at any place and time, as a result of the need to sustain the campaign of terror (Lacquer, 2001; Beck, 2002; Enders and Sandler, 2005). As some of the evidence in this section suggest, terrorism in some cases has been successful in changing the course of history and clearly the impact it has had should be neither denied, nor underestimated. However, as the next section of this paper will argue, the threat posed by terrorism is one that should be subject closer examination and the myth of such a lethal and omnipresent enemy should be scrutinized and not accepted at face value.

Common misperceptions associated with terrorism

Contrary to the common perception that terrorism is an ever-present threat to both national and international security, an increasing number of scholarly publications have presented and alternative view, wherein terrorism is presented as a much smaller threat than it actually is (Lustick, 2012; Mueller, 2005; Mueller, 2006; Mueller and Stewart, 2012). Such criticisms do not lack empirical foundation. For example, over the previous two decades, only three attacks classified by the FBI as terrorism have taken place on American soil– the 1993 bombing of the World Trade Centre, the 1995 Oklahoma City Bombing and the 9/11. Of the three, the 9/11 attack was the worst terrorist attack which the United States have ever faced, it was unprecedented and was used as a justification of the initiation of a ‘war on terror’ and the introduction of specialized counter-terrorism legislation, the foundations of which appear to be unstable, as terrorism did not pose a sufficient threat to justify the interventions (Wolfendale, 2007). The unexpected attack, its modus operandi and lethality all seemed to point in a direction of a brand new phenomenon, which had not been observed before – a ‘new’ form of terrorism. As it was noted in the previous section, part of the post-9/11 discourse is also the globalization of terrorism, which is claimed to be becoming transnational, another statement which is not based on any sound empirical evidence. Rather, since the 1990s, the nature of terrorist attacks has changed in exactly the opposite direction – attacks perpetrated by terrorists are becoming increasingly localised and the process of globalisation itself is not related in any way to transnational attack trends (Goldman, 2010).

Moreover, the response triggered by the 9/11 attacks and the subsequent 11M (Madrid) and 7/7 bombings (London) is one that overestimated the real capabilities of Al Quada and its scope of operation (Byman, 2006). In fact, for many decades prior to all three of the above mentioned, the West has tended to over-estimate the threats posed by terrorist attacks (Furedi, 2007; Zulaika, 2003). And when such self-fulfilling prophecies do occur, the response is populistic, taking into account mass hysteria and using it to construct a discourse which could legitimize an out of proportion response (Jackson, 2005). For this reason it can be argued that terrorism is a functional reality of American politics (Zulaika, 2003: 198), as was the case of 9/11 (Lustick, 2006). Moreover, it is well-integrated into American and Western culture, it feeds from its imagination and arguably, is self-perpetuated (Zizek, 2002). Being transformed into a cultural script, terrorism also receives disproportionate media coverage, even when it fails (Jurkowitz, 2010). The popularity of the theme feed off public hysteria and vice versa, it is larger than life and in the 21st century the threats posed by it (Ferguson and Potter, 2005). This is not to deny the lived realities of terrorist attacks and the devastating impact which they have on societies. Rather, the context in which acts of terror occur should be subject to rigorous and thorough examination. In the cases where the impact of terrorism is associated with overreaction, it would make sense to focus on reducing the latter, rather the leave the matter unaddressed. As Mueller (2005) notes, in the cases where the risk of threats such as alcoholism, smoking and driving are real, it makes sense to induce fear. On the other hand, where there is little risk associated with certain threats, for example, terrorism on flying on airplanes, it would be advisable to create policies which would aim at reducing anxiety and fear, rather than disproportionately increase them. Having outlined some of arguments which suggest that the threat of terrorism can be overdramatized in the Western world, the last section will argue that terrorism is real, yet the recent methods of countering it have been counterproductive.

Conclusion

As this essay has argued, terrorism is far from a new phenomenon; in fact, it has played a substantial part in social history and the resolution of geopolitical questions. Often considered to be the weapon of the weak and an indicator of asymmetric warfare, campaigns of terror have achieved some success in the past, despite arguments for the opposite (Abrahms, 2006). Therefore, it would be a mistake not to acknowledge what terrorist campaigns have achieved in the past and the ways in which they have undermined both national and international security. Yet, in the post 9/11 environment, the challenges posed by terrorism have been utilised in the creation of counter-terrorism discourses that are counterproductive (Appleby, 2010; MacDonald and Hunter, 2013) and rather than producing a resolution of conflicts, have prolonged them. Although a ‘war on terror’ has been waged over the past 12 years, it is one that can hardly ever be won and rhetoric associated with it raises unrealistic expectations. Similar to the problem of crime, the problem of terrorism is one that will persist, therefore efforts should be directed towards containing it within reasonable proportions, and reducing the widespread ‘culture of fear’ which surrounds it. As English (2010) suggests, the over-militarisation of responses to terrorist attacks is not a long-term solution, but the addressing of root causes and underlying tensions is. Such a strategy, as well as the reliance on credible intelligence, is the key pathway which could provide a long-term solution to the problems which terrorism poses to the contemporary era. In conclusion, a careful balance should be found between the acts of terrorism and the real danger in poses to societies. Contrary to popular belief, terrorism is not an international in nature, rather it is a localised and occurs by and large in developing countries (Goldman, 2010) and therefore efforts should be directed towards tackling terrorism where it poses significant risk to the obstruction of social safety and security.

Bibliography

Abrahms, M. (2006). Why terrorism does not work. International Security, 31(2), 42-78.

Appleby, N. (2010). Labelling the innocent: how government counter-terrorism advice creates labels that contribute to the problem. Critical Studies on Terrorism, 3(3), 421-436.

Beck, U. (2002). The Terrorist Threat World Risk Society Revisited. Theory, Culture & Society, 19(4), 39-55.

Beck, U. (1992). Risk society: Towards a new modernity (Vol. 17). Sage.

Bolanos, A. (2012). ‘The ‘new terrorism’ or the ‘newness’ of context and change’ (pp.29-35), in Jackson, R., & Sinclair, S. J. (Eds.). (2012). Contemporary debates on terrorism. Routledge.

Byman, D. L. (2006). Friends like these: counterinsurgency and the war on terrorism. International Security, 31(2), 79-115.

Enders, W., & Sandler, T. (2005). After 9/11 is it all different now?. Journal of Conflict Resolution, 49(2), 259-277.

English, R. (2010). Terrorism: how to respond. Oxford University Press.

Ferguson, C. D., & Potter, W. C. (2005). The four faces of nuclear terrorism. Routledge.

Furedi, F. (2007). Invitation to terror: the expanding empire of the unknown. Continuum Intl Pub Group.

Goldman, O. (2010). The globalization of terror attacks. Terrorism and Political Violence, 23(1), 31-59.

Hoffman, B. (2006). Inside Terrorism. Columbia University Press.

Jackson, R. (2005). Writing the war on terrorism: language, politics and counter-terrorism. Manchester University Press.

Jurkowitz (2010) http://www.journalism.org/2010/05/10/pej-news-coverage-index-may-3may-9-2010/

Laqueur, W. (2001). Left, right, and beyond: The changing face of terror. How did this happenTerrorism and the new war, 71-83.

Lustick, I. (2006). Trapped in the War on Terror. Univ of Pennsylvania Press.

Lustick, I. (2012) ‘Why terrorism is a much smaller threat than you think’ (pp. 66-74), in Jackson, R., & Sinclair, S. J. (Eds.). (2012). Contemporary debates on terrorism. Routledge.

Lutz, J., & Lutz, B. (2011). Terrorism: The Basics. Taylor & Francis.

Lutz, J. and Lutz, B. (2012) ‘The continuing threat to state security’(pp. 61-66), in Jackson, R., & Sinclair, S. J. (Eds.). (2012). Contemporary debates on terrorism. Routledge.

MacDonald, M., & Hunter, D. (2013). Security, population and governmentality: UK counter-terrorism discourse (2007-2011). Critical Approaches to Discourse Analysis across Disciplines, 6(2). Available at: http://wrap.warwick.ac.uk/53169/1/WRAP_MacDonald_Hunter_CADAAD_2012.FIN%20%281%29.pdf

Martin, G. (2012). Understanding terrorism: Challenges, perspectives, and issues. Sage Publications.

Mueller, J. (2005). Simplicity and spook: terrorism and the dynamics of threat exaggeration. International Studies Perspectives, 6(2), 208-234.

Mueller, J. (2006). Is There Still a Terrorist Threat-The Myth of the Omnipresent Enemy. Foreign Aff., 85, 2.

Mueller, J., & Stewart, M. G. (2012). The terrorism delusion: America’s overwrought response to September 11. International Security, 37(1), 81-110.

Mythen, G., & Walklate, S. (2006). Criminology and Terrorism Which ThesisRisk Society or Governmentality?. British Journal of Criminology, 46(3), 379-398.

Rapoport, D. C. (1984). Fear and trembling: Terrorism in three religious traditions. The American Political Science Review, 658-677.

Senu, O. (2013). Labelling Acts of Terror: A Concern for Modernity. London: LASALA Foundation. Available at: http://lasalafoundation.org/our-articles.html

Silke, A. (1996). Terrorism and the blind men’s elephant. Terrorism and Political Violence, 8(3), 12-28.

Tan, A. T. H. (2006). South East Asia: Threats in the Security Environment. Marshall Cavendish International.

Wolfendale, J. (2007). Terrorism, security, and the threat of counterterrorism. Studies in Conflict and Terrorism, 30(1), 75.

Young, J. (2007). The vertigo of late modernity. Sage.

Zulaika, J. (2003). The self-fulfilling prophecies of counterterrorism. Radical History Review, 85(1), 191-199.

Zizek, S. (2002). Welcome to the desert of the real!: five essays on September 11 and related dates. Verso.

[1] As defined by Jenkins, 2013: http://www.britannica.com/EBchecked/topic/588371/terrorism/217762/Types-of-terrorism

Categories
Free Essays

What are the problems associated with the increasing use of international and national commercial security companies and how can these problems be overcome?

Abstract

There has been an increasing use of national and international security companies, particularly in the wake of the occupation of Iraq. Although these security companies can often offer efficiency and expertise in areas that government military cannot, they also present certain difficulties, in terms of regulation and control. In particular, it is found in this research that there is a lack of accountability and a distinct lack of transparency. Much of this is due to the inherent nature of the activities which are being undertaken, but when many of the contracts are with the governments themselves and are maintained in secrecy, this makes it even harder to achieve any consistent degree of control and regulation.

It is recommended in this report that the focus needs to be on ensuring that international rules and regulations are put in place and then applied consistently, across international borders, without offering any commercial advantage to any one jurisdiction. Without international consensus, it is unlikely to be possible to offer the necessary level of consistency and transparency to deal with this growing industry.

Introduction

National and international security companies or private military companies (PMCs) have gained increasing attention, in recent years, the military companies of this nature often being central to the operation of the military sector, rather than being an organisation which is somewhat on the periphery of international politics. The industry itself is made up of hundreds of private companies operating internationally and often working alongside governments, as well as international institutions and global corporations. Depending on the precise company itself it may be targeted with providing a wide variety of services from direct combat operations to the provision of specific intelligence or strategic planning and consultation, as well as dealing with post-conflict reconstruction or providing security for specific events (Walker and Whyte, 2000).

PMCs have grown considerably since the occupation of Iraq, with British private military companies increasing in annual revenue from just ?320 million in 2003 to ?1.8 billion in 2004 (Priest and Flaherty, 2004). The rise of PMCs can largely be explained by the changing economic, political and social infrastructure that has been experienced across the globe, in the last few decades. Despite the recognition that these security companies provide services which may not be available in other circumstances and which will often be useful additions to military support, there are substantial difficulties which have emerged as a result of the use of these private companies. The purpose of this paper, therefore, is to explore the various different problems which may arise in relation to these national and international security companies, from a legal, political and social point of view, before then going on to look at the possible resolutions and future of these privatised companies.

History of the PMC

Before looking in detail at the problems which arise as a result of the use of national and international security companies, it is necessary at this point to gain an understanding of the history of the PMC and how it has reached its current state, as this background information will go a long way towards explaining how these problems have emerged in the first place.

When looking specifically at the position in Iraq private security companies actually have the second largest presence after the US military; showing just how important these private companies have become. However, the precise number of active security personnel in Iraq is not known, due to the nature of the industry, although estimates suggest that there are at least 20,000 active private military and security company personnel working on a regular basis in the region (Myers, 2005).

Although the private military companies have come to the forefront during the recent occupation of Iraq, the actual concept of private security is not new. Historically, these types of private security companies have long been involved in conflict, in many cases working alongside the legitimate regimes or being involved in human rights’ abuses. One of the better recognised historic uses of these private companies is the attempted coup in the Congo, during the early 1960s (Walker and Whyte, 2000). Interestingly, when the Cold War ended, these private companies gained even more strength. However, the recent breed of private security companies has taken on a somewhat different approach, with the industry being more inclined to operate in a legitimate way, filling in gaps that are being authorised by the government military. Several specific projects have been identified as undertaken by these national security companies. For example, in Saudi Arabia, seven US base private security companies are involved in protecting the monarchy during periods of unrest, including providing logistics and intelligence for the Saudi Air Force to support them in offering safety and by using technologies that would not be readily available to the National Air Force. In Afghanistan a private security company is engaged with the protection of the president and other leading governmental figures, again supporting the maintenance of security in the region in such a way that the local army could not achieve (Schlesinger, 2004).

The financial importance of these national security companies must also be considered, with private military companies experiencing a dramatic increase in turnover, in recent years. Evidence presented by ArmorGroup suggested that the overall international market for these services was worth approximately 900 US million dollars in 2003, but had increased to 1.7 US billion dollars by the end of August 2004.

As well as providing specialist security services, such as those referred to above, there is a history of these private companies becoming involved in combat operations. Back in 1995, the company, Executive Outcomes had its own infantry battalion, as well as combat helicopters and artillery. Although the company is no longer in operation, it does indicate that private national companies are providing a force to be reckoned with on another level and are not simply restricted to offering specialist technical consultancy services. Despite this, very few national and international security companies advertise their ability to provide direct combat services (Isenberg, 2006). However, in the modern context, direct combat does not necessarily refer to marching troops on the ground and could be including factors that would be viewed as being involved in direct combat, without the need to have a physical presence. One of the leading companies within this industry is DynCorp which has a contract with the US State Department to provide services in order to eradicate drug crops in Colombia, which involves providing pilots and trainers and working within combat zones. Bearing this in mind, there is clearly evidence to indicate that these national security companies are indeed involved in combat duties, even if they are not directly engaged in a way that military on the ground would suggest (Peterson, 2003).

The Problems with PMCs

Although it is expected that there are many reasons for the involvement of private companies; particularly within the conflict zones there are also many possible concerns as to what the use of these companies is likely to mean to national and international security in general. Over the years, private companies have been embroiled in several security scandals in relation to human rights’ abuses and this again raises questions as to how legitimate the actions of the companies are; but, more importantly, what can be done to ensure that they are offering an effective service, without acting to the detriment of the wider security issues being raised by the various jurisdictions. Several key concerns have been raised:

Firstly, from a political point of view, there are concerns that the actions of the national and international companies will threaten state sovereignty. National states have a monopoly on the use of force, yet by looking at the operation of the security company, it could be argued that private companies began to take on board their own ability to use force. As noted by the German parliament back in 2004, it was argued that the privatisation of the military would create a fundamental constitutional shift (Uesseler, 2008). As noted by the German parliament that by increasing the use of the private military “the state’s monopoly on force could be called into question or even possible eradicated”.

It was also noted by Uesseler (2008) at p.24 that “A third emphasis of the modern military companies is the area of intelligence, which includes everything from information collecting to outright spying. In the wake of the electronics revolution, many firms have developed techniques for information gathering and analysis that only they are able to master and offer as a service”.

By allowing these national companies to collect intelligence and recruit leading experts in this area, there is a concern that there is an element of brain drain being experienced by governments, with many young individuals viewing the government as an excellent training ground, but then looking towards the privatised companies in order to further their career (Schreier and Caparini, 2005). This can create a situation whereby there is insufficient expertise within the government to maintain the level of technical ability required to compete with private companies.

Similar issues are being faced within the logistics industry, where multiple individuals are undergoing training through government bodies and then looking towards the privatised companies in order to gain greater opportunities to improve their salary. All this indicates how the private companies have become more powerful and this, again eradicates strength and experience within the government. As these private companies begin to supply more and more expertise and products to the government, they start to hold greater power and can start to have political sway at a government level (Cook, 2002).

Specific concerns have been raised about the legality of these private companies and, in particular, how they operate within the countries where they work. There have been several previous reports of human rights’ abuses, although ascertaining the size, number and magnitude of this problem is naturally very difficult. However, one cited example by Uessler indicates that in 2004 a number of Blackwater employees entered into an Iraqi city stating that they were looking for terrorists; but, during this time, allegations were made that several of the personnel undertook night-time raids involving the mistreatment of women and children, as well as torturing and killing several men and teenage boys. As a result of their actions, several Blackwater employees were also killed and although there are some question marks over the actual actions of the employees, no legal action was taken against the company or the employees (Donald, 2006).

Ascertaining the actual legal operations of these private national companies is difficult to tell due to the secrecy that is provided to these companies when entering into government contracts. Even the contracts themselves are shrouded in secrecy, making it difficult for outsiders to establish when these national companies are acting within the remit of the contract and when they are not.

It is, however, argued here that the employees of these companies are liable for their actions, in accordance with international humanitarian law. Despite this basic recognition, bringing a case against them can prove extremely difficult, particularly where the actions have taken place in a state that has little or no legal structure around it. Amnesty International USA stated in its 2006 annual report that the use of outsourcing by the US military has created pockets of areas in Afghanistan that were essentially being treated as rule-free zones, yet are being sanctioned by the American firepower (Amnesty International USA 2006).

The contracts entered into between these private companies and government bodies are often extremely vaguely written, so that the company has a wide discretion and this can create difficulties when it comes to ensuring that these companies are behaving in a way that would be seen as acceptable by the government. From a practical point of view, this can also create difficulties, as these national private companies may be causing unrest in particular regions, thus making it harder for the military forces to then engage with the public and not be viewed as a threat. Moreover, where the local population has developed anti-American or anti-UK sentiments as a result of the activities of private military companies, this can pose a direct threat to the well-being of soldiers and the military.

A particular example of this can be seen in 2003, where there were several allegations of torture of prisoners in the Abu Gharib prison, based in Iraq. Several individuals were implicated, including those from the US military, police and those from private military security companies (Singer, 2004). Although there were several allegations of human rights’ abuses and torture, particularly during the interrogation of prisoners, no prosecutions ensued, with the private company undertaking its own investigations and concluding that no instances of abuse had actually taken place. However, the true actions which took place in this prison remain unknown and there are concerns that there have been very few instances where individuals have been held accountable for alleged activities of this nature, suggesting that there is a strong lack of accountability amongst these organisations.

Even more worrying was the instance in 2001 where a female employee of DynCorp blew the whistle on her colleagues who were allegedly running a prostitution ring in Bosnia with underage females, as well as presenting forged passports and purchasing illegal arms. It was also alleged that there were videos taken of employees raping female individuals in the area. Although all of the employees implicated in these events were dismissed, they did not face any criminal prosecution. Most notably, the whistleblower was also dismissed.
The issue of accountability becomes even more prevalent when looking at a national level of accountability (Walker and Whyte, 2005). When these types of contracts are entered into between individuals within the government and private national security companies, those responsible for the monitoring of the contracts are often located in the government building, which is far removed from the actual location at which the contracts are being performed. Those involved in the state military in these foreign locations are also unlikely to be interested in the supervision of private companies, as they are not part of the chain of command and there is no budget provided for this type of supervision, making it very low down on the priority list for any military group within a region.

Bearing this in mind, accountability is not shown towards the military actions and Congress or any other government body is in no position to understand what is going on, on the ground. Furthermore, a particular jurisdictional issue arises, in terms of implementing accountability, with private corporations only having to state that they intend to ensure that their personnel will respect any national laws in the jurisdiction in which operating and will comply with international human rights’ standards. Even where there are suggestions of private individuals breaching these rules, the individuals involved are given significant protection. The Coalition Provisional Authority Order presented on 17 June 2003 meant that the Iraqi provisional government had granted complete exemption from potential prosecution of any personnel who were involved in violence in the region on behalf of the Coalition and this was extended to include private individuals (Department for International Development 2000).

The position is no easier when looking at the potential accountability of private companies from an international point of view, where a distinction is drawn by the Geneva Convention between individuals who are armed combatants and civilians. The difficulty immediately emerges, as those involved in private security companies cannot be viewed as civilians, as they are involved in the process of war. As defined by the Geneva Convention, combatants are “people directly and actively involved in hostilities”. However, bearing in mind the way in which warfare has developed, in recent years, it can be difficult to determine precisely when an individual would be considered to be a combatant by the Geneva Convention and when they would be viewed as a civilian. It is contended here that there is every possibility, when an individual is located in a safe jurisdiction such as the US or the UK and is effectively pressing the button on military activities elsewhere, that determining whether or not they are deemed to be directly involved in military activity would become a much more blurred line.
Another area of concern since the proliferation of these private security companies is the impact which they have on the Third World when it comes to destabilisation, as well as potentially supporting damaging weapons’ trade. Following the end of the Cold War, political control over the way in which war was undertaken was largely lost, with multiple stocks of arms and various other supplies such as helicopters and even tanks becoming available on the open market. For example, in Uganda, an AK-47 rifle was sold for the same price as a chicken, showing just how readily the most damaging equipment in the world could fall into the wrong hands, where private security companies are concerned. This presents both a challenge and an opportunity, if private companies are able to obtain as much artillery firepower as they want (Krahmann, 2005). However, this in itself does not present a major threat, as these private security companies are nominally working alongside the government to achieve peace.

Of perhaps greater concern is the fact that private security companies have been implicated in providing arms in conflict situations. In the UK, a report was undertaken by the government in 2002 which looked at private military companies and the options for regulation and suggested that the ability of these private companies to provide arms to groups of insurgents in very different locations needed to be targeted as a priority. During this report, however, it was noted that the activities of private companies tended to go hand-in-hand with the industry of exporting arms, as those purchasing arms often wanted a service package alongside the actual equipment itself and therefore needed a physical presence of security personnel.

This issue leads on to another area of concern in relation to these private security companies. By their very definition, these companies are free to contract with whomsoever they choose and, whilst this may often be a government body within countries such as the US and UK, this is not necessarily the case.

Moreover, there is no regulatory reason why a private company could not engage with rebel movements and may find itself working with organisations that are not necessarily deemed to be supporting international humanitarian standards.

A commercial organisation by its very nature is profit driven, rather than being driven primarily by humanitarian standards and therefore where a commercial organisation has an interest in any form of ongoing conflict, difficulties are likely to arise. Furthermore, many of the privatised national security companies are heavily involved in the surveillance and maintenance of global information, resulting in a situation where it may well be the company itself that is tasked with looking into whether or not other security companies are behaving in an appropriate manner.

Controlling the PMC

Given the issues raised above and the central importance now being placed on the type of private national company, it is unsurprising that many governments are looking towards how they can potentially regain control of the security companies and create a regime which is effective and makes the best use of resources, but not in such a way that will obstruct the underlying objective of maintaining peace (Cilliers and Douglas, 1998).

When looking at the position taken by the UK Foreign Office Minister, they are working heavily towards a scheme which will involve regulating companies offering security in a way that has national commercial application. This will mean that at a national level all companies within the industry will eventually meet with the same standard. While this type of regime is seemingly necessary, the precise way in which this will be managed and how it will be possible to maintain the necessary level of independence, given the strong contractual ties that often exist, between the security company and the government (Almond, 2005). Despite the fact that the practical way in which the rules and regulations will be implemented has not been discussed in any detail, the options in the industry for voluntary self-regulation are seemingly not suitable as national security companies has complex commercial operations, and will look towards expanding their pocket, wherever possible. Self-regulation, particularly given the lack of transparency within the industry, is therefore highly unlikely to take place.

One of the key difficulties associated with security companies, is the fact that they often operate across national borders. However, it would seem that having some form of international framework of rules would be the most appropriate way of controlling the operation of these companies and of preventing difficulties from emerging, due to the fact that the contractual relationship is often geographically widely spread. Despite this, it is still recognised that having a full international agreement in terms of how the security company should be managed, is unlikely to be forthcoming and, as such, the management of the security companies is likely to rest initially with the national legislators.

To consider the viability of this type of legislation, the approach taken by the UK will be looked at, although it is recognised that there are similar issues likely to arise in many other jurisdictions, including the US.

The activity of mercenaries in the UK is controlled and regulated by the Foreign Enlistment Act 1870; however, there is no specific legislation dealing with this new breed of private military and security company. As a direct result of the arms to Africa scandal that took place in 1998, the Foreign Affairs Committee made a request for a Green Paper, in order to examine the way in which these types of private military and security companies could be regulated, in the UK. The Green Paper itself was published in 2002 and offered six key options for the control of this type of security company. These options were as follows: firstly, the option to ban military activity abroad in its entirety; secondly, to ban recruitment with the express intention of undertaking military action abroad; thirdly, having some form of licensing regime in place for the military services being provided; fourthly having a registration or notification regime that could be used by those engaged in military services; fifthly, specific licenes which would encourage private security companies to gain an overall licence their activities; and finally, a regime of self-regulation. As discussed previously in this report, it was noted by those responsible for the Green Paper that it would be possible to have a different level of regulation, depending on the services being provided (Select Committee on Foreign Affairs Sixth Report 2005). For example, a higher level of regulation would be necessary where direct conflict is being entered into, whereas it may be appropriate to have a lower level of regulation for organisations that are involved in less direct areas of security, such as providing private bodyguards or those involved in training and development.

Following multiple discussions in relation to the findings of the Green Paper, it was agreed by the Committee on Foreign Affairs that it would recommend that private security companies should be expressly prohibited from taking part in any direct armed combat operations. Also, individuals should only carry firearms in order to defend themselves or to train, but not actively engage in combat situations. Other activities should be subject to licence, although the discussions were relatively detailed, it was accepted by the Foreign Affairs Committee that nine of the recommendations had yet been made into legislation. However, although the debate continues in this area, as it currently stands, these types of companies remain entirely without accountability. Self-regulation has been widely accepted as ineffective in this type of industry which has become increasingly difficult to control. Therefore, expecting private companies when faced with a difficult situation to then become involved in self-regulation is simply unreasonable.

Despite the concerns relating to the lack of accountability and the multiple different problems which have surrounded the issue of national and international security companies, the UK government has been very reluctant to put in place rules that would ultimately outlaw the use of these types of security companies. Arguably, in many cases, these security companies offer a great deal of strategic usefulness and are able to support the services being provided by the military. At times, private companies can provide skills and experience that are not readily available within the military; therefore, to completely prohibit their operation would potentially create the situation whereby the UK is unable to compete, internationally.

As previously noted, issues relating to national security companies are often international in nature and, as such, in reality, international rules and regulations need to be put in place in order to manage the operations of these companies, regardless of their underlying nationality. As has been clearly shown in Iraq, many different security companies from different countries become involved; therefore, in order to offer any degree of consistency, it will be necessary to have overall rules and regulations that apply to all such national companies (Bearpark and Schulz, 2007).

There are several international conventions and rules relating to the activities of mercenaries, with suggestions being made that they should be extended in order to incorporate private military and security companies. However, no consensus has been reached on this matter and therefore the situation remains very much up in the air, with no specific international rules and regulations being put in place, in order to control the activities of these private military and security companies (Millard, 2003).

Interestingly, given the fact that a large number of South Africans are involved in these private security companies, it is in fact the South African government that has forged the way forward when it comes to legislation to control and regulate these security companies. In South Africa, the Regulation of Foreign Military Assistance Bill was passed in 1998, which bans all mercantile activity and regulates any military assistance. This includes all of the secondary support issues such as providing finance, logistics, or intelligence to the military through these private security companies. Even though South Africa has established rules and regulations, there have been relatively insignificant penalties, as well as multiple loopholes which ultimately mean that the legislation is ineffective (Caparini, 2005).

In other jurisdictions, concerns have been raised that there is seemingly a revolving door, with government officials becoming involved in private military and security companies and vice versa, as part of their career development, thus making it very difficult for governments to actively engage in the regulation of the industry with which it is so closely intertwined (Beyani and Lilly, 2001).

Conclusions

The increasing importance of national and international security companies has created a great deal of regulatory difficulty, both nationally and internationally. Fundamentally, however, there is a strong lack of accountability and a lack of transparency which makes it very difficult for any government body to be responsible for the management of these types of private security companies. More problematic is the fact that the government is often fundamentally intertwined with the company and is simply not willing to upset the strong relationship which has built up, over the years. In practice, it will be necessary for an agreed international standard to be put in place that applies globally and requires a much higher level of transparency and accountability, regardless of where the security company is located and regardless of where it is operating.

Bibliography

Almond, P (2005) Conflicts such as the one in Iraq offer big opportunities for private security firms. Now there are moves to regulate a thriving industry , Sunday Times, 30 October 2005

Amnesty International USA (2006), Annual Report 2006

Bearpark, A and Schulz, S (2007) The Regulation of the Private Security Industry and the Future of the Market, From Mercenaries to Market: The Rise and Regulation of Private Military Companies, Oxford University Press

Beyani, C and Lilly, D (2001) Regulating private military companies.Options for the UK Government , International Alert, August 2001

Caparini, M (2005) Private Military Companies , in Dr. TH Winkler (ed.) et al, Combating Terrorism and its Implications for the Security Sector, Geneva Centre for the Democratic Control of Armed Forces and Swedish National Defence College.

Cilliers, J and Douglas, I (1998) The military as business — Military Professional Resources, Incorporated in J Cilliers and P Mason (eds) Peace, Profit Or Plunder?: The Privatisation of Security in War-torn African Societies, Institute for Security Studies.

Cook, T (2002) Dogs of War or Tomorrow s Peacekeepers?: The Role of Mercenaries in the Future Management of Conflict , in Culture Mandala.

Department for International Development (2000), Security Sector Reform and the Management of Military Expenditure , Report on an International Symposium Sponsored by the UK, June 2000

Donald, D (2006) After the Bubble: British Private Security Companies After Iraq, Whitehall Paper 66, Royal United Services Institute

Isenberg, D (2006) The Good, the Bad, and the Unknown: PMCs in Iraq , presentation at Guns ‘n gates: The role of private security actors in armed violence, Bonn International Center for Conversion, Working Group 3, 9-10 February 2006

Krahmann, E (2005) Private Military Services in the UK and Germany: Between Partnership and Regulation in European Security,Vol. 14, No. 2

Millard, TS (2003) Overcoming Post-Colonial Myopia: A Call to Recognize and Regulate Private Military Companies , in Military Law Review, Vol. 176

Myers, L (2005) U.S. contractors in Iraq allege abuses; Four men say they witnessed brutality, on NBC, 17 February 2005

Peterson, S (2003) Next challenge in Iraq: Sabotage Christian Science Monitor, 3 July 2003

Priest, D and Flaherty, M (2004). Iraq: Security Firms Form World s Largest Private Army, Washington Post, 8 April 2004

Schlesinger, R (2004) The Private Contractor-GOP Gravy Train , Thinking Peace, 11 May 2004

Schreier, F and Caparini, M (2005) Privatising Security: Law Practice and Governance of Private Military and Security Companies , DCAF Occasional Paper, Geneva Centre for the Democratic Control of Armed Forces, No. 6, March 2005

Select Committee on Foreign Affairs Sixth Report (2005) The Stationery Office, March 2005

Singer, P (2004) The Private Military Industry and Iraq: What Have We Learned and Where to Next, DCAF Policy Paper, Geneva Centre for the Democratic Control of Armed Forces, No. 4, November 2004

Uesseler, R (2008) Servants of War: Private Military Corporations and the Profit of Conflict, trans. Jefferson Chase, Brooklyn, New York: Soft Skull Press p.146

Walker C and Whyte, D (2000) Contracting Out War; and Human Rights Watch, Stockpiling of Antipersonnel Mines

Walker, C and Whyte, D (2005) Contracting Out War?: Private Military Companies, Law and Regulation in the United Kingdom , International and Comparative Law Quarterly, Vol 54

Categories
Free Essays

Continental Europe seeks to combine flexibility with security in its relations with the workforce via a range of measures one of which is flexicurity.

Introduction

Flexicurity promises to address the problems relating to the labour market by enhancing the need for security and flexibility. In this study the establishment of the Flexicurity concept will be identified followed by a determination as to whether Flexicurity has been successful for business and the workforce in relation to young workers.

Main Body

Flexicurity is an integrated strategy, which attempts to enhance the need for security and flexibility within the labour market. Flexicurity thus consists of four policy components which ought to be implemented by all countries within the EU. These are; “flexible and reliable contractual arrangements; comprehensive lifelong learning strategies; effective labour market policies; and modern social security systems” (European Commission, 2012a, p. 1). Flexicurity is thereby an important element of the European Employment Strategy, which must be incorporated into all of the Employment Guidelines within the EU. This helps to modernise labour markets (Flaschel and Luchtenberg, 2012, p. 14) and achieve the 75% employment rate target that has been set by the Europe 2020 Strategy. This Strategy seeks to change Europe into a “smart, sustainable and inclusive economy” (European Commission, 2012b, p. 13). In effect, flexicurity is vital for the labour market and must be promoted by all so that unemployment and long term exclusion from the labour market can be sufficiently tackled. It was made clear in the 2011 Annual Growth Survey that in order for an integrated labour market to be created “rigorous fiscal consolidation for enhancing macroeconomic stability” (European Commission, 2011, p. 1) is needed.

Growth enhancing measures as well as reforms for higher levels of employment would also create a more integrated labour market, which would help to achieve the employment rate target. However, it was stressed by Linda Richardson that in order for the employment rate target to be successful attained, work needs to be “an economically attractive option” (European Employment Observatory, 2012, p. 1). Therefore, individuals need to be provided with the incentive to work in order for this to prosper otherwise the Flexicurity strategy will become futile. In order for Flexicurity to be fully achieved, nonetheless, it is important for all Member States to “design solutions that offer flexibility and security beyond company borders in order to facilitate good and timely labour market transitions and to reduce labour market segmentation” (European Expert Group, 2007, p. 41). It remains to be seen whether this approach will also address national borders in future years but it is evident that Flexicurity provides an opportunity to achieve “economic efficiency and social equity to a higher level in Europe” (European Expert Group, 2007, p. 41). In addition, the pathways to establishing Flexicurity need to ensure that national contexts and histories are taken into account since each Member State has a different legal and contractual model, which often stems from historical viewpoints that have become embedded into national cultures.

This ultimately shapes the ways in which Member States adapt and change, which illustrates the importance of this when it comes to implementing policy measures relating to Flexicurity. Arguably, it is manifest in accordance with this that whilst there are a number of different pathways to achieve Flexicurity, each Member State will adopt their own according to their own cultures of industrial relations. This was clearly recognised by Wilthagen (2008, p. 14) when it was pointed out that: “There is not one common or standard pathway to flexicurity and every Member States will have to construct its own pathway, based on its typical history and its political, cultural, institutional and organisational tradition and particularities.” Despite this, each Member State can in fact learn from the approaches undertaken by other Member States, yet this will require intervention by the EU so that the different pathways to Flexicurity can be promoted. It is important that Flexicurity successfully addresses the problems surrounding young workers. This is because, young workers are mostly affected by reduced employment opportunities and as a result it is vital that Flexicurity is able to address this.

Flexicurity should thereby “reduce the divide between insiders and outsiders in the labour market” (Eurofound, 2012, p. 1). In doing so, it is vital that insiders are being supported during job-to-job transitions, whilst outsiders are provided with easy access to work and stepping stones, which will “enable progress into stable contractual arrangements” (Eurofound, 2012, p. 1). Flexicurity for young workers has proven successful in helping young people find work (OECD, 2008, p. 109). This clearly highlights the significance of Flexicurity and demonstrates how Flexicurity can be used as a means to support specific groups of people who are usually disadvantaged within the labour market (Broughton, 2012, p. 1). Arguably, Flexicurity appears to be a solution to the problems faced within the labour market, which is why it is important for the promotion of Flexicurity to be fully realised by the EU. Not all agree that Flexicurity is the solution for all Member States, however, and instead believe that “the concept reveals itself to be less convincing when it comes to its application within the framework of different socio-economic realities and differently shaped labour markets” (Heeger, 2012, p. 1). Therefore, whilst Flexibility does appear workable in theory, the same cannot be said in practice since there is no one size that fits all and different approaches will need to be employed.

Conclusion

Overall, whilst Flexicurity is an important concept, which aims to combine flexibility with security in order to achieve the 75% employment rate target that has been set by the Europe 2020 Strategy, it is evident that there are a number of different pathways to achieving Flexicurity. Because of this, there is much difficulty in deciding what the best approach to take is, however this will differ according to the historical cultures of industrial relations of each Member State. Flexicurity does appear workable when it comes to solving the problems relating to young workers, and evidently helps young workers enter the labour market. This is vital given that young workers are mostly affected by unemployment levels and as such it is imperative that Flexicurity is better promoted by the EU and its Member States.

References

Broughton, A. (2012) Using Flexicurity to Support Specific Groups of Workers at Company Level, IES, [Online] Available: http://www.employment-studies.co.uk/news/es16art4.php [03 January, 2012].

Eurofound. (2012) Flexicurity – It Takes Three to Tango, [Online] Available: http://www.eurofound.europa.eu/resourcepacks/flexicurity.htm [03 January 2012].

European Employment Observatory. Workshop on ‘Making Work Pay’ Meeting Report, [Online] Available: www.eu-employment-observatory.net/…/EEOThSeminar-MWP-21Fe… [03 January 2012].

European Commission. (2011) Commission Publishes Annual Growth Survey, Economic and Financial Affairs, [Online] Available: http://ec.europa.eu/economy_finance/articles/eu_economic_situation/2011-01-annual-growth-survey_en.htm [03 January 2012].

European Commission. (2012a) Flexicurity, Employment, Social Affairs & Inclusion, [Online] Available: http://ec.europa.eu/social/main.jsp?catId=102&langId=en [02 January 2012].

European Commission. (2012b) Europe 2020, [Online] Available: http://ec.europa.eu/europe2020/index_en.htm [02 January 2012].

European Expert Group. (2007) Flexicurity Pathways; Turning Hurdles into Stepping Stones, [Online] Available: ec.europa.eu/social/BlobServlet?docId=1519&langId=en [03 January 2012].

Flaschel, P. and Luchtenberg, S. (2012) Roads to Social Capitalism: Theory, Evidence and Policy, Edward Elgar Publishing.

Heeger, K. (2012) Flexicurity – Further Erosion of Workers RightsEU Observer, [Online] Available: http://euobserver.com/opinion/114980 [Accessed 03 January 2012].

OECD. (2008) Jobs for Youth: Netherlands 2008, OECD Publishing.

Wilthagen, T. (2008) Mapping out Flexicurity Pathways in the European Union, Tilburg University, Flexicurity Research Programme.

Categories
Free Essays

The End of the Cold War and the New Threats to Global Security

1.Introduction

The end of the Cold War marked a new beginning for the international security agenda, and the demise of the simple bipolarity brought forward a revised agenda for human rights, international peace and cooperation and stability. The end of the Cold War triggered the rise of new threats and challenges to international security, and the advance of globalization led to the redistribution of power in the international system (Baylis & Smith, 2007; Brown, 2005). In the context of globalization, the capacity of the state was undermined and as a result state-to-state relations dramatically changed (Strange, 2002). Classic wars were gradually transformed into “modern wars” (Kaldor, 1999; Smith, 2006; Shaw, 2005). In this different political environment, the security challenges were no longer existent on a state-to-state level, because of the growing importance of sub-state actors.

This essay will focus on the reorganization of the international system after the end of the Cold War, and will discuss the new challenges to global security, posed by the demise of the bipolar regime. The essay will support the view that with the end of the Cold War, the world became a more dangerous place, because of the multiplicity of actors on the international scene and the changed perceptions of military force, war and security.

Changing perceptions of military force and war

The end of the Cold War brought forward the change of the perceptions of military force in several different aspects. The impact of these changed perceptions upon the international security agenda has been undisputed, and will be discussed in detail. For clarity, the author has chosen to focus only on the most important security-related transformations following the Cold War – the new sources of threat such as nuclear weapons and terrorism, and the changing notions of war in the context of globalization. Their features will be discussed in the context of the changed dynamics of the international system.

2.1 New sources of security threat

The end of the Cold War led to new security challenges, because of changing notions of military force and the new sources of security threat (Smith, 2006; Shaw, 2005). The first one is related to the rise of nuclear power. With the demise of the USSR, the simple bipolarity of the Cold War world was replaced by a multipolar world, where the centrality of power was no longer clearly defined (Brown, 2005; Jackson & Sorensen, 2003). The rise of the Asian economic powers, the advance of nuclear and biological weapons in countries such as Iran, Israel and Iraq challenged the stability of the mutual deterrence principle, comfortably sustained during the Cold War (Hammes, 2005).

Another source of security threat after the Cold War was related to terrorism, and the rise of sub-state actors (Smith, 2006). The War on terror, embedded in the Bush doctrine, was a clear demonstration of the changing nature of war, and the elusive image of the new enemy (Shaw, 2005). After 9/11 it became clear that terrorism was not a war against an enemy, but against tactics (Baylis & Smith, 2007). Its manifestations and capacity to destroy were as much the result of political construction, as of historically embedded perceptions about the East and the West and their manipulation by mass media and policy-makers. After the end of the Cold War non-state actors such as Al Qaeda and Hamas, became a new source of security threat because of their ability to operate internationally but at the same time to exist inside the state (Shaw, 2005). Also, the controversies, around states labelled as rogue and unable to comply with the international standards for peace and democracy such as Afghanistan, Iraq, North Korea, Libya and Syria necessitated new means for meeting the challenges to threat and security. They will be discussed in section 3.

2.2 Changing notions of war in a global world

Here it is important to mention globalization as a factor, which led to re-examination of the capacity of the state to observe human security and human rights (Strange, 2002). In the context of a borderless world, the international human rights agenda is inevitably revisited, and the main carriers of legal standards are no longer represented solely by state actors, but by the global civil society, comprising of International non-governmental organizations (INGOs). Because of these inevitable transformations, the very perception of security, threat and war changed in several important aspects. As Mary Kaldor famously observes, the end of the Cold War saw the rise of the modern wars, which lack time and space, because they are based on non-quantifiable demands often related to ideology, ethnicity, religion and the social construction of history (1999). The old wars were pushed away by new types of threats and conflicts, such as organized crime, and religious and civil wars. The early 1990s saw the bloody demise of former Yugoslavia, and a series of conflicts in Rwanda, Congo, Sudan and Somalia, triggered by the redefinition of political borders, the struggle over economic resources and ethnic and religious factionalism. In the context of globalization, the modern wars are interstate conflicts, executed by sub-state actors. In this sense, it is important to mention that the growing presence of the sub-state actors has posed new challenges to the classic perceptions of security, because of non-tangible variables such as perceptions, as opposed to old-time military ambitions related to territorial invasion and economic gain.

Meeting the new security challenges: a revised agenda for peace

In order to meet the new security challenges, identified earlier, the international community had to devise a new agenda in the post-Cold war era.

First, humanitarian intervention became important, and triggered as an effect of the revised agenda, where the security of foreign nationals, whose human rights have been violated by their home state became important (Jackson & Sorensen, 2003). Despite the ongoing political debate about the legality and legitimacy of humanitarian intervention, a norm of intervention was authorized by the UN Security Council in the 1990s, which was followed by operations in the Democratic Republic of Congo in 1996 and Kosovo in 1999 (Baylis & Smith, 2007). Despite the criticisms that humanitarian intervention might stop the immediate killing of civilians but is not a reliable strategy for long-term piece, it reveals a shifted emphasis from military to human security in the years following the end of the Cold War. In this relation, another trend in dealing with conflicts became prominent – the imposition of economic sanctions for the purpose of exerting political, rather than military pressure upon non-compliant states and communities.

The post-Cold War agenda for peace also involved the reorganization of military forces, where the deviation from the Clausewitzian concept of war was obvious in the attempt to ameliorate and contain, rather than destroy or simply conquer (Smith, 2006). Examples of such wars of containment are the conflicts in Iraq and Afghanistan.

In addition, the role of the global civil society and the growing influence of INGOs as advocates of peace and human rights deserve a mention. The importance of international non-governmental organizations in global policy-making has been undisputed because of the more complicated security agenda in the post-Cold War era. Also, because of the multiplicity of actors in the international system, and the new security needs, states and intergovernmental organizations are unable to deal with international crises without the development programmes and research, provided by the INGOs. Although their political success remains disputed, their role as independent observers and proponents of policy change is growing.

Conclusion

This essay has attempted to show the changing nature of the international system after the end of the Cold War. Today the international community faces different security threats based on a new perception of military force. Terrorism and the spread of nuclear power have shunned classic state-to-state conflicts, and as a result a new security agenda for peace and cooperation has been embraced. In the era of globalization, the transition towards collective security as a model of global governance, remains a challenge but also a prerequisite for peace.

Bibliography:

Baylis, J. & Smith, S. (2007) eds, The Globalization of World Politics. Oxford: Oxford University Press

Brown, C., (2005) Understanding International Relations, Palgrave: Macmillan, Ch. 6, pp. 106-123

Clausewitz, C. (1977) ‘What is War?’, On War, Princeton: Princeton University Press

Hammes, T.X (2005) ‘War evolves into the fourth generation’, Contemporary

Security Policy, Vol.26, No.2pp.189–221.

Jervis, R. (1991/1992) ‘The Future of World Politics: Will It Resemble the Past?’ International Security 16, no. 3

Jackson, R. & Sorensen, G. (2003) Introduction to International Relations, Oxford: Oxford University Press

Kaldor, M. (1999) New and Old Wars: Organized Violence in a Global Era. Cambridge: Polity Press

Shaw, M. (2005) The New Western Way of War: Risk Transfer war and its Crisis in Iraq Cambridge: Polity Press

Smith, R. (2006) The Utility of Force: The Art of War in the Modern World London: Penguin

Strange, S. (2002) The Declining Authority of States, in The Global Transformations Reader: an Introduction to the Globalization Debate, 2nd edition, Held and MacGrew (eds) Cambridge: Polity Press, pp.127-134

Van Creveld, M. (1991) The Transformation Of War NY: Free Press

Categories
Free Essays

Information Privacy Security: TJX Data Breach Crisis and Lessons

Introduction

Protecting the privacy of consumer personal information continues to pose significant challenges for organisations. The complexity is aggravated by consumers’ vulnerability that comes about when they are unable to control the usage of personal information they share with business organisations. Given the importance of information privacy, there has been a host of privacy research focusing on the organisational decisions regarding the use and reuse of consumer personal information (Schwartz, 2009; Greenaway and Chan, 2005). Culnan et al (2008) observes that the emerging decentralisation of technology environment has posed additional privacy challenge: data breaches.
Currently, it is only the United States that requires organisations to give formal notice in the event of data breach (Morley, 2014). European Union and its member countries are yet to establish any legal requirements for organisations to notify consumers of any data breach, thereby leaving such eventuality at the fate of an organisation’s management. Without any notification laws, data breaches remain private and under the discretion of the affected organization. Therefore, this paper focuses on one of the most prominent data security breaches that the world has ever witnessed: TJX data privacy breach crisis, in the context of, ethical principles and theories, legal, professional and social issues. .

The Information Privacy Concept

According to Xu et al. (2008), the concept of information privacy is multidimensional in nature and is largely dependent on the context as well as personal experiences. Although others see information privacy as full of definition ambiguity (Schwartz, 2009), others have defined consumer personal information as being made up of data generated when consumers conduct transactions. The problems of privacy often emerge from how this consumer information is stored, analysed, used, or shared (FTC, 2008). Information on how to address problems related to privacy management is limited due to minimal research in the area, particularly those issues dealing with management responsibilities on social issues. For example, there is limited research on how organisations should deal with consumers’ personal identifiable information, the role of managers in the protecting the consumer data and the moral duty of every party involved in the handling or accessing consumer data.

Overview of TJX Data Breach

TJX is a US-based off-price retailer operating over 2,400 stores in various countries and regions including US, Puerto Rico, Canada, and Europe. In the network of stores, the retailer collects and store customer information that would authorize purchases via payment cards, personal cheques , and processing of merchandise returned without a receipt. This violated the legal requirement that prohibits any business from retaining sensitive consumer card information, including the magnetic strips on credit cards (Smedinghoff and Hamady, 2008). In addition, the breach exposed TJX’s failure to observe basic ethical and professional principles.
The revelation emerged when in 2007 TJX issued a press release stating that criminals had intruded their data system and stolen over 45 million consumers’ card information within a period of 18 months (FTC, 2008). Although the TJX filed Form 8-K disclosure statement with the Securities and Exchange Commission as required by the law, the company was widely held to be at fault for the breach. The company was accused of breaching the law by storing unencrypted sensitive consumer information, for their failure to limit unauthorised access to the massive data via their wireless network, and the inability to establish adequate security measures within its networks among other issues (FTC, 2008).

The Legal and social Issues in the TJX Data Breach

The current global data protection guideline is based on the Fair Information Practices (FIPs), which deal with individual rights and organisational responsibilities with regard to management of consumer data (Morley, 2014). In other words, how responsibly the data is used is a pointer to the social expectations with regards to consumer data use. FIPs attempts to put a certain level of balance between the competing business and individual interests in terms of legitimate use of personal information, which serves as the foundation for privacy laws and industry-specific regulatory programmes. In this respect, FIPs lays the foundation for organisations on how to be socially responsible in dealing with privacy issues. On the other hand, the adoption of these guidelines lays the foundations for evaluation by the external audiences on an organisation’s degree of responsiveness (Allen, 2011).
There is a general consensus that responsible data management practice is paramount in every organisation (Morley, 2014). However, there is no consensus about how the implementation of individual principles should be carried out. Schwartz (2009, p.1) observes that in most parts of the world, “fair information practices are implemented through omnibus laws.” Curiously, the United States has no comprehensive laws that compel organisations to observe fair information practice, but instead developed sectoral laws and regulations to consumer privacy protection with laws being enacted in response to issues arising from specific industries. The challenge that comes with this approach is that there is uneven practice in terms of operations and implementations. Moreover, the TJX issue exposed some glaring weaknesses in the implementation of FIP laws and regulations based on the principles of notice, choice, access, security, and sanctions for noncompliance (Culnan, et al., 2008).
The effectiveness of data privacy management for organisations that collect, store, and use consumer personal data is curtailed by other issues including unclear law or policy, varied jurisdictions, and differences in data type. The challenge may be further aggravated by conflicting regional or state laws (Allen, 2011). The breaches in the TJX case involved unauthorised access to consumer personal information, which resulted in a variety of risks towards consumer personal information. Nevertheless, there is a general agreement within the statutory laws and regulations that every organisation should ensure there is duty of care with regards to information they collect and store based on consumer’s vulnerability and the actual possibility of harm (Allen, 2011).
Allen (2011) observes that although organisations that comply with government regulations are considered legitimate, and readily accepted by their external environment, including partners, this milestone is not easily achievable given the above challenges. For example, the term ‘reasonable procedure’ as stated in most sectoral data protection regulations does not specify what is actually ‘reasonable’, which may vary depending on the nature and size of the organisation, the types of information it captures and stores, the security equipments and tools in the possession of the organisation, and the nature of risk at display.
There has been criticism in regards to the prevailing laws and regulations because they are seen as reactive and outdated at the time when they are enacted (Morley, 2014). The other complaint is that most of privacy violation issues are only detected after the damage is done, thus doing little to reverse the loss on the affected consumers.

The Moral Issues and Responsibilities

Information ethics is based on the collection, use, and management of information (Morley, 2014). As technology becomes increasingly complex, it is evident that ethical problems related to these developments continue to increase. However, the normative theories (stockholder, stakeholder, and social contracts) used to address the prevailing challenges remain less developed, with many institutions only relying on bare legal minimum requirements in relation to consumer data protection (Culnan, et al., 2008). Morley (2014) observes that these theories are distinct and incompatible with regards to the obligations of a business person. Taking into consideration the large social and financial impact of privacy breach as observed in the TJX case, there are mainly two aspects of moral issues that are central to the data privacy: vulnerability and harm avoidance.
The concept of vulnerability highlights most of society’s moral intuitions, with the inherent scenario where one party is at disadvantage with regard to the other party in terms of data collection and use. This situation emerged because one party lacked the capacity to control the information givento the other party. Solove (2007) observed that the root cause of large-scale privacy invasions is embedded inthe lack of information control by the giver. In the case of TJX, consumers suffered outright vulnerability, although they expected TJX to protect their card information with a proper mechanism in place.
On the other hand, avoiding harm involves the need for managers to avoid using consumer data to harm the vulnerable consumer socially and financially. Many have argued that it is the responsibility of the managers to take a minimum moral standing to ensure no harm is done in the treatment of consumer information (Culnan, et al., 2008).

Conclusion

Information privacy is an important issue in the modern business environment. In order to protect consumer information, managers must learn to strike a balance between consumer privacy and business interests by constantly adhering to the principle of protecting the vulnerable consumer and not causing harm to them through their personal information. It is important to note that TJX caused harm when their consumer personal data were stolen by a third party intruder. Although TJX violated industry rules, it is more significant to highlight that the company’s failure to observe moral responsibility in the protection of consumer data should be viewed as more detrimental to the company. Businesses are expected to follow basic ethical principles in managing business activities.
While we can argue that the TJX data breach saga received the attention because of the United State’s comprehensive formal notice requirements within the laws on privacy data management, it is also apparent that personal data protection is beyond the laws and regulations and requires ethical foundations within the organisations. The need to integrate ethical reasoning into the privacy programmes of every organisation is paramount (Xu et al., 2008). We can argue that integrating moral responsibility within organisations will not only establish ethical standards for the organisations, but is growingly becoming a necessity considering the challenges surrounding the implementation of legal requirements. Furthermore, considering that consumers are vulnerable and are unable to control how businesses use their personal information, it is the moral responsibilities of every organisation to go beyond bare minimum legal compliance. That is, each organisation needs to take reasonable precaution when handling consumer data and ensure no harm is caused with this kind of data.

References

Allen, A. (2011). Unpopular Privacy: What Must We HideOxford: Oxford University Press.
Culnan, M. J., Foxman, E. R., and Ray, A. W. (2008). “Why ITExecutives Should Help Employees Secure Their Home Com- puters,” MIS Quarterly Executive (7:1), March, pp. 49-55.
Federal Trade Commission (FTC). (2008). “Press Release: Agency Announces Settlement of Separate Actions Against Retailer TJX, and Data Brokers Reed Elsevier and Seisint for Failing to Provide Adequate Security for Consumers’ Data,” March 27(available at http://www.ftc.gov/opa/2008/03/datasec.shtm; accessed November 29, 2014).
Greenaway, K. E., and Chan, Y. E. (2005). “Theoretical Explana-tions of Firms’ Information Privacy Behaviors,” Journal of the Association for Information Systems (6:6), pp. 171-198.
Morley, D. (2014). Understanding Computers in a Changing Society. Chicago: Cengage Learning.
Schwartz, M. (2009). “Europe Debates Mandatory Data Breach Notifications.” The Privacy Advisor (9:2), p. 1.
Smedinghoff, T. J., and Hamady, L. E. (2008). “New State Regula-tions Signal Significant Expansion of Corporate Data SecurityObligations,” BNA Privacy and Security Law Report (7), October 20, p. 1518.
Solove, D. (2007). “The New Vulnerability: Data Security andPersonal Information,” in Securing Privacy in the Internet Age, A. Chander, L. Gelman, and M. J. Radin (eds.), Palo Alto, CA: Stanford University Press, pp. 111-136.
Xu, H., Dinev, T., Smith, H. J., and Hart, P. (2008). “Examining the Formation of Individual’s Privacy Concerns: Toward an Integra-tive View,” in Proceedings of the 29th International Conference on Information Systems, Paris (available at http://aisel.aisnet.org/icis2008/6; accessed October 29, 2014).

Categories
Free Essays

Security Manager – Working with and leading people

Task 1: Teamwork mini project

The teamwork mini project demonstrates its main target to discuss the role play of a selection day at St Patrick’s College. The conduct of this role play is done by a team of three students. The job title introduced for this selection day is the post of a security manager.One of the most important responsibilities of a security manager is to monitor the security operations in the college environment. A security manager is usually responsible for maintaining and implementing of a wide range of security policies, rules and regulations. It is important to ensure that the college environment is safe for students, college staff and visitors. Another significant responsibility of a security manager is related to recruiting new security staff and delegating specific tasks. The security manager should be able to keep track of various events as well as create emergency response plans. It is also significant to conduct regular security evaluations.

There are two main roles typical to a security manager: managerial role and administrative role. In terms of demonstrating his managerial role, a security manager is expected to supervise security team on issues related to sickness and absence. Other important aspects of the managerial role of a security manager include coordination of all contacts with the emergency service providers in case a serious incident occurs; contacting external contractors regarding fire system and access to security systems; and ensuring safety of the entire building at all times. In relation to the administrative role, a security manager should carry out and record daily security checks in an appropriate manner as well as manage staffing levels including rotas. Reports of daily activities and problems with equipment, property and theft issues have been identified. The duties and responsibilities of a security manager are provided below:

Monitor security junior staff to patrol college premises and detect signs of intrusions and ensure security doors, windows and gates are secured;
Answer alarm bells and assigns officers to investigate disturbances and also to present a list of potential problems;
Ensure that the fire call points, intruder alarms, emergency lighting are tested weekly and results recorded;
Ensure security alarms are set and working correctly as well as gas and electrical appliances are turned off at the end of the day;
Monitor and authorise entrance and departure of students and staff, visitors and other persons to guard against theft and to maintain security of premises;
Coordinate with the reception staff and provide support and cover as required;
Coordinate with facility management on health and safety matters;
Liaise with the borough security and supersee the transfer of any accused person to the custody of the local law enforcement personnel;
Act as the main key holder for the college on all call outs and liaise with other emergency services

In terms of person specification, the following aspects have been outlined:

EssentialDesirable
Education and qualificationHigh diploma level (HND); Bachelor’s degree in business management/ managing people; Bachelor’s degree in security management; Complete senior management security programme; Hold a recognised training certificateDegree in criminal justice/ public administration
Experience and knowledgeCandidate must be 21 years and over; One year post degree; Work with security systems including CCTV and access control and producers to promote effective security operations for the protection of assets, people and data; Knowledge of CCTV codes of practice, data protection act, British standard 7499; Static guarding and mobile patrol; Experience of managing teams; Knowledge of fire safety and health and safe procedures in the workplace; Knowledge of the equality act and its relevance to the collegeWork with the police force, national guard, voluntary service; Work at an operational management level delivering security service ideally with students and within a high large profile; 2 years in security force


Task 3: Self-reflection

Having taken part in the project at St Patrick’s College, related to a selection day, I have had an experience which has given me an exciting opportunity to experience an active process of building strong leadership skills. Teamwork usually involves various individuals and groups working together to optimise their efficiency and reach common goals, as in the case with the project performed in St Patrick’s College (Sohmen, 2013). The benefits of team working on this project are numerous. First, teamwork leads to improved morale because team members learn to take sufficient responsibility for their actions, which may result in a significant improvement of the entire project. It is important that individuals gain authority and ownership over the project (Reevy, Chamberlain and Stein2013).

A second benefit of team working on the project relates to greater flexibility. This means that people have an opportunity to become more flexible as result of working together on a project. They may also solve certain problems in an efficient manner considering that they unite their efforts to achieve common objectives (Sohmen, 2013). Another benefit associated with teamwork is that of increased innovation. Every team member can share important insights into developing the project successfully. Innovation is linked with creativity, implying that team members can demonstrate solid creative skills when providing suggestions to the project (Pacios and de la Fuente, 2013). As indicated in research, teamwork contributes to increased levels of motivation, which in turn positively affects one’s creativity.

My role as leader and member of the team has developed due to my active participation in the project. Conflicts and difficulties are an inevitable part of any project, including the one at St Patrick’s College, but I have been determined to solve any challenges. I have demonstrated the skills of listening to others and considering their point of view regarding important stages of the completion of the project (Reevy, Chamberlain and Stein, 2013). Research places importance on the development of empathic skills, which are important in the process of bringing a project to successful completion (Tiffan, 2014). My role as team leader in managing conflicts has mostly involved the adoption of preventative strategies focused on the idea of preventing or minimising conflicts. As a result, I have contributed to the development of ground rules for the project at its beginning, as research also considers the relevance of systematic preparation in projects (Tiffan, 2014). Moreover, I have succeeded in developing a team agreement on the precise way in which the group could resolve any problems that may appear. Another strategy is to present details on the critical resolution process in which every team member is assigned specific roles.

My role as leader and member of the team also included a solid focus on reactive strategies. In other words, I have thoroughly considered my responsibility to enhance the resolution of conflicts pertaining to the project (Sohmen, 2013). For instance, I implemented a form of authoritarian approach by informing the group about the scope of the resolution. Such strategy was more formal in the sense of adhering to strict rules of project communication. As an example, I directly informed the group that the major goal of the project is to focus on recruitment strategies used in the selection of employees. This fostered a sense of enhanced teamwork based on the urgency to resolve any conflicts and difficulties as quickly as possible. However, I also included a process of flexible discussion while trying to find solutions to conflicts (Tiffan, 2014).

As a whole, the effectiveness of the team in achieving the projects goals was adequate. The team members were skilled and motivated to bring the project to a successful end. In addition, the group ensured that they had complementary skills (Stupans, 2013). They were able to relate to one another in terms of technical proficiencies. The aspect of mutual accountability was present at all stages of the project. They were all responsible for the creation of a strong culture of responsibility. Each team member illustrated the presence of clearly defined roles and responsibilities (Tiffan, 2014).

As part of the process of achieving the project’s goals, productivity of team members has been properly recognized and rewarded. In addition, the effectiveness of the team reflected the regular tracking of individual and group progress. In case the team members exhibited any signs of struggling with completing the project, the team has been always ready to provide support and guidance which previous research has found to be important (Sohmen, 2013). The team was able to create a positive pressure to achieve the initially projected goals. Such goals have emerged in an attempt to guide the important decisions made by team members. This shows that the team has maintained a focus on the project’s mission related to the selection of a professional to work at St Patrick’s College (Stupans, 2013). The aspect of collective responsibility has been dominant in guiding the team working while completing the project of St Patrick’s College.

My role within the team especially during the selection process was quite flexible because I had an opportunity to explore various aspects of that particular process. What I have done well was to outline briefly the personal qualities required for the position of a security manager/supervisor (Adams, Cain and Giraud, 2012). I demonstrated a proper knowledge of the job role as well as presented specific skills in organising important job roles and responsibilities. Moreover, I illustrated adequate communication and teamwork skills that have contributed to the successful completion of the project. I was able to work with culturally diverse individuals and lead them accordingly (Sohmen, 2013).

However, I could have done better in improving my knowledge of specific aspects of security policies, rules and regulations pertaining to the job position. I could have taken my time to explore each of these aspects in detail in order to provide a better understanding of the specificity of the profession, which could have helped me focus on selecting the right candidates (Adams et al., 2012). Although I believe I have good skills in assessing people’s potential in a particular field, I need to do more research on this topic to improve my own capacity of working with and leading culturally diverse individuals (Tiffan, 2014). I could have also improved my cultural awareness considering the highly diverse workforce of the educational institution. In conclusion, this task has been completed successfully because of the focus on teamwork at all stage of the process.

Task 4: Discussion of the main financial statements of a company

There are three key components involved in the financial statements of a company, which are a profit and loss statement, balance sheet, and cash flow statement. All the key components are used as a whole, to provide a clear picture of the financial position and financial results of a company (Parker, 2009). A structure designed for each of the financial statements is considered the most important element, though the influential decision depends on the requirements of the user. The key point supporting the importance of the profit and loss statement is that it is one of the most important financial statements and users like to observe the financial statements of a company, since it has the capability to help users or businesses generate profit by examining the over financial report (Buffett and Clark, 2008). In addition, the information inserted in the profit/loss statement is mostly released in the applicable currency, so it can provide a reasonable level of accuracy. Though, profit/loss does not show the amount of assets and liabilities required by a company to generate a profit (Parker, 2009). Moreover, its financial results are not necessarily associated with the total cash flows generated by a company. The accuracy of this statement can be suspected when the cash basic of the accounting method is used. It is important to focus on ensuring accuracy as part of the broad purpose of accounting. Thus, the profit/loss statement, when utilised, can be fairly misleading.

Balance sheet is expected to be positioned at a second place by many users, since it does not provide the financial results of business operations, and some of the information provided in it may be based on past business costs (Kalsyte and Verikas, 2013). This makes the balance sheet report less instructive or informative. However, the balance sheet is considered to have importance when compared with the profit/loss statement, since this sheet provides the amount of investment requirement to maintain the sales and profits shown on the profit/loss statement (Buffett and Clark, 2008).

The third most important component of financial statement is cash flow, because it mainly focuses on recording cash inflows and outflows (Parker, 2009). This financial report provides a clearer analysis of a company’s cash flows than the profit/loss statement, which can sometimes present unbiased results, particularly when accruals are authorised under the growth basis of accounting (Palea, 2014).

It is essential to understand the concept of the balance sheet, as it provides a company’s financial situation at any period of time, while a profit/loss statement provides a company’s overall financial performance within a set period of time. The profit/loss statement normally shows a company’s financial performance over a period, such as being released every year or after six months (Parker, 2009). On the other hand, the balance sheet gives a snap shot of the financial position accurately at the year-end or month-end. Finance managers rely on the balance sheet statements to examine whether purchasing certain equipment on debt is the right choice for a company at that time (Palea, 2014). The balance sheet also provides the owner’s equity; for instance, it indicates the total value of the inventory and the number of a company’s shares identified as outstanding.

The profit/loss statement is one of the most important documents because it plays a significant role in a company’s decision making process. The profit/loss statement is an end result of the financial information that is provided in the journals and ledgers, and then changed into brief, summarised, compiled revenue and expense structures (Bao, Li, Wu, Zhu et al., 2014). This statement shows the overall revenues and expenses of a company for a set period of time. Senior managers and shareholders can find prosperity of valuable information on the profit/loss statement including the company’s overall sales, profits, retained earnings, net profits, and operating earnings. From this information, finance experts can determine and distinguish vital information about a company’s performance. Profit/loss statements usually give information for more than one period, for example two successive years (Buffett and Clark, 2008). It is simple to compare the financial results from one period to the next and conclude trends in earnings and expenditures. Whereas, cash flow statement is considered to be the most crucial element for any enterprise’s financial performance. It calculates the amount of capital that enters into a company and out of it over a specified time period. In this way, an enterprise is able to analyse and control how much capital it has in inflow to pay expenses and purchase assets.

There is a difference existing in the structure of financial statements (profit/loss statement and balance sheet) for different types of business, such as sole trader, partnership and private/public limited company. Each company has different financial and economical positions so they use different financial statements with different structures that satisfy their financial positions (Bao et al., 2014). The financial statements gather the financial information from the sales and services provided and include the net taxable profit or loss for each month. Different types of business use different structures. For a sole proprietor, the financial statement is easy and simple because the financial report is just provided for the proprietor of the company. This means that it does not have to provide any balance sheet and profit/loss statement (Parker, 2009). The report just needs to provide or to show profit and loss financial information, whereas a private limited and public limited company, which has to organise its’ report based on accounting standards. There are two types mostly used by companies: international financial reporting standard (IFRS) and generally accepted accounting principle (GAAP). If financial statements are not structured based on standards it is complicated to evaluate and compare performance with that of other companies. For a partnership, the financial structure is focused on providing the profit/dividend and total contribution by partners in the investment capital of a company (Ronen, 2006). The objective of the financial statement is revealed in the balance sheet, profit/loss, cash flow and loss statement.

When creating financial statements, the profit/loss statement would typically be structured first because the net profit or loss becomes a part of the statement in the balance sheet, or in a partners’ capital. Moreover, the end of a partner’s capital statement becomes a part of the balance sheet (Parker, 2009). The financial statement is focused on examining the total capital and profits of a company that are distributed inside its structure. For a public and private limited company, the financial statement must provide the following components: current assets, non-current assets, current liabilities, total sales, total profits, payable, dividends, and share prices (Ronen, 2006).

References

Adams, B. L., Cain, H. R. and Giraud, V. (2012). ‘Leadership, Motivation, and Teamwork Behaviors of Principal Investigator’s in Interdisciplinary Teams: A Synthesis of Research’. Journal of Leadership Education, vol. 11(2), pp. 176-191.Bao, C., Li, J., Wu, D., Zhu, X., Liang, C. and Liu, C. (2014). ‘Optimization of Integrated Risk in Commercial Banking Based on Financial Statements’. Procedia Computer Science, vol. 31, pp. 501-510.Buffett, M. and Clark, D. (2008). Warren Buffett and the Interpretation of Financial Statements: The Search for the Company with a Durable Competitive Advantage. New York: Scribner.

Kalsyte, Z. And Verikas, A. (2013). ‘A Novel Approach to Exploring Company’s Financial Soundness: Investor’s Perspective’. Expert Systems with Applications, vol. 40(13), pp. 5085-5092.

Pacios, A. R. and de la Fuente, G. (2013). ‘Teamwork and Leadership in a Virtual Learning Environment’. RUSC: Revista de Universidad y Sociedad del Conocimiento, vol. 10(2), pp. 358-374.

Palea, V. (2014). ‘Are IFRS Value-Relevant for Separate Financial StatementsEvidence from the Italian Stock Market’. Journal of International Accounting, Auditing and Taxation, vol. 23(1), pp. 1-17.

Parker, R. H. (2009). Understanding Company Financial Statements. New York: Penguin Books.

Reevy, G. M., Chamberlain, C. J. and Stein, J. (2013). ‘Identifying Collaboration, Teamwork, and Leadership Practices on Campus’. Currents in Teaching & Learning, vol. 6(1), pp. 4-17.

Ronen, J. (2006). ‘A Proposed Corporate Governance Reform: Financial Statements Insurance’. Journal of Engineering and Technology Management, vol. 23, pp. 130-146.

Sohmen, V. S. (2013). ‘Leadership and Teamwork: Two Sides of the Same Coin’. Journal of Information Technology & Economic Development, vol. 4(2), pp. 1-18.

Stupans, I. (2013). ‘Development of Contemporary Leadership Capacity through Teamwork in an Online Environment: A Pilot Study’. International Journal of Teaching & Learning in Higher Education, vol. 25(2), pp. 262-268.

Tiffan, B. (2014). ‘The Art of Team Leadership’. Journal of Health-System Pharmacy, vol. 15, pp. 799-801.

Categories
Free Essays

Network security and business

Company X is reputed to be the world’s leading manufacturer and supplier of sportswear (sports shoes and vestments) and sports equipments with its headquarters situated in Oregon, Portland metropolitan area. The company presently accrued 16 billion US dollar worth excess revenue in 2007 only. In the year 2008, that company is credited to have recruited 30,000 employees globally, while at the same time maintaining its status as the sole grand crown holder of the Fortune 500 title as far the state of Oregon is concerned. In this essay, the vulnerabilities experienced by the company shall be looked at in respect to network security which entails working towards the protection of information that is passed o0r stored through or within the computer.

The company was founded in 1964 and then later re branded in 1978. The company is so well established that it does not only sell its products under its own company name, but it also does so through its subsidiaries. In addition to this, company X also owns other sports companies. In an effort to realize expansion, company X extended its services to run retail stores under its name. As a result of this, the company X has approximately 19,000 retail departments in the US alone. In the same vein, the company sells its products to about 140 countries globally.

The company has been traditionally sponsoring sportsmen and women around the globe and has very distinct logo and slogans. The slogans used by this company unlike those of the fellow competitors, made it to the top five slogans of the 20th century, and was accredited for this by the Smithsonian Institution. In 1980, company X had hit the 50% market share mark in the the United States, being only 16 years old. The most recent type of inventions by this company involves the production of new models of cricket shoes which in comparison to their competitors, are 30% lighter (Bernstein, 1996).

The company seeks to maintain its vibrant market and maintains its upper hand against its competitors by producing products that are appealing to the tastes of the materialistic youth. The sports wear company produces and sells assortments used in sundry and diverse world of sports sch as basket ball, athletics, golf, American football (rugby), tennis, wrestling, skating, football and skate boarding, among others.

The company X having become a global entity, also faces many problems that come with expansionism. The troubles touch on cases of workers’ rights in relation to the occupation safety and health matters. These cases are more distributed in the developing economies than in developed ones.

Conversely, there are also issues about social responsibility that border on the environmental safety in relation to the production processes and wastes produced by the company. The problem also stretches to its outsourcing vendors, who together with the company have been challenged by critics to work towards carbon neutrality.

Critics have also dismissed as lies the claim by the company that it increased the salary scale of its workers by 95%. These critics posit that the company seeks to always exploit its workers, of whom 58% are young adults aged between 22- 24 years, while 83% of the workers are women. Half of these workers in these companies are said  to have gone through their high school educational programs.  Because few of these people have work related skills, critics maintain, the subsidiaries of company X are reported to be using this state of affairs to exploit their employees by issuing them very minimal wages (Mc Nab, 2004).

Again, it is reported that out of company X’s contract factories, 20% deal in the casual production of of the products. These factories are always bedeviled by cases of harassment and abuse (of which the company has moved in to sort out the situation by liaising with the Global Alliance in order to review the first twenty one of the most notorious factories. The company also set up the prescribed code of conduct so as to inculcate social responsibility among the workers.

Spates of continual human rights abuse nevertheless continued to persist. In Indonesia for example, 30.2% of the workers of company X are reported to have been victims of exploitation. 56% of these workers are said to have undergone verbal abuse. In about the same spectrum, 7.8% are reported to have succumbed to unwanted sexual comments, while 3.3% are said to have been abused physically. In Pakistan, the matter deteriorated to cases of child abuse and the conscription of child labor. For instance, in the same country, the issue came to the global attention when pictures were displayed, portraying children knitting football which were to be then sold by this company.

Another matter that haunts this company X is the protection of information, or commonly called by the corporate world and the computer science and management as network security. Of recent developments, concerns over privacy have soared, and become subject to public furore and debates when it was found out by security experts after conducting a research in the University of Washington, that company X’s iPod sport kit had the ability to track people . Initially, the surveillance system that works through the company’s iPod sports kit had been designed to allow the user (mainly the sports person) of this facility to take note of the calories that have been burned, the speed, the distance covered and the time dispensed when undertaking sports activities.

The kit was fitted with a transmitter that was designed to be stuck on the shoes and the iPod’s transmitter. The tracking is made possible by the fact that the transmitter relays particular ID. Although the problem first seemed minuscule due to the fact that the information could only be accessed from a 60 feet away shoe, yet it was found out later that more problems, it seemed would set in since the surveillance or tracking system was then fed to the Google maps (Sloot, 2003).

In order to bring in ameliorations in this matter, comprehensive laws are being proposed so that company X and its counterparts who use these systems can be forced to beef up security into the models- a measure which these companies are ignoring. Some related speculations are also rife that the company’s retailing contractors  are using the RFID tags for tracking their consignments and keeping track of the stock market. This problem is hydra headed since apart from the obvious fact that this may scare away potential customers, it still has exposed the company to anti company X campaigns which have widely been  activated and managed by the Caspian organization in the US.

Customers will shy away from the products since the communication system of the company X seems to have been compromised in its CIA (confidentiality, integrity and availability) of information security. Confidentiality portends that only the permitted authorities access information, while integrity ensures that information stays only within the precincts of the authorized handlers. Availability on the other hand demands that those who are authorized access information are be able to so do efficiently and quickly. The external leaking in and out of confidential information can be very costly and should always be avoided

Company X is working out to ameliorate this problem. On 5th March 2008, in Oregon, it held a meeting in which the departmental heads and subsidiary representatives met, and analyzed the extent of the vulnerability (they had already come into the board meeting, having known the nature, and the extent of the risk). As an immediate contingency, company X decided that it was going to suspend the sale of the iPod transmitters as a measure to instill risk avoidance.

Having also become aware that there was also the danger of information systems being invaded by hackers, (as was seen in the 31st July, 2007 when in Pakistan tens of its computers succumbed), consensus was arrived at that all computer systems in the organizations adopt the man- in- between technique by adopting the firewall computer security system that will be able to detect the nature of the on coming information.

On another front, the company X agreed that it was to globally look at its wireless networking: the technology that the supports the connectivity of each computer to a specific network or networks. This does not portend coming up with a new system of networking, but bolstering the configurations and the security systems. New and stronger RAMs( Random Access Memory ) were bought and have already been set in place.  This will ensure that the roiter system within the company’s area of jurisdictions are very strong and very fast in detecting anomalies (Raquet and Saxe, 2005).

The computer technicians in company X suggested that the leaking of the company’s secret information could be due to the fact that the computer connectivity in Pakistan could have been in the open mode configuration. These technicians elaborated that open computer mode connectivity allows anyone even without the building to access information from an open mode configured computer. The situations becomes more vulnerable in the present day due to the portability of the computers (laptops and palm tops).

Open mode wireless computers have a preset name that makes the computer to, on being turned on, start broadcasting packets which prompt all wireless devices within the precincts about the availability of connectivity (Albanese and Sonnenreich, 2003). However, should the computers be switched on to closed configuration, the beacon packets are no longer broadcasted by the access point.

It was also discovered that although the headquarters were already filtered, yet not all of the subsidiaries were. It is an this backdrop that the computer technicians under the aegis of the company’s information and technology department recommended that the Wireless Encryption Protocol (WEP)  be introduced to ward off even the most sophisticated hackers. Wireless Encryption Protocol ensure that the data that is being relayed is not in the readable format, but instead, it becomes only readable after being decoded in a backward manner on being received. This leaves the data unreadable on being captured in between transition since the data is still encoded. The hacker is frustrated unless in possession of the knowledge about the  original address.

Conclusion.

As a concept, network security is very important in the realization of a company’s secret information. Good and comprehensive network security keeps secret information from flowing outwards to unwanted parties, while at the same time, enabling efficient flow of information within an enterprise. The systems of communication ( the hardware, the software and the orgware ) is also adequately protected.

Company X would accrue higher returns if it enhanced all of its network security systems within its disposal.

References.

Albanese, J. and Sonnenreich, W. (2003). Illustrations on network security.

US: Mc Graw Hill.

Bernstein, T. (1996). Internet security designed for business.

US: Wiley.

Mc Nab, C. (2004). Assessment of network security.

US: O’ Rielley.

Raquet, C. and Saxe, W. (2005). Advocacy and governance of business network security.

US: Cisco Press.

Sloot, P. (2003). International conference of computational science.

Categories
Free Essays

Negative Effects of Privatizing Social Security

Bush administration’s continuous emphasis on the issue of privatization of social security services has generated much hype in the recent years. Many a social security scholars and workers take into account its bad effects on the socio-cultural sector and economic domain of United States rather than eulogizing it. They put forward many negative effects of this privatization of social security. One of the prime negative effects is that a system that is carved out to offer benefits to employees and their kin upon retirement, disability, or bereavement is going to be treated like a commodity.

It is a public service and is not a commercial service. From the very start of social security system in 1935, the program was based on the basis principle that magnitude of the remuneration package would depend on the income of employees over their professional time span. Contrary to this, Bush administration’s new privatized security system would take into account the   amount of funds that a worker would invest in his or her own personal account. Ultimately, this will lower the magnitude of benefit and there would be a great uncertainty on the part of the workers about their investments, margin over investments and remuneration. This would not only result into socio-economic maladies for their but psychological and mental health of the workers would be in danger too.

Some scholars are of the view that “Rate of return” calculations, made by the proponents of privatized social security overlook the “value of Social Security’s insurance protections”. So privatization of Social Security would divert the money that is currently used to finance existing insurance program into investment accounts (this proposed to be created for each worker). So from what sources this amount, that is being used to carry on current payments to recipients of a variety of Social Security insurance and other benefits, will be collected?

It would generate a cause and effect phenomenon. For example Treasury of States have to borrow huge amounts from the private sectors and other financial institutes instantaneously in order to pay the insurance and other retirement benefits to the already retired and/or their families. This would cause negative impact on the national economy and federal deficit would go up. National saving would decline and it will effect the long-tern economic development.

Another negative impact of the privatization of social security is that remuneration on the finances of workers through individual accounts would be totally dependent on the market trends. Furthermore scholars argue that individual investors are more prone to perform badly in the market than collective investments. In the above case brokerage houses, banks and mutual funds would be beneficial.

Social Security programs does not take into account the gender differences and its patterns and procedures treat men and women on equal terms, But is a biological and cultural truth that women get the worst provided by the social security. So in this way, she will be the most hard-hit in the privatization process of social security. Caroll L. Estes as early as 2004 take into consideration the negative impact of privatization of Social security and says;

Negative effects are particularly harsh for those older women who do not conform to the model of family status as married with male breadwinner and for those already disadvantaged by race, ethnicity, and class. (Estes, 2004)

References

Anrig Grig, Jr., ; Wasow, Bernard. Twelve Reasons Why Privatizing Social Security is a

Bad Idea. The Century Foundation. 2004. Available online:

http://www.socsec.org/publications.asp?pubid=503

Estes, Caroll L. Social Security privatization and older women: A feminist political

economy perspective. Journal of Aging Studies. Vol.18. No. February 2004,

Pages 9-26

Feldstein, Martin. Privatizing Social Security. Journal of Economic Literature, Vol. 37,

No. 2 (Jun., 1999), pp. 685-686

;

;

;

Categories
Free Essays

Negative Effects of Technology on the Society’s Security and Privacy

Continuous studies on possible technological developments are being done everyday as initiated by private companies and the government military. Needless to say, these technologies, particularly those funded by private companies have been developed aside from making huge profits, to benefit the society in almost every aspect in their lives especially in terms of making their lives easier and more comfortable. Similarly, those developed by the government may have been initially done mostly for military and government purposes, but almost always; such technology comes to be marketed to the masses later on. Examples of which include the online technologies such as cellular phones, the computer and the internet.

Cellular phones, computers and the internet have been for many years now, widely available for commercial use. Undeniably, such technologies have made casual life more productive in terms of the speed in which work can now be done. Cellular phones allow cordless communication in almost all places, all stations in the world; computers allow speedier processing of transactions, calculations and many other tasks; and the internet allows not only global communication but also better and more widely available databases of information which almost everyone with internet access can utilize.

Attached with such array of commercial benefits however, are possibilities of misuse and thus disadvantages that could not only affect one individual but also huge numbers of populations at one time in general. With these, technologies come more ways of violation of individual privacy as well as security. These stem from such technologies’ nature of mass connection.

The number of cellular phone users has been increasing. From 1997 to 2002, there has been 10-fold increase in global usage reaching 787 million (“GSM to Pass One-Billion Mark This Year”). This may mean better connection for these people but this may also mean an increase in the number of people probable of being violated of privacy. It is true that it is prohibited to access account information from private companies, but since the use of airwaves in this particular technology allows the personal tracking of the location of an individual, privacy cannot always be ensured.

There are still people who have unlimited access to such information and are capable of such violation, that is, location tracking without the consent of the concerned individual. This is especially true with the number of hackers, both experimenting and professional, out practicing.  Individual information from private companies could also be tapped indiscriminately especially by government officials for their specific purposes. This may be beneficial (but may still be unethical) if the person concerned is a real crook, but for innocent individuals, the violation of privacy would be unwarranted.

The rise of the computers and the internet creates a new breed of crime. Computers are an efficient way of storing important and sometimes company critical files. This computer function allows company’s easier management and access to their files which are in many ways beneficial. But these benefits are not limited to the companies as the storage of information in the computer also allows professionals, particularly hackers, access to the information.

Just recently, 12 December 2006, it was reported by CNN that a number of names and personal information were exposed when a hacker attacked the database of the computer system of the University of California, Los Angeles (“Hacker Attack at UCLA Affect 800,000 people”). According to the same report, a survey released in October of this year showed that about a hundred colleges experienced a similar incident during the previous 12 months.

The information stolen in such cases usually include names, birth dates, medical records, social security numbers, home addresses and other personal information (“Hacker Attack at UCLA Affect 800,000 people”). Clearly, the computers and the internet allow newer and more technical way of thieving, the most controversial of which is identity theft.

The use of the internet has now evolved to allow even the purchase of items from objects as simple books to even loans and transactions can now be done conveniently through the internet using the credit card. It is this nature of internet transactions that allows identity theft through the internet. According to a report done by the Federal Trade Commission in 2003, the reported form of identity theft has been limited to those involving credit card transactions.

According to the same report, about 13% of the victims reported that their personal information was obtained during transactions during credit card purchases. Among those purchases include those done through the internet.  Such information can be used by the thief in many ways such as obtaining government documents, purchasing online, obtaining loans, housing transactions, employment and filing of tax returns (Federal Trade Commission).

These are just some examples of how technology, particularly phones, the computer and the internet disadvantage individuals. There could be a lot more other ways. Phones and computers have also been used in propagating pornography especially with the increase in use of video cameras, file sharing and websites that support such.

Computer viruses had been and can still be easily distributed to corrupt several company and even government files, causing significant losses both in the concerned company as well as in the society in general. Freund cited a survey of the FBI that about 500 U.S. companies suffered significant financial losses amounting to $455.8 million in 2002.

Technology is a powerful tool and is undeniably beneficial to the society especially with the ease in living it contributes to every individual. But as much as it is powerful and beneficial, it can also do harm because everything with advantages can always be exploited to bring otherwise. The results that technology brings just all depend on how the user chooses to use it.

Works Cited

Freund, G. “Perspective: Hacking 2003, The New Agenda.” Cnet News.Com. Cnet Networks, Inc. 2006. <http://news.com.com/2010-1071_3-1001016.html>

Federal Trade Commission. “Identity Theft Survey Report.” Sep 2003. Synovate. <http://www.consumer.gov/idtheft/pdf/synovate_report.pdf>

“GSM to Pass One Billion Mark This Year.” 2003. Cellular.co.za. <http://www.cellular.co.za/news_2003/011603-gsm_to_pass_one_billion_mark_wit.htm>

“Hacker Attack at UCLA Affect 800,000 People.” CNN.com. 12 December 2006. Cable News Network LLP.<http://www.cnn.com/2006/TECH/ptech/12/

12/ucla.data.theft.ap/index.html>

 

 

Categories
Free Essays

Data Security and Integrity: Software and Physical Restrictions

Table of Contents Page # Introduction Introduction Maintenance of data security and integrity in reference to: Software Access Restrictions These are inserted for the purposes of protecting computer software. A few forms of software access restrictions are as follows: Passwords Definition: -A string of characters that allows access to a computer, interface or system. How does it assist in securing data and maintaining its integrity? When a person creates a password for access to a computer, folder, program etc. they are creating a code that must be implemented every time they wish to access the software. This means that if any unknown or unauthorized personnel were to attempt to view the material and were unaware of the password then they would be unable to do so, thus securing the data.

The integrity of the data is also highly protected when using a password because if any unknown or unauthorized personnel attempt to access any data that is password protected without knowing the password, they will be denied access. Thus the data cannot be altered in any way and its trustworthiness would remain the same. * Data Encryption Definition: -This is the encryption (encoding) of data for security purposes. How does it assist in securing data and maintaining its integrity? By encrypting, we change the original plaintext version of data into ciphertext, which is an unreadable format that will protect against unauthorized parties.

Only those who possess the key to trigger the algorithm that will decrypt the data, hence making it readable, can access it. A higher bit encryption is much more secure than a lower bit encryption, for example a 256 bit encryption is much more secure than a 128 bit encryption because a hacker will need to try out more possibilities when trying to breach the encryption. Once data is encrypted the integrity of it is safeguarded just as long as it isn’t breached by a hacker or accessed by any unauthorized party who somehow got the key to the algorithm, and was able to decrypt the data. Virus Protection Definition: -This is the protecting of a system from a file that replicates itself without the consent of the user. How does it assist in securing data and maintaining its integrity? Typical anti-virus software protects a computer system from viruses, Trojan horses, worms etc. by means of routinely or manually scanning files and programs to check for the aforementioned malware and if any malicious content is found, it either notifies the user of its presence and suggests steps that can be taken to remove it, or automatically starts doing so by itself.

Any malware that is located early enough by anti-virus software can usually be removed before it can cause any irreversible damage to data. Though there are viruses that can take effect almost immediately and corrupt data very quickly before the virus protection can take action or even notice it. In this case having better virus protection software is necessary. * Firewall Definition: -This is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

How does it assist in securing data and maintaining its integrity? A firewall protects a computer system or network from any malicious activity from the internet, for e. g. hackers, viruses and Trojan horses. They do so by filtering any incoming packets of data to decide which data will be let through the firewall and which will be discarded. This means that data already on the computer or network will be better protected against hackers, viruses etc. and any incoming data will be ‘clean’ i. e. without any malicious software attached.

Firewalls assist in maintaining data integrity by its ability to filter data. As long as the firewall prevents malware from entering a computer system or network the data will not be adversely affected thus maintaining its trustworthiness. Physical Access Restrictions These consist of biometric systems as well as other forms of physical access restrictions that are used to protect data. A few forms of physical access restrictions are: * Voice Recognition Definition: -This is a device used for the identifying of individuals by the sound of their voice.

How does it assist in securing data and maintaining its integrity? Voice Recognition is a biometric system i. e. it identifies individuals by a unique human characteristic, their voice. The way this aids in protecting data is as follows: if someone wishes to gain access to something, in this case data, they would need to verify to a computer that they are permitted to view or manipulate the data by speaking. If they are not registered to gain access to the data then the computer would deny them the ability to view or interact with it, thereby maintaining its integrity.

If the speaker is registered with the voice recognition, then it would grant the speaker access. This allows data to be viewed by authorized personnel only. Voice recognition is considered to be more secure than passwords because of the fact that, instead of depending on a secret string of characters to gain entry to the data, it identifies them by their voice hence removing the possibility of guessing. * Retinal Scan Definition: -This is the biometrical identification of individuals by scanning the retina of the eye.

How does it assist in securing data and maintaining its integrity? A retinal scan operates similarly to voice recognition, this is because they are both biometric systems. The way this assists in securing data is as follows: The retina of the eye, which is unique to everyone, is scanned. The computer can identify people by the use of camera technology which can differentiate individuals from one another because of the subtle differences in their retina. If the person is recognized as authorized personnel, then they are allowed to view the data.

If however, they are not authorized to view the data, they will be denied access from doing so as well as from manipulating it, this allows for the safekeeping of data and the maintenance of its integrity. * Fingerprint Recognition Definition: -This is the automated method of verifying a match between two human fingerprints. How does it assist in securing data and maintaining its integrity? This is another biometric system, and the most popular one at that. Fingerprint recognition is widely used for the protection of data because of its accuracy and dependability in identification.

Just as there are no two people who share the exact same voice or retina, there are no two people who share the exact same fingerprints. Because of this, fingerprint recognition can be used to allow someone access to data once the person accessing the data places his finger onto the scanning device. If his fingerprints match those that are registered then he/she is allowed access to the data, otherwise access will be denied. * Fireproof Cabinets Definition: -A fire resistant cupboard/box which can house computer hardware that contains data. How does it assist in securing data and maintaining its integrity?

Data is located inside software, however software cannot function without hardware. Therefore, in order to protect the software which houses data, we must also protect the hardware which houses the software. Fireproof cabinets are an excellent way of doing so. They assist in securing the hardware by allowing it a special area so that it is not lost or misplaced. Also, if there is a fire which could potentially be disastrous, the fire resistant cabinets will protect the hardware from being destroyed while also indirectly protecting the data. Summary Bibliography

Categories
Free Essays

Research on Honey Pots with regard to proofing security

Battling hackers and technological experts who use their knowledge for stealing information and hacking can always be troublesome and costly. Why waste time, effort, energy and risk losing out thousands of dollars in profits. The use of honey pots and honey tokens can eliminate the need for such risks and enhance the security of the system.

Honey tokens and honey pots are not computer systems. In fact, they are software that is designed to interact with unauthorized users and counter their activity. They give you the ability to allow hackers and crackers into the system and make them feel as if they have broken into the system. They hold false data that is kept there for that malicious user to use and steal. The honey pot then actively saves all the actions performed by the unauthorized user. Using such honey pots and combining it with the data on their actions, many potential takeovers can be subdued. Several malicious invasions can be countered using such honey pots, and at the same time, the illegal user commending on his capabilities on managing to break into the company’s security.

A honey pot works by trapping the actions of an intruder by setting a fallacious database that has honey pots are just software that tackles crackers intelligently without them knowing that they have been tracked. The cracker can do whatever they like with data that is as fallacious as dummy data. There is no sensitive data provided to such a cracker and the hacker’s actions will be under review all the while he is snooping around in the system.

They are relatively easy to install and do not require a lot of high technological cost or monitoring. But they are highly effective in countering illegal break-ins to sensitive data. As soon as there is an access to the system through any undefined way, the honey pot gets activated and provides the user with databases that is of no use to the company and is actually in place to fool the hacker.

Therefore, Mr. Lloyd, given the obvious benefits of sugar coating an illegal user and then finding the security holes that they used in breaching the system, the company should consider implementing the honey pot system. Using this we can then fix our security holes so that they can stop other crackers breaching our security again.

Bibliography

1.       What is honey pot? a definition from Whatis.com. Retrieved March 17, 2008, from Search Security Web site: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci551721,00.html

2.       Dynamic Honeypots Retrieved March 17, 2008, from Security Focus Web site: http://www.securityfocus.com/infocus/1731

Categories
Free Essays

Food Security in Society

Food Security “There is no sincerer love than the love of food,” George Bernard Shaw a literary critic once said. His statement rings true, as food feeds the functions of society. However, not all countries feel the cushion of a full meal each day. Every year 15 million children die from hunger. Scarcity of food is an epidemic affecting people all over the world. Therefore, food security, the access by which all people at any time can have access to enough nutritious food for an individual to have a healthy life, is a vital part of a countries concern.

Nigeria is one such country, like many others in which food security is of high concern. No longer a third world country, as of 2005, Nigeria has been declared a middle class country and continues to develop from there. However, this does not make Nigeria exempt from the brutality of hunger and the shortage of food. Officially named the Federal Republic of Nigeria, Nigeria is a country located in West Africa with its borders being surrounded by Chad, Benin, Cameroon and Niger. Nigeria is the most populated country in Africa and the seventh most populated in the entire world.

Naturally, with such a high population the amount and production of food is a large concern for the government. As stated by Olyeran-Oyeyinkain the book, The Gene Revolution and Global Food Security, “Agriculture has become a major contributor to the Nigeria’s economy. Accounting for about 40% of gross domestic product (GDP) and employing about 60% of the work force” (Olyeran 117). The main crops that workers toil on are as follows: beans (varieties which include cocoa beans, soy beans) sesame, cashews, cassava, groundnuts, gum arabic, kola nut, corn, melon, millet, palm kernels, palm oil, plantains, rice, rubber, Guinea corn, and yams.

Because of the many different climates that Nigeria possesses, it is possible for it to grow these varying crops. However, agriculture with larger sized crops is not a common form of farming for the country. What’s stopping larger production is not common factors such as scarcity of water or even an appropriate climate to flourish in, but it is restricted due to low fertility in the soil. This stops many crops from even sprouting. Also, lack of cultivation stops from farming on a bigger scale as well. Livestock is not a huge factor in the country anymore.

Though farming is not as large scale as it could be, it has taken over the land and caused insufficient homes for the animals to live in. Excess of population has also caused the countries game of elephants, tigers, buffalo, leopards, and other big game to be found in either animal reserves or remote countryside areas. The animals are forced to find homes elsewhere. Antelope, monkeys and jackals are still more commonly widespread and seen more often in Nigeria. The bigger game may be hard to catch but the common livestock eaten in Nigeria is as follows: cattle, donkey, duck, geese, goat, chicken, guinea fowls, pigeon, pigs, sheep, and turkey.

Meat is a widespread form of nutrition in the country, but crops are a much more common item to be dined upon. Fisheries also provide a large amount of resources for the cultures cuisine. Most popular seafood life includes crab, shrimp, shark and moon fish. With all this said, food security in Nigeria has not been the best over the years, with poor farming resources and food being outsourced, most of the country has been left hungry. However, as of a 2010 food security review of Nigeria, things have been looking up.

After the growing season completed in 2010 food supplies were on the higher side at both household and market levels. In most parts of northern Nigeria the livestock prices and household food reserve levels as of January 2010 are at an affordable price. These two factors are key elements in determining food security. This does not say that social deprivation does not still rain supreme in the country. Recovery from a difficult hunger season usually shows a slow growth, however in 2010 the hunger season had gone by faster than expected due to thee above addressed unusual prices of livestock and crops.

Commonly in Nigeria they outsource to other countries in order to make a profit off of their crops. While this gives them an increase in economic revenue, it leaves their people hungry due to lack of nutritious foods. This outsourcing of food is one of the major causes of the poor food security that Nigeria has often possessed. Before their civil war, which occurred in 1973, Nigeria was relatively self-sufficient in concerns to foods. However, after the war, imports and exports of food increased tenfold. Bread is the most common import, ironically enough imported from the United States.

Major exports include oil, cocoa, corn, yams and cotton lint. To make more income, instead of having a surplus of food, the food is sold off, leaving the country short for its citizens, thus making for a very poor food security. The money that they then make is not used solely for feeding the people. Despite there being a ban on exporting a lot of important food sources, such as milk, sugar, and flour, a free agricultural trade market was finally established in the 1980’s. A second leading cause in the poor food security is the commonly occurring oil spills that happen in Nigeria.

Nigeria is a large partner with the US, as it imports a lot of the United States oil to the country. The Delta region of Nigeria is the area that is hit hardest by these oil spills. The Department of Petroleum Resources estimated 1. 89 million barrels of petroleum were spilled into the Delta between 1976 and 1996 out of the total of 2. 4 million barrels between these year brackets. Clean up was slow and waste management of the sludge from recent oil spill accidents, as well as from the ones previously stated, is still a major concern for economic costs. An intervention plan is possible for the country of Nigeria.

The Nigerian government has approved several policies and undertaken a number of steps in order to help improve food security in Nigeria. These plans include the following: the National Plan of Action for Food and Nutrition, Primary Health Care Approach, Catchments Area Planning and Action, Gender Informed Nutrition and Agriculture, and National Special Program on Food Security. Government in Nigeria’s main focus however is on their policy entitled “Food and Nutrition Policy for Nigeria. ” This policy was put into place in 2002 and sets specific goals to be met.

These include the reduction of malnutrition among children under five by at least 30% by 2010, and reduction of micronutrient deficiencies. The main micronutrient deficiency concern being with vitamin A, iodine and iron. Their hopes were to lower this by 50% by the year 2010 as well. Lack of knowledge and technology is a main hindrance to any policies and actions set forth by the Nigerian government. With all these plans being looked into, hopes are that Nigeria can reduce the population of hungry even more in the upcoming years. However, if mire research is not gained into solving these issues, setting orth policies may be in vain if there is no action to back them up. Works Cited Department of Petroleum Resources. 2009. 20 11 2009. Akinyele, Isaac. International Food Policy and Research Institute. Garki, Abuja Nigeria. 2010. 20 11 2011. Nations Encyclopedia. 2011. 20 11 2009. Olyeran-Oyeyinka, Banji Gehl Sampath, Padmashee. The Gene Revolution and Global Food Security. Palgrave Macmillan. Basingtoke Hampshire, GBR. 11 2009. 20 11 2011. 117. Think Exist. 1999. 20 11 2009. Think Quest. 20 11 2009. United States Department of Agriculture- Food and Nutrition. Alexandria, VA. 20 11 2011. USAID. 1 2011. 20 11 2009.

Categories
Free Essays

Public Police and Private Security

The public police industry has never had a close relationship with the private security profession. Public police officers have typically viewed private security as “law enforcement wanna-bes” (p. 247, Clifford, 2004). Private security is viewed this way because the training requirements are different and in many ways less extensive than what is required of public police officers (Australian Institute of Criminology, 1998). This has been a controversial issue in the past but in recent years has been changing for the better.

Private and public security agencies have begun to bridge the gaps between the two industries. Private security professionals have been given a bad reputation in the past because of the many abuses of power and the misunderstandings of the main goals of private security. Take for example, Allan Pinkerton started his own security firm in the 1800s and was not very well liked by many for the program he devised to protect railroad companies from internal threats (Clifford, 2004). Many people thought he and his company were out to get them which brought about negative feelings toward him.

This very same feeling that security companies are out to get people is still alive today and some security professionals are even less respected today. Many people view private security in a negative light because they believe them to be minimum wage help and uneducated. This feeling toward private security has led to stereotypes in which they are called “Rent-a-Cops” and other derogatory names. Currently, many individuals are working to change the negative image that is associated with private security.

Police officers also have been given a bad reputation because of the actions of some people who have been on-the-job in the past. Many law suits and uprisings have been a result of the American people’s inability to trust and their dislike of police officers. However, like the security industry, they too, are working to make the industry more professional and regain the trust of the people. There has been an increase in the training as well as the policies and procedure which police officers must follow while performing their duties in order to protect the communities and the constitutional rights of each individual.

The two industries have made few attempts to integrate in the past but this fact is changing (Gunter & Kidwell, 2004). There has been a shift toward increasing public and private security cooperation and abilities to work together in recent years which has been increasing the level of safety that both industries have been able to provide. The private security industry has almost unlimited funding has made available resources for new technology which it has begun to share with law enforcement to increase the efficiency of both operations.

One example is Bank of America and their security professionals working with government agencies to provide information and resources regarding identity theft including strategies and training to detect and prevent this crime from happening (White, 2008). Another example, Target has built its own crime labs in an effort to thwart crime against their company which have also made available to local police agencies to aid in the investigation of crime (International Association of Chiefs of Police, 2012).

These cooperative efforts are helping to prevent crime as well as bringing the two industries together for a common goal. Public and private policing agencies, however, have different objectives and liabilities in mind with respect to their duties (Li, 2009). Public policing has the safety and security of the public and property in an entire jurisdiction in mind (Li, 2009). They are not focused on just one property in general but all properties and individuals in that particular jurisdiction.

Private security on the other hand, is only concerned with the property or area they contracted to protect. The often look out for the interests of the people or businesses that employ them and must remain profitable businesses themselves (Clifford, 2004). Public police are employed by the government and must uphold the Constitution and funding is done with taxpayer money. They have many restrictions which have been derived from the Constitution and they must strictly adhere to the document (Clifford, 2004).

Private security companies are not governed by the constitution and are afforded more freedoms when it comes to their policies and procedures (Clifford, 2004). Also, the personnel who employed by the private security industry are not nearly as liable for their actions as public police officers. Public police officers can actually be sued directly for violations of an individual’s constitutional rights. These differences and others have been the differences that have divided the public and private security industry for years. A good cooperative relationship is what the public and private security industry needs.

I believe this may begin to be achieved by more government regulation on private security companies as far as employee training and education. Many private security firms do not pay their employees well, they do not train them well, and they hire low class individuals. This must stop if the two industries will ever fully be cooperative. Likewise, public policing agencies must work toward involving private security companies in the safety of the community on a regular basis. More interaction between both industries will help develop a relationship of mutual respect between officers and agencies.

Categories
Free Essays

Data Security and Mobile Devices

Data Security and Mobile Devices Introduction: Mobile devices such as smartphones, PDAs, tablets, and netbooks have become an integral part of everyday business operations. Millions of people log into their company’s secure network on mobile devices via wireless Internet or even accessing their email, making sensitive data more susceptible to data theft and hacking. Mobile technology is advancing at such a fast pace, making it harder for IT managers to keep up with newly emerging threats. Since the smartphone emerged in the business scene, cybercrime has increased exponentially.

Data security has now become the main focus for most IT managers in larger corporations. What are some of the risks associated with using mobile devices in business operations? Human error is the biggest risk associated with data security when it comes to using mobile devices. This is mostly due to loss of theft of a smartphone or other mobile device. In a study conducted in Washington DC last year, taxi drivers counted the number of mobile phones that were left behind in taxis over a six month period. Over eighty-three hundred phones were recovered.

That was almost twenty-five times the number of laptops that were left in the taxis during the same period. Although all corporate laptops are password protected, few have password protection on their mobile devices. (Phifer) “According to Credent Technologies, eighty-eight percent of mobile devices carry valuable information- from patient, customer and employee records, financial statements, and passwords,” (Phifer). Because so few people PIN-lock their phones, all of this sensitive data can easily fall in to the hands of a hacker.

Mobile users often auto save their username and passwords to avoid monotonous reentry. This gives the hacker access to any information available to theft victim. Another major risk associated with the use of mobile devices is mobile malware. Most mobile operating systems lack the anti-virus and other security feature that are found on laptops. This makes mobile devices susceptible to viruses such as Trojan and worms. Doombot is a Trojan virus that is designed to affect all mobile operating platforms such as Android, iOS, and blackberry. It is transferred through MMS and Bluetooth (Panda Security).

What are some techniques used by IT managers to minimize security risks with mobile devices? It is vitally important to the cyber security of a company for IT managers to constantly be assessing the security of their network. Some important steps managers are taking are education, visualization, conservative defaults, hard switching, and most importantly manager and employee training. Educating employees about the risks of using mobile devices is important because the human element poses the greatest risk to the cyber security of the company.

Its important for the firm to have a training program in place so all employees know how to protect themselves and the company. Visualization is also important in constant uphill battle of cyber security. Managers must constantly be looking for the latest threats against the network and try to find a solution before a breach occurs. Conservative default settings on the firm’s network prevent employees from viewing non-secure websites and also from downloading files from places from outside the company’s network.

This would allow employees to still download attached files from intra-company email but would prevent the downloading of files that might be infected with a virus. (Nykodym) IT managers also use outside contractors to monitor a company’s network security. Companies like BlueFire Mobile Security cater to the rapidly expanding reliance on mobile devices. Their services provide protection for lost or stolen devices, information encryption, and security while on the Internet. They also offer protection for a company’s wired network as well.

They provide intrusion prevention, firewall, authentication, and encryption for the entire network. Contracts with companies like BlueFire are often made with smaller firms or with firms who want to reduce the size and budget of their IT department. (Computer Security Update) How significant was the increase of cyber attacks when mobile devices became part of everyday life? Smartphones exploded on the business scene in the mid 2000s. They provided the convenience of accession of vital information from anywhere.

According to Sharia Panela’s article for GMA News , “between 2007 and 2012, small and medium businesses reported steadily increasing web attacks. Malware, phising, and other types of violation surged by 35 percent while email attacks soared by 12 percent” (Panela). All of these types of attacks are in a large part due to the lack of security on mobile devices. In Norton’s 2012 Cybercrime Report, the total price tag on consumer data cybercrime was $110,000,000,000. China leads the pack with a total loss of $46 billion and the Unites States coming in second with a total loss of $21 billion.

With Apps for everything from mobile banking to syncing work and personal email, people have more sensitive data on their phone than ever before. The Cybercrime report concludes with the changing face of cybercrime. The new frontier for hackers is social media websites and new mobile devices. (Palmer) Conclusion: With all of the new developments in cyber security hackers always seem to be one step ahead. Smartphones and other mobile devices have become such an important part of everyday business employees. These devices are a virtual candy store for hackers, a one-stop shop for all of the data stored on the device.

If the device is lost or stolen, it can be used to access the internal network of the firm and extract private data about customers or financial information. Mobile Security has come to the forefront of the IT department’s agenda in larger data driven firms. Although they implement measures to prevent security breaches, the human element is the most damning. Managers need to provide educational programs for their employees to learn about proper use of mobile devices on company networks. Works Cited “Computer Security Update. ” Computer Security Update. 8. 4 (2007): 1-4.

Web. 4 Nov. 2012. Nykodym, Nick. “Journal of Politics and Law. ” Journal of Politics and Law. 5. 1 (2012): 1-6. Web. 4 Nov. 2012. Palmer, Adam. “Norton Cybercrime Report 2012. ” Norton Cybercrime Report 2012. (2012): n. page. Web. 4 Nov. 2012. Panela, Sharia. “Personal gadgets raise risk of cybercrime in workplace. ” GMA News Online. GMA Network Inc. , 18 2012. Web. 4 Nov 2012. Phifer, Lisa. “Business Communications Review. ” Business Communications Review. (2007): 23-25. Web. 4 Nov. 2012. “Virus Encyclopedia . ” Panda Securities. Panda Worldwide, Web. 4 Nov 2012.

Categories
Free Essays

Walmart Security Issues

Review our cookies information for more details Special report: Managing information A different game Information is transforming traditional businesses Feb 25th 2010 | from the print edition * * IN 1879 James Ritty, a saloon-keeper in Dayton, Ohio, received a patent for a wooden contraption that he dubbed the “incorruptible cashier”. With a set of buttons and a loud bell, the device, sold by National Cash Register (NCR), was little more than a simple adding machine. Yet as an early form of managing information flows in American business the cash register had a huge impact.

It not only reduced pilferage by alerting the shopkeeper when the till was opened; by recording every transaction, it also provided an instant overview of what was happening in the business. Sales data remain one of a company’s most important assets. In 2004 Wal-Mart peered into its mammoth databases and noticed that before a hurricane struck, there was a run on flashlights and batteries, as might be expected; but also on Pop-Tarts, a sugary American breakfast snack. On reflection it is clear that the snack would be a handy thing to eat in a blackout, but the retailer would not have thought to stock up on it before a storm.

The company whose system crunched Wal-Mart’s numbers was none other than NCR and its data-warehousing unit, Teradata, now an independent firm. A few years ago such technologies, called “business intelligence”, were available only to the world’s biggest companies. But as the price of computing and storage has fallen and the software systems have got better and cheaper, the technology has moved into the mainstream. Companies are collecting more data than ever before. In the past they were kept in different systems that were unable to talk to each other, such as finance, human resources or customer management.

Now the systems are being linked, and companies are using data-mining techniques to get a complete picture of their operations—“a single version of the truth”, as the industry likes to call it. That allows firms to operate more efficiently, pick out trends and improve their forecasting. In this special report * Data, data everywhere * All too much * »A different game * Clicking for gold * The open society * Show me * Needle in a haystack * New rules for big data * Handling the cornucopia Sources & acknowledgementsReprints Related topics * China * Nestle * IBM * Royal Shakespeare Company * Walmart

Consider Cablecom, a Swiss telecoms operator. It has reduced customer defections from one-fifth of subscribers a year to under 5% by crunching its numbers. Its software spotted that although customer defections peaked in the 13th month, the decision to leave was made much earlier, around the ninth month (as indicated by things like the number of calls to customer support services). So Cablecom offered certain customers special deals seven months into their subscription and reaped the rewards. Agony and torture Such data-mining has a dubious reputation. “Torture the data long enough and they will confess to anything,” statisticians quip.

But it has become far more effective as more companies have started to use the technology. Best Buy, a retailer, found that 7% of its customers accounted for 43% of its sales, so it reorganised its stores to concentrate on those customers’ needs. Airline yield management improved because analytical techniques uncovered the best predictor that a passenger would actually catch a flight he had booked: that he had ordered a vegetarian meal. The IT industry is piling into business intelligence, seeing it as a natural successor of services such as accountancy and computing in the first and second half of the 20th century respectively.

Accenture, PricewaterhouseCoopers, IBM and SAP are investing heavily in their consulting practices. Technology vendors such as Oracle, Informatica, TIBCO, SAS and EMC have benefited. IBM believes business intelligence will be a pillar of its growth as sensors are used to manage things from a city’s traffic flow to a patient’s blood flow. It has invested $12 billion in the past four years and is opening six analytics centres with 4,000 employees worldwide. Analytics—performing statistical operations for forecasting or uncovering correlations such as between Pop-Tarts and hurricanes—can have a big pay-off.

In Britain the Royal Shakespeare Company (RSC) sifted through seven years of sales data for a marketing campaign that increased regular visitors by 70%. By examining more than 2m transaction records, the RSC discovered a lot more about its best customers: not just income, but things like occupation and family status, which allowed it to target its marketing more precisely. That was of crucial importance, says the RSC’s Mary Butlin, because it substantially boosted membership as well as fund-raising revenue. Yet making the most of data is not easy. The first step is to improve the accuracy of the information.

Nestle, for example, sells more than 100,000 products in 200 countries, using 550,000 suppliers, but it was not using its huge buying power effectively because its databases were a mess. On examination, it found that of its 9m records of vendors, customers and materials around half were obsolete or duplicated, and of the remainder about one-third were inaccurate or incomplete. The name of a vendor might be abbreviated in one record but spelled out in another, leading to double-counting. Plainer vanilla Over the past ten years Nestle has been overhauling its IT system, using SAP software, and improving the quality of its data.

This enabled the firm to become more efficient, says Chris Johnson, who led the initiative. For just one ingredient, vanilla, its American operation was able to reduce the number of specifications and use fewer suppliers, saving $30m a year. Overall, such operational improvements save more than $1 billion annually. Nestle is not alone in having problems with its database. Most CIOs admit that their data are of poor quality. In a study by IBM half the managers quizzed did not trust the information on which they had to base decisions. Many say that the technology meant to make sense of it often just produces more data.

Instead of finding a needle in the haystack, they are making more hay. Still, as analytical techniques become more widespread, business decisions will increasingly be made, or at least corroborated, on the basis of computer algorithms rather than individual hunches. This creates a need for managers who are comfortable with data, but statistics courses in business schools are not popular. Many new business insights come from “dead data”: stored information about past transactions that are examined to reveal hidden correlations. But now companies are increasingly moving to analysing real-time information flows.

Wal-Mart is a good example. The retailer operates 8,400 stores worldwide, has more than 2m employees and handles over 200m customer transactions each week. Its revenue last year, around $400 billion, is more than the GDP of many entire countries. The sheer scale of the data is a challenge, admits Rollin Ford, the CIO at Wal-Mart’s headquarters in Bentonville, Arkansas. “We keep a healthy paranoia. ” Not a sparrow falls Wal-Mart’s inventory-management system, called Retail Link, enables suppliers to see the exact number of their products on every shelf of every store at that precise moment.

The system shows the rate of sales by the hour, by the day, over the past year and more. Begun in the 1990s, Retail Link gives suppliers a complete overview of when and how their products are selling, and with what other products in the shopping cart. This lets suppliers manage their stocks better. The technology enabled Wal-Mart to change the business model of retailing. In some cases it leaves stock management in the hands of its suppliers and does not take ownership of the products until the moment they are sold. This allows it to shed inventory risk and reduce its costs.

In essence, the shelves in its shops are a highly efficiently managed depot. Another company that capitalises on real-time information flows is Li & Fung, one of the world’s biggest supply-chain operators. Founded in Guangzhou in southern China a century ago, it does not own any factories or equipment but orchestrates a network of 12,000 suppliers in 40 countries, sourcing goods for brands ranging from Kate Spade to Walt Disney. Its turnover in 2008 was $14 billion. Li ; Fung used to deal with its clients mostly by phone and fax, with e-mail counting as high technology.

But thanks to a new web-services platform, its processes have speeded up. Orders flow through a web portal and bids can be solicited from pre-qualified suppliers. Agents now audit factories in real time with hand-held computers. Clients are able to monitor the details of every stage of an order, from the initial production run to shipping. One of the most important technologies has turned out to be videoconferencing. It allows buyers and manufacturers to examine the colour of a material or the stitching on a garment. “Before, we weren’t able to send a 500MB image—we’d post a DVD.

Now we can stream it to show vendors in our offices. With real-time images we can make changes quicker,” says Manuel Fernandez, Li ; Fung’s chief technology officer. Data flowing through its network soared from 100 gigabytes a day only 18 months ago to 1 terabyte. The information system also allows Li & Fung to look across its operations to identify trends. In southern China, for instance, a shortage of workers and new legislation raised labour costs, so production moved north. “We saw that before it actually happened,” says Mr Fernandez.

The company also got advance warning of the economic crisis, and later the recovery, from retailers’ orders before these trends became apparent. Investment analysts use country information provided by Li ; Fung to gain insights into macroeconomic patterns. Now that they are able to process information flows in real time, organisations are collecting more data than ever. One use for such information is to forecast when machines will break down. This hardly ever happens out of the blue: there are usually warning signs such as noise, vibration or heat. Capturing such data enables firms to act before a breakdown.

Similarly, the use of “predictive analytics” on the basis of large data sets may transform health care. Dr Carolyn McGregor of the University of Ontario, working with IBM, conducts research to spot potentially fatal infections in premature babies. The system monitors subtle changes in seven streams of real-time data, such as respiration, heart rate and blood pressure. The electrocardiogram alone generates 1,000 readings per second. This kind of information is turned out by all medical equipment, but it used to be recorded on paper and examined perhaps once an hour.

By feeding the data into a computer, Dr McGregor has been able to detect the onset of an infection before obvious symptoms emerge. “You can’t see it with the naked eye, but a computer can,” she says. Open sesame Two technology trends are helping to fuel these new uses of data: cloud computing and open-source software. Cloud computing—in which the internet is used as a platform to collect, store and process data—allows businesses to lease computing power as and when they need it, rather than having to buy expensive equipment.

Amazon, Google and Microsoft are the most prominent firms to make their massive computing infrastructure available to clients. As more corporate functions, such as human resources or sales, are managed over a network, companies can see patterns across the whole of the business and share their information more easily. A free programming language called R lets companies examine and present big data sets, and free software called Hadoop now allows ordinary PCs to analyse huge quantities of data that previously required a supercomputer. It does this by parcelling out the tasks to numerous computers at once. This saves time and money.

For example, the New York Times a few years ago used cloud computing and Hadoop to convert over 400,000 scanned images from its archives, from 1851 to 1922. By harnessing the power of hundreds of computers, it was able to do the job in 36 hours. Visa, a credit-card company, in a recent trial with Hadoop crunched two years of test records, or 73 billion transactions, amounting to 36 terabytes of data. The processing time fell from one month with traditional methods to a mere 13 minutes. It is a striking successor of Ritty’s incorruptible cashier for a data-driven age. from the print edition | Special report Recommend 140 * * * Submit to reddit * inShare2 * View all comments (4) Related items TOPIC: China » * Recommended economics writing: Link exchange * Trade: Mexico rising * The Economist: Digital highlights, November 24th 2012 TOPIC: Nestle » * Consumer goods in Africa: A continent goes shopping * Schumpeter: Pretty profitable parrots * Nestle buys Pfizer Nutrition: Feeding little emperors TOPIC: IBM » * Schumpeter: Taking the long view * IBM’s mainframes: Old dog, new tricks * Phase-change memory: Altered states TOPIC: Royal Shakespeare Company » * William Shakespeare: A digital reinvention Culture: Going for gold * Green architecture: The retrofit revolution More related topics: * Walmart Want more? Subscribe to The Economist and get the week’s most relevant news and analysis. * Print edition X Feb 27th 2010 Feb 20th 2010 Feb 13th 2010 Feb 6th 2010 * Next in The world this week X Politics this week * Next in The world this week X Business this week * Next in The world this week X KAL’s cartoon * Next in Leaders X Technology The data deluge Businesses, governments and society are only starting to tap its vast potential * Next in Leaders X Argentina and the Falklands The beef in Buenos Aires

The Kirchners could have more oil if they stopped bullying Argentine business * Next in Leaders X Japan’s frustrating politics Nagasaki fallout Japan’s prime minister, Yukio Hatoyama, should jettison his Svengali, Ichiro Ozawa * Next in Leaders X India Ending the red terror It is time India got serious about the Maoist insurgency in its eastern states * Next in Leaders X Genetically modified food Attack of the really quite likeable tomatoes The success of genetically modified crops provides opportunities to win over their critics * Next in Letters X Letters On Spain, al-Qaeda, Yemen, torture, Britain, juries, stereotypes, Benjamin Disraeli Next in Briefing X Argentina under the Kirchners Socialism for foes, capitalism for friends While some private businesses in Argentina have faced harassment or even nationalisation, others… * Next in Briefing X The first family’s businesses Welcome to the Hotel Kirchner Such a lovely little earner * Next in United States X Health reform Seizing the reins, at long last After leaving Congress in charge for too long, Barack Obama unveils his own plan * Next in United States X Mitt Romney and the Republicans Fired up, ready to go Mitt Romney takes centre-stage * Next in United States X The administration’s economists

Grading the dismal scientists How good is the Council of Economic Advisers? * Next in United States X The economy Back to the crash The American economy has just had its worst decade since the 1930s * Next in United States X Arkansas politics Democrats beware A spirited scramble for suddenly open Democratic seats * Next in United States X Schools and testing The finger of suspicion Is too much weight given to testing? * Next in United States X California’s prison-guards’ union Fading are the peacemakers One of California’s most powerful political forces may have peaked * Next in United States X America’s children

Protecting the weakest The recession may hurt America’s vulnerable children * Next in United States X Lexington Is Barack Obama tough enough? Conservatives call him too weak to be a warrior. Tell that to the Taliban * Next in The Americas X Corruption in Brazil The money trail Many corruption scandals stem from the high cost of politics, and unrealistically tight… * Next in The Americas X Presidential ambitions in Peru Political satire Jaime Bayly’s breath of fresh air * Next in The Americas X Latin American summitry In ever-closer union, divided we stand * Next in The Americas X Canada’s Mohawks Get out of our canoe

When a Canadian is not a Canadian * Next in Asia X Tackling Japan’s bureaucracy Floundering in the foggy fortress The DPJ is finding that it needs to befriend its bureaucrats, as well as bash them * Next in Asia X India’s Naxalite insurgency Not a dinner party India’s Maoist guerrillas carry out two slaughters, then offer a truce * Next in Asia X Western aims in Afghanistan Played for fools Hamid Karzai’s shenanigans make the going even harder for NATO * Next in Asia X Migrant workers in Thailand Inhospitality Life gets harder for Thailand’s guest-workers * Next in Asia X China’s National People’s Congress

Democracy in action Making sure that China’s supreme legislative body is toothless * Next in Asia X Animal welfare in China Off the menu The right to eat cats and dogs is under threat * Next in Asia X Banyan The mother of all dictatorships To understand North Korea, look not to Confucius or the Soviet Union, but to fascist 1930s Japan * Next in Asia X Clarification: Maratha * Next in Middle East and Africa X Israel’s controversial intelligence service Does Mossad really make Israel safer? In the wake of the assassination of a Hamas leader in Dubai, presumably by Mossad, the agency’s… * Next in Middle East and Africa

X Israeli spies in Lebanon Not such a success A round-up of Israeli spies * Next in Middle East and Africa X Senegal’s politics Statuesque or grotesque? An outsize statue symbolises the defects of the president and his family * Next in Middle East and Africa X South Africa’s economy Steady as she goes A budget that gives little to the left * Next in Middle East and Africa X Somalia’s civil war Jihadists on the march The strongest Islamist militia is now formally linked to al-Qaeda * Next in Middle East and Africa X Niger’s coup It seems popular, so far The African Union tut-tuts but the people appear to welcome a coup Next in Middle East and Africa X Nigeria’s president A sudden return There’s still a vacuum * Next in Middle East and Africa X Correction: Najib Balala * Next in Europe X Ukraine’s new president Yanukovich’s mixed blessing A triumphant Viktor Yanukovich is inaugurated in Kiev, but his political problems have only just… * Next in Europe X Germany’s fractious government Westerwelle’s woes A liberal at odds with some of his coalition partners * Next in Europe X Latvia and Greece Baltic thaw, Aegean freeze Latvia’s economic free fall has halted, and it may now do better than Greece * Next in Europe X Turkey’s coup plotters

Lies and whispers More arrests stoke the battle between the army and the government * Next in Europe X The Dutch government falls Wild things The far right promises to do disturbingly well on June 9th * Next in Europe X France’s Socialist Party Fresh troubles A scandal in the south-west shows up the metropolitan party’s weaknesses * Next in Europe X Charlemagne Europe’s bear problem The trouble with the European Union’s attempts to woo Russia * Next in Britain X Britain’s prime minister Hero, villain or victim of the global age? Gordon Brown’s pitch for a fourth Labour term—and his critique of the Tories Next in Britain X The Conservatives’ mini-malaise Tory blues The opposition is failing to capitalise on the government’s troubles * Next in Britain X Media and the law Publish, perish, protest Bad news for dodgy journalism—and for libel tourists * Next in Britain X Pensions and tax If it says ARF, then it’s a dog Pensions rules get complex again * Next in Britain X Assisted suicide The latest chapter New rules on helping those who wish to end their lives but are unable to do so * Next in Britain X Construction jitters Survival tactics Building firms are struggling to emerge from the recession * Next in Britain

X Bagehot All too human How much does a prime minister’s character matter? * Next in Britain X Internship * Next in International X Sanctions on Iran And the price of nuclear power? America is rallying its friends to concentrate minds in the Islamic Republic * Next in International X A poll on trust What’s good for General Motors A new pattern in opinions about bureaucrats, business and charity * Next in Special report X Data, data everywhere Information has gone from scarce to superabundant. That brings huge new benefits, says Kenneth… * Next in Special report X All too much Monstrous amounts of data Next in Special report X Clicking for gold How internet companies profit from data on the web * Next in Special report X The open society Governments are letting in the light * Next in Special report X Show me New ways of visualising data * Next in Special report X Needle in a haystack The uses of information about information * Next in Special report X New rules for big data Regulators are having to rethink their brief * Next in Special report X Handling the cornucopia The best way to deal with all that information is to use machines. But they need watching * Next in Business X Recruitment firms Joining the queue

The recession has accelerated big changes for firms that help people find jobs * Next in Business X The spread of GM crops Taking root The developing world embraces a controversial technology * Next in Business X The boom in printing on demand Just press print New technology promises to prolong the life of the book * Next in Business X Hype about fuel cells Flower power A clean-tech start-up generates lots of excitement and a little electricity * Next in Business X A boardroom row at Repsol Adding fuel A policy shift in Spain heralds more upheaval at its biggest oil firm * Next in Business X Toyota’s overstretched supply chain

The machine that ran too hot The woes of the world’s biggest carmaker are a warning for rivals * Next in Business X Schumpeter The emperor’s clothes Like other bosses, media moguls are recovering their poise. But that’s no reason to start making… * Next in Briefing X Reviving Royal Bank of Scotland Scots on the rocks What really went wrong at RBS? And how can it be put right? * Next in Finance and economics X The balance of economic power East or famine Asia’s economic weight in the world has risen, but by less than commonly assumed * Next in Finance and economics X Emerging-market sovereign debt Risk redefined

The new problem with Asian sovereign debt—scarcity * Next in Finance and economics X Secondary buy-outs Circular logic Private-equity companies look to each other to solve their problems * Next in Finance and economics X Interest-rate risk Surf’s up Banks’ next big problem appears on the horizon * Next in Finance and economics X Buttonwood The very long view For investors, much depends on when you put your money in * Next in Finance and economics X Chinese banks Hole sale Capital calls by Chinese financial institutions elicit questions * Next in Finance and economics X Short-selling rules Shackling the scapegoats

American regulators approve long-awaited restrictions on short-selling * Next in Finance and economics X Economics focus Low definition Trustbusters want to put less emphasis on market definition when assessing mergers * Next in Finance and economics X Correction: Financial risk * Next in Science and technology X Climate and combustion Fired up This year’s meeting of the American Association for the Advancement of Science looked at, among… * Next in Science and technology X How siestas help memory Sleepy heads Researchers say an afternoon nap prepares the brain to learn * Next in Science and technology X

Looking for ET Signs of life As the search for alien life turns 50, its practitioners find new methods * Next in Science and technology X Nuclear forensics A weighty matter How to analyse smuggled uranium * Next in Books and arts X China’s roads A voyage of discovery A reporter who explored China’s bigger and lesser roads and found treasure * Next in Books and arts X How East Timor became Timor-Leste A country’s agonising birth An authoritative account of Timor-Leste’s birth * Next in Books and arts X New York low life Bottoms up Essays on New York by St Clair McKelway, taken from the New Yorker * Next in Books and arts

X University education in America Professionalising the professor The difficulties of an American doctoral student * Next in Books and arts X A biography of Arthur Koestler Intellectual fireworks A serial fornicator with a powerful, paradoxical intellect * Next in Books and arts X A Japanese silversmith Making waves Pounding flat pieces of silver into beautiful vessels * Next in Books and arts X Old men of the theatre The two Peters A couple of productions that make a compelling case against ageism * Next in Obituary X Alexander Haig Alexander Meigs Haig, soldier and public servant, died on February 20th, aged 85 Next in Economic and financial indicators X Overview * Next in Economic and financial indicators X Output, prices and jobs * Next in Economic and financial indicators X The Economist commodity-price index * Next in Economic and financial indicators X FDIC-insured “problem” institutions * Next in Economic and financial indicators X Trade, exchange rates, budget balances and interest rates * Next in Economic and financial indicators X Markets * Next in Economic and financial indicators X Wall Street bonuses * Print edition X Feb 27th 2010 Mar 6th 2010 Mar 13th 2010 Mar 20th 2010 From the print edition Feb 27th 2010 Comment (4) * Print * E-mail * Reprints ; permissions * Most popular * Recommended * Commented Recommended * 1Mexico and the United StatesThe rise of Mexico * 2International: The lottery of life * 3Atheists and Islam: No God, not even Allah * 4European economy guide: Polarised prospects * 5Egypt: Going up in flames Commented * 1Atheists and IslamNo God, not even Allah * 2France and the euro: The time-bomb at the heart of Europe * 3Secession and elections: Let’s stay together * 4Higher education: Not what it used to be * 5Economist debate: Opening Latest blog posts – All times are GMT

Christmas countdown: The 2012 Daily chart Advent calendar Graphic detail – Dec 1st, 06:54 Environmental policy: Trent Lott outs himself as the owner of a titchy,… Lexington’s notebook – Dec 1st, 03:45 Mexico’s new cabinet: Out with the old, in with the… old Americas view – Dec 1st, 03:06 Recommended economics writing: Link exchange Free exchange – Nov 30th, 22:11 The Securities and Exchange Commission: Merger talks Schumpeter – Nov 30th, 21:50 Defending Grover Norquist: Nice try, John Democracy in America – Nov 30th, 20:45 Czech politics: The Czech Republic’s first presidential debate Eastern approaches – Nov 30th, 20:23

More from our blogs » Products & events Stay informed today and every day Get e-mail newsletters Subscribe to The Economist’s free e-mail newsletters and alerts. Follow The Economist on Twitter Subscribe to The Economist’s latest article postings on Twitter Follow The Economist on Facebook See a selection of The Economist’s articles, events, topical videos and debates on Facebook. * About The Economist * Media directory * Advertising info * Staff books * Career opportunities * Subscribe * Contact us * Site index * [+] Site Feedback * Copyright © The Economist Newspaper Limited 2012.

All rights reserved. * Accessibility * Privacy policy * Cookies info * Terms of use * Help * Log in * Register * Subscribe * Digital ; mobile * Events * Topics A-Z * Newsletters * Jobs * * * * Top of Form Bottom of Form * World politics * ————————————————- United States * ————————————————- Britain * ————————————————- Europe * ————————————————- China * ————————————————- Asia * ————————————————- Americas ————————————————- Middle East & Africa * Business & finance * ————————————————- All Business & finance * ————————————————- Which MBA? * ————————————————- Business Books Quarterly * Economics * ————————————————- All Economics * ————————————————- Economics by invitation * ————————————————- Economics A-Z * ————————————————- Markets & data Science & technology * ————————————————- All Science & technology * ————————————————- Technology Quarterly * Culture * ————————————————- All Culture * ————————————————- More Intelligent Life * ————————————————- Style guide * ————————————————- The Economist Quiz * ————————————————- Book reviews * Blogs * ————————————————- Latest blog posts ————————————————- Feast and famine * ————————————————- Analects * ————————————————- Free exchange * ————————————————- Americas view * ————————————————- Game theory * ————————————————- Babbage * ————————————————- Graphic detail * ————————————————- Banyan * ————————————————- Gulliver * ————————————————- Baobab ————————————————- Johnson * ————————————————- Blighty * ————————————————- Lexington’s notebook * ————————————————- Buttonwood’s notebook * ————————————————- Newsbook * ————————————————- Cassandra * ————————————————- Pomegranate * ————————————————- Charlemagne * ————————————————- Prospero * ————————————————-

Democracy in America * ————————————————- Schumpeter * ————————————————- Eastern approaches * Debate * ————————————————- Economist debates * ————————————————- What the world thinks * ————————————————- Economics by invitation * ————————————————- Letters to the editor * ————————————————- Ideas arena: Women & work * The World in 2013 * Multimedia * ————————————————-

World * ————————————————- Business & economics * ————————————————- Science & technology * ————————————————- Culture * ————————————————- Events * ————————————————- The Economist in audio * Print edition * Current issue * Previous issues * Special reports * Politics this week * Business this week * Leaders * KAL’s cartoon * Obituary This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies.

Review our cookies information for more details Special report: Managing information A different game Information is transforming traditional businesses Feb 25th 2010 | from the print edition * * IN 1879 James Ritty, a saloon-keeper in Dayton, Ohio, received a patent for a wooden contraption that he dubbed the “incorruptible cashier”. With a set of buttons and a loud bell, the device, sold by National Cash Register (NCR), was little more than a simple adding machine. Yet as an early form of managing information flows in American business the cash register had a huge impact.

It not only reduced pilferage by alerting the shopkeeper when the till was opened; by recording every transaction, it also provided an instant overview of what was happening in the business. Sales data remain one of a company’s most important assets. In 2004 Wal-Mart peered into its mammoth databases and noticed that before a hurricane struck, there was a run on flashlights and batteries, as might be expected; but also on Pop-Tarts, a sugary American breakfast snack. On reflection it is clear that the snack would be a handy thing to eat in a blackout, but the retailer would not have thought to stock up on it before a storm.

The company whose system crunched Wal-Mart’s numbers was none other than NCR and its data-warehousing unit, Teradata, now an independent firm. A few years ago such technologies, called “business intelligence”, were available only to the world’s biggest companies. But as the price of computing and storage has fallen and the software systems have got better and cheaper, the technology has moved into the mainstream. Companies are collecting more data than ever before. In the past they were kept in different systems that were unable to talk to each other, such as finance, human resources or customer management.

Now the systems are being linked, and companies are using data-mining techniques to get a complete picture of their operations—“a single version of the truth”, as the industry likes to call it. That allows firms to operate more efficiently, pick out trends and improve their forecasting. In this special report * Data, data everywhere * All too much * »A different game * Clicking for gold * The open society * Show me * Needle in a haystack * New rules for big data * Handling the cornucopia Sources & acknowledgementsReprints Related topics * China * Nestle * IBM * Royal Shakespeare Company * Walmart

Consider Cablecom, a Swiss telecoms operator. It has reduced customer defections from one-fifth of subscribers a year to under 5% by crunching its numbers. Its software spotted that although customer defections peaked in the 13th month, the decision to leave was made much earlier, around the ninth month (as indicated by things like the number of calls to customer support services). So Cablecom offered certain customers special deals seven months into their subscription and reaped the rewards. Agony and torture Such data-mining has a dubious reputation. “Torture the data long enough and they will confess to anything,” statisticians quip.

But it has become far more effective as more companies have started to use the technology. Best Buy, a retailer, found that 7% of its customers accounted for 43% of its sales, so it reorganised its stores to concentrate on those customers’ needs. Airline yield management improved because analytical techniques uncovered the best predictor that a passenger would actually catch a flight he had booked: that he had ordered a vegetarian meal. The IT industry is piling into business intelligence, seeing it as a natural successor of services such as accountancy and computing in the first and second half of the 20th century respectively.

Accenture, PricewaterhouseCoopers, IBM and SAP are investing heavily in their consulting practices. Technology vendors such as Oracle, Informatica, TIBCO, SAS and EMC have benefited. IBM believes business intelligence will be a pillar of its growth as sensors are used to manage things from a city’s traffic flow to a patient’s blood flow. It has invested $12 billion in the past four years and is opening six analytics centres with 4,000 employees worldwide. Analytics—performing statistical operations for forecasting or uncovering correlations such as between Pop-Tarts and hurricanes—can have a big pay-off.

In Britain the Royal Shakespeare Company (RSC) sifted through seven years of sales data for a marketing campaign that increased regular visitors by 70%. By examining more than 2m transaction records, the RSC discovered a lot more about its best customers: not just income, but things like occupation and family status, which allowed it to target its marketing more precisely. That was of crucial importance, says the RSC’s Mary Butlin, because it substantially boosted membership as well as fund-raising revenue. Yet making the most of data is not easy. The first step is to improve the accuracy of the information.

Nestle, for example, sells more than 100,000 products in 200 countries, using 550,000 suppliers, but it was not using its huge buying power effectively because its databases were a mess. On examination, it found that of its 9m records of vendors, customers and materials around half were obsolete or duplicated, and of the remainder about one-third were inaccurate or incomplete. The name of a vendor might be abbreviated in one record but spelled out in another, leading to double-counting. Plainer vanilla Over the past ten years Nestle has been overhauling its IT system, using SAP software, and improving the quality of its data.

This enabled the firm to become more efficient, says Chris Johnson, who led the initiative. For just one ingredient, vanilla, its American operation was able to reduce the number of specifications and use fewer suppliers, saving $30m a year. Overall, such operational improvements save more than $1 billion annually. Nestle is not alone in having problems with its database. Most CIOs admit that their data are of poor quality. In a study by IBM half the managers quizzed did not trust the information on which they had to base decisions. Many say that the technology meant to make sense of it often just produces more data.

Instead of finding a needle in the haystack, they are making more hay. Still, as analytical techniques become more widespread, business decisions will increasingly be made, or at least corroborated, on the basis of computer algorithms rather than individual hunches. This creates a need for managers who are comfortable with data, but statistics courses in business schools are not popular. Many new business insights come from “dead data”: stored information about past transactions that are examined to reveal hidden correlations. But now companies are increasingly moving to analysing real-time information flows.

Wal-Mart is a good example. The retailer operates 8,400 stores worldwide, has more than 2m employees and handles over 200m customer transactions each week. Its revenue last year, around $400 billion, is more than the GDP of many entire countries. The sheer scale of the data is a challenge, admits Rollin Ford, the CIO at Wal-Mart’s headquarters in Bentonville, Arkansas. “We keep a healthy paranoia. ” Not a sparrow falls Wal-Mart’s inventory-management system, called Retail Link, enables suppliers to see the exact number of their products on every shelf of every store at that precise moment.

The system shows the rate of sales by the hour, by the day, over the past year and more. Begun in the 1990s, Retail Link gives suppliers a complete overview of when and how their products are selling, and with what other products in the shopping cart. This lets suppliers manage their stocks better. The technology enabled Wal-Mart to change the business model of retailing. In some cases it leaves stock management in the hands of its suppliers and does not take ownership of the products until the moment they are sold. This allows it to shed inventory risk and reduce its costs.

In essence, the shelves in its shops are a highly efficiently managed depot. Another company that capitalises on real-time information flows is Li & Fung, one of the world’s biggest supply-chain operators. Founded in Guangzhou in southern China a century ago, it does not own any factories or equipment but orchestrates a network of 12,000 suppliers in 40 countries, sourcing goods for brands ranging from Kate Spade to Walt Disney. Its turnover in 2008 was $14 billion. Li ; Fung used to deal with its clients mostly by phone and fax, with e-mail counting as high technology.

But thanks to a new web-services platform, its processes have speeded up. Orders flow through a web portal and bids can be solicited from pre-qualified suppliers. Agents now audit factories in real time with hand-held computers. Clients are able to monitor the details of every stage of an order, from the initial production run to shipping. One of the most important technologies has turned out to be videoconferencing. It allows buyers and manufacturers to examine the colour of a material or the stitching on a garment. “Before, we weren’t able to send a 500MB image—we’d post a DVD.

Now we can stream it to show vendors in our offices. With real-time images we can make changes quicker,” says Manuel Fernandez, Li ; Fung’s chief technology officer. Data flowing through its network soared from 100 gigabytes a day only 18 months ago to 1 terabyte. The information system also allows Li & Fung to look across its operations to identify trends. In southern China, for instance, a shortage of workers and new legislation raised labour costs, so production moved north. “We saw that before it actually happened,” says Mr Fernandez.

The company also got advance warning of the economic crisis, and later the recovery, from retailers’ orders before these trends became apparent. Investment analysts use country information provided by Li ; Fung to gain insights into macroeconomic patterns. Now that they are able to process information flows in real time, organisations are collecting more data than ever. One use for such information is to forecast when machines will break down. This hardly ever happens out of the blue: there are usually warning signs such as noise, vibration or heat. Capturing such data enables firms to act before a breakdown.

Similarly, the use of “predictive analytics” on the basis of large data sets may transform health care. Dr Carolyn McGregor of the University of Ontario, working with IBM, conducts research to spot potentially fatal infections in premature babies. The system monitors subtle changes in seven streams of real-time data, such as respiration, heart rate and blood pressure. The electrocardiogram alone generates 1,000 readings per second. This kind of information is turned out by all medical equipment, but it used to be recorded on paper and examined perhaps once an hour.

By feeding the data into a computer, Dr McGregor has been able to detect the onset of an infection before obvious symptoms emerge. “You can’t see it with the naked eye, but a computer can,” she says. Open sesame Two technology trends are helping to fuel these new uses of data: cloud computing and open-source software. Cloud computing—in which the internet is used as a platform to collect, store and process data—allows businesses to lease computing power as and when they need it, rather than having to buy expensive equipment.

Amazon, Google and Microsoft are the most prominent firms to make their massive computing infrastructure available to clients. As more corporate functions, such as human resources or sales, are managed over a network, companies can see patterns across the whole of the business and share their information more easily. A free programming language called R lets companies examine and present big data sets, and free software called Hadoop now allows ordinary PCs to analyse huge quantities of data that previously required a supercomputer. It does this by parcelling out the tasks to numerous computers at once.

This saves time and money. For example, the New York Times a few years ago used cloud computing and Hadoop to convert over 400,000 scanned images from its archives, from 1851 to 1922. By harnessing the power of hundreds of computers, it was able to do the job in 36 hours. Visa, a credit-card company, in a recent trial with Hadoop crunched two years of test records, or 73 billion transactions, amounting to 36 terabytes of data. The processing time fell from one month with traditional methods to a mere 13 minutes. It is a striking successor of Ritty’s incorruptible cashier for a data-driven age. rom the print edition | Special report * Recommend 140 * * * Submit to reddit * inShare2 * View all comments (4) Related items TOPIC: China » * Recommended economics writing: Link exchange * Trade: Mexico rising * The Economist: Digital highlights, November 24th 2012 TOPIC: Nestle » * Consumer goods in Africa: A continent goes shopping * Schumpeter: Pretty profitable parrots * Nestle buys Pfizer Nutrition: Feeding little emperors TOPIC: IBM » * Schumpeter: Taking the long view * IBM’s mainframes: Old dog, new tricks * Phase-change memory: Altered states TOPIC: Royal Shakespeare Company » William Shakespeare: A digital reinvention * Culture: Going for gold * Green architecture: The retrofit revolution More related topics: * Walmart Want more? Subscribe to The Economist and get the week’s most relevant news and analysis. * Print edition X Feb 27th 2010 Feb 20th 2010 Feb 13th 2010 Feb 6th 2010 * Next in The world this week X Politics this week * Next in The world this week X Business this week * Next in The world this week X KAL’s cartoon * Next in Leaders X Technology The data deluge Businesses, governments and society are only starting to tap its vast potential * Next in Leaders

X Argentina and the Falklands The beef in Buenos Aires The Kirchners could have more oil if they stopped bullying Argentine business * Next in Leaders X Japan’s frustrating politics Nagasaki fallout Japan’s prime minister, Yukio Hatoyama, should jettison his Svengali, Ichiro Ozawa * Next in Leaders X India Ending the red terror It is time India got serious about the Maoist insurgency in its eastern states * Next in Leaders X Genetically modified food Attack of the really quite likeable tomatoes The success of genetically modified crops provides opportunities to win over their critics Next in Letters X Letters On Spain, al-Qaeda, Yemen, torture, Britain, juries, stereotypes, Benjamin Disraeli * Next in Briefing X Argentina under the Kirchners Socialism for foes, capitalism for friends While some private businesses in Argentina have faced harassment or even nationalisation, others… * Next in Briefing X The first family’s businesses Welcome to the Hotel Kirchner Such a lovely little earner * Next in United States X Health reform Seizing the reins, at long last After leaving Congress in charge for too long, Barack Obama unveils his own plan * Next in United States

X Mitt Romney and the Republicans Fired up, ready to go Mitt Romney takes centre-stage * Next in United States X The administration’s economists Grading the dismal scientists How good is the Council of Economic Advisers? * Next in United States X The economy Back to the crash The American economy has just had its worst decade since the 1930s * Next in United States X Arkansas politics Democrats beware A spirited scramble for suddenly open Democratic seats * Next in United States X Schools and testing The finger of suspicion Is too much weight given to testing? * Next in United States X

California’s prison-guards’ union Fading are the peacemakers One of California’s most powerful political forces may have peaked * Next in United States X America’s children Protecting the weakest The recession may hurt America’s vulnerable children * Next in United States X Lexington Is Barack Obama tough enough? Conservatives call him too weak to be a warrior. Tell that to the Taliban * Next in The Americas X Corruption in Brazil The money trail Many corruption scandals stem from the high cost of politics, and unrealistically tight… * Next in The Americas X Presidential ambitions in Peru

Political satire Jaime Bayly’s breath of fresh air * Next in The Americas X Latin American summitry In ever-closer union, divided we stand * Next in The Americas X Canada’s Mohawks Get out of our canoe When a Canadian is not a Canadian * Next in Asia X Tackling Japan’s bureaucracy Floundering in the foggy fortress The DPJ is finding that it needs to befriend its bureaucrats, as well as bash them * Next in Asia X India’s Naxalite insurgency Not a dinner party India’s Maoist guerrillas carry out two slaughters, then offer a truce * Next in Asia X Western aims in Afghanistan

Played for fools Hamid Karzai’s shenanigans make the going even harder for NATO * Next in Asia X Migrant workers in Thailand Inhospitality Life gets harder for Thailand’s guest-workers * Next in Asia X China’s National People’s Congress Democracy in action Making sure that China’s supreme legislative body is toothless * Next in Asia X Animal welfare in China Off the menu The right to eat cats and dogs is under threat * Next in Asia X Banyan The mother of all dictatorships To understand North Korea, look not to Confucius or the Soviet Union, but to fascist 1930s Japan * Next in Asia X

Categories
Free Essays

National Security Is More Important Than Human Rights

The conception of human rights and freedoms is the cornerstone of American traditions, law and the indicator of democracy. The approach of prevailing interest in personal privacy, property privacy and non-interference of state authorities in private affairs is the basic ground for modern organization of American society. For centuries the courts have been standing safeguards of protection of persons against unreasonable intrusion of the State, generally interpreting the Constitution and the Bill of Rights with preference of personal human rights protection.

Nonetheless in the end of the 21st century there appeared several factors which so much influenced our society that the matters of homeland security and protection raised with extraordinary emphasis and the thesis that the national security is more important than human rights causes no surprise. This research is focused on this controversial issue and contains the analysis of the reasons which changed the scale; the overview of national security vs. uman rights from the points of view of internal and external national policy; the argumentation pro and contra preponderance of national security over personal human rights with the examples of concrete rights and evidence; the conclusion.

So why the validity of what was right earlier should be now the subject of reconsideration? Among the reasons which preconditioned giving more political and legal importance to the national security over protection of individual rights and freedoms the general reason is the need to prevent U. S. citizens, infrastructures and lands from the increased threat of terrorist attacks, the protection of U. S. borders from potential foreign invasion. Another important factor which influenced the change in traditional legal and political doctrine is the globalization.

Once, the rights of U. S. citizens guaranteed by the Bill of Rights have been expanded and extrapolated around the world. Close political, economical and cultural communications of the U. S. A. with all countries of the world and the U. S. hegemonic influence as of the world leading power have another side of the movement. The amount, the value and the accessibility of international communication on any level: governmental, regional, local or private, has risen extraordinary in comparison to earlier times due to technological revolution. Our state and people have been under the influence of other cultures and societies, as this exchange is bilateral.

For instance, this led to increasing role of statutory law in the U. S. ystem of law which has been traditionally case-law system of law. So, many of our partner-countries have different traditions and regulations and many of them place national security and social interests prior to personal rights, justifying this with weighty arguments which in any case should be taken into consideration. The U. S. Patriot Act and the Homeland Security Act are bright evidence for the two previous arguments, the public support and the reasonability of the change of emphasized values.

Particularly the U. S. Patriot Act of 2001 was passed nearly unanimously by the Senate 98-1, and 357-66 in the House, with the support of members from across the political spectrum, which underlines public appreciation of placing more emphasis to national security prior to protection of individual interests of privacy. Improving the counter-terrorist protection, the Act proscribes profound changes in investigating procedures and contains numerous provisions far from democratic traditions and waiving protection of certain constitutional rights of almost any U. S. citizen (for instance, the Act expands the reasons for warrantless searches, simplifies the conditions of obtaining search and seizure warrants, expands the reasons for obtaining business records in criminal investigations etc) (The U. S. Department of Justice). Other national security questions which have evidently increased its importance over human rights protection in recent years are the illegal immigration, the development of international organized crime, the accessibility of public and private information on Internet etc.

In most of the cases opposing the concept of human rights to national security is erroneous and unreasonable construction because the national security is the concept which precludes the physical and mental security of all members of the society, and therefore includes and predetermines the possibility of exercising human rights and freedoms. Without security the well-being is impossible. Looking at the national security vs. uman rights question from the points of view of internal and external national security, one should first examine what concrete human rights may be waived or limited for the homeland security and protection purposes.

Natural human rights like the right for life are not the subject to address in this essay. The rights addressed in this essay are defined primarily in the U. S. Bill of Rights. These are civil ight for privacy, the right of peaceful protest, the right to personal freedom, the right to a fair trial and the right of equal protection, usually in the list of the rights which under certain conditions may be waived for the efficiency of homeland security and protection. The first argument supporting the statement that national security is more important than protection of individual rights is the increased threat of terroristic attacks, which are very dangerous, carefully planned, locally targeted and generously funded organized crimes.

This threat requires adequate actions. For instance, the problem of efficiency of security measures in the airports is one of the most important challenges in homeland security and protection policy, and the example that despite all actions taken the threat remains very realistic is the recent terrorist attempt of the Al-Qaeda bomber to blow-up plane while landing in Detroit, MI. on December 26, 2009. The second argument is the international experience and need to unity the efforts of international community in struggle with terrorism, nuclear threat and organized crime.

Kumar, C. Raj (2005) writes “The September 11, 2001 attacks in New York and Washington D. C. , and the December 13, 2001 attack on the Indian Parliament have intensified the debate regarding the necessity of formulating national security laws in India and the laws’ potentially serious impact on human rights and civil liberties. The strengthening of national security laws worldwide is apparently pursued with the objective of combating terrorism and other forms of internal and external threats to the States and the societies in which people live”.

Several security laws have been passed in India in response to the challenge of preventing terrorism and preserving national security. The laws are being criticized for violation of human rights, though the Supreme Court upheld their constitutional validity. This example illustrates that not only in the USA, but worldwide, there is a tendency of giving more importance to national security and international cooperation for this purpose. The third argument supporting the thesis is that the modern American law de facto prefers public interests to the interests of individual member of the society.

Numerous exceptions are legalized to justify deviation of constitutional rights, particularly in investigating procedures – the procedures which predetermine the following stages of criminal process. On the example of airport security, more attention of transportation security officers is currently devoted to passengers’ searches and seizures. A review of landmark cases related to airport searches illustrates that the private person rarely wins and that searches are almost always found to be reasonable and constitutional (Kornblatt, 2007).

In recent landmark case United States v. Hartwell, 436 F. 3d 174, 175 (3rd Cir. 006), the Supreme Court has acknowledged a few circumstances in which a search is reasonable in absence of wrongdoing, which typically involve administrative searches of ‘closely regulated’ businesses, other so-called ‘special needs’ cases, and suspicionless ‘checkpoint’ searches. The Court stated that suspicionless searches at checkpoints “are permissible under the Fourth Amendment when a court finds a favorable balance between ‘the gravity of the public concerns served by the seizure, the degree to which the seizure advances the public interest, and the severity of the interference with individual liberty.

Particularly the Supreme Court emphasized the importance of preventing terrorist attacks against airplanes, the prevailing of public interest in security checkpoints at airports. Under the “special needs” doctrine the government authorities are allowed to conduct searches in the absence of any suspicion of criminality in limited circumstances where the search is aimed not to gather evidence for the investigation of crime. These circumstances include: whether the government interest for the search program is immediate and substantial, whether the search program effectively advances the government interest, states Konblatt (2007).

In United States v. Skipwith, 482 F. 2d 1272 (5th Cir. 1973) the Fifth Circuit decided that some situations present a level of danger such that the reasonableness test is per se satisfied. The Court found that a balance must be struck between the harm and the need to determine what is reasonable: “When the risk is the jeopardy to hundreds of human lives and millions of dollars of property inherent in the pirating or blowing up of a large airplane, the danger alone meets the test of reasonableness. Therefore the case law suggests that in the case of conflict between private rights and public interests, generally protected by government, the latter prevail. The fourth argument supporting the thesis is that the most of American leaders and majority in American society, de-facto, support the governmental actions on improving public safety, therefore consenting with correspondent limitation of personal rights and freedoms.

It’s natural that almost any citizen wishes to reduce crime rates nd will willingly temporarily waive some civil rights like the freedom of movement for the purpose of protection of his life, health and private property. The idea of potential terrorist attack remains in the minds of our citizens and enriches the soil for reasonable and unreasonable expansion of state authorities’ powers. Hillary Clinton once stated unequivocally that national security is not only more important than human rights on the international stage, but that it takes domestic supremacy as well (Snedeker, 2007).

Barack Obama demonstrates balanced and reasonable national security policy, much less aggressive than previous President, but still attempts to save and multiply the best of recent achievements in homeland security and protection. Speaking on the other side, many intelligent people, social leaders and human rights activists strongly oppose the statement that national security is more important than personal human rights.

Jane Smiley, Pulitzer-Prize winning novelist and essayist defends the human rights priority with the popular historical argument: “The Founding Fathers understood the temptation on the part of governments to give and remove human rights arbitrarily, because they had experienced such things before the Revolutionary War, (…) recognized that although British Law customarily acknowledged various human rights, it was essential to name, codify, and write them down to make it less likely that they could be taken away”.

Nonetheless earlier in this essay it is proved that the historical experience of the U. S. is irrelevant for this situation, as there have been profound changes in international relations, technological abilities and domestic challenges in the U. S. policy which it never addressed earlier. Also, Smiley claims rolling back human rights, “even for some individuals, is to return to a more primitive, hierarchical, and un-American theory of human relations”. But what actually constitutes “the American theory of human relations” and why the proposed approach is more primitive?

Such claims seem to be more emotional than rational. On emotional level, no one likes limitation of his personal freedom and waiver of his personal benefits. Logical ratio easily proves that the individual benefits depend largely on the benefits available in the society, and in the society where access to information, persons and property can be easily gained with high-tech equipment the complex measures should be taken on the very high level to guarantee the security and wellness of all its members. National security strategies should take into consideration the relevance of human rights and development. The goal of protecting human security will supplement the existing strategies for protecting national security” states Kumar, C. Raj (2005). Searching for the balance between security and freedom we need to defend our nation, and each of us is its priceless part.

Works Cited

http://www.justice.gov/archive/ll/highlights.htm

Categories
Free Essays

Understanding the US Homeland Security

On June 2002, President George Bush proposed to create the Department of Homeland Security – a move considered to be the most significant transformation of the US government whereby a single department has been tasked to protect America’s homeland from terrorist attacks. As noted in the Department’s website, the vision of the organization is to preserve the freedom of the United States and its homeland. Its mission is to lead the unified national effort to secure America.

It has aimed to prevent and deter terrorist attacks and protect against and respond to threats and hazards to the US. Furthermore, the organization has vowed, as part of its mission, to safe and secure borders, welcome lawful immigrants and visitors, and to promote the free flow of commerce. (US Department of Homeland Security website, 2002)

The organizational structure of the Department of Homeland Security has several components which involve resources within Federal, state and local governments. The following are the directorates and their components: Directorate for Preparedness, Directorate for Science and Technology, Directorate for Management, Office of Intelligence and Analysis, Office of Operations Coordination, Directorate for Policy, Domestic Nuclear Detection Office.

The Directorate for Preparedness works with state, local, and private sector partners to identify threats, determine vulnerabilities, and target resources where risk is greatest, thereby safeguarding our borders, seaports, bridges and highways, and critical information systems. The Office of the Directorate for Science and Technology is the primary research and development arm of the Department.  It provides Federal, state and local officials with the technology and capabilities to protect the homeland.

The Directorate for Management is responsible for Department budgets and appropriations, expenditure of funds, accounting and finance, procurement; human resources, information technology systems, facilities and equipment, and the identification and tracking of performance measurements. Finally, the Directorate for Policy works to enhance the nuclear detection efforts of Federal, State, territorial, tribal, and local governments, and the private sector and to ensure a coordinated response to such threats. (US Department of Homeland Security website, 2002)

Aside from the Offices of the Directorates, the US Homeland Department also has independent organizations including the Federal Emergency Management Agency (FEMA), Transportation Security Administration (TSA), Customs and Borders Protection, Immigration and Customs Enforcement (ICE), Federal Law Enforcement Training Center, Citizenship and Immigration Services, the US Coast Guard, and the US Secret Service.

The functions and main responsibilities of these agencies are as follows: FEMA prepares the nation for hazards, manages Federal response and recovery efforts following any national incident, and administers the National Flood Insurance Program. TSA protects the nation’s transportation systems to ensure freedom of movement for people and commerce. Customs and Borders Protection is responsible for protecting America’s borders in order to prevent terrorists and terrorist weapons from entering the United States, while facilitating the flow of legitimate trade and travel. ICE is responsible for identifying and shutting down vulnerabilities in the nation’s border, economic, transportation and infrastructure security.

Federal Law Enforcement Training Center provides career-long training to law enforcement professionals to help them fulfill their responsibilities safely and proficiently. Citizenship and Immigration Services is responsible for the administration of immigration and naturalization adjudication functions and establishing immigration services policies and priorities. The US Coast Guard protects the public, the environment, and U.S. economic interests—in the nation’s ports and waterways, along the coast, on international waters, or in any maritime region as required to support national security. (US Department of Homeland Security website, 2002)

Conclusion and analysis

The aftermath of 9/11 has made America more conscious of its homeland security. And rightfully, it is so. The loss of innocent lives and the repercussions it made to the economy of the United States will serve as a reminder that we have to be on vigilant on the evil motives of some countries.

The current structure of the US Department of Homeland Security has so far proven itself effective in carrying out its primary task of protecting America and its citizens against any threat to the nation’s freedom and independence.

After carefully identifying and studying the organization chart of the Department of Homeland Security, I am of the opinion that everything has been placed exactly where they should be. Obviously, the move to cluster all agencies related to security and the protection of America’s homeland was carefully thought out. So far, the issue on security and preparedness in terms of calamities, whether natural or otherwise, has been properly addressed by this Department. Since America has not yet experienced another 9/11, it would seem to me that the Department of Homeland Security has been doing its job perfectly.

References:

The US Department of Homeland Security [online]

Available at: http://www.dhs.gov/dhspublic/

Cited on: April 30, 2006

The White House [online]

Available at: http://www.whitehouse.gov/infocus/homeland/index.html

Cited on: April 30, 2006

;