Blue Divider Line
Executive Brief

     What we surf every day was originally conceived as a Defense Advanced Research Projects Agency (DARPA) packet switching project. From a UCLA based team, the proposal to organize and run a Network Measurement Center for the ARPANET project. was born.

     The Arpanet pioneered the network technology that serves as the foundation of today's global internet. The first host connected to the Arpanet was the SDS Sigma-7 on Sept. 2, 1969 at the UCLA site. It began passing bits to other sites at SRI (SDS-940 at Stanford Research Institute), UCSB (IBM 360/75 at University of California Santa Barbara), and Utah (Dec PDP-10 at the University of Utah). Through the collaborative work by the participants using the net, the number of sites steadily expanded and by 1977 the Arpanet extended to more than 50 sites from Hawaii to Norway. The Arpanet was an experimental network that was set up by the U.S. military for those university computer science departments and private research institutes with DoD funding. It also research the issue of network communications in the event of a nuclear war where certain communications hubs would be lost. The sites were involved in the research of getting the network to function and they had access to the advantages of the network to help their research. But academic computer science departments without DoD grants had no means of access to the ARPANET and had no access to the advantages that it provided for collaborative research.

     With such a small group actually connected, security was hardly an issue back then. Today, however, millions of people from acadmeic institutions, corporations, governmental departments, and private citizens are attached. The popularity of the Web has exploded in the past couple years. It is becoming a tremendous tool for businesses whereby they can offer information, support, and products to customers. With popularity comes danger, however. With so many people taking advantage of this new technology, security of Web sites is becoming an increasing concern. This is especially true for organizations that maintain their own Web server along with their internal network. Protecting online content from "hacking," the internal network from sabotage, and be able to sell products online while protecting the personal information of the consumer, are issues confronting Web maintainers.

     Security of the internal network is extremely important especially for those networks containing corporate secrets or other proprietary information. Web clients (browsers) handle information using an inherently insecure protocol, http. With the advent of Java and JavaScript along with other "plugins" for Web content, the risk is even higher. Securing the Web browser from executing malicious applets or scripts is the first step in securing the Web. These issues are discussed further in the Internal section.

     Protecting the internal network as a whole is also a concern. This is handled by a firewall and limits the information going in and out of the internal network. By including the Web server behind this firewall, at least partially, the organization can protect their Web server, and thus the content it contains. Firewalls can be hardware or software based and are commonly found as a combination. Details can be found in the Gateway section.

     The final concern is the delivery of the content itself. Assuming the server has been protect from unauthorized access, the main issue is selling a product where a credit card number or other personal information is transmitted between the consumer and the Web server. With proper software (secured servers), and external services (certificate authorities), the organization can rest assured that transactions are conducted safely and preserves the consumer's privacy to the fullest extent of the current technology. The External section covers solutions to these problems.

Introduction Internal Systems

Ender Design Mock Site Showpiece