0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 About

Senior PaperTomhave 5

with information, but little is said of how to transform that information in actual useful

knowledge. It is one thing to have millions of resources available via the web, and an

entirely different thing to know how to use the web to acquire valuable information and

transform it into worthwhile knowledge for application to real-life problems. Too often

when trying to learn new ideas and concepts, having been raised in a "fast-food

society," we demand to be told quickly what the answer is without ever bothering to

learn how or why the answer is correct. This notion equates quite well to the web

where there are lots of sites available giving quick fixes to problems, but very few

actually explain the problem and the solution in such a manner as will promote

continuous learning and improvement in the future.

The second issue -- that of considering security before problems arise -- ties

into a new concept known as "complete security."The basis of this theory is that,

rather than designing a system for functionality and then adding security, a system

should be designed with security in mind. The reason this idea is a significant shift

from prior technique is that when security is treated as an add-on to a system, the

probability that there are holes, or cracks, between the underlying system and the

layered security measures is very high. By working to integrate security into the whole

system, it is much more feasible to think the system secure, knowing that a more

seamless integration will be done, rather than loosely piecing together functionality.

Along with this notion comes the problem of not believing that your system

would be open to attack. According to Power and Farrow (Dec. 1998), some electronic

commerce sites in California were recently hacked successfully because "They were

simply selling their goods and services on the Web. In other words, they were the kind

of companies who may have thought, 'Who would want to hack us?'" (Power [1] 131)

As one can imagine, this sort of attitude is dangerous; especially when talking about

electronic commerce, and particularly transactions using credit cards. As soon as a