Today, every organisation checks on the identity of its visitors, using procedures that are simple, recognised and almost universal. But how about visitors to information systems? Use of trusted domains and electronic certificates is certainly essential to verify the identity of users and allow them access only to applications they need, without unnecessary risk.
Trusted Domains
A physical attack on a state generally involves crossing its physical frontiers and claiming or destroying its property. An attack on its information systems, however, comes down to attacking the very existence of the state in its virtual environment.
There are many forms of this type of attack for criminal or terrorist ends, such as theft of its identity or that of its citizens, theft or falsification of sensitive or confidential information held in the form of electronic data, imitation, making the system or data unavailable or the misappropriation of software applications of the state or of businesses which provide vital services.
Estonia showed quite recently that a state can be vulnerable to a widespread attack on its open information systems. Other, more pernicious attacks on states have been shown to be possible, such as defacing a website or obtaining information illegally or illegitimately.
Il reste 95 % de l'article à lire
.jpg)
