Chapter 2: Understanding Network Security

1. Chapter 2: Understanding Network Security Computer Network Security

2. What Is Network Security? • Security is a continuous process of protecting an object from attack. That object may be a person, an organization such as a business, or property such as a computer system or a file. • In a distributed computer system such as a network, the protection covers physical and non-physical resources that make up the network including communication channels and connectors like modems, bridges, switches, and servers, as well as the files stored on those servers. In each one of these cases, therefore, security means preventing unauthorized access, use, alteration, and theft or physical damage to these resources. Kizza - Computer Network Security

3. Physical Security • A facility is physically secure if it is surrounded by a barrier like a fence, has secure areas both inside and outside, and can resist penetration by intruders. Physical security can be guaranteed if the following four mechanisms are in place: • deterrence, • prevention, • detection, • response Kizza - Computer Network Security

4. Pseudosecurity is a “security through obscurity” (STO). STO is a false hope of security. With security through obscurity, many believe that any resource on the system can be secure so long as nobody outside the core implementation group is allowed to find out anything about its internal mechanisms. This security is often referred to as “bunk mentality” security. This is virtual security in the sense that it is not physically implemented like building walls, issuing passwords, or putting up a firewall, but it is effectively based solely on a philosophy. Kizza - Computer Network Security

5. What are we Protecting? • Hardware • Protecting hardware resources include protecting: • End user objects that include the user interface hardware components like all client system input components including a keyboard, the mouse, touch screen, light pens, and others. • Network objects like firewalls, hubs, switches, routers and gateways which are vulnerable to hackers; • Network communication channels to prevent eavesdroppers from intercepting network communications. • Software • Protecting software resources includes protecting • hardware-based software, operating systems, server protocols, browsers, application software, and intellectual property stored on network storage disks and databases. • client software like investment portfolios, financial data, real estate records, images or pictures, and other personal files commonly stored on home and business computers. Kizza - Computer Network Security

6. Security Services • Security services include the following: • Access control – to require that access to information resources is controlled • Authentication – a process whereby the system gathers and builds up information about the user to assure that the user is genuine. • Confidentiality – prevention of unauthorized disclosure of information • Integrity – prevention of unauthorized modification of information • Nonrepudiation – to require that neither the sender nor the receiver of a message can deny the transmission. Kizza - Computer Network Security

7. Security Standards • Because security solutions come in many different types and use different technologies, security standards are used to bring about interoperability and uniformity among the many system resources with differing technologies within the system and between systems. System managers, security chiefs, and experts choose or prefer standards, if no de facto standard exists, that are based on service, industry, size, or mission. • The type of service an organization is offering determines the types of security standards used. Like service, the nature of the industry an organization is in also determines the types of services offered by the system, which in turn determines the type of standards to adopt. Kizza - Computer Network Security

8. The size of an organization also determines what type of standards to adopt. In relatively small establishments, the ease of implementation and running of the system influence the standards to be used • Examples include: • Homeland National Security Awareness • Orange Book - the U.S. Department of Defense Trusted Computer System Evaluation Criteria (DOD-5200.28-STD) standard known as the Orange Book. • British Standard 799 (BS 7799) - outlines a code of practice for information security management that further helps determine how to secure network systems. Kizza - Computer Network Security

9. Elements of Security • The Security Policy • Is a an organization’s security blueprint that emphasizes a number of security factors starting with the identification of all critical operations in the system that must be secured, those that are needed, but not critical to daily operations, and those operations that can be secured. Second it prioritizes the system resources and the information stored on each. • It also assigns risk factors to all these classified resources. • Some security experts do not consider it essential while others do. However, it is an important element in the security environment of an enterprise. Kizza - Computer Network Security

10. Access Control – allowing access to information assets to only authorized users. • As information becomes more valuable and more people join the ever growing Internet, scavenger hunters, hackers, activists, robbers, and all sorts of people are flocking onto the Internet and the security of information of a society increasingly dependent on computer networks will become vital. The importance of this security element, therefore, cannot be over emphasized. Kizza - Computer Network Security

11. Strong Encryption Algorithms • The amount of information stored and traversing the computer systems and networks has been increasing both in volume and value as networks expand. • The security of that information is increasingly threatened by the quality and security of the software running on these machines: • a high volume of vulnerabilities in the network infrastructure • embarrassingly poor protocols. • Hackers are exploiting these software bugs, which are sometimes easy to fix, eavesdropping and intercepting communication data with increasing ease. • The security of information, therefore, rests with finding strong encryption algorithms that will swat would be intruders. Kizza - Computer Network Security

12. Authentication Techniques • The future of e-commerce is riding on strong encryption and authentication techniques. • As more and more people go online to buy and sell their wares, they need strong and trustworthy algorithms that will make such transactions safe. • If the most recent headliner hacker attack on credit card databases is any indication, we are still a long way from safe e-commerce. • Strong authentication techniques will go a long way to ensure safe business transactions online. Kizza - Computer Network Security

13. Auditing - the purpose of auditing is to find as many problems as possible in the system before the intruders find them for you. • The wisdom of testing is that the better and more you test, the more difficult your network will be to attack. An audit keeps you aware and honest about the security of the system so that you discard the myth that if it is not broken into it is secure. • Also if done by an outsider, an audit however poor it is, gives you a standard to measure your security needs. Finally, an audit done by an outsider gives a comparison of the types of problems you have as compared to those in other institutions where the auditor has been. • There are two types of auditing: • active - involves actively responding to illicit access and intrusion and in between these intrusions; • passive - is not a real-time mechanism. Kizza - Computer Network Security