Chapter 7
Security in Networks
In this chapter
·
Networks vs. stand-alone applications and environments: differences
and similarities
·
Threats against networked applications, including denial of
service, web site defacements, malicious mobile code, and protocol attacks
·
Controls against network attacks: physical security, policies and
procedures, and a range of technical controls
·
Firewalls: design, capabilities, limitations
·
Intrusion detection systems
·
Private e-mail: PGP and S/MIME
Networkstheir design,
development, and usageare critical to our style of computing. We interact with
networks daily, when we perform banking transactions, make telephone calls, or
ride trains and planes. The utility companies use networks to track electricity
or water usage and bill for it. When we pay for groceries or gasoline, networks
enable our credit or debit card transactions and billing. Life without networks
would be considerably less convenient, and many activities would be impossible.
Not surprisingly, then, computing networks are attackers' targets of choice.
Because of their actual and potential impact, network attacks attract the
attention of journalists, managers, auditors, and the general public. For
example, when you read the daily newspapers, you are likely to find a story
about a network-based attack at least every month. The coverage itself evokes a
sense of evil, using terms such as hijacking, distributed denial of service,
and our familiar friends viruses, worms, and Trojan horses. Because any
large-scale attack is likely to put thousands of computing systems at risk,
with potential losses well into the millions of dollars, network attacks make
good copy.
The media coverage is more
than hype; network attacks are critical problems. Fortunately, your bank, your
utility company, and even your Internet service provider take network security
very seriously. Because they do, they are vigilant about applying the most
current and most effective controls to their systems. Of equal importance,
these organizations continually assess their risks and learn about the latest
attack types and defense mechanisms so that they can maintain the protection of
their networks.
In this chapter we describe
what makes a network similar to and different from an application program or an
operating system, which you have studied in earlier chapters. In investigating
networks, you will learn how the concepts of confidentiality, integrity, and
availability apply in networked settings. At the same time, you will see that
the basic notions of identification and authentication, access control,
accountability, and assurance are the basis for network security, just as they
have been in other settings.
Networking is growing and changing perhaps even
faster than other computing disciplines. Consequently, this chapter is unlikely
to present you with the most current technology, the latest attack, or the
newest defense mechanism; you can read about those in daily newspapers and at
web sites. But the novelty and change build on what we know today: the
fundamental concepts, threats, and controls for networks. By developing an
understanding of the basics, you can absorb the most current news quickly and
easily. More importantly, your understanding can assist you in building,
protecting, and using networks.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2026 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.