Security management
...of consumer confidence. 3.1.2 Interception Refers to when C, a third party, is able to intercept a message sent by A to B. Therefore, C is able to read potentially sensitive information sent over the network. Interception is used in corporate espionage, where competitors are able to access information that may lead to a business advantage. 3.1.3 Modification Similar to interception, the third party C not only intercepts the message sent by A, but also is able to alter the message before sending on to the unsuspecting B. In these cases, the integrity of the message has been compromised. 3.1.4 Masquerade Third party C can also by-pass A entirely and simply impersonate A and send messages to B. In this scenario, B, thinking they are communicating to A, may release sensitive information to C. This impersonation can be achieved through IP spoofing, session hijacking or man-in-the-middle attacks. 3.2 Who is a Threat? Contrary to the myth perpetuated by the media and Hollywood movies, the atypical network attacker is not a pale-faced hacker confined in the basement of their parent’s home. The majority of attacks in corporate networks are made by either disgruntled ex-employees or staff within the network. It is with this in mind that network security should not just concentrate of technological protection, but also ensure that there is a well-defined network use policy and guidelines in place. 4.0 Network Vulnerabilities With networks, the old adage that “you are only strong as your weakest link” rings true. All an attacker needs is one weak link within the network for them to cause havoc throughout the whole network. Here are a few vulnerabilities in networks that are regularly exploited by attackers; 4.1 Anonymity Especially with large networks such as universities or large companies, an attacker is able to forge a relative anonymity within the system. The attacker need not be physically near the target computer for them to attack. This distance and the ability to travel through multiple hosts to mask their identify makes anonymity easy. 4.2 Many points of attack As a network may be collection of various hosts, a single administrator may not have control over all systems in the network. Therefore, an attack in the network may come from many directions. 4.3 Unknown parameter In large networks, the boundaries of ownership and responsibility may be blurred. For example, the network administrator in Sydney may have a lower standard of security compared to that of the Melbourne office. 4.4. Unknown path As the path a packet of data takes as it is sent through a network is not set and is unknown, it makes it easier for attackers to modify or masquerade communication between parties. 5.0 ISO Security Categories ISO have identified five areas where security is required within a network. For each area, there are a number of solutions that can be employed. 5.1 Confidentiality Within networks, it is important that sensitive information is protected from disclosure. Parties need to be assured that only the intended recipient of messages or data is able to access the information. Thus, confidentiality is an important area in network security. There are a number of methods available to protect the confidentiality in networks 5.1.1 Encryption Encryption, or cryptography is the process of changing a message into a form unreadable by an unauthorised third party. The intended recipient of the message is able to change back the message into its readable form (decryption). Encryption plays an important role is ensuring confidentiality in networks. Historically, encryption can be in the form of cipher or code. Cipher refers to a bit-by-bit transformation, where the structure of the message is ignored. In contrast, code is replacement of each word with another. Code is easier to crack and as such, have become obsolete. Two examples of encryption to protect confidentiality are symmetric key encryption and public key encryption. 5.1.1.1 Symmetric key encryption In symmetric key encryption, both parties possess a single key that cam be used to encrypt and decrypt the message. If A wants to send a message to B, A will encrypt the message with the key. Now the plaintext has been transformed into ciphertext, unintelligible to a third party. Upon receiving the ciphertext, B will decrypt the message using the symmetric key. Therefore, A has sent a confidential message to B. However, there are problems with the symmetric key encryption method in that if a third party is able to come into possession of the key, the confidentiality of the message has been compromised. It is also not efficient for each node to have to have a separate encryption key for each communication. 5.1.1.2 Public key encryption Public key or asymmetric encryption addresses some of the shortfalls of the symmetric key encryption system. In this situation, there is a public key and a private key. The private key is able to decrypt messages encrypted by its associated public key. The public key has the ability to encrypt messages but is unable to decrypt. A keeps the private key private while its public key is distributed to all parties. Therefore, when B wants to send a confidential message to A, B will encrypt the message using A’s public key and send it to A. When A receives the message, A will decrypt the message using its private key. If third party C intercepts B’s message, he is still unable to decrypt the message. 5.1.2 Padding and Routing Control Padding and routing control allows for the sender of the message to conceal its origin and the destination. This provides confidentiality in cases where the destination of the message itself can be used to derive sensitive information. This is done by padding or enveloping the initial message, by placing it in another message with another destination. As each message is sent to its destination, the recipient forwards the message to the destination of named in the inner message. This can occur several times before the initial message reaches its intended recipient. 5.2 Integrity When B receives a message from A, B needs to be assured that the message has been sent in its entirety and that it has not been modified during transmission. The integrity of messages sent within the network is essential in the operation of a network system. 5.2.1 Encryption Encryption of messages between A and B can be used to ensure the integrity of the message. 5.2.2 Numbering In the transport layer, numbering is used to ensure that the entire message has been received. As a message is broken into separate smaller packets, it is possible that a single data packet is lost or interrupted, and so the integrity of the whole message is lost....