Реферат: Network Security Essay Research Paper 10 INTRODUCTION
Most of today’s network needs to meet all possible security measures in terms of securing the business information. The protection against the business information is depends on how much security issues concerned and these can be distributed through data communications and ” can be implemented through host computers, terminals, modems, special security devices, and even transmission facilities” (Beyda, 1996, pp118).
2.4.1 Passwords
Password is very important to each single user of a network and to the entire network, therefore an article in Windows NT Magazine by Smith (1998) it is suggested Passwords are the keys to your corporate network and they can fall into the wrong hands just as physical keys can (Smith, 1998, pp127). This statement gives a clear and make any network user or any person who reads this statement to think that how much is a password valuable to a network user. It is not a thing to be shared with other users. Each user is alone responsible for the security of their account by protecting the passwords. If unauthorised access is allowed into the network through an individual s account, the entire network is at risk. It is even possible for persons outside the environment to run programs designed to gain unauthorised access to the particular account. Therefore the users should make ’secure’ and ‘quality’ passwords (Appendix B).
2.4.2 Data Encryption and decryption
Why Should I encrypt my mail ?
You should encrypt your email for the same reason that you do not write all your correspondence on the back of a post card. Email is actually far less secure than the postal system. Take a look at the header of any email message that you receive and you will see that it has passed through a number of nodes on it s way to you. Every one of these nodes presents the opportunity for snooping.
Encryption is a process of distinguishes information whereas decryption is the process of restoring it to readable form. These two processes need perform the encryption task, otherwise it will not make sense. When a user sends a message usually a text message, which is known as a ‘clear text’ or ‘plain text’ to an encryption device. Once it encrypted it is called ‘cipher text’ ( Beyda, 1996). This is from the encryption device of the sender to the receiver’s. Once the ‘cipher text’ reaches the receiver’s encryption device the message again will be ‘decrypted’. Therefore it would not be possible to understand the data which passes through public data networks, satellite or microwave for those who eavesdrop. Even though hackers can break an encryption method, it will make difficult, take more time and powerful resources that are needed.
The encryption method can also use ’secret keys’, which are the keys for the algorithm and it should be kept secretly as oppose to ‘public’. Accepting a large amount of keys which can be reduced for a single ‘clear text’ then it would be a tedious job for a hacker to do an exhaustive computer search would take an inordinate amount of time or would cost more than the value of the encrypted information.
However, the strength of the security lies in maintaining the secrecy of the encryption and decryption function of the message of a sender and receiver. This function is called ’secret key’ encryption-the key needed to decrypt a message which is different from the one used to encrypt is a ‘public key’ (Appendix C). For each employee of an organisation, there is a unique identifier instead of name, address and phone number is called their ‘public key’ that another employee can send message to. However, the received message can only be read if the employees secret key is known. The valuable ‘business information’ and the ‘privacy’ can be maintained within organisations by using these ’security methods’.
An encryption device is normally used to encrypt text, which involves ‘hardware’ and ’software’ combination. The encryption algorithm can be “changed” on a device and it is difficult to determine by anyone by simply looking at an encryption device. However, the algorithm can be changed using the ’software’ that contains all the ‘cipher’ messages. Therefore, it is possible someone can copy the software unless the ‘rights restricted’ and it is dangerous when loosing the ‘key’ as well as the ‘algorithm’ (Beyda, 1996).
2.4.3 Historical and Statistical Logging
All data passing between a server (host computers) and the terminals can be recorded by using a device, and captured in a historical log – this is called ‘historical logging’. This method would help to identify the mystery by ‘replay’ the ‘historical log’ by which user altered the files and folders (For example an employee’s salary increased or decreased) of the server or personnel computer. The same method can be used to identify ’static logging’, which includes the details of users who logged on to which port, total time logged on, the files which are accessed. Identifying the user’s ‘method of access’ as well as ‘action’ can make “business information” more ’secure’ in the ‘future’.
2.4.4 Closed User Groups
2.2.5 Secure Transmission Facilities
2.2.6 Firewalls
I have nothing to hide. Why do I need security/privacy?
Show me a human being how has no secrets from their family ,her neighbors, or her colleagues, and I ll show you some one who is either an extraordinary exhibitionist or incredible dullard.
Show me a business that has no trade secrets or confidential records, and I ll show you a business that is not very successful.
As the Internet becomes a facility used by businesses in their day to day operations, security and integrity are becoming crucial. The need for reliable data communications, their exists an increasing need for security of both the transmitted data as well; as controlled access to the corporate network over which the data is transmitted. [ Internet]
A firewall is a system or a group of systems that enforces an access control policy between two networks. The firewall can be thought of as a pair of mechanisms: one which exists to block traffic, and the other which exists to permit traffic. The most important thing about a firewall is that it implements an access control policy.
Generally firewalls are configured to protect against un-authenticated interactive logins from the outside world. This helps prevent vandals from login into machines on your network.
More elaborate firewalls block traffic from the outside to the inside, but permit users on the inside to communicate freely with the outside. The firewall can protect you against ant type of network-borne attack if you unplug it .
Firewalls are also important since they can provide a single choke point where security and the audit can be imposed. Unlike in a situation where a computer system is being attacked, by someone dialing in with a modem, the firewall can act as effective phone tap and tracing tool.
Firewalls provide an important logging audit ing function ;often thay provide summaries to the administrator about what kinds and amounts of traffic passed through it,how many attempts there were to break into it.
2.2.7 Physical security
(placing the hardware and backup devices-due to theft and disaster)
Physical security files, folders,
People with right mind, attitude, and dishonesty.
Appendix A