Layers of computer network security
This paper discusses the various aspects of network security and the various technologies that implement network security. As Wang states, the four goals of network security are “to provide confidentiality, integrity, non-repudiation, and availability of useful data that are transmitted in public networks or stored in networked computers” (Wang, 2009, p. 2). In today’s scenario, the Internet has become the ubiquitous network that connects the world. Therefore, most efforts directed in implementing security on the Internet. According to Wang (2009), the goal of network security is to allow users to utilize computer networks at their will in the absence of any fear that their rights and interests will be compromised.
The various technologies to implement network security include applications layer security protocols, transport layer security protocols (TLS), the Secure Socket Layer (SSL)/TLS, network layer security, and Internet Protocol (IP) Security Suite. The best methods to implement network security would be to combine these various technologies to suit the needs of the individual or organization.
A physical security vulnerability assessment depends on the extent of exposure to a potential risk (Bragg, Rhodes-Ousley, & Strassberg, 2004). Key areas that should be incorporated in any physical vulnerability assessment include buildings, computing peripherals and devices, documents, and records and equipment (Bragg et al., 2004).
In terms of network security, network design should comply with several issues in network security; they relate to the objectives of securing the network infrastructure, used for the storage and transmission of information as following (LatentView Analytics Private Ltd, 2009):· Securing Network from external and internal threats· Securing Data Transfer· Securing Data Access in Client EnvironmentFigure 1 Considerations of NetworkSource: LatentView Analytics Private Ltd, 2009
The objectives of establishing the network security as Wang (2009) states above suggests that the key into having a reliable and secured network lies on the network design. In information technology (IT) domain, a network design is critical as it helps companies to have a reliable information transmission. Concerning this matter, Dennis (2002) reveals three basic network designs that a corporate must establish; they are technology designs, need assessment, and costs.
Moreover, in today’s scenario, where most users connected to the Internet, and communicate or exchange data on a more or less continuous basis, it has become critical to protect and safeguard this exchange and storage of information. Network security is the implementation of technologies to protect data against malicious or unauthorized access as well as to protect the data stored on computer systems from unauthorized destruction, disclosure, or modification (Kotzanikolaou & Douligeris, 2007). Communication security is to protect data while being transmitted via a communication tool from malicious modification, disclosure, or destruction (Kotzanikolaou & Douligeris, 2007).
An article in The Internet Security Alliance website reveals that there is a significant number of incidents existed in 2001. At this point, we might see that the writer of the article also put much concern on social aspect since the writer addressed the vulnerability of corporate networks from several attacks.Furthermore, the article also reveals the interesting facts that more than 80% of 52,000 reported incidents are common to all corporations, regardless of industry, location or size. To strengthen the discussion on social-technological aspects, the writer addressed the issue of common platforms (Windows-based applications) and applications that most corporations use to communicate and collaborate among peers over the Internet, which in turn speed up the corporation networks’ exposure to attack.In addition, the article also provides appropriate elaboration on socio-technical aspects by addressing six trends of secured Internet. The six points are automation, sophistication of attack tools, faster discovery of vulnerabilities, firewalls permeability, increasing asymmetric threat, and increasing threat from Infrastructure attack.Furthermore, once the engineer has installed appropriate hardware and software, the next step is to implement a network monitoring application like NMS (Network Management System) in order to find out the source of fault. The application is simply a form of network management software that is needed to monitor network traffic, compares it with various measures of network health, and warns if the network is about to go down.
In addition to NMS, a company should also equip their network with network security because of increasing importance given the burgeoning number of attacks on computer data, including viruses and worms.
Moreover, another security must be installed if users or organizations get connected to the Internet can become a target, an attacker or both. For example, user A may use the computer of User B to attack User C. Therefore, User B becomes both a target and an attacker. Attackers use flaws, defects in protocol implementations or other types of software to access and compromise data or communications.
To protect against such attacks, users should consider implementing security at various levels: physical, passwords, anti-virus software, firewalls, virtual private networks, intrusion detection systems, proxy servers.
Figure 2 Detailed Architecture of Secured E-Commerce Site
Source: RSM McGladrey, 2006
In order to increase the security level of a network, especially those relate to internet, figure 2 shows an example of how a sophisticated e-commerce site is designed to meet the three objectives (technology designs, need assessment, and costs). In this system, the collected information are suitably managed, maintained and monitored. The above figure is one example of how a network is designed in order to cope with security. Another design that can be developed to match characteristics of one corporation could be elaborated by determining which security levels they intend to establish.
Figure 3 Security Design for a University
Today, network security has become important because of the wide use of computers and the quick and ready connectivity provided by public networks and the Internet. Major financial institutions, government and private organizations, military, medical and trade organizations utilize computers for their work. Therefore, precautions needed to make sure that errors in a program or unintentional misuse of a computer do not lead to financial or information loss.
In terms of network security, network design should comply with several issues as following:· Securing Network from external and internal threats· Securing Data Transfer· Securing Data Access in Client Environment
These three aspects become important factors in the success of establishing a secured network. However, the detailed network security design may be different from one institution to another depending on the level of security that they intend to develop.
All individuals and/or organizations that use computer and network systems are vulnerable to attacks. Therefore, an individual or organization must analyze the situation and decide on the best combination of technologies to implement. For example, an individual may use only anti-virus software; but an organization may have to, in addition, use Firewalls, Proxy Servers, Secure Socket Layer (SSL) protection and IP Security: to completely protect your data and users.
Wang, J. (2009). Computer network security. New York, NY: Springer.
Kotzanikolaou, P. & Douligeris, C. (2007). Computer network security: Basic background and current issues.
Bishop, M. (2003). Computer security: art and science. Reading, MA: Addison-Wesley
Publishing Co. Inc.
Bragg, R., Rhodes-Ousley, M., & Strassberg, K. (2004). Network security: The complete
reference. New York, NY: McGraw Hill Professional
Kaeo, M. (2004). Designing network security. A practical guide to creating a secure network
infrastructure. 2nd ed. Indianapolis, IN: Cisco Press.
Kizza, J. M. (2008). A guide to computer network security. New York, NY: Springer.
LatentView Analytics Private Ltd. (2009). Data Privacy & Security. Retrieved June 1, 2010 from http://www.latentview.com/data-privacy-security.htm
Douligeris & D. N. Serpanos (Eds.), Network Security: Current Status and Future Directions (pp. 1-11). Hoboken, New Jersey: John Wiley and Sons.
Maximum security. 4th ed. Canada: Sams Publishing.
Pfleeger, S. L. (2003). Security in computing. 3rd ed. Upper Saddle, NJ: Prentice Hall
Professional Technical Reference.
RSM McGladrey, Inc. (2006). The Ultra-Secure Network Architecture. Retrieved June 1, 2010 from http://www.rsmmcgladrey.com/Resource_Center/Consulting/Ultra_secure_network_arch.html