Network Security

28.08.2009 | Author: admin | Posted in Computers-and-Technology, Featured Articles

network_securityIn this age of widespread electronic connectivity it is essential to offer protection to the organizations and to keep the unauthorized users such as black hat hackers, script kiddies etc away from them. The term network security consists of the policies adopted by the network administrator to protect the data during their transmission and the other network-accessible resources from several network threats. With the introduction of distributed systems and the use of networks, the concept of network security has become indispensable for preventing, detecting and correcting the security violations.

TYPES OF NETWORK THREAT

A network threat is any network associated activity having negative security implications. Threats can come through the internet connections, dial-up modems or physical access. Security attacks are classified as passive attacks (e.g. unauthorized access) and active attacks (e.g. denial of service).

UNAUTHORIZED ACCESS

This is a common type of attack. The target of the attacker is to access some data packets or resources of a system without having any authentication. With help of this attack an intruder may be able to gain the access of your computer or to modify, reorder or delay your message. This can be classified into several categories:

PROBE
Probing is an attempt to gain access to a system and to find out information about it.

ACCOUNT COMPROMISE
It provides the unauthorized access of a computer account by a person other than the owner. It may cause to data loss, data stealing or stealing of services. But it has no rights on the system.

ROOT COMPROMISE
It is comparable to the account compromise. In such compromise, attacker can do anything on the victim’s computer.

PACKET SNIFFER
Packet sniffer is used to capture the packets while they travel over the network and to access the information enclosed within the packets.

DENIAL OF SERVICE

The intention of denial of service (DoS) attacks is to stop a user of a service from using it by creating network flood i.e. by sending more requests to a machine that it can handle. This type of attack is easy to launch but difficult to address.

MALICIOUS CODE

Malicious codes (e.g. worms, viruses, Trojan horses) are the programs that would cause unwanted and harmful effects on a system while executed. This type of code may cause data loss, DoS, downtime, system damage and other types of threats.

SECURITY SERVICES

Security services can be divided into five categories:

AUTHENTICATION

This service provides the assurance to the recipient that the message it has received is from the source that it claims.

DATA INTEGRITY

This service is concerned with the exact order of the content of the message that has been sent by the authorized sender.

DATA CONFIDENTIALITY

This service provides protection to the transmitted data from unauthorized passive attacks.

ACCESS COTROL

It prevents the unauthorized access to a resource.

NONREPUDIATION

This service provides protection against the refusal by one of the host involved in communication. It gives the proof that the message is sent or received by the particular sender or the receiver respectively.

SECURITY TECHNOLOGY

There are lots of security technologies that have been developed to provide protection to the systems and information against network threats.

USERNAME AND PASSWORD

The concept of username and password is at the heart of the network security. When any user tries to access any resource the password associated with the account is required. Thus it helps to prevent the unauthorized access.

FIREWALLS

Firewall is a combination of software and hardware that allows two networks to communicate in a restricted way. It monitors the network traffic and allows those packets to enter in the boundary of the network which are able to satisfy the security criteria.

CRYPTOGRAPHY

This technique offers the secrecy of information by protecting its confidentiality and prevents intruder to use the information that they capture. The original form of data (plaintext) is converted into an encoded form (ciphertext) by encryption process. The ciphertext is translated back into the plaintext by decryption process.

CONCLUSION

In this age of widespread digital connectivity, network security has become a very essential topic. Research and advance efforts are ongoing to achieve more secure network environment in future than exists today.

Page copy protected against web site content infringement by Copyscape

Bookmark and Share

Post to Twitter Tweet This Post Post to Plurk Plurk This Post Post to Yahoo Buzz Buzz This Post Post to Delicious Delicious Post to Digg Digg This Post Post to Facebook Facebook Post to MySpace MySpace Post to Ping.fm Ping This Post Post to Reddit Reddit Post to StumbleUpon Stumble This Post

Leave a Reply

Close

Add video comment

Additional Articles From "Computers-and-Technology"