Page 218 - DCAP406_DCAP_207_Computer Networks
P. 218
Unit 14: Network Security
The security levels contain the security-related problems in the component or modular form. Notes
Each level contains the specific security problem, which is broken down into different divisions.
Each of the divisions or classifications provides a representation of a security level defined in
terms of the following general categories:
User identification and authentication
The capability to monitor and audit system activity
Provision of discretionary access
Control of the reuse of resources
Identifying specific areas of possible attack
Provision of suitable countermeasures
The level of system trusts, including systems architecture, design, implementation,
transport, and trust of other hosts.
14.2 Data Security
Data security concerns with the protection of data contained in a file or many files in a computer
either as a standalone or on a network from unauthorized interception by providing some sort
of security.
In case of postal system, a postcard as a carrier of information is open to all. It does not have any
sort of security measures. An envelope is used to hide information from other people. It means
that envelope here acts as a mean for security. Therefore, postcard and envelope has different
purpose with respect to security issue. These two particular cases initiated similar actions to
solve the security-related issues in case of data communication. Emails are open to all as post
cards. Following the envelope example in postal system will enable users to secure at least some
of their data.
The access protection provided by logon passwords are not a full proof system and these may
easily be bypassed. The bypassed methods include booting from a diskette or connecting the
stolen hard drive as a secondary one to another computer. In this manner, any vital data might
easily be accessed. Consequently, encryption of the information seems to be the only effective
way to protect data from going or intercepting by unauthorized persons. The encryption must
be developed with the philosophy to ensure reliable data security and almost impossible to
decrypt data without the right password or right user. The main drawback of the password-
based encryption includes the loss of password or registration of wrong password due to wrong
spelling or some other human mistakes. In this case, it becomes absolutely impossible to restore
the data. There are other rules to avoid such situations.
14.3 Security Threats
The invalid access to the host can be prevented to a certain extent in case of conventional host to
terminal as there is number of terminals connected is limited. The situation is entirely different
in case of Internet where Internet allows access from any terminal connecting on a network.
Therefore this requires proper security measures. Below is the list of some of the threats happening
frequently in the network:
1. Viruses and Worms: The term virus refers specifically to malware inserting malicious
code into existing documents or programs. It spreads itself by various means. Still viruses
are considered the most common type of network security threat. Almost 90 percent of
LOVELY PROFESSIONAL UNIVERSITY 211