Idea Transcript
Advance in Electronic and Electric Engineering. ISSN 2231-1297, Volume 3, Number 7 (2013), pp. 797-804 © Research India Publications http://www.ripublication.com/aeee.htm
Network Security-The Biggest Challenge in Communication Ashima Jain Master of Technology, Department of Electronics and Communication Somany (PG) Institute of Technology & Management (S.I.T.M.) (Approved by AICTE, Govt. of India, New Delhi & Affiliated to M.D. University, Rohtak ), Delhi Jaipur Highway, Rewari , Haryana 123401
Abstract Today one of the biggest challenge is to secure the internal network in communication .Understanding the fundamentals of any technology is vital if ever going to fully understand that technology. Without putting in ample time learning and practicing the fundamentals of security, it won’t be able to learn the more advance features of security. This paper highlights all the trends that affect network security such as legal issues, privacy concerns and people shortages. A good security solution not only solves the security dilemma, but also reduces the total cost of implementation and operation of the network. The paper gives all emphasis on the key elements of network security and its weaknesses. The successful use of recent technologies requires an increased need to protect valuable data and network resources from corruption and intrusion. Now a day’s anybody with a PC and an internet connection can download attacking tool and start attacking. These tools are commonly referred to as kiddle-scripts.Hackers are people who play around with software code in order to understand how it works. They might discover holes with in the systems and can often be very altruistic. A cracker is one who breaks into or otherwise violates the system integrity of remote machines with malicious intent. So the cracker gained unauthorized access and destroy vital data. There are many threats to port and protocols. Each attack has its characteristic and different handling to prevent system from them. There are many network security tools to facilitate network security such as firewalls, proxy server, internet contents filters and others. It must be noted that the most important of network security is ability to prevent the attack to our system and implement security policy
798
Ashima Jain throughout the network. At the end of the paper, recent development in upgrading the network security is also discussed. Keywords: Network security, Data privacy, Security trends, Security goals, Hackers, Crackers.
1. Introduction The massive global infrastructure has no fundamental security mechanisms built in to protect itself. It is thus set for unbelievable information sharing on both levels of unimportance and extreme necessity and so the need for network security is paramount to prevent against countless threats. Network Security is a concept to protect network and data transmission over wireless network. Data Security is the main aspect of secure data transmission over unreliable network. Data Security is a challenging issue of data communications today that touches many areas including secure communication channel, strong data encryption technique and trusted third party to maintain the database. Security has become important issue for large computing organizations [1] .Computer network security is concerned with preventing the intrusion of an unauthorised person into a computer network. As computer connectivity increases, computer network security becomes more complex. Intrusion [2] is any set of actions that attempt to compromise the integrity, confidentiality or availability of a computer system resource (for example, unauthorised distribution of sensitive material over the Internet).
2. The need for network security The need for network security is increasing on a daily basis. There are three reasons as the main forces driving this continued increase in the need for security: • Secure communications are required for e-business. • Secure communications are required for communicating and doing business safely in potentially unsafe environments (the Internet). • Networks require development and implementation of a corporate-wide security policy.
3. Trends that affect network security Tends that increasing the demands for securing the network are explained below: 3.1 Legal issues and privacy concerns For many businesses today, one of the biggest reasons to create and follow a security policy is compliance with the law. Any business is potentially liable should a hacker or a virus take down the operation.
Network Security-The Biggest Challenge in Communication
799
Legal liability in such cases is likely to depend on what prevention technologies and practices are available and on whether these technologies and practices are reasonably cost-effective to implement. As a result, showing due diligence will mean everything from implementing technologies such as firewalls, intrusion-detection tools, content filters, traffic analyzers, and virtual private networks to having best practices for continuous risk assessment and vulnerability testing. Of course, litigation is not the only legal consideration that e-businesses are facing today. Lawmakers concern over the lack of Internet security, particularly where it hampers rights to privacy, is growing. In the United States, education, financial services, government, and healthcare are currently scrambling to meet federally mandated guidelines for network security and privacy. In financial services, there is the Gramm-Leach-Blilely (GLB) bill, which was passed in 1999. The GLB Act erased long-standing antitrust laws that prohibited banks, insurance companies, and securities firms from merging and sharing information with one another. The idea was that smaller firms would then be able to pursue acquisitions and/or alliances that would help drive competition against many of the larger financial institutions. Included in that law were several consumer privacy protections The US Government is contending with the Government Information Security Reform Act, which was passed in October of 2002, and directs federal agencies to increase security plans for their computer systems. Representatives from the General Accounting Office (GAO) and other organizations recently told Congress that, despite this legislation, federal agencies are still falling short of dealing with key security issues. 3.2 Wireless access The increasing use of wireless local area network (LAN) connections and the rapid rise of Internet access from cell phones in Europe and Asia are requiring entirely whole new approaches to security. RF connections do not respect firewalls the way wired connections do. Moreover, the slow processors, small screens, and nonexistent keyboards on cell phones and personal digital assistants (PDAs) break many of the standard approaches to access, authentication, and authorization. In this [3] various tools and treatment related to cryptography and network security has been defined. 3.3 The need for speed The number of broadband connections to the Internet from homes is exceeding projections. Many businesses are finding that multiple T1 (1.544 Mbps) or E1 (2.048 Mbps) connections to the Internet are no longer sufficient. Current software-based security approaches have problems scaling to OC-1 (51.84 Mbps) and higher rates. 3.4 IT staffing shortages The IT staffing shortage is especially evident in the security field. To solve this problem, many enterprises are increasingly outsourcing day-to-day security
800
Ashima Jain
management tasks. The application service provider (ASP) business model will become increasingly common in the security world. Therefore, security solutions will need to be more manageable in this outsourced model. Clearly, there is a demand for skilled network security professionals.
4. The goals of network security A security policy defines a set of systems, considering all relevant aspects of confidentiality, integrity and availability, and can also be informal or highly mathematical in nature. [4] There are three primary network security goals: 4.1 Confidentiality It refers to ensuring that information is not accessed by unauthorized persons. Whether it is customer data or internal company's data, a business is responsible for protecting the privacy of its data. The customers have the right to have their private information protected. 4.2 Integrity Integrity means that the information is not being altered or destroyed by un-authorized person. 4.3 Availability It means to provide maximum data availability at any point of time depending on the business needs, while ensuring integrity and confidentiality.
5. Keyelements of network security The successful use of Internet technologies requires an increased need to protect valuable data and network resources from corruption and intrusion. A security solution contains five key elements: 5.1 Identity Identity is defined as the accurate and positive identification of network users, hosts, applications, services, and resources. Standard technologies that enable identification include authentication protocols such as Remote Access Dial-In User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+), Kerberos, and one-time password (OTP) tools. New technologies such as digital certificates, smart cards, and directory services are beginning to emerge and perform increasingly important roles in identification solutions. 5.2 Perimeter security This element provides the means to control access to critical resources such as network applications, data, and services so that only legitimate users and information can pass
Network Security-The Biggest Challenge in Communication
801
through the network. Routers and switches with ACL's (access control lists) provide this control by filtering by IP (Internet Protocol) / port or state-full firewall, as well as dedicated firewall appliances, provides this control. Complementary tools, including virus scanners and content filters, also help control network perimeters. 5.3 Data privacy When information must be protected from eavesdropping, the ability to provide authenticated, confidential communication on demand is crucial. Effective data privacy can be provided by several methods including: Tunneling and Data separation. Data separation using tunneling technologies, such as generic routing encapsulation (GRE) or Layer 2 Tunneling Protocol (L2TP), provides effective data privacy. However, additional privacy requirements often call for the use of digital encryption technology and protocols such as IP Security (IPSec). This added protection is especially important when implementing Virtual Private Networks (VPNs). The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password [5]. 5.4 Security monitoring Any good designer must review and test their design regularly at periodic intervals to ENSURE that the design works of security preparation. Network vulnerability scanners can proactively identify areas of weakness, and Intrusion detection systems (Cisco Secure IDS) can monitor and respond to security events in real time. By using security-monitoring solutions, organizations can obtain significant visibility into both the network data stream and the security posture of the network. 5.5 Policy management The requirement for centralized policy management tools grows as networks grow in size and complexity. Sophisticated tools can analyze, interpret, configure, and monitor the state of security. For example Browser-based user interfaces and tools enhance the usability and effectiveness of network security solutions. A security policy is a set of rules and practices prescribing how important information is managed, protected, and distributed, and also expresses the precise security level by defining which security methods are to be performed [6].
6. Network security weaknesses There are three primary reasons for network security threats: 6.1 Technology weaknesses Computer and network technologies have intrinsic security weaknesses. These include TCP/IP protocol weaknesses, operating system weaknesses, Network equipment weaknesses and weaknesses in configuration and security policy.
802
Ashima Jain
6. 2 Configuration weaknesses Network administrators or network engineers need to learn what the configuration weaknesses are and correctly configure their computing and network devices to compensate. 6.3 Security policy weaknesses Security policy weaknesses can create unforeseen security threats. The network may pose security risks to the network if users do not follow the security policy.
7. LATEST Survey According to latest news in the news paper “The Times of India” ‘Govt. fails to tap potential of hackers despite web attacks’ .Hackers are increasingly becoming part of the mainstream IT industry and contributing as security experts.Today private companies use ethical hackers to make themselves secure. The Jharkhand police was the first government body to start a process of rewarding people who are able to find loopholes on any website or IT infrastructure of government departments.Hackers are paid around Rs 1 lakh per month by social networking sites, search engines and software companies.
8. Conclusion The security system must be tight but must be flexible for the end-user to make him comfortable, he should not feel that security system is moving around him. Users who find security policies and systems too restrictive will find ways around them [7]. Security is a broad topic and covers a multitude of sins. In its simplest form, it is concerned with making sure that nosy people cannot read, or worse yet, secretly modify messages intended for other recipients. It is concerned with people trying to access remote services that they are not authorized to use. Most security problems are intentionally caused by malicious people trying to gain some benefit, get attention, or to harm someone.
References [1]
[2]
[3] [4]
Importance of Network Security, found at http://www.content4reprint.com/computers/security/importance-of-networksecurity-system.htm R. Heady, G. Luger, A. Maccabe, and M. Servilla(1990). The Architecture of a Network Level Intrusion Detection System. Technical Report Dept. of Computer Science, University of New Mexico, New Mexico, August. A beginner’s guide to network security, CISCO Systems, 2001. Dieter Gollmann (1999). Computer Security. Wiley.
Network Security-The Biggest Challenge in Communication [5]
[6] [7]
803
Simmonds, A; Sandilands, P; van Ekert, L (2004).Ontology for Network Security Attacks. Lecture Notes in Computer Science. Lecture Notes in Computer Science 3285, pp.317–323. Michael E. Whitman and Herbert J Mattord(2005).Principle of Information Security.2nd edition. Thomson Course Technology. Shailja Pandey (2011).MODERN NETWORK SECURITY: ISSUES AND CHALLENGES.IJEST, Vol. 3. , pp.4351-4356.
804
Ashima Jain