cyberstalin.com

network security

In terms of a computer network, network security can be defined as the set of policies and practices adopted to prevent any kind of misuse, unauthorized access, modification or denial of the computer network and network-accessible resources. The primary goal of network security is to authenticate and authorize the access of each and every network resource so that there is no breach of network resources or data. It also ensures that no malicious user is allowed into the network that can result is other kinds of attacks.
The base of network security is authentication. The most commonly used authentication mechanism is username and password, though there are other forms of authentication like fingerprint biometric authentication, iris scan biometric authentication etc., are becoming increasingly popular mainly in mobile devices. Though mobile devices were not considered to be an integral part of enterprise network in most industries, in today’s scenario with more and more organizations allowing the Bring Your Own Device (BYOD), mobile and personal devices allowed to register into the enterprise network are also a huge concern in terms of an enterprise network. Once authenticated, the firewall enforces policies on the type of access based on the type of the devices, the authenticated profile, and the enterprise security policies.
The major threats that arise with a breach in network security are cyber-crimes, vulnerabilities, spyware, malware, ransomware, viruses, trojans, rootkits, bootkits, exploits, denial-of-service, web-shells etc. There are a number of well-known defenses that are effective against threats in network security. They are as follows.

Authentication in Network Security

Authentication originates from the Greek word ‘authentikos’ which means ‘real’ or ‘genuine’. Authentication is defined as the act of confirming the truth of an attribute of a single piece of data claimed true by an entity. Authentication is a common problem that exists in multiple places. Even art where it is important to know who is the true artist behind a painting or piece of art. In terms of network security, it is the procedure of verifying that a person who claims to belong to the network actually belongs to the network.

Access Control for Network Security

As stated earlier, access control is one of the best-known security measures even today. According to Wikipedia, “general access control includes identification, authorization, authentication, access approval, and audit. A more narrow definition of access control would cover only access approval, whereby the system makes a decision to grant or reject an access request from an already authenticated subject, based on what the subject is authorized to access.”
Access control is two types. The first is called a capability-based model. In a capability-based model, a person, user or machine gets access to an object because the person or user or machine holds an object that is considered as the credential to the object or resource. It is similar to the analogy that the person who holds a key to the house gets entry to the house whether he/she is the owner of the house or not.
The second variety of access control is called, Access Control List or ACLs. In terms of an ACLs, all the members of the network will have a key. The access to the resource is determined based on whether the owner of the key is part of a list that is designated to access the resource or not. This is similar to the analogy that there may be many who get passes to a concert, but based on which list the pass belongs, the person is allowed to tier of the seat.

Application Security for Network Security

The security of an enterprise cannot be just at the perimeter of the network. Hence, application security is an important part of network security. Application security encompasses measures taken to the security of the application by finding, fixing and getting rid of vulnerabilities in the application. The moment, there is a breach in the network security, the applications behind the network are the ones that take the first hit. Hence its application security is of paramount importance.
In addition, there are applications that are exposed directly to the end users via the common internet. Software-as-a-service applications, services that are accessible via the internet, even websites that are server-side rendered constitute to network security issues bring applications themselves. Hence, end-user facing application security is as important as network security.

Data-Centric Network Security

Another approach to the network security is to emphasize the security on the data which the core that each breach is aimed at than protecting only the perimeter of the network, or the applications. In data-centric network security, the data is considered as the core wealth of an organization. Since the data is the wealth of organizations, data-centric network security breaks the disconnect between IT security strategy and the objectives of the business that relies purely on data. There are several products and strategies that rely entirely on data-centric network security. However, the organizations are slow in catching up with data-centric network security. Follow the blow post for a special article on data-centric network security in the coming days.

Role of Encryption in Network Security

Encryption is the process of encoding a piece of a message such that only the person or intended people can access the message. Encryption is one of the widely used methods in cryptography. The role of encryption in network security is important. Encryption by itself does not provide network security or does not stop intruders from getting into the network. However, it stops the intruders who get past the network security to gain access to the data. The simplest way of understanding encryption is to realize the fact that, websites are forced to use HTTPS over HTTP. The S in HTTPS stands for secured and it used encryption to secure the data that is sent over the network. The use of cryptography in network security, like data-centric network security, is a huge topic that deserves a blog on itself.

See Also:EBook on Security by IBM – https://ibm-security-solutions-protect-critical-assets-ebook.mybluemix.net/?cm_mc_uid=63771623798315474945486&cm_mc_sid_50200000=44255181552252772015&cm_mc_sid_52640000=42600631552252772020
Pervasive, user-centric network security –https://patents.google.com/patent/US7103772B2/en
What is network security by CISCO – https://www.cisco.com/c/en/us/products/security/what-is-network-security.html
Network Infrastructure Security – https://www.springer.com/gp/book/9781441901651

Share this content:
Related posts: