Previous Table of Contents Next


Port Security

Port security is essential in order to deny unauthorized remote access. Passive devices will report on unauthorized access, usage anomalies, etc. Active devices, which are preferable, will act to deny access to unauthorized users and to disable ports in the event that user-definable parameters are exceeded.

Transmission Security

Transmission Security is critical to ensure that unauthorized entities are not allowed to intercept the data as it is communicated across the network. Transmission of data is especially insecure over analog links; wireless transmission is inherently insecure. Transmission security is virtually ensured over coaxial cable and, especially, over fiber optic cable, as these media cannot easily to physically tapped. In order to maximize security, however, it is necessary that the data be encrypted.

Encryption

Encryption involves scrambling and compressing the data prior to transmission; the receiving device will be provided with the necessary logic to decrypt the transmitted information. Encryption logic generally resides in firmware included in standalone devices, although it can be incorporated into virtually any device. For instance, it is now being incorporated into routers, which can encrypt data on a packet-by-packet basis. Encryption comes in two basic flavors, private key and public key. Private key encryption requires that the key be kept secret. Public key encryption involves an encryption (encoding) key that can be used by all authorized network users; the key for decoding is kept secret. Data encryption standards include DPF (Data Private Facility) and DES (Data Encryption Standard), which uses a challenge-response approach and intelligent tokens.

Firewalls

Firewalls comprise application software which can reside in a communication router, server or some other device. That device physically and/or logically is a first point of access into a networked system. On an active basis, the device can block access to unauthorized entities, effectively acting as a security firewall. Firewalls currently are the subject of much interest, especially as organizations seek to protect their data from the ravages of hackers and other less-than-honorable creatures who prowl the Internet.

References

[7-1] Shelly, Gary B. and Cashman, Thomas J. Introduction to Computers and Data Processing. Fullerton, CA: Anaheim Publishing Company. 1980.
[7-2] Brooks, John. Telephone: The First Hundred Years. NY: Harper & Row, 1976.
[7-3] Keen, Peter G.W. and Cummins, J. Michael. Networks in Action. Belmont, CA: Wadsworth Publishing Company. 1994.
[7-4] Sherman, Kenneth. Data Communications: A Users Guide. Reston, VA: Reston Publishing Company, Inc. 1981.
[7-5] Held, Gilbert. Understanding Data Communications. Indiannopolis. IN: SAMS Publishing. 1994.
[7-6] Doll, Dixon R. Data Communications: Facilities, Networks and Systems Design. NY: John Wiley & Sons. 1978.
[7-7] Data Communications Concepts. Rochester, MN: IBM (GC21-5169-5). September 1985.
[7-8] Gelber, Stan. Introduction to Data Communications: A Practical Approach. Horsham, PA: Professional Press Books. 1991.
[7-9] Voydock, Victor L. and Kent, Stephen T. Security Mechanisms in High-Level Network Protocols. ACM. 1983. Reprinted: Partridge, Craig. Innovations in Internetworking. Norwood, MA: Artech House. 1988.


Previous Table of Contents Next