A Critical Summary Of Modern Network Security

Published Date: 02 Nov 2017

Contents

Introduction

Security is an essential aspect in modern systems. The modern security mechanisms and their utilities, advantages, disadvantages are important for all organizations. Towards this end this report reviews literature as per the questions given based on security. The four questions and their review of literature, comparison with other papers and comparison with study materials are presented in the following sections.

Question1

A Critical Summary of MODERN NETWORK SECURITY: ISSUES AND CHALLENGES

Network security is an essential and everlasting requirement. Security issues can’t be solved at once. It is a process that needs to be continued as long as the systems exist. SHAILJA PANDEY (2011) explores various network scenarios and security measures required so as to make a completely secure environment illustrating with a case study. The paper especially focuses security attacks such as active and passive attacks, measures of network security such as firewall, proxy, antivirus, physical security, authentication mechanisms, usage of analysis tools, and fire extinguishers. It also provides information about network security tools like Nessus, N-map security scanner, Wire Shark, Snort, Net Cat, and Kismat. The paper explores security methods such as cryptography and firewalls including three flavors of firewalls such as application gateways, packet filtering, and hybrid systems. The merit of this paper lies in exploration of modern security as described above besides other aspects the paper explored including various security management issues, things to be done by an organization, technology options like ASIC based appliances, SSL-PVN, and intrusion detection systems, WAN security with a case study of a software development company.

The paper from SHAILJA PANDEY (2011) has made many observations. Many observations appear to be valid in terms of technology innovations and rapid growth of the abilities of adversaries who try to break security systems. The valid observations include:

The attacks over network from hackers or intruders or adversaries are of two types known as passive attacks and active attacks. Attacks based on interception and traffic analysis come under passive attacks while attacks based on interruption, modification, fabrication come under active attacks.

Network security measures like usage of strong firewalls, strong Antivirus and network security tools usage, the three types of firewalls, cryptographic methods.

Specific security management issues like having resources with high quality to enforce security; adopting latest technologies; complete secure environment; regular monitoring of network performance and security; having a strong security blue print and its implementation.

Technology options like purpose built ASIC based appliances, SSL – VPN for completely secure communications.

However, there are some areas of the paper that invite debate and even disagreement. These areas include:

The case study that provides information about the security mechanisms in a software development company. The case study scenario gives little technical details about the security implementation. The modern network security issues and challenges discussed in the paper are not adequately reflected in the implementation architecture in the case study. This makes it debatable.

The Wi-Fi threats mentioned in the abstract of the paper were not adequately defined in the paper. The threats are to be identified clearly, defined and prevention mechanisms are to be explored categorically.

The secure methods based on cryptography are not described adequately. This area of the paper can be greatly improved.

The author of the paper SHAILJA PANDEY reviewed information collection from various sources. This means that author has understood the essence of those reference articles and provided useful content in this paper. When the content is not owned by author, citation is given using serial number such as [1], [2], etc. For all the citations, corresponding references are given at the end of the paper in References section. All the references are sorted in alphabetical order by the name of corresponding author. Thus the work of others has been presented by the author SHAILJA PANDEY in her article named "MODERN NETWORK SECURITY: ISSUES AND CHALLENGES".

With regard to the work presented by author, under the title "MODERN NETWORK SECURITY: ISSUES AND CHALLENGES" is informative and useful. However, the work can be greatly improved. For instance the WAN security is presented without solid information on it. The information given in that section does not let the reader know more about the WAN and its security. The case study presentation, though meaningful in its form, can be presented with more technical details that can reflect the solutions to the issues and challenges of modern network security.

Question 2

Comparing and Contrasting Ideas in the Paper titled "MODERN NETWORK SECURITY: ISSUES AND CHALLENGES "with Key Concepts Studied on Network Security.

There are many concepts studied in the class room lessons. The comparison and contrasting of those concepts with the ideas presented in the SHAILJA PANDEY’s paper are as given in the following sub sections. The criteria used for comparison include concepts covered with respect to information security, network security, and risk management besides the security mechanism like firewalls, intrusion detection systems and intrusion prevention systems.

Similarities and Differences between the Paper and Study Materials

Concepts Studied

Ideas of SHAILJA PANDEY’s Paper

Physical security of routers is achieved by locking the routers in a secured place with Uninterrupted Power Supply.

The ideas covered in this paper are in line with the concept studied. In this paper it is suggested to use closed circuit TVs for covering entry and restricted zones besides keeping servers in a restricted area.

Securing administrative access with restricted device accessibility, logging and accounting for all accesses, presenting legal notifications, and ensuring confidentiality of data.

The paper presented ideas such as access control mechanisms, authentication mechanisms, usage security tools like Snort, Net Cat etc., traffic analysis using trace back. It also provided ideas such as passwords, privileges and secure communication among the parties.

Authentication, Authorization and Accounting were given importance in ensuring security.

Some sort of authentication mechanism is mentioned. There is little discussion about accounting and authorization. However, authorization is shown in the case study as well.

Implementation of firewall technologies including packet filtering firewalls, stateful firewalls.

Firewalls are discussed including three flavors such as application gateways, packet filtering, and hybrid systems.

Implementing intrusion prevention using Intrusion Detection Systems, and Intrusion Prevention Systems.

The paper mentioned about intrusion detection systems and intrusion prevention systems though it has not elaborated on them.

Securing Local Area Networks with end points such as printers, servers, PDAs, IP phones, desktops, and laptops and non end point devices like switches, wireless devices, IP telephony devices, and storage area networking devices. The study materials also discuss about securing LAN from various attacks such as MAC address spoofing attacks, VLAN attacks, LAN storm attacks, MAC address table overview attacks, and STP manipulation attacks.

The paper does not discuss about security threats and preventions but not particularly about LAN security threats.

The study materials provide information about network admission control including authentication and authorization, posture assessment, quarantining and remediation of non-compliant systems. Implementation of NAC can be done using NAC framework and Cisco NAC appliance.

The paper has some information about authentication and authorization. However, it does not discuss about posture assessment and other aspects.

Cisco layer 2 security has been covered in the study materials.

There is not such security discussed in the paper.

The study materials provided more information about cryptographic systems. It includes history, encryption, decryption, various kinds of ciphers, cryptanalysis methods like meet-in-the-middle method, chosen-cipher text method, chosen plain-text method, known plaintext method, cipher text only method, and brute force method.

In the paper there is mention of cryptography as part of security methods. However there is no useful information covered.

For security cryptographic hashes can be used as it has many advantages such as integrity, authenticity and confidentiality.

No cryptographic hashes for security implementation are discussed in the paper.

Various key management aspects are covered in the study materials. They include key generation and verification, key storage, key exchange, and key revocation and destruction.

No key management issues are discussed in the paper.

Symmetric and asymmetric algorithms pertaining to cryptography are discussed in the study materials.

No such discussion is found in the paper.

Certification authorities with different levels of trust are discussed in the study materials.

No such discussions are found in the paper.

Access Control Lists (ACLs) and types of ACL are covered in the study materials. It also provides information about configuring ACLs, complex ACLs, and troubleshooting ACLs.

The paper has mention of importance of ACLs in providing security accessing of information. However, there is no elaboration on that.

The study materials provide information about IPv6 ACLs, their configuration, and implicit entries besides object groups in ACL.

No such information found in the paper.

Table 1 – Similarities and Differences of Paper and Study Materials

Advantages and Disadvantages of the Ideas Presented in the Paper

The ideas presented in the paper has many advantages including the information coverage with respect to different types of attacks, network security measures, network security tools, security methods such as cryptography and firewalls, issues pertaining to security management, technology options, to do’s for organizations with regard to security, WAN security and a case study to show the security implementation in a software development company. The disadvantages include the lack of coverage of many important aspects pertaining to cryptography, LAN attacks and WAN security as can be seen in table 1.

Question 3

How key exchange mechanisms considered by Alice and Bob work?

This section provides information about the two key exchange mechanisms considered by Alice and Bob.

Generating One Time Pad Method

Alice and Bob considered exchanging information securely using one time pad approach. According to Frank Rubin (1997) one-time-pad is a kind of encryption which is absolutely secure when implemented perfectly. In this mechanism, from the plain text each byte is taken and converted into cipher text by using a key byte. Each time the key byte will change which is known as pad and it is random in nature. Each key byte can have a value between 0 and 255 and it is not dependent on other key bytes. The fact that key bytes should not be reused is the practical difficulty of one-time-pad approach. For two way communication sufficient key material is required. There are many researches in the history on generating truly random numbers using mathematical algorithms. Those methods exhibited a weakness that is when a portion of key stream is known to adversaries, they can reconstruct the whole key stream. They achieve this using the very same mathematical algorithm. Frank Rubin (1997) provided a solution to this problem.

Diffie-Hellman key exchange protocol

A key exchange protocol was introduced in 1976 by Whitfield Diffie and Martin Hellman. The protocol is based on discrete logarithm problem. According to the authors, in this protocol two parties such as Alice and Bob make random secret key for through a public channel with due authentication. The protocol is based on three concepts which are important for security. They, in the increasing computational strength, are decision Diffie-Hellman problem, Diffie-Hellman problem, and Discrete Logarithm Problem.

Critical Summary of Paper "Encrypting keys securely"

Cryptography provides mechanism for secure communication of data between two parties. However, key distribution is the main problem in some kind of mechanisms. It is very important to know how keys are securely encrypted and transmitted. In the paper "Encrypting Keys Securely" Cachin, C. and Camenisch, J. (2010) discuss many issues and challenges pertaining to encryption of keys securely. This paper covers information about public key encryption for secret keys including security definitions and key-dependent message security, strict access control in a key management system including key management and strict access control. According to the authors of the paper, encrypting keys is not a rare case. It is very frequently done in many security mechanisms including WPN. The two recent developments provided by the authors in order to encrypt keys securely are a key management system and a public key crypto system. The former with strict access control mode is capable of protecting the keys from security interface attacks while the latter with a security proof against adaptive chosen cipher text attacks which are independent of keys. In case of the latter approach the contents of encryption can’t be known to adversary even though he is allowed to obtain decryption of other computed encryption done by him. In case of a key-management system, multiple clients can access it simultaneously who perform operations on objects and keys pertaining to cryptography. The objects in this case might be certificates, secret keys, public keys, and symmetric keys. Each one has life cycle represented by a range of attributes that are used in the operations of cryptography. These operations allow the system to manage keys that involve creation, importing, reading, deleting and updating keys.

Afterwards, the authors at IBM developed a new key management system with strict access control based on cryptography API for the purpose of key management. This system is based on the model which considers dependencies among keys as proposed by M. Björkqvist et al. (2009).

Question 4

Security Factors to be considered while moving to a new building

When a company is changing premises and moving to new building many security factors are to be considered. The factors include the environment in which the new building is located, its suitability to have security equipment such as fire fighting, locking system, distance from nearby security setups like police station, placement of servers, place for monitoring devices like CC cameras etc. When there is not provision for CC cameras, the computer systems can’t be monitored which may lead to theft or misuse of the data present in systems. If the placement of servers is not done in a room which can be physically secured, there might be problem with people with malicious intentions. If there is not proper locking system to the new building that may lead to theft of equipment. If the building is not nearly police stations (reasonably nearby), it could lead to problems as police can’t reach the place soon. If there is not firefighting equipment built into the framework of building, it may lead to problems in case of fire accidents.

Critical Summary of the Paper "Disposal of disk and tape data by secure sanitization"

Disk drives and tapes contain mass storage that is used in computing devices of all kinds. Secure sanitization is required for disposal of tape or disk data. According to Hughes, G.F., Coughlin, T. and Commins, D.M. (2009) there are many methods to eradicate data present in tapes and disks. However, all are not efficient. The most efficient methods are secure erase and physical destruction. This paper provides federal guidelines for sanitization of data. It also presents speed vs. security for data sanitization. Ideally best security with shortest time taking procedure is selected by users. The paper also explores various data sanitization laws of USA. It also highlights various data sanitization techniques such as media physical destruction, through tape or drive degaussing, through block overwrite or SE, enhanced SE through In-Drive data encryption. It also discusses about erased data recovery through computer forensics and data sanitization approaches used in the real world.

Comparing Contents of Paper to the approaches for disposing of sensitive data Presented in Other Sources

There are many approaches for disposing disks and tapes with sensitive data. According to Disposal & Destruction of Sensitive Data (2007) the approaches for various media devices are given below.

Media Type

Storage Mechanism

Removal Methods Suggested

Paper based

-

Incineration, shredding

Flash disk drives

Solid state

Pattern wiping, physical destruction

Magnetic tape

Non volatile magnetic

Incineration, degaussing

DVD-RW/CD-RW

Write many optical

Incineration, abrasion

DVD-R/CDROM

Write once optical

Incineration, abrasion

Hard disk drives

Non volatile magnetic

Incineration, pattern wiping

Table 2 – Summary of various methods to dispose data

As seen in table 2, there are many methods for the removal of data from media devices. However, when it is compared with the paper from Hughes, G.F., Coughlin, T. and Commins, D.M. (2009) titled "Disposal of disk and tape data by secure sanitization", this paper provides methods like degaussing, physical destruction, and secure erasure. When compared to those methods, the secure erasure method is in the table 2. There are many methods provided in table 2 which were not discussed in the paper. Those methods include Incineration, shredding, pattern wiping, and abrasion.