Research Paper Information Security Technologies

Research Paper Information Security Technologies-Free PDF

  • Date:12 Jan 2021
  • Views:2
  • Downloads:0
  • Pages:50
  • Size:287.37 KB

Share Pdf : Research Paper Information Security Technologies

Download and Preview : Research Paper Information Security Technologies


Report CopyRight/DMCA Form For : Research Paper Information Security Technologies


Transcription:

Research Paper Information Security,Technologies,Benjamin L Tomhave. The following research paper provides analysis of thirteen 13 information security. technology topics arranged in ten 10 groups that are either commonly found or. emerging within the information security industry These topics include Access Control. Management Antivirus Audit Data Reduction Firewalls Intrusion Detection Systems. IDS Intrusion Prevention Systems IPS Anomaly Detection Systems ADS Event. Correlation Systems ECS Network Mapping Password Cracking Public Key. Infrastructure Virtual Private Network and Vulnerability Scanning Systems IDS IPS. ADS and ECS are grouped together under one common heading Intrusion Detection and. Analysis Systems due to their commonality and interdependence This paper provides. basic overview information about each technology but primarily focuses on analyzing. each technology within the modern information security and business context looking at. how it meets business needs while addressing Confidentiality Integrity and Availability. as a Countermeasure that Detects Corrects and or Protects. Benjamin L Tomhave 12 7 2004 2,Table of Contents,I INTRODUCTION AND OVERVIEW OF APPROACH 4. II ACCESS CONTROL MANAGEMENT 5,A Business Analysis 5. B Security Analysis 7,III ANTIVIRUS 9,A Business Analysis 11. B Security Analysis 11,IV AUDIT DATA REDUCTION 13,A Business Analysis 13.
B Security Analysis 14,V FIREWALLS 15,A Business Analysis 17. B Security Analysis 17,VI INTRUSION DETECTION AND ANALYSIS SYSTEMS 18. A Intrusion Detection Systems IDS 19,1 Business Analysis 21. 2 Security Analysis 22,B Intrusion Prevention Systems IPS 23. 1 Business Analysis 24,2 Security Analysis 25,C Event Correlation Systems ECS 25.
1 Business Analysis 27,2 Security Analysis 27,D Anomaly Detection Systems ADS 27. 1 Business Analysis 29,2 Security Analysis 30,VII NETWORK MAPPING 30. A Business Analysis 31,B Security Analysis 32,VIII PASSWORD CRACKING 33. A Business Analysis 35,B Security Analysis 36,IX PUBLIC KEY INFRASTRUCTURE 36. A Business Analysis 38,B Security Analysis 40,X VIRTUAL PRIVATE NETWORKS 41.
A Business Analysis 43,B Security Analysis 43,XI VULNERABILITY SCANNING SYSTEMS 44. A Business Analysis 46,B Security Analysis 46,REFERENCES 48. Benjamin L Tomhave 12 7 2004 3,Research Paper Information Security. Technologies,Benjamin L Tomhave,I INTRODUCTION AND OVERVIEW OF APPROACH. This research paper introduces and analyzes ten 10 information security technologies. Each of the following sections focuses on a specific technology and adheres to the. following general format, o Technology Overview A high level introduction to the technology.
o Business Analysis An evaluation of the usefulness cost complexity and utility. of the technology in the modern business environment. o Security Analysis The security technology is weighed against the tenets of. Confidentiality Integrity and Availability as well as evaluating its role as a. countermeasure detect correct protect, The ten security technologies addressed in this paper are. 1 Access Control Management,2 Antivirus,3 Audit Data Reduction. 4 Firewalls,5 Intrusion Detection and Analysis Systems. 6 Network Mapping,Benjamin L Tomhave 12 7 2004 4,7 Password Cracking. 8 Public Key Infrastructure,9 Virtual Private Networks.
10 Vulnerability Scanning Systems,II ACCESS CONTROL MANAGEMENT. Access control management ACM systems pull together identity authentication and. authorization to restrict what resources a user may access and in what manner that access. may occur read write execute modify etc ACM solutions may be based on a number. of security models including Discretionary Access Control DAC Mandatory Access. Control MAC and Role Based Access Control RBAC A standard ACM provides an. interface through which a user will self identify followed by a mechanism for. challenging and confirming that identity and then a method for granting rights or access. to information based on the non repudiated authentication of the user Access control is. at the heart of information security and is the fundamental premise upon which the. industry is based1 Without access control management there would no method through. which to provide security for systems and data,A Business Analysis. Access control management systems provide the foundation for information security. within the business environment Its usefulness is extensive with the primary functions. Ben Rotchke Access Control Systems Methodology New York SecurityDocs com 2004 accessed 06. November 2004 available from http www securitydocs com go 69 Internet. Benjamin L Tomhave 12 7 2004 5, being to classify data systems according to value and allocate protection mechanisms in. accordance with the value of the resource According to Tipton and Krause the. essence of access control is that permissions are assigned to individuals or system objects. which are authorized to access specific resources 2. The implementation of ACM systems can range in cost from minor to extreme. depending on the value of the resource being protected The underlying security model. applied also impacts how expensive and complex the solution may be ACM solutions. are perhaps the most important security technology that can be deployed ahead of all. other countermeasures because of its inherent purpose to control access to data and. systems The utility of the ACM systems however is limitless under the assumption. that a business has resources of value that require protecting. Discretionary Access Control systems are very common and are generally cost effective. for most environments Most operating systems today ranging from Windows to UNIX. to Linux and beyond make use of a DAC model of access control Mandatory Access. Control systems tend to be more complex and costly in performance and maintenance. MAC systems require a much stronger systematic adherence to the precepts of access. control and can thus challenge administrative resources and confound access to data as. required by the business Implementation of MAC requires proper foresight and planning. to avoid difficulties in the long term an effort that is often a costly engineering effort. frowned upon by the business Finally Role Based Access Control systems are. Harold F Tipton and Micki Krause I Information Security Management Handbook 4th Edition I. Boca Raton Auerbach 2000 p1,Benjamin L Tomhave 12 7 2004 6. increasing in popularity and are predicted to saving companies millions of dollars in the. coming years 3,B Security Analysis, An access control management system has the potential for impacting all three tenets of.
information security Confidentiality Integrity and Availability The primary role of an. ACM solution is to protect the confidentiality of a resource by restricting access to the. resource Additionally an ACM solution will control the attributes of the access such as. read write and execute For example in the case of a data file an ACM system may. grant a user read access but deny access to write or modify the data within the file. Under a DAC model access controls are managed directly by the resource owner In a. MAC model the system dictates what level of access may be granted to a resource. Finally RBAC assigns access based on the rights of a group or role within the system. All users who share a given role have the same access This approach contrasts to DAC. where each user may have a unique set of rights MAC is similar to RBAC in terms of. using a role based approached based on labeling However the inner operations of a. MAC vary distinctly from an RBAC discussion of which exceeds the scope of this. Access control management systems hinge on the proper identification of subjects trying. to access objects The process of positively identifying a subject is called authentication. National Institute of Standards and Technology I NIST Planning Report 02 1 Economic Impact. Assessment of NIST s Role Based Access Control RBAC Program I Washington NIST 2002. accessed 12 October 2004 available from http csrc nist gov rbac rbac impact summary doc Internet. Benjamin L Tomhave 12 7 2004 7, The authentication process usually occurs when a subject self identifies and then. responds to a systematic challenge of the identity This challenge is based on what you. know what you have or who you are A password is an example of something that you. may know and is currently the most common method of proving identity A token is an. example of something that you have and biometrics is an example of who you are. Biometrics is a method of identification based on the physical characteristics of a human. being such as a fingerprint iris scan or retinal scan Biometrics though holding. significant promise as part of an access control management system also has significant. drawbacks such as to acceptability to users reliability and resistance to counterfeiting 4. The future of access control management systems appears to be in the direction of multi. factor authentication oftentimes making use of passwords in combination with tokens or. biometrics Beyond the current trend it seems likely that passwords will eventually be. rendered completely obsolete in favor of some form of token or biometric becoming the. first if not only form of authentication Specifically use of numeric or data tokens is on. the increase and projected to continue gaining in popularity and acceptance Major. international Internet Service Provider America Online has recently announced the. availability of numeric tokens for users as a second factor for authentication. Additionally as public key infrastructure solutions see Section IX below mature and. gain in prevalence the use of data tokens will increase in importance For example a. bank will be able to issue a USB based data token to a customer On the data token will. be the customer s unique identifier in the form of a digital certificate This certificate will. Donald R Richards Biometric Identification in I Information Security Management Handbook 4th. Edition I ed Harold F Tipton and Micki Krause Boca Raton Auerbach 2000 p9. Benjamin L Tomhave 12 7 2004 8, be managed through a central Certificate Authority and will be used both for. authentication and for encrypting and digitally signing communication and transactions. Thus access control management will not only continue its central role within. information security but it will also grow in scope adding more extensive capabilities for. positively impacting confidentiality and integrity Additionally besides protecting. resources it may also include extended capabilities that will allow for easier detection of. attacks and possibly even automatic methods for correcting violations of integrity. III ANTIVIRUS, The first computer virus credited with being found in the wild is believed to be a. program called Elk Cloner that targeted Apple DOS 3 3 5 The term virus may. actually have originated in the 1970s in science fiction literature6 though as a concept it. has likely been around since the 1960s Traditionally a virus is simply a computer. program that is intentionally written to attach itself to other programs or disk boot sectors. and replicate whenever those programs are executed or those infected disks are. accessed 7 In the modern context this traditional form of malicious code or malware is. less common Instead it is far more common to see variations on this original theme in. the form of worms and Trojan horses that infect a computer system either through. direct execution or through some form of network based replication method In the. Wikipedia Computer virus St Petersburg Wikipedia 2004 accessed 06 November 2004 available. from http en wikipedia org wiki Computer virus Internet. Wikipedia Computer virus St Petersburg Wikipedia 2004 accessed 06 November 2004 available. from http en wikipedia org wiki Computer virus Internet. Bob Kanish An Overview of Computer Viruses and Antivirus Software Unknown Kanish 1996. accessed 12 October 2004 available from http www hicom net oedipus virus32 html Internet. Benjamin L Tomhave 12 7 2004 9, modern context hybrid malware programs typically replicate through worm like. behaviour that preys on vulnerabilities in operating systems or through social engineering. attacks and then setup backdoors via the Trojan horse mechanism This backdoor can. then allow the attacker to remotely access and control an infected system allowing for the. perpetration of other illicit activities such as sending SPAM or using the compromised. system as a proxy or relay through which remote access can be gained to otherwise. protected resources, Antivirus software has been around for at least the past 10 15 years though no references.
were found that indicated a specific date when such programs were first made available. Antivirus software was developed to detect the presence and eventually the attempted. infection of a system by malware There are generally two types of antivirus scanning. software signature based and heuristic Signature based scanning relies on a database of. known malware signatures It must be updated on a regular basis in order to ensure a. current database of known malware According to eBCVG an IT Security company a. heuristic scanner looks at characteristics of a file such as size or architecture as well as. Research Paper Information Security Technologies by Benjamin Tomhave November 10 2004 Prepared for Professor Dave Carothers EMSE 218 The George Washington University This paper or presentation is my own work Any assistance I received in its preparation is acknowledged within the paper or presentation in accordance with academic practice If I used data ideas words diagrams pictures

Related Books