|
|
Abstract: This paper introduces the framework for computer and network security Why we have networks You can achieve perfect security -- but only by disconnecting your computers from networks, locking them in a secure room, etc. In other words, perfect security means perfect uselessness. Therefore, organizations must balance the benefits of security vs. the benefits of networked computers. We measure how computer networks with the following metrics: - utility
- The cost savings and benifits that we get from our computer networks.
- effort
- How much effort we spend in maintaining them.
- spped
- How fast the network is.
- cost
- How much it costs
- reliability
- How many failures we seee
- ease-of-use
- How easy it is for our users to take advantage of the resource
- security
-
The area of the security typical is described in the following terms: - confidentiality
- Keeping your secrets
- integrity
- Preventing somebody from secretly changing your data
- authenticity
- Stop forgeries
- non-repudiation
- Like signing a check
- availability
- Stopping hackers from crashing your systems
The tools that we use to maintain security are: - cryptography
- Mathematical algorithms to hide data
- authentication
- Passwords et al.
- firewalls
- Centralized points of control for network access
- auditing
- Monitoring and wiretapping
- intrusion detection
- Burgler alarms
- vulnerability scanners
- Finding security holes that may lead to break-in
- virus scanners
- Stopping those pesky computer viruses
- backups
- Being able to reconstitute your data when computer's crash
The security framework: - tools
- Listed above
- design
- Laying out the network, and how to interconnect networks
- implementation
- Following through on the design
- maintenance
- Once implemented, keeping it running
- policies
- What do you do when you detect a security breach?
- users
- How do you train your users to be effective?
|
