Networking offers endless possibilities and opportunities, along with convenience. But this convenience and endless benefits are not free from risks. While ensuring network security, the concerns are to ensure that only legal or authorized users and programs gain access to information resources like databases. Also, certain control mechanisms are set up to ensure that properly authenticated users get access only to those resources that they are entitled to use. Under this type of security, mechanisms like authorization, authentication, encrypted smart cards, biometrics, and firewalls, etc. are implemented.
The problems encountered under network security can be summarized as follows:
To counter or reduce the security threads receiving under this category, many protection methods are used. These protection methods are being discussed briefly here.
Authorization: This determines whether the service provider has granted access to the Web services to the requestor. Basically, authorization confirms the service requestor is entitled to operate, which can range from invoking the Web service to executing a certain part of its functionality. Authorization is performed by asking the user can provide one he/she is considered as an authorized user.
Authentication: This ensures that each entity is involved in using a Web service. The requestor, the provider, and the broker (if there is one) is what it actually claims to be. Authentication involves accepting credentials from the entity and validating them against an authority.
Authentication is also termed as password protection as the authorized user is asked to provide a valid password, and if he/she can do this, he/she is considered to be an authentic user.
Encrypted Smart Cards: Passwords in a remote log-in session generally pass over the network in unencrypted form. Thus, any hacker (or cracker) can simply record it and use it to corrupt threats, newer approaches are suggested, such as encrypted smart cards. An encrypted smart card is a had-held smart card that can generate a token that a computer system can recognize. Every time a new and different token is generated, which even though cracked or hacked, cannot be used later.
Biometric Systems: These form the most secure level of authorization. The biometric systems involve some unique aspects of a person's body, such as finger-prints, retinal patterns, etc., to establish his/her identity.
Firewall: A system designed to prevent unauthorized access to or from a private network is call Firewall. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially the intranet. All messages entering or leaving the Internet pass through the firewall, which examines each message and blocks those which examine each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques as given in this link: What is Firewall & firewall types?
Note: From a modern security perspective, I suggest you follow this method: "Something you are, Some things you have, Something you know."
ISO stands for International organization of Standardization. This is called a model for Open System Interconnection (OSI) and is commonly known as OSI model.Read More
The purpose of DNS (Domain Name Server) is to translate domain names into IP addresses. A service is used for translating domain names into IP addresses.Read More
CrossFire is a high-performance PC gaming graphics platform made possible by the use of multiple graphics cards coupled with a CrossFire enabled motherboard.Read More