Network Security:
Networking offers endless possibilities and opportunities, along with convenience, but this convenience and endless benefits are not free from risks. While ensuring network security, the concerns are to ensure that only legal or authorized users and programs gain access to information resources like databases. Also, certain control mechanisms are set up to ensure that properly authenticated users get access only to those resources that they are entitled to use. Under this type of security, mechanisms like authorization, authentication, encrypted smart cards, biometrics, and firewalls, etc. are implemented.
The problems encountered under network security can be summarized as follows:
- Physical Security Holes: When individuals gain unauthorized physical access to a computer and tamper with files. Hackers do it by guessing the passwords of various users and then gaining access to the network system.
- Software Security Holes: When badly written programs or 'privileged' software are compromised into doing things that they should not be doing.
- Inconsistent Usage Holes: When a system administrator assembles a combination of hardware and software such that the system is seriously flawed from a security point of view.
Protection Methods:
To counter or reduce the security threads receiving under this category, many protection methods are used. These protection methods are being discussed briefly here.
Authorization: This determines whether the service provider has granted access to the Web services to the requestor. Basically, authorization confirms the service requestor is entitled to operate, which can range from invoking the Web service to executing a certain part of its functionality. Authorization is performed by asking the user can provide one he/she is considered as an authorized user.
Authentication: This ensures that each entity is involved in using a Web service. The requestor, the provider, and the broker (if there is one) is what it actually claims to be. Authentication involves accepting credentials from the entity and validating them against an authority.
Authentication is also termed as password protection as the authorized user is asked to provide a valid password, and if he/she can do this, he/she is considered to be an authentic user.
Encrypted Smart Cards: Passwords in a remote log-in session generally pass over the network in unencrypted form. Thus, any hacker (or cracker) can simply record it and use it to corrupt threats, newer approaches are suggested, such as encrypted smart cards. An encrypted smart card is a had-held smart card that can generate a token that a computer system can recognize. Every time a new and different token is generated, which even though cracked or hacked, cannot be used later.
Biometric Systems: These form the most secure level of authorization. The biometric systems involve some unique aspects of a person's body, such as finger-prints, retinal patterns, etc., to establish his/her identity.
Firewall: A system designed to prevent unauthorized access to or from a private network is call Firewall. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially the intranet. All messages entering or leaving the Internet pass through the firewall, which examines each message and blocks those which examine each message and blocks those that do not meet the specified security criteria.
• There are several types of firewall techniques as given in this link: What is Firewall and its types?
Q. "Something you are, Some things you have, Something you know"?
You're referring to the three factors of authentication: something you are (biometrics like fingerprints or facial recognition), something you have (like a physical token or smartphone), and something you know (like a password or PIN). These factors work together to provide secure access to systems or data.
Category: Networking
on: 29 Oct 2022
on: 15 Jan 2024
Featured posts
You may like these posts.
Basic Concept of Memory Management:
Memory Management is the functionality of an operating system that handles or manages the primary memory and disk during execution.
Encryption and Decryption (Data) - Encoding & Decoding:
Encryption is the process of translating plain text data (plaintext) into something that appears to be random and meaningless (ciphertext).
CrossFire, CrossfireX & SLI - AMD, ATI & NVDIA:
CrossFire is a high-performance PC gaming graphics platform made possible by the use of multiple graphics cards coupled with a CrossFire enabled motherboard.
What's Next?
We actively create content for our YouTube channel and consistently upload or share knowledge on the web platform.