Networking offers endless possibilities and opportunities, along with convenience. But this convenience and endless benefits are not free from risks. While ensuring network security, the concerns are to ensure that only legal or authorized users and programs gain access to information resources like databases. Also, certain control mechanisms are set up to ensure that properly authenticated users get access only to those resources that they are entitled to use. Under this type of security, mechanisms like authorization, authentication, encrypted smart cards, biometrics, and firewalls, etc. are implemented.
The problems encountered under network security can be summarized as follows:
- Physical Security Holes: When individuals gain unauthorized physical access to a computer and tamper with files. Hackers do it by guessing the passwords of various users and then gaining access to the network system.
- Software Security Holes: When badly written programs or 'privileged' software are compromised into doing things that they should not be doing.
- Inconsistent Usage Holes: When a system administrator assembles a combination of hardware and software such that the system is seriously flawed from a security point of view.
To counter or reduce the security threads receiving under this category, many protection methods are used. These protection methods are being discussed briefly here.
Authorization: This determines whether the service provider has granted access to the Web services to the requestor. Basically, authorization confirms the service requestor is entitled to operate, which can range from invoking the Web service to executing a certain part of its functionality. Authorization is performed by asking the user can provide one he/she is considered as an authorized user.
Authentication: This ensures that each entity is involved in using a Web service. The requestor, the provider, and the broker (if there is one) is what it actually claims to be. Authentication involves accepting credentials from the entity and validating them against an authority.
Authentication is also termed as password protection as the authorized user is asked to provide a valid password, and if he/she can do this, he/she is considered to be an authentic user.
Encrypted Smart Cards: Passwords in a remote log-in session generally pass over the network in unencrypted form. Thus, any hacker (or cracker) can simply record it and use it to corrupt threats, newer approaches are suggested, such as encrypted smart cards. An encrypted smart card is a had-held smart card that can generate a token that a computer system can recognize. Every time a new and different token is generated, which even though cracked or hacked, cannot be used later.
Biometric Systems: These form the most secure level of authorization. The biometric systems involve some unique aspects of a person's body, such as finger-prints, retinal patterns, etc., to establish his/her identity.
Firewall: A system designed to prevent unauthorized access to or from a private network is call Firewall. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially the intranet. All messages entering or leaving the Internet pass through the firewall, which examines each message and blocks those which examine each message and blocks those that do not meet the specified security criteria.
Note: Follow this method: "Something you are, Some things you have, Something you know."
• There are several types of firewall techniques as given in this link: What is Firewall & firewall types?
on: 29 Oct 2022
on: 15 Jan 2024
Featured postsYou may like these posts.
Firewalls are often categorized as either network firewalls or host-based firewall. Firewalls may also be a component of your computer's operating system.
Booting is a bootstrapping process that starts operating systems when the user turns on a computer. A Bootstrap Loader (BSL) is a small program but hard to code.
What is New?
We have just updated this website & still working on adding new content & updating existing features.