Term Paper on "Network Hardening Plan"

Term Paper 7 pages (1816 words) Sources: 10

[EXCERPT] . . . .

Access Control

Types of access control

Passwords

Access Control Lists (ACLs).

Active Directory

Biometrics

Security token

Encryption

Public-key cryptography

Digital certificates

OS Hardening

Application hardening

Transmission / Remote access protection protocols

In this paper, we research current technologies for network protection, address remaining protective measures, including but not limited to: Access control, Encryption, PKI and certificates, OS hardening / Application hardening, Transmission / Remote access protection protocols, Wireless security, Antivirus / Anti-spyware software and E-mail security.

Network hardening, a concept which refers to the taking of proactive approach to personal as well as enterprise network security via the implementation of preventive measures against all sorts of cyber attacks before they take place (Mallery,2005) is an important component of ensuring that the basic tenets of information assurance are upheld in every institution. An elaborate network security plan must therefore be adopted and implemented by every corporation in order for information availability, integrity and confidentiality is maintained (Bayne,2002). There is also a need for the information systems to have an excellent level of authentication as well as non-repudiation (DoD,2007).In this paper, we research current technologies for network protection, address remaining protective measures, including but not limited to: Access control, Encryption, PKI and certificates, OS hardening / Application hardening, Transmission / Remote access protection protocols, Wireless security, Antivirus / Anti-spyware software and E-mail security.

Access control

Access control refers to the security features that are used in controlling access to various resources in a given information technology network system (Kim & Solomon, 2010, p.142).Access control is therefore the process of protecting a given resource so that it can be accessed only by the users who are permitted to use or access it. Access control is divided into four main parts. These parts include;

1. Authorization component which defined the entities that are approved for access as well as what resources they can use.

2. Identification component which defines how the entities that are approved are identified.

3. Authentication component which is used for verifying the identities of users/approved entities

4. Accountability component which is used in the tracing of the individual users in order to ensure that all users who make change or access data within the system are appropriately identified. This component is useful for later reporting as well as research.

Kim & Solomon (2010, p.142) further indicated that the four parts are divided into two main phases. These are; policy definition phase and policy enforcement phase. The policy definition phase determines the entities that have access as well as the resources or systems that they can access and manipulate. This phase is operated by the authorization process.

The policy enforcement phase is the phase that grants or even rejects the request for system or resource access on the basis of the authorization as defined by the policy definition phase. This phase is operated by the identification, system authorization as well as accountability processes.

Types of access control

There are two main types of access control mechanisms. These are;

1. Physical access controls and

2. Logical access controls

Physical access controls are the controls that are placed at the entry to buildings, server rooms, parking lots and other protected areas. While the logical access controls includes techniques or systems that are used in controlling the access to computer systems as well as networks.

Figure 1: Access control enforcement

Source: Kim & Solomon (2010, p.145).

Examples of current technologies in access control

Passwords

A password is a plain text of unspaced characters placed in a sequence and is used in determining if a given user has access to a given computer system/resource. Usually, a password is used together with a unique user ID.It is important that the chosen password be strong and be made up of alphanumeric characters (letters, numbers and symbols) in order to protect the given system or resource against a dictionary attack.

Access Control Lists (ACLs).

An Access Control Lists (ACL) is a register of the users (machines, groups and processes) who have been granted permission to access as well as use a certain system resource. An access control list also specifies the type of access that these users have been permitted (NIST,1995).

Access Control List is a list of all the permissions that are associated with a given object. This list also specifies who as well as what is permitted to access the given object. It also specifies the operations that are allowed to be executed against the object.

CNSS (2010) indicated that Access Control List (ACL) is a mechanism that is used in the implementation of access control for a given system resource through the enumeration of the system entities that are allowed to access the specific resources. The enumeration of the entities is either by implicit or explicit means. The mechanism also specifies the access modes that are granted to each and every entity.

Active Directory

Active Directory (AD) is a special directory service that was designed by Microsoft for its Windows domain networks. Active Directory is part of most of the Windows Server operating systems. The Windows Server machines on which the Active Directory runs are known as domain controllers. Active Directory is noted by Microsoft (2011) to serve as the central location for the administration of network resources and security. This is because Active Directory is responsible for the authentication and authorization of all system users as well as computers that lie within a network of a given Windows domain via the assignment as well as enforcement of appropriate security policies on all workstations in a given network. It also performs the role of installing as well as updating of all software on the given network computers. Active Directory is therefore a trademarked Microsoft directory service that is an integral component of the Windows 2000 architecture. In the same manner that other directory services like Novell Directory Services (NDS) operates, Active Directory is a standardized and yet centralized system that effectively automates the, management of network resources, distributed resources, user data as we;; as other distributed resources. It also enables the interoperation with several other directories.

Figure 2: Active directory on a Windows Server Network (Microsoft,2011)

Biometrics

Biometrics is the sciences as well as technology for the measurement and analysis of biological data. However, in the field of information technology, the term refers to the technology which is employed in the measurement as well as analysis of certain human body characteristics like DNA, eye retina, fingerprint, irises, voice patterns, hand measurements as well as facial patterns for the sake of authentication (Sutherland,1998).Biometric authentication comprises of methods that are used to uniquely recognize humans on the basis of theor intrinsic physical as well as behavioral traits. In information technology, biometrics is employed as a special type of identity access management as well as access control. It is used for the identification of individual or groups that are placed under constant surveillance (Jain, Hong, & Pankanti, 2000).

The biometric identifiers are noted by Jain and Ross (2008) to be distinctive and yet measurable characteristics that are used in the identification of individuals. Biometric identifies fall into two categories; behavioral and physiological characteristics.

Security token

A security token is a small device that is carried by the owner and is used in authorizing access to a given network service. The device may be designed in the form of a smart card which is embedded on an object which is commonly used. A security token may also be referred to as hardware token, authentication token, cryptographic token as well as USB token. Security tokens are used in the provision of an extra level of information assurance in a method referred to as two-factor authentication (de Borde,2008).The user is provided with personal identification number that they he or she uses to authorize them as the actual owners of the given device. The device then shows the number that is used in the unique identification of the user to the given service and hence allowing them to log into a particular service. In contrast to the password, security token is a device with physical properties.

Encryption

Encryption is the process of converting data into a special form called cyphertext, Cyphertext is a form of data that cannot be easily understood by any person. Decryption on the other hand is the process of converting this encrypted data back to its previous/intelligible form.

Encryption as well as decryption has for a long time been in use in the military as well as government for the sole purpose of ensuring secrecy in communication. Richardson (2008) indicated that in 2007, 71% of corporations employed encryption for their data in transit while 53% usd encryption for their data storage.

Public-key cryptography

Public key encryption is a special cryptographic system that employs two separate keys. One key is used in locking (encrypting) the plaintext while the other is used in decrypting the cyphertext. One of these keys is made cpublic while the other one is made private.

Digital certificates

Digital certificates are some form of electronic credit… READ MORE

How to Reference "Network Hardening Plan" Term Paper in a Bibliography

Related Term Papers:

Identity Management and Security Awareness Training Plan Corporate Writing

Identity Management and Security Awareness Training Plan

The entire human race is in a constant phase of experiencing technological innovations and advancements, since the globe has crossed the threshold of… read more

Corporate Writing 6 pages (1839 words) Sources: 0 Topic: Computers / IT / Internet

---

Future Wars of the Middle East Will Result Over Water Shortages Term Paper

Water in the Middle East

Governments around the world have a primary concern over water availability and the Middle East and North Africa are no exception. The thesis evaluates the… read more

Term Paper 75 pages (22307 words) Sources: 1+ Topic: Israel / Palestine / Arab World

---

Analyzing Networking Comprehensive Secure Solution Term Paper

).

Indirect Costs

These would include costs incurred in training personnel, operational procedures transformation, increased system outage during initial operation, activity disruptions and software support development.

IP Infrastructure

Printers, servers,… read more

Term Paper 8 pages (3447 words) Sources: 4 Topic: Philosophy / Logic / Reason

---

Security Management Defining an Effective Enterprise Research Paper

Security Management

Defining an Effective Enterprise Security Management Strategy

For any enterprise to attain its long-term and most strategic objectives, the need to have an agile, highly secure framework for… read more

Research Paper 12 pages (3174 words) Sources: 13 Topic: Management / Organizations

---

Teaching on the Cognitive Learning of Adult Term Paper

Teaching on the Cognitive Learning of Adult Kidney Transplant Recipients

The aim of this study was to investigate the effects of individual and group teaching on the cognitive learning of… read more

Term Paper 33 pages (9169 words) Sources: 50 Style: APA Topic: Disease / Virus / Disorder / Injury

---

View 100+ more related papers  >>