Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
The first security incident of this week began on Tuesday evening when the network ad- ministrator received an alert from the central virus console reporting that approximately five percent or about 100 machines had been infected with the latest virus. The virus con- sole listed the IP addresses of the infected machines. The Challenge The network administrator was faced with the challenge of quickly identifying, locating, and disabling the switch ports of the 100 infected users so that appropriate measures could be taken before the virus spread throughout the enterprise | Methodology for Network Security Design Donald Graft Mohnish Pabrai Uday Pabrai JDAT4 SECURITY ISSUES ARE BECOMING increasingly important as civilization moves toward a global information age. The migration away from paperwork-oriented ways of doing things requires the development of digital equivalents for traditional processes such as sealing envelopes signing letters and acknowledging receipt of items. The development of systems with such capabilities is one of the most complex and challenging tasks facing today s engineers. At the same time the rewards to be reaped from breaking such systems acts as an attractive lure for modern criminals. One study estimates that the average traditional bank robber nets 20 000 with a 90 chance of prosecution the average electronic funds transfer nets 500 000 with a 15 chance of prosecution 1 An important subproblem to that of providing security in general is that of providing secure communications between centers of activity i.e. network security. This is distinguished from the subproblem of providing security within a center of activity e.g. a computer . This article addresses the development of a design methodology for network security based on the International Standards Organization ISO 7498 Open Systems Interconnection OSI Reference Model 2 and 7498-2 Security Architecture 3 . It should be pointed out lest one get the impression that all the obstacles are purely technical that legal and practical problems also stand in the way of a transition to a digital society. For example consider a real-world attorney who acts as a go-between to shield a client s identity. She could be replaced with a digital entity but that entity would not enjoy the legal privileges of the attorney-client relationship. The Need for a Network Security Design Methodology If network security systems are designed using ad hoc and unpredictable methods their integrity will be in doubt and the transition to the information age jeopardized. Therefore a .
