Authentication involves confirming the identity of an entity, who is trying to access classified information on a particular security domain, against the criteria set for granting admission. It may involve tracing the origin of the user, checking his credentials for ascertaining the veracity of the label to shield the system against any potential malicious attack aimed at data corruption.
Computer forensics is aimed at vetting digital storage media in forensically sound way to identify, preserve, recover, analyze and present facts and opinions regarding the stored information to build up legal evidence. The data can be used to trace people guilty of committing cyber crimes. The evidence has led to the disclosure of masterminds behind cyber crimes in a number of high profile cases and has been accorded legal status by US and European laws.
Internet and www Security
Internet/www security is a discrete branch of computer security concerning itself exclusively towards browser security and general level network security encompassing information disseminating applications and operating systems. The purpose is to enforce measures and rules to ward off malicious attacks over the internet. Internet being an insecure channel for information sharing is vulnerable to extreme risks of phishing and intrusion. Consequently, encryption and related measures are used for protection of data transfer.
Information and Data Integrity
It pertains to safeguarding of critical and sensitive information against any sort of malicious alteration or destruction by unauthorized users using underhand methods to gain access, as the information passes along from one network to another using different security policies. Any malicious, process or device is thwarted from gaining unauthenticated access to confidential or high risk information.
Intrusion detection system can be a device or software application entrusted with the monitoring of network or computer systems to detect malicious acts and security policy violations, for reporting of the same to management station. Advanced systems will try to hamper intrusion attempts. The main purpose is to identify potential intrusion efforts, log information regarding them and report attempts. It can also be used to identify security policy problems, documentation of real time threats and dissuade individuals from security policy violation.
Data and System Integrity
Data and system integrity evaluates the sufficiency of mandated operational and technical parameters for streamlined performance of a system. This will ensure unimpaired functioning by eliminating risks of willful or inadvertent, unauthorized manipulation of the information system. This will serve to indicate the logical exactness and dependability of the hardware, software, operating system of the IT system which is used for implementing protective mechanism for data integrity.
Authorization and Access Control
Access control has been devised to allow selective or restricted access to classified and sensitive information and resources for users who are grouped by the information access privilege levels. Accessing serves to represent the process of entering a particular system after due authentication, using the information or exchanging it, and interacting with other users. Authorization process will crosscheck that only genuine users are granted permission to use resources and information.
Information Warfare and Cyber-Terrorism
Concerted action on the part of foreign intelligence services and terrorist outfits to break into government or confidential, critical servers to gain access to sensitive information pertaining to national security or so by mapping potential security loopholes is termed as cyber-terrorism. Cyber-criminals tend to advance their social or political aims by launching organized internet-based attacks against critical networks for destruction or alteration of information therein for intimidating government or organizations. Information warfare is gradually being adopted as a mighty instrument to wage information war against targeted governments.
Security Models and Architectures
Security models and architectures are dedicated schemes meant to specify and enforce security policies across the network holding critical information. The model may be built upon a formal system of access rights, and distributed computing model to authenticate legitimate users for using information sensitive to organization and deterring malicious access.
Secure Software Engineering
Secure software engineering is the process of putting together a planned, disciplined, and quantifiable approach towards designing, development, operation and maintenance of security software to protect an Information System from the entire array of potential threats that can disrupt an organization. Insights gained from experiences are used for conception, modeling and scaling a security solution to threat problem.
Risk analysis and Risk Management
Risk analysis is carried out by an expert team of Information analysts who possess specific knowledge in the field of Information Assurance and are capable of detecting the slightest vulnerability in a system that can put the entire system to risk. Risk management would incorporate all measures that are implemented to hinder attempts of malicious codes and users to disrupt a system by damaging its critical components, or get access to highly classified information.
Security verification is intended to implement restricted access to classified information by checking the identity of authorized users and weighing the level of privilege accorded to them for information access by system administrators. The verification will cross-check the authentication data supplied by the user against the credential stored in the system to determine the validity of access request.
Cryptography and Coding
Cryptography and coding render usable information into unusable format for unauthorized users by invoking the use of complex mathematical algorithms. The encrypted information can be transformed back into decipherable form by applying the cryptographic key. The technique is used to enhance information security while it is stored in physical media or in transit. Any unauthorized or accidental disclosure of information is thus prevented.
Cryptographic protocols are abstracts or consolidated protocols that carry out a security related activity and apply encryption method to safeguard the information. The protocol defines the proper use of mathematical algorithm meant to render the data useless to unauthorized persons. A comprehensive protocol will carry data pertaining to data structures and representations and information about the point of time wherein it can be applied for implementation of multiple, interoperable versions of the application. Protocols are widely used for secure application level data transport and involves establishing the efficacy of public or private key, authenticating entities, applying non-repudiation methods and constructing symmetric encryption and message authentication materials.
E-commerce mandates extensive use of e-payment and credit card payment over an insecure network. E-commerce protocols lay down the measures to be implemented to pave way for secure credit card payment by bolstering existing credit card infrastructure and easy clearance by financial institutions. It involves Secure Electronic Payment Protocol (SEPP) and other relevant guidelines which are endorsed by leading credit card and e-payment providers.
Agent and Mobile Code Security
Agent and mobile code security implements essential programming paradigm concerned with the Internet app like Java applets and makes provision for a flexible system to have distributed systems structured. Mobile agent is a mobile code which is acting anonymously on behalf of cell phone user to continuously collect and process information. The security protocols specify means to protect hosts which run potentially malicious mobile codes. A protection mechanism is erected to build restricted trust models to save mobile users from potentially harmful mobile codes and hosts.
Security in Sensor Networks
The wireless networks and micro-electro-mechanical systems have grown immensely in the past few years which has contributed towards new computing domain called sensor networks take shape. The ad-hoc networks consist of small, completely programmable sensors that are widely used in the battlefield, medical services, perimeter security systems and equipment maintenance. Security in sensor networks involves managing the various traffic models, identifying potential vulnerabilities and raising the security by adopting an adaptive and proactive approach.
Biometrics involves identifying humans by their distinctive traits or characteristics. It is an important part of information assurance pulling off user identification and access control. The identifiers are unique, measurable characteristics that are used for labeling and describing individuals. They may include a person’s gait, voice, typing rhythm and other recognizable inputs.
Key management involves managing cryptographic keys in a cryptosystem. The scope will include generation of security keys, their exchange, safe storage, use and replacement. It incorporates design of cryptographic protocol, user procedures, key servers and pertinent protocols. Successful key management is vital for the security of a cryptosystem and involves security system policy, user training, inter departmental interactions and coordination between all levels functioning within an organization.
Homeland security broadly refers to the security efforts and practices put in place to protect states against the entire array of terrorist activities including cyber-terrorism. It is a unified national effort to thwart terrorist attacks anywhere within the USA and enhance disaster recovery steps by minimizing damages and plugging the vulnerabilities. The sensitive infrastructure is protected against all criminal advances.
Wireless and Ad Hoc Network Security
A mobile ad-hoc network is composed of a self-configuring infrastructure-less network of mobile devices connected through the wireless. Wireless and ad hoc network security takes care of potential attacks pertaining to the application layer (malicious attacks, repudiation), transport layer (session hijacking, overwhelming the network and subsequent paralyzing), network layer (flooding, Link Spoofing, Link Withholding, Location Disclosure, Black Hole, Grey Hole, Worm Hole, Sybil), data link (malicious Behavior, selfish Behavior, active, passive, internal external), and physical (eavesdropping, traffic jamming, interference).
Information Security Management
Information security is related to activities dedicated towards information and information infrastructure protection pertaining to unauthorized entry, use, disclosure, loss, alteration and destruction. Information security management is the comprehensive term for controls that are to be implemented organization wide to ensure that the techniques and assets deployed for protection of critical information are soundly managing the risks. The risks can be classified after analyzing threats to the information assets which can lead to deliberate or inadvertent loss, destruction and misuse of assets and make the assets vulnerable to attacks. It also incorporates the impact suffered in terms of the potential loss incurred. A set of standards are available to extend assistance to the organizations for implementing programs and checks for mitigation of risks. Such standards are ISO 17799, COBIT etc.
Database and System Security
Database and system security deals with the entire array of protection mechanism pertaining to safeguard the integrity of database content, the owners and the legitimate users. Any willful unauthorized access attempt to database is thwarted and inadvertent access by malicious codes or disgruntled users is deterred.
Database access control will check the privilege levels of a user or program to ascertain the information access permission in a database. The information can be specific like record kinds, particular record, data structures, queries or utilizing path to the aforesaid. The controls are put in place by database owners who are in charge of dedicated DBMS security interfaces.
Data security will deal with protection of particular data chunks from physical corruption, alteration or damage. An audit will confirm that any kind of security breach has not taken place and the kind of measures to be implemented if data trails reveal unauthorized intrusion to the system.
Denial of Service
Denial of service attack is intentional paralyzing of a machine or network resource to make it unavailable to authorized users. The efforts are directed towards temporary or indefinite interruption or suspension of services of a host linked to the Internet. The attacks are targeted at services hosted on top notch web servers like credit card payment gateways, banks, name servers etc. The target machine is saturated with outside communication requests which hinder the machine’s response to legitimate traffic. Alternately, the response time would be so delayed that it would be essentially useless. The communication is severed by causing the victim computer to reset or consuming up its entire resources.