| Abstract Multicast enables efficient large-scale content distribution by providing an efficient transport mechanism for one-to-many and many-to-many communication. The very properties that make multicast attractive, however, also make it a challenging environment in which to provide content security. We show how the fundamental properties of the multicast paradigm cause security issues and vulnerabilities. We focus on four areas of research in security for multicast content distribution: receiver access control, group key management, multicast source authentication, and multicast fingerprinting. For each we explain the vulnerabilities, discuss the objectives of solutions, and survey work in the area. Also, we briefly highlight other security issues in multicast content distribution including source access control, secure multicast routing, and group policy specification. We then outline several future research directions. |
Sunday, August 31, 2008
Security issues and solutions in multicast content distribution: a survey
Tuesday, August 26, 2008
Network Security
Comparison with computer security
Securing network infrastructure is like securing possible entry points of attacks on a country by deploying appropriate defense. Computer security is more like providing means to protect a single PC against outside intrusion. The former is better and practical to protect the civilians from getting exposed to the attacks. The preventive measures attempt to secure the access to individual computers--the network itself--thereby protecting the computers and other shared resources such as printers, network-attached storage connected by the network. Attacks could be stopped at their entry points before they spread. As opposed to this, in computer security the measures taken are focused on securing individual computer hosts. A computer host whose security is compromised is likely to infect other hosts connected to a potentially unsecured network. A computer host's security is vulnerable to users with higher access privileges to those hosts.
Attributes of a secure network
Network security starts from authenticating any user, most likely a username and a password. Once authenticated, a stateful firewall enforces access policies such as what services are allowed to be accessed by the network users.[1] Though effective to prevent unauthorized access, this component fails to check potentially harmful contents such as computer worms being transmitted over the network. An intrusion prevention system (IPS)[2] helps detect and prevent such malware. IPS also monitors for suspicious network traffic for contents, volume and anomalies to protect the network from attacks such as denial of service. Communication between two hosts using the network could be encrypted to maintain privacy. Individual events occurring on the network could be tracked for audit purposes and for a later high level analysis.
Honeypots, essentially decoy network-accessible resources, could be deployed in a network as surveillance and early-warning tools. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the actual network being protected by the honeypot.[3]
Security management
Security Management for networks is different for all kinds of situations. A small home or an office would only require basic security while large businesses will require high maintenance and advanced software and hardware to prevent malicious attacks from hacking and spamming.
Small homes
* A basic firewall.
* For Windows users, basic Antivirus software like McAfee, Norton AntiVirus, AVG Antivirus or Windows Defender, others may suffice if they contain a virus scanner to scan for malicious software.
* When using a wireless connection, use a robust password.
Medium businesses
* A fairly strong firewall
* A strong Antivirus software and Internet Security Software.
* For authentication, use strong passwords and change it on a bi-weekly/monthly basis.
* When using a wireless connection, use a robust password.
* Raise awareness about physical security to employees.
* Use an optional network analyzer or network monitor.
Large businesses
* A strong firewall and proxy to keep unwanted people out.
* A strong Antivirus software and Internet Security Software.
* For authentication, use strong passwords and change it on a weekly/bi-weekly basis.
* When using a wireless connection, use a robust password.
* Exercise physical security precautions to employees.
* Prepare a network analyzer or network monitor and use it when needed.
* Implement physical security management like closed circuit television for entry areas and restricted zones.
* Security fencing to mark the company's perimeter.
* Fire extinguishers for fire-sensitive areas like server rooms and security rooms.
* Security guards can help to maximize security.
School
* An adjustable firewall and proxy to allow authorized users access from the outside and inside.
* A strong Antivirus software and Internet Security Software.
* Wireless connections that lead to firewalls.
* CIPA compliance.
* Supervision of network to guarantee updates and changes based on popular site usage.
* Constant supervision by teachers, librarians, and administrators to guarantee protection against attacks by both internet and sneakernet sources.
Large Government
* A strong strong firewall and proxy to keep unwanted people out.
* A strong Antivirus software and Internet Security Software.
* Strong encryption, usually with a 256 bit key.
* Whitelist authorized wireless connection, block all else.
* All network hardware is in secure zones.
* All host should be on a private network that is invisible from the outside.
* Put all servers in a DMZ, or a firewall from the outside and from the inside.
* Security fencing to mark perimeter and set wireless range to this.
Securing network infrastructure is like securing possible entry points of attacks on a country by deploying appropriate defense. Computer security is more like providing means to protect a single PC against outside intrusion. The former is better and practical to protect the civilians from getting exposed to the attacks. The preventive measures attempt to secure the access to individual computers--the network itself--thereby protecting the computers and other shared resources such as printers, network-attached storage connected by the network. Attacks could be stopped at their entry points before they spread. As opposed to this, in computer security the measures taken are focused on securing individual computer hosts. A computer host whose security is compromised is likely to infect other hosts connected to a potentially unsecured network. A computer host's security is vulnerable to users with higher access privileges to those hosts.
Attributes of a secure network
Network security starts from authenticating any user, most likely a username and a password. Once authenticated, a stateful firewall enforces access policies such as what services are allowed to be accessed by the network users.[1] Though effective to prevent unauthorized access, this component fails to check potentially harmful contents such as computer worms being transmitted over the network. An intrusion prevention system (IPS)[2] helps detect and prevent such malware. IPS also monitors for suspicious network traffic for contents, volume and anomalies to protect the network from attacks such as denial of service. Communication between two hosts using the network could be encrypted to maintain privacy. Individual events occurring on the network could be tracked for audit purposes and for a later high level analysis.
Honeypots, essentially decoy network-accessible resources, could be deployed in a network as surveillance and early-warning tools. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the actual network being protected by the honeypot.[3]
Security management
Security Management for networks is different for all kinds of situations. A small home or an office would only require basic security while large businesses will require high maintenance and advanced software and hardware to prevent malicious attacks from hacking and spamming.
Small homes
* A basic firewall.
* For Windows users, basic Antivirus software like McAfee, Norton AntiVirus, AVG Antivirus or Windows Defender, others may suffice if they contain a virus scanner to scan for malicious software.
* When using a wireless connection, use a robust password.
Medium businesses
* A fairly strong firewall
* A strong Antivirus software and Internet Security Software.
* For authentication, use strong passwords and change it on a bi-weekly/monthly basis.
* When using a wireless connection, use a robust password.
* Raise awareness about physical security to employees.
* Use an optional network analyzer or network monitor.
Large businesses
* A strong firewall and proxy to keep unwanted people out.
* A strong Antivirus software and Internet Security Software.
* For authentication, use strong passwords and change it on a weekly/bi-weekly basis.
* When using a wireless connection, use a robust password.
* Exercise physical security precautions to employees.
* Prepare a network analyzer or network monitor and use it when needed.
* Implement physical security management like closed circuit television for entry areas and restricted zones.
* Security fencing to mark the company's perimeter.
* Fire extinguishers for fire-sensitive areas like server rooms and security rooms.
* Security guards can help to maximize security.
School
* An adjustable firewall and proxy to allow authorized users access from the outside and inside.
* A strong Antivirus software and Internet Security Software.
* Wireless connections that lead to firewalls.
* CIPA compliance.
* Supervision of network to guarantee updates and changes based on popular site usage.
* Constant supervision by teachers, librarians, and administrators to guarantee protection against attacks by both internet and sneakernet sources.
Large Government
* A strong strong firewall and proxy to keep unwanted people out.
* A strong Antivirus software and Internet Security Software.
* Strong encryption, usually with a 256 bit key.
* Whitelist authorized wireless connection, block all else.
* All network hardware is in secure zones.
* All host should be on a private network that is invisible from the outside.
* Put all servers in a DMZ, or a firewall from the outside and from the inside.
* Security fencing to mark perimeter and set wireless range to this.
Antivirus software
Antivirus software are computer programs that attempt to identify, neutralize or eliminate malicious software. The term "antivirus" is used because the earliest examples were designed exclusively to combat computer viruses; however most modern antivirus software is now designed to combat a wide range of threats, including worms, phishing attacks, rootkits, trojan horses and other malware. Antivirus software typically uses two different approaches to accomplish this:
* examining (scanning) files to look for known viruses matching definitions in a virus dictionary, and
* identifying suspicious behavior from any computer program which might indicate infection.
The second approach is called heuristic analysis. Such analysis may include data captures, port monitoring and other methods.
Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach. Although some people consider network firewalls to be a type of antivirus software, this categorization is not correct.
* examining (scanning) files to look for known viruses matching definitions in a virus dictionary, and
* identifying suspicious behavior from any computer program which might indicate infection.
The second approach is called heuristic analysis. Such analysis may include data captures, port monitoring and other methods.
Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach. Although some people consider network firewalls to be a type of antivirus software, this categorization is not correct.
Monday, August 25, 2008
Hacker (Computer Security)
In a security context, a hacker is someone involved in computer security/insecurity, specializing in the discovery of exploits in systems (for exploitation or prevention), or in obtaining or preventing unauthorized access to systems through skills, tactics and detailed knowledge. In the most common general form of this usage, "hacker" refers to a black-hat hacker (a malicious or criminal hacker). There are also ethical hackers (more commonly referred to as white hats), and those more ethically ambiguous (grey hats). To disambiguate the term hacker, often cracker is used instead, referring either to computer security hacker culture as a whole to demarcate it from the academic hacker culture (such as by Eric S. Raymond[1]) or specifically to make a distinction within the computer security context between black-hat hackers and the more ethically positive hackers (commonly known as the white-hat hackers). The context of computer security hacking forms a subculture which is often referred to as the network hacker subculture or simply the computer underground. According to its adherents, cultural values center around the idea of creative and extraordinary computer usage. Proponents claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them.
Saturday, August 23, 2008
Security
Trends such as the dynamic perimeter, and the deployment of content-rich and collaborative applications are driving escalating demands for securing, optimizing and having visibility and control across the network. These trends are also driving the need to have a high-performance network in which network and application layer security are an integral part of its core networking functionality, which is a critical enabler for organizations to securely deploy more applications and technologies.
Juniper Networks best-in-class security solutions provide successful mitigation of threats, protect the network against downtime and loss by controlling access to network resources, and ensure risk management and adherence to corporate governance requirements.
Subscribe to:
Posts (Atom)