The layered defense approach to security
Your security policy defines what you want to protect and what you expect of your system users.
Many risks are associated with using Internet access to conduct business activities. Whenever you create a security policy, you must balance providing services against controlling access to functions and data. With networking computers, security is more difficult because the communication channel itself is open to attack.
Some Internet services are more vulnerable to certain types of attacks than others. Therefore, it is critical that you understand the risks that are imposed by each service you intend to use or provide. In addition, understanding possible security risks helps you to determine a clear set of security objectives.
The Internet is home to a variety of individuals who pose threat to the security of Internet communications. The following list describes some of the typical security risks you might encounter:
In a passive attack, the perpetrator monitors your network traffic to try to learn secrets. Such attacks can be either network-based (tracing the communications link) or system-based (replacing a system component with a Trojan horse program that captures data insidiously). Passive attacks are the most difficult to detect. Therefore, you need to assume that someone is eavesdropping on everything you send across the Internet.
In an active attack, the perpetrator is trying to break through your defenses and get into your network systems. There are several types of active attacks:
- In system access attempts, the attacker attempts to exploit security loopholes to gain access and control over a client or server system.
- In spoofing attacks, the attacker attempts to break through your defenses by masquerading as a trusted system, or a user persuades you to send secret information to him.
- In denial of service attacks, the attacker tries to interfere with or shut down your operations by redirecting traffic or bombarding your system with junk.
- In cryptographic attacks, the attacker attempts to guess or steal your passwords, or use specialized tools to try to decrypt encrypted data.
Multiple layers of defense
Because potential Internet security risks can occur at a variety of levels, you need to set up security measures that provide multiple layers of defense against these risks. In general, when you connect to the Internet, you should not wonder if you will experience intrusion attempts or denial of service attacks. Instead, you should assume that you will experience a security problem. Consequently, your best defense is a thoughtful and proactive offense. Using a layered approach when you plan your Internet security strategy ensures that an attacker who penetrates one layer of defense will be stopped by a subsequent layer.
Your security strategy must include measures that provide protection across the following layers of the traditional network computing model. Generally, you need to plan your security from the most basic (system level security) through the most complex (transaction level security).
- System level security
- Your system security measures represent your last line of defense against an Internet-based security problem. Consequently, your first step in a total Internet security strategy must be to properly configure basic system security.
- Network level security
- Network security measures control access to your i5/OS operating system and other network systems. When you connect your network to the Internet, you need to ensure that you have adequate network level security measures in place to protect your internal network resources from unauthorized access and intrusion. A firewall is the most common means for providing network security. Your Internet service provider (ISP) can provide an important element in your network security plan. Your network security scheme needs to outline what security measures your ISP provides, such as filtering rules for the ISP router connection and public Domain Name System (DNS) precautions.
- Application level security
- Application level security measures control how users can interact with specific applications. In general, you should configure security settings for each application that you use. However, you should pay special attention to setting up security for those applications and services that you will use from or provide to the Internet. These applications and services are vulnerable to misuse by unauthorized users looking for a way to gain access to your network systems. The security measures that you decide to use need to include both server-side and client-side security exposures.
- Transmission level security
- Transmission level security measures protect data communications within and across networks. When you communicate across an untrusted network like the Internet, you cannot control how your traffic flows from source to destination. Your traffic and the data it carries flows through a number of different systems that you cannot control. Unless you set up security measures, such as configuring your applications to use the Secure Sockets Layer (SSL), your routed data is available for anyone to view and use. Transmission level security measures protect your data as it flows between the other security level boundaries.
When developing your overall Internet security policy, you should develop a security strategy for each layer individually. Additionally, you should describe how each set of strategies will interact with the others to provide a comprehensive security safety net for your business.