Due to the widespread use of PCs and development in networks connecting PCs to company’s mainframe computers, there has been an increase in the chances of feeding undesirable data deliberately by outsiders. a person with a PC at a remote place can use a phone line and illegally collect information without leaving any clues. individual users can copy confidential data from a company’s computer or their details from a remote station connected via a communication network.
Security means preventing the network communication system from falling into the hands of unauthorized people. the sender of data may wish to be assured that only the intended party actually receives designated data. the receiver must authenticate first that it is the one who is authorized to receive data and thereafter the sender exchanges data. Hence, we need to take such steps so as to protect data during transmissions and guarantee that these transmissions are by authorized persons only.
What is Computer Security?
The collection of tools designed to protect data and thwart hackers is known as computer security.
The network security methods adopted must address the following issues:
- Information in a computer system should only be accessed y authorized persons.
- The sharable resources must be available only for use by authorized members.
- Unauthorized persons should not be able to insert spurious messages or records into a file being transmitted in a network.
- It should not be possible for an unauthorized party to perform wiretapping in order to capture data or illicitly copy files and/or programs.
Some commonly known network threats are:
- Identity Interception: The identity of one or more of the users involved in communication is observed for misuse.
- Pretending: The pretense by a user to be a different user in order to gain access to information or to acquire additional privileges.
- Replay: The recording and subsequent replay of communication at some later date.
- Data Interception: The observation of user data during communication by an unauthorized user.
- Manipulation: The replacement, insertion, deletion, or disordering of user data during communication by an unauthorized user.
- Rejection: The denial by a user of having participated in part or all of communication.
- Denial of Service: The prevention or interruption of communication or the delay of time-critical operations.
- Misrouting: The misrouting of a communication path intended for one user to another.
- Traffic Analysis: The observation of information about communication between users (absence/presence, frequency, direction, sequence, etc).