CHAPTER TWENTY-EIGHT
Applied Information Technology Security
THIS CHAPTER looks at the application of Information Technology (IT) security including communications and network security. The principles of network security, client-server, Internet and web-based services, and firewall security systems are all detailed together with connectivity protection resources such as cryptography, digital signatures, digital certificates, and key management policies. IT security also encompasses the use of intrusion-detection systems and the proper implementation of mainframe security facilities.
COMMUNICATIONS AND NETWORK SECURITY
In considering how network security should be implemented, one of the most difficult areas to establish is exactly where the network starts and ends. For many organizations, this is where primary security is established with a “peripheral” defense. In the same manner as a peripheral defense over the physical building, network peripheral defenses work on the basis of having a limited number of entry points, each securely guarded. Unfortunately not all networks work in the same manner and most have considerably more entry points than a normal building. In addition, this form of defense suffers from the same deficiencies as a peripheral defense around a building in that, once inside the building, it is assumed that the intruder has a right to be there and, in many cases, no further security checks are done. Another parallel can be found between the security checkpoint ...