Q1- Management
As an IT security professional, speculate as to what might be the biggest challenge to your management of the technology used to secure your systems.
Information security is the aspect that is concerned with protecting information and information systems from unauthorized access. The main goals of an information security system are to protect the confidentiality, integrity and availability of information. Information security management system is a set of policies which are concerned with information security management or IT related risks. (Bernard et al, 2000) There are several technologies which are used to manage the information security systems. The technologies include the use of digital signatures and encryption techniques in order to offer data security.
However, these technologies have different challenges that come along with their implementation. The challenges have made it a very hard task to manage the technologies. Some of the challenges that face the management of the technology used for securing the information security systems used include:
i. Hacking – These involve crimes committed by people like hackers who tend to decrypt information which has been encrypted by encryption software.
ii. Cyber crimes- These include unauthorized access to data. Some of these forms of unauthorized access to data cannot be completely eliminated from the system.
Q2- Security architecture
Explain why security architecture should be “layered.” Answer conceptually and also include one specific illustration. You may focus on only one technology (e.g., AAA, firewall, etc) if it’s helpful
A security architecture should be layered due to the following reasons.
i. Layering system architecture helps in ensuring modularity, flexibility, ease of use and standardization.
ii. Layering security architecture assists an organization in mapping out all the required and successfully implemented security requirements at various levels of information systems.
Layered security architecture consists of four layers namely:
i. Layer 1 and 2 – Physical and network security
ii. Layer 3 – AAA security
iii. Layer 4 – document workflow security
In out study we are going to focus on AAA Security architecture.
AAA (Authentication/Authorization/Accounting Security)
Authentication – this refers to the process whereby evidence is provided about an entity’s identity. This is done by providing some form of digital identity such as identifier and the corresponding credentials. Some of the credentials used here are passwords, phone numbers and digital certificates. (William, Cheswick, Bellovin & Aviel, 2003)
Authorization – is used to establish whether an entity has the permission to perform some activity in/on the system. It usually comes after an entity has been authenticated and granted access into the system. (William, Cheswick, Bellovin & Aviel, 2003)
Accounting – this involves tracking network resource consumption by users. It involves cost analysis, trend analysis and billing systems. It also helps to record the number of authorization and authentication failures. (William, Cheswick, Bellovin & Aviel, 2003)
AAA protocols used include:
Diameter
TACACS
TACACS+
RADIUS
AAA servers which are in use include:
Access Network AAA (AN-AAA) They help to enable authentication and authorization functions to be performed at the Access Network. (Aboba, 2000)
Broker AAA (B-AAA) – it acts as an intermediary to proxy AAA traffics between roaming partner networks. (Aboba, 2000)
Home AAA (H-AAA) – It’s the AAA server in the roamer’s home network
Visited AAA (V-AAA) – it is the AAA server in the visited network from which a roamer is receiving service. (Aboba, 2000)
References
Bernard Aboba, Jari Arkko, David Harrington, (2000)"Introduction to Accounting Management", RFC 2975, IETF, Oct..
William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin (2003)". Firewalls and Internet security: repelling the wily hacker
