Information Technology (IT) Security Systems

Computer Security Systems The report provides new security tools and techniques that computer and IT (Information Technology) professionals, network security specialists, individuals, corporate and public organizations can employ to enhance security of their computer and information systems. In the fast paced IT environment, new threats appear daily that make many organizations to lose data and information that worth billions of dollars. In essence, the computer and IT security professionals are required to develop new computer and IT security tools and techniques to protect their information resources.

The present age of universal computer connectivity has offered both opportunities and threats for corporate organizations Typically, since corporate and public organizations rely on computer and network systems to achieve their business objectives, they also face inherent risks which include electronic fraud, eavesdropping, virus attack and hacking. In essence, some hackers use malicious software with an intention to gain access to corporate computer systems in order to modify, copy or delete a corporate document. Hackers can also use a worm to perform unwanted functions.

Organizations also face a (DoS) denial of service attack to prevent legitimate users to get access to their computer services.(Stallings, 2011). By consequence, organizations may lose data that worth billions of dollar from these attacks if they do not implement effective corporate computer security systems. Objective of this report is to develop the new security tools and techniques that can assist organizations in New Zealand to protect their computer and IT systems.

Other organizations in another countries can also use the outcomes of the report to protect their computer assets and other information resources against attack from external intruders. Computer Security Tools and Techniques Several tools and techniques can be used to enhance security of computer systems. This paper identifies and discusses Cryptographic standards, Data encryption standard, Firewall, Intrusion detection System, Intrusion Prevent System, Antivirus Security Policy, and Wireless Security systems as effective security tools and techniques for computer systems.

Cryptographic Standards Cryptographic standards are among the techniques that can be used to protect unauthorized access to corporate data. The cryptographic standards are the security tools and strategies that organizations can use to enhance the security of their computer resources using the encrypted data known as ciphertext. One of benefits of the cryptographic technique is that the data transferred from one location to other location will change to nonsense text thereby preventing unauthorized individuals to read the data.

(Osterhage, 2011).Typically, only authorized person having the decryption key can read the text send over the network. Rapid development of internet technology has made many organizations to transfer data online from one locations to the others. For example, many multinational corporations have branches scattered all over the world and the employees of these organizations are required to transfer data from one location to the other.

Moreover, websites of many organizations are integrated with application program where customers are required to submit sensitive data such as credit card, social security number and other sensitive data to conduct business transactions. In essence, external intruders can use different techniques such as sniffing, password cracking and eavesdropping to steal sensitive information over the network. Thus, cryptographic security standards are part of the computer security techniques to protect the data transferred over the network, which can only be read by authorized individuals.

Despite the benefits that can be derived from the cryptographic security standards, the security of data using the encryption technique depends on the secrecy of the encryption key. Many intelligence agencies use the cryptographic security standards to protect their data because they use a very strong encryption. In essence, it is critical to keep encryption algorithms very secrete. Although, cryptographic security techniques have been used for more than 100 years ago, however, the system is still being used till today because of its effectiveness for data protections.

Moreover, IT experts have significantly improved on the encryption technique to enhance their effectiveness for computer security systems. Data encryption Standard Data encryption standard is another technique that organizations can employ to protect computer system. Before 1990, the data encryption technique is used to provide security for the ATM (Automated Teller Machine) network system. However, with the development of the internet technology, many financial companies are using the data encryption standard to encrypt data transferred over the network.

With the development of online commerce, it is revealed that the cryptographic security technique is very critical for securing organizational data. Despite the benefits of the data encryption standard, the shortcoming of this security technique is that the attackers can use sophisticated method to attack this security device in order to steal sensitive information, which has made the data encryption standard to become obsolete.

Typically, it was found that the 56-bit key for the data encryption security system was no longer effective against special purpose cracking software or a powerful computer attack. The shortcoming identified in the data encryption standard leads to the development of the advanced encryption standard. Advanced Encryption Standard The AES (Advanced Encryption Standard) uses the 128, 192, and 256 keys for the encryption of 128-bit data blocks. In the present business environment, the AES has become effective tool for the computer security systems.

Typically, many organizations use the AES for the security system of many modern computer systems. Despite the benefits of AES in enhancing security system of the computer systems, however, the algorithms of the public key signatures require high level of computation. However, SHA (secure hash algorithms) delivers short message which is effective for the cryptographic security functions. Secure Hash Algorithms Between 2004 and 2005, there was a wave of computer an information system attacks that cast doubt to virtually most of the exiting security systems.

Typically, the wave of attacks caused a considerable concern to the cryptographic community. In essence, harsh function standard was created to perform different security functions. The Harsh Function is a new computer security standard commonly used because of its flexibility, fast in hardware, laptop, computer server and desktop. Typically, SHA-1, SHA-2 and SHA-3 have been developed and development of secured harsh model has provided a considerable security systems for computer and information resources because no attack has been recorded on the SHA-2 and SHA-3. (Stallings, 2011).

Firewall The wave of new computer and information systems such as LAN (Local Area Network) and WAN (Wide Area Network) among business and public organizations has led to the development of new security systems called Firewall. The LAN is a deployment of the network technology across a specific geographic region. However, WAN Is the deployment of network system across two more geographical regions. The LAN and WAN assist organizations to share files, communicate, transfer and receive document among computer users.

However, network attackers have taken the advantages of these network systems to steal sensitive information. Several security devices have been developed to provide effective security to the network systems. Firewall technology is one of the effective network security systems that assists in protecting the LAN and WAN from external intruders. Typically, firewall assists in blocking the unauthorized access into the network system. In essence, the firewall systems are the hardware and software consisting of filtering router, host computer, IP packet, and application gateway to achieve a filtering and authentication objectives.

The internet is very critical for proper configuration of firewall to enforce network security system. Chadwick,(2012) reveals that many organizations have taken the advantages of rapid development of internet network to interconnect their network and computer systems using the LAN and WAN technologies. While internet offers several advantages to organizations, however, internet also offer inherent risks because of its insecurity. Typically, internet only requires weak or no authentication system making it to be inherently insecure. For example, NFS (Network File System) grant access to any user from any remote host.

Moreover, internet allows passwords to be transmitted across the network making them vulnerable to be captured and replayed. Many internet software or low cost package have a design flaw because of insufficient testing and poor design. In essence, many people and businesses use these package due to their low and availability. However, readily available package such as UNIX Send Mail program has numerous vulnerability in it. Some unscrupulous individuals use sniffer program to monitor network in order to steal sensitive information such as username and passwords.

Moreover, hackers use the Port Scanners to penetrate remote computers over the internet network to capture people's passwords and usernames. All these hacking strategies make the internet network systems to be opened to vulnerability. The firewall is defined as secured internet gateway used to provide security for the organizational network systems. The use of firewall for the network security depends on an organization policy. One of such policies is to disallow the other network system apart from the corporate network systems.

In essence, external users will not be allowed to get access to the corporate network and this is achieved using a strong authentication system. If an external user attempts to get access to the corporate network, the firewall will block the person from getting access. As being revealed in Fig 1, Firewall blocks an unauthorized network to penetrate the enterprise network. One of the benefits of the firewall security system is that it allows organizations to transfer file across the internet in a secured and confidential manner.

Fig 1: Firewall Several advantages organizations can derive from using firewall. First, organizations can use the firewall technology to disallow the insecure network services from entering the corporate network systems. Moreover, the firewall can be used to disallow specific IP addresses of or IP addresses from specific regions. In essence, firewall is cost effective in securing organizational network systems. Despite the benefits that organizations can derive from the use of firewall for the network security systems, however, firewall cannot guarantee total network security thereby inherent with some disadvantages.

For example, the firewall is a central point for network attack. If intruders are able to break through the firewall, they will have unlimited access to the organizational network systems. (Young, 2008). Moreover, firewall may limit a legitimate users from having access to corporate services. However, this legitimate users may deliver a profitable business avenue for the organization if the user eventually has interest in the corporate services. More importantly, the firewall cannot guarantee network protection against backdoor attack.

A backdoor attack is "any mechanism that bypasses a normal security check; it may allow unauthorized access to functionality." (Stallings,2011 p 21-3). For example, an attack can get access through modems as well as importing or exporting floppy disks. Meanwhile, security policy that needs to protect all aspect of corporate computer and network system can be a bottleneck since all corporate connection should past through the firewall systems.

For example, the firewall cannot prevent the Trojan horse from infecting corporate computer system if the program is sent through the Email attachment. Moreover, the firewall cannot protect organizations from inside attack since internal users commit most corporate computer crimes. Consequently, organizations are required to balance money and time in order to offer total security to corporate computer and network systems. Based on the shortcomings identified with the firewall, it is critical to use the IPS and IDS program in collaborate with the firewall to offer maximum computer security system.

The IDS and IPS IDS ( Intrusion Detection System and IPS ( Intrusion Prevention System) are the other security tools and techniques for the computer systems. The IDS and IPS are the computer security tools to detect and prevent unauthorized access to the network system. (Abdel-Aziz, 2009). In another word, The IDS and IPS are the security techniques to detect and prevent actions attempting to compromise the integrity, confidentiality and availability of computer resources.

In essence the goal of IDS and IPS is to identify and prevent entities that attempt to subvert security control. As being revealed in Fig 2 and Fig 3, the IDS and IPS detects and prevents unauthorized access to computer resources. However, both the IDS and IPS are passive in blocking the traffic, and one of the examples of IDS is HIDS (Host-Based Intrusion Detection System). The HIDS uses combination of heuristics, rules, and signatures to identify unauthorized activities within the computer network system.

Moreover, physical IDS is the act of using security camera, security guards, Biometric Card, Motion Sensors and Man Traps to identify unauthorized access. Intrusion prevention system performs the same process of identifying, gathering and prevent activities into the company resources. Fig 2: Intrusion Detection system Fig 3: Intrusion Prevention System Antivirus Security Policy Another computer security system is to implement a comprehensive policies to counter virus attacks. As being discussed in the previous section, virus and worms can cause immense damages to corporate computer systems.

The most effective security policy against virus and worm attack is prevention. It is very critical not to allow virus or worms getting access into the computer systems. Most effective prevention is to install antivirus program to all computer systems to prevent virus attacks. Essentially, organizations should use a fourth generation antivirus technology for full protection of computer systems. Advanced antivirus system is the most sophisticated technology for the computer security.

This program is able to detect and identify the most complex polymorphic viruses and at the same time maintaining the fast scanning speed. The IBM has also developed a powerful antivirus called Digital Immune System, which delivers a comprehensive approach for protection against virus. The IBM developed the Digital Immune in response to the widespread of internet-based virus attack. "The objective of this system is to provide rapid response time so that viruses can be stamped out almost as soon as they are introduced.

When a new virus enters an organization, the immune system automatically captures it, analyzes it, adds detection and shielding for it, removes it, and passes information about that virus to systems running IBM AntiVirus so that it can be detected before it is allowed to run elsewhere." (Stallings, 2011 p 21-15). Wireless Security System Rapid development of wireless computer system also gives rise to wireless security. The essence of wireless network is to offer rapid and flexible internet and network systems.

For example, WLAN (Wireless Local Area Network) assists employees to work outside the corporate location. Moreover, wireless network assists people to work with their laptops from any location. In essence, the Wi-Fi has assisted people to enjoy internet connection at any location where WIFI is available. However, wireless network system is inherent with security risks and several security loopholes. For example, encryption technique cannot offer total protection for wireless network. Moreover, an hacker can easily tap the radio waves and get access to corporate data.

WTLS (Wireless Transport Layer Security) protocol is a wireless security tool that delivers security service between the WAP (Wireless Application Protocol) gateways and mobile devices. In essence, the WPA is a set of wireless security system that offers authentication, access control and privacy. Typically, the WPA provides authentication by generating temporary keys for the client and the AP (Access Point) of the wireless link. The access control is also.