Basics

Network Security: The Basics

New to network security? Before you get lost in the bits and bytes, Stephen Northcutt of SANS provides a look at the essential concepts.

By Stephen Northcutt

Page 3

Endpoint Security and Ubiquitous Computing
Wireless networking continues to grow, entire cities are connected with metropolitan wireless, if you have a PDA or advanced cell phone you are connected to the Internet at all times. These devices can communicate with your desktop or laptop computer via Bluetooth. Organizations are going to have to engineer security at the device itself, this is called endpoint security. It is no longer possible to believe in a security model where you are fairly safe because we are connected to a corporate LAN protected by a firewall and an intrusion prevention solution. Rather, we need to consider security in a ubiquitous computing paradigm, always on the Internet wherever we are.

Web, Web Browsers and AJAX
Odds are very high that your organization is spending a lot more money on webmasters, web programmers and the like than you were just five years ago. Most software application development is becoming focused on the web for delivery. This means that most of the information entering and leaving the majority of user computers is via the web. However, web browsers such as Internet Explorer were not purposely designed as security gateways. It is possible to attack a users computer via their browser. Until security becomes the most important priority for web browsing software, problems will continue to exist. This is going to be especially true with the new web 2.0 interfaces that use recently developed extensions to a programming language web browsers support called AJAX to deliver enhanced functionality, but at the cost of increased risk.

SOA and the Future
Web based programs are very complex to create and maintain because they potentially offer so much functionality. For instance, if you have an online stock trading account, you can research, trade, run financial reports and even do online banking. To manage complexity and make it possible to get product to market faster, organizations are learning to simply create atomic services. This is known as Service Oriented Architecture (SOA) and may one day be the primary tool to support mission critical applications. If your organization needs a service, it consults a directory called UDDI to find it. This is similar to using a search engine like Google, but programs do this without human intervention, at least that is the idea.

SOA offers and exposes more business logic than a regular web server, after all each and every service you offer has to be in the directory if you want client programs to find you. A big part of the security battleground of the future will be centered around SOA, limiting the unauthorized release of sensitive information and creating gateways and other tools to protect the services. ##

network security

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors