Question Details

INFA 620 Session 4 Discussion Developing a secure information system Security attacks on information systems occur all the time and pertain to every aspect of the attacked system. In other words the attacks are directed against all components of a system. The attackers look for the weakest links in each component and using various tools exploit the potential vulnerabilities. The first step in establishing a secure information system is to consider the potential threats and the corresponding attacks. Next, the risk or the probability of a threat to cause damage to an asset should be evaluated. Once the threat definition and risk analysis are performed, the appropriate solution of defense can be devised. The purpose of this conference topic is to understand the prerequisite steps that should be taken for a successful implementation of security solutions. Read throughChapter 5.2-5.5 of Goodrich & Tamassia and Session 4 Notes, and become familiar with the issues of vulnerabilities. attacks and countermeasures at different layers. We will focus on typical attacks in the Internet affecting confidentiality, integrity and availability mainly on the lower four layers: Layer 1, Physical; Layer 2, Data Link; Layer 3, Network; and Layer 4, Transport. ________________________________________ Assignment: Post your personal viewpoint upon the following issues: • Your boss is asking each engineer from all departments to come up with the one or two sources of network threats and attacks you consider the most critical and why. He wants you to be able to fit your thoughts on an index card. He does not care if the same problem is addressed from several points of view or if you address a very specific "threat of the day" or one from the past that could come back. You are also asked to have an opinion about the potential risks of such threats and attacks. • With limited time and resources your manager wants everyone to suggest the structure of a network defense system to protect the computers and the network. Since this is an open discussion if your favorite idea has been discussed "to death" pick the next. These are pro-active steps. Consider at least two solutions and why one ranks high on your mind. Hint: When describe typical attacks make reference to the corresponding layer and the controls that are employed in that layer to minimize the attack or vulnerability that leads to the attack. For example, in the link layer, there is ARP spoofing and man-in-the-middle attacks. In the IP layer, there is packet sniffing. In the transport layer, there is the SYN flood attack causing Denial of Service. Be as complete as possible and cite your reference materials in your response. We have not talked much about the physical layer. In physical layer, for example, an attacker can cut a cable or jam a wireless signal affecting availability or wiretap affecting confidentiality. You may need to dig up sources on the physical layer security.