Difference between revisions of "Defense mechanisms (firewalls/IDS/IPS)"
(→Timing) |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==Description== | ==Description== | ||
Since the internet boom security is a growing concern. | Since the internet boom security is a growing concern. The opportunity of cyber warfare is a tradeoff between the offensive tools and the defensive mechanisms.<br><br> | ||
Software developers have become more and more aware of the security threats posed upon their software systems. They began to implement development and testing practices to make their code more and more secure.<br><br> | |||
Authentication methods are developed to identify the person accessing a system. These have evolved over the years and are becoming stronger and harder to bypass. | On a system and network level various appliances and software has been developed to prevent intrusion and attacks. Firewalls form the front line of defense against unwanted connections; other systems like Intrusion Detection Systems examine web traffic on a deeper level. Virus scanners and malware removers scan computers for malicious software and remove them. Most critical systems are not connected to the internet to prevent attacks from the outside. The architecture of networks has gotten more complex and secure due to features like VLANs that the newest network appliances offer.<br><br> | ||
Authentication methods are developed to identify the person accessing a system. These have evolved over the years and are becoming stronger and harder to bypass.<br> | |||
==Enablers== | ==Enablers== | ||
<u>Software flaws</u> <br> | |||
Software Architecture<br> | Hackers constantly find new ways to exploit software. These exploits can be a low or high threat to companies and people. The constant threat of new and old ways to harm a computer system has lead to various hard en software solutions to prevent and defend such attacks. Unfortunately the defensive mechanisms have to play catch up to the new exploits that are found daily.<br> | ||
Development of Computer Science<br> | |||
<br><u>Software Architecture<br></u> | |||
Awareness of risks<br> | The software developers nowadays are aware of the threats and the market asks for secure software. This has lead to developments in the way software is build. For example the testing process of software development is gaining more importance making thus improving the quality and security.<br> | ||
<br><u>Development of Computer Science</u><br> | |||
Computer Science has been developing at a very fast pace. New products, technology and research drive the market. Thanks to new technology like evolutionary algorithms and the increasing speed of processor power better and smarter defense mechanisms can be build.<br> | |||
<br><u>Awareness of risks</u><br> | |||
A couple of viruses like the ILOVEYOU virus had a worldwide impact and created hundreds of millions of dollars in software damage and lost e-commerce. These events created public awareness of the risks of viruses and sorts. Due to the growing awareness companies demanded that their infrastructure was better secured. The budgets for defensive mechanisms grew and so did the market.<br> | |||
==Inhabitors== | ==Inhabitors== | ||
Budget<br> | <u>Budget</u><br> | ||
Networks and computer systems can always be more secure. The dominant factor in the security of a system is the budget. The cost of decent security systems can run into the hundreds of thousands of dollars. Thanks to the growing awareness the budget has gotten bigger.<br><br> | |||
<u>Complexity of bug free software</u><br> | |||
It’s almost impossible to write software that is 100% bug free. Practice has proven this. This means that hackers can find exploits in almost any software and thus the only thing that can be done is patch the security hole once it’s found. | |||
==Paradigms== | ==Paradigms== | ||
| Line 28: | Line 38: | ||
==Web Resources== | ==Web Resources== | ||
http://en.wikipedia.org/wiki/Computer_Security | |||
http://www.networkworld.com/columnists/2007/053007antonopoulos.html | |||
Latest revision as of 20:24, 18 May 2008
Description
Since the internet boom security is a growing concern. The opportunity of cyber warfare is a tradeoff between the offensive tools and the defensive mechanisms.
Software developers have become more and more aware of the security threats posed upon their software systems. They began to implement development and testing practices to make their code more and more secure.
On a system and network level various appliances and software has been developed to prevent intrusion and attacks. Firewalls form the front line of defense against unwanted connections; other systems like Intrusion Detection Systems examine web traffic on a deeper level. Virus scanners and malware removers scan computers for malicious software and remove them. Most critical systems are not connected to the internet to prevent attacks from the outside. The architecture of networks has gotten more complex and secure due to features like VLANs that the newest network appliances offer.
Authentication methods are developed to identify the person accessing a system. These have evolved over the years and are becoming stronger and harder to bypass.
Enablers
Software flaws
Hackers constantly find new ways to exploit software. These exploits can be a low or high threat to companies and people. The constant threat of new and old ways to harm a computer system has lead to various hard en software solutions to prevent and defend such attacks. Unfortunately the defensive mechanisms have to play catch up to the new exploits that are found daily.
Software Architecture
The software developers nowadays are aware of the threats and the market asks for secure software. This has lead to developments in the way software is build. For example the testing process of software development is gaining more importance making thus improving the quality and security.
Development of Computer Science
Computer Science has been developing at a very fast pace. New products, technology and research drive the market. Thanks to new technology like evolutionary algorithms and the increasing speed of processor power better and smarter defense mechanisms can be build.
Awareness of risks
A couple of viruses like the ILOVEYOU virus had a worldwide impact and created hundreds of millions of dollars in software damage and lost e-commerce. These events created public awareness of the risks of viruses and sorts. Due to the growing awareness companies demanded that their infrastructure was better secured. The budgets for defensive mechanisms grew and so did the market.
Inhabitors
Budget
Networks and computer systems can always be more secure. The dominant factor in the security of a system is the budget. The cost of decent security systems can run into the hundreds of thousands of dollars. Thanks to the growing awareness the budget has gotten bigger.
Complexity of bug free software
It’s almost impossible to write software that is 100% bug free. Practice has proven this. This means that hackers can find exploits in almost any software and thus the only thing that can be done is patch the security hole once it’s found.
Paradigms
There is a growing awareness of vulnurabilities in software and nowadays security is high on the agenda of software development and architecture.
Experts
Sources for additional information about this driving force. (if you have found people, put the links to them)
Timing
Dates for key milestones in the development of the driving force.
Web Resources
http://en.wikipedia.org/wiki/Computer_Security http://www.networkworld.com/columnists/2007/053007antonopoulos.html