Abstract
M.Comm.
"For better for worse, most computer systems are not in that way today. Security is in
general, a trade-off with convenience of remote access via networks to their
computers. Inevitably, they suffer from some loss of security. It is the purpose of the
research to discuss how Inter-networks connection could be secured." (Cheswick,
1994:3)
By definition, the public Internet is a giant network which is composed of thousands of
small to 'large networks. It is important to realize that the Internet is considered a
public network, similar to the public telephone network, because the general public has
easy access to it. This is great for ease of use and accessibility of a virtually infinite
amount of information, however it creates great challenges to achieving the
information security objectives of confidentiality, integrity, availability, and
accountability.
The confidentiality, integrity, availability, and accountability security objectives, are at
risk due to the increased potential that, once connected to the Internet, any one of the
hundreds of thousands of Internet users could use the Internet services offered by an
organization (i.e. telnet, file transfer protocol, world wide web, etc.) to attack their
private network and gain unauthorised access to computer resources and information.
These attacks could result in confidential and restricted data and computer resources
being controlled by unauthorised people, to the modification and sabotage of
confidential and restricted data and computer resources.
Other major exposures to the information security objectives exist because an
organisation's Internet traffic will, almost always, take a route on a network which the
organisation has little or no control' over. This risk is compounded by the ease of
which network traffic may be accessed without authorisation through the tactics of
snooping, hijacking, and spoofing. Snooping occurs when a "data scope," which may
be a computer with snooping software or a common piece of network analysing
hardware, which is placed on a portion of a network and information is displayed as it
is transmitted through the network. Hijacking, on the other hand, occurs when
Internet traffic is stolen by an imposing host on the same network as the target host.
Spoofing, is similar to hijacking except that a host acts as an impostor of another host
on the same network and steals traffic meant for a target host, at the same time
confusing the target host by sending fake information in the place of the stolen
information. The methods for snooping, hijacking, and spoofing are varied and can be
quite technical but they are common and pose serious exposures to information
security objectives.
The security objective of availability is also at risk due to increased Internet traffic
levels, and denial-of-service attacks like the infamous Internet worm which caused
hundreds of Internet hosts to grind to a halt for several hours.
However, Internet is not secure by default, nor will it perform at its best by default,
thus there is a need for Internet to be secured, and more specifically for PrivateNet
system technology to be applied.
The purpose of this short dissertation is threefold, namely:
To help the computer auditor to understand the information security risks
associated with the client' use of the Internet;
To evaluate the capabilities of the features provided by the PrivateNet system
in addressing the security objectives of availability, confidentiality,
accountability and integrity in an Internet environment; and
To help the information security managers to identify the areas where security
needs to be enhanced in the Internet environment.