Chapter 23: Other Efforts to Secure Information and Computer Networks Guide to Computer Network Security

Chapter 23: Other Efforts to Chapter 23: Other Efforts to Secure Information and Secure Information and

Computer NetworksComputer Networks

Guide to Computer Network Guide to Computer Network SecuritySecurity

Kizza - Guide to Computer Network Kizza - Guide to Computer Network SecuritySecurity

22

The protection of information, on which we have come to The protection of information, on which we have come to depend so much, has been a major challenge since the depend so much, has been a major challenge since the birth of the Internet. birth of the Internet. The widespread adoption of computer technology for The widespread adoption of computer technology for business, organization, and government operations, has business, organization, and government operations, has made the problem of protecting critical personal, business, made the problem of protecting critical personal, business, and national assets more urgent. and national assets more urgent. When these assets are attacked, damaged or threatened, When these assets are attacked, damaged or threatened, our own individual, business, and more importantly national our own individual, business, and more importantly national security is at stake. security is at stake. The problem of protecting these assets is becoming a The problem of protecting these assets is becoming a personal, business, and national priority that must involve personal, business, and national priority that must involve everyone. everyone. Efforts and ways must be sought to this end. But getting Efforts and ways must be sought to this end. But getting this massive public involvement will require massive public this massive public involvement will require massive public efforts on several fronts including legislation, regulation, efforts on several fronts including legislation, regulation, education, and activism. In this chapter, we examine education, and activism. In this chapter, we examine these efforts.these efforts.


33

LegislationLegislation

As the Internet web grows, Internet activities increase, and As the Internet web grows, Internet activities increase, and e-commerce booms, and globalization spreads wider, e-commerce booms, and globalization spreads wider, citizens of every nation infuriated by what they see as the citizens of every nation infuriated by what they see as the “bad” Internet are putting enormous and growing “bad” Internet are putting enormous and growing pressures on their national legislatures and other law pressures on their national legislatures and other law making bodies to enact laws that would curb cyberspace making bodies to enact laws that would curb cyberspace activities in ways that they feel best serve their interests. activities in ways that they feel best serve their interests. The citizens’ cause has been joined by special interests The citizens’ cause has been joined by special interests groups representing a variety of causes such as groups representing a variety of causes such as environmental protection, free speech, intellectual environmental protection, free speech, intellectual property rights, privacy, censorship, and security. property rights, privacy, censorship, and security. There is a need for legislation of Cyber spaceThere is a need for legislation of Cyber spaceYet it is not clear and probably unlikely that such actions Yet it is not clear and probably unlikely that such actions will, at best stop and in the least arrest the escalating rate will, at best stop and in the least arrest the escalating rate of illegal activities in cyberspace. Given the number of of illegal activities in cyberspace. Given the number of cyberspace legislations we presently have in place, and the cyberspace legislations we presently have in place, and the seemingly escalating illegal cyberspace incidents, it looks seemingly escalating illegal cyberspace incidents, it looks like the patchwork of legislation will not in any meaningful like the patchwork of legislation will not in any meaningful way put a stop to these malicious activities in the near way put a stop to these malicious activities in the near future future


44

RegulationRegulationConflicting forces from around the Conflicting forces from around the world are forcing governments to world are forcing governments to revisit, amend, and legislate new revisit, amend, and legislate new policies, charters, statutes, and acts.policies, charters, statutes, and acts.In many countries, large numbers of In many countries, large numbers of new regulations are being added to new regulations are being added to the books. the books. Many out-dated laws and acts are Many out-dated laws and acts are being revisited, retooled and brought being revisited, retooled and brought back in service. back in service.


55

Self-RegulationSelf-RegulationThere are several reasons why self-regulation as There are several reasons why self-regulation as a technique of cyberspace policing is appealing a technique of cyberspace policing is appealing to a good cross-section of people around the to a good cross-section of people around the globe. globe. – One reason , supported mostly by the free-speech One reason , supported mostly by the free-speech

advocates, is to send a clear signal to governments advocates, is to send a clear signal to governments around the world, that the cyberspace and its users are around the world, that the cyberspace and its users are willing to self-regulate, rather than have the heavy hand willing to self-regulate, rather than have the heavy hand of government decide what is or is not acceptable to of government decide what is or is not acceptable to them.them.

– Secondly there is realization that although legislation Secondly there is realization that although legislation and enforcement can go a long way in helping to curb and enforcement can go a long way in helping to curb cyber crimes, they are not going to perform the magic cyber crimes, they are not going to perform the magic bullet that will eventually eradicate cyber crimes. bullet that will eventually eradicate cyber crimes.

This self-regulation cyberspace can be done This self-regulation cyberspace can be done through two approaches: hardware and software. through two approaches: hardware and software.


66

Hardware-Based Self-RegulationHardware-Based Self-Regulation– There is a wide array of hardware tools to monitor and police There is a wide array of hardware tools to monitor and police

cyberspace to a degree suited for each individual user of cyberspace to a degree suited for each individual user of cyberspace. Among the tools are those individually set to cyberspace. Among the tools are those individually set to control access, authorization, and authentication. Such control access, authorization, and authentication. Such hardware tools fall mainly in six areas namely: hardware tools fall mainly in six areas namely:

Prevention - Prevention is intended to restrict access to Prevention - Prevention is intended to restrict access to information on the system resources like disks on network hosts information on the system resources like disks on network hosts and network servers using technologies that permit only and network servers using technologies that permit only authorized people to the designated areas. Such technologies authorized people to the designated areas. Such technologies include, for example, firewalls. include, for example, firewalls. Protection - Protection is meant to routinely identify, evaluate, Protection - Protection is meant to routinely identify, evaluate, and update system security requirements to make them suitable, and update system security requirements to make them suitable, comprehensive, and effective. comprehensive, and effective. Detection - This involves deploying an early warning monitoring Detection - This involves deploying an early warning monitoring system for early discovery of security bleaches both planned and system for early discovery of security bleaches both planned and in progress. This category includes all Intrusion detection systems in progress. This category includes all Intrusion detection systems (IDS). (IDS). Limitation - This is intended to cut the losses suffered in cases of Limitation - This is intended to cut the losses suffered in cases of failed security. failed security. Reaction - To analyze all possible security lapses and plan Reaction - To analyze all possible security lapses and plan relevant remedial efforts for a better security system based on relevant remedial efforts for a better security system based on observed failures. observed failures. Recovery - to recover what has been lost as quickly and Recovery - to recover what has been lost as quickly and efficiently as possible and update contingent recovery plans. efficiently as possible and update contingent recovery plans.


77

Software-Based Self-RegulationSoftware-Based Self-Regulation– Software solutions are many and varied in their Software solutions are many and varied in their

approaches to cyberspace monitoring and control. They approaches to cyberspace monitoring and control. They are also far less threatening and, therefore, more user are also far less threatening and, therefore, more user friendly because they are closer to the user. This means friendly because they are closer to the user. This means that it can either be installed by the user on the user’s that it can either be installed by the user on the user’s computer or by a network system administrator on a computer or by a network system administrator on a network server. Software controls fall into three network server. Software controls fall into three categories:categories:

Rating programs: - Rating programs rate cyberspace Rating programs: - Rating programs rate cyberspace content based on a selected set of criteria. Among such content based on a selected set of criteria. Among such criteria are violence, language, and sex content. Software criteria are violence, language, and sex content. Software rating labels enable cyberspace content providers to rating labels enable cyberspace content providers to place voluntary labels on their products according to a set place voluntary labels on their products according to a set of criteria.. of criteria.. Filtering Programs - Filtering software blocks documents Filtering Programs - Filtering software blocks documents and websites that contain materials designated on a filter and websites that contain materials designated on a filter Blocking – Blocking software works best only if all web Blocking – Blocking software works best only if all web materials are rated. But as we all know, with hundreds of materials are rated. But as we all know, with hundreds of thousands of websites submitted everyday, it is impossible thousands of websites submitted everyday, it is impossible to rate all materials on the Internet, at least at the to rate all materials on the Internet, at least at the moment. moment.


88

EducationEducationPerhaps one of the most viable tools to Perhaps one of the most viable tools to prevent and curb illegal cyberspace prevent and curb illegal cyberspace activities is through mass education. activities is through mass education. Mass education involves teaching as many Mass education involves teaching as many people as possible the values of security, people as possible the values of security, responsible use of computer technology, responsible use of computer technology, how to handle security incidents, how to how to handle security incidents, how to recover from security incidents, how to recover from security incidents, how to deal with the evidence if legal actions are deal with the evidence if legal actions are to be followed, and how to report security to be followed, and how to report security incidents.incidents.Along these lines, therefore, education Along these lines, therefore, education should be approached on two fronts: should be approached on two fronts: focused and mass education focused and mass education


99

Focused Education Focused Education – Focused education targets groups of Focused education targets groups of

the population, for example children in the population, for example children in schools, professionals, and certain schools, professionals, and certain religious and interests groups. religious and interests groups.

– Focused education can be sub-divided Focused education can be sub-divided into:into:

formal education formal education

occasional education.occasional education.


1010

Mass Education Mass Education – The purpose of mass education is to involve as The purpose of mass education is to involve as

many people as possible with limited resources many people as possible with limited resources and maximum effect. The methods to achieve and maximum effect. The methods to achieve this is usually through community involvement this is usually through community involvement through community-based activities like through community-based activities like charity walks and other sports related charity walks and other sports related activities. Using an army of volunteers to activities. Using an army of volunteers to organize local, regional, and national activities, organize local, regional, and national activities, the approach similar to common causes like the approach similar to common causes like AIDS, Cancer, and other life threatening AIDS, Cancer, and other life threatening diseases, can break quick and very effective diseases, can break quick and very effective awareness which leads to unprecedented awareness which leads to unprecedented education. education.


1111

Reporting CentersReporting Centers– The purpose of these centers is to collect all relevant The purpose of these centers is to collect all relevant

information on cyber attacks and make that information information on cyber attacks and make that information available to the general public.available to the general public.

Market Forces Market Forces – The rapid rise in cyber crimes has also prompted The rapid rise in cyber crimes has also prompted

collaboration between private industry and government collaboration between private industry and government agencies to work together to warn the public of the dangers agencies to work together to warn the public of the dangers of cyber crimes and outline steps to take to remove the of cyber crimes and outline steps to take to remove the vulnerabilities thereby lessening chances of being attacked. vulnerabilities thereby lessening chances of being attacked. Both major software and hardware manufacturers have been Both major software and hardware manufacturers have been very active and prompt in posting, sending, and widely very active and prompt in posting, sending, and widely distributing advisories, vulnerability patches, and anti-virus distributing advisories, vulnerability patches, and anti-virus software whenever their products are hit. Cisco, a major software whenever their products are hit. Cisco, a major Internet infrastructure network device manufacturer, for Internet infrastructure network device manufacturer, for example has been calling and emailing its customers, mainly example has been calling and emailing its customers, mainly Internet Service Providers (ISPs), worldwide notifying them of Internet Service Providers (ISPs), worldwide notifying them of the possibilities of cyber attacks that target Cisco’s products. the possibilities of cyber attacks that target Cisco’s products.

– It also informs its customers of software patches that could be It also informs its customers of software patches that could be used to resist or repair those attacks. It has also assisted in used to resist or repair those attacks. It has also assisted in the dissemination of vital information to the general public the dissemination of vital information to the general public through its web sites concerning those attacks and how to through its web sites concerning those attacks and how to prevent and recover from them. prevent and recover from them.


1212

ActivismActivism– Widely used and less effective. Widely used and less effective. – AdvocacyAdvocacy

It is a blanket mass education campaign in It is a blanket mass education campaign in which a message is passed through mass which a message is passed through mass campaigns, magazines, and electronic campaigns, magazines, and electronic publications, support of public events and publications, support of public events and mass communication media like television, mass communication media like television, radio, and now the Internet. radio, and now the Internet.

– HotlinesHotlinesHotlines is a technique that makes the Hotlines is a technique that makes the general public take the initiative to observe, general public take the initiative to observe, notice, and report incidents. notice, and report incidents.

Documents

Chapter 23: Other Efforts to Secure Information and Computer Networks Guide to Computer Network Security