The information security of any company depends entirely on the security of the database. In any company or organization management systems must provide security apparatus to make certain that the data security that includes access control and password are protected. In some cases, these mechanisms are however not satisfactory to guarantee database security.
A pinion rack encryption or decryption model (P_R model) should be implemented via the field of a record from the database as the fundamental encryption granularity. To become aware of the illegal invasions by intruders a technique of hiding concomitant information system using the P_R model is necessary since it is effective. The P_R model can boost the ability to identify attacks, accelerate encryption or decryption speed. In addition; the model can also reduce response time and improve real-time efficiency by cutting the length of keys and reducing the number of necessary encryption operations. To avoid further manipulation and intrusion by illegal users it is necessary to” keeping separately and triggering simultaneously” key management strategy. This will also prevent the likelihood of legal users from deliberately modifying sensitive data (Huizangh Shen, 2008).
If a computer is linked to an internal network of an organization there will be no security concerns hence information will be accessed by people but it will only be that which is meant for the public. It is also possible for the internal database to be kept separate from the external including the internet. Although this guards against external use it leaves the organizations vulnerable to the misuse of computers from within. It is a fact that the internal database is linked to the Internet. Security systems have been created but you can never be sure of full protection. To be sure of protection no room for hackers should be left, the possibility of illegal access has to be excluded both from within the organization and outside the organization. Constant inspection of the network has to be carried out continuously and this should also involve analysis of the network electronically to eliminate malicious activities without hesitation. The question of security should never be overlooked when connecting an internal network with the Internet. The possible measures should be put in place to prevent any probable interference. The organization without an elaborate security policy is at an even greater risk of illegal intrusion both from within and outside. A security policy will stipulate who will be allowed to use the system and what to be considered as proper use of the system.
Illegal use of the organization’s information poses a greater financial risk. Therefore, optimum sums of money should be set aside to be spent on security.
The rights and obligations of both the systems administrator and the users should be laid out. A security policy should consider how confidential information should be handled. Considerable amounts of resources are needed for detailed and sophisticated security measures including practical use of them. Strong verification and application of classification measures should be well-thought-out. Rescue and restore procedures as well as keeping an eye on the users’ activities must be elaborate. An organization must be composed of an emergency response team consisting of specialists who are capable of working out the security system. To avoid any surprises organized checkups have to be done from time to time. This regular security checkup will result in continuous adaptation to the changing security systems.
In the world today there is the use of a firewall in computers. A firewall is a current workstation computer the hardware and software that allow for faultless defense. One of the characteristics of the firewall is that it has only one point through which the computer is to be connected to the global network of the internet. A combination of all the company’s data goes through this point. This innovation conceals the structure of the internal network; it is also possible to examine any illegal intrusion. In case of emergencies, the services would be configured and stopped from a central point if this becomes necessary. A firewall reduces potential intrusions from illegal users.
It should be brought to attention that outgoing messages from the company information of email or any other form are completely unprotected. To guard against possible illegal users the sent items should be classified. First, there should always be protected from an intrusion from without through the use of a firewall and monitoring network use. Secondly, protection from an intrusion from within by limiting those authorized to it, monitoring network use, and strict identification. Thirdly, the perfection of a secure information system by applying any emergency risk factors. Meticulous preparation in the prevention of losses resulting from an intrusion cannot be overlooked. Any sent information should be classified (Jozsef Kiss, 1996).
According to (U.S. Department of Justice, 2008) if a company’s security system is inadequate and illegal, the user decides to take advantage of this; several things could go wrong with the computer system. The computer system can be affected in such a way that it can become very slow or unavailable. Another risk to the database is that the system can become corrupted in such a way that it will give the wrong answers and work out wrong things. For instance, data that was previously stored in the computer system can be distorted that is it becomes different from what it should be. The biggest risk to a financial institution, for example, could be an improper modification of financial records. Thirdly, the system can be affected in such a manner that it gives information piecemeal. Information is available but cannot be viewed as a whole. In other words, the computer system becomes leaky.
According to (Network Magazine 2001) the company administration should understand the importance of an Intrusion detection system (IDS). An IDS detects and sends a signal warning of attempted invasion into the company’s computer network that is not allowed. Firewalls are intended to filter normal network traffic based on the source and target of the addresses. A firewall can perform the function of raising an alert when forbidden traffic attempts to pass through. An advance of the IDS, known as Network IDS (NIDS) is alert on what comprises legal and illegal networks thus raises alerts when an illegal network is detected.
There are several different types of IDS grouped into three different ways. There are Network and host-based systems. It can sense any maliciously designed packets that can be overlooked by the firewall. The firewall is designed to do simple filtering. The second type of IDS is the Host-based Intrusion Detection system designed for each specific computer system. This kind of IDS can sense such anomalies as failed access attempts or changes to important files. Another type of NIDS is Misuse and anomaly detection systems. This generally involves verification for illegal forms of network traffic. For instance, attempts by users to carry out programs for which they have no justifiable need will be detected.
To be in shape with the company’s system certain preconditions have to be fulfilled before IDS can fit into a company’s security system. There needs to be a clear definition of security policy of what should and should not be permitted into the organization’s network. Such things as password policy, staff access, and Internet facilities should be considered.
On a low-level platform policies elaborating how the high strategy is to be set up or implemented. For example, consider how to configure password management subsystems on NT and UNIX servers also include configuration details for the organization’s Internet firewalls. In essence, the company should have documented tested procedures for employees to follow if a security breach is realized. From time to time regular audits to substantiate that the policies have been passed and are being followed should be done. It should be verified if the defenses are sufficient for the level of risk experienced in the company. Regular scans should be done from the outside and inside the company’s firewalls to ascertain exactly how many ports are open and the amount of information that the firewall is leaking. Personnel in the organization should be qualified to operate and monitor both the built-in and the third-party security tools installed on the servers and network devices.
It should be noted that placing the NIDS On the outside of the external firewall will give an early warning help.NIDS should not just be simply connected to a normal port on the switched network for it will be of little use. Here networks that are only meant for a particular device will be detected. This scenario calls for other different measures to counter them. The first is to connect the NIDS to a spanning port on an appropriate switch. This spanning switch is responsible for receiving all the traffic passing through the switch. It will not choose but will show the whole bandwidth. Secondly, using a network tap device that allows one-way pick up of packets from connections but still can be able to intercept traffic to a single network device. With these mechanisms in place (intrusion detection systems) there will always be warning signs before and during the attack.
References
Congressional Testimony.
Institute of System Engineering. Shanghai Jiao Tong University. 200052 Shanghai, China
Rakesh Raghudharan. Network Magazine. Intrusion Detection Systems: Beyond the first line of defense. 2001.
U.S. Department of Justice. Retail Hacking Ring Charged for Stealing and Distributing
Credit and Debit Card Numbers from Major U.S. Retailers. 2008.