III. COUNTERMEASURES
Many approaches have been developed to counter potential threats to the security of communications systems and networks. These approaches are identified in this section. One countermeasure is encryption, as described in. Encryption systems use a key with their cryptography algorithms to convert plain text (“clear-text”) into encrypted text (“cyphertext”) or vice versa. There are two approaches to encryption. In the private-key system, the same key is used at the transmitting and the receiving channel, and the key is transmitted through a secure channel to both stations. An example of a private key system is the DES (the Data Encryption Standard) of the National Bureau of Standards. The second approach is the public-key approach where separate keys are used at the transmitting and receiving stations, a public procedure for encryption, and a private procedure for decryption. RSA is the most promising public key system. Keys have finite lives, so they must be generated, distributed and historical records kept. This presents distribution problems. See for a review of solutions.
Another important tool in providing network security is authentication. This involves verifying that a user who wants to access the system is who he or she claims to be. Passwords are the most commonly used authentication devices. Another form of authentication applies to messages transmitted over the network to ensure that they were not changed in transmission and do come from the claimed source. PC’s and workstations used in networks present very special authentication problems.
Access control is another important countermeasure to provide network security. This requires identifying the privileges of a user before accessing information or using the services provided by elements of the network. This control will also operate a process to ensure that the user can only access and use what he or she has been granted permission.
Dealing with the threat of natural disasters or catastrophes presents very special challenges. Risk analysis and contingency planning are two tools designed to counter these threats. The module on Corporate Security Management deals with these issues.
The technical and political aspects of the ‘Clipper Chip’ debate should be discussed fully. This topic will not be going away and is a critical management issue.