Network Security - Network Security: Definition and Objectives:

Definition of Network Security

Network security refers to the set of policies, practices, and technologies designed to protect computer networks and their data from unauthorized access, misuse, modification, or disruption. It ensures that both the hardware (routers, switches, servers) and software (applications, protocols, operating systems) of a network remain secure from attacks.

In simpler terms, network security is like putting locks, alarms, and guards on a network so that only authorized users and devices can access the network resources safely.

Network security combines hardware, software, and administrative controls to safeguard the confidentiality, integrity, and availability (CIA) of information.

Objectives of Network Security

The objectives of network security are often framed around the CIA triad, but there are additional goals as well:

1. Confidentiality

  • Ensures that sensitive data is accessible only to authorized users.

  • Prevents unauthorized disclosure of information.

  • Techniques used: encryption, access control, secure authentication.
    Example: Preventing hackers from reading private emails or financial records.

2. Integrity

  • Ensures that data is accurate and has not been tampered with.

  • Protects data from unauthorized modification or deletion.

  • Techniques used: hashing, digital signatures, checksums.
    Example: Ensuring that a transferred bank transaction amount is not altered by attackers.

3. Availability

  • Ensures that network resources and data are available to authorized users when needed.

  • Prevents disruption of services due to attacks or failures.

  • Techniques used: redundancy, backup systems, disaster recovery, DDoS protection.
    Example: Making sure an online banking website is accessible 24/7.

4. Authentication

  • Verifies the identity of users or devices trying to access the network.

  • Prevents unauthorized access even if someone knows the credentials.

  • Techniques used: passwords, biometrics, two-factor authentication.
    Example: Logging in to your email account with a password and OTP.

5. Authorization

  • Determines what an authenticated user is allowed to do.

  • Ensures users access only the resources they are permitted to.

  • Techniques used: role-based access control (RBAC), access control lists (ACLs).
    Example: A student can view their own grades but cannot modify them.

6. Non-repudiation

  • Ensures that a sender cannot deny having sent a message, and a receiver cannot deny having received it.

  • Techniques used: digital signatures, audit logs.
    Example: An online transaction record proving that payment was sent and received.

7. Accountability

  • Tracks actions of users and devices within the network.

  • Ensures traceability of operations in case of security breaches.

  • Techniques used: logging, monitoring, auditing.
    Example: Recording who accessed confidential files and when.