Definition of the problem
Malware virus has impact the efficiency of workstations at an alarming rate, requiring immediate attention by Information Technology staff to cut the problem and bring it under control.
There is the need to have security mechanisms in place, to cut insurgence of attacks. This research paper will analyze the problems and make recommendations.
Security mechanism
Username Authentication with Symmetric Keys
User’s interaction with computer systems require user - name authentication with “Symmetric Keys” mechanism. This protects application for integrity and confidentiality. The key depends on a single shared secret key, used to sign on and encrypt a message. The user does not need to have any certificate or key, but instead sends user-name and password for authentication. The user shares a secret key with the network services and the shared key generate in real-time and encrypted, using the certificate.
Physical Security
This physical security includes limiting access to network resources by keeping the resources protected from human-made disasters. Physical security protects network services and workstations from misuses by employees and vendors. It also protects the network from hackers trying to change network system configurations.
Anatomy of Malware Attack
By understanding the basic approach used by attackers, it will be better to get equipped to take defensive measures, and to know the basic steps in attack method of network and staff workstation.
Diagram of the attack
http://msdn.microsoft.com/en-us/library/ff648641.aspx
Ancillary considerations need integration and business process integration
Network Administrators use measures to cut malware security threats and improve customer satisfaction. According to studies, customer passwords should never be stored directly on the web server in either plain text or encrypted form. The use a one-way hashing algorithm may enhance log – on security.
Implementation rules
Web developers and Network Security Professionals must carry out and use security techniques and policies. Technology management must follow the three R's of security – recognize, resist, and recover. Network Security practices include the use firewalls, threat detection, encryption, authentication methods, and software updates.
Potential Impediments
Firewalls help to filter out communications and potential attacks of malware that can threaten, by controlling traffic and allowing pre-determined activity to pass through it. Firewalls configured with the domain controller to authenticate username and password. If firewalls are weak the potential impediments are great.
Communications that involve visiting a page with confidential information, need to have services encrypted before sent over the internet. If hackers tried to hack or intercept data packets and are successful the ramifications and consequences are high.
Assessment and countermeasures of risk security
Countermeasures include preventing information gathering, by configuring routers to restrict attackers' responses to foot print requests and systems that host network software, and disabling unused protocols and unnecessary ports, thereby reducing the risk of malware attacks.
Authentication
To gain access to network services, users must enter a log-in ID and password, which authenticate with network security server. The log – in account and passwords used authenticate through Active Directory and the password synchronizes with the central network server that resides on the network.
Authorization
Authorization provides privileges to network resources and what anyone can gain access to on the network. Authorization varies from user to user and from department to department depending on job function. The use of authorization base on the idea, that each user be given certain rights to do certain task. Hence, authorization mechanism should give users the