Local Network Area

Only available on StudyMode
  • Pages : 28 (15891 words )
  • Download(s) : 102
  • Published : April 7, 2013
Open Document
Text Preview
Essay 16

Local Area Networks
Marshall D. Abrams and Harold J. Podell

L ocal area n e t w ork (L AN) communicat io ns s ecurity is address ed in t his essay. LANs are introduc ed as providing: (1) a privat e communicat io ns facility, (2) s ervic es ov er a r elativ ely limit ed g e ographic area, (3) a high dat a rat e for comput er communicat io ns, and (4) common acc ess t o a wid e rang e of d evice s and s ervic es. S ecurity issu es p ert in e nt t o L ANs ar e discuss e d. For e xampl e , LANs shar e many s ecurity probl ems and approach es for t h eir solut io ns wit h poi nt -t o-poi nt co nv e nt i o nal com municatio ns syst ems. In addit io n, L ANs hav e som e uniqu e probl e ms of t h eir ow n: (1) univ ersal dat a availability, (2) passiv e a nd act iv e wir et ap t hr eat s, (3) e nd-t o- e nd acc ess control, and (4) s ecurity group control. Count erm easur es i nclud e physical prot ect io n, and s eparat io n by physical, logical, and e ncryptio n m et h ods. Trust ed N et w ork Int erfac e Units, e ncryption, and k ey distribut io n are also discuss ed. Exampl es ar e discuss ed t o illustrat e t h e diff er e nt approach e s t o L AN s ecurity. T h e e x ampl es i n t his essay are a composit e of s ev eral e xisting product f eat ur es, s el ect ed t o dem o nstrat e t h e us e of e ncryption for co nfid e nt iality, and trust ed syst em t ec h n ology for a local area n e t w ork.

L oca l area net w o rk techn o l ogy/t op o l ogy o ver v ie w T h is essay addr ess es L AN s ecurity from t h e vi e w poi nt of open systems interconnection ( O SI). T hat is, w e focus o n t h e s e v e n-lay er O SI prot ocols (illustrat ed in Figure 1); in fact, w e co nc e n trat e o n t h e low er lay ers. T his focus follo ws t h e hist ory of LANs; t hat is, t h e O SI communicatio ns probl ems had t o b e solv ed b ef or e open systems could be addr ess ed. It is usually not good form t o st art a n essay by discussi ng what is not cov er ed, but t hat is n ec essary in t his cas e. S om e p e opl e t hink of L ANs in t erms of t h e s ervic es t h ey provid e t o us ers. T his vi e wp oint is ess e ntially looki ng at a L AN as a distribut ed syst em, wit h emphasis o n t h e dis-

Local Ar ea Ne tworks

385

tribut ed op erat ing syst em and t h e s ervic e it provid es. T h is essay do es n ot address t his distribut ed proc essing wit hi n t h e t erminals, workst atio ns, and h osts co n n ect ed t o t h e L AN. T hat is an ot h er subj ect for anot h er essay.

Figure 1. S even-laye r ISO p rotocol mod el.

Malicious soft war e such as Troja n h ors es and worms can at t ack L ANs. In fact, t h e physical distribut io n of any n et w ork incr eas es t h e difficulty of prot ect io n. Malicious soft war e is discuss ed in Essay 4. LANs co n n ect comput ers, t erminals, workst atio ns, and ot h er dat a t erminal e quipm e nt (D TE). In t his essay w e will us e “D TE” t o r ef er t o what ev er is co n n ect ed t o t h e L AN wh e n it is n o t important w hat functio n it s erv es. T h e disti nct io n b et w e e n a p erso na l comput er and a workstat io n is not import ant for t h e purpos es of t his e ssay. L et’s st art wit h a functio nal d efinitio n. A L AN is a privat e communicatio ns facility, usually ow n ed by t h e organiz atio n t hat us es it. T h e cost of

386

I n f o r m a t i o n S ec u r i t y

usi ng t h e L AN is fix ed, ind ep e nd e n t of l ev e l of usag e. L ANs provid e a n opport u nity for t h e ow ni ng organiz atio n t o cust omiz e its communicatio ns capabilit i es in many ways, such as carrying audio, vid e o, a nd dat a traffic; providing multipl e simult an e o us co n n ect io ns; and providing s ecurity servic es. A L AN ge n erally s erv es a limit ed ge ographic ar ea, such as a singl e building or a campus, providing a high communicat io ns rat e or bandwidt h and common acc ess t o a wid e rang e of d evic es and s ervic es. In ge n...
tracking img