Information Security

Information Security

Introduction

Information protection is essential. Organizations must be aware of it and gradually move to introduce, or at least, initiate the study of various safety programs covering areas of computer technology, such as communications, operating systems and information management. Protecting the integrity and authenticity of information is an element that has slowly been emerging as a key concept in the professional field. This paper will highlight the awareness of cyber security and recommend an authentic cyber security system for the protection of the organization against cyber attacks (Gattiker, 2004).

Cyber Security

There are different attack patterns. Some are known network attack patterns such as a virus or a worm code while others are unusual traffic patterns that vary from the statistical normal. The Network Intrusion Detection (NID) is a system that possesses the specialty to detect both attacks known and unknown. There is a way in which NIDS cannot detect the attack. When intruder changes the attack code or the attack contains code that is not present in the collection of signatures then NIDS become unable to detect the attack (Anderson, 2001). Firewall is a very useful system. This system provides useful logging, and it also provides protection to the network from different sorts of attacks. First and foremost it should be noted that the firewall does not protect the network that is coming from inside the network. There are certain factors against which a firewall does not provide protection. These factors include various external media such as floppy disks and CDs, pests, worms, internal modems dialing out to the external network, unauthorized wireless network etc (Krause & Tipton, 2008).These are the systems which usually everyone thinks will secure them from any cyber attacks, however, what they don't know is that the intruders can easily trick these systems and can cause you damage.

Recommended Models for Security

Biba Model

The Biba model was developed by Kenneth J. Biba in 1977. It is a formal system of the transition state of computer security policy which describes a system of access control. In this rules are designed to ensure data integrity. The data and issues orders are grouped into levels of integrity. The model is designed such that subjects cannot corrupt data in a line level higher than the subject, or be corrupted by data from a lower level than the subject. The Biba model preserves data integrity. It prevents data modification by unauthorized parties. It prevents unauthorized modification of data by authorized parties and it keeps internal and external consistency (Summers, 2007).

Bell-La Padula Model

The Bell-La Padula model aims to provide a means to formulate the problems associated with information protection and focuses on controlling the flow of information. Faced with access control systems in which the user can enable protection at will. This model uses a mandatory access control matrix that combines access control and hierarchical organizations (Russell, 2010). This model is also based on three sets: the subjects, who have a degree of authority, objects that have a safety rating, and ...