Preventing or mitigating communication network attacks
Security services for communication networks should take into consideration the following security services for preventing and mitigating attacks:
Authentication
Access control
Non-repudiation
Confidentiality
Integrity
Key management
Note
We've covered most of these concepts in earlier chapters.
Security controls in communication networks
Some of the common security controls used in the communication networks include the following:
HTTP digest authentication: In the digest authentication, there are two request/response pairs to enhance the authentication security.
Secure Multipurpose Internet Mail Extensions (S/MIME): This provides extensions for using public key cryptography for encryption and signing messages, thereby enhancing the security.
Secure Real Time Protocol (SRTP): This protocol provides security functions such as encryption, message authentication, integrity, and replay protection to Real Time Transport protocol (RTP).
Transmission Layer Security (TLS) (covered earlier in this chapter).
Internet Protocol Security (IPSec) (covered earlier in this chapter).
Authenticated Identity Body (AIB): This method is generally used in Session Initiation Protocols (SIP), and allows authenticated identity to be shared across the network.
Authenticated Identity Management (AIM).
Stateful Firewall: This is a firewall that dynamically inspects the packets. To allow/disallow the packets is called stateful.
Network Address Translation (NAT) ) (covered earlier in this chapter).
Application Level Gateways (ALG): These are Gateway applications that work in the firewall and act as an application proxy.
Session Border Controllers (SBC): This provides controls for Voice Over IP (VOIP) communications.
Virtual Private Networks (VPN) ) (covered earlier in this chapter).