Summary

Computer and network security is a serious issue. A constant stream of news reports and results from various industry surveys confirm that security breaches happen more often than thought and cause real damage. Though the target, type and origin of the attacks are quite varied, certain targets such as websites are more likely to be attacked from outside. Internal breaches, though not so much publicized, are also quite common and must be guarded against.

Software vulnerabilities are responsible for a large number of intrusions. A large number of external attacks have been found to exploit known vulnerabilities in widely used software. A significant percentage of these vulnerabilities exist due to inadequate validation of input data, resulting in buffer overflow or stack corruption of the program. Other vulnerabilities include failure to have strong authentication, access control, proper configuration, and other security mechanisms in place.

Security technologies must be used appropriately at different stages of the system lifecycle to make computer and network systems more secure. Defense against security attacks requires a holistic approach combining different security technologies at different stages of the system lifecycle. Development time considerations include proper design for authentication, access control and input validation. The deployment and operations stage require attention to proper configuration for secure operation, isolation through firewalls, continuous monitoring through anti-virus software and IDSs, and adherence to security policies in place.

Application security is an integral part of the overall security picture. Security characteristics of software applications, including authentication mechanism, access control policies, data confidentiality and integrity, interaction with other applications and systems, input validation and so on play an important role in overall security.