The modern network and Internet security vulnerabilities expose state and local government networks to numerous threats such as denial of service (DoS) attacks, computer viruses, unauthorized access, confidentiality breaches, and so forth. For example, in June 2005, the state of Delaware saw a spike of 141,000 instances of “suspicious activity” due to a variant of the mytopb worm, which could have brought the state’s network to its knees had appropriate steps not been taken (Jarrett, 2005; National Association of State Chief Information Officers [NASCIO], 2006b). On an average day, the state of Michigan blocks 22,059 spam e-mails, 21,702 e-mail viruses, 4,239 Web defacements, and six remote computer takeover attempts. Delaware fends off nearly 3,000 attempts at entering the state’s network daily (NASCIO, 2006b). Governments have the obligation to manage their information security risks by securing mission- critical internal resources such as financial records and taxpayer sensitive information on their networks. Consequently, public-sector information security officers are faced with the challenge to contain damage from compromised systems, prevent internally and Internet-launched attacks, provide systems for logging and intrusion detection, and build frameworks for administrators to securely manage government networks (Oxlenhandler, 2003). This chapter discusses some of the cost-effective measures needed to address government agency information security vulnerabilities and related threats.
Key Terms in this Chapter
Firewall: A firewall is a system designed to prevent unauthorized access to or from a network. Firewalls can be implemented in both hardware and software, or a combination of both. There are several types of firewall techniques. These include packet filter, application gateway, circuit-level gateway, and proxy server.
Denial of Service (DoS) Attack: A DoS attack is a type of computer attack that prevents any part of a system on a network from functioning in accordance with its intended purpose. It is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic.
Router: A router is a device used to link two networks. Routers play a key role by transferring and routing all the data communication across the network in a proper mode. Each router maintains a routing table and address resolution protocol (ARP) cache. A router keeps a record of the network node addresses and current network status.
IP Address: It is an identifier for a computer or device on a TCP/IP (transmission-control protocol/Internet protocol) network. Networks using the TCP/IP protocol route messages based on the IP address of the destination. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods.
Confidentiality: Confidentiality is the concept of ensuring that data are disclosed only to authorized subjects (e.g., individuals, processes). Confidentiality protects data from unauthorized disclosure. It could involve ensuring all user data is protected or fields are selectively protected. Traffic flow confidentiality may also be provided, protecting the information that may be derived from a traffic analysis. Confidentiality is one of the three goals of a security program
Availability: This is the property that a given resource will be usable during a given period. It is the state that exists when required automated services or system data can be obtained within an acceptable period at a level and in the form the system user wants. Availability is one the three goals of a security program.
Data Integrity: This is the concept of being able to assure that data or voice transmissions can be maintained in an unimpaired state or condition and is not subject to unauthorized modification, whether that modification is intentional or inadvertent. It protects against modification, insertion, deletion, or replay of data. Data integrity is one of the three goals of a security program.
Virus: A virus is a program or piece of code that is loaded onto your computer without your knowledge and infects programs already in existence by inserting new code. Viruses can replicate themselves and are dangerous because they can quickly use all available memory and bring the system to a halt.
Service Level Agreement (SLA): An SLA is a service contract between a network service provider and a subscriber guaranteeing a particular service’s quality characteristics. These agreements are concerned with network availability and data delivery reliability.
Antivirus Program: It is a utility that searches a hard disk for viruses and removes any that are found. Most antivirus programs include an automatic update feature that enables the program to download profiles of new viruses so that it can check for new viruses as soon as they are discovered.
Complete Chapter List
Rhoda C. Joseph, David P. Kitlan
Pearson Liddell Jr., Robert S. Moore, Melissa Moore, William D. Eshee, Gloria J. Liddell
Rodrigo Sandoval-Almazán, J. Ramon Gil-Garcia
Stephen K. Aikins
Andrea B. Baker, J. Ramon Gil-Garcia, Donna Canestraro, Jim Costello, Derek Werthmuller
Larry Stillman, Randy Stoecker
Chee Wei Phang, Atreyi Kankanhalli
Ioannis P. Chochliouros, Anastasia S. Spiliopoulou, Stergios P. Chochliouros
Donald F. Norris
Christopher G. Reddick
Dimitrios K. Kardaras, Eleutherios A. Papathanassiou
Giorgos Laskaridis, Konstantinos Markellos, Penelope Markellou, Angeliki Panayiotaki
Alex Dunayev, John Paynter
John Paynter, Gabrielle Peko
Mirko Cesarini, Mariagrazia Fugini, Mario Mezzanzanica, Krysnaia Nanini
Sheng-Uei Guan, Yuan Sherng Tay
Vesile Evrim, Dennis McLeod
J. Ramon Gil-Garcia
Eleutherios A. Papathanassiou, Xenia J. Mamakou
Lourdes Moreno, Elena Castro, Dolores Cuadra, Paloma Martinez
Giovanni Maria Sacco
Alfred P. Rovai, Emery M. Petchauer
Esharenana E. Adomi
Carlos Nunes Silva
Jimmie L. Joseph, David P. Cook
Lia Bryant, Iolanda Principe
Eugene J. Akers
Shahidul Hassan, J. Ramon Gil-Garcia
J. Ramon Gil-Garcia, Shahidul Hassan
Jimmie L Joseph
Stephen K. Aikins
Anthony W. Buenger
Ludwig Slusky, Parviz Partow-Navid
Amalia Agathou, Theodoros Tzouramanis
Luis Felipe Luna-Reyes
Luis Felipe Luna-Reyes
Hsiang-Jui Kung, Hui-Lien Tung
Bruce J. Neubauer
Anton Joha, Marijn Janssen
John Wang, Xiaohua Hu, Dan Zhu
Baoying Wang, Imad Rahal, Richard Leipold
Sindoni Giuseppe, Tininini Leonardo
Maria Vardaki, Haralambos Papageorgiou
Feng Xu, Yu-Jin Zhang
Lixin Fu, Wen-Chen Hu
Vincent E. Lasnik
Stephen K. Aikins
Gabriel Puron-Cid, J. Ramon Gil-Garcia
Craig P. Orgeron
Gerald Grant, Derek Chau
Nancy Weigand, Isabel F. Cruz, Naijun Zhou, William Sunna
James Melitski, Marc Holzer, Seang-Tae Kim, Chan-Gun Kim, Seung-Yong Rho
Genie N.L. Stowers
B. Rossi, M. Scotto, A. Sillitti, G. Succi
Chan-Gon Kim, Marc Holzer
Luis F. Luna-Reyes, J. Ramon Gil-Garcia, Cinthia Betiny Cruz
Monideepa Tarafdar, Sanjiv D. Vaidya