Abstract
Let us make a statement of fact here that three principles define computer network security. These principles are: prevention, detection, and response. The high degree of iIternetworking and our growing dependence on computers have both, along with others factors, created an insatiable demand for information on and about people and products. This, in turn, has created a new class of hackers and information thieves determined to raid computer networks for proprietary information. All of a sudden, computer networks have come to be pots of honey attracting many. Consequently, the stampede for information from computer networks must be met with strong mechanisms, first to detect those trying to penetrate the system, secondly to prevent them from trying, and thirdly to respond to the attempt, successful or not. Although these three are fundamental ingredients of security, most resources have been devoted to detection and prevention, because if we are able to detect all security threats and prevent them, then there is no need for response. So we will focus on prevention in this chapter, but before we do, let us define the working terms.