The continuous deployment of network services over the wide range of public and private networks has led to transactions and services that include personal, and sometimes quite sensitive, data. Examples of services include: pay-per-view, cable telephony, bill payments by phone, credit card charging, and Internet banking. Such services require significant effort not only to protect the sensitive data involved in the transactions and services but to ensure integrity and availability of network services as well. The requirement for employing heterogeneous networks and systems becomes increasingly important, and as the view of traditional distributed systems has changed to a network centric view in all types of application networks, therefore, the complexity of these systems has led to significant security flaws and problems. Existing conventional approaches for security service development over such complex and most often heterogeneous networks and systems are not satisfying and cannot meet users and applications needs; therefore, several approaches have been developed to provide security at various levels and degrees, such as: secure protocols, secure protocol mechanisms, secure services, firewalls, Intrusion Detection Systems (IDS), and later Intrusion Prevention System (IPS), etc. This chapter considers and addresses several aspects of network security in an effort to provide a publication that summarizes the current status and the promising and interesting future directions and challenges. The authors try to present the state-of-the-art in this chapter for the following topics: Internet security, secure services, security in mobile systems and trust, anonymity, and privacy.
TopIntroduction
The continuous deployment of network services over this wide range of public and private networks has led to transactions and services that include personal, and sometimes quite sensitive, data. One only needs to consider simple, everyday services from pay-per-view and cable telephony to bill payments by phone, credit card charging and Internet banking. Such services require significant effort not only to protect the sensitive data involved in the transactions and services, but to ensure integrity and availability of network services as well.
It is easier to protect private networks than public one, so the typical approach is to provide services and increase security and dependability on private networks than public one. Internet has changed our lives including electronic business models, by providing ease of use, flexibility, and enabling service deployment with substantially lower cost. Even private networks are connected to the Internet in order to exploit its multiple advantages, and thus the role of network security is significantly more important in emerging network environments.
As the requirement for employing heterogeneous networks and systems becomes increasingly important, and as the view of traditional distributed systems has changed to a network centric view in all types of application networks, the complexity of these systems has led to significant security flaws and problems. The lack of systematic methods to design and implement secure end systems together with the traditional approach to network service development, using several layers and protocols, leads to vulnerabilities and difficulties in implementing and managing security. Attackers continuously find vulnerabilities at various levels, from the network itself to operating systems, and exploit them to crack systems and services.
Due to the conventional approaches for service development over such complex and most often heterogeneous networks and systems, several approaches are exist to provide security at various levels and degrees: secure protocols, secure protocol mechanisms, secure services (e.g., phone), firewalls, IDS and later IPS, etc.
This chapter considers and addresses several aspects of network security, in an effort to provide a publication that summarizes the main current status and the promising and interesting future directions and challenges. We try to present the state-of-the-art in this chapter for the following topics: Internet security, secure services, security in mobile systems and trust, anonymity and privacy.
The ISO Open Systems Interconnection (OSI) reference model defines seven network layers as well as their interfaces. Each layer depends on the services provided by its intermediate lower layer all the way down to the physical network interface card and the wiring. It provides its services to its immediate upper layer, all the way up to the running application. The seven layers of the OSI reference model are described at the following, from the highest to the lowest one (Tanenbaum & Wetherall, 2010):