Security in enterprise networking: A quick tour

Enterprise networks are complex environments that involve the interconnection of a wide variety of computer systems such as portable PCs and personal digital assistants (PDAs), desktop PCs and workstations, servers, and mainframes, with a wide variety of communication channels such as dial-in and mobile access via modems, local area networks (LANs), wide area networks (WANs), and the Internet. The authors provide an overview of the major areas in the security of enterprise networks to show the variety of issues and techniques developed to address them. Our focus is on the ideas behind these techniques, which can be combined in many ways to create solutions that apply to different situations. The following areas are covered: confidentiality, preventing the disclosure of transmitted data to unauthorized parties; integrity, detecting modification, insertion, deletion, or replay of transmitted data; data-origin authentication, demonstrating that the origin of transmitted data is as claimed; nonrepudiation, preventing either the sender or receiver in a communication from denying their participation; user authentication, demonstrating that the identity of a user or system is as claimed; and access control, guarding against unauthorized use of resources, including the use of resources in an improper manner. We also look at some of the considerations that come into play in designing security solutions for the enterprise networking environment