Every network has a security infrastructure. Every network has rules about who can use what resource and what they can use it for. The difference between most networks and a network in which the logic of security has been designed is that the network with designed security has a strong foundation on which to build its controls. Each piece of the security puzzle can be snapped into place with minimum disruption to the network. To build this strong foundation, you must first understand certain key concepts. This lesson teaches those concepts.
After this lesson, you will be able to
• Describe the pillars of information security.
• Apply the pillars of information security to your designs.
• Build a logical security infrastructure by using certificate services.
• Identify the components of a public key infrastructure.
Estimated lesson time: 60 minutes
The Pillars of Information Security
To create a logical design, the vague notion of "secure" must be replaced with concrete maxims. These, in turn, must be explained and interpreted so that you can use them as you create your designs. The pillars of information security include authentication, authorization, confidentiality, integrity, and nonrepudiation. These pillars are described in Table 2-1. Your ability to express each one of these concepts is a part of the foundation on which network security rests.
Tip When you develop a logical design, think of the things that are available to fulfill these needs. Remember, however, that technologies change, as do the ways they are expressed.
About us