Improving Network Security Using Elliptic Curve Cryptosystem

CHAPTER ONE
1.0    INTRODUCTION
1.1    BACKGROUND TO THE WORK
The fast development of the modern Internet technology and information technology cause the individual, enterprise, school and government department joining the Internet, Which cause more illegal users to attack and destroy the network by using the fake websites, fake mail, Trojan horse and backdoor virus at the same time. The target of the attacks and intrusion on the network are computers, so once the intruders succeed, it will cause thousands of network computers in a paralyzed state. By this way, the intruders steal massive information to seek user's benefits.    In addition, some invaders with ulterior motives look upon the military and government department as the target which cause enormous threats for the social and national security.
Besides the problems of the network, the defense measures we usually take also have their own shortcoming; security event is facing other challenge, for example:
• From security event was discovered to be controlled, the basic approach is taken manually and is difficult to control in time.
•  The unknown security event and the network virus are unable to guard against.
• The mis-operation and network data destruction which caused by internal personnel, the spread of network virus, the Trojan horse.
•  The safety equipment’s work dispersedly which are unable to coordinate the management.
They only can form the simple point defense.
Quick information accessibility on the Internet has become increasingly important for growing businesses. As companies begin to spread various business functions to the public network, precautions are highly needed to make sure that their network not been tampered with or does not fall to wrong hands. If a network is accessed by a hacker or dissatisfied employee, it could create havoc for organization proprietary data, affect company productivity negatively, and retard the ability to compete with other businesses. Unauthorized network access can also harm a company’s relationship with customers and business partners who may question the company's ability to protect their confidential information. Furthermore, any part of a network can be susceptible to attacks or unauthorized activity as earlier discussed. Company competitors or even internal employees can violate all routers switches and hosts.
In order to determine the appropriate ways of protecting a company's property against attackers, the Information Technology Manager of such company should understand the attacks that can be instigated and the havoc they can cause to business infrastructures.
As the computers and networked systems increases in the world of today, the need for increase and strong computer and network security also becomes increasingly necessary and important. The increase in the computer network system has exposed many networks to various kinds of internet threats and with this exposure, one can see that the need for improved network security is vital and important in every organization. The security may include identification, authentication and authorization, and surveillance camera to protect integrity, availability, accountability, and authenticity of computer hardware or network equipment. There is no laid- down procedure for designing a secure network. Network security has to be designed to fit the needs of one organization network and not anyone else’s. For instance, a small-sized law company would allow access to case information for authorized users on the outside of the network, and at the same time ensure that full access to the internet is always available to staff on the inside of the network, in other cases to access a case file from the office or on the road. Good network security protects a network in a manner that is consistent with its purpose and precautions must be taken when choosing a network provider for an organization especially one like a law firm.
1.2    PROBLEM DEFINITION
Network security is sometimes more than what people always thought it to be, malware, virus, Trojan, hackers. Network security could be caused by unintentional human error and it could be compromised by human nature as well.
A common network security problem (Employees) most organizations are facing sometimes has to do with the company’s employees and their various errors they make. According to Dr. Michael E. Whitman, CISM, CISSP, and the author of the textbook “Principals of Information Security, “Humans make mistakes; sometimes that is due to inexperience or improper training, and sometimes it is Because an incorrect assumption was reached. But regardless of the reason—and the lack of malicious intent—something as simple as a keyboarding error has the potential to cause a worldwide Internet outage”. (Whitman and Mattord 2012)
The problem of piracy is another common network problem. Piracy is a situation where intellectual properties are compromised although there are technical mechanisms that aid in enforcing copyright laws to tackle this problem.
However it is not only human errors that can cause problem to network security, problems can also be caused by natural forces like fire breakouts, earthquakes, floods lightning etc.
The ways network administrators think about securing networks has been changed by an increasingly dynamic and technically challenging risk environment.
New business models rely on open networks with multiple access points to conduct business in real time, driving down costs and improving response to revenue generating opportunity by leveraging on the ability to quickly exchange critical information, share business files or folders and improve their competitive position. Therefore the urgent need to improve our network security should become a paramount concern to every individual and co-operate organization.