Question

Due Thursday  (Normal late penalties apply for late submission.)

Respond to the following in a minimum of 175 words (20 points):

Today's datacenters are populated with not only physical hardware but systems hosting virtual machines and containers. These systems communicate locally and around the globe over networks.

Discuss two different examples of threats to various parts of heterogeneous architectures and how they might manifest. Do not forget about the hardware, operating systems, applications, networks, and other integral parts. Discuss the threats in your classmates' posts.

Answer 1

In recent years, there have been major developments in, and deployment of, diverse mobile technology. Security issues in mobile computing are now presenting significant challenges. The ability to move from one network to another, and from one provider to another creating thus vertical and horizontal handoffs, has increased the complexity of mobile security. There are many research groups, such as Hokey and Y-Comm, working on the design of security architectures for 4G networks. Heterogeneous networks are the convergence of wired and wireless networks, other diverse end user devices and other communication technologies which provide very high speed connections. Major security challenges in 4G heterogeneous networks are inherent in current internet security threats and IP security vulnerabilities. These new challenges are: IP address spoofing, user ID theft, Theft of Service, Denial of Service, and intrusion attacks. Therefore, it is necessary to design security solutions which are independent from the network, provider, and end user devices. Existing technique in 4G heterogeneous security networks has not achieved major mobile security requirements such as protecting the mobile equipment; integrity of the hardware, and software. They do not prevent access to the mobile data and the mobile equipment can be used as an attack tool. In addition, current researches in security 4G heterogeneous network do not consider a security management system based on ITU-T M.3400 TMN management functions or any other related standards. In this paper, we propose a management system which is responsible for enforcing security policies and ensuring that security policies continued to be followed. The objective of this security management system is to prevent the mobile equipment from being abused or used as a malicious attack tool. The proposed security management system is consistent with the security specifications defined by ITU-T recommendation M.3400 TMN management functions. Finally, this paper will present a policy-based architecture for the security management system of 4G heterogeneous networks focusing on detection and prevention of malicious attacks. This architecture will consist of intelligent agent, security engine, security policies database, and security administrator.