Skill Level Beginner
- We have spent a lot of episodes going through a lot of stuff to make our networks, and by doing that, we're making networks, we've got web servers running and people are transferring files to each other and domains are being named and life is good except for one big thing. There's no real security here. So, what I wanna do is warn you that we're about to start this big process of taking everything we've learned and making it secure. Now sure, we've covered a little bit of security here and there, but what I want you to do right now and for the next few episodes is I want you to put on your security hat and start thinkin' about how do we lock this down, how do we protect this? How do we keep people from the evils of the internet and how do we keep our nice internet from the evils of our people? So, one of the things we do is we have certain philosophies when we talk about security and one of them is the famous CIA of security.
CIA stands for confidentiality, integrity and availability. As we begin to take what's basically was invented as a very insecure thing, TCP/IP, and make it secure we keep chanting, confidentiality, integrity and availability! So let's talk about this for a minute. First of all, when I say confidentiality, I wanna keep stuff confidential. Now, there's a lot of different ways to do that, but one of the big ways that we're gonna to cover in the next few episodes is the concept of encryption.
How do we take unencrypted data that's flying through the internet and encrypt it so that nobody can see it but the folks we want to see it? So, we're gonna be covering all kinds of interesting stuff like different kinds of encryptions and all that stuff. It's a lot of fun and I think you're gonna enjoy those episodes. But then after that is integrity. Just because something's encrypted, do I know it came from Mike Myers, popular author? If that file was being transferred, did somebody mess it up mid-stream? So, there's a whole lot of stuff that has to do with integrity.
Integrity means is this good in the way that it should be good? We use the word non-repudiation a lot here. Basically, it says if somebody is handing me something, I have no doubt that that's the person who handed it to me. So, we're gonna be going into a lot of integrity tools. You're gonna hear about things like certificates, and hashes and stuff like that that are important for us to deal with, the CIA of security. Last is availability. Now, one of the most dangerous things you can do is if you put enough locks on the door, you can make it so hard to unlock the door that you're not gonna use the door.
So, a big issue for us for security is to make sure that we balance the confidentiality and integrity tools in a way that we can use it. Also, security, when we talk about availability is, is this thing ready to use, is it out there? When we need it, is it ready to go? So we're gonna be talking about things like high availability and stuff like that that say this network device, this server, this whatever it might be, is out there and ready to go. Also availability, we cover something as simple as a backup. If we lose it, do we have a backup available so we can get our data back? A big chunk that deals with the CIA, and a lot of people add this to the end of CIA, are two things called authorization and authentication.
Now, authentication is the concept of giving someone the right to access something. So, for example, a user name and password, or a smart card or something, something that gives you a key to unlock the door to get into a system, whatever that system might be. And then along with that is something called authorization. Authorization means, okay now that you're in, what do you get to do? So, file accesses, time of day, all of these things kinda come into play. So, what I need you to do starting right now and for the next number of episodes, I need you to be thinking about security.
Keep in mind the idea of CIA and don't forget that also authentication and authorization come into play just as well. So get ready and let's get secure.