Taken together the multiplication and channel factors create the unique set of security problems normally referred to as network security. However, the term “manifold security” might better describe the situation confronting those responsible for securing personal computers which need to communicate, because, despite the existence of a substantial body of knowledge that deals with the protection of networks of large computer systems, much of it cannot be applied directly to personal computers. There are major differences in design and application. Personal computers are rarely located in secure or controlled environments. Neither personal computer hardware, nor the operating systems that control it, offer much in the way of built-in access control, particularly when it comes to connections with other hardware.

The Multiplication Factor

The security of computers that are connected has to start with individual computer security. You cannot combine a number of insecure computers into a network and create a secure system from the top down (unless you remove all local storage and processing, which in effect reduces the personal computer to a dumb terminal). While the network operating system will provide security measures, these are defeated or weakened if the individual systems are not secure. If someone has uncontrolled use of a PC connected to a network, they have an excellent platform from which to attack the network, not to mention data that have already been transferred from the network to your PC (after all, the whole point of client/server computing is to make valuable data available on the desktop).

Even if the network is securely configured it cannot protect the PC that is not logged on. This problem is not likely to disappear any time soon, given that the default as-delivered state of most PCs continues to be unlocked and unprotected. Consider Windows 95, the first major new desktop operating system in many years. It contains plenty of hooks to which network security features can be attached, but it offers no serious standalone security. The point is clear: intercomputer security begins with everything in the chapter so far, from boot protection to backups, theft prevention to power conditioning, access control to virus prevention. According to the layered approach that this book advocates, each computer connected to another must be

•  Protected by site, system, and file access control.

•  Supported by suitable power and data backup facilities.

•  Watched over by a vigilant operator/administrator.

The multiplication factor implies that protecting two computers is at least twice as difficult at protecting one. For example, a network can actually increase the damage and disruption that a virus can cause. The potential fall-out from the errors, omissions, and malicious actions of individual users is magnified when they are network users. Typically, a higher degree of user supervision is required; however, this is not always forthcoming. Users accustomed to the freedom and independence of standalone computing may find it irksome to submit to the rules for network users.

The Channel Factor

In previous chapters, you have seen how the layered approach to security is built up. So far, the concern has been the protection of personal computers as separate entities, vulnerable to abuse by users putting information in or taking it out via disk, screen, and keyboard. The layered approach to standalone security can be summarized like this:

•  Access control

•  Site — controlling who can get near the system.

•  System — controlling who can use the system.

•  File — controlling who can use specific files.

•  System support

•  Power — keeping supply of power clean and constant.

•  Backup — keeping copies of files current.

•  Vigilance — keeping tabs on what enters and leaves the system.

This arrangement needs to be expanded whenever a computer system is connected to another system. Intercomputer connection opens a channel of communication between machines. This adds a third layer, channel protection, which can be divided into three areas:

•  Channel control

•  Channel verification

•  Channel support

Channel Control

A connection between two computers is one more way for an attacker to steal, delete, and corrupt information, or otherwise undermine normal operations. To prevent a channel of communication from becoming an avenue of attack, you need to control who can:

•  Open a channel.

•  Use a channel.

•  Close a channel.