How functional and secure AES is? The Philippine electorate will once again go to polls and decide who will lead the nation in the next six years of their lives. This important event which will elect new president, vice president and 12 senators for national posts, and seats are also being contested for provincial, city and municipal levels, is expected to be counted unofficially in 24 hours, concluded or canvassed officially in a few days or so but authorities and observers expected it to be done in less than a week. Last presidential election, it was known three days after close of election precincts. This is especially true for nation states, not only the Philippines, that conducts their elections using automated election or computerized-and-networked voting systems. In PH, the past automated elections were encumbered with technical issues and fraudulent results, uttered and written everywhere by many concerned and affected individuals and institutions alike. This time, we could say
Security, as they may say especially from specialists, without doubt has great impact to stakeholders and organizations that wants all its assets, except those of meant to be public, be protected at all times or when it is warranted.
In the case of a critical information infrastructure, there might be a one-sided answer that IT specialists would at first hand consider before dealing on any other security solutions. Look at how internetworks is link on one end to the other. There are many different ways a multiple network sites could be interconnected, most popularly through the Internet, however the choice still depends on the kind of data that flows through it. Say at Qwerty Auto Elec Company (QAEC in short, fictitious organization name only), the riches and biggest, wanted all of its domestic and international offices linked altogether and must be secured without regard to drawbacks. It does not want its information leaked, no unauthorized access and ingress attacks (e.g. DOS) on the physical and logical layer of the network, et al. Considering no internal misconduct or conspiracy will happen QAEC wanted to achieve a 99.999 if not 100 percent network stability, at least, for a certain time period.
The combination of firewall, VPN and cryptography, to support the security of a large and geographically diverse computing processes, are worthy of the requirements, still, they may only be second to how the network infrastructure is designed and erected. With the initial specification QAEC has laid out, it may need a confined circuit and shall not be interfaced to and from the public Internet. It would require the telco to install it just like how a local area network is rendered or even better, if any.
It might be too costly (at the start) for QAEC to pursue on this direction but the integrity, confidentiality, availability and genuinness of the information is more important over anything else with respect to the interest (where the whole world watch and can be one) of the stakeholders.
The said criteria might also be true to other settings where stability during the event and unploughed information system is expected.
In the case of a critical information infrastructure, there might be a one-sided answer that IT specialists would at first hand consider before dealing on any other security solutions. Look at how internetworks is link on one end to the other. There are many different ways a multiple network sites could be interconnected, most popularly through the Internet, however the choice still depends on the kind of data that flows through it. Say at Qwerty Auto Elec Company (QAEC in short, fictitious organization name only), the riches and biggest, wanted all of its domestic and international offices linked altogether and must be secured without regard to drawbacks. It does not want its information leaked, no unauthorized access and ingress attacks (e.g. DOS) on the physical and logical layer of the network, et al. Considering no internal misconduct or conspiracy will happen QAEC wanted to achieve a 99.999 if not 100 percent network stability, at least, for a certain time period.
The combination of firewall, VPN and cryptography, to support the security of a large and geographically diverse computing processes, are worthy of the requirements, still, they may only be second to how the network infrastructure is designed and erected. With the initial specification QAEC has laid out, it may need a confined circuit and shall not be interfaced to and from the public Internet. It would require the telco to install it just like how a local area network is rendered or even better, if any.
It might be too costly (at the start) for QAEC to pursue on this direction but the integrity, confidentiality, availability and genuinness of the information is more important over anything else with respect to the interest (where the whole world watch and can be one) of the stakeholders.
The said criteria might also be true to other settings where stability during the event and unploughed information system is expected.
Comments