Tag Archives: Networking

Seeing the Light of Security…

A recent article in DFI News discusses some interesting research. The article discusses research by physicists at Heriot-Watt Univ. and Univ. of Strathclyde. They are working with tiny particles of light to create a new way of verifying electronic messages and transactions as authentic, helping address the huge cost of e-crime and avoiding potentially catastrophic fraud, online hacking and theft of digital data.

According to the article discusses how the research shows how photons can be used to verify security and authenticity of any transaction or communication with a “digital signature.” The article specifically states it does the following:

Quantum-based secure signatures mean that an “eavesdropper” — a malevolent third party listening in — cannot fake a signed message which is being sent to multiple recipients.

  • The sender writes the signature with encoded light particles and sends it to the receiver
  • The receiver cannot yet read the signature. However, it can be sure it received an authentic signature
  • To confirm a message is authentic and to also read it, the receiver has to receive both the message (the “signature”) plus additional information required to decipher it
  • The multiple receivers confirm that they have received identical signatures – only then does the sender provide the additional information required to read the signature
  • This process takes place without the user (e.g. a shopper) being required to do anything differently to current security methods

When physicist begin looking at how they can impact and improve e-commerce, you know there is a big amount of money at stake. It will be interesting to see how this can be implemented in the real-world and also how it will be circumvented…


Tagged , , , , , , , , , , , , , ,

Can You Hear Me Know…

The phone call is one of the main mechanisms that businesses get the job done. Whether it is a web-based business or the local brisk and mortar, using the phone is a key business tool. With more and more business opting for the use of Voice over IP (VoIP) rather than the traditional PBX and POTS lines.

As a result, many businesses are ramping up to obtain or improve the ability of their VoIP systems and this means taking a look at the business network LAN and WAN. This means that it is important to audit the network for the existing or future call quality. A recent article from the SANS Internet Storm Center discusses what to consider and provides some examples.

Here is part of the opening content by the author Rob VandenBrink:

In this diary, I’ll do a short description of auditing a WAN link for metrics key to VOIP (Voice over IP) call quality. Just a short proviso – this is not a complete guide to VOIP call quality or auditing for VOIP metrics, it’s meant as a starting point which you can take to your own environment and tailor to your own needs and toolset.

So, why would you want to audit a WAN link for VOIP call quality metrics?
1/ To assess if your edge routers are properly re-marking TOS or DSCP bits in the right packets, for delivery to the WAN (commonly done with PBR, Policy Based Routing)
2/ To assess if your WAN provider is honoring your QOS settings, and delivering the appropriate QOS to your various types of traffic

I’ll assume that there’s at least one Cisco device at each end of the WAN link we’re assessing (the commands described are available on IOS switches and routers), but the functions I’m describing are certainly available in most of the other name-brand network platforms.

So first of all, what will we audit in this setup?
Delay – how long does it take a packet to make a round-trip from one end to the other?
Jitter – how much does Delay change during any given call? (zero would be ideal)
MOS (Mean Opinion Scores) – a mathematical distillation of overall call quality to a single value, with 5 being perfect fidelity.

This is a good article to enforces the fact that doing a little auditing on the “boring” can help improve your businesses bottom line and also add to your overall security/technical program.

Tagged , , , ,
%d bloggers like this: