Authors: Ionut – Daniel BARBU, Gabriel PETRICA
The primary scope of the principle of layered security is to achieve a multi-level protection on the data in both at rest or in transit states. A successful approach implies inserting several security barriers to defend against various types of threats. This article presents an overview of Defense in Depth technique applied according to risk analysis performed to ensure data security. Throughout it, several examples of “layers” of protection are detailed and information security is analyzed in the case of three types of cyber-attacks.
. O. Santos, End-to-End Network Security. Defense in Depth, Cisco Press, 2008.
. M. Rosenquist, Defense in Depth Strategy Optimizes Security, Intel Corporation White Paper, 2008.
. National Security Agency, Defense in Depth. A practical strategy for achieving Information Assurance in today’s highly networked environments, [Online] Available: https://www.nsa.gov/ia/_files/support/ defenseindepth.pdf
. Defense in depth, (2015, Mar. 08) [Online] Available: https://www.owasp.org/ index.php/Defense_in_depth
. T. McGuiness, Defense In Depth, White Paper, SANS Institute Reading Room, [Online] Available: http://www.sans.org/reading-room/whitepapers/basics/defense -in-depth-525
. Defense in depth – Computing, (2015, Mar. 22) [Online] Available: http://en.wikipedia.org/wiki/Defense_in_depth_(computing)