YesOur global age is practically defined by the ubiquity of the Internet; the worldwide interconnection of
cyber networks that facilitates accessibility to virtually all ICT and other elements of critical
infrastructural facilities, with a click of a button. This is regardless of the user’s location and state of
equilibrium; whether static or mobile. However, such interconnectivity is not without security
consequences.
A telecommunication system is indeed a communication system with the distinguishing key
word, the Greek tele-, which means "at a distance," to imply that the source and sink of the system
are at some distance apart. Its purpose is to transfer information from some source to a distant user;
the key concepts being information, transmission and distance. These would require a means, each,
to send, convey and receive the information with safety and some degree of fidelity that is
acceptable to both the source and the sink.
Chapter K begins with an effort to conceptualise the telecommunication network security
environment, using relevant ITU-T2* recommendations and terminologies for secure telecommunications.
The chapter is primarily concerned with the security aspect of computer-mediated
telecommunications. Telecommunications should not be seen as an isolated phenomenon; it is a critical
resource for the functioning of cross-industrial businesses in connection with IT. Hence, just as
information, data or a computer/local computer-based network must have appropriate level of security,
so also a telecommunication network must have equivalent security measures; these may often be the
same as or similar to those for other ICT resources, e.g., password management.
In view of the forgoing, the chapter provides a brief coverage of the subject matter by first assessing
the context of security and the threat-scape. This is followed by an assessment of telecommunication
network security requirements; identification of threats to the systems, the conceivable counter or
mitigating measures and their implementation techniques. These bring into focus various
cryptographic/crypt analytical concepts, vis a vis social engineering/socio-crypt analytical techniques and
password management.
The chapter noted that the human factor is the most critical factor in the security system for at least
three possible reasons; it is the weakest link, the only factor that exercises initiatives, as well as the factor
that transcends all the other elements of the entire system. This underscores the significance of social
2*International Telecommunications Union - Telecommunication Standardisation Sector
12
engineering in every facet of security arrangement. It is also noted that password security could be
enhanced, if a balance is struck between having enough rules to maintain good security and not having
too many rules that would compel users to take evasive actions which would, in turn, compromise
security. The chapter is of the view that network security is inversely proportional to its complexity. In
addition to the traditional authentication techniques, the chapter gives a reasonable attention to locationbased
authentication. The chapter concludes that security solutions have a technological component, but
security is fundamentally a people problem. This is because a security system is only as strong as its
weakest link, while the weakest link of any security system is the human infrastructure.
A projection for the future of telecommunication network security postulates that, network security
would continue to get worse unless there is a change in the prevailing practice of externality or vicarious
liability in the computer/security industry; where consumers of security products, as opposed to
producers, bear the cost of security ineffectiveness. It is suggested that all transmission devices be made
GPS-compliant, with inherent capabilities for location-based mutual authentication. This could enhance
the future of telecommunication security.Petroleum Technology Development Fun