Issues in telecom security

smileybloatNetworking and Communications

Nov 20, 2013 (4 years and 7 months ago)


Issues in telecom security

Issues in telecom security I: Communication Assistance to Security Agencies

In the draft Telecom Security Policy released recently, the Department of Telecom (DoT) has
emphasized the importance of the telecom infrastructure as
the backbone information
infrastructure and its importance for all the other sectors of the economy. It has hence outlined
certain important issues which are important for ensuring the security of this critical infrastructure.

Providing adequate communic
ation assistance to security agencies is important to ensure
the uninterrupted flow of data and information for them to smoothly carry out their work.

As part of the need to assist the security agencies in communication services, interception
and monitorin
g of all communication channels is an important aspect of the security policy.

Developing the ability to trace the user of a communication device and providing all tools
and assistance in analysis of information so collected is also equally pertinent.

sues in telecom security II: Security of communication, information and

In the globally integrated economy that we live in today, communication and exchange of
information take place at various places and for various purposes. However, depending up
on the
purpose of the communication, there is a need to incorporate security features in the process of
communication. Hence, it is important to ensure that sensitive information does not fall into the
wrong hands.

Broadly, communication and exchange of in
formation is done at four different levels each serving a
specific purpose, which are as follows:

Individual communication, information and data.

Enterprise communication, information and data.

Commerce & Industry communication, information and data.

sified Government communication, information and data.

Information of the last type is most sensitive and can pose a great threat to national security
if leaked or is accessed by an unauthorized person. Hence, it is necessary to ensure not just
the communi
cation channels, but also the information stored in databases.

Hence, for the security of communication, information and data, physical assets and systems
need to be protected from physical intrusion and unauthorized access.

Issues in telecom security III
: Security of telecom network

Network security can be defined as the prevention of damage, unauthorized use or exploitation of
electronic communications and information systems and the information they contain so as to
maintain the confidentiality, integ
rity and availability of the information stored in the systems.

Given the dependence of other sectors on telecom infrastructure and its security
implications, governments continue to have the lead role in establishing public policy related
to network sec

Being highly dependent on internet connectivity and the possibility of remote access makes
it prone to threats like Denial of Service (DoS) and Distributed Denial of Service (DDOS)
threats like any other computer network system.

The other part of t
elecom network security is the physical strength and capacity of the
network. Physical strength of various components of the network should be good enough to
withstand the wear and tear for a reasonable period of time, while at the same time
optimizing the

cost of the network in the long

The network components, including the ones, which house or support the network such as
building and towers, should be regularly checked for any repair work or replacement if
necessary to ensure that there is no disrup
tion of communication. Similarly, network
communication & information capacity should also be good enough to provide a prescribed
quality of service.

Another threat to network security arises from natural disasters like earth quakes, floods,
landslide, clo
udburst, heavy snow, typhoons, tides or fire, where physical infrastructure of
telecommunication services get destroyed or disrupted; affecting some part of the country

It is hence proposed that emergency services should be developed and made available fo
them at the time of such disasters.

Guiding principles of telecom security policy I: Involve the private sector and
secure international cooperation

In the draft Telecom Security Policy released by the Department of Telecom (DoT) earlier this month,
it has outlined certain guiding principles which it will follow while developing a security policy for the
telecom network.

In the draft outline of the security policy, it has said that in the present scenario wherein
more than 80% of the market is serve
d by private telecom networks, it is important to
secure the cooperation of the private sector, because if the networks are owned by private
players, it is not possible to secure the network, data, information and communication
flowing through and stored i
n them.

Hence, while formulating the security policy and the strategy to implement it, it is important
that private players be actively involved.

Apart from this, securing international cooperation and understanding is also necessary to
enforce telecom se
curity, as telecom networks are interconnected throughout the world.

Guiding principles of telecom security policy II: Policies to be in consonance
with civil liberties and other laws of land

While securing the telecom network is important for the nati
onal security, the policy cannot be out
of sync with the civil liberties and other laws of the land.

Being a democratic country, the Constitution provides for certain civil liberties and
fundamental rights to every citizen of the country. Hence, no secur
ity policy can be in
conflict with these fundamental principles laid out in the Constitution.

As a matter of general principle, since the policy is framed at the national level, local laws
should not come in the way of

implementing this policy. In case of

any conflict that arises,
local laws need to be amended in consonance with the security policy.

Other guiding principles which the DoT has suggested are as follows:

There are times, when a problem can be tackled either through technical solution or throug
change of law. However, following laws has a dragging effect on the introduction of new
technology or services, which poses the risk of having the nation lag behind. Hence, both for
policy formulation and its implementation, if a technical solution exist
s for a problem, it
should get precedence over regulatory framework. This will also ensure that regulations
change as quickly as technology.

There has to be a balance between security and progress. The government can secure
something but not everything. Wh
ile security agencies may want to have access to all the
data and communication but individuals will like to keep all their communication private. To
counter this, the DoT has suggested that the needs of the society should be met but its
practicaliity and
progressiveness should not be compromised.