slide1
Download
Skip this Video
Download Presentation
CHAPTER 8: SECURITY IN COMPUTER NETWORKS

Loading in 2 Seconds...

play fullscreen
1 / 9

CHAPTER 8: SECURITY IN COMPUTER NETWORKS - PowerPoint PPT Presentation


  • 65 Views
  • Uploaded on

CHAPTER 8: SECURITY IN COMPUTER NETWORKS. Encryption Authentication E-Mail Security Secure Sockets Layer IP Security Wireless Security. ENCRYPTION.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CHAPTER 8: SECURITY IN COMPUTER NETWORKS' - tavia


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1
CHAPTER 8:

SECURITY IN COMPUTER NETWORKS

  • Encryption
  • Authentication
  • E-Mail Security
  • Secure Sockets Layer
  • IP Security
  • Wireless Security
slide2
ENCRYPTION

The ease of access provided by most Medium Access Control protocols makes it essential that security measures be taken to protect messages from unauthorized access.

The most common security technique in modern network protocols is public key encryption.

Each user is provided with two “keys”, complex mathematical algorithms that, when applied individually to a message, will encrypt the message and that, when applied together (in either order) to a message, will restore the original message.

Each user makes one of the keys publicly available for anyone to use, and the other is kept private by the user.

To ensure that only the receiver can read a message, the sender encrypts that message with the receiver’s public key, which only the receiver’s private key can decrypt.

CS 447

Chapter 8

Page 193

slide3
AUTHENTICATION

Another aspect of security that concerns network users is authentication, ensuring that the sender of a received message is actually correctly identified.

Public and private keys may be used to implement this, too.

The sender applies his own private key to the outgoing message and the receiver applies the sender’s public key to the message to restore it.

Since only a message that was encoded with the sender’s private key (which only the sender possesses) could be decoded with the sender’s public key, the receiver is assured that the appropriate sender transmitted the message.

CS 447

Chapter 8

Page 194

slide4
DOUBLE PROTECTION

To implement both security and authentication, the sender may apply his own private key and then the receiver’s public key.

The receiver will apply the sender’s public key to what’s left, knowing that the resulting mesage will only make sense if it actually came from the designated sender.

The receiver will take the received message and apply his private key to it, knowing that his unique ability to do so is what guarantees security.

CS 447

Chapter 8

Page 195

slide5
PRIVACY

Applying cryptographic algorithms to electronic mail, systems like PGP (Pretty Good Privacy) have been developed to improve e-mail security.

CS 447

Chapter 8

Page 196

slide6
SECURE SOCKETS LAYER (SSL)

Applications

SSL (like its successor, TLS - Transport Layer Security) combines encryption and authentication to provide secure communication for IP data transfers (e.g., Web browsing, e-mail, instant messaging, IP fax)

SSL Handshake

Protocol

SSL Change Cipher

Spec Protocol

SSL Alert

Protocol

H

T

T

P

TELNET

...

Establishes secure connection by exchanging authentication & encryption keys

Signals the end of the key exchange and the start of the actual use of the authentication and encryption

Indicates errors in SSL handshake process

SSL Record Protocol

Once the SSL connection is established, the application data is reformatted into SSL records (packets)

  • Each packet has a header indicating its data type (application, alert, etc.)
  • Application data is fragmented and compressed as needed
  • Using key known only to sender & receiver, authentication tag is added
  • Entire packet is encrypted and an SSL Record header is added

TCP (or other reliable Transport Layer)

IP

CS 447

Chapter 8

Page 197

slide7
IP SECURITY (IPSEC)

IPv4 uses the Encapsulating Security Payload (ESP) technique to add encryption and authentication to its datagrams via its optional header approach (IPv6 requires its use).

CS 447

Chapter 8

Page 198

slide8
WI-FI PROTECTED ACCESS (WPA)

The IEEE 802.11i standard was developed to address the various threats against wireless LAN security.

CS 447

Chapter 8

Page 199

slide9
ESTABLISHING SECURE WPA CONNECTIONS
  • The access point periodically transmits a beacon through which it is located and identified by the wireless station.
  • Using an authentication key stored in the station and the authentication server, the station proves its identity.
  • Once authenticated, the station and the authentication server derive cryptographic keys to enable secure communication.
  • Using negotiated encryption/ authentication techniques, data is transferred to the access point, decrypted, and then forwarded to the destination station.
  • Deauthentication and key destruction occur when the wireless connection ends.

CS 447

Chapter 8

Page 200

ad