Scribd Logo
Upload

Welcome to Scribd!

  • Network Security Intro

    Uploaded by

    Satyam Gupta
    39 views27 pages
    network

    Original Title

    34173566 Network Security Intro

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    network

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    39 views27 pages

    Network Security Intro

    Uploaded by

    Satyam Gupta
    network

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 27

    Enter names of our team members and edit this

    document to suit our needs. I hope this might


    be helpful @satyam

    Network security and Cryptography are the terms involve


    in the securing of data online.
    Cryptography is art of encompassing the principles and
    methods of transforming an intelligible message to
    unintelligible one and then retransforming that message
    back to original form.
    As internet is the worlds largest network of networks,
    whenever the data is transmitting from one user to other
    user, the techniques of network security are used to
    prevent it from unauthorized access.

    some specific security aspects includes.


    1. Security attacks
    2. Security mechanism
    3. Security services

    Passive Attacks
    Passive threats
    Interception
    Release of message contents

    Traffic analysis

    Active Attacks
    Passive threats

    Interruption
    (availability)

    Modification
    (integrity)

    Fabrication
    (authenticity)

    INTERCEPTION

    Source

    Destination

    MODIFICATION

    INTERRUPTION

    Source

    Destination

    Source

    Destination

    FABRICATION

    Source

    Destination

    designed to detect, prevent or recover from a security


    attack
    no single mechanism that will support all services
    required
    cryptographic techniques underlies many of the security
    mechanisms in use.
    specific security mechanisms includes encipherment,
    digital signatures, access controls, data integrity
    pervasive security mechanisms includes, event detection,
    security audit trails, security recovery

    X.800 and RFC 2828 are the major security services.


    X.800 ensures adequate security of the systems or of
    data transfers
    It is defined in 6 ways :
    1. Confidentiality

    4. Non-repudiation

    2. Availability

    5. Access control

    3. Integrity

    6. Authentication

    RFC 2828 provides a specific kind of protection to system resources.

    1. Application backdoors

    6. Macros

    2. SMTP session hijacking

    7. Viruses

    3. Operating system bugs

    8. Spam

    4. Denial of service

    9. Redirect bombs

    5. E-mail bombs

    VirtualPrivateNetwork(VPN)
    Firewalls
    IPSec
    AAA server

    Step 1. The remote user dials into their local ISP and logs into the ISPs
    network as usual
    Step 2. - When connectivity to the corporate network is desired, the user
    initiates a tunnel request to the destination Security server on the corporate
    network. The security server authenticates the user and creates the other
    end of tunnel
    Step 3. - The user then sends data through the tunnel which encrypted by
    the VPN software before being sent over the ISP connection
    Step 4. - The destination Security server receives the encrypted data and
    decrypts. The Security server then forwards the decrypted data packets
    onto the corporate network. Any information sent back to the Remote user
    is also encrypted before being sent over the Internet.

    provides a strong barrier between your private


    network and the Internet
    Types of firewalls :
    1. Application Gateways
    2. Packet filtering
    3. Hybrid systems

    Internet Protocol Security Protocol (IPSec) provides enhanced


    security features such as better encryption algorithms and
    more comprehensive authentication
    IPSec can encrypt data between various devices , such as :

    Router to router

    Firewall to router

    PC to router

    PC to server

    AAA (authentication , authorization and accounting) servers


    are used for more secure access in a remote-access VPN
    environment
    When a request to establish a session comes in from a dial up
    client it checks the following :
    Who you are (authentication)
    What you are allowed to do (authorization)
    What you actually do (accounting)

    Model for Network Security

    Model for Network Security

    using this model requires us to:


    1.
    2.
    3.
    4.

    design a suitable algorithm for the security


    transformation
    generate the secret information (keys) used by
    the algorithm
    develop methods to distribute and share the
    secret information
    specify a protocol enabling the principals to use
    the transformation and secret information for a
    security service

    Model for Network Access Security

    Model for Network Access Security

    using this model requires us to:


    1.
    2.

    select appropriate gatekeeper functions to


    identify users
    implement security controls to ensure only
    authorised users access designated information
    or resources

    trusted computer systems may be useful to


    help implement this model

    derived from Greek and means secret writing.

    The study of enciphering and encoding (on the


    sending end), and decoding (on the receiving end )is
    called cryptography
    necessary

    when communicating over any untrusted


    medium, which includes just about any network,
    particularly the internet

    There are three types of cryptographic algorithms:


    Secret Key Cryptography
    Public Key Cryptography
    Hash Algorithms

    - involves the use of single key


    - as a single key is used for encoding & decoding,
    it is also called symmetric encryption

    - employs two keys and referred as asymmetric


    cryptography
    - one key is used to encrypt the plaintext and the other
    key is used to decrypt the cipher text

    - also

    known as message digests or one-way transformations

    - following things can be done using hash algorithms :


    Message Integrity
    Password Hashing
    Message fingerprint
    Digital Signatures

    Password Protection :
    -passwords are not typically kept on a host or server in plaintext, but are
    generally encrypted using some sort of hash scheme
    -As the passwords are not saved in plaintext on computer systems
    precisely,they cannot be easily compromised.

    Pretty Good Privacy :


    - used to sign or encrypt e-mail messages with mere click of the mouse
    -the software uses SHA or MD5 for calculating the message hash
    - CAST, Triple-DES, or IDEA for encryption
    -RSA or DSS/ Diffie-Hellman for key exchange and digital signatures.

    Cryptography is a particularly interesting field because of the


    amount of work that is, by necessity, done in secret.
    The irony is that today, secrecy is not the key to the goodness of a
    cryptographic algorithm.
    In fact, time is the only true test of good cryptography
    any cryptographic scheme that stays in use year after year is most
    likely a good one
    Cryptography is evergreen and developments in this area are a
    better option.
    . It's important to build systems and networks in such a way that
    the user is not constantly reminded of the security system around

    J.P. Holbrook, J.K. Reynolds. ``Site Security Handbook'


    Douglas R.Stinson. Cryptography: theory and practice:
    2nd edition
    A.Menezes, P.van Oorschot and S.Vanstone: Handbook
    of Applied Cryptography
    Smith, Laurence Dwight. Cryptography, the Science of
    Secret Writing

    You might also like