Network Encryption Methods
|
|
- Leon Shaw
- 5 years ago
- Views:
Transcription
1 Network Encryption Network Encryption Methods CSC362, Information Security Objectives understanding the impact of employing encryption at different protocol layers application layer encryption transport layer encryption network layer encryption link layer encryption Balancing Competing Demands network cryptography is usually applied at a specific protocol layer rather than throughout the protocol stack the goal is to balance two competing goals: application transparency what effects does encryption have on the design and implementation of a network application? network transparency what impact does encryption have on normal network transactions? greater transparency means fewer changes, less intrusive application layer encryption offers advantages but has costs the message is encrypted/decrypted in its entirety by the end systems (applications) no (cryptographic) involvement from devices at other layers advantage: per E2E principle, potentially more secure because user has greater control over the process costs: sacrifices application transparency for network transparency; PDU data is encrypted but PDU headers are visible to attackers 1
2 traditionally, application and transport layers connect through the interface of a network socket abstractions that represent endpoints for network communications usually provided by OS services for example, to open a TCP network connection, the host process must open a socket at an internal software port for two- way communication with another host s port e.g., Microsoft s.net framework offers a connection socket with a set of methods for managing full two- way functionality for sending and receiving data encryption/decryption at this layer is usually an add- on e.g., Secure Socket Layer (SSL) originally developed by Netscape current standards called Transport Layer Security (TLS) TLSv.3 network layer is another option datagrams are encrypted by routers for transmission across an insecure channel at a later stage, they are decrypted by another router this promotes a high degree of application transparency and relieves the message transport layer of added duties but, there are decided costs at the network layer IP Security (IPSec) is a common standard for network layer encryption and is the basis for many Virtual Private Networks (VPNs) 2
3 link layer encryption attempts to protect the actual communication channel from interception and eavesdropping this is especially important for broadcast media we will examine WPA2 (Wi- Fi Protected Access 2) as an illustration of how encryption is employed for wireless local area networks Encryption and the Network Protocol Stack chief points to consider when examining a form of protocol layer encryption/decryption which protocol layer applies? where/when is the plaintext visible? (visibility) what are the transparency factors? (transparency) where do the keys reside and how are they updated? (key management) how do we authenticate the source of encrypted packets (authentication) Application Layer is one of the oldest Internet network applications originally conceived for ARPANET in 1965, but introduced in 1969 as an Internet standard Simple Mail Transfer Protocol (SMTP) was standardized in RFCs 821, 822 unlike other Internet applications, employs multiple protocols and extensions application layer encapsulates the encryption/decryption tasks: application PDU is encrypted by sender and decrypted by receiver or destination 3
4 1. User A employs a user agent to prepare a message. 2. User A sends the message made by the mail agent to a mail transfer agent (daemon) 3. mail daemon uses SMTP to send a message from User A to the local mail server or gateway 4. the local mail server can store and forward messages; it places the message in the mail queue for subsequent transmission 5. mail server uses SMTP to communicate with the destination mail server and transfers the message 6. the destination mail server transfers the message to User B s assigned inbox storage 7. User B fetches the message from his/her inbox using mail access protocol (MAP) 8. User B employs the mail user agent to read the message SMTP is primarily a PUSH protocol, i.e., messages are sent from the client to the server when the client initiates the contact client (local mail server) server (destination mail server) MAPs are primarily PULL protocols, i.e., the destination host initiates the last fetch mail server to mail user agent SMTP is a messaging protocol (like other application layer protocols here it is simulated using a telnet session $ telnet example.org 25 S: 220 example.org ESMTP Sendmail /8.13.1; Wed, 30 Aug 20xx 07:36: C: HELO mailout1.phrednet.com S: 250 example.org Hello ip068.subnet71.gci- net.com [ ], pleased to meet you C: MAIL FROM:xxxx@example.com S: <xxxx@example.com>... Sender ok C: RCPT TO:yyyy@example.com S: <yyyy@example.com>... Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself From: Dave\r\nTo: Test Recipient\r\nSubject: SPAM SPAM SPAM\r\n\r\nThis is message 1 from our test script.\r\n.\r\n S: k7tkibyb Message accepted for delivery C: QUIT S: example.org closing connection Connection closed by foreign host. $ 4
5 4/12/17 few encryption technologies have had the longevity of Phil Zimmerman s PGP ( Pretty Good Privacy ) one of the first widely available applications that incorporated public key cryptography PGP is not a pure public key system but a hybrid instead it relies on secret key data encryption/decryption to avoid the the inefficiency problems associated with public key technology major components: users generate their own keys a public, private key pair key size was originally 384 bytes which is easily broken today currently: 2,048 or 4,096 bytes binary, but exported in ASCII- armored format keys, messages, key management {{PGPkey url= keyid=0xffa60123 pubkey= BEGIN PGP PUBLIC KEY BLOCK Version: GnuPG v1.4.6 (MingW32) EkkCGwMFCQWjmoAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRC8IRhO/6YFZyCu AJ9oVG2rQR87dBEQOjU6bdLvbyLJ9ACfb2aUWehrQ04iWpCHW9dTvNw1Pz6IRgQQ EQIABgUCREVycAAKCRAEdWQX3LF5hf6SAJ9wHVt6Az5PnYBGELX9/feMDdGuYQCf exlzh+ynx2skdupxl5gnzadrr2kirgqqeqiabgucrltj8wakcrb6fhywk1chanwd AKCYwxeBl26StQUHF4Xyw3YOcQPr/QCfeVfxe2QyXtOQ0Ur+1go+IvUIjdaIRgQS EQIABgUCRFAHMQAKCRD4z5ci90zsiyNDAJ4jbDz7D8NcHD35Z12i4eoI3ftFOgCd GT3tOljpoU2XrXL1/L0EHWBdLRGITAQSEQIADAUCRkDC7gWDA1jp2wAKCRDLoD9G szdlofjosontvenqnwoh469h6thyh6oes94nackos6xk3iismvrzjzvtpn5mn/z4 7aVy/N8vgpvT3IYiFmZJSd8gpYpIdV5EyL87k+oluTQUqKfpmEQPaNXWZoXrn+xN x7giihwiefl9xndyebwh65xsqsof0w9ucuyujqhxsrro7ozgayccnjsw+fvtqvis 1YQoRjYkdSLipTkrtvo7iBY0rq88+uli5aK6H71kEjn5tK8IvUuKygwq/O+csCel ef6iky6aaj9lemejkbhkzfwmlcxwkfoh1djajqcemxh1gc/t4pdi6g7opaqfxwv1 tsn+fdlfyi5ospzxifnicxrmpkizzdxoso0vilmkmjpcnc8risdrhn/uyutc9p7l TBpITQmRQIZKmkFJ0bBucVI1PE2Y2iP7SZ5lv1Bq4uaaW3YE5Sw9DZMAAwUJAI9x mqgibep2ekkrbacoiupj6yhfc/oyx5cjsejt9jymx0u+cl32mv70eslfbndvgrot D+EMnHfNgh12QldUIu7v6YAdwepBDtCFmxwzZcea2MUhbzQTWqvtDpEUMMzIw1HY HOPl89wfO6VIAxw9QVJ9dYHl4bDgRBStMqdQJA6HkD2PtuTtn8rtndmNnwCgp4Fh A3AmpyzmF4Wf2PtuFNl2IoUD/1pWobB75wRwKAvgG7K/THkhjpLYtSmZdn1NswRf NMBLYCgbYV84BlIHy2aymPljTWWLKa/RGba2MyfWXfNwcGF440OfH1CwXMPw87+a 2uyIRgQQEQIABgUCRkJFvgAKCRCshZNisEE7+lo0AJ4o0Hr4BbQWGVX1mC3E32Xl ivdf+acdgdyodihqjrjiwjw3i8zbt5joamciygqteqiaigucrkjloqmfajwxhjxb Xj5dK1tALl13aWtpcGVkaWE+JAAACgkQrIWTYrBBO/rpswCfZffb7x/naE/zJvK7 KCDm7NnkHhwAoJkNCnYDDdDRnAufgPamFGwUeoVzuQJNBEP2Ek0QCQCTl2JYMAy1 5/LLBlKiuU7jHWikBP+Z/Q5RsyFgBDmD++dJSlLF61O0kjt/O5RqzjhiZrmAk1Fg rfnslcywhr9wshwisnqllynyjrlfmm/rltkk0muqbuv7lu3st8/nbcmye3spz6kr 3Km62DLBiEngjKUqQzGSRNslHFzDZRq1vLuMZrqAgcCiEffI5deo+CJGn5i7anpH +KVU0VmOVnv07Wvrcs7nBiOWDYT14GFtKYn7QpE0WtC/MKvUlQ+LGR9/jvL9RzOV 1OLVe/8TUZ4db0PCuv11/cmAWaZLbn57pE3mKN72GBlLHQaPdPY+JprkB8h5DI4T vy/ia/9r8bazts72po/plqzg4ebqjherzv4lzeufkrlornbpvyspxl+l1qj+wx9e L0gmQ1ir0MFJhmpd+AAsmGRajlJLqf1xhTuSjspqswjKj8NJHX3HhPMl+wWqlaw+ ofsofqdod1grac7ynyv+q2p2tssooqtgtrjyjbkntqhqlrdpd7qtqmvuie1jswx3 YWluIChDeWRlIFdleXMpIDxjeWRld2V5c0BnbWFpbC5jb20+iGYEExECACYFAkP2 HBJyZiQ2+CNn035ekLKsL3BNFKSMWt8vuEDk2FlPfboSRQVgqIPxpMUJuJesUvaJ VvOvMkODO0Y5fOgcwXzxV/pH0+GvZJMk6aODU3fuCiGpKGzGHCH4x/Ofnt5ztYhP BBgRAgAPBQJD9hJNAhsMBQkFo5qAAAoJELwhGE7/pgVnOrUAmgJLiWcQ8TjHIixC bicoqozktbclaj4t2qynt9aqkayqrddx0ofcbtc4la== =RJYJ END PGP PUBLIC KEY BLOCK }} messages are compressed and encrypted using a random secret session key compression (e.g., PKZIP) helps to reduce redundancies that enable the attacker to gain more information about the message contents encryption is symmetric secret key the session key must be transmitted to the recipient and is encrypted using the recipient s public key 5
6 the original scheme for PGP key management was the Web of Trust users networked to certify the authenticity of keys 6
7 currently, Symantec owns commercial rights to PGP and offers two types of service an enterprise suite for businesses and organizations a desktop version for personal users open source versions are available OpenPGP GnuPG (GPG) 7
Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,
Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls 32.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32.2 Figure 32.1 Common structure
More informationNetwork Encryption 3 4/20/17
The Network Layer Network Encryption 3 CSC362, Information Security most of the security mechanisms we have surveyed were developed for application- specific needs electronic mail: PGP, S/MIME client/server
More informationPretty Good Privacy (PGP
PGP - S/MIME - Internet Firewalls for Trusted System: Roles of Firewalls Firewall related terminology- Types of Firewalls - Firewall designs - SET for E-Commerce Transactions. Pretty Good Privacy (PGP
More informationThe Application Layer: & SMTP
The Application Layer: email & SMTP Smith College, CSC 249 Feb 1, 2018 4-1 Chapter 2: Application layer q 2.1 Principles of network applications q 2.2 Web and HTTP q 2.3 FTP q 2.4 Electronic Mail v SMTP,
More informationNetwork Security and Cryptography. 2 September Marking Scheme
Network Security and Cryptography 2 September 2015 Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers to the questions,
More informationFTP. FTP offers many facilities :
FTP Given a reliable end-to-end trasport protocol like TCP, File Transfer might seem trivial. But, the details authorization, representation among heterogeneous machines make the protocol complex. FTP
More informationPrincess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)
Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content
More informationCS 356 Internet Security Protocols. Fall 2013
CS 356 Internet Security Protocols Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5
More informationIPSec. Slides by Vitaly Shmatikov UT Austin. slide 1
IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationAPPLICATION LAYER APPLICATION LAYER : DNS, HTTP, , SMTP, Telnet, FTP, Security-PGP-SSH.
APPLICATION LAYER : DNS, HTTP, E-mail, SMTP, Telnet, FTP, Security-PGP-SSH. To identify an entity, the Internet used the IP address, which uniquely identifies the connection of a host to the Internet.
More informationCS 716: Introduction to communication networks. Instructor: Sridhar Iyer Demo by: Swati Patil IIT Bombay
CS 716: Introduction to communication networks - 16 th class; 28 th Sept 2011 Instructor: Sridhar Iyer Demo by: Swati Patil IIT Bombay What is IP address An identifier for a computer or device on a TCP/IP
More informationVPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009
VPN and IPsec Network Administration Using Linux Virtual Private Network and IPSec 04/2009 What is VPN? VPN is an emulation of a private Wide Area Network (WAN) using shared or public IP facilities. A
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationChapter 8 Network Security
Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationCSC 4900 Computer Networks: Security Protocols (2)
CSC 4900 Computer Networks: Security Protocols (2) Professor Henry Carter Fall 2017 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message Integrity 8.4 End point Authentication
More informationProtocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science
Protocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science History of computer network protocol development in 20 th century. Development of hierarchical
More informationProtocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.
P2 Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE 802.11i, IEEE 802.1X P2.2 IP Security IPsec transport mode (host-to-host), ESP and
More informationThe OSI Model. Open Systems Interconnection (OSI). Developed by the International Organization for Standardization (ISO).
Network Models The OSI Model Open Systems Interconnection (OSI). Developed by the International Organization for Standardization (ISO). Model for understanding and developing computer-to-computer communication
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More informationPrinciples of Information Security, Fourth Edition. Chapter 8 Cryptography
Principles of Information Security, Fourth Edition Chapter 8 Cryptography Learning Objectives Upon completion of this material, you should be able to: Chronicle the most significant events and discoveries
More informationIPSec. Overview. Overview. Levente Buttyán
IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet
More informationECE697AA Lecture 2. Today s lecture
ECE697AA Lecture 2 Application Layer: HTTP Tilman Wolf Department of Electrical and Computer Engineering 09/04/08 Protocol stack Application layer Client-server architecture Example protocol: HTTP Demo
More informationCIT 380: Securing Computer Systems. Network Security Concepts
CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationCSC 6575: Internet Security Fall 2017
CSC 6575: Internet Security Fall 2017 Network Security Devices IP Security Mohammad Ashiqur Rahman Department of Computer Science College of Engineering Tennessee Tech University 2 IPSec Agenda Architecture
More informationInternet Technology. 03r. Application layer protocols: . Paul Krzyzanowski. Rutgers University. Spring 2016
Internet Technology 03r. Application layer protocols: email Paul Krzyzanowski Rutgers University Spring 2016 1 Email: SMTP (Simple Mail Transfer Protocol) 2 Simple Mail Transfer Protocol (SMTP) Protocol
More informationApplications FTP. FTP offers many facilities :
Applications FTP Given a reliable end-to-end trasport protocol like TCP, File Transfer might seem trivial. But, the details authorization, representation among heterogeneous machines make the protocol
More informationApplication Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )
Application Note Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder ) This document describes how to configure McAfee Firewall Enterprise to provide
More informationStudent ID: CS457: Computer Networking Date: 5/8/2007 Name:
CS457: Computer Networking Date: 5/8/2007 Name: Instructions: 1. Be sure that you have 10 questions 2. Write your Student ID (email) at the top of every page 3. Be sure to complete the honor statement
More informationNetworking and Health Information Exchange: ISO Open System Interconnection (OSI)
Networking and Health Information Exchange: ISO Open System Interconnection (OSI) Lecture 4 Audio Transcript Slide 1 Welcome to Networking and Health Information Exchange, ISO Open System Interconnection
More informationThe Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,
1 The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME, PGP), client/server (Kerberos), Web access (Secure Sockets
More informationECE646 Fall Lab 1: Pretty Good Privacy. Instruction
ECE646 Fall 2012 Lab 1: Pretty Good Privacy Instruction PLEASE READ THE FOLLOWING INSTRUCTIONS CAREFULLY: 1. You are expected to address all questions listed in this document in your final report. 2. All
More informationCS348: Computer Networks (SMTP, POP3, IMAP4); FTP
CS348: Computer Networks E-MAIL (SMTP, POP3, IMAP4); FTP Dr. Manas Khatua Assistant Professor Dept. of CSE, IIT Guwahati E-mail: manaskhatua@iitg.ac.in Electronic mail (E-mail) Allows users to exchange
More informationChapter 3 Protocols and the TCP/IP Suite
Chapter 3 Protocols and the TCP/IP Suite 3.1 The Need for a Protocol Architecture need for a standard communication tasks by layers architecture peer protocol: a set of rules or conventions to exchange
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationVirtual Private Networks.
Virtual Private Networks thm@informatik.uni-rostock.de http://wwwiuk.informatik.uni-rostock.de/ Content Virtual Private Networks VPN Basics Protocols (IPSec, PPTP, L2TP) Objectives of VPNs Earlier Companies
More informationCSC 4900 Computer Networks:
CSC 4900 Computer Networks: Email Professor Henry Carter Fall 2017 Villanova University Department of Computing Sciences Review Last week we talked about design principles, and the application protocols
More informationNetworking and Health Information Exchange Unit 1a ISO Open Systems Interconnection (OSI) Slide 1. Slide 2. Slide 3
Slide 1 Networking and Health Information Exchange Unit 1a ISO Open Systems Interconnection (OSI) Networking and Health Information Exchange Unit 1a ISO Open Systems Interconnection (OSI) Slide 2 Unit
More informationSecurity issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.
Security issues: Threats Methods of attack Encryption algorithms Secret-key Public-key Hybrid protocols Lecture 15 Page 2 1965-75 1975-89 1990-99 Current Platforms Multi-user timesharing computers Distributed
More informationE&CE 358: Tutorial 1. Instructor: Sherman (Xuemin) Shen TA: Miao Wang
E&CE 358: Tutorial 1 Instructor: Sherman (Xuemin) Shen TA: Miao Wang Email: m59wang@uwaterloo.ca 1 About Tutorials TA: Miao Wang Office: EIT 3133; Tutorials: Th 4:30 5:20 pm Topics Supplementary knowledge
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 19 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear, the Board's access to other sources
More informationINTERNET PROTOCOL SECURITY (IPSEC) GUIDE.
INTERNET PROTOCOL SECURITY (IPSEC) GUIDE www.insidesecure.com INTRODUCING IPSEC NETWORK LAYER PACKET SECURITY With the explosive growth of the Internet, more and more enterprises are looking towards building
More informationIntroduction to computer networking
edge core Introduction to computer networking Comp Sci 3600 Security Outline edge core 1 2 edge 3 core 4 5 6 The edge core Outline edge core 1 2 edge 3 core 4 5 6 edge core Billions of connected computing
More informationComputer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography
Chapter 7: Network security 15-441 Computer Networking Network Security: Cryptography, Authentication, Integrity Foundations: what is security? cryptography authentication message integrity key distribution
More informationCOMPUTER SECURITY. Computer Security Secure Communication Channels (2)
COMPUTER SECURITY 7. Secure Communication Channels: 2 case studies (2) Technologies' case studies (2) WEP Wired Equivalent Privacy (3) IPsec Internet Protocol Security (11) SSL Secure Sockets Layer (25)
More informationData Communication and Network. Introducing Networks
Data Communication and Network Introducing Networks Introduction to Networking Computer network, or simply network Refers to the connection of two or more computers by some type of medium You can connect
More information06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security
1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of
More informationRalph Durkee Independent Consultant Security Consulting, Security Training, Systems Administration, and Software Development
Ralph Durkee Independent Consultant www.rd1.net Security Consulting, Security Training, Systems Administration, and Software Development PGP and GnuPG Rochester OWASP Agenda: Generic Public Key Encryption
More informationNetwork concepts introduction & wireshark
Network concepts introduction & wireshark W0RKSH0P @KirilsSolovjovs Why am I doing this? Many people attending hacker conferences are not in fact experts, but come here to learn and have fun Opportunity
More informationSystem: Basic Functionality
E-mail System: Basic Functionality E-mail systems support five basic functions: Composition: Creating messages Transfer: Moving messages from the originator to the recipient E-mail transfer is a connection-oriented
More informationCSC Network Security
CSC 474 -- Security Topic 9. Firewalls CSC 474 Dr. Peng Ning 1 Outline Overview of Firewalls Filtering Firewalls Proxy Servers CSC 474 Dr. Peng Ning 2 Overview of Firewalls CSC 474 Dr. Peng Ning 3 1 Internet
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationLecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005
Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric
More informationIP Mobility vs. Session Mobility
IP Mobility vs. Session Mobility Securing wireless communication is a formidable task, something that many companies are rapidly learning the hard way. IP level solutions become extremely cumbersome when
More informationDistributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationInternet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho
Internet Security - IPSec, SSL/TLS, SRTP - 29th. Oct. 2007 Lee, Choongho chlee@mmlab.snu.ac.kr Contents Introduction IPSec SSL / TLS SRTP Conclusion 2/27 Introduction (1/2) Security Goals Confidentiality
More informationDistributed Systems. Lecture 14: Security. 5 March,
06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationExam : Title : Security Solutions for Systems Engineers. Version : Demo
Exam : 642-566 Title : Security Solutions for Systems Engineers Version : Demo 1. Which one of the following elements is essential to perform events analysis and correlation? A. implementation of a centralized
More informationITEC 3800 Data Communication and Network. Introducing Networks
ITEC 3800 Data Communication and Network Introducing Networks Introduction to Networking Computer network, or simply network Refers to the connection of two or more computers by some type of medium You
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 9 Encryption and Firewalls By Whitman, Mattord & Austin 2008 Course Technology Learning Objectives Describe the role encryption
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationCCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols
CCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols LOCAL CISCO ACADEMY ELSYS TU INSTRUCTOR: STELA STEFANOVA 1 Objectives Functions of the three upper OSI model layers, network services
More informationSecurity PGP / Pretty Good Privacy. SANOGXXX July, 2017 Gurgaon, Haryana, India
Email Security PGP / Pretty Good Privacy SANOGXXX 10-18 July, 2017 Gurgaon, Haryana, India Issue Date: [31-12-2015] Revision: [V.1] Security issues for E-mail Confidentiality Network admin can read your
More informationE-commerce security: SSL/TLS, SET and others. 4.1
E-commerce security: SSL/TLS, SET and others. 4.1 1 Electronic payment systems Purpose: facilitate the safe and secure transfer of monetary value electronically between multiple parties Participating parties:
More informationSecurity in IEEE Networks
Security in IEEE 802.11 Networks Mário Nunes, Rui Silva, António Grilo March 2013 Sumário 1 Introduction to the Security Services 2 Basic security mechanisms in IEEE 802.11 2.1 Hidden SSID (Service Set
More informationExam Questions SY0-401
Exam Questions SY0-401 CompTIA Security+ Certification https://www.2passeasy.com/dumps/sy0-401/ 1. A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened
More informationECE646 Fall Lab 1: Pretty Good Privacy. Instruction
ECE646 Fall 2015 Lab 1: Pretty Good Privacy Instruction PLEASE READ THE FOLLOWING INSTRUCTIONS CAREFULLY: 1. You are expected to address all questions listed in this document in your final report. 2. All
More informationChapter 6: Security of higher layers. (network security)
Chapter 6: Security of higher layers (network security) Outline TLS SET 1. TLS History of TLS SSL = Secure Socket Layer defined by Netscape normalized as TLS TLS = Transport Layer Security between TCP
More informationINTERNET & WORLD WIDE WEB (UNIT-1) MECHANISM OF INTERNET
INTERNET & WORLD WIDE WEB (UNIT-1) MECHANISM OF INTERNET 1. INTRODUCTION Hello friends are topic is Internet and World Wide Web the most popular services of our topic is social networking and online shopping
More informationTCP/IP protocol suite
TCP/IP protocol suite The TCP/IP protocol suite was developed prior to the OSI model. Therefore, the layers in the TCP/IP protocol suite do not match exactly with those in the OSI model. The original TCP/IP
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationData Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II
Data Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II Hello and welcome to today's lecture on secured communication.
More informationVirtual Private Networks (VPN)
CYBR 230 Jeff Shafer University of the Pacific Virtual Private Networks (VPN) 2 Schedule This Week Mon September 4 Labor Day No class! Wed September 6 VPN Project 1 Work Fri September 8 IPv6? Project 1
More informationChapter 8 Web Security
Chapter 8 Web Security Web security includes three parts: security of server, security of client, and network traffic security between a browser and a server. Security of server and security of client
More informationA+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e Chapter 8 Networking Essentials Objectives Learn about the protocols and standards Windows uses for networking Learn how to connect
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationUNIVERSITY OF TORONTO FACULTY OF APPLIED SCIENCE AND ENGINEERING
UNIVERSITY OF TORONTO FACULTY OF APPLIED SCIENCE AND ENGINEERING ECE361 Computer Networks Midterm March 06, 2017, 6:15PM DURATION: 80 minutes Calculator Type: 2 (non-programmable calculators) Examiner:
More informationSecurity: Focus of Control
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationLecture 25. Tuesday, November 21 CS 475 Networks - Lecture 25 1
Lecture 25 Reminders: Homework 7 due today. Homework 8 posted. Due at the beginning of the last day of class for final exam review. Programming Project 6 posted. Final project worth double. Due by 4:30pm,
More informationHP Instant Support Enterprise Edition (ISEE) Security overview
HP Instant Support Enterprise Edition (ISEE) Security overview Advanced Configuration A.03.50 Mike Brandon Interex 03 / 30, 2004 2003 Hewlett-Packard Development Company, L.P. The information contained
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Application Layer: Cookies, Web Caching, SMTP Sec 2.2.4-2.4 Prof. Lina Battestilli Fall 2017 Outline Application Layer (ch 2) 2.1 principles of network
More informationReview. Review. Review. How to Send a Message over a Network? LAN LAN. LAN Routing Addressing Reliable Data Transfer Congestion Control LAN
Review Review Computer etworks Multiaccess or Shared Media Broadcast Switched Point-to-Point Packet Switched or Store-and-foward Circuit Switched Virtual Ciruit or Connection-Oriented Datagram or Connectionless
More informationSecurity in Distributed Systems. Network Security
Security in Distributed Systems Introduction Cryptography Authentication Key exchange Readings: Tannenbaum, chapter 8 Ross/Kurose, Ch 7 (available online) Computer Science Lecture 22, page 1 Network Security
More informationIP Security. Have a range of application specific security mechanisms
IP Security IP Security Have a range of application specific security mechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS However there are security concerns that cut across protocol layers Would like security
More informationCSE509: (Intro to) Systems Security
CSE509: (Intro to) Systems Security Fall 2012 Invited Lecture by Vyas Sekar IPSec 2005-12 parts by Matt Bishop, used with permission Security in Real Life: Motivation Site SF Company X $$$ Site NY Site
More informationتاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم
بنام خدا تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم امنیت بخشی به سیستمهای فناوری اطالعات Securing Information Systems 1 Learning Objectives Describe the business value of security and control.
More informationCryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption
and secure channel May 17, 2018 1 / 45 1 2 3 4 5 2 / 45 Introduction Simplified model for and decryption key decryption key plain text X KE algorithm KD Y = E(KE, X ) decryption ciphertext algorithm X
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 20 IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with
More informationLAB :: PGP (Pretty Good Privacy)
LAB :: PGP (Pretty Good Privacy) GnuPG : GnuPG forms the heart of Gpg4win the actual encryption software. Kleopatra : The central certificate administration of Gpg4win, which ensures uniform user navigation
More informationInternet security and privacy
Internet security and privacy IPsec 1 Layer 3 App. TCP/UDP IP L2 L1 2 Operating system layers App. TCP/UDP IP L2 L1 User process Kernel process Interface specific Socket API Device driver 3 IPsec Create
More informationService Managed Gateway TM. Configuring IPSec VPN
Service Managed Gateway TM Configuring IPSec VPN Issue 1.2 Date 12 November 2010 1: Introduction 1 Introduction... 3 1.1 What is a VPN?... 3 1.2 The benefits of an Internet-based VPN... 3 1.3 Tunnelling
More informationSimple Network Management Protocol (SNMP)
Announcements Project #5 extended until Dec. 10 Reading: 7.3, start 7.4 Midterm #2 last day to request re-grades Th in class HW#2 (due Tuesday Dec. 7) 1 Simple Network Management Protocol (SNMP) Managed
More informationDebian/GNU Linux Networking
Debian/GNU Linux Networking Basics of the Networking Károly Erdei October 15, 2014 Károly Erdei Debian/GNU Linux Networking 1/41 Agenda 1 Networks 2 Ethernet 3 Internet Protocol 4 TCP 5 DHCP 6 Check Network
More informationInnovation and Cryptoventures. Technology 101. Lee Jacobs and Campbell R. Harvey. February 22, 2017
Innovation and Cryptoventures Technology 101 Lee Jacobs and Campbell R. Harvey February 22, 2017 What is a computer? Electronic device that has the ability to store, retrieve, and process data Hardware
More informationChapter 10: Application Layer CCENT Routing and Switching Introduction to Networks v6.0
Chapter 10: Application Layer CCENT Routing and Switching Introduction to Networks v6.0 CCNET v6 10 Chapter 10 - Sections & Objectives 10.1 Application Layer Protocols Explain the operation of the application
More informationInternet Architecture
Internet Architecture Lecture 10: How Email Work Assistant Teacher Samraa Adnan Al-Asadi 1 How Email Works Electronic mail, or email, might be the most heavily used feature of the Internet. You can use
More information