NETWORK SECURITY AND CRYPTION

Network Security and Cryption

Introduction and Objectives

So far we have learned how network hardware and software systems operate and how client- server applications use the underlying network facilities to communicate. Today we will discuss here another important subject of internet “Network Security”.

Secure Networks and Policies

Definition of a secure network differs from people to people and organization to organization.

Organizations firstly define their “security policy” considering following aspects:

Data Integrity: Protection from changeData Availability: Protection against disruption of services to

legitimate users.Data Confidentiality: Protection against unauthorized data

access.Data Privacy: Ability of a sender to remain anonymous.

Responsibility and Control

Accountability is keeping an audit trail of data access and change

Authorization is protecting computer resources by only allowing those resources to be used by resource consumers that have been granted authority to use them.

Integrity Mechanisms

Parity Bits, Checksums, Cyclic Redundancy Checks

These are inadequate against a purposeful intelligent attack . The one who changes the data will also fix the check codes.

Message Authentication Code (MAC) using cryptographic hashingThe secret key is known only to the sender and receiver.

An attacker, who does not knows the key will not able to modify the message.

Access Control and Passwords

Some systems implement “access control list (ACL) ”, while some others each user is assigned a password to access a protected resource.

Passwords used to gain access to one local computer are not sent over a network.

Password used to gain access to network resources must be communicated in some matter over the network.

Encryption and Confidentially

To ensure the confidentially of the messages, they must be encrypted.

Several technologies exist for encryption. A key is used to encrypt the message. With the same key the massage is decrypted to

the original message These encrypt and decrypt functions are reverse

operations to each other.

Public Key Encryption

User have a private key and a public key. If a message is encrypted with one of the

keys, the other key can decrypt the message.

The functions used for encryption and decryption has “one way property”

Authentication with Digital Signatures A message can be signed and then sent to a

specified destination in a secure and confidential manner.

Only u1 could have sent the message. Only u2 can correctly decode the message. A “trusted authority” is used as a source of

public keys (VeriSign).

Internet Firewall Concept

Encryption technology helps to solve many security problems but a second concept is also needed. Known as Internet Firewall helps to protect computers and networks froms unwanted internet traffic.

Figure 40.1 Illustration of firewall that is used to protect an organization against unwanted interaction with the Internet.

Firewalls itself must be secure that is,All traffic entering the organization passes

through the firewallAll traffic leaving the organization passes

through the firewallThe firewall implements the security policy

and rejects any traffic that does no adhere to the policy.

The firewall computer itself must be immune to security attacks.

Packet Filtering

A router usually can perform packet filtering based on any criteria.Source IP, destination IP,, type, port numbers,

message text, etc.

Types of Packet Filtering

Network level Packet Filtering(Firs Generation).

Circuit level Packet Filtering(Second Generation).

Application level Packet Filtering

Network Level Packet Filtering(First Generation Packet Filtering) Developed in 1988 by Digital Equipment

Corporation. Also known as Packet Filter Firewalls. Stateless packet filtering.

Circuit Level (Second Level) Packet Filtering Developed between 1980-1990 by Dave

Presetto, Janardan Sharma and Kshitij Nigam.

Stateful packet filtering.

Application Layer(Third Generation) Packet Filtering Developed by Gene Stefford, Bill

Cheswick and Marcus Ronum Also known as proxy based firewall. Modern firewalls use this filtering.

The Advantage of Application Layer Firewall Can understand certain protocols such as

-FTP (File Transfer Protocol)

-DNS or WEB Browsing Can detect if an unwanted protocol is

sneaking or trying to harm the computer.

Modern Firewalls Filter by

IP address Source port Destination IP address or port Destination web service or FTP(Filter by

domain name etc...)

Advantages of Using a Firewall

Secure the network from unthrusted networks.

Control the incomming packets. Control the leaving packets.

Virtual Private Networks A corporation with multiple geographic sites can use two approaches to building a

corporate intranet:

Private Network Connections

Each leased connection extends from a router. Data passes from a router at one side to a router at another side.

Public Internet Connections Each site contracts with a local ISP for internet service.Data passes to global internet.

The advantage of using leased circuits is that the network is private.No other organization has access to a leased circuit.

The advantage of using Internet connection is low cost but it can not guarantee confidentiality.

A VPN is a structure that bonds two different private networks in such a way that they appear to have a direct, point-to-point connection between them. Use global internet to transfer data but take additional steps to prevent accesing data by outsiders.VPN software operates two functions.

It operates like a packet filter.It rejects all incoming packets which are coming from other corporations and rejects all outgoing packets whose destination is not in this corporation.

VPN software encrypts each outgoing datagram before sending.So, communication is confidental.

Tunneling

This is the generic name for any system which encapsulates a data packet in a protocol which is at the same level, or a higher level, in the protocol stack. These protocols can be the same protocol (eg. IP) or different protocols (eg. IP and TCP).

Security Technologies

IDS (Intrusion Detection System) PGP (Pretty Good Privacy) ssh (Secure Shell) SSL (Secure Socket Layer) IPsec ( IP security) RADIUS (Remote Authentication Dial-In User

Service) WEP (Wired Equivalent Privacy)

Conclusion

In hour day all networks are integrated and connected so the risk is bigger and network security is important then ever!

References

http://www.en.wikipedia.org/wiki/firewall/ http://www.webopedia.com/TERM/f/firewal

l.html http://www.openbsd.org/faq/pf/filter.html http://www-lor.int-evry.fr/~paul_o/Courses/ Computer Networks and Internets by

Douglas E. Comer

???

QUESTIONS

What is a firewall? Why it is used? What is VPN? Why do we use encryption? What is an ACL( Access Control List) ? Write the various security technologies. What is the difference between private

network connections and public network connections?