Security in Network Communications - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Security in Network Communications

Description:

Title: Spread Spectrum Steganography Created Date: 11/30/2005 4:15:38 PM Document presentation format: On-screen Show Other titles: Arial Verdana Wingdings MS PGothic ... – PowerPoint PPT presentation

Number of Views:41
Avg rating:3.0/5.0
Slides: 19
Provided by: csUccsEd5
Learn more at: http://cs.uccs.edu
Category:

less

Transcript and Presenter's Notes

Title: Security in Network Communications


1
Security in Network Communications
  • Deepti Reddy
  • Suphannee Sae chai
  • Sarah Summers

2
Presentation Overview
  • Motivation
  • Communication Security Issues
  • Security Tools
  • Secure Network Communications

3
Motivation
  • Network Communications are a fact of every day
    life.
  • Need to protect sensitive information.
  • Need to control access.

4
Communication Security Issues
  • Confidentiality
  • Authentication
  • Integrity
  • Non-repudiation

5
Types of Attack
  • Access Attacks
  • Snooping
  • Eavesdropping/Interception
  • Authentication
  • Impersonation

6
Types of Attack
  • Integrity
  • Changes
  • Insertion
  • Deletion
  • Non-repudiation
  • Masquerading
  • Denying an event

7
Security Tools
  • Communications security predominantly based on
    some form of cryptography.
  • Symmetric Key Algorithms (Private Key)
  • DES (Data Encryption Standard)
  • AES (Advanced Encryption Standard)
  • IDEA (International Data Encryption Algorithm)
  • Asymmetric Key Algorithms (Public Key)
  • Diffie-Hellman
  • RSA

8
Security Tools (continued)
  • Digital Signatures
  • DSA (Digital Signature Algorithm)
  • Message Digests
  • MD5
  • SHA1

9
Security Protocols
  • Security protocols can be divided into several
    categories.
  • General Communications Security
  • Email Security
  • Web Security

10
General Communications Security
  • IPSec
  • Extension to IP protocol that provides security
    for protocol stack
  • Authentication, data integrity and
    confidentiality
  • Two protocols Authentication Header and
    Encapsulating Security Payload
  • Two modes Transport and Tunneling
  • Does not need applications to be modified to use
    it.
  • Complex
  • RADIUS
  • Centralized method for user administration
  • Embedded applications make use of RADIUS server
    for authentication
  • Utlilizes MD5
  • Easy to implement
  • Kerberos
  • Distributed authentication service for networks
  • Utilizes DES
  • Not effective against password guessing
  • Applications must be modified for Kerberos
    authentication

11
Email Security
  • PGP (Pretty Good Privacy)
  • Hybrid cryptosystem featuring symmetric and
    asymmetric cryptography.
  • Complete email security package providing
    confidentiality, authentication, digital
    signatures and compression
  • Utilizes IDEA, RSA and MD5
  • S/MIME
  • version of the MIME protocol that provides
    security services, confidentiality,
    authentication, message integrity and
    non-repudiation for messaging applications.
  • Utilizes RSA, DSA and Triple DES

12
Web Security
  • SSL
  • Provides secure access of a web browser to a web
    server.
  • Allows authentication and data integrity through
    the use of digital signatures and encryption for
    confidentiality
  • Utilizes a combination of symmetric and
    asymmetric key encryption and message digests
  • SSH
  • Enables the establishment of a secure channel
    between a local and remote computer
  • Provides strong authentication and secure
    communications over insecure channels.
  • Uses a variety of algorithms

13
Future Work
  • Staying ahead of attackers by developing stronger
    algorithms and security techniques.
  • Modification of current protocols.
  • Creation of new protocols.

14
Conclusions
  • Network Communications security is a broad and
    complex subject.
  • Cryptographic methods are the solution.
  • Security mechanisms will always be attacked and
    eventually broken.

15
Questions ?Under Pain of Death!
16
References
  • 1 Communication Security available
    techniques, AXIS Communications White Paper,
    http//www.axis.com/documentation/whitepaper/secur
    ity.pdf
  • 2 Network Security A Beginners Guide, Eric
    Maiwald, McGraw Hill, 2001, ISBN
  • 3 Computer Networks, Andrew S. Tanenbaum, 4th
    Edition, Prentice Hall, 2003, ISBN 0-13-066102-3
  • 4 IDEA (International Data Encryption
    Algorithm) http//www.quadibloc.com/crypto/co04030
    2.htm
  • 5 International Data Encryption Algorithm
    Technical Description,
  • http//www.mediacrypt.com/_pdf/IDEA_Technical_Des
    cription_0105.pdf
  • 6 Diffie-Hellman Protocol, David Terr
    http//mathworld.wolfram.com/Diffie-HellmanProtoco
    l.html
  • 7 Security in Computing, Charles P. Pfleeger
    and Shari Lawrence Pfleeger, Third Edition,
    Prentice Hall, ISBN 0-13-035548-8

17
References (continued)
  • 8 Digital Signature Standard, Federal
    Information Processing Standards Publication 186,
    May 1994, http//www.itl.nist.gov/fipspubs/fip186.
    htm
  • 9 Securing Data in Transit with IPSec, Deb
    Shinder, July 2004, http//www.windowsecurity.com/
    articles/Securing_Data_in_Transit_with_IPSec.html
  • 10 An illustrated guide to IPSec, Steve Friedl,
    http//www.unixwiz.net/techtips/iguide-ipsec.html
  • 11 SSL/TLS Strong Encryption An Introduction,
    http//httpd.apache.org/docs/2.0/ssl/ssl_intro.htm
    l
  • 12 Introducing SSL and Certificates using
    SSLeay, Frederick J. Hirsch, Web Security A
    Matter of Trust. World Wide Web Journal, Volume
    2, Issue 3, Summer 1997 0-07-213324-4
    http//www.uth.tmc.edu/netcenter/middleware/digita
    l-id/PKI-101.ppt1

18
References (continued)
  • 13 How PGP Works, http//www.pgpi.org/doc/pgpint
    ro
  • 14 S/MIME Secure Email - A Beginners Guide,
    Mark Noble, http//www.marknoble.com/tutorial/smim
    e/smime.aspx
  • 15 http//csrc.nist.gov/publications/nistpubs/8
    00-49/sp800-49.pdf
  • 16 http//en.wikipedia.org/wiki/Advanced_Encrypt
    ion_Standard
  • 17
  • 18 Keberos An authentication service for
    Computer Networks, B. Clifford Neuman and
    Theodore Tso, http//gost.isi.edu/publications/ke
    rberos-neuman-tso.html
  • 19 The History of Kerberos Authentication,
    Daniel Calloway, http//www.theworldjournal.com/sp
    ecial/nettech/new/kerberos.htm
  • 20 http//www.untruth.org/josh/security/radius/
    radius-auth.html
  • 21 http//www.faqs.org/rfcs/rfc1321.html
  • 22 http//www.iusmentis.com/technology/hashfunct
    ions/md5/
  • 23 http//www.irnis.net/gloss/md5-digest.shtml
Write a Comment
User Comments (0)
About PowerShow.com