f08-Ch8 - Chapter8 NetworkSecurity All material copyright...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
8: Network Security 8-1 Chapter 8 Network Security All material copyright 1996-2007 J.F Kurose and K.W. Ross, All Rights Reserved
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-2 Chapter 8: Network Security Chapter goals:   understand principles of network security:   cryptography and its many uses beyond “confidentiality” authentication message integrity security in practice: firewalls and intrusion detection systems security in application, transport, network, link layers
Background image of page 2
8: Network Security 8-3 Chapter 8 roadmap 8.1 What is network security? 8.2  Principles of cryptography 8.3  Message integrity 8.4  End point authentication 8.5  Securing e-mail 8.6  Securing TCP connections: SSL 8.7  Network layer security: IPsec 8.8  Securing wireless LANs 8.9  Operational security: firewalls and IDS
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-4 What is network security? Confidentiality:  only sender, intended receiver should “understand”  message contents sender encrypts message receiver decrypts message Authentication:  sender, receiver want to confirm identity of each other  Message integrity:  sender, receiver want to ensure message not altered  (in transit, or afterwards) without detection Access and availability:  services must be accessible and available to  users
Background image of page 4
8: Network Security 8-5 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate “securely” Trudy (intruder) may intercept, delete, add messages secure sender secure receiver channel data, control  messages data data Alice Bob Trudy
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-6 Who might Bob, Alice be? … well, real-life Bobs and Alices! Web browser/server for electronic transactions (e.g., on- line purchases) on-line banking client/server DNS servers routers exchanging routing table updates other examples?
Background image of page 6
8: Network Security 8-7 There are bad guys (and girls) out there! Q:  What can a “bad guy” do? A:  a lot! eavesdrop:  intercept messages actively  insert  messages into connection impersonation:  can fake (spoof) source address in packet (or any  field in packet) hijacking:  “take over” ongoing connection by removing sender or  receiver, inserting himself in place denial of service : prevent service from being used by others (e.g.,   by overloading resources) more  on this later ……
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-8 Chapter 8 roadmap 8.1  What is network security? 8.2 Principles of cryptography 8.3  Message integrity 8.4  End point authentication 8.5  Securing e-mail 8.6  Securing TCP connections: SSL 8.7  Network layer security: IPsec 8.8  Securing wireless LANs 8.9  Operational security: firewalls and IDS
Background image of page 8
8: Network Security 8-9 The language of cryptography symmetric key  crypto: sender, receiver keys identical
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 88

f08-Ch8 - Chapter8 NetworkSecurity All material copyright...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online