f08-Ch8 - Chapter 8 Network Security All material copyright...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
8: Network Security 8-1 Chapter 8 Network Security All material copyright 1996-2007 J.F Kurose and K.W. Ross, All Rights Reserved
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-2 Chapter 8: Network Security Chapter goals: ± understand principles of network security: ² cryptography and its many uses beyond “confidentiality” ² authentication ² message integrity ± security in practice: ² firewalls and intrusion detection systems ² security in application, transport, network, link layers
Background image of page 2
8: Network Security 8-3 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 End point authentication 8.5 Securing e-mail 8.6 Securing TCP connections: SSL 8.7 Network layer security: IPsec 8.8 Securing wireless LANs 8.9 Operational security: firewalls and IDS
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-4 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents ± sender encrypts message ± receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and availability: services must be accessible and available to users
Background image of page 4
8: Network Security 8-5 Friends and enemies: Alice, Bob, Trudy ± well-known in network security world ± Bob, Alice (lovers!) want to communicate “securely” ± Trudy (intruder) may intercept, delete, add messages secure sender secure receiver channel data, control messages data data Alice Bob Trudy
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-6 Who might Bob, Alice be? ± …we l l , real-lifeBobs and Alices! ± Web browser/server for electronic transactions (e.g., on-line purchases) ± on-line banking client/server ± DNS servers ± routers exchanging routing table updates ± other examples?
Background image of page 6
8: Network Security 8-7 There are bad guys (and girls) out there! Q: What can a “bad guy” do? A: a lot! ± eavesdrop: intercept messages ± actively insert messages into connection ± impersonation: can fake (spoof) source address in packet (or any field in packet) ± hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place ± denial of service : prevent service from being used by others (e.g., by overloading resources) more on this later ……
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-8 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 End point authentication 8.5 Securing e-mail 8.6 Securing TCP connections: SSL 8.7 Network layer security: IPsec 8.8 Securing wireless LANs 8.9 Operational security: firewalls and IDS
Background image of page 8
8: Network Security 8-9 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret (private) plaintext plaintext ciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8: Network Security 8-10 Symmetric key cryptography substitution cipher: substituting one thing for another ± monoalphabetic cipher: substitute one letter for another
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 10/27/2009 for the course ECE 816 taught by Professor Ren during the Spring '09 term at Michigan State University.

Page1 / 88

f08-Ch8 - Chapter 8 Network Security All material copyright...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online