TLS/SSL and IPSec Paper - Essay Example

Accessibility through small preservation required is what makes SSL very admired. Additionally, one of the fundamental advantages of an SSL VPN is that it offers considerable support for rough controls. In addition, if we want to offer a VPN for a specific software application and not for the entire communication network, we can do it using TLS/SSL VPN. So this is the basic reason that TLS/SSL based security structures are becoming extremely popular. Moreover, it is seen that TLS/SSL is used more commonly when its use is associated to a perspm instead of a hardware device (Maalouf, 2010; Dahl, 2004).

However, there is a serious issue with SSL and that is the necessity for PKI. In situations where we are able to bear a slower session, need client authentication and non-repudiation (for example in case of online banking) (Rescorla, 2008). On the other hand, IPsec arrangements are yet the most extensively used technology suits, particularly for large size corporations. In this scenario, the computer connected with an IPsec VPN service is considered a part of the business network and has accurately analogous access as if it was in office.

Additionally, when we need to connect remotely to work from either home or while travelling, we would make use of an IPsec VPN services to communicate. It is observed that IPsec is employed for protecting communication among systems (for example security gateways, proxy servers and edge routers) as compared to some other network communication protocol. However, we do not necessitate client confirmation in these cases because in this scenario data origin verification is enough for communication session.

In addition, with the emergence of new technology based 3GPP communication networks, IPsec was selected over TLS/SSL for a variety of reasons, mainly with such services it does not need PKI to apply and therefore does not need the computation based network communication overhead. IPsec services are as well more flexible for the reason that it can protect UDP, TCP and SCTP (Maalouf, 2010) (Alshamsi & Saito, 2006). DQ2: Single-Sign-On What is the purpose of Single-Sign-On? What are the components of distributed SSO infrastructure?

Provide few examples and possibly compare them. Single Sign on (SSO) is the user’s perceptive of making use of a number of services and systems but only having to 'log-in' once. Basically, the Single Sign on (SSO) (which is also acknowledged as Enterprise Single Sign On or "ESSO") is the facility for a user to make use of the identical id and password to enter into numerous applications in an enterprise. At the same time as passwords are the least protected verification technique, single sign on has at the present time turned out to be known as a reduced sign on (RSO) in view of the fact that more than one type of verification technique is used according to enterprise risk models (Dale, 2009; Authentication World, 2006; The Open Group, 2010).

In addition, Single-Sign-On offers a variety of benefits for instance the capability to implement standardized corporate verification and approval strategies all through the enterprise. In fact, the Single-Sign-On offers end-to-end client review session to improve the security audit and reporting. Additionally, the Single-Sign-On reduces the role of application developers by allowing them to recognize and apply unique