StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Network and Internet Security - Essay Example

Cite this document
Summary
This essay deals with the issue of network and Internet security. According to the text, session keys are a critical component to the operation of different security solutions. They can be of the following type: a shared secret; authenticated public keys; a single public key; one time passwords…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER97% of users find it useful
Network and Internet Security
Read Text Preview

Extract of sample "Network and Internet Security"

? Network and Internet Security Lecturer: Part Session Keys (10 pts) Session keys are a critical component to theoperation of different security solutions. Examine the establishment of session keys such that the session key is incomputable and non-spoofable. You may wish to study systems that rely on: a) A shared secret; b) Authenticated public keys (including Diffie-Hellman); c) A single public key; and d) One time passwords (including Lamport's Hash). To better understand how these methods are used, study their implementation in various protocols/products such as: Kerberos V4 Kerberos V5 Secure Socket Layer Show attacks and defences to these session key establishment protocols at all levels, including one or both of the communicating machines being compromised. Answer Session keys are used to ensure that communication between two parties can be initiated when needed and terminated when there is no use of it. As a result, session keys can be termed as temporary keys (symmetric keys) since their use is no longer needed once the communication session between the hosts had been terminated. The reason behind the generation of new keys is that, network communication attackers can pick up a key that had been used previously and use them to initiate the same communication. To avoid such occurrences, session keys for all systems are designed to be used only once. Session keys have a number of benefits. These include the fact that: They limit the number of attacks on a system by making it difficult to attack a system since the amount of data being processed by the respective key is minimal. Secondly, public-key cryptography also known as asymmetric cryptography is very slow as it uses a two key encryption method (public and private). Due to the fact that communication channels are very vulnerable to attacks. The establishment of session keys should be placed as a priority in a bid to prevent and withstand attacks. With that, the establishment of a session key depends on the encryption technique. There are a number of encryption techniques that can be used. These techniques have been categorized into either: symmetric, asymmetric and/ or hybrid encryption. Symmetric encryption (Single key encryption) - requires the use of only a single key for the process of encrypting messages as well as decrypting them. This technique ensures that there is only one key which will be used – that is a secret key. Asymmetric encryption (Public key encryption) - requires the use of a two keys where one is a private key and the other is a public key which is known to a number of people. With that, these two keys (public and private keys) are used interchangeable to encrypt and decrypt messages. Hybrid encryption (single key and public key) – this technique used both the symmetric and asymmetric encryption techniques. It is important to note that, modern systems have been designed to be dynamic in terms of the encryption technique (s) that they are using. As a result; they can use both the symmetric and asymmetric encryption techniques interchangeably. Encryption by a shared secret: As the name suggests, two hosts can be in a position to exchange information through the use of a shared secret and/ or a secret key. This mechanism is characterised by the fact that the shared secret key is used to encrypt both the senders and the recipient’s messages. Based on that, this channel faces very high security risks since if the message is tapped or eavesdropped, the attacker can be in a position to use the shared secret key to either encrypt or decrypt the entire conversation. Based on that, data security is highly compromised. The other challenge faced with the shared secret key encryption is the fact that the higher the messages that are being sent on the communication channel by the hosts, their corresponding keys will also be increased. As a result, there will be too many keys being shared. Thirdly, due to the fact that it is a shared key, if the sender’s key is not known, decrypting the ciphered text will be a challenge to the recipient. Based on the above challenges, the solution that has so far countered the challenges associated with the shared secret key is the use of session keys which are created and terminated easily. Encryption using session keys: Sessions keys are implemented using the following process description: If Host A, B and C want to communicate to each other; they have to set up an encrypted link among themselves. With that, if Host A wants to send an encrypted message to B and C, then A will have to provide its key that will be used by B and C in a bid to decrypt the ciphered message. This key exchange process requires the availability of a Key Distribution Centre (KDC) that is used to store the shared session keys. It is worthy to note that, this scheme totally depends on the KDC and if the KDC encounters any problems, then that will compromise on data security. With that stated, below are some of the challenges that may be faced by the KDC. First, if the KDC fails to store the session keys, then the hosts will not be in a position to encrypt and decrypt the messages. Secondly, if the number of keys grows then there is need for a scalable KDC else it will fail to provide the keys. Thirdly, the KDC is not used for connection less protocols. Fourth, transporting the keys physically can be tedious. The above encryption techniques can be used in the following protocols and/ or products: Kerberos V4, Kerberos V5 and Secure Socket Layer (SSL). Kerberos is a network authentication protocol that is used in a bid to provide security for both the client and the server through the use of the secret-key cryptography. Kerberos also depends entirely on the KDC so as to ensure secure communication between the hosts. Kerberos V4 and Kerberos V5 provide the same functionality only that the V5 is an improvement of the V4 based on its minor challenges. One of the major challenges (attacks) which can be encountered through using the Kerberos V4 is the fact that its re-uses keys based on the previous communication link on a new session of the same communication. As a result, an attacker can be in a position to retrieve the key and use it to gain access to the previous communication as well as the new communication session that was being shared by the hosts. The defences to this challenge have been implemented by the Kerberos V5. In the V5 the client can be in a position to “negotiate” the creation of a new session key at each instance. Based on that, the chances of attacks to the system are minimized. Secure socket layer (SSL) is a protocol that provides stable and reliable end to end connection between the server and the client. There are two layer protocols that are associated with SSL. These include: SSL record protocol and the upper layer protocol which encapsulates the handshake, alert and cipher spec protocol. The challenges encountered with SSL include: lack of authenticity in browser certificates. This is due to the reason that if the browser trusts the certificate it goes ahead to create, encrypt and then send back the private key by using the public key that belongs to the server. A defence to this challenge would be to optimally use Certificate Signing Request (CSR) which ensures that the private key and CSR data file generated are directly sent to the SSL Certificate issuer. Part 2: Group Discussion Question (10pts) Discuss the relative advantages and disadvantages of implementing cryptographic protocols at the application layer (layer 7), network layer (layer 3), and transport layer (layer 4) of the OSI basic reference model. Justify your answer by referring to the different security related technologies/solutions seen in the course (or others you read about) and the strengths and weaknesses they show because of their position in the protocol stack. We suggest that you answer this question as a group, with each student arguing for a different layer and the other students commenting on his/her answers, using blackboard. Answer The advantages of implementing cryptographic protocols at the application layer includes: the protection of data that is transmitted in channels such as emails; data stored in databases. In addition to that, cryptographic protocols at the application ensure that there is efficient and effective transfer between the hosts. Some of the protocols in this layer include: FTP, HTTP, TELNET and DNS. The disadvantage of implementing cryptographic protocols at the application layer is that they can fall redundant due to change in security application technologies. With regard to the discussed security technologies, it should be noted that protocols such as SSL can fall short while handling the session communication. The web browser (client) may accept a certificate from an organisation that is not legitimate and this may in turn lead to the lack of data security. References Angel Fire. Session Keys. Web. Retrieved from: http://www.angelfire.com/nj2/raisahmad/sessionKeys.htm MIT. Kerberos: The Network Authentication Protocol. 2013. Web. Retrieved from: http://web.mit.edu/kerberos/ Microsoft. The OSI Model's Seven Layers Defined and Functions Explained. 2013. Web. Retrieved from: http://support.microsoft.com/kb/103884 Networking. Seven layer Model. 2013. Web. Retrieved from: http://networking.ringofsaturn.com/Protocols/sevenlayer.php Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Network and Internet Security Essay Example | Topics and Well Written Essays - 1500 words”, n.d.)
Network and Internet Security Essay Example | Topics and Well Written Essays - 1500 words. Retrieved from https://studentshare.org/information-technology/1496510-network-and-internet-security
(Network and Internet Security Essay Example | Topics and Well Written Essays - 1500 Words)
Network and Internet Security Essay Example | Topics and Well Written Essays - 1500 Words. https://studentshare.org/information-technology/1496510-network-and-internet-security.
“Network and Internet Security Essay Example | Topics and Well Written Essays - 1500 Words”, n.d. https://studentshare.org/information-technology/1496510-network-and-internet-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Network and Internet Security

Chinese Influence Regarding Telecommunications

Managing Capability: MENA Telecom Word Count: 3,329 Aims & Objectives The aim and objective stated herein is that MENA Telecom is a Bahrain telecommunications company that was founded in the internet age.... Just as the printing press changed the way books, and thus knowledge, were disseminated, the internet has also had a large impact on the way people communicate in this age.... The youngest among the different forms of media present in this time, the internet has rapidly evolved into one of the most popular media that has changed the way people all over the world share information....
13 Pages (3250 words) Essay

Introduction to Network Security

ions are in place to monitor and control unauthorized access, misuse, modification, or denial of the network and its resources (Simmonds, Sandilands, & van Ekert, 2004).... RUNNING HEAD: NETWORK security Network security Threats and Vulnerabilities of a network Type your name here 2/28/2011 Contents RUNNING HEAD: NETWORK security 1 Threats and Vulnerabilities of a network 1 Type your name here 1 2/28/2011 1 Contents 2 Abstract 4 Problem Statement 4 Research and Analysis 5 Introduction to Network security 5 Why Network security?...
9 Pages (2250 words) Research Paper

Network Design Consultation

This piece will take into account the following: the recommended design that meets the customer's needs; an original diagram of the configuration; suggested network architecture and internet access configuration; recommended hardware; recommended software; a cost table; a basic recommended configuration; and a conclusion....  … Quality networked printer; file and folder sharing; Internet access; multiple email addresses; basic security environment (similar to home environment); initial investment $5,000 or less; and recurring costs less than $200 per month....
8 Pages (2000 words) Literature review

Network Security Fundamentals, Security Threats, and Issues

On the other hand, there is at the moment a great deal of suspicion on the subject of internet security, however an excellent information is that we have a wide variety of tools and technologies accessible which can ensure the maximum security of our network against illegal interruption (McConnell, 2004).... NETWORK security FUNDAMENTALS, security THREATS, AND ISSUES Network security Fundamentals, security Threats, and Issues Author Author's Affiliation Date 3....
4 Pages (1000 words) Case Study

A Wireless Network Structure Considering Security

This paper "A Wireless Network Structure Considering security" focuses on the fact that Wireless Networks are widely used both for individual or business purposes.... However, wireless networking has many security issues.... Agencies should be aware of the security risks associated with wireless technologies.... " It also provides "top 10 tips for wireless home network security".... hellip; PDA's give you the opportunity to access the internet, check your email....
9 Pages (2250 words) Coursework

Chinese Government's Control of the Internet

This discussion, Chinese Government's Control of the internet, stresses that the People's Republic of China has a long-standing policy of information control in the sense that its government places tight constraints on the information it permits its citizens to have access to.... hellip; As the paper outlines, the Chinese government has managed to control its citizens access to certain websites through the auspices of internet filtering and/or censorship....
17 Pages (4250 words) Research Paper

The Great Firewall of China

internet security protection and management regulations.... The Chinese government's aim in regulation and control of the Internet is to restrict access to politically harmful information and to safeguard national security.... This research looks at the freedom of speech on internet and the Chinese approach to curb and filter the free flow of information.... As a case the internet situation in China has been discussed and the measures which the government has taken to filter out information thus negating the western concept of free flow of ideas, thoughts, beliefs and information in general (Einhorn & Keenan 2002)....
9 Pages (2250 words) Essay

Environmental Scanning Strategy of AlienVault

When it comes to Network and Internet Security, AlienVault has made a name for being one of the most trusted names in the security industry.... When it comes to Network and Internet Security, AlienVault has made a name for being one of the most trusted names in the security industry.... In addition, the firm as a technical division that deals with rolling out new and innovative technologies that constitute the company's Network and Internet Security products....
16 Pages (4000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us