Network Security

Most security problems are intentionally caused by malicious people typing to gain some benefit, get attention, or to harm someone. Some people who cause security problems are tabulated below.

 

Adversary Goal
Student To have fun snooping on people's email
Cracker Out someone's security system; Steal data
Sales rep To claim to represent all Europe, not just and Andorra
Businessman To Discover a competitor’s strategic Marketing plan
Ex-employee To get revenge for being fired
Accountant To embezzle money from a company
Stockbroker To deny a promise made to a customer by e-mail
Con man To steal credit card numbers for sale
Spy To learn an enemy’s military or industrial secrets
Terrorist To steal germ warfare of Secrets

 

Authentication

Authentication is any process by which you verify that someone is who claim they are. This usually involves a username and password but can include any other methods of demonstrating identities, such as the smart card, voice recognition, or fingerprints. Authentication is equivalent to showing your drivers license at the ticket counter at the airport. (Or Authentication is the process of identifying an individual, usually based on a username and password).

 

The two diagrams below illustrator how the authentication process happens. ( both these methods has certain limitations).

 

P77

 

Authentication is finding out if the person, once identified,  is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance.

 

Access control lists a much more general way of talking about controlling access to a resource. access can be wanted A Linux based on a wide variety of criteria, such as the network address of the client, the lime of day. (Read, Write, full control).

 

 

Encryption

Encryption (Transform data which cannot be understood by unauthorized users ) is used to protect the confidentiality of information when it hurts reside or be transmitted through otherwise unsafe environments. Encryption is also used for  “digital signatures” to authenticate the origin of messages or data. Encryption algorithms themselves are rarely used alone in practice. Rather, they are typically embedded into a larger security system to ensure their correct and consistent use, since a failure to do can compromise the security of other messages, even those that have been properly encrypted.

 

The encryption model is elaborated below.

 

P78

 

 

Algorithms

Many different cryptography algorithms (Cryptography is the science of writing messages in secret codes)  have been done, but there are two main algorithms used in cryptography. here is a general overview of these two cryptography standards.

  1. Symmetric cryptosystem- privacy key algorithms.Eg.DES
  2. Asymmetric cryptosystem- public key algorithms.Eg.RSA
Notation Description
KA,B Secret key shared by A and B
KA The public key of A
KA The private key of A

 

  • Private key: This key must be known only by its owner.
  • Public key: This key is known to everyone (it is public).
  • The relation between both keys: One key encrypts, The other one decrypts, and vice versa. That means that if you encrypt something with my public key, I would need my private key to decrypt the message.

 

Private key algorithm

In private key algorithm ( secret key algorithms)  the same key is used for both encryption and decryption.

 

P79

 

Public key algorithm

A Public key algorithm consists of a public key (B)  used to crypt a message and a private key (A)  used to decrypt the message, for one public key there is one private key (A1, B1)  and only the private key that belongs to the public key can decrypt a message encrypted by the public key. Public key methods are important because they can be used to transmit encryption keys or other data securely even when the parties have no opportunity to agree on a secret key in private.

 

The diagram below illustrates the public key algorithm, which uses a public key to encrypt & a private key to decrypt.

 

p79

 

About Tec News

Tec News is optimized for learning Web Development, Programming, Database System and Tutorials, Articles, References for your development. This web help developers, learners learn these technologies easy and free.

Contact Us

If you have any suggestions or have any questions regarding our web please feel free to contact us.

info@tec-news.com        

https://www.tec-news.com