Scribd
Upload
321 views

Network Security

The document discusses network security at different layers of the TCP/IP model. It covers security protocols at the application layer like PGP and S/MIME for securing email, the transport layer with SSL/TLS for secure web connections, and the network layer with IPSec for VPNs. It provides details on how each protocol works, the algorithms used, and their positioning in the TCP/IP stack.

Uploaded by

surendar
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
321 views

Network Security

The document discusses network security at different layers of the TCP/IP model. It covers security protocols at the application layer like PGP and S/MIME for securing email, the transport layer with SSL/TLS for secure web connections, and the network layer with IPSec for VPNs. It provides details on how each protocol works, the algorithms used, and their positioning in the TCP/IP stack.

Uploaded by

surendar
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 68

Network Security

By
Farhan M.Shaikh
B.Sc. (CS),M.Sc. (IT), B.Ed.,M.Ed., M.A (Sociology)., UGC-NET (Education/ Sociology)

Visiting Faculty
L.S. Raheja College, SantaCruz
Tolani College, Andheri
Pioneer Education Center, Borivali, Andheri & Vasai
L.I.I.T., Dadar & Mulund
T.I.M.E., Andheri & Borivali
Unit 4
Security at the Application Layer (E-
MAIL, PGP and S/MIME)
Security at the Transport Layer (SSL
and TLS)
Security at the Network Layer (IPSec)

[email protected] 2
Security at the Application Layer (E MAIL)

[email protected] 3
Security at the Application Layer (E MAIL)

[email protected] 4
Security at the Application Layer (E MAIL)

[email protected] 5
Security at the Application Layer (E MAIL)

[email protected] 6
Pretty Good Privacy (PGP)

The first version of PGP was programmed


in 1991 by Phil R. Zimmerman, who later
founded PGP Security Consulting.
PGP is one of the most popular encryption
and authentication algorithm world-wide.
PGP is more widely used in electronic mail
Phil R. Zimmerman
security than any other areas.

[email protected] 7
PGP

In PGP, the sender of the message


needs to include the identifiers of the
algorithms used in the message as well
as the values of the keys.

[email protected] 8
Position of PGP in the TCP/IP protocol suite

[email protected] 9
PGP

[email protected] 10
PGP

[email protected] 11
PGP

[email protected] 12
PGP

[email protected] 13
PGP

[email protected] 14
PGP

[email protected] 15
PGP

[email protected] 16
PGP

[email protected] 17
PGP

[email protected] 18
PGP Algorithms

[email protected] 19
S/MIME

[email protected] 20
S/MIME

[email protected] 21
S/MIME

[email protected] 22
S/MIME

[email protected] 23
S/MIME Certificate Processing

[email protected] 24
[email protected] 25
S/MIME User Agent Role

[email protected] 26
S/MIME

[email protected] 27
S/MIME

[email protected] 28
Security at the Transport Layer:SSL

[email protected] 29
Figure 32.14 Location of SSL and TLS in the Internet model

[email protected] 30
SSL
Information sent over the Internet commonly
uses the set of rules called TCP/IP
(Transmission Control Protocol / Internet
Protocol).
The information is broken into packets,
numbered sequentially, and an error control
attached. Individual packets are sent by different
routes. TCP/IP reassembles them in order and
resubmits any packet showing errors.
SSL uses PKI and digital certificates to ensure
privacy and authentication.
[email protected] 31
SSL
The procedure is something like this: the
client sends a message to the server,
which replies with a digital certificate. Using
PKI, server and client negotiate to create
session keys, which are symmetrical secret
keys specially created for that particular
transmission. Once the session keys are
agreed, communication continues with
these session keys and the digital
certificates.
[email protected] 32
SSL
Negotiates and employs essential

functions for secure transactions


Mutual Authentication

Data Encryption

Data Integrity

As simple and transparent as possible

[email protected] 33
SSL
The Secure Sockets Layer (SSL) protocol,
originally developed by Netscape, has become
the universal standard on the Web for
authenticating Web sites to Web browser users,
and for encrypting communications between
browser users and Web servers.
Because SSL is built into all major browsers and
Web servers, simply installing a digital
certificate, or Server ID, enables SSL
capabilities.

[email protected] 34
SSL Services

[email protected] 35
SSL Services

[email protected] 36
SSL Security Parameters

[email protected] 37
Table 32.3 SSL cipher suite list

[email protected] 38
Table 32.3 SSL cipher suite list (continued)

[email protected] 39
SSL Sessions and Connections

[email protected] 40
Four Protocols of SSL

[email protected] 41
Figure 32.16 Four SSL protocols

[email protected] 42
Figure 32.17 Handshake Protocol

[email protected] 43
Four Protocols of SSL

[email protected] 44
Figure 32.18 Processing done by the Record Protocol

[email protected] 45
Security at the Transport Layer:TLS

[email protected] 46
Security at the Network Layer: IPSec

[email protected] 47
IPSec
general IP Security mechanisms
provides
authentication
confidentiality
key management
applicable to use over LANs, across public
& private WANs, & for the Internet

[email protected] 48
IPSec Architecture

[email protected] 49
IPSec Architecture

[email protected] 50
IPSec Document Overview

[email protected] 51
IPSec

[email protected] 52
IPSec

[email protected] 53
IPSec

[email protected] 54
IPSec

[email protected] 55
Authentication Header

[email protected] 56
Authentication Header

[email protected] 57
Encapsulating Security Payload

[email protected] 58
ESP Format

[email protected] 59
Encryption and Authentication
Algorithms

[email protected] 60
Key Management

[email protected] 61
Features of Oakley

[email protected] 62
ISAKMP

[email protected] 63
ISAKMP

[email protected] 64
Services provided by IPSec

[email protected] 65
Services provided by IPSec

[email protected] 66
References
Network Security Essentials- Applications
& Standards,
Stallings W (Pearson Education)

Cryptography and Network Security,


Forouzan B (TMH)

Cryptography and Network Security,


Kahate A (TMH)
[email protected] 67
[email protected] 68

You might also like