密码学基础11.1 P Security 復大辱软件学院
1 密码学基础 11.1 IP Security
Review Cryptography Authentication techniques PKL CA cert 復大辱软件学院
2 Review • Cryptography • Authentication techniques • PKI, CA, cert
IP Security have a range of application specific security mechanisms eg. S/mime, Pgp, Kerberos, Ssl/Https however there are security concerns that cut across protocol layers would like security implemented by the network for all applications Q: If security mechanisms in app layer have implemented. Security is needed in network level? Or vice versa? 復大辱软件学院
3 IP Security • have a range of application specific security mechanisms – eg. S/MIME, PGP, Kerberos, SSL/HTTPS • however there are security concerns that cut across protocol layers • would like security implemented by the network for all applications • Q: If security mechanisms in app layer have implemented. Security is needed in network level? Or vice versa?
ota Security facilities in TCP/IP HttpfTpsmTp S/MIME PGP SET Http Ftp SmtP SSL or tls Kerberos SMTP Http TCP TCP UDP TCP IP/IPSec IP IP (a) Network Level (b)Transport Level (c)Application Level 復大辱软件学院
4 Security facilities in TCP/IP
IPSec general IP Security mechanisms ° provides authentication confidentiality key management applicable to use over LANs, across public private WANs,& for the Internet 復大辱软件学院
5 IPSec • general IP Security mechanisms • provides – authentication – confidentiality – key management • applicable to use over LANs, across public & private WANs, & for the Internet