Chapter 7 Network Security Computer Networking A Top Down Approach Featuring the Internet The power point slides are based on the 2nd edition material provided by Jim Kurose, Keith Ros JF Kurose and K.W. ross Addison-Wesley, Juf 2002 Network Security 7-1
Network Security 7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2nd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2002. The PowerPoint Slides are based on the material provided by J.F Kurose and K.W. Ross
Chapter 7: Network Security Chapter goals: O understand principles of network security o cryptography and its many uses beyond confidentiality o authentication o message integrity o key distribution O security in practice o firewalls o security in application transport network link layers Network Security 7-2
Network Security 7-2 Chapter 7: Network Security Chapter goals: understand principles of network security: cryptography and its many uses beyond “confidentiality” authentication message integrity key distribution security in practice: firewalls security in application, transport, network, link layers
Chapter 7 roadmap 7.1 What is network security? 7.2 Principles of cryptography 7.3 Authentication 7.4 Integrity 7.5 Key distribution and certification 7.6 Access control: firewalls 7.7 Attacks and counter measures 7. 8 Security in many layers Network Security 7-3
Network Security 7-3 Chapter 7 roadmap 7.1 What is network security? 7.2 Principles of cryptography 7.3 Authentication 7.4 Integrity 7.5 Key Distribution and certification 7.6 Access control: firewalls 7.7 Attacks and counter measures 7.8 Security in many layers
What is network security? Confidentiality: only sender, intended receiver should "understand"message contents o sender encrypts message o receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards without detection Access and Availability: services must be accessible and available to users Network Security 7-4
Network Security 7-4 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and Availability: services must be accessible and available to users
Friends and enemies: Alice Bob. Trudy o well-known in network security world o Bob, Alice (lovers! )want to communicate "securely o Trudy(intruder)may intercept, delete, add messages Alice Bob channe data, control messages data secure secure data sender recelver Trudy Network Security 7-5
Network Security 7-5 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate “securely” Trudy (intruder) may intercept, delete, add messages secure sender secure receiver channel data, control messages data data Alice Bob Trudy