View page as slide show Export page to Open Document format

Network Security

Pekka Jäppinen

Literacy

  • Schneier: Applied Cryptography
    • The old bible of cryptography
  • Trappe & Washington: Introduction to Cryptography with Coding Theory
    • An update to what is going on.
  • Menezes et al: Handbook of Applied Cryptography
    • Good description of all the algorithms
  • Stallings: Cryptography and network Security

Practical assignment

  • Create a secured communication channel between two computers.
  • Any programming language can be used
    • Python is recommended
  • One security method should be created “by hand” i.e. programmed from scratch by yourself, for others existing libraries can be used.
    • The more you do yourself, the more points you get.
  • Assigments are returned personally and their functionality is demonstrated to the lecturer. There will be questions about the implementation during your presentation, so you better be able to justify your solutions.
    • If you do not understand what you have done, you can forget about getting grade.

Network security

What is the course all about?

Network

  • Is build to enbale communication between two or more devices
  • Communication is transfer of data between two or more communicating partners.
    • Between communicating partners is formed a communication channel
    • Communication channel can be formed over variety of communication mediums
      • Information can be transmitted in digital or analog form
    • This course concentrates on digital transmissions
  • Network consists of:
    • Hardware, Services (Software), Communication channels, Communication protocols, (Users)

Network structure

  • Drawn at the lecture

Challenges

  • Divercity
    • channel capabilities (e.g. wired vs wireless)
    • network type (ethernet, ADSL ….)
    • protocols (TCP/IP, PPP, FTP, HTTP)
    • Operating systems (Windows, Linux, MacOS…)
    • Device and their capabilities (workstations, routers, bridges, sensors)
    • Users (IT professionals, kids, grandparents)
    • Software/hardware/service producers/creators (variety of skill and knowledge levels)
  • Different environments have different challenges)
    • Need for different solutions
  • Compatibility issues in heterogenous environment
    • Same software/tools may not be available for all environments
    • Different versins of the software may exist in different devices/operating systems
    • Interpretations and implementations of standards may vary

Basic threats

  • Unauthorised connection
    • Fabrication of identity
  • Eavesdropping of communication
  • Transmitted data:
    • Modification
    • Repetition
  • Denying of the data transfer
  • Fabrication of data

Communication medium

  • Different communication mediums have different challenges that require different solutions
  • Wired
    • Wires can be cut
    • Copper cable
      • Information is transmitted in electricity
      • Eavesdropping is possible by using inductance
    • Fiber
      • Information is transmitted as light, eavesdropping on wire is not possible
  • Wireless
    • Infrared (IrDA)
      • Signal is directed, but is easily reflected all around and thus possible to eavesdrop
    • Radio (802.11*,GSM,GPRS,Bluetooth,zigbee…)
      • Signal travels freely in the air and there are lot of potential eavesdroppers.
      • Authentication is very important
    • Sonic communications
      • same problems than Radio based systems
Last modified: 2014/01/08 10:11