SlideShare a Scribd company logo

Network Security and its applications in

Download as PPTX, PDF
S
ssuser6478a8

The document provides an overview of network security and computer networking fundamentals, including the types of networks, network devices, communication protocols, and network topologies. It explains the roles of components like routers, switches, and firewalls, as well as the differences between wired and wireless communication methods. Key concepts such as peer-to-peer and client-server architectures, as well as the characteristics and advantages of various network types, are also discussed.

Education
1 of 113
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
Most read
83
84
85
86
87
88
Most read
89
Most read
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
Network Security
• Basics of Networking • Network Security • Encryption standards & Algorithms • Network security devices • Attack types • Firewalls
The Computer Network  A computer network is a group of computers/devices(Nodes) that use a set of common communication protocols over digital interconnections for the purpose of sharing resources located on or provided by the network nodes.  The nodes of a computer network may include personal computers, servers, networking hardware, or other specialised or general-purpose hosts.  The interconnections between nodes are formed from a broad spectrum of telecommunication network technologies, based on physically wired, optical, and wireless technologies.  A communication protocol is a set of rules for exchanging information over a network. physically wired, optical, and wireless
The Network Diagram (Click on the Words Below and Learn More About Each Component) The Internet Other LANS Firewall Router Fiber Optic Network Cable Server PC Wireless Network Wired Network Switch
Components Of Computer Network 1. NIC Card 2. Repeater 3. Hub 4. Switch 5. Bridge 6. Router 7. Gateway 8. Firewall
1. Network Interface Card  NIC is used to physically connect host devices to the network media.  A NIC is a printed circuit board that fits into the expansion slot of a bus on a computer motherboard.  It can also be a peripheral device. NICs are sometimes called network adapters.  Each NIC is identified by a unique code called a Media Access Control (MAC) address.  This address is used to control data communication for the host on the network.
2. Repeaters  A repeater is a network device used to regenerate a signal.  Repeaters regenerate analog or digital signals that are distorted by transmission loss due to attenuation.  A repeater does not make an intelligent decision concerning forwarding packets
3. Hubs  Hubs concentrate on connections.  In other words, they take a group of hosts and allow the network to see them as a single unit. This is done passively, without any other effect on the data transmission.  Active hubs concentrate hosts and also regenerate signals.
4. Bridges  Bridges convert network data formats and perform basic data transmission management.  Bridges provide connections between LANs.  They also check data to determine if it should cross the bridge. This makes each part of the network more efficient
5. Switches  Switches add more intelligence to data transfer management.  They can determine if data should remain on a LAN and transfer data only to the connection that needs it.  Another difference between a bridge and switch is that a switch does not convert data transmission formats
6. Routers  Routers have all the capabilities listed above.  Routers can regenerate signals, concentrate multiple connections, convert data transmission formats, and manage data transfers.  They can also connect to a WAN, which allows them to connect LANs that are separated by great distances.
7. Gateway  A gateway is a piece of networking hardware used in telecommunications for telecommunications networks that allows data to flow from one discrete network to another.  Gateways are distinct from routers or switches in that they communicate using more than one protocol to connect a bunch of networks
8. Firewall  A firewall is a network device or software for controlling network security and access rules.  Firewalls are inserted in connections between secure internal networks and potentially insecure external networks such as the Internet.  Firewalls are typically configured to reject access requests from unrecognized sources while allowing actions from recognized ones.
Features of Computer Network A list Of Computer network features is given below. • Communication speed • File sharing • Back up and Roll back is easy • Software and Hardware sharing • Security • Scalability • Reliability
Computer Network Architecture Two types of Computer Network Architecture • Peer-To-Peer network • Client/Server network Peer-To-Peer network is a network in which all the computers are linked together with equal privilege and responsibilities for processing the data. Client/Server network is a network model designed for the end users called clients, to access the resources such as songs, video, etc. from a central computer known as Server.
Transmission Media The function of the media is to carry a flow of information through a LAN. A. Wired Media:- A widely adopted family that uses copper and fiber media in local area network (LAN) technology are collectively known as Ethernet 1. Copper Cable a. Coaxial Cables b. Shielded Twisted Pair(STP) c. Unshielded Twisted Pair 2. Fibre Optic Cable B. Wireless Media:- use the atmosphere, or space, as the medium.
1. Copper Cable  The most common, easiest, quickest, and cheapest form of network media to install.  The disadvantage of sending data over copper wire is that the further the signal travels, the weaker it becomes.
a. Coaxial Cable  It can be run longer distances than Twisted pair Cables. • Speed: 10-100Mbps • Cost: Inexpensive • Media and connector size: Medium • Maximum cable length: 500m
b. Shielded Twisted Pair(STP) • Speed: 0-100Mbps • Cost: Moderate • Media and connector size: Medium to large • Maximum cable length: 100m
c. Unshielded Twisted Pair  UTP is a four-pair wire medium used in a variety of networks.  Each of the eight copper wires in the UTP cable is covered by insulating material Speed: 10-100-1000 Mbps* Cost: Least Expensive Media and connector size: Small Maximum cable length: 100m * (Depending on the quality/category of cable)
UTP Implementation  EIA/TIA specifies an RJ-45 connector for UTP cable.  The letters RJ stand for registered jack.
Fiber Optic Cable  Glass fiber carrying light pulses, each pulse a bit.  Based on the Total Internal Reflection of Light.  High-speed point-to-point transmission 10-100’s Gbps  low error rate:  repeaters spaced far apart  immune to electromagnetic noise
Communication Protocols Internet Protocol Suite  Also called TCP/IP, is the foundation of all modern networking.  It defines the addressing, identification, and routing specifications for IPv4 and for IPv6.  It is the defining set of protocols for the Internet. IEEE 802  It is a family of IEEE standards dealing with local area networks and metropolitan area networks.  They operate mostly at levels 1 and 2 of the OSI model. Ethernet  It is a family of protocols used in wired LANs, described by a set of standards together called IEEE 802.3
Communication Protocols Wireless LAN  It is standardized by IEEE 802.11 and shares many properties with wired Ethernet. SONET/SDH  Synchronous optical networking (SONET) and Synchronous Digital Hierarchy (SDH) are standardized multiplexing protocols that transfer multiple digital bit streams over optical Fibre using lasers. Asynchronous Transfer Mode(ATM)  It uses asynchronous time-division multiplexing and encodes data into small, fixed-sized cells.  Good choice for a network that handle both traditional high-throughput data traffic, and real-time, low-latency content such as voice and video.
Types of Networks 1. Personal Area Network (PAN) 2. Local Area Network (LAN) 3. Campus Area Network (CAN) 4. Metropolitan Area Network (MAN) 5. Wide Area Network (WAN) 6. Storage-Area Network (SAN) 7. Virtual Private Network (VPN) 8. Client Server Network 9. Peer to Peer Network (P2P)
1. Personal Area Network 1. Personal Area Network (PAN) is a computer network used for data transmission amongst devices such as computers, telephones, tablets and personal digital assistants. 2. Also Known as HAN (Home Area Network) 3. PANs can be used for communication amongst the personal devices themselves (interpersonal communication), or for connecting to a higher level network and the Internet (an uplink) where one "master" device takes up the role as internet router.
2. Local Area Network  Xerox Corporation worked in collaboration with DEC and Intel to create Ethernet, which is the most pervasive LAN architecture used today.  Ethernet has evolved and has seen significant improvements in regard to speed and efficiency.  An upside of a LAN is fast data transfer with data speed that can reach up to 10Gbps.  Other significant LAN technologies are Fiber Distributed Data Interface (FDDI) and token ring.
3. Campus Area Network  Larger than LANs, but smaller than metropolitan area networks these types of networks are typically seen in universities, large K-12 school districts or small businesses.  They can be spread across several buildings that are fairly close to each other so users can share resources
4. Metropolitan Area Network 1. A MAN is larger than a LAN but smaller than or equal in size to a WAN. 2. The size range anywhere from 5 to 50km in diameter. 3. MANs are typically owned and managed by a single entity. 4. This could be an ISP or telecommunications company that sells its services to end-users in that metropolitan area. 5. For all intents and purposes, a MAN has the same characteristics as a WAN with distance constraints.
5. Wide Area Network • A Wide Area Network exist over a large area • Data travels through telephone or cable lines • Usually requires a Modem • The world’s largest Wide Area Network in the Internet
6. Storage Area Network  SAN may be referred to as a Sub network or special purpose network.  Its special purpose is to allow users on a larger network to connect various data storage devices with clusters of data servers.  SANs can be accessed in the same fashion as a drive attached to a server.
7. Virtual Private Network  VPN is a private network that can access public networks remotely. VPN uses encryption and security protocols to retain privacy while it accesses outside resources.  When employed on a network, VPN enables an end user to create a virtual tunnel to a remote location. Typically, telecommuters use VPN to log in to their company networks from home.  Authentication is provided to validate the identities of the two peers.  Confidentiality provides encryption of the data to keep it private from prying eyes.  Integrity is used to ensure that the data sent between the two devices or sites has not been tampered with.
8. Client/Server Network In a client/server arrangement, network services are located on a dedicated computer called a server.  The server responds to the requests of clients. The server is a central computer that is continuously available to respond to requests from clients for file, print, application, and other services.  Most network operating systems adopt the form of a client/server relationship.  Typically, desktop computers function as clients, and one or more computers with additional processing power, memory, and specialized software function as servers.
9. Peer to Peer Network  Usually very small networks  Each workstation has equivalent capabilities and responsibilities  Does not require a switch or a hub.  These types of networks do not perform well under heavy data loads.
Network Topologies Network topology defines the structure of the network. A. Physical topology:- It define the actual layout of the wire or media. 1. Bus 2. Ring 3. Star 4. Tree(Hierarchical) 5. Mesh B. Logical topology:- It defines how the hosts access the media to send data. 1. Broadcast 2. Token passing C. Hybrid Topology
1. Bus Topology T T All devices are connected to a central cable, called bus or backbone. There are terminators at each end of the bus that stops the signal and keeps it from traveling backwards. Disadvantages: 1. It is possible that more than one station may attempt transmission simultaneously (collision or contention). 2. Difficult reconfiguration and fault isolation. 3. A fault or break in the bus cable stops all transmission, even between devices on the same side of the problem. 4. The damaged area reflects signals in the direction of origin, creating noise in both directions Advantages: 1. There is no central controller. 2. Control resides in each station 3. The less interconnecting wire is required. 4. Ease of installation. 5. Backbone cable can be laid along the most efficient path, and then connected to the nodes by drop lines of various lengths
2. Ring Topology • All devices are connected to one another in the shape of a closed loop. • Each device is connected directly to two other devices, one on either side of it. Advantages: 1. Avoids the collisions that are possible in the bus topology. 2. Each pair of stations has a point-to-point connection. 3. A signal is passed along the ring in one direction, from device to another, until it reaches its destination. 4. Each device incorporates a repeater. 5. Relatively easy to install and reconfigure. 6. Fault isolation is simplified. Disadvantages: 1. A break in the ring (such as station disabled) can disable the entire network. 2. Unidirectional traffic.
3. Star Topology • All devices are connected to a central hub. • Nodes communicate across the network by passing data through the hub or switch. Advantages: 1. Easy to install and reconfigure. 2. Robustness, if one link fails; only that link is affected. All other links remain active. 3. Easy fault identification and isolation. As long as the hub is working, it can be used to monitor link problems and bypass defective links. Disadvantages: 1. The devices are not linked to each other. 2. If one device wants to send data to another, it sends it to the controller, which then relays the data to the other connected device.
4. Tree/Hierarchical Topology Advantages: 1. It allows more devices to be attached to a single central hub and can therefore increase the distance a signal can travel between devices. 2. It allows the network to isolate and prioritize communications from different computers. Disadvantages: 1. The devices are not linked to each other. 2. If one device wants to send data to another, it sends it to the controller, which then relays the data to the other connected device. 3. The addition of secondary hubs brings two further advantages.
6. Mesh Topology Each host has its connections to all other hosts. Mesh topology is implemented to provide as much protection as possible from interruption of service. 1. A nuclear power plant might use a mesh topology in the networked control systems. 2. Although the Internet has multiple paths to any one location, it does not adopt the full mesh topology. Disadvantages: 1. A large amount of cabling required. 2. A large amount of I/O ports required. 3. Installation and reconfiguration are difficult. 4. The sheer bulk of the wiring can be greater than the available space (in the walls, ceiling, or floors) can accommodate. 5. The hardware required to connect each link (I/O ports and cables) can be prohibitively expensive. Advantages: 1. The use of dedicated links guarantees that each connection can carry its data load, thus eliminating the traffic problems that can occur when links must be shared by multiple devices. 2. It is robust, if one link becomes unusable, it does not incapacitate (affect) the entire system. 3. Privacy and Security (every message sent travels along a dedicated line; only the intended recipient sees it). 4. Point-to-point links make fault identification and fault isolation easy.
Wireless Networks Wireless network is a type of computer network that uses wireless data connections for connecting network nodes. Example Bluetooth Wi-Fi
Bluetooth  Bluetooth is a short-range wireless technology standard used for exchanging data between fixed and mobile devices over short distances.  It is using UHF radio waves in the ISM bands, from 2.402 GHz to 2.48 GHz.  The IEEE standardized Bluetooth as IEEE 802.15.1, but no longer maintains the standard.
Wi-Fi  Wi-Fi Stands for Wireless Fidelity.  Wi-Fi, is a Local Area Wireless technology.  Wi-Fi networks use radio technologies to transmit and receive data at high speed.  It is based on the IEEE 802.11 family of standards.  Access point: The access point is a wireless LAN transceiver or “ base station” that can connect one or many wireless devices simultaneously to the internet
The Internet The simplest definition of the Internet is that it's a network of computer networks How Information Travel Through the Internet A page on the Internet—whether it's full of words, images or both—doesn't come to you in one shipment. It's translated into digital information, chopped into 1500 byte pieces called PACKETS, and sent to you like a puzzle that needs to be reassembled. Each part of the packet has a specific function: Header Provides the complete destination address for the packet Data Block The portion of the overall information carried by the packet Sequence ID ID’s where the information belongs in relation to the rest of the information End of Message ID’s the end of the packet
The Internet How Information Travel Through the Internet When you connect to a Web site through an ISP and start exchanging information, there isn't a fixed connection between your computer and the Web server computer hosting the Web site. Instead, information is exchanged using the best possible path at that particular time. Special computers called routers determine these paths, avoiding slow links and favoring fast ones. Your Computer ISP Routers Web Servers
1-1 DATA COMMUNICATIONS The term telecommunication means communication at a distance. The word data refers to information presented in whatever form is agreed upon by the parties creating and using the data. Data communications are the exchange of data between two devices via some form of transmission medium such as a wire cable or wireless. 1. Delivery → Correct destination 2. Accuracy → Accurate data 3. Timelines → Real-time transmission 4. Jitter → Uneven delay 1.46
Figure 1.1 Five components of data communication Components Data Representation Data Flow Topics discussed in this section: Components 2 1 3 4 5 1.47
Data Representation 1. Text 2. Numbers 3. Images 4. Audio 5. Video Data flow  Simplex  Half-duplex  Full-duplex 1.48
Network Models 1.49
1-5 LAYERED TASKS  A network model is a layered architecture  Task broken into subtasks  Implemented separately in layers in stack  Functions need in both systems  Peer layers communicate  Protocol:  A set of rules that governs data communication  It represents an agreement between the communicating devices 1.50
Tasks involved in sending a letter Sender, Receiver, and Carrier Hierarchy (services) Topics discussed in this section: 1.51
1-5.1 THE OSI MODEL Established in 1947, the International Standards Organization (ISO) is a multinational body dedicated to worldwide agreement on international standards. An ISO is the Open Systems Interconnection (OSI) model is the standard that covers all aspects of network communications from ISO. It was first introduced in the late 1970s. 1.52
Seven layers of the OSI model Layered Architecture Layers Layer 7. Application Layer 6. Presentation Layer 5. Session Layer 4. Transport Layer 3. Network Layer 2. Data Link Layer 1. Physical Sender Receiver 1.53
Layered Architecture  A layered model  Each layer performs a subset of the required communication functions  Each layer relies on the next lower layer to perform more primitive functions  Each layer provides services to the next higher layer  Changes in one layer should not require changes in other layers  The processes on each machine at a given layer are called peer-to-peer process 1.54
 Communication must move downward through the layers on the sending device, over the communication channel, and upward to the receiving device  Each layer in the sending device adds its own information to the message it receives from the layer just above it and passes the whole package to the layer just below it  At the receiving device, the message is unwrapped layer by layer, with each process receiving and removing the data meant for it PEER – TO – PEER PROCESS 1.55
PEER – TO – PEER PROCESS  The passing of the data and network information down through the layers of the sending device and backup through the layers of the receiving device is made possible by interface between each pair of adjacent layers  Interface defines what information and services a layer must provide for the layer above it. 1.56
The interaction between layers in the OSI model 1.57
An exchange using the OSI model 1.58
LAYERS IN THE OSI MODEL 1. Physical Layer 2. Data Link Layer 3. Network Layer 4. Transport Layer 5. Session Layer 6. Presentation Layer 7. Application Layer Topics discussed in this section: 1.59
The physical layer is responsible for movements of individual bits from one hop (node) to the next.  Function  Physical characteristics of interfaces and media  Representation of bits  Data rate  Synchronization of bits  Line configuration (point-to-point or multipoint)  Physical topology (mesh, star, ring or bus)  Transmission mode ( simplex, half-duplex or duplex) Physical Layer 1.60
Physical layer 1.61
The data link layer is responsible for moving frames from one hop (node) to the next.  Function  Framing  Physical addressing  Flow control  Error control  Access control Data Link Layer 1.62
Data link layer 1.63
Hop-to-hop delivery 1.64
Example 1 In following Figure a node with physical address 10 sends a frame to a node with physical address 87. The two nodes are connected by a link. At the data link level this frame contains physical addresses in the header. These are the only addresses needed. The rest of the header contains other information needed at this level. The trailer usually contains extra bits needed for error detection 1.65
The network layer is responsible for the delivery of individual packets from the source host to the destination host.  Source-to-destination delivery  Responsible from the delivery of packets from the original source to the final destination  Functions  Logical addressing  routing Network Layer 1.66
Network layer 1.67
Source-to-destination delivery 1.68
Example 2 We want to send data from a node with network address A and physical address 10, located on one LAN, to a node with a network address P and physical address 95, located on another LAN. Because the two devices are located on different networks, we cannot use physical addresses only; the physical addresses only have local influence. What we need here are universal addresses that can pass through the LAN boundaries. The network (logical) addresses have this characteristic. 1.69
The transport layer is responsible for the delivery of a message from one process to another.  Process-to- process delivery  Functions  Port addressing  Segmentation and reassembly  Connection control ( Connection-oriented or connection-less)  Flow control  Error control Transport Layer 1.70
Transport layer Segmentation and reassembly 1.71
Reliable process-to-process delivery of a message 1.72
Example 3 Data coming from the upper layers have port addresses j and k (j is the address of the sending process, and k is the address of the receiving process). Since the data size is larger than the network layer can handle, the data are split into two packets, each packet retaining the port addresses (j and k). Then in the network layer, network addresses (A and P) are added to each packet. 1.73
The session layer is responsible for dialog control and synchronization. Session Layer  It establishes, maintains and synchronize the interaction between communicating system  Function  Dialog control  Synchronization (checkpoints) 1.74
Session layer Synchronization 1.75
The presentation layer is responsible for translation, compression, and encryption. Presentation Layer  Concerned with the syntax and semantics of the information exchanged between two system  Functions  Translation ( EBCDIC-coded text file  ASCII-coded file)  Encryption and Decryption  Compression 1.76
Presentation layer 1.77
The application layer is responsible for providing services to the user.  Functions  Network virtual terminal (Remote log-in)  File transfer and access  Mail services  Directory services (Distributed Database)  Accessing the World Wide Web Application Layer 1.78
Application layer 1.79
Summary of layers 1.80
TCP/IP model •The TCP/IP model was developed prior to the OSI model. •The TCP/IP model is not exactly similar to the OSI model. •The TCP/IP model consists of five layers: the application layer, transport layer, network layer, data link layer and physical layer. •The first four layers provide physical standards, network interface, internetworking, and transport functions that correspond to the first four layers of the OSI model TCP/IP is a hierarchical protocol made up of interactive modules, and each of them provides specific functionality.
Functions of TCP/IP layers:
Network Access Layer • A network layer is the lowest layer of the TCP/IP model. • A network layer is the combination of the Physical layer and Data Link layer defined in the OSI reference model. • It defines how the data should be sent physically through the network. • This layer is mainly responsible for the transmission of the data between two devices on the same network. • The functions carried out by this layer are encapsulating the IP datagram into frames transmitted by the network and mapping of IP addresses into physical addresses. • The protocols used by this layer are ethernet, token ring, FDDI, X.25, frame relay.
Internet Layer • An internet layer is the second layer of the TCP/IP model. • An internet layer is also known as the network layer. • The main responsibility of the internet layer is to send the packets from any network, and they arrive at the destination irrespective of the route they take.
Transport Layer • The transport layer is responsible for the reliability, flow control, and correction of data which is being sent over the network. • The two protocols used in the transport layer are User Datagram protocol and Transmission control protocol.
Application Layer • An application layer is the topmost layer in the TCP/IP model. • It is responsible for handling high-level protocols, issues of representation. • This layer allows the user to interact with the application. • When one application layer protocol wants to communicate with another application layer, it forwards its data to the transport layer. • There is an ambiguity occurs in the application layer. Every application cannot be placed inside the application layer except those who interact with the communication system. For example: text editor cannot be considered in application layer while web browser using HTTP protocol to interact with the network where HTTP protocol is an application layer protocol.
Network Security and its applications in
Computer Network Security • Computer network security consists of measures taken by business or some organizations to monitor and prevent unauthorized access from the outside attackers. • Network Administrator controls access to the data and software on the network. A network administrator assigns the user ID and password to the authorized person.
• Privacy: Privacy means both the sender and the receiver expects confidentiality. The transmitted message should be sent only to the intended receiver while the message should be opaque for other users. • Message Integrity: Data integrity means that the data must arrive at the receiver exactly as it was sent. There must be no changes in the data content during transmission, either maliciously or accident, in a transit. • End-point authentication: Authentication means that the receiver is sure of the sender’s identity, i.e., no imposter has sent the message. • Non-Repudiation: Non-Repudiation means that the receiver must be able to prove that the received message has come from a specific sender. The sender must not deny sending a message that he or she send.
Cryptography • Encryption/Decryption • Encryption: Encryption means that the sender converts the original information into another form and sends the unintelligible message over the network. • Decryption: Decryption reverses the Encryption process in order to transform the message back to the original form. • The data which is to be encrypted at the sender site is known as plaintext, and the encrypted data is known as ciphertext. The data is decrypted at the receiver site.
1. There are two types of Encryption/Decryption techniques: Privacy with secret key Encryption/Decryption Privacy with public key Encryption/Decryption
Secret Key Encryption/Decryption technique • In Secret Key Encryption/Decryption technique, the same key is used by both the parties, i.e., the sender and receiver. • The sender uses the secret key and encryption algorithm to encrypt the data; the receiver uses this key and decryption algorithm to decrypt the data. • The secret key encryption algorithm is also known as symmetric encryption algorithm because the same secret key is used in bidirectional communication. • In secret key encryption/decryption algorithm, the secret code is used by the computer to encrypt the information before it is sent over the network to another computer.
Network Security and its applications in
Public Key Encryption/Decryption technique • here are two keys in public key encryption: a private key and a public key. • The private key is given to the receiver while the public key is provided to the public. • In public key Encryption/Decryption, the public key used by the sender is different from the private key used by the receiver. • The public key is available to the public while the private key is kept by each individual. • The most commonly used public key algorithm is known as RSA.
Network Security and its applications in
Digital Signature • The Digital Signature is a technique which is used to validate the authenticity and integrity of the message. We know that there are four aspects of security: privacy, authentication, integrity, and non-repudiation. We have already discussed the first aspect of security and other three aspects can be achieved by using a digital signature. • The basic idea behind the Digital Signature is to sign a document. When we send a document electronically, we can also sign it. We can sign a document in two ways: to sign a whole document and to sign a digest.
Signing the Whole Document • In Digital Signature, a public key encryption technique is used to sign a document. However, the roles of a public key and private key are different here. • The sender uses a private key to encrypt the message while the receiver uses the public key of the sender to decrypt the message. In Digital Signature, the private key is used for encryption while the public key is used for decryption. • Digital Signature cannot be achieved by using secret key encryption.
Network Security and its applications in
Signing the Digest • Public key encryption is efficient if the message is short. If the message is long, a public key encryption is inefficient to use. The solution to this problem is to let the sender sign a digest of the document instead of the whole document. • The sender creates a miniature version (digest) of the document and then signs it, the receiver checks the signature of the miniature version. • The hash function is used to create a digest of the message. The hash function creates a fixed-size digest from the variable- length message. • The two most common hash functions used: MD5 (Message Digest 5) and SHA-1 (Secure Hash Algorithm 1). The first one produces 120-bit digest while the second one produces a 160- bit digest.
At the Sender Side
At Receiver Side
PGP • PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann. • PGP was designed to provide all four aspects of security, i.e., privacy, integrity, authentication, and non-repudiation in the sending of email. • PGP uses a digital signature (a combination of hashing and public key encryption) to provide integrity, authentication, and non- repudiation. • PGP uses a combination of secret key encryption and public key encryption to provide privacy. • PGP is an open source and freely available software package for email security. • PGP provides authentication through the use of Digital Signature. • It provides confidentiality through the use of symmetric block encryption.
• Following are the steps taken by PGP to create secure e-mail at the sender site: • The e-mail message is hashed by using a hashing function to create a digest. • The digest is then encrypted to form a signed digest by using the sender's private key, and then signed digest is added to the original email message. • The original message and signed digest are encrypted by using a one-time secret key created by the sender. • The secret key is encrypted by using a receiver's public key. • Both the encrypted secret key and the encrypted combination of message and digest are sent together.
PGP at the Sender site (A)
• Following are the steps taken to show how PGP uses hashing and a combination of three keys to generate the original message: • The receiver receives the combination of encrypted secret key and message digest is received. • The encrypted secret key is decrypted by using the receiver's private key to get the one-time secret key. • The secret key is then used to decrypt the combination of message and digest. • The digest is decrypted by using the sender's public key, and the original message is hashed by using a hash function to create a digest. • Both the digests are compared if both of them are equal means that all the aspects of security are preserved.
Network Security and its applications in
Network Attack • A network attack is an attempt to gain unauthorized access to an organization’s network, with the objective of stealing data or perform other malicious activity. There are two main types of network attacks: • Passive: Attackers gain access to a network and can monitor or steal sensitive information, but without making any change to the data, leaving it intact. • Active: Attackers not only gain unauthorized access but also modify data, either deleting, encrypting or otherwise harming it.
Types of Network Attacks • 1. Unauthorized access Unauthorized access refers to attackers accessing a network without receiving permission. • 2. Distributed Denial of Service (DDoS) attacks Attackers build botnets, large fleets of compromised devices, and use them to direct false traffic at your network or servers. • 3. Man in the middle attacks A man in the middle attack involves attackers intercepting traffic, either between your network and external sites or within your network. • 4. Code and SQL injection attacks Many websites accept user inputs and fail to validate and sanitize those inputs. Attackers can then fill out a form or make an API passing malicious code instead of the expected data values. • 5. Privilege escalation Once attackers penetrate your network, they can use privilege escalation to expand their reach. • 6. Insider threats A network is especially vulnerable to malicious insiders, who already have privileged access to organizational systems
FIREWALL • A firewall can be defined as a special type of network security device or a software program that monitors and filters incoming and outgoing network traffic based on a defined set of security rules. • It acts as a barrier between internal private networks and external sources (such as the public Internet). • The primary purpose of a firewall is to allow non-threatening traffic and prevent malicious or unwanted data traffic for protecting the computer from viruses and attacks. • A firewall is a cybersecurity tool that filters network traffic and helps users block malicious software from accessing the Internet in infected computers.
Network Security and its applications in
firewall work
Functions of Firewall • Network Threat Prevention • Application and Identity-Based Control • Hybrid Cloud Support • Scalable Performance • Network Traffic Management and Control • Access Validation • Record and Report on Events
Types of Firewall

More Related Content

PPTX
Lesson 11 Managing User Accounts
guevarra_2000
 
PPTX
Firewall ppt
saloni mittal
 
PPTX
Computer security basics
Srinu Potnuru
 
PPT
SQL Slammer Worm
Sharklover92
 
PPT
Computer Networks basics and OSI
CS_GDRCST
 
PPTX
User and groups administrator
Aisha Talat
 
PPT
Network Security
forpalmigho
 
PPTX
Types of software
Sameen Fatima
 
Lesson 11 Managing User Accounts
guevarra_2000
 
Firewall ppt
saloni mittal
 
Computer security basics
Srinu Potnuru
 
SQL Slammer Worm
Sharklover92
 
Computer Networks basics and OSI
CS_GDRCST
 
User and groups administrator
Aisha Talat
 
Network Security
forpalmigho
 
Types of software
Sameen Fatima
 

What's hot (20)

PPTX
Network security
fatimasaham
 
PDF
1. gen1 evolution and architecture of t24-r10.01
Emmanuel Boadu
 
PPT
cyber crime and privacy issues by varun call for assistence 8003498888
Varun Mathur
 
PPTX
IT Security Presentation
elihuwalker
 
PPTX
Windows programming
Bapan Maity
 
PDF
TACACS Protocol
Netwax Lab
 
PDF
Hping dan nmap
Bima Prakoso Sudibyo
 
PPT
Operating systems
Ujjwal 'Shanu'
 
PPTX
Windows 2019
Gary Williams
 
PPTX
Attack on computer
Rabail khan
 
PPTX
ioT_SDN
Raluca Ciungu
 
PPTX
Human Computer Interface (HCI)
Shobha Rani
 
PPTX
Network Fundamentals: Ch3 - Application Layer Functionality and Protocols
Abdelkhalik Mosa
 
PPTX
Command Line Interface
Shubham Chaudhary
 
PPT
OSI Transport Layer
Sachii Dosti
 
PPTX
Network Security
Manoj Singh
 
PPT
Samba server configuration
Rohit Phulsunge
 
PPTX
Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Dr. SURBHI SAROHA
 
PPTX
Unit 1 introduction to Operating System
zahid7578
 
PPT
Firewall
nayakslideshare
 
Network security
fatimasaham
 
1. gen1 evolution and architecture of t24-r10.01
Emmanuel Boadu
 
cyber crime and privacy issues by varun call for assistence 8003498888
Varun Mathur
 
IT Security Presentation
elihuwalker
 
Windows programming
Bapan Maity
 
TACACS Protocol
Netwax Lab
 
Hping dan nmap
Bima Prakoso Sudibyo
 
Operating systems
Ujjwal 'Shanu'
 
Windows 2019
Gary Williams
 
Attack on computer
Rabail khan
 
ioT_SDN
Raluca Ciungu
 
Human Computer Interface (HCI)
Shobha Rani
 
Network Fundamentals: Ch3 - Application Layer Functionality and Protocols
Abdelkhalik Mosa
 
Command Line Interface
Shubham Chaudhary
 
OSI Transport Layer
Sachii Dosti
 
Network Security
Manoj Singh
 
Samba server configuration
Rohit Phulsunge
 
Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Dr. SURBHI SAROHA
 
Unit 1 introduction to Operating System
zahid7578
 
Firewall
nayakslideshare
 
Ad

Similar to Network Security and its applications in (20)

PPT
Network-20210426203825.ppt
Sri Latha
 
PPT
Network-20210426203825.ppt
Sri Latha
 
PPT
OSI LAyer.ppt
khan679040
 
PPT
cpct NetworkING BASICS AND NETWORK TOOL.ppt
rcbcrtm
 
PPT
introduction to computer Network-20210426203825 (1).ppt
gauravgoswami78
 
PPT
Concepts of Networking.ppt
rakesh132809
 
PPTX
network class 4&5.pptx
SelfUse
 
PPTX
Gunn 8th- Lily.pptx
HimanshiMorwal1
 
PPT
vnd.ms-powerpoint&rendition=1.ppt
unnipb1
 
PPT
Introduction to Computer Networks and Cloud Comp..
EdcelPacayraDuena
 
PPT
Network-20210426203825.ppt
nilesh405711
 
PPT
Network- computer networking by vinod ppt
DhruvilSTATUS
 
PPT
Advanced Computer Network-20210426203825.ppt
SmitaPatil541701
 
PPT
Computer Network basic
CeoTranDang
 
PPT
A computer network links several computers. Office networks allow people to w...
sherinjoyson
 
PPT
Computer Network and its applications, different kinds of technologies and di...
ssuser036308
 
PPT
Network protocol
QadarAhmed1
 
PPT
Network.ppt
ssuser2276e6
 
PPT
Unit I_Computer Networks_2.ppt
Arumugam90
 
PPT
Basic Networking.ppt
MDAminulIslam712665
 
Network-20210426203825.ppt
Sri Latha
 
Network-20210426203825.ppt
Sri Latha
 
OSI LAyer.ppt
khan679040
 
cpct NetworkING BASICS AND NETWORK TOOL.ppt
rcbcrtm
 
introduction to computer Network-20210426203825 (1).ppt
gauravgoswami78
 
Concepts of Networking.ppt
rakesh132809
 
network class 4&5.pptx
SelfUse
 
Gunn 8th- Lily.pptx
HimanshiMorwal1
 
vnd.ms-powerpoint&rendition=1.ppt
unnipb1
 
Introduction to Computer Networks and Cloud Comp..
EdcelPacayraDuena
 
Network-20210426203825.ppt
nilesh405711
 
Network- computer networking by vinod ppt
DhruvilSTATUS
 
Advanced Computer Network-20210426203825.ppt
SmitaPatil541701
 
Computer Network basic
CeoTranDang
 
A computer network links several computers. Office networks allow people to w...
sherinjoyson
 
Computer Network and its applications, different kinds of technologies and di...
ssuser036308
 
Network protocol
QadarAhmed1
 
Network.ppt
ssuser2276e6
 
Unit I_Computer Networks_2.ppt
Arumugam90
 
Basic Networking.ppt
MDAminulIslam712665
 
Ad

More from ssuser6478a8 (12)

PPT
CSS is the language we use to style a Web page. CSS stands for Cascading Styl...
ssuser6478a8
 
PPTX
React is a free and open-source front-end JavaScript library for building use...
ssuser6478a8
 
PPTX
2023-12-15T16_13_17.575Z-SIF Space Hackathon 2023 _ Submission Template.pptx
ssuser6478a8
 
PPT
HTML is a markup language used by the browser to manipulate text, images, and...
ssuser6478a8
 
PPTX
Buila a Personalized Online course Recommender System with Machine Learning
ssuser6478a8
 
PPTX
5G is the fifth-generation technology standard for cellular networks, which c...
ssuser6478a8
 
PPT
Data Structures and Algorithms (DSA) is a fundamental part of Computer Scienc...
ssuser6478a8
 
PPT
HTML element is everything between the start tag and the end tag
ssuser6478a8
 
PPT
Data mining is the statistical technique of processing raw data in a structur...
ssuser6478a8
 
PDF
HTML stands for HyperText Markup Language. It is used to design web pages usi...
ssuser6478a8
 
PPT
Arrays are used to store multiple values in a single variable, instead of dec...
ssuser6478a8
 
PPT
Arrays and with its types and elements in java
ssuser6478a8
 
CSS is the language we use to style a Web page. CSS stands for Cascading Styl...
ssuser6478a8
 
React is a free and open-source front-end JavaScript library for building use...
ssuser6478a8
 
2023-12-15T16_13_17.575Z-SIF Space Hackathon 2023 _ Submission Template.pptx
ssuser6478a8
 
HTML is a markup language used by the browser to manipulate text, images, and...
ssuser6478a8
 
Buila a Personalized Online course Recommender System with Machine Learning
ssuser6478a8
 
5G is the fifth-generation technology standard for cellular networks, which c...
ssuser6478a8
 
Data Structures and Algorithms (DSA) is a fundamental part of Computer Scienc...
ssuser6478a8
 
HTML element is everything between the start tag and the end tag
ssuser6478a8
 
Data mining is the statistical technique of processing raw data in a structur...
ssuser6478a8
 
HTML stands for HyperText Markup Language. It is used to design web pages usi...
ssuser6478a8
 
Arrays are used to store multiple values in a single variable, instead of dec...
ssuser6478a8
 
Arrays and with its types and elements in java
ssuser6478a8
 

Recently uploaded (20)

PPTX
master seminar digital applications in india
ananyaray35
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PDF
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PDF
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PPTX
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PDF
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PDF
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
master seminar digital applications in india
ananyaray35
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
Classroom Observation Tools for Teachers
Nicaramirez
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 

Network Security and its applications in

  • 2. • Basics of Networking • Network Security • Encryption standards & Algorithms • Network security devices • Attack types • Firewalls
  • 3. The Computer Network  A computer network is a group of computers/devices(Nodes) that use a set of common communication protocols over digital interconnections for the purpose of sharing resources located on or provided by the network nodes.  The nodes of a computer network may include personal computers, servers, networking hardware, or other specialised or general-purpose hosts.  The interconnections between nodes are formed from a broad spectrum of telecommunication network technologies, based on physically wired, optical, and wireless technologies.  A communication protocol is a set of rules for exchanging information over a network. physically wired, optical, and wireless
  • 4. The Network Diagram (Click on the Words Below and Learn More About Each Component) The Internet Other LANS Firewall Router Fiber Optic Network Cable Server PC Wireless Network Wired Network Switch
  • 5. Components Of Computer Network 1. NIC Card 2. Repeater 3. Hub 4. Switch 5. Bridge 6. Router 7. Gateway 8. Firewall
  • 6. 1. Network Interface Card  NIC is used to physically connect host devices to the network media.  A NIC is a printed circuit board that fits into the expansion slot of a bus on a computer motherboard.  It can also be a peripheral device. NICs are sometimes called network adapters.  Each NIC is identified by a unique code called a Media Access Control (MAC) address.  This address is used to control data communication for the host on the network.
  • 7. 2. Repeaters  A repeater is a network device used to regenerate a signal.  Repeaters regenerate analog or digital signals that are distorted by transmission loss due to attenuation.  A repeater does not make an intelligent decision concerning forwarding packets
  • 8. 3. Hubs  Hubs concentrate on connections.  In other words, they take a group of hosts and allow the network to see them as a single unit. This is done passively, without any other effect on the data transmission.  Active hubs concentrate hosts and also regenerate signals.
  • 9. 4. Bridges  Bridges convert network data formats and perform basic data transmission management.  Bridges provide connections between LANs.  They also check data to determine if it should cross the bridge. This makes each part of the network more efficient
  • 10. 5. Switches  Switches add more intelligence to data transfer management.  They can determine if data should remain on a LAN and transfer data only to the connection that needs it.  Another difference between a bridge and switch is that a switch does not convert data transmission formats
  • 11. 6. Routers  Routers have all the capabilities listed above.  Routers can regenerate signals, concentrate multiple connections, convert data transmission formats, and manage data transfers.  They can also connect to a WAN, which allows them to connect LANs that are separated by great distances.
  • 12. 7. Gateway  A gateway is a piece of networking hardware used in telecommunications for telecommunications networks that allows data to flow from one discrete network to another.  Gateways are distinct from routers or switches in that they communicate using more than one protocol to connect a bunch of networks
  • 13. 8. Firewall  A firewall is a network device or software for controlling network security and access rules.  Firewalls are inserted in connections between secure internal networks and potentially insecure external networks such as the Internet.  Firewalls are typically configured to reject access requests from unrecognized sources while allowing actions from recognized ones.
  • 14. Features of Computer Network A list Of Computer network features is given below. • Communication speed • File sharing • Back up and Roll back is easy • Software and Hardware sharing • Security • Scalability • Reliability
  • 15. Computer Network Architecture Two types of Computer Network Architecture • Peer-To-Peer network • Client/Server network Peer-To-Peer network is a network in which all the computers are linked together with equal privilege and responsibilities for processing the data. Client/Server network is a network model designed for the end users called clients, to access the resources such as songs, video, etc. from a central computer known as Server.
  • 16. Transmission Media The function of the media is to carry a flow of information through a LAN. A. Wired Media:- A widely adopted family that uses copper and fiber media in local area network (LAN) technology are collectively known as Ethernet 1. Copper Cable a. Coaxial Cables b. Shielded Twisted Pair(STP) c. Unshielded Twisted Pair 2. Fibre Optic Cable B. Wireless Media:- use the atmosphere, or space, as the medium.
  • 17. 1. Copper Cable  The most common, easiest, quickest, and cheapest form of network media to install.  The disadvantage of sending data over copper wire is that the further the signal travels, the weaker it becomes.
  • 18. a. Coaxial Cable  It can be run longer distances than Twisted pair Cables. • Speed: 10-100Mbps • Cost: Inexpensive • Media and connector size: Medium • Maximum cable length: 500m
  • 19. b. Shielded Twisted Pair(STP) • Speed: 0-100Mbps • Cost: Moderate • Media and connector size: Medium to large • Maximum cable length: 100m
  • 20. c. Unshielded Twisted Pair  UTP is a four-pair wire medium used in a variety of networks.  Each of the eight copper wires in the UTP cable is covered by insulating material Speed: 10-100-1000 Mbps* Cost: Least Expensive Media and connector size: Small Maximum cable length: 100m * (Depending on the quality/category of cable)
  • 21. UTP Implementation  EIA/TIA specifies an RJ-45 connector for UTP cable.  The letters RJ stand for registered jack.
  • 22. Fiber Optic Cable  Glass fiber carrying light pulses, each pulse a bit.  Based on the Total Internal Reflection of Light.  High-speed point-to-point transmission 10-100’s Gbps  low error rate:  repeaters spaced far apart  immune to electromagnetic noise
  • 23. Communication Protocols Internet Protocol Suite  Also called TCP/IP, is the foundation of all modern networking.  It defines the addressing, identification, and routing specifications for IPv4 and for IPv6.  It is the defining set of protocols for the Internet. IEEE 802  It is a family of IEEE standards dealing with local area networks and metropolitan area networks.  They operate mostly at levels 1 and 2 of the OSI model. Ethernet  It is a family of protocols used in wired LANs, described by a set of standards together called IEEE 802.3
  • 24. Communication Protocols Wireless LAN  It is standardized by IEEE 802.11 and shares many properties with wired Ethernet. SONET/SDH  Synchronous optical networking (SONET) and Synchronous Digital Hierarchy (SDH) are standardized multiplexing protocols that transfer multiple digital bit streams over optical Fibre using lasers. Asynchronous Transfer Mode(ATM)  It uses asynchronous time-division multiplexing and encodes data into small, fixed-sized cells.  Good choice for a network that handle both traditional high-throughput data traffic, and real-time, low-latency content such as voice and video.
  • 25. Types of Networks 1. Personal Area Network (PAN) 2. Local Area Network (LAN) 3. Campus Area Network (CAN) 4. Metropolitan Area Network (MAN) 5. Wide Area Network (WAN) 6. Storage-Area Network (SAN) 7. Virtual Private Network (VPN) 8. Client Server Network 9. Peer to Peer Network (P2P)
  • 26. 1. Personal Area Network 1. Personal Area Network (PAN) is a computer network used for data transmission amongst devices such as computers, telephones, tablets and personal digital assistants. 2. Also Known as HAN (Home Area Network) 3. PANs can be used for communication amongst the personal devices themselves (interpersonal communication), or for connecting to a higher level network and the Internet (an uplink) where one "master" device takes up the role as internet router.
  • 27. 2. Local Area Network  Xerox Corporation worked in collaboration with DEC and Intel to create Ethernet, which is the most pervasive LAN architecture used today.  Ethernet has evolved and has seen significant improvements in regard to speed and efficiency.  An upside of a LAN is fast data transfer with data speed that can reach up to 10Gbps.  Other significant LAN technologies are Fiber Distributed Data Interface (FDDI) and token ring.
  • 28. 3. Campus Area Network  Larger than LANs, but smaller than metropolitan area networks these types of networks are typically seen in universities, large K-12 school districts or small businesses.  They can be spread across several buildings that are fairly close to each other so users can share resources
  • 29. 4. Metropolitan Area Network 1. A MAN is larger than a LAN but smaller than or equal in size to a WAN. 2. The size range anywhere from 5 to 50km in diameter. 3. MANs are typically owned and managed by a single entity. 4. This could be an ISP or telecommunications company that sells its services to end-users in that metropolitan area. 5. For all intents and purposes, a MAN has the same characteristics as a WAN with distance constraints.
  • 30. 5. Wide Area Network • A Wide Area Network exist over a large area • Data travels through telephone or cable lines • Usually requires a Modem • The world’s largest Wide Area Network in the Internet
  • 31. 6. Storage Area Network  SAN may be referred to as a Sub network or special purpose network.  Its special purpose is to allow users on a larger network to connect various data storage devices with clusters of data servers.  SANs can be accessed in the same fashion as a drive attached to a server.
  • 32. 7. Virtual Private Network  VPN is a private network that can access public networks remotely. VPN uses encryption and security protocols to retain privacy while it accesses outside resources.  When employed on a network, VPN enables an end user to create a virtual tunnel to a remote location. Typically, telecommuters use VPN to log in to their company networks from home.  Authentication is provided to validate the identities of the two peers.  Confidentiality provides encryption of the data to keep it private from prying eyes.  Integrity is used to ensure that the data sent between the two devices or sites has not been tampered with.
  • 33. 8. Client/Server Network In a client/server arrangement, network services are located on a dedicated computer called a server.  The server responds to the requests of clients. The server is a central computer that is continuously available to respond to requests from clients for file, print, application, and other services.  Most network operating systems adopt the form of a client/server relationship.  Typically, desktop computers function as clients, and one or more computers with additional processing power, memory, and specialized software function as servers.
  • 34. 9. Peer to Peer Network  Usually very small networks  Each workstation has equivalent capabilities and responsibilities  Does not require a switch or a hub.  These types of networks do not perform well under heavy data loads.
  • 35. Network Topologies Network topology defines the structure of the network. A. Physical topology:- It define the actual layout of the wire or media. 1. Bus 2. Ring 3. Star 4. Tree(Hierarchical) 5. Mesh B. Logical topology:- It defines how the hosts access the media to send data. 1. Broadcast 2. Token passing C. Hybrid Topology
  • 36. 1. Bus Topology T T All devices are connected to a central cable, called bus or backbone. There are terminators at each end of the bus that stops the signal and keeps it from traveling backwards. Disadvantages: 1. It is possible that more than one station may attempt transmission simultaneously (collision or contention). 2. Difficult reconfiguration and fault isolation. 3. A fault or break in the bus cable stops all transmission, even between devices on the same side of the problem. 4. The damaged area reflects signals in the direction of origin, creating noise in both directions Advantages: 1. There is no central controller. 2. Control resides in each station 3. The less interconnecting wire is required. 4. Ease of installation. 5. Backbone cable can be laid along the most efficient path, and then connected to the nodes by drop lines of various lengths
  • 37. 2. Ring Topology • All devices are connected to one another in the shape of a closed loop. • Each device is connected directly to two other devices, one on either side of it. Advantages: 1. Avoids the collisions that are possible in the bus topology. 2. Each pair of stations has a point-to-point connection. 3. A signal is passed along the ring in one direction, from device to another, until it reaches its destination. 4. Each device incorporates a repeater. 5. Relatively easy to install and reconfigure. 6. Fault isolation is simplified. Disadvantages: 1. A break in the ring (such as station disabled) can disable the entire network. 2. Unidirectional traffic.
  • 38. 3. Star Topology • All devices are connected to a central hub. • Nodes communicate across the network by passing data through the hub or switch. Advantages: 1. Easy to install and reconfigure. 2. Robustness, if one link fails; only that link is affected. All other links remain active. 3. Easy fault identification and isolation. As long as the hub is working, it can be used to monitor link problems and bypass defective links. Disadvantages: 1. The devices are not linked to each other. 2. If one device wants to send data to another, it sends it to the controller, which then relays the data to the other connected device.
  • 39. 4. Tree/Hierarchical Topology Advantages: 1. It allows more devices to be attached to a single central hub and can therefore increase the distance a signal can travel between devices. 2. It allows the network to isolate and prioritize communications from different computers. Disadvantages: 1. The devices are not linked to each other. 2. If one device wants to send data to another, it sends it to the controller, which then relays the data to the other connected device. 3. The addition of secondary hubs brings two further advantages.
  • 40. 6. Mesh Topology Each host has its connections to all other hosts. Mesh topology is implemented to provide as much protection as possible from interruption of service. 1. A nuclear power plant might use a mesh topology in the networked control systems. 2. Although the Internet has multiple paths to any one location, it does not adopt the full mesh topology. Disadvantages: 1. A large amount of cabling required. 2. A large amount of I/O ports required. 3. Installation and reconfiguration are difficult. 4. The sheer bulk of the wiring can be greater than the available space (in the walls, ceiling, or floors) can accommodate. 5. The hardware required to connect each link (I/O ports and cables) can be prohibitively expensive. Advantages: 1. The use of dedicated links guarantees that each connection can carry its data load, thus eliminating the traffic problems that can occur when links must be shared by multiple devices. 2. It is robust, if one link becomes unusable, it does not incapacitate (affect) the entire system. 3. Privacy and Security (every message sent travels along a dedicated line; only the intended recipient sees it). 4. Point-to-point links make fault identification and fault isolation easy.
  • 41. Wireless Networks Wireless network is a type of computer network that uses wireless data connections for connecting network nodes. Example Bluetooth Wi-Fi
  • 42. Bluetooth  Bluetooth is a short-range wireless technology standard used for exchanging data between fixed and mobile devices over short distances.  It is using UHF radio waves in the ISM bands, from 2.402 GHz to 2.48 GHz.  The IEEE standardized Bluetooth as IEEE 802.15.1, but no longer maintains the standard.
  • 43. Wi-Fi  Wi-Fi Stands for Wireless Fidelity.  Wi-Fi, is a Local Area Wireless technology.  Wi-Fi networks use radio technologies to transmit and receive data at high speed.  It is based on the IEEE 802.11 family of standards.  Access point: The access point is a wireless LAN transceiver or “ base station” that can connect one or many wireless devices simultaneously to the internet
  • 44. The Internet The simplest definition of the Internet is that it's a network of computer networks How Information Travel Through the Internet A page on the Internet—whether it's full of words, images or both—doesn't come to you in one shipment. It's translated into digital information, chopped into 1500 byte pieces called PACKETS, and sent to you like a puzzle that needs to be reassembled. Each part of the packet has a specific function: Header Provides the complete destination address for the packet Data Block The portion of the overall information carried by the packet Sequence ID ID’s where the information belongs in relation to the rest of the information End of Message ID’s the end of the packet
  • 45. The Internet How Information Travel Through the Internet When you connect to a Web site through an ISP and start exchanging information, there isn't a fixed connection between your computer and the Web server computer hosting the Web site. Instead, information is exchanged using the best possible path at that particular time. Special computers called routers determine these paths, avoiding slow links and favoring fast ones. Your Computer ISP Routers Web Servers
  • 46. 1-1 DATA COMMUNICATIONS The term telecommunication means communication at a distance. The word data refers to information presented in whatever form is agreed upon by the parties creating and using the data. Data communications are the exchange of data between two devices via some form of transmission medium such as a wire cable or wireless. 1. Delivery → Correct destination 2. Accuracy → Accurate data 3. Timelines → Real-time transmission 4. Jitter → Uneven delay 1.46
  • 47. Figure 1.1 Five components of data communication Components Data Representation Data Flow Topics discussed in this section: Components 2 1 3 4 5 1.47
  • 48. Data Representation 1. Text 2. Numbers 3. Images 4. Audio 5. Video Data flow  Simplex  Half-duplex  Full-duplex 1.48
  • 50. 1-5 LAYERED TASKS  A network model is a layered architecture  Task broken into subtasks  Implemented separately in layers in stack  Functions need in both systems  Peer layers communicate  Protocol:  A set of rules that governs data communication  It represents an agreement between the communicating devices 1.50
  • 51. Tasks involved in sending a letter Sender, Receiver, and Carrier Hierarchy (services) Topics discussed in this section: 1.51
  • 52. 1-5.1 THE OSI MODEL Established in 1947, the International Standards Organization (ISO) is a multinational body dedicated to worldwide agreement on international standards. An ISO is the Open Systems Interconnection (OSI) model is the standard that covers all aspects of network communications from ISO. It was first introduced in the late 1970s. 1.52
  • 53. Seven layers of the OSI model Layered Architecture Layers Layer 7. Application Layer 6. Presentation Layer 5. Session Layer 4. Transport Layer 3. Network Layer 2. Data Link Layer 1. Physical Sender Receiver 1.53
  • 54. Layered Architecture  A layered model  Each layer performs a subset of the required communication functions  Each layer relies on the next lower layer to perform more primitive functions  Each layer provides services to the next higher layer  Changes in one layer should not require changes in other layers  The processes on each machine at a given layer are called peer-to-peer process 1.54
  • 55.  Communication must move downward through the layers on the sending device, over the communication channel, and upward to the receiving device  Each layer in the sending device adds its own information to the message it receives from the layer just above it and passes the whole package to the layer just below it  At the receiving device, the message is unwrapped layer by layer, with each process receiving and removing the data meant for it PEER – TO – PEER PROCESS 1.55
  • 56. PEER – TO – PEER PROCESS  The passing of the data and network information down through the layers of the sending device and backup through the layers of the receiving device is made possible by interface between each pair of adjacent layers  Interface defines what information and services a layer must provide for the layer above it. 1.56
  • 57. The interaction between layers in the OSI model 1.57
  • 58. An exchange using the OSI model 1.58
  • 59. LAYERS IN THE OSI MODEL 1. Physical Layer 2. Data Link Layer 3. Network Layer 4. Transport Layer 5. Session Layer 6. Presentation Layer 7. Application Layer Topics discussed in this section: 1.59
  • 60. The physical layer is responsible for movements of individual bits from one hop (node) to the next.  Function  Physical characteristics of interfaces and media  Representation of bits  Data rate  Synchronization of bits  Line configuration (point-to-point or multipoint)  Physical topology (mesh, star, ring or bus)  Transmission mode ( simplex, half-duplex or duplex) Physical Layer 1.60
  • 62. The data link layer is responsible for moving frames from one hop (node) to the next.  Function  Framing  Physical addressing  Flow control  Error control  Access control Data Link Layer 1.62
  • 65. Example 1 In following Figure a node with physical address 10 sends a frame to a node with physical address 87. The two nodes are connected by a link. At the data link level this frame contains physical addresses in the header. These are the only addresses needed. The rest of the header contains other information needed at this level. The trailer usually contains extra bits needed for error detection 1.65
  • 66. The network layer is responsible for the delivery of individual packets from the source host to the destination host.  Source-to-destination delivery  Responsible from the delivery of packets from the original source to the final destination  Functions  Logical addressing  routing Network Layer 1.66
  • 69. Example 2 We want to send data from a node with network address A and physical address 10, located on one LAN, to a node with a network address P and physical address 95, located on another LAN. Because the two devices are located on different networks, we cannot use physical addresses only; the physical addresses only have local influence. What we need here are universal addresses that can pass through the LAN boundaries. The network (logical) addresses have this characteristic. 1.69
  • 70. The transport layer is responsible for the delivery of a message from one process to another.  Process-to- process delivery  Functions  Port addressing  Segmentation and reassembly  Connection control ( Connection-oriented or connection-less)  Flow control  Error control Transport Layer 1.70
  • 73. Example 3 Data coming from the upper layers have port addresses j and k (j is the address of the sending process, and k is the address of the receiving process). Since the data size is larger than the network layer can handle, the data are split into two packets, each packet retaining the port addresses (j and k). Then in the network layer, network addresses (A and P) are added to each packet. 1.73
  • 74. The session layer is responsible for dialog control and synchronization. Session Layer  It establishes, maintains and synchronize the interaction between communicating system  Function  Dialog control  Synchronization (checkpoints) 1.74
  • 76. The presentation layer is responsible for translation, compression, and encryption. Presentation Layer  Concerned with the syntax and semantics of the information exchanged between two system  Functions  Translation ( EBCDIC-coded text file  ASCII-coded file)  Encryption and Decryption  Compression 1.76
  • 78. The application layer is responsible for providing services to the user.  Functions  Network virtual terminal (Remote log-in)  File transfer and access  Mail services  Directory services (Distributed Database)  Accessing the World Wide Web Application Layer 1.78
  • 81. TCP/IP model •The TCP/IP model was developed prior to the OSI model. •The TCP/IP model is not exactly similar to the OSI model. •The TCP/IP model consists of five layers: the application layer, transport layer, network layer, data link layer and physical layer. •The first four layers provide physical standards, network interface, internetworking, and transport functions that correspond to the first four layers of the OSI model TCP/IP is a hierarchical protocol made up of interactive modules, and each of them provides specific functionality.
  • 83. Network Access Layer • A network layer is the lowest layer of the TCP/IP model. • A network layer is the combination of the Physical layer and Data Link layer defined in the OSI reference model. • It defines how the data should be sent physically through the network. • This layer is mainly responsible for the transmission of the data between two devices on the same network. • The functions carried out by this layer are encapsulating the IP datagram into frames transmitted by the network and mapping of IP addresses into physical addresses. • The protocols used by this layer are ethernet, token ring, FDDI, X.25, frame relay.
  • 84. Internet Layer • An internet layer is the second layer of the TCP/IP model. • An internet layer is also known as the network layer. • The main responsibility of the internet layer is to send the packets from any network, and they arrive at the destination irrespective of the route they take.
  • 85. Transport Layer • The transport layer is responsible for the reliability, flow control, and correction of data which is being sent over the network. • The two protocols used in the transport layer are User Datagram protocol and Transmission control protocol.
  • 86. Application Layer • An application layer is the topmost layer in the TCP/IP model. • It is responsible for handling high-level protocols, issues of representation. • This layer allows the user to interact with the application. • When one application layer protocol wants to communicate with another application layer, it forwards its data to the transport layer. • There is an ambiguity occurs in the application layer. Every application cannot be placed inside the application layer except those who interact with the communication system. For example: text editor cannot be considered in application layer while web browser using HTTP protocol to interact with the network where HTTP protocol is an application layer protocol.
  • 88. Computer Network Security • Computer network security consists of measures taken by business or some organizations to monitor and prevent unauthorized access from the outside attackers. • Network Administrator controls access to the data and software on the network. A network administrator assigns the user ID and password to the authorized person.
  • 89. • Privacy: Privacy means both the sender and the receiver expects confidentiality. The transmitted message should be sent only to the intended receiver while the message should be opaque for other users. • Message Integrity: Data integrity means that the data must arrive at the receiver exactly as it was sent. There must be no changes in the data content during transmission, either maliciously or accident, in a transit. • End-point authentication: Authentication means that the receiver is sure of the sender’s identity, i.e., no imposter has sent the message. • Non-Repudiation: Non-Repudiation means that the receiver must be able to prove that the received message has come from a specific sender. The sender must not deny sending a message that he or she send.
  • 90. Cryptography • Encryption/Decryption • Encryption: Encryption means that the sender converts the original information into another form and sends the unintelligible message over the network. • Decryption: Decryption reverses the Encryption process in order to transform the message back to the original form. • The data which is to be encrypted at the sender site is known as plaintext, and the encrypted data is known as ciphertext. The data is decrypted at the receiver site.
  • 91. 1. There are two types of Encryption/Decryption techniques: Privacy with secret key Encryption/Decryption Privacy with public key Encryption/Decryption
  • 92. Secret Key Encryption/Decryption technique • In Secret Key Encryption/Decryption technique, the same key is used by both the parties, i.e., the sender and receiver. • The sender uses the secret key and encryption algorithm to encrypt the data; the receiver uses this key and decryption algorithm to decrypt the data. • The secret key encryption algorithm is also known as symmetric encryption algorithm because the same secret key is used in bidirectional communication. • In secret key encryption/decryption algorithm, the secret code is used by the computer to encrypt the information before it is sent over the network to another computer.
  • 94. Public Key Encryption/Decryption technique • here are two keys in public key encryption: a private key and a public key. • The private key is given to the receiver while the public key is provided to the public. • In public key Encryption/Decryption, the public key used by the sender is different from the private key used by the receiver. • The public key is available to the public while the private key is kept by each individual. • The most commonly used public key algorithm is known as RSA.
  • 96. Digital Signature • The Digital Signature is a technique which is used to validate the authenticity and integrity of the message. We know that there are four aspects of security: privacy, authentication, integrity, and non-repudiation. We have already discussed the first aspect of security and other three aspects can be achieved by using a digital signature. • The basic idea behind the Digital Signature is to sign a document. When we send a document electronically, we can also sign it. We can sign a document in two ways: to sign a whole document and to sign a digest.
  • 97. Signing the Whole Document • In Digital Signature, a public key encryption technique is used to sign a document. However, the roles of a public key and private key are different here. • The sender uses a private key to encrypt the message while the receiver uses the public key of the sender to decrypt the message. In Digital Signature, the private key is used for encryption while the public key is used for decryption. • Digital Signature cannot be achieved by using secret key encryption.
  • 99. Signing the Digest • Public key encryption is efficient if the message is short. If the message is long, a public key encryption is inefficient to use. The solution to this problem is to let the sender sign a digest of the document instead of the whole document. • The sender creates a miniature version (digest) of the document and then signs it, the receiver checks the signature of the miniature version. • The hash function is used to create a digest of the message. The hash function creates a fixed-size digest from the variable- length message. • The two most common hash functions used: MD5 (Message Digest 5) and SHA-1 (Secure Hash Algorithm 1). The first one produces 120-bit digest while the second one produces a 160- bit digest.
  • 100. At the Sender Side
  • 102. PGP • PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann. • PGP was designed to provide all four aspects of security, i.e., privacy, integrity, authentication, and non-repudiation in the sending of email. • PGP uses a digital signature (a combination of hashing and public key encryption) to provide integrity, authentication, and non- repudiation. • PGP uses a combination of secret key encryption and public key encryption to provide privacy. • PGP is an open source and freely available software package for email security. • PGP provides authentication through the use of Digital Signature. • It provides confidentiality through the use of symmetric block encryption.
  • 103. • Following are the steps taken by PGP to create secure e-mail at the sender site: • The e-mail message is hashed by using a hashing function to create a digest. • The digest is then encrypted to form a signed digest by using the sender's private key, and then signed digest is added to the original email message. • The original message and signed digest are encrypted by using a one-time secret key created by the sender. • The secret key is encrypted by using a receiver's public key. • Both the encrypted secret key and the encrypted combination of message and digest are sent together.
  • 104. PGP at the Sender site (A)
  • 105. • Following are the steps taken to show how PGP uses hashing and a combination of three keys to generate the original message: • The receiver receives the combination of encrypted secret key and message digest is received. • The encrypted secret key is decrypted by using the receiver's private key to get the one-time secret key. • The secret key is then used to decrypt the combination of message and digest. • The digest is decrypted by using the sender's public key, and the original message is hashed by using a hash function to create a digest. • Both the digests are compared if both of them are equal means that all the aspects of security are preserved.
  • 107. Network Attack • A network attack is an attempt to gain unauthorized access to an organization’s network, with the objective of stealing data or perform other malicious activity. There are two main types of network attacks: • Passive: Attackers gain access to a network and can monitor or steal sensitive information, but without making any change to the data, leaving it intact. • Active: Attackers not only gain unauthorized access but also modify data, either deleting, encrypting or otherwise harming it.
  • 108. Types of Network Attacks • 1. Unauthorized access Unauthorized access refers to attackers accessing a network without receiving permission. • 2. Distributed Denial of Service (DDoS) attacks Attackers build botnets, large fleets of compromised devices, and use them to direct false traffic at your network or servers. • 3. Man in the middle attacks A man in the middle attack involves attackers intercepting traffic, either between your network and external sites or within your network. • 4. Code and SQL injection attacks Many websites accept user inputs and fail to validate and sanitize those inputs. Attackers can then fill out a form or make an API passing malicious code instead of the expected data values. • 5. Privilege escalation Once attackers penetrate your network, they can use privilege escalation to expand their reach. • 6. Insider threats A network is especially vulnerable to malicious insiders, who already have privileged access to organizational systems
  • 109. FIREWALL • A firewall can be defined as a special type of network security device or a software program that monitors and filters incoming and outgoing network traffic based on a defined set of security rules. • It acts as a barrier between internal private networks and external sources (such as the public Internet). • The primary purpose of a firewall is to allow non-threatening traffic and prevent malicious or unwanted data traffic for protecting the computer from viruses and attacks. • A firewall is a cybersecurity tool that filters network traffic and helps users block malicious software from accessing the Internet in infected computers.
  • 112. Functions of Firewall • Network Threat Prevention • Application and Identity-Based Control • Hybrid Cloud Support • Scalable Performance • Network Traffic Management and Control • Access Validation • Record and Report on Events