Chapter :5

Network security
NETWORK SECURITY IS THE PROCESS OF TAKING PHYSICAL AND SOFTWARE
PREVENTATIVE MEASURES TO PROTECT THE UNDERLYING NETWORKING
INFRASTRUCTURE FROM UNAUTHORIZED ACCESS, MISUSE, MALFUNCTION,
MODIFICATION, DESTRUCTION, OR IMPROPER DISCLOSURE, THEREBY
CREATING A SECURE PLATFORM FOR COMPUTERS, USERS, AND PROGRAMS
TO PERFORM THEIR PERMITTED CRITICAL FUNCTIONS WITHIN A SECURE
ENVIRONMENT.
NETWORK SECURITY IS IMPLEMENTED BY THE TASKS AND TOOLS YOU USE
TO PREVENT UNAUTHORIZED PEOPLE OR PROGRAMS FROM ACCESSING
YOUR NETWORKS AND THE DEVICES CONNECTED TO THEM. IN ESSENCE,
YOUR COMPUTER CAN'T BE HACKED IF HACKERS CAN'T GET TO IT OVER
THE NETWORK.
Network security consists of:
Protection: You should configure your systems and networks as correctly as possible
Detection: You must be able to identify when the configuration has changed or when some
network traffic indicates a problem
Reaction: After identifying problems quickly, you must respond to them and return to a safe
state as rapidly as possible
Security is an essential part of any transaction that takes place over the internet. Customers will lose
his/her faith in e-business if its security is compromised. Following are the essential requirements for safe
e-payments/transactions −
Confidentiality − Information should not be accessible to an unauthorized person. It should not be
intercepted during the transmission.
Integrity − Information should not be altered during its transmission over the network.
Availability − Information should be available wherever and whenever required within a time limit
specified.
Authenticity − There should be a mechanism to authenticate a user before giving him/her an access to the
required information.
Non- Repudiability − It is the protection against the denial of order or denial of payment. Once a sender
sends a message, the sender should not be able to deny sending the message. Similarly, the recipient of
message should not be able to deny the receipt.
Encryption − Information should be encrypted and decrypted only by an authorized user.
What is Data Security?
Data security refers to the process of protecting data
from unauthorized access and data corruption
throughout its lifecycle. Data security includes data
encryption, tokenization, and key management
practices that protect data across all applications and
platforms.
Why Data Security?
Organizations around the globe are investing heavily in information technology (IT) cyber
defense capabilities to protect their critical assets. Whether an enterprise needs to protect a
brand, intellectual capital, and customer information or provide controls for critical
infrastructure, the means for incident detection and response to protecting organizational
interests have three common elements: people, processes, and technology.
 Message security
Message security is the practice of encrypting messages on your device so that they can be read only by the
intended recipient. Although Network Security and Device Security are important, message encryption is
necessary in many situations:
Confidentiality: Message encryption is the only way to ensure that only the indented recipients are reading
your messages.
Authenticity: Message encryption is the only way to ensure the identity of the people you are communicating
with.
You must own a device: The idea with message encryption is that you don’t trust another party to encrypt your
communication for you. Therefore, all the encryption takes place on your machine, which means you need to
own your own device.
Steep learning curve: In order to use encryption software correctly, you will need to spend a significant amount
of time learning important encryption concepts like public keys, private keys, etc.
Limited correspondents: With message encryption, you can only communicate securely with other people
using the same software.
Obviously, these guarantees of security don’t apply if your device has been compromised.
 FIREWALL AND ITS TYPE
What is Firewall?
A firewall is a network security system that monitors and controls incoming and
outgoing network traffic on the basis of predefined security rules in the firewall.
A firewall typically establishes a barrier between trusted internal network users and
the untrusted external network such as the internet.
It ignores data that comes from a suspicious location or unsecured location.
A firewall plays a very important role in any network because it provides a protecting
barrier against many types of attack coming back from the outside world.
Mainly the Firewall is categorized into two types:
Hardware Firewall
Software Firewall
Hardware Firewall
A Hardware firewall placed between the local network of your computers and the internet. The
hardware firewall inspects all the data or the information that comes from the internet passing
through the firewall, It blocks the unwanted or harmful data that passes through the firewall
and only allows the trusted and useful data to the internal network.
In order to protect the network properly without compromising with performance, hardware
requires expert setup, and so may not be a realistic solution for the companies without a
dedicated IT department.
A hardware firewall uses packet filtering to analyze the header of a packet to identify its source
and destination. This data is compared to a collection of predefined or user-created rules that
verify whether or not the packet is to be forwarded.
Software Firewall
Software Firewalls are installed on a single computer on a network. It let’s allow data to one
program and blocks others while doing this. Software firewall also filters incoming and outgoing
data or the information from the external network.
The major disadvantage of the software firewall is that they require the installation, updating,
and administration of each and every computer in order to work properly.
Software firewalls will protect your computer from the outside attempts to control or to access
your computer. Depending on your choice of software firewall, it could also provide protection
against the most common trojan programs or e-mail worms.
The difference between hardware and the software firewall in boundless. For the best
protection of your computer and network is to use both as each provides different but much
essential security features and benefits. It is essential to update the firewall, operating system,
and other software to maintain optimal protection.
Antivirus……….
Prepare presentation of your own..
Intrusion detection systems:
◦Monitors hot spots on corporate networks to detect and deter intruders
◦Examines events as they are happening to discover attacks in progress
Antivirus Checks computers for presence of malware and can
often eliminate it as well
◦Requires continual updating
Message security through Encryption
Encryption is a process of converting readable data
into unreadable characters to prevent unauthorized
access.
It is treated like any other data (it can be stored,
sent, etc.)
To read the data, the recipient must decrypt, or
decipher, it into a readable form.
The unencrypted, readable data is called plaintext.
The encrypted (scrambled) data is called ciphertext.
An encryption algorithm, or cypher, is a set of steps that can convert readable
plaintext into unreadable ciphertext.
An encryption key is a set of characters that the originator of the data uses to
encrypt the plaintext and the recipient of the data uses to decrypt the
ciphertext.
Types of encryption:
1. Private key encryption:
With private key encryption, also called symmetric key encryption, both the
originator and the recipient use the same secret key to encrypt and decrypt
the data.
Private key encryption is the form of encryption where only a single private key can encrypt and
decrypt information. It is a fast process since it uses a single key. However, protecting one key
creates a key management issue when everyone is using private keys. The private key may be
stolen or leaked. Key management requires prevention of these risks and necessitates changing the
encryption key often, and appropriately distributing the key.
2. Public key encryption:
Public key encryption, also called asymmetric key encryption, uses two
encryption keys, a public and a private.
A message generated with a public key can be decrypted only with the private
key.
A public key encryption system can be viewed as a series of public and private
keys that lock data when they are transmitted and unlock the data when they
are received. The sender locates the recipient’s public key in a directory and
uses it to encrypt a message. The message is sent in encrypted form over the
Internet or a private network. When the encrypted message arrives, the
recipient uses his or her private key to decrypt the data and read the message.
PUBLIC KEY ENCRYPTION
Digital certificate:
◦ Data file used to establish the identity of users and electronic assets for protection
of online transactions
◦ Uses a trusted third party, certification authority (CA), to validate a user’s identity
◦ CA verifies user’s identity, stores information in CA server, which generates
encrypted digital certificate containing owner ID information and copy of owner’s
public key
Public key infrastructure (PKI)
◦ Use of public key cryptography working with certificate authority
◦ Widely used in e-commerce
 Digital certificates help establish
the identity of people or electronic
assets. They protect online
transactions by providing secure,
encrypted, online communication.

DIGITAL CERTIFICATES
Digital Signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a message,
software or digital document. It has:
Key Generation Algorithms : Digital signature are electronic signatures, which assures that the message was sent
by a particular sender. While performing digital transactions authenticity and integrity should be assured,
otherwise the data can be altered or someone can also act as if he was the sender and expect a reply.
Signing Algorithms: To create a digital signature, signing algorithms like email programs create a one-way hash of
the electronic data which is to be signed. The signing algorithm then encrypts the hash value using the private
key (signature key). This encrypted hash along with other information like the hashing algorithm is the digital
signature. This digital signature is appended with the data and sent to the verifier. The reason for encrypting the
hash instead of the entire message or document is that a hash function converts any arbitrary input into a much
shorter fixed length value. This saves time as now instead of signing a long message a shorter hash value has to
be signed and moreover hashing is much faster than signing.
Signature Verification Algorithms : Verifier receives Digital Signature along with the data. It then uses
Verification algorithm to process on the digital signature and the public key (verification key) and generates some
value. It also applies the same hash function on the received data and generates a hash value. Then the hash
value and the output of the verification algorithm are compared. If they both are equal, then the digital signature
is valid else it is invalid
 The steps followed in creating digital
signature are :
Message digest is computed by applying hash function on the message and then message digest is encrypted
using private key of sender to form the digital signature. (digital signature = encryption (private key of
sender, message digest) and message digest = message digest algorithm(message)).
Digital signature is then transmitted with the message.(message + digital signature is transmitted)
Receiver decrypts the digital signature using the public key of sender.(This assures authenticity,as only
sender has his private key so only sender can encrypt using his private key which can thus be decrypted by
sender’s public key).
The receiver now has the message digest.
The receiver can compute the message digest from the message (actual message is sent with the digital
signature).
The message digest computed by receiver and the message digest (got by decryption on digital signature)
need to be same for ensuring integrity.
Message digest is computed using one-way hash function, i.e. a hash function in which computation of hash
value of a is easy but computation of a from hash value of a is very difficult.
Working of digital signature
Digital Certificate
Digital certificate is a digital document issued by a trusted third party which proves sender's identity to
the receiver and receiver’s identity to the sender.
A digital certificate is a certificate issued by a Certificate Authority (CA) to verify the identity of the
certificate holder. The CA issues an encrypted digital certificate containing the applicant’s public key and
a variety of other identification information. Digital signature is used to attach public key with a
particular individual or an entity.
Digital certificate contains:-
Name of certificate holder.
Serial number which is used to uniquely identify a certificate, the individual or the entity identified by
the certificate
Expiration dates.
Copy of certificate holder's public key.(used for encrypting messages and digital signatures)
Digital Signature of the certificate issuing authority.
Digital ceritifcate is also sent with the digital signature and the message.
Digital certificate vs digital signature :
Digital signature is used to verify authenticity, integrity, non-repudiation ,i.e. it is assuring that
the message is sent by the known user and not modified, while digital certificate is used to verify
the identity of the user, maybe sender or receiver. Thus, digital signature and certificate are
different kind of things but both are used for security. Most websites use digital certificate to
enhance trust of their users.
 What does Certificate Authority
(CA) mean?
A certificate authority (CA) is a trusted entity that manages and issues security certificates and public keys
that are used for secure communication in a public network.
The CA is part of the public key infrastructure (PKI) along with the registration authority (RA) who verifies
the information provided by a requester of a digital certificate. If the information is verified as correct, the
certificate authority can then issue a certificate.
Certificate authorities are trusted third-party entities who provide digital certificates to organizations that
have the need to ensure that their users are provided with secure authentication and connection.
Certificates given by CAs build trust between the users and the providers because they can ensure the
validity of each other’s identities and authorities.
CAs provide the most basic security and business process principles in a public key infrastructure by
creating trust relationships between enterprise and entities.
 SSL:
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link
between a web server and a browser. This link ensures that all data passed between the web
server and browsers remain private and integral. SSL is an industry standard and is used by
millions of websites in the protection of their online transactions with their customers.
To be able to create an SSL connection a web server requires an SSL Certificate. When you
choose to activate SSL on your web server you will be prompted to complete a number of
questions about the identity of your website and your company. Your web server then creates
two cryptographic keys - a Private Key and a Public Key.
The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR)
- a data file also containing your details. You should then submit the CSR. During the SSL
Certificate application process, the Certification Authority will validate your details and issue an
SSL Certificate containing your details and allowing you to use SSL. Your web server will match
your issued SSL Certificate to your Private Key. Your web server will then be able to establish an
encrypted link between the website and your customer's web browser.
SSL continued ….
The complexities of the SSL protocol remain invisible to your customers. Instead their browsers
provide them with a key indicator to let them know they are currently protected by an SSL
encrypted session - the lock icon in the lower right-hand corner, clicking on the lock icon
displays your SSL Certificate and the details about it. All SSL Certificates are issued to either
companies or legally accountable individuals.
Typically an SSL Certificate will contain your domain name, your company name, your address,
your city, your state and your country. It will also contain the expiration date of the Certificate
and details of the Certification Authority responsible for the issuance of the Certificate. When a
browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has
not expired, it has been issued by a Certification Authority the browser trusts, and that it is
being used by the website for which it has been issued. If it fails on any one of these checks the
browser will display a warning to the end user letting them know that the site is not secured by
SSL.
 Summary terms
Encryption: This technology deploys a public key and a private key infrastructure to ensure security. The public key can be
distributed but the private key remains only with the user and the service provider. So, it works just like the username and
password system of your e-mail account.
Digital signatures: This technology requires a recipient’s password to decode the encrypted data. The sender’s authentication gets
confirmed through a digital certificate, issued by credible authorities such as Verisign and Thawte.
Secure socket layers (SSL): This process involves both public key and digital certificate technologies to ensure privacy and
authentication. To initiate the process, a client asks for authentication from the server, which is done through a digital certificate.
Then, both the client and server design session keys for data transfer. The session will expire following any modification or
prolonged period of inactivity.
Firewalls: This includes both software and hardware that protects the network against hackers and viruses. Installing premium
quality anti-virus programs and spyware helps to fortify e-commerce protection from malicious threats.
Access control: Restricting user access to information on the site is an effective way to control the site’s security. Researches show
that most e-commerce malfunctions occur due to users’ ignorance. Access control measures can include:
◦ Restrictions on the use of CDs/DVDs or USB storage devices in the company.
◦ Limit over opening of personal accounts, such as Gmail, Yahoo or MSN, through official network.
◦ Network restrictions to regulate access to external network or system resources.
◦ Application control to restrict entry into sensitive environment.

Detection programs: These programs monitor network operations for any suspicious activity. They will generate an alert if a
potential attack is suspected.
Revising for new threats: Business enterprises must constantly update e-commerce security plans to remain protected from new
threats.
A VPN, or Virtual Private Network, allows you to create a secure connection to another
network over the Internet. VPNs can be used to access region-restricted websites, shield
your browsing activity from prying eyes on public Wi-Fi, and more. The vast majority of
people these days are using VPN for torrenting or bypassing geographic restrictions to
watch content in a different country.
We can use a VPN to:
Bypass geographic restrictions on websites or streaming audio and video.
Watch streaming media like Netflix.
Protect yourself from snooping on untrustworthy Wi-Fi hotspots.
Gain at least some secrecy online by hiding your true location.
Protect yourself from being noted while torrenting.
How Does a VPN Work?
When you connect your computer (or another device, such as a smartphone or tablet) to a VPN,
the computer acts as if it’s on the same local network as the VPN. All your network traffic is sent
over a secure connection to the VPN. Because your computer behaves as if it’s on the network,
this allows you to securely access local network resources even when you’re on the other side of
the world. You’ll also be able to use the Internet as if you were present at the VPN’s location,
which has some benefits if you’re using pubic Wi-Fi or want to access geo-blocked websites.
When you browse the web while connected to a VPN, your computer contacts the website
through the encrypted VPN connection. The VPN forwards the request for you and forwards the
response from the website back through the secure connection. If you’re using a USA-based
VPN to access Netflix, Netflix will see your connection as coming from within the USA.
 Uses for VPNs
VPNs are a fairly simple tool, but they can be used to do a wide variety of things:
Access a Business Network While Traveling: VPNs are frequently used by business travelers to access their business’ network,
including all its local network resources, while on the road. The local resources don’t have to be exposed directly to the
Internet, which increases security.
Access Your Home Network While Travelling: You can also set up your own VPN to access your own network while travelling.
This will allow you to access a Windows Remote Desktop over the Internet, use local file shares, and play games over the
Internet as if you were on the same LAN (local area network).
Hide Your Browsing Activity From Your Local Network and ISP: If you’re using a public Wi-Fi connection, your browsing activity
on non-HTTPS websites is visible to everyone nearby, if they know how to look. If you want to hide your browsing activity for a
bit more privacy, you can connect to a VPN. The local network will only see a single, secure VPN connection. All the other traffic
will travel over the VPN connection. While this can be used to bypass connection-monitoring by your Internet service provider,
bear in mind that VPN providers may opt to log the traffic on their ends.
Access Geo-Blocked Websites: Whether you’re an American trying to access your Netflix account while travelling out of the
country or you wish you could use American media sites like Netflix, Pandora, and Hulu, you’ll be able to access these
region-restricted services if you connect to a VPN located in the USA.
Bypass Internet Censorship: Many Chinese people use VPNs to get around the Great Firewall of China and gain access to the
entire Internet. (However, the Great Firewall has apparently started interfering with VPNs recently.)
Downloading Files: Yes, let’s be honest – many people use VPN connections to download files via BitTorrent. This can actually
be useful even if you’re downloading completely legal torrents – if your ISP is throttling BitTorrent and making it extremely
slow, you can use BitTorrent on a VPN to get faster speeds. The same is true for other types of traffic your ISP might interfere
with (unless they interfere with VPN traffic itself.)
 SECURE ELECTRONIC TRANSMISSION ( SET)
Secure electronic transaction (SET) was an early protocol for electronic credit card payments.
As the name implied, SET was used to facilitate the secure transmission of consumer credit
card information via electronic paths, such as the Internet. SET blocked out the details of
credit card information, thus preventing merchants, hackers, and electronic thieves from
accessing this information. SET is not some system that enables payment but it is a security
protocol applied on those payments.
SET protocol was supported in development by major organizations like Visa, Mastercard,
Microsoft which provided its Secure Transaction Technology (STT) and NetScape which
provided technology of Secure Socket Layer (SSL).
SET protocol restricts revealing of credit card details to merchants thus keeping hackers and
thieves at bay.
That’s all….
Thanks