Module: Current Trends in Networking

Lesson: Cryptography, network security and current attacks

© 2018 Arden University Ltd. All rights reserved.

Arden University Limited reserves all rights of copyright and all other intellectual property rights in these learning materials. No part of
any learning materials may be reproduced, stored in a retrieval system or transmitted in any form or by any means, including
without limitation electronic, mechanical, photocopying, recording or otherwise, without the prior written consent of Arden
University Limited.
Cryptography, network security and current attacks

Cryptography, network security and current attacks

The hardware, software and information that constitute computer systems is increasingly
mission-critical. Protecting them can be as important as protecting other valuable assets, such
as money, buildings, or employees. The purpose of implementing security is to protect
computer and network resources through the selection and application of appropriate
safeguards.

Computers are networked to provide networked services. A network is like a public place
where your resources are exposed to the risks that exist there. Therefore, network security
protects computer resources as well as network resources (such as routers/switches, which
are computers with their own operating systems) against the risks and threats that arise as a
result the interconnection. In this lesson, the topic of network security is addressed, and in the
context, the primary technique for privacy - encryption - is also addressed.

By the end of this lesson you will be able to:

Critically review the existing and emerging network security threats and countermeasures

Demonstrate an understanding of future of cryptographic methods.

What must be secured?

There are three general areas of concern when a trusted network (network that is managed
such as a corporate or campus network) is attached to an untrusted network such as another
network or the Internet:

That inappropriate material will deliberately, or inadvertently, be passed to and from the
untrusted network;

That unauthorised users will be able to gain access to the trusted network from the
untrusted network;

That the operations of the trusted network may be disrupted because of an attack from the
untrusted network.

© 2018 Arden University Ltd. ALl rights reserved

 Figure 9.01 - Pillars of security

https://www.youtube.com/watch?v=TisZKt4u-O0

Security measures that minimise the threats} (Cisco 2015) are the three pillars of security
namely confidentiality, integrity, authentication (Figure 9.01). A very important factor in security
is non-repudiation.

Definitions of security attributes

Here are the individual definitions of the security attributes

https://www.youtube.com/watch?v=CO7kY1jhtP0

(CISSP Fundamentals 2016):

Confidentiality:

Confidentiality refers to the protection of information from unauthorised access or disclosure.

Ensuring confidentiality is ensuring that those who are authorised to access information can do
so and those who are not authorised are prevented from doing so. Encryption of information is
typically done to keep information confidential, when it is stored or when it transits a network.

Integrity:

Integrity refers to the protection of information from unauthorised modification or destruction.

Ensuring integrity is ensuring that information and information systems are accurate, complete

© 2018 Arden University Ltd. ALl rights reserved

and uncorrupted. Message hashes are used to check for the integrity of messages. There are
plain hashes as well as keyed hashes.

Availability:

Availability ensures that an information resource is available to authorised users. It is

imperative to make sure that information requested is readily accessible to the authorised
users at all times. A denial-of-service attack infringes availability of the system.

Authentication:

Authentication is where both the sender and receiver need to confirm the identity of the other
party involved in the communication - to confirm that the other party is indeed who or what they
claim to be. Digital signatures and other methods such as passwords and biometrics are used
to authenticate messages and individuals, respectively.

Non-repudiation:

Non-repudiation ensures that a sending party does not deny having sent a message after
having sent it. In a sense, it is about being unable to deny the ownership of a transaction
between two parties. Non-repudiation uses digital signatures.

Cryptography

Cryptography, a word with Greek origins, means "secret writing". However, we use the term to
refer to the science and art of transforming messages to make them secure and immune to
attacks. The original message, before being transformed, is called plaintext. After the message
is transformed, it is called ciphertext. An encryption algorithm transforms the plaintext into
ciphertext; a decryption algorithm transforms the ciphertext back into plaintext. The sender
uses an encryption algorithm, and the receiver uses a decryption algorithm (Figure 9.02).

Figure 9.02 - Encryption and decryption

We refer to encryption and decryption algorithms as ciphers. The term cipher is also used to

© 2018 Arden University Ltd. ALl rights reserved

refer to different categories of algorithms in cryptography. This is not to say that every sender-
receiver pair needs their very own unique cipher for a secure communication. On the contrary,
one cipher can serve millions of communicating pairs.

A key is a number (or a set of numbers) that the cipher, as an algorithm, operates on. To
encrypt a message, we need an encryption algorithm, an encryption key and the plaintext.
These create the cipher text. To decrypt a message, we need a decryption algorithm, a
decryption key and the ciphertext. These reveal the original plaintext.

Figure 9.03 - Symmetric-key cryptography

We can divide all the cryptography algorithms (ciphers) into two groups: symmetric-key (also
called secret-key) cryptography algorithms and asymmetric-key (also called public-key)
cryptography algorithms.

Symmetric-key cryptography - in symmetric-key cryptography, both parties use the same

key. The sender uses this key and an encryption algorithm to encrypt data; the receiver
uses the same key and the corresponding decryption algorithm to decrypt the data (Figure
9.03)

Asymmetric-key cryptography - in asymmetric or public-key cryptography, there are two

keys: a private key and a public key. The receiver keeps the private key. The public key is
announced to the public (Figure 9.04).

© 2018 Arden University Ltd. ALl rights reserved

 Figure 9.04 - Asymmetric-key cryptography

Commonly, there are three types of keys, the secret key, the public key and the private key.
The first, the secret key, is the shared key used in symmetric-key cryptography. The second
and the third are the public and private keys used in asymmetric-key cryptography.

Read the article titled A Case Study for Usability in Secure Email Communication (Kapadia
2007). Observe the overall role of security in an email system and the various components of
security. How critical is the role of encryption in the context of email?

Critically compare symmetric encryption with asymmetric encryption particularly with respect
to their performance and applications. Mention your findings on the Lesson 9 discussion forum
and compare them with the others.

Explore what type of applications require the two types of encryption. In terms of the time
taken to encrypt a given piece of information, which type takes longer? What would be the
size of the encrypted data for a given size of the information that is encrypted? Refer to this
article (SURFnet 2010) and this paper (Sasi et al. 2014) to get an idea.

© 2018 Arden University Ltd. ALl rights reserved

Digital signature

A digital signature is a mathematical technique used to validate the authenticity and integrity of
a message, software or digital document. A digital signature is the digital equivalent of a
handwritten signature or stamped seal. It offers more security and it is intended to address
tampering and impersonation of digital information. Digital signatures provide assurances of
evidence to origin, identity and status of an electronic document, transaction or message, as
well as acknowledging informed consent by the signer. Today, digital signatures have the
same legal significance as that of the traditional signatures.

Figure 9.05 - Digital signature

Digital signatures are based on asymmetric cryptography (Figure 9.05). To create a digital
signature, a one-way hash of the electronic data to be signed is first generated. The private
key is then used to encrypt the hash. The encrypted hash, along with other information, such
as the hashing algorithm, is termed the digital signature. The hash value is of a fixed length
and usually much shorter than an average message. Encrypting the hash alone requires less
processing compared to having to encrypt the entire message.

The hash value is always unique to the data. Any modifications to the data will result in a
completely different hash value. When a message with the signature is received, the hash

© 2018 Arden University Ltd. ALl rights reserved

value is first decrypted, using the signer’s public key. Then the hash is calculated on the
received data and the hashes are verified for an exact match. If the hashes match, the data is
unchanged and the signature is verified since the sender’s public key was used to decrypt the
hash. This achieves non-repudiation since the sender’s identity is tied to the public key.

Read the paper titled Case study: Using digital signatures for the archival of medical records
in hospitals (Sageder, S., Sametinger, J. and Wiesauer, A., 2008) to get an understanding of
the practical use of digital signatures. Are there other means of establishing the integrity of the
medical records?

Discuss the role played by digital signatures in public key encryptions. Refer the article titled
Digital Signature: Application Development Trends in E-Business (Shiralkar & Vijayaraman
2003) to help your discussion and post your thoughts on the discussion board.

Network security

The elements of security in the context of the network are the following:

The information that transits the network must be confidential. Even if the data is tapped by
a malicious user, it must be in an encrypted form to ensure that the data is not useable.

The network must be accessible only to authorised users. Network access must be
provided only after the user and the device are authenticated.

The active devices on the network such as routers and switches must be inherently
secured so that they are not vulnerable to any risks on the network.

The end devices on the network such as PCs, laptops and handheld devices must be
secured against risks on the network.

Message-level security (data security) is provided by cryptographic mechanisms, however, the

network provides security at the entity level (network level). Data security is the aspect of
security that allows a client’s data to be transformed into unintelligible data for transmission.
Even if this unintelligible data is intercepted, a key is needed to decode the message. Although
cryptography enables data security, when transferring ciphertext over a network, it is helpful to
have a secure network. This will allow for the ciphertext to be protected, so that it is less likely
for many people to even attempt to break the code. A secure network will also prevent
someone from inserting unauthorised messages into the network, in addition to preventing
unauthorised access.

© 2018 Arden University Ltd. ALl rights reserved

Implementing network security

Network security is achieved through a combination of devices such as an Intrusion Detection

System (IDS), firewalls, etc., that use technologies such as IPSec (IP Security), SSL (Secure
Sockets Layer), Transport Layer Security (TLS), VPNs (Virtual Private Networks), etc.

The types of attacks through the Internet need to be studied to be able to detect and guard
against them. This is termed threat intelligence. Intrusion detection systems are established
based on the types of attacks most commonly used. Network intrusions consist of packets that
are introduced to cause problems for the following reasons:

To consume resources needlessly

To interfere with any system resource’s intended function

To gain system knowledge that can be exploited in later attacks.

Figure 9.06 - Firewall function

Network security mechanisms

Apart from cryptographic methods, other network security mechanisms are briefly discussed
below:

Firewall:

© 2018 Arden University Ltd. ALl rights reserved

A firewall is a typical border control mechanism or perimeter defence. The purpose of a firewall
is to block traffic from the outside, but it could also be used to block traffic from the inside. A
firewall is the front-line defence mechanism against intruders. It is a system designed to
prevent unauthorised access to or from a private network. Firewalls can be implemented in
both hardware and software, or a combination of both. Figure 9.06 illustrates the basic
functions of a firewall.

Intrusion Detection System:

An Intrusion Detection System (IDS) is an additional protection measure that helps ward off
computer intrusions. IDS systems can be software and hardware devices used to detect an
attack. IDS products are used to monitor connection in determining whether attacks are being
launched. Some IDS systems just monitor and alert of an attack, whereas others try to block
the attack. Figure 9.07 illustrates how an IDS functions.

Figure 9.07 - Intrusion Detection System

Malware Scanners:

Viruses, worms and Trojan horses are all examples of malicious software, or malware for
short. Special anti-malware tools are used to detect them and cure an infected system

Secure Sockets Layer:

The Secure Sockets Layer (SSL) is a suite of protocols that is a standard way to achieve a
good level of security between a web browser and a website. SSL is designed to create a
secure channel, or tunnel, between a web browser and the web server, so that any information
exchanged is protected within the secured tunnel. SSL provides authentication of clients to
server using certificates. Clients present a certificate to the server to prove their identity. SSL
has now been standardised as Transport Layer Security (TLS).

© 2018 Arden University Ltd. ALl rights reserved

Recall that an anti-virus package is used to filter out infected content that potentially damages
the files and the information stored in it and could cause the system to malfunction. It is
specific to a host and not entirely in the context of the network.

Research the recent advances in network security mechanisms, particularly in the context of
large data centre network infrastructure. Refer to the article titled Deep Security: Protecting
the data centre (Trend Micro 2009) to help your discussion on the Lesson 9 online forum

Secure Sockets Layer

https://www.youtube.com/watch?v=6KSeMzgSS68

SSL (SSL Corp 2016) (note that SSL evolved into Transport Layer Security - TLS, with
standardisation; the terms are now used synonymously) uses public-key cryptography to
provide authentication, and secret-key cryptography and digital signatures to provide for
privacy and data integrity. The protocol is composed of two layers. At the lowest level, layered
on top of some reliable transport protocol (e.g., TCP), is the SSL record protocol. The SSL
record protocol is used for encapsulation of various higher-level protocols. One such
encapsulated protocol, the SSL handshake protocol, allows the server and client to
authenticate each other and to negotiate an encryption algorithm and cryptographic keys
before the application protocol transmits or receives its first byte of data. One advantage of
SSL is that it is application protocol independent. A higher-level protocol can layer on top of the
SSL protocol transparently. Figure 9.08 illustrates how the SSL layer (in green) supports the
application layer. The enlarged view of the SSL layer shows the handshake layer and the
record layer, along with their functions.

© 2018 Arden University Ltd. ALl rights reserved

 Figure 9.08 - The SSL/TLS layer, its sub-layers and functions

The SSL protocol provides connection security that has three basic properties:

The connection is private. Encryption is used after an initial handshake to define a secret
key. Symmetric cryptography is used for data encryption (e.g., algorithms such as Data
Encryption Standard (DES), 3DES, Rivest Cipher 4 (RC4)).

The peer's identity can be authenticated using asymmetric, or public-key, cryptography

(e.g., Rivest-Shamir-Adleman (RSA), Digital Signature Standard (DSS)).

The connection is reliable. Message transport includes a message integrity check using a
keyed Message Authentication Code (MAC). Secure hash functions (e.g., Secure Hash
Algorithm (SHA), Message Digest 5 (MD5)) are used for MAC computations.

SSL provides privacy of data by encrypting the information transferred between communicating
endpoints. The client machine can authenticate the server by verifying its certificate. This helps
users to verify the certificate of the site they are visiting to ensure that it is indeed a genuine
site.

The use of SSL brought up the need for a certificate based infrastructure and therefore the
relative costs increased. In addition, the use of SSL puts a load on processing and can impact
performance in terms of delays. However, the security that SSL provides far outweighs the
cost and performance delays. Also, the performance delays are likely to affect only very small
computing platforms.

Internet Protocol Security (IPSec)

© 2018 Arden University Ltd. ALl rights reserved

Internet Protocol Security (IPSec) is a framework of open standards for helping to ensure
private, secure communications over Internet Protocol (IP) networks using cryptographic
security services. IPSec supports network-level data integrity, data confidentiality, data origin
authentication and replay protection. IPSec is integrated at the Internet (IP) layer (layer 3); it
provides security for almost all protocols in the TCP/IP suite (Figure 9.09). IPSec is applied
transparently to applications. So, there is no need to configure separate security for each
application that uses TCP/IP. The difference between SSL and IPSec is illustrated in Figure
9.10.

Figure 9.09 - SSL/TLS vs. IPSec in terms of layers

© 2018 Arden University Ltd. ALl rights reserved

Figure 9.10 - SSL/TLS vs. IPSec - operational differences

IPSec helps provide defence-in-depth against:

Network-based attacks from untrusted computers, attacks that can result in the denial-of-
service of applications, services, or the network

Data corruption

Data theft

User-credential theft

Administrative control of servers, other computers, and the network.

You can use IPSec to defend against network-based attacks through a combination of host-
based IPSec packet filtering and the enforcement of trusted communications.

IPSec can be used end to end, for example, between a client and a server. IPSec transport
mode can be used for this. However, the most widespread use of IPSec today is between
specific IPSec gateways. Two such gateways are typically endpoints that interconnect to
networks. Effectively, they interconnect two networks across a public network infrastructure. All
traffic that transits the public network will be secure. In this case, tunnel mode is used to tunnel
packets securely from one network to the other. Hosts between these networks can access the
other network transparently and use all services on each other. Such a secure connectivity
interconnecting networks is not feasible using SSL. This is a primary difference between the
two protocols. Figure 9.11 shows both transport mode and tunnel mode with their typical
applications.

Figure 9.11 - IPSec: Tunnel mode vs Transport mode

© 2018 Arden University Ltd. ALl rights reserved

The capabilities of IPSec form the basis of the virtual private network (VPN) services. IPSec
provides the necessary infrastructure to extend an enterprise's private network across the
Internet to reach out to customers and business partners, in other words, to build what is called
a "virtual private network (VPN)". To reiterate, a VPN is a private data network that makes use
of the public telecommunication infrastructure, such as the Internet, by adding security
procedures over the unsecure communication channels. The security procedures that involve
encryption are achieved using a tunnelling protocol. There are two types of VPNs: remote
access which lets single users connect to the protected company network (IPSec transport
mode) and site-to-site (IPSec tunnel mode) which supports connections between two protected
company networks. In either mode, VPN technology gives a company the facilities of
expensive dedicated interconnectivity at a much lower cost by using the shared public
infrastructure like the Internet.

Virtual Private Network (VPN)

https://www.youtube.com/watch?v=K_JomGpvjH4

VPN (ESET 2016) is a means of creating a secure tunnel between a specific end system and a
VPN server. The system then becomes a part of the server’s network. All the data exchanged
between the end system and the VPN server is completely encrypted. All details of what
services the system is using, the end points of its communications such as the websites the
system accesses, etc., are completely confidential.

VPN services are typically used to access an organisation’s intranet from the Internet. The
users typically connect to a VPN server hosted within the organisation and then access the
resources within the organisation. The use of a VPN is recommended whenever there is a
need to access resources using a public Wi-Fi hotspot (Figure 9.12).

Figure 9.12 - Typical schematic of a VPN

© 2018 Arden University Ltd. ALl rights reserved

The basic requirement of a VPN is the ability to form a tunnel between two end points to be
able to send encrypted, IP encapsulated packets. There are two ways in which this can be
done:

Using SSL/TLS to provide the encrypted tunnel between the end points

Using IPSec to provide the encrypted tunnel between the end points.

SSL VPNs are typically designed to provide remote access. Since SSL was primarily designed
for secure web access, remote access is provided as a browser based service. SSL tunnel
VPNs allow access to other applications too, but are limited to user to server connectivity
(Figure 9.13). Notice that while an IPSec VPN terminates typically on a firewall (which hosts
the VPN server), the SSL VPN terminates on an SSL server which is behind the firewall (on
the remote network). The difference between using layer 3 and layer 4 is distinctly seen here.
Unlike a IPSec VPN, SSL VPNs are application dependent.

Figure 9.13 - IPSec and SSL VPNs

IPSec VPNs are used for connectivity in two modes:

Client-to-site VPNs, where a user (client) sets up a VPN connection to a VPN server in an
organisation to use the resources of that organisation.

Site-to-site VPN, where two networks at two remote sites are interconnected using an
IPSec VPN. In such cases, routers or firewalls that are capable of deploying VPNs are
used. This provides a secure interconnectivity between the remote networks (Figure 9.14).
Such a capability is not possible by SSL/TLS.

© 2018 Arden University Ltd. ALl rights reserved

 Figure 9.14 - Site-to-site VPN via the Internet

Security attacks

Malicious users can attack the network for various reasons such as gathering or stealing
information and blocking the availability of data or services. These attacks can be active or
passive. In an active attack, the attacker tries to break the existing network protection
mechanisms by the introduction of a malicious code or worm, bypassing system security to
exploit against a network backbone and to disclose or modify the data. A passive attack
monitors the network traffic to capture authentication information. It is difficult to detect passive
attacks because there is no change to the original content of data. Attackers can be from either
inside or outside the network. Like the external attacker, an inside attacker intentionally
eavesdrops, steals, or damages information or denies access to other authorised users. There
are several active and passive network attacks that can impact on the security risks within the
network.

Packet-sniffing attack

A packet sniffer, sometimes referred to as a network monitor, captures all packets of data
passing through a network interface. In a broadcast environment, a packet sniffer can receive
all data frames transmitted by the hosts within the network. Any network host with a network
card can serve as a packet sniffer if the card is set to promiscuous mode in order to receive the
data frames. A legitimate user such as the system administrator uses this program to monitor
and troubleshoot network traffic. However, a malicious intruder also can capture and analyse
all the network traffic passively.

IP spoofing attack

This is a technique used to send messages to a specific target host with an IP address
indicating that the message is coming from a trusted host. The malicious user needs to obtain
the IP address of the trusted host and then modifies the packet so that it appears that the
packets are coming from that host. Spoofing makes it difficult for the victim system to
determine where the computer is transmitting data from due to the difficulties of tracking the

© 2018 Arden University Ltd. ALl rights reserved

source. In this way the attacker gets unauthorised access to the host machine, network, or
restricted resource.

Phishing attack

A phishing attack uses social engineering techniques to solicit personal information from target
users. The attackers may create a fake website that looks exactly like a popular site. The
phishing part of the attack is that the attacker then sends an email message which the user
can see originated from a legitimate organisation or known individual. The email tries to trick
the user into clicking a link that leads to that fake site. The user attempts to log on to the fake
site with their credentials which the hacker records and then uses on the real site to gain the
victim’s access. The fake site may also contain malicious code that affects the user’s system.
Here, the social engineering technique is used as the attacker obtains confidential information
through non-technical means such as sending an email pretending to be from a legitimate
source.

Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks

A Denial-of-Service (DoS) attack is an explicit attempt by an attacker to make the network,

host, or any other network infrastructure unusable for the legitimate user. This attack posts so
much work on the network infrastructure that regular traffic on the website will be either slowed
down or completely interrupted. For example, if an attacker uses SYN flooding for a DoS attack
to a target server, then the victim server is overflowed with TCP SYN packets, each having a
spoofed IP source address. By responding to these fake requests through these TCP SYN
packets, the server memory is soon depleted and the network service disrupted. The server is
then unable to serve the legitimate users’ requests. For the SYN attack, attackers often use
either random source addresses, or attack a specific server and overload it for the successful
execution of their attack. A DoS attack comes in a variety of forms of classical attacks, such as
the consumption of a resource like network bandwidth or memory causing loss of availability to
traffic, increasing CPU processing time, and the alteration, destruction or reconfiguration of
information or network components by unauthorised access.

A Distributed Denial-of-Service (DDoS) attack comes from more than one source at the same
time. Multiple systems allow much higher traffic volumes to form a DDoS attack. Therefore, the
severity or impact of a successful DDoS attack on a network is much more devastating when
compared to a DoS attack. The attacker initially gains access to target host computers within
the network by taking advantage of security vulnerabilities. The DDoS attack is referred to as
distributed because the attacker is using multiple hosts to launch the attack at the target victim.

doInteractive("fi05", "CTN_09_5.ini", "500");

What are the security concerns and challenges in implementing remote access VPN? You
may refer to the article titled Remote Access VPN - Security Concerns and Policy
Enforcement (SANS Institute 2003) to help frame your thoughts.

Summary

© 2018 Arden University Ltd. ALl rights reserved

In this lesson, we identified the components of the network that need to be secured. The
primary functional requirements of security are confidentiality, integrity and authentication. Non-
repudiation is another feature that is necessary. Cryptography is a means of achieving
confidentiality. Cryptographic mechanisms also provide the basis for the means to provide data
integrity and non-repudiation with hashing and digital signatures, respectively. While these are
the basic means used to ensure data security, they also support the needs of network security.
Specific techniques such as SSL/TLS and VPNs provide interconnectivity between client-to-
site and site-to-site requirements. However, there are security implications at every layer of the
protocol stack. Functionally, each layer has its own security requirements at its peer layer on
the remote stack. It is therefore the combined security mechanisms across the layers that are
exercised when an application requires end-to-end security. View this presentation titled
Security protocols in the network stack} to get a brief overview of end-to-end security when an
application requires it.

https://vimeo.com/251286178/f1b0096f04

Transcript

In addition to the CIA Triad, there are a few other security defence attributes that are part of
best practice such as authentication, non-repudiation and authorisation. Research how these
enable protection against threats. You may refer to the article titled Fundamental Security
Concepts (Cryptome.org 2013) to help your research.

Further and wider reading

Viewing

APNIC Training, 2013. Network Security Fundamentals. [video, online]. APNIC Training, 23
January 2013. Available from: [Accessed 1 December 2017].

APNIC Training, 2014. IPSec Basics. [video, online]. APNIC Training, 14 April 2014.
Available from: [Accessed 01 December 2017].

Cisco, 2015. Make Network Security Simple. [video, online] Cisco, 3 November 2015.
Available from: [Accessed 01 December 2017].

CISSP Fundamentals, 2016. CIA TRIAD. [video, online] CISSP Fundamentals, 27 August
2016. Available from: [Accessed 01 December 2017].

ESET, 2016. What is VPN and how it works? [video, online] ESET, 15 December 2016.
Available from: [Accessed 01 December 2017].

SSL Corp, 2016. What is SSL? [video, online] SSL Corp, 5 January 2016. Available from:
[Accessed 01 December 2017].

© 2018 Arden University Ltd. ALl rights reserved

Wider reading

Apple 2015. Finding More Than One Worm in the Apple. Communications of the
ACM [online], 57(7), pp. 58-64, Computers & Applied Sciences Complete, EBSCOhost.
Available from: [Accessed 01 November 2017].

2005. SSL VPNs Simplify Remote User Security. Iseries NEWS [online], 313, pp. 35-38,
Computers & Applied Sciences Complete, EBSCOhost. Available from: [Accessed 01
November 2017].

Hofmann, L., 2016. Finding New Directions in Cryptography. Communications of the ACM
[online], 59(6), pp. 112-111, Computers & Applied Sciences Complete, EBSCOhost.
Available from: [Accessed 01 November 2017].?

.Johns, M., 2014. Real-Time Communications Security on the Web. IEEE Internet
Computing [online], 18(6), pp. 8-10, Computers & Applied Sciences Complete,
EBSCOhost. Available from: [Accessed 01 November 2017].

Ponnapalli, H. & Saxena, A., 2013. A Digital Signature Architecture for Web Apps. IT
Professional [online], 15(2), pp. 42-49, Computers & Applied Sciences Complete,
EBSCOhost. Available from: [Accessed 21 June 2017]

Stuart, S., 2016. The Supercomputers That Are Exploring Quantum Cryptography. PC
Magazine [online], pp. 20-24, Computers & Applied Sciences Complete, EBSCOhost.
Available from: [Accessed 01 November 2017]. ?land, M., 2014. ?

Turner, S., 2014. Transport Layer Security. IEEE Internet Computing [online], 18(6), pp.
60-63, Computers & Applied Sciences Complete, EBSCOhost. Available from: [Accessed
01 November 2017].

References

Cryptome.org, 2013. Fundamental Security Concepts. [online] Cryptome.org 2013.

Available from: [Accessed 01 December 2017].

Kapadia, A., 2007. A case (study) for usability in secure email communication. IEEE
Security & Privacy [online], 5(2). Available from: [Accessed 20 December 2017].

SANS Institute, 2003. Remote Access VPN - Security Concerns and Policy Enforcement.
[online] SANS Institute. Available from: [Accessed 01 November 2017].

Sageder, S., Sametinger, J. and Wiesauer, A., 2008, October. Case study: Using digital
signatures for the archival of medical records in hospitals. In Risks and Security of Internet
and Systems, 2008. CRiSIS'08. Third International Conference on (pp. 213-220). IEEE.

Sasi, S.B., Dixon, D., Wilson, J. and No, P., 2014. A general comparison of symmetric and
asymmetric cryptosystems for WSNs and an overview of location based encryption
technique for improving security. IOSR Journal of Engineering [online], 4(3), p.1. Available
from: [Accessed 01 December 2017].

Shiralkar, P. and Vijayaraman, B.S., 2003. Digital Signature: Application Development

© 2018 Arden University Ltd. ALl rights reserved

Trends in E-Business. J. Electron. Commerce Res. [online], 4(3), pp.94-101. Available
from: [Accessed 01 December 2017].

SURFnet, 2010. Applications of Modern Cryptography: Technologies, applications and

choices. [online] Surfnet, Netherlands, 2010. Available from: [Accessed 01 December
2017].

Trend Micro, 2009. Protecting the Dynamic Datacenter. [online] TrendMicro, August 2009.
Available from: [Accessed 01 December 2017].

© 2018 Arden University Ltd. ALl rights reserved

© 2018 Arden University Ltd. ALl rights reserved
© 2018 Arden University Ltd. ALl rights reserved
© 2018 Arden University Ltd. ALl rights reserved
© 2018 Arden University Ltd. ALl rights reserved
© 2018 Arden University Ltd. ALl rights reserved
© 2018 Arden University Ltd. ALl rights reserved
 © 2018 Arden University Ltd. ALl rights reserved

Powered by TCPDF (www.tcpdf.org)