Chapter 14 - Network security: Firewalls and VPNs. In this chapter, we look at four issues of security: privacy, authentication, integrity, and nonrepudiation. We show how the first can be achieved through secret-key or private-key encryption. We discuss a concept called digital signature that satisfies the three other conditions. We talk about how security is implemented in the Internet. | Chapter 14 Network Security: Firewalls and VPNs List and distinguish between the four conditions of security. Understand how privacy can be achieved through encryption/ decryption. Understand the digital signature concept and how it can be used to provide authentication, integrity, and nonrepudiation. Understanding firewalls and their use in isolating an organization from intruders. After reading this chapter, the reader should be able to: OBJECTIVES OBJECTIVES (continued) Understand the different access control methods. Be familiar with VPN technology and how it provides privacy. INTRODUCTION Figure 14-1 Aspects of security PRIVACY Figure 14-2 Secret-key encryption In secret-key encryption, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared. Note: Business Focus: DES One common method of secret-key encryption is the data encryption standard (DES). DES was designed by IBM and adopted by the . government as the . | Chapter 14 Network Security: Firewalls and VPNs List and distinguish between the four conditions of security. Understand how privacy can be achieved through encryption/ decryption. Understand the digital signature concept and how it can be used to provide authentication, integrity, and nonrepudiation. Understanding firewalls and their use in isolating an organization from intruders. After reading this chapter, the reader should be able to: OBJECTIVES OBJECTIVES (continued) Understand the different access control methods. Be familiar with VPN technology and how it provides privacy. INTRODUCTION Figure 14-1 Aspects of security PRIVACY Figure 14-2 Secret-key encryption In secret-key encryption, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared. Note: Business Focus: DES One common method of secret-key encryption is the data encryption standard (DES). DES was designed by IBM and adopted by the . government as the standard encryption method for nonmilitary and nonclassified use. The algorithm manipulates a 64-bit plaintext with a 56-bit key. The text is put through 19 different and very complex procedures to create a 64-bit ciphertext. Figure 14-3 Public-key encryption Technical Focus: RSA One popular public-key encryption technique is called RSA . The technique uses number theory and the fact that it is easy to create two large numbers and multiply them, but difficult to find the original numbers when the product is given. The public key is made of two large numbers (n and e). The private key is made of two numbers (n and d). The encryption algorithm is C = P e mod n The receiver uses the same procedure but with the private key numbers as shown: C = P d mod n DIGITAL SIGNATURE Figure 14-4 Signing the whole document Digital signature cannot be achieved using secret-key encryption. Note: Digital signature does not provide privacy. If there is a need for privacy, another layer of .
