Computer Network Security (Fully Explained)
In the early days of the internet, its usage was primarily confined to military and academic institutions for research and development purposes. Eventually, as all networks converged to form the internet, data began to traverse through public transit networks. Ordinary users could transmit highly sensitive information, including bank credentials, usernames and passwords, personal documents, online shopping details, or confidential files.
All security threats are deliberate, meaning they only occur when intentionally activated. These threats can be categorized as follows:
Interruption
Interruption represents a security threat where the availability of resources is compromised. For instance, a user may find themselves unable to access their web server, or the web server itself may be hijacked.
Privacy-Breach
In this type of threat, a user's privacy is violated. An unauthorized individual gains access to or intercepts data that is sent or received by the legitimate authenticated user.
Integrity
This threat involves any alteration or modification of the original communication context. An attacker intercepts the data sent by the sender, modifies it, or generates false data, and then sends it to the receiver, who believes it is from the original sender.
Authenticity
This threat arises when an attacker or security violator impersonates a legitimate individual to access resources or communicate with other genuine users.
Currently, no method can guarantee 100% security. However, measures can be implemented to protect data as it travels through unsecured networks or the internet. The most commonly employed technique is Cryptography.
Cryptography is a method used to encrypt plain-text data, rendering it difficult to comprehend and interpret. Numerous cryptographic algorithms are available today, as outlined below:
- Secret Key
- Public Key
- Message Digest
Secret Key Encryption
Both the sender and the receiver possess a single secret key. This key is utilized to encrypt the data on the sender's side. Once the data is encrypted, it is transmitted over the public domain to the receiver. Since the receiver is aware of and possesses the Secret Key, they can easily decrypt the encrypted data packets.
An example of secret key encryption is the Data Encryption Standard (DES). In this type of encryption, a distinct key is necessary for each host on the network, which complicates management.
Public Key Encryption
In this encryption framework, each user has their own Secret Key that is not shared publicly. The secret key remains confidential and is never disclosed in the public domain. In addition to the secret key, every user also has a public key. The public key is always available to the public and is used by senders to encrypt data. When a user receives the encrypted data, they can easily decrypt it using their own Secret Key.
An example of public key encryption is the Rivest-Shamir-Adleman (RSA) algorithm.
Message Digest
This method does not transmit the actual data; instead, a hash value is computed and sent. The receiving user calculates their own hash value and compares it with the one received. If both hash values match, the data is accepted; otherwise, it is rejected.
An example of a Message Digest is MD5 hashing, which is primarily used in authentication to verify user passwords against those stored on the server.
.jpg)
