Unit – 4: Network

security and firewalls

2023-07-24
BY: ARCHANA JHA
Network security and firewalls
 Client: A client is a piece of computer hardware of software that
access a service made available by a server. For example, web
browsers are clients that connect to web servers and retrieve web
pages for display.
 Server: A server is a computer program or device that provides
functionality for other programs or devices called “clients”
Client server network
security
This is a centralized architecture where central controller is known as server
while all other computer in the network are called clients.
 It is also known as request response architecture, where client make a
request to the server and server will fulfill the response.
 A server performs all the major responsibility such as security and network
management.
 A sever is responsible for managing all the resources such as files,
directories, printer etc.
 All the clients communicate with each other through a server.
Advantage of Client/ Server
network

It is a centralized system. Therefore we can back up the data easily.
 This network has a dedicated server that improves the overall performance
of the whole system.
 Security is better in client / server network because a single server
manages the share resources.
 Speed of sharing resources or data is high.
Network Security
 Network security consists of policies and practices adopted to prevent
monitor from unauthorized access, misuse, modification of computer
network and network accessible resources.
 It involves the authorization of access to data in a network.
 There are three main aspect of network security, prevention, protection and
security.
 The overall goal of the network security is to create a connected network
that protect against illegal activity while allowing you to perform activities
you need to.
Firewall and its type
 A network device
 Hardware or software device
 All data passes through firewall
 After examining the data firewall either block or pass the data.
 A firewall is a network security system that monitors and control incoming
and outgoing network traffic based on predetermined security rules.
Types of firewalls

Application Packet
gateways filtering

Circuit
level
gateways
Types of firewalls
1. Application gateways:
 The first firewalls were application gateways
 It is also known as proxy gateways
 Contacts uses ICP/IP applications like: TELNET, FTP, HTTP, SMTP etc.
 More secure than other firewalls
 Proxy firewalls operate at the application layer to filter incoming traffic
between your network and the traffic source.
Types of firewalls
2. Packet filtering firewalls
 Packet filtering is a technique where by routers have turned on.
 A router will pass all traffic sent and will do so without any sort of
restrictions
 This firewall maintains a filtering table which decides whether the packet
will be forwarded or discarded.
Types of firewalls
3. Circuit level gateways
 Circuit level gateways are another simplistic firewall types meant to quicky
and easily approve or deny traffic without consuming significant computing
resources.
 Security check done before setting up a connection. Once the connection is
established, all the data will be passed.
Encryption:
 Encryption is the process by which a readable message is converted to an
unreadable form to prevent unauthorized parties from reading it.
 Encryption is the process through which data is encoded so that it remains
hidden from or inaccessible to unauthorized users.
 It helps protect private information, sensitive data and can enhance the
security of communication between client, apps and servers.
 Encryption converts the plain text message into scrambled information
which is unreadable to general users.
Decryption:
 The conversion of encrypted data into its original form is called decryption.
 It is generally a revers process of encryption.
 It is a method of converting the unreadable coded data into its original form.
 The process of converting cipher text into a plain text is called decryption.
Key terms
 Plain text: a message in its original form.
 Ciphertext: a message in the unrecognized form.
 Encryption: the process for producing ciphertext from plaintext.
 Decryption: the reverse of encryption.
 Key: a secret value used to control encryption/decryption.
Secret key cryptography:
 The encryption process where some keys are used for encrypting and
decrypting the information is known as secret key cryptography.
Public key cryptography:
 The encryption process where different keys are used for encrypting and
decrypting the information is known as public key cryptography.
 Public key cryptography is also called asymmetric key cryptography.
 It uses two types “a pair of keys for encryption and decryption.
 Private key known only to that particular person.
 Public key known to everyone.
Secret key cryptography:
Public key cryptography:
 Every user in this system needs to have a pair of dissimilar keys private key
and public key when one key used for encryption the other can decrypt the
ciphertext back to the original plaintext.
 It requires to put the public key in public key in public responsibility and the
private key as a well-guarded secret. Hence this scheme of encryption is
also called public key encryption.
Digital signature:
 A digital signature is a mathematical technique used to validate the
authenticity (Originality) and integrity (honesty) of message, software or
digital document.
 A digital signature is more secure than physical signature.
 A digital code (Generated and authenticated by public key encryption)
which is attached by public key encryption) which is attached to an
electronically transmitted document to verify its contents and the sender’s
identity.
 A digital signature is an electronic method of signing an electronic
document.
Digital signature:
Basic requirements for digital signature
1. Private key: the private key is one which is accessible only to the signer.
It is used to generate the digital signature which is attached to the
message.
2. Public key: the pubic key is made available toe all those who received the
signed message from sender. It is used for verification of the received
message.
3. Digital certificate: A subscriber of the private key and public key pair
makes the available to all those who are intended to receive the signed
messages from the subscriber.
Digital Certificate:
 Digital certificate are electronic credentials that are used to assert the
online identities of individuals, computer, and other entities on a network.
 They are issued by certification authorities (CA) that must validate the
identity of the certificate holder both before the certificate is issued and
when the certificate is used.
 Digital signature certificates (DSC) is the electronic format of physical or
paper certificate like a driving license passport etc.
 A digital signature certificate can be presented electronically to prove your
identify.
 Digital certificates are used to encrypt online communications between an
users browser and a website.
 After verifying that a company owns a website a certificate authority will
sign their certificate so it is trusted by internet browsers.
Digital Certificate:
Objectives of digital certificates
 Encryption: A certificate with this purpose will contain cryptographic
keys for encryption and decryption.
 Signatures: A certificate with this purpose will contain cryptographic
keys for signing data only.
 Signature and encryption: A certificate with this purpose covers all
primary uses of a certificates cryptographic key, including encryption
of data, decrypting of data initial log on or digitally signing data.
 Signature and smart card log on: A certificate with this purpose allows
for initial log on with a smart card and digitally signing data. It cannot
be used for data encryption.
 End of the Chapter

2023-07-24