Transport Level Security
- This level of security exists below the application layer. It mostly comprises of the secure socket layer and the transport layer security.
- Secure Socket Layer (SSL)
- According to Kizza (2009), the Secure socket layer is a cryptographic system applied in the Explorer and Netscape browsers. It is used to manage the security of message transmission in the Internet (Newman, 2009).
- The SSL uses a public key that can be utilized by anyone and a private key only known by the recipient of the message (Newman, 2009).
- It is designed to offer encrypted end-to-end data path between a server and a client regardless of the operating system (Kizza, 2009).
- Objectives of SSL
- Ensuring message integrity
- Data encryption
- Server and client authentication
- Features of SSL
- SSL provides multiple cryptographic algorithms
- SSL client authentication. The server confirms or checks the client’s identity
- SSL server authentication. The client checks the server’s identity
- SSL Architecture
- The SSL Architecture has two layers the top layer and the second layer, the SSL Record protocol. The top layer consists of three protocols. The top layer includes the Handshake protocol, the SSL Alert protocol, and the SS Change Cipher Specs protocol.
- Handshake Protocol
- Serves the function of dynamically exchanging security parameters such as keys and algorithms that will be used in the TCP connection (Joshi, 2008).
- This protocol is an end-to-end protocol where the messages are transmitted between the server and the TCP TLS client across the network. This ensures that the server and the client authenticate each other (Bagad and Dhotre, 2009)
- The SSL Alert protocol
- Used to signal errors to the other party during communication
- The SSL Change Cipher Spec Protocol
- Used to activate negotiated security parameters, which are used for the next transmission of the messages (Yang, 2011).
- SSL Record Protocol
- This ensures provision of message integrity. Normally achieved when the handshake protocol establishes a secret shared key used as message authentication code (MAC) (Kizza, 2009).
- The SSL record protocol also provides confidentiality. This is the case when the handshake protocol offers a shared secret key in the conventional encryption of SSL messages.
- How the SSL record protocol works
- The data to be transmitted in the application message is fragmented by the SSL record protocol. The data is then compressed, and a message authentication code added. Then an SSL header is added, and the message is transmitted under the TCP protocol (Kizza, 2009).
- HTTPS
- Refers to the Hypertext Transfer Protocol over Secure Socket Layer
- Used to encrypt and decrypt user page requests used in browsers such as Netscape (Newman, 2009).
- HTTPS utilizes a different port than the one used by the HTTP. It uses port 443 instead of HTTP port 80 (Newman, 2009).
- It is used as a sub-layer of the regular HTTP application layer.
- The RC4 stream encryption algorithm uses a 40-bit key size. According to Newman (2009), this offers the required encryption for commercial exchange.
- The HTTPS utilizes the X.509 digital certificates from the server, which allows sender authentication to be conducted.
- Wireless Network Security
- Securing your Wireless Network
- Wireless networks can be secured using the Wireless Protected Access (WPA) protocol and the WPA2 protocol. These standards are more effective in securing your wireless network than the WEP (wireless encryption protocol).
- WEP provides encrypts data. This ensures that vulnerable links between the clients and access points are secure.
- WEP is part of the IEEE 802.11 standards, which uses a stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity (Bagad and Dhotre, 2009).
- The advantage in using the wireless protected access protocols is that it is impossible to crack it since the keys used change dynamically.
- IEE 802.11
- This the standards used in the local area networking of the wireless networks.
- 802.11 standards
- These include the 802.11, 802.11a, 802.11b 802.11g and the 802.11n.
- 802.11 g achieves transmission speeds greater than 20 Mbps. The 802.11n standard provides lower power consumption compared to the other standards
- Wireless LAN Overview
- Protection is basically achieved through the physical protecting or controlling access to the building.
- Wireless network broadcasts are highly susceptible to eavesdropping (Bagad and Dhotre, 2009).
- Wireless Transport Layer Security
- Overview
- The function is the provision of transport layer security between a WAP client and the WAP Proxy (Garg, 2010).
- It is based on the transport layer security standard (TLS).
- Objectives of the WTLS
- Authentication: it is used to provide the authenticity of the application server and terminal.
- Denial of service protection: the WTLS has tools, which or reject data that are not successfully verified (Garg, 2010).
- Data integrity and privacy: WTLS ensures that data messages are private and remain uncorrupted.
References
Bagad, V., & Dhotre, I. (2009). Computer Networks. Punee: Technical Publications.
Garg, V. (2010). Wireless Communications & Networking. San Francisco: Morgan Kaufmann.
Joshi, J. B. (2008). Network security know it all. Amsterdam: Morgan Kaufmann/Elsevier.
Kizza, J. M. (2009). A guide to computer network security. London: Springer.
Newman, R. C. (2009). Computer security: protecting digital resources. Sudbury, Mass.: Jones
and Bartlett Publishers.
Yang, L. (2011). Applied Cryptography for cyber security and defense: information encryption and cyphering. Hershey: Information Science Reference.