IC3 - Network Security. IC3 - Network Security. M.Sc. in Information Security Royal Holloway, University of London

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "IC3 - Network Security. IC3 - Network Security. M.Sc. in Information Security Royal Holloway, University of London"

Transcription

1 IC3 - Network Security M.Sc. in Information Security Royal Holloway, University of London IC3 - Network Security Lecture 1, Part 1 Introduction to Networking 1 2 Objectives of Lecture Networking background Show how networks can be understood using a layered approach. Introduce the OSI seven layer reference model. Introduce the concepts of internetworking and routing. Understanding the difference between network protocols and services. Contents 1.1 Extended example: how the Internet protocols fetch a web page 1.2 The concept of protocol layering 1.3 Internetworking and routing 1.4 The OSI seven layer model 3 4 CINS/F1-01

2 1.1 Internet Protocols How does a web browser application retrieve data from a web server? Web Browser Network Web Server Application Layer Users invoke applications which speak using application protocol. Applications interact with a transport protocol to send or receive data. Application protocol in our example: Hypertext Transfer Protocol (HTTP). Other application protocols: FTP, SMTP, DNS, NFS, SMB/CIFS, 5 6 Application Layer Example Transport Layer HTTP outline: GET /directory/dirsearch.html HTTP/1.1 Host: news.bbc.co.uk Other fields also included (e.g. client application identifier, encoding methods, ) HTTP Message GET /directory/dirsearch.html HTTP/1.1 Host: news.bbc.co.uk Provides end-to-end communication between applications. Transport Protocol: Transport Control Protocol (TCP) a reliable, connection-oriented transport protocol. Divides stream of application messages into packets. Interacts with Internet Layer to send or receive data. In general, a transport protocol may be reliable or unreliable, connection-oriented or connectionless, and flow may or may not be regulated. Others: UDP, ICMP. 7 8

3 Transport Layer Example TCP outline: Source Port: 1081 Destination Port: 80 Checksum: 0xa858 Other header fields and payload TCP header Src: 1081 Dst: 80 Chksum: 0xa858 TCP payload GET /directory/dirsearch.html HTTP/1.1 Host: news.bbc.co.uk HTTP Message Internet Layer Responsible for routing communications between one machine and another. Accepts requests to send packets to destination address. Internet Protocol (IP) encapsulates packets in IP datagram with IP header and uses routing algorithm to decide whether to send directly or indirectly Internet Layer Example IP outline: Time to live: 128 Header checksum: 0x57d1 Source: nonesuch ( ) Destination: news.bbc.co.uk ( ) Other header fields and payload IP datagram header Src: Dst: TTL: 128 Src: 1081 Dst: 80 Chksum: 0xa858 TCP header IP payload GET /directory/dirsearch.html HTTP/1.1 Host: news.bbc.co.uk HTTP Message Network Interface Layer Accepts IP datagrams and prepares for transmission over specific physical network Maybe a simple device driver (e.g. an Ethernet driver) or a complex subsystem with further data link protocols (e.g. in an ATM network) Output of network interface layer is a signal suitable for transmission on a particular physical medium Alternatively, this can then be further (transparently) encapsulated: PPPoE used commonly in residential DSL and cable applications 11 12

4 Network Interface Layer Example Ethernet outline: Destination: 00:a0:cc:54:1d:4e Source: 00:e0:81:10:19:fc Type: IP Other header fields and payload Src: 00:e0:81:10:19:fc Dst: 00:a0:cc:54:1d:4e Type: IP Src: Dst: TTL: 128 Ethernet Frame Src: 1081 Dst: 80 Chksum: 0xa858 GET /directory/dirsearch.html HTTP/1.1 Host: news.bbc.co.uk Physical Layer A layer representing the actual communications medium. Could be an Ethernet cable (TP, 10Base2, etc.), optical fibre, wireless link, telephone wire or even a carrier pigeon ( Sometimes not considered as a separate layer in TCP/IP networking; sometimes not considered part of TCP/IP at all. Thus creating confusion over whether there are really 4 or 5 layers in TCP/IP At The Server 1.2 Protocol Layering The server contains a set of layers matching those at the client: The physical signal is presented to the server s network interface layer which reconstructs the Ethernet frame. The network interface layer extracts an IP datagram and passes it up to the Internet layer. The Internet layer checks the datagram, extracts a TCP segment and passes it up to the transport layer. The transport layer checks for errors and passes the TCP payload (an http message) onto the application layer. The web server at the application layer receives the http message and processes it. Return messages from web server to web browser are handled in the same way. Host A Application Layer Transport Layer Internet Layer Network Interface Layer Message Packet Datagram Frame Physical Network Host B Application Layer Transport Layer Internet Layer Network Interface Layer 15 16

5 Protocol Layering Protocol Hierarchies Web Browser Application Layer Transport Layer Internet Layer Network Interface Layer HTTP Message TCP Packet IP Datagram Ethernet Frame Physical Network Web Server Application Layer Transport Layer Internet Layer Network Interface Layer Protocols are stacked vertically as series of layers. Each layer offers services to layer above through an interface, shielding implementation details. Layer n on one machine communicates with layer n on another machine (they are peer processes/entities) using Layer n Protocol. The entire hierarchy is called a protocol stack e.g. the TCP/IP protocol stack Layers, Protocols & Interfaces Layer n/n+1 interface Layer n-1/n interface Layer 2/3 interface Layer 1/2 interface Layer n Layer n protocol Layer 2 protocol Layer 2 Layer 2 Layer 1 protocol Layer 1 Layer 1 Physical communications medium Layer n Layer n/n+1 interface Layer n-1/n interface Layer 2/3 interface Layer 1/2 interface 19 Layer and Interface Design An important design objective is clean interfaces, having minimal set of well-defined services. Use of protocol layering and clean-cut interfaces enables: easy replacement of individual layers designers and implementers to focus on solving one sub-problem at a time independent implementations of the same layer to inter-operate minimisation of inter-layer communications diagnosis of faults, errors, congestion, 20

6 Virtual & Actual Communications Important to understand difference between: virtual and actual communications, protocols and interfaces. Peer processes think of communications as being horizontal using protocol. Actual communications is via interfaces (and the physical communications medium). Peer process idea is key to network design. 21 Protocol Layering The Downside Protocol layering does not solve all networking problems! Some issues need to be addressed at many layers, e.g: need to address data (say who it s for), possible need for setting up connections, data transfer rules (simplex, half-duplex,...), error management, deal with message component re-ordering, flow control, routing. Layering can introduce inefficiencies. 22 Interlude: Historical Background Current networks (even telephony) are packetbased Davies (NPL, UK), Baran (RAND, US) ARPANET resulted from a proposal to interconnect research computer facilities funded by DARPA (Roberts, 1967) Even during the first phase, ARPANET interconnected heterogeneous computer systems Survivability against thermonuclear attack was not a priority despite persistent legends 23 Network Types (1) Connection-oriented Networks Example: POTS system (at least before the transition to digital networks) Circuits are used exclusively for the duration of a connection Hierarchical addressing mechanism (prefix-free codes..) Vulnerability in case of component failure Intelligence is located in the network components Edge devices are dumb Unsuitable for data traffic: Fluctuations in bandwidth requirements make dedicated channels inefficient 24

7 Network Types (2) Network Topologies (Baran, 1963) Packet-based (Connectionless) Networks Data streams are disassembled into datagrams (packets) Packets are routed independently through the network Each node only needs to know about the next hop Optimizes the utilization of available bandwith Intelligence is located in the edge device Connections can be simple point-to-point lines First ARPANET Connection (Sep. 69) The First Network Interface Card The ARPANET team at BBN Honeywell

8 Structure of an NCP Datagram Host/IMP-IMP/Host Communication First Successful ARPANET Data Transmission 1.3 Internetworking and Routing No single networking technology can satisfy all requirements. Universal interconnection is desired. Protocols allow communication between nodes without understanding underlying mechanisms. Internetworking is the process by which a group of disparate, heterogeneous networks can be linked to form a single logical network. The Internet is just such a collection Universal interconnection is achieved through use of coordination of IP addressing and use of IP protocol

9 Routing Protocol Layering and Routing Routing is the mechanism used to transfer data between networks to reach the correct destination. Host A Application Layer HTTP Message Host B Application Layer Web Browser Network A Router Network B Web Server In TCP/IP, routing takes place at the IP layer: routers are not aware of transport and application layers. 33 Transport Layer Internet Layer NetworkInterface IP Datagram Ethernet Frame Physical Network TCP Packet Router Internet Layer Network Layer IP Datagram Ethernet Frame Physical Network Transport Layer Internet Layer Network Interface The OSI Reference Model OSI Reference Model an internationally standardised network architecture. An abstract representation of an ideal network protocol stack; not used in real networks. OSI = Open Systems Interconnection. Specified in ISO Model has 7 layers (with some variants splitting layer 2 into sub-layers). The OSI Model Layer 7 Layer 6 Layer 5 Layer 4 Layer 3 Layer 2 Layer 1 Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data Link Layer Physical Layer 35 36

10 Lower/Upper Layers Layers 1-4 often referred to as lower layers. Layers 5-7 are the upper layers. Lower layers relate more closely to the communications technology. Layers 1 3 manage the communications subnet. the entire set of communications nodes required to manage comms. between a pair of machines. Layers 4 7 are true end-to-end protocols. Upper layers relate to application. Layer 7: Application Layer Home to wide variety of protocols for specific user needs, e.g.: virtual terminal service, file transfer, electronic mail, directory services Layer 6: Presentation Layer Concerned with representation of transmitted data. Deals with different data representations. ASCII or EBCDIC, one s complement or two s complement, byte ordering conventions, floating point conventions (IEEE or proprietary). Also deals with data compression Mostly a conceptual layer, typically these functions are subsumed by applications combining layer 6/7 functionality Layer 5: Session Layer Allows establishment of sessions between machines, e.g. to allow remote logins provide file transfer service. Responsible for: Dialogue control which entity sends when with half-duplex communications? Token management E.g. control which entity can perform an operation on shared data. Synchronization E.g. insertion of checkpoints in large data transfers

11 Layer 4: Transport Layer Basic function is to take data from Session Layer, split it up into smaller units, and ensure that the units arrive correctly. Concerned with efficient provision of service. maybe multiple connections per session or multiple sessions per connection. The Transport Layer also determines the type of service to provide to the Session Layer. most commonly, error-free, point-to-point, with guarantee of correct ordering of data. could be transport of isolated messages only (no ordering guarantees) or broadcast. 41 Layer 3: Network Layer Provides uniform addressing scheme for network addresses. Shields upper layers from details of lower layers. A key responsibility is control of routing. Routing can be based on: static tables, determined at start of session, highly dynamic (varying for each packet depending on network load). Also responsible for congestion control and usage monitoring. 42 Layer 2: Data Link Layer Provides reliable, error-free service on top of raw Layer 1 service. corrects errors at the bit level. Breaks data into frames. requires creation of frame boundaries using special bit sequences. Frames used to manage errors via acknowledgements and selective frame retransmission. Layer 1: Physical Layer Concerned with bit transmission over physical channel. Issues include: definition of 0/1, typically using more complex modulation schemes (OFDM/QFDM) encoding multiple bits in single transmission signals whether channel simplex/duplex, connector design. Mechanical, electrical, procedural matters

12 Internet Protocols vs OSI Services in the OSI Model Application TCP IP Application Presentation Session Transport Network In OSI model, each layer provide services to layer above, and consumes services provided by layer below. Active elements in a layer are called entities. Entities in same layer in different machines are called peer entities. 2 Network Interface Data Link 2 1 Hardware Physical Services and Protocols Layering Principles Service Set of primitives provided by one layer to layer above. Service defines what layer can do (but not how it does it). Protocol Set of rules governing data communication between peer entities, i.e. format and meaning of frames/packets. Service/protocol decoupling is very important for easing change and upgrade paths Protocols tend to be extremely long-lived, so adaptation should not require operation of multiple parallel revisions (n+1) Entity Service User SDU (n) Entity Service Provider n+1 PDU Layer n+1 protocol Layer n Service Access Point (SAP) Layer n protocol n PDU (n+1) Entity Service User (n) Entity Service Provider PDU - Protocol Data Unit SDU - Service Data Unit 47 48

13 Connections Layers can offer connection-oriented or connectionless services. Connection-oriented like telephone system. Connectionless like postal system. Not all applications need connections In some applications (time-sensitive, or pointmultipoint protocols) connections are undesirable Each service has an associated Quality-ofservice (e.g. reliable or unreliable). Reliability Issues Reliable services never lose/corrupt data. Reliable service costs more Bandwidth, latency, storage, Typical application for reliable service is file transfer. Typical application not needing reliable service is voice traffic The human auditory system is highly sensitive to jitter: Drop-outs of voice signals are tolerated much better than delayed and jittery signals Objectives of Lecture IC3 - Network Security Lecture 1, Part 2 Introduction to Network Security Understand why security should be a fundamental consideration when designing and operating networks. Examine the primary enabling threats and fundamental threats to security for networks. Introduce security services and mechanisms, and show how they can be used to counter threats. Study the provision of security services at different network layers in ISO CINS/F1-01

14 Contents 1.5 Why network security? 1.6 Security policies for networks 1.7 Security threats for networks 1.8 Security services and mechanisms 1.9 Security services and layers 1.5 Why Network Security? Organisations and individuals are increasingly reliant on networks of all kinds for day-to-day operations: used in preference to letter, fax, telephone for many routine communications (and some where we ought to know better). B2B and C2B e-commerce still growing rapidly. The Internet is a vast repository of information of all kinds: competitors and their prices, stock markets, cheap flights,. Increased reliance on networks for supply chains of all kinds: from supermarkets to aircraft components. Utility companies control plant operations (SCADA), banks move money, governments talk to citizens over networks. Growth of mobile telephony for voice and data (GPRS/EDGE, HSDPA, 3G services...) Why Network Security? Why Network Security? Networks are becoming increasingly inter-connected and their security consequently more complex: If I send sensitive data over my internal network, then who else can see it or even alter it? My employees? My competitors? Can a hacker who gets into my internal network then obtain access to other resources (computer accounts, stored data)? Can he use my network as a stepping-off point for further attacks? I am then liable? A compelling Internet presence is essential for my company, but if someone can see my website, can they alter (deface) it too? How can consumers trust that a given website is that of a reputable company and not one who will mis-use their credit card details? Phishing and Pharming activities, social engineering 55 Safeguarding the confidentiality, integrity and availability of data carried on these various networks is therefore essential. Authenticity and accountability are often also important: who did what and when? It s not only about security of Internet-connected systems. Insider threats are often more potent than threats originating on the Internet. It s not only about TCP/IP networks. Many networks use special-purpose protocols and architectures. However TCP/IP dominates in LANs and the Internet and is increasingly used also in wildly inappropriate environments 56

15 1.6 Security Policies for Networks In this and the following sections, we follow the approach of ISO A companion document to ISO (the seven layer model), Provides a useful overview of the security issues pertinent to networks, Equips us with a handy set of definitions to fix our terminology. Security Policies for Networks In a secure system, the rules governing security behaviour should be made explicit in the form of an Information Security Policy. Security policy: the set of criteria for the provision of security services Essentially, a set of rules May be very high level or quite detailed, but typically does not include implementation details Security domain: the scope of application of a security policy. where, to what information and to whom the policy applies Security Policies for Networks A network security policy should interpret the overall Information Security Policy in the context of the networked environment: Defines what is the responsibility of the network and what is not. Describes what security is to be available from the network. Describes rules for using the network. Describes who is responsible for the management and security of the network. Generic Security Policy A generic authorization policy (from ISO ): Information may not be given to, accessed by, nor permitted to be inferred by, nor may any resource be used by, those not appropriately authorized. Possible basis for more detailed policy: needs lots of refinement to produce final document: What information? What resources? Who is authorized and for what? What about availability? 59 60

16 The Security Life-Cycle A generic model for the security life-cycle, including network security issues, can include the following steps: Define security policy, Analyze security threats (according to policy) and associated risks, given existing safeguards, Define security services to meet/reduce threats, in order to bring risks down to acceptable levels, Define security mechanisms to provide services, Provide on-going management of security. Security policy in general will be covered in more detail in IC Security Threats for Networks A threat is: a person, thing, event or idea which poses some danger to an asset (in terms of confidentiality, integrity, availability or legitimate use). a possible means by which a security policy may be breached. An attack is a realization of a threat. Safeguards are measures (e.g. controls, procedures) to protect against threats. Vulnerabilities are weaknesses in safeguards Risk Risk is a measure of the cost of a vulnerability (taking into account probability of a successful attack). Risk analysis determines whether expenditure on new or better safeguards is warranted. Risk analysis can be quantitative or qualitative. Risk analysis will be covered in more detail in IC1. Threats Threats can be classified as: deliberate (e.g. hacker penetration); accidental (e.g. a sensitive file being sent to the wrong address). Deliberate threats can be further sub-divided: passive (e.g. monitoring, wire-tapping); active (e.g. changing the value of a financial transaction). In general passive threats are easier to realise than active ones

17 Fundamental Threats Four fundamental threats (matching four standard security goals: confidentiality, integrity, availability, legitimate use): Information leakage, Integrity violation, Denial of service, Illegitimate use. (There are other ways to classify threats some are application dependent: E.g. timeliness and trustworthiness) 65 Fundamental Threat Examples Information Leakage Prince Charles mobile phone calls, Integrity violation USA Today, falsified reports of missile attacks on Israel, 7/2002. Denial of service Hacks in 1999/2000 have turned into lucrative organized crime (blackmail) activity Illegitimate use Cloning of first generation mobile phone identities. Phone phreaking. 66 Primary Enabling Threats Realization of any of these primary enabling threats can lead directly to a realization of a fundamental threat: Masquerade, Bypassing controls, Authorization violation, Trojan horse, Trapdoor. First three are penetration threats, last two are planting threats. Primary Enabling Threat Examples Masquerade Phishing attacks on on-line bank accounts Illegitimate Use Other OC activities, political smear campaigns, Bypassing controls ADSL modem passwords, carding for cable/sat TV Illegitimate Use Authorization violation Students running mp3 download site from University computers Illegitimate Use Trojan horse PWSteal.Trojan, 1999 Information Leakage Trapdoor Ken Thompson, Unix login Reflections on Trusting Trust, Illegitimate Use 67 68

18 1.8 Security Services and Mechanisms A security threat is a possible means by which a security policy may be breached (e.g. loss of integrity or confidentiality). A security service is a measure which can be put in place to address a threat (e.g. provision of confidentiality). A security mechanism is a means to provide a service (e.g. encryption, digital signature). 69 Security Service Classification Security services in ISO are a special class of safeguard applying to a communications environment. Five main categories of security service: Authentication (including entity authentication and origin authentication), Access control, Data confidentiality, Data integrity, Non-repudiation. Sixth category: other includes physical security, personnel security, computer security, life-cycle controls, 70 Authentication Entity authentication provides checking of a claimed identity at a point in time. Typically used at start of a connection. Addresses masquerade and replay threats. Origin authentication provides verification of source of data. Does not protect against replay or delay. Lots of examples in Lectures 4, 5 and 6 on secure protocols. Access Control Provides protection against unauthorized use of resource, including: use of a communications resource, reading, writing or deletion of an information resource, execution of a processing resource. Example: file permissions in Unix/NT file systems

19 Data Confidentiality Protection against unauthorized disclosure of information. Four types: Connection confidentiality, Connectionless confidentiality, Selective field confidentiality, Traffic flow confidentiality. Example: encrypting routers as part of SWIFT funds transfer network. Does not protect against eavesdropping at end-points Example: winnowing and chaffing ( 73 Data Integrity Provides protection against active threats to the validity of data. Five types: Connection integrity with recovery, Connection integrity without recovery, Selective field connection integrity, Connectionless integrity, Selective field connectionless integrity. Example: MD5 hashes on software at Example: AH protocol in IPSec (Lecture 8/9). 74 Non-repudiation Protects against a sender of data denying that data was sent (non-repudiation of origin). Protects against a receiver of data denying that data was received (non-repudiation of delivery). Example: analogous to signing a letter and sending via recorded delivery. Example: signatures in S/MIME secure system (Lecture 5). Security Mechanisms Exist to provide and support security services. Can be divided into two classes: Specific security mechanisms, used to provide specific security services, and Pervasive security mechanisms, not specific to particular services

20 Specific Security Mechanisms Eight types: encipherment, digital signature, access control mechanisms, data integrity mechanisms, authentication exchanges, traffic padding, routing control, notarization. Specific Mechanisms 1 Encipherment mechanisms = encryption algorithms. Can provide data and traffic flow confidentiality. Covered in detail in IC2 Digital signature mechanisms signing procedure (private), verification procedure (public). Can provide non-repudiation, origin authentication and data integrity services. Also addressed in detail in IC2 Both can be basis of some authentication exchange mechanisms Specific Mechanisms 2 Access Control mechanisms A server using client information to decide whether to grant access to resources E.g. access control lists, capabilities, security labels. A major topic in IC4 Data integrity mechanisms Protection against modification of data. Provide data integrity and origin authentication services. Also basis of some authentication exchange mechanisms. Discussed further in IC2 Authentication exchange mechanisms Provide entity authentication service. Covered in detail in IC3 Lecture Specific Mechanisms 3 Traffic padding mechanisms The addition of chaff data to conceal real volumes and patterns of data traffic. Provides traffic flow confidentiality. Routing control mechanisms Used to prevent sensitive data using insecure channels. E.g. route might be chosen to use only physically secure network components. Notarization mechanisms Integrity, origin and/or destination of data can be guaranteed by using a 3rd party trusted notary. Notary typically applies a cryptographic transformation to the data. 80

21 Pervasive Security Mechanisms Five types identified: trusted functionality, security labels, event detection, security audit trail, security recovery. Pervasive Mechanisms 1 Trusted functionality Any functionality providing or accessing security mechanisms should be trustworthy. May involve combination of software and hardware. Security labels Any resource (e.g. stored data, processing power, communications bandwidth) may have security label associated with it to indicate security sensitivity. Similarly labels may be associated with users. Labels may need to be securely bound to transferred data Pervasive Mechanisms 2 Event detection Includes detection of attempted security violations, legitimate security-related activity. Can be used to trigger event reporting (alarms), event logging, automated recovery. Security audit trail Log of past security-related events. Permits detection and investigation of past security breaches. Security recovery Includes mechanisms to handle requests to recover from security failures. May include immediate abort of operations, temporary invalidation of an entity, addition of entity to a blacklist. 83 Services Versus Mechanisms ISO indicates which mechanisms can be used to provide which services. Illustrative NOT definitive. Omissions include: use of integrity mechanisms to help provide authentication services, use of encipherment to help provide non-repudiation service (as part of notarization). 84

22 Service/Mechanism Table 1 Service/Mechanism Table 2 Mechanism Enciph- Digital Service erment sign. Entity authentication Origin authentication Access control Connection confidentiality Connectionless confidentiality Selective field confidentiality Traffic flow confidentiality Access Control Connection integrity with recovery Connection integrity without recovery Selective field connection integrity Connectionless integrity Selective field connectionless integrity Non-repudiation of origin Non-repudiation of delivery Data integrity Service Entity authentication Mechanism Auth. exchange Traffic padding Origin authentication Access control Connection confidentiality Connectionless confidentiality Selective field confidentiality Traffic flow confidentiality Connection integrity with recovery Connection integrity without recovery Selective field connection integrity Connectionless integrity Selective field connectionless integrity Non-repudiation of origin Non-repudiation of delivery Routing Control Notarisation Security Services And Layers ISO lays down which security services can be provided in which of the 7 layers. Layers 1 and 2 may only provide confidentiality services. Layers 3/4 may provide many services. Layer 7 may provide all services. A set of principles dictate which services can/should be provided at which layers. We ll return to this issue in Lectures 8/9. Service/Layer Table Layer Layer Layer Layer Layer Layer Layer Service /6 7 Entity authentication Origin authentication Access control Connection confidentiality Connectionless confidentiality Selective field confidentiality Traffic flow confidentiality Connection integrity with recovery Connection integrity without recovery Selective field connection integrity Connectionless integrity Selective field connectionless integrity Non-repudiation of origin Non-repudiation of delivery 87 88

Objectives of Lecture. Network Architecture. Protocols. Contents

Objectives of Lecture. Network Architecture. Protocols. Contents Objectives of Lecture Network Architecture Show how network architecture can be understood using a layered approach. Introduce the OSI seven layer reference model. Introduce the concepts of internetworking

More information

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012 Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret

More information

Network Security. Network Security Hierarchy. CISCO Security Curriculum

Network Security. Network Security Hierarchy. CISCO Security Curriculum Network Security Network Security Hierarchy Material elaborat dupa: CISCO Security Curriculum Kenny Paterson s Lectures for: M.Sc. in Information Security, Royal Holloway, University of London 1 Objectives

More information

IY2760/CS3760: Part 6. IY2760: Part 6

IY2760/CS3760: Part 6. IY2760: Part 6 IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily

More information

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶 Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course

More information

Chap. 1: Introduction

Chap. 1: Introduction Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed

More information

- OSI Reference Model -

- OSI Reference Model - 1 Network Reference Models - OSI Reference Model - A computer network connects two or more devices together to share information and services. Multiple networks connected together form an internetwork.

More information

The OSI and TCP/IP Models. Lesson 2

The OSI and TCP/IP Models. Lesson 2 The OSI and TCP/IP Models Lesson 2 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Introduction to the OSI Model Compare the layers of the OSI and TCP/IP

More information

Communications and Computer Networks

Communications and Computer Networks SFWR 4C03: Computer Networks and Computer Security January 5-8 2004 Lecturer: Kartik Krishnan Lectures 1-3 Communications and Computer Networks The fundamental purpose of a communication system is the

More information

The OSI model has seven layers. The principles that were applied to arrive at the seven layers can be briefly summarized as follows:

The OSI model has seven layers. The principles that were applied to arrive at the seven layers can be briefly summarized as follows: 1.4 Reference Models Now that we have discussed layered networks in the abstract, it is time to look at some examples. In the next two sections we will discuss two important network architectures, the

More information

Introduction OSI Model Open Systems Interconnection OSI OSI Seven Layer Model

Introduction OSI Model Open Systems Interconnection OSI OSI Seven Layer Model OSI MODEL 1 Introduction Open Systems Interconnection Basic Reference Model (OSI Reference Model or OSI Model) is an abstract description for layered communications and computer network protocol design.

More information

Protocols and Architecture. Protocol Architecture.

Protocols and Architecture. Protocol Architecture. Protocols and Architecture Protocol Architecture. Layered structure of hardware and software to support exchange of data between systems/distributed applications Set of rules for transmission of data between

More information

Protocols. Packets. What's in an IP packet

Protocols. Packets. What's in an IP packet Protocols Precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet Protocol (bottom level) all packets shipped from network to network as IP packets

More information

The ISO/OSI Reference Model

The ISO/OSI Reference Model The ISO/OSI Reference Model The Model Functionality of Layers Example Networks The OSI Model Basic principles of layered architecture: Each layer means different layer of abstraction Each layer should

More information

Data Communications Prof. Ajit Pal Dept. of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture # 02 Layered Architecture

Data Communications Prof. Ajit Pal Dept. of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture # 02 Layered Architecture Data Communications Prof. Ajit Pal Dept. of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture # 02 Layered Architecture Hello viewers, welcome to the second lecture of the

More information

Protocol Hierarchies Design Issues for the Layers Connection-Oriented and Connectionless Services Service Primitives The Relationship of Services to

Protocol Hierarchies Design Issues for the Layers Connection-Oriented and Connectionless Services Service Primitives The Relationship of Services to LAYERING ARCHITECTURE OF NETWORKS Network Software Protocol Hierarchies Design Issues for the Layers Connection-Oriented and Connectionless Services Service Primitives The Relationship of Services to Protocols

More information

Cryptography and Network Security Sixth Edition by William Stallings

Cryptography and Network Security Sixth Edition by William Stallings Cryptography and Network Security Sixth Edition by William Stallings Chapter 1 Overview The combination of space, time, and strength that must be considered as the basic elements of this theory of defense

More information

CPS221 Lecture: Layered Network Architecture

CPS221 Lecture: Layered Network Architecture CPS221 Lecture: Layered Network Architecture Objectives last revised 9/10/12 1. To discuss the OSI layered architecture model 2. To discuss the specific implementation of this model in TCP/IP Materials:

More information

Protocols and Architecture

Protocols and Architecture Protocols and Architecture 1 Protocol Architecture Layered structure of hardware and software that supports the exchange of data between systems as well as a distributed application (e.g. email or file

More information

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2

More information

Network Architecture and the OSI Reference Model

Network Architecture and the OSI Reference Model Network Architecture and the OSI Reference Model Advanced Computer Networks D12 Architecture Outline The Internet and IP Network Architecture Protocols and s Encapsulation The OSI Reference Model The Seven

More information

A Layered Approach to Computer Networks

A Layered Approach to Computer Networks A Layered Approach to Computer Networks Physical Layer Data Link Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer Different layer of abstraction Different error control

More information

Computer Networks Vs. Distributed Systems

Computer Networks Vs. Distributed Systems Computer Networks Vs. Distributed Systems Computer Networks: A computer network is an interconnected collection of autonomous computers able to exchange information. A computer network usually require

More information

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet Basic Networking Concepts 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet 1 1. Introduction -A network can be defined as a group of computers and other devices connected

More information

Communication Networks. MAP-TELE 2011/12 José Ruela

Communication Networks. MAP-TELE 2011/12 José Ruela Communication Networks MAP-TELE 2011/12 José Ruela Network basic mechanisms Network Architectures Protocol Layering Network architecture concept A network architecture is an abstract model used to describe

More information

Advanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech

Advanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Advanced Topics in Distributed Systems Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Security Introduction Based on Ch1, Cryptography and Network Security 4 th Ed Security Dr. Ayman Abdel-Hamid,

More information

SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005. Lecturer: Kartik Krishnan Lecture 1-3

SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005. Lecturer: Kartik Krishnan Lecture 1-3 SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005 Lecturer: Kartik Krishnan Lecture 1-3 Communications and Computer Networks The fundamental purpose of a communication network is the exchange

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Third Edition by William Stallings Lecture slides by Shinu Mathew John http://shinu.info/ Chapter 1 Introduction http://shinu.info/ 2 Background Information Security requirements

More information

Review of Networking Concepts. Part 2: Protocols and Services

Review of Networking Concepts. Part 2: Protocols and Services Review of ing Concepts Part 2: Protocols and Services ed Protocol Architectures Services OSI Reference Model Summary of Topics Protocol, s, Encapsulation Services Protocol Architecture OSI Reference Model

More information

Protocol Architecture

Protocol Architecture Protocol Architecture ed Protocol Architectures OSI Reference Model TCP/IP Protocol Stack Need for Protocols The task of exchanging information between devices requires a high degree of cooperation between

More information

COMPUTER NETWORKS NETWORK ARCHITECTURE AND PROTOCOLS

COMPUTER NETWORKS NETWORK ARCHITECTURE AND PROTOCOLS COMPUTER NETWORKS NETWORK ARCHITECTURE AND PROTOCOLS The Need for Standards Computers have different architectures, store data in different formats and communicate at different rates Agreeing on a particular

More information

Computer Network. Interconnected collection of autonomous computers that are able to exchange information

Computer Network. Interconnected collection of autonomous computers that are able to exchange information Introduction Computer Network. Interconnected collection of autonomous computers that are able to exchange information No master/slave relationship between the computers in the network Data Communications.

More information

THE OSI REFERENCE MODEL

THE OSI REFERENCE MODEL THE OSI REFERENCE MODEL Design issues for the Layers Mechanism for identifying senders and receivers ec a s o de t y g se de s a d ece e s Rules for data transfer (Simplex, Half Duplex, Full Duplex) Error

More information

ICS 153 Introduction to Computer Networks. Inst: Chris Davison cbdaviso@uci.edu

ICS 153 Introduction to Computer Networks. Inst: Chris Davison cbdaviso@uci.edu ICS 153 Introduction to Computer Networks Inst: Chris Davison cbdaviso@uci.edu 1 ICS 153 Introduction to Computer Networks Course Goals Understand the basic principles of computer networks Design Architecture

More information

Overview of Computer Networks

Overview of Computer Networks Overview of Computer Networks Client-Server Transaction Client process 4. Client processes response 1. Client sends request 3. Server sends response Server process 2. Server processes request Resource

More information

Module 1. Introduction. Version 2 CSE IIT, Kharagpur

Module 1. Introduction. Version 2 CSE IIT, Kharagpur Module 1 Introduction Lesson 2 Layered Network Architecture Specific Functional Objectives On Completion of this lesson, the students will be able to: State the requirement for layered approach Explain

More information

Understanding TCP/IP. Introduction. What is an Architectural Model? APPENDIX

Understanding TCP/IP. Introduction. What is an Architectural Model? APPENDIX APPENDIX A Introduction Understanding TCP/IP To fully understand the architecture of Cisco Centri Firewall, you need to understand the TCP/IP architecture on which the Internet is based. This appendix

More information

Cryptography and Network Security 1. Overview. Lectured by Nguyễn Đức Thái

Cryptography and Network Security 1. Overview. Lectured by Nguyễn Đức Thái Cryptography and Network Security 1. Overview Lectured by Nguyễn Đức Thái Outline Security concepts X.800 security architecture Security attacks, services, mechanisms Models for network (access) security

More information

Local Area Networks: Internetworking

Local Area Networks: Internetworking Local Area Networks: Internetworking Chapter 81 Learning Objectives List the reasons for interconnecting multiple local area networks and interconnecting local area networks to wide area networks. Identify

More information

William Stallings Data and Computer Communications 7 th Edition. Chapter 2 Protocols and Architecture

William Stallings Data and Computer Communications 7 th Edition. Chapter 2 Protocols and Architecture William Stallings Data and Computer Communications 7 th Edition Chapter 2 Protocols and Architecture Need For Protocol Architecture E.g. File transfer Source must activate comms. Path or inform network

More information

Chapter 5. Data Communication And Internet Technology

Chapter 5. Data Communication And Internet Technology Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN

More information

The OSI Model and the TCP/IP Protocol Suite. Pritee Parwekar ANITS 1

The OSI Model and the TCP/IP Protocol Suite. Pritee Parwekar ANITS 1 The OSI Model and the TCP/IP Protocol Suite Pritee Parwekar ANITS 1 To study To discuss the idea of multiple layering in data communication and networking and the interrelationship between layers. To discuss

More information

Layered Architectures and Applications

Layered Architectures and Applications 1 Layered Architectures and Applications Required reading: Garcia 2.1, 2.2, 2.3 CSE 3213, Fall 2010 Instructor: N. Vlajic 2 Why Layering?! 3 Montreal London Paris Alice wants to send a mail to Bob and

More information

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

CSE 3461 / 5461: Computer Networking & Internet Technologies

CSE 3461 / 5461: Computer Networking & Internet Technologies Autumn Semester 2014 CSE 3461 / 5461: Computer Networking & Internet Technologies Instructor: Prof. Kannan Srinivasan 08/28/2014 Announcement Drop before Friday evening! k. srinivasan Presentation A 2

More information

IP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life

IP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life Overview Dipl.-Ing. Peter Schrotter Institute of Communication Networks and Satellite Communications Graz University of Technology, Austria Fundamentals of Communicating over the Network Application Layer

More information

Computer Networks CS321

Computer Networks CS321 Computer Networks CS321 Dr. Ramana I.I.T Jodhpur Dr. Ramana ( I.I.T Jodhpur ) Computer Networks CS321 1 / 22 Outline of the Lectures 1 Introduction OSI Reference Model Internet Protocol Performance Metrics

More information

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY) E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system

More information

Lecture 28: Internet Protocols

Lecture 28: Internet Protocols Lecture 28: Internet Protocols 15-110 Principles of Computing, Spring 2016 Dilsun Kaynar, Margaret Reid-Miller, Stephanie Balzer Reminder: Exam 2 Exam 2 will take place next Monday, on April 4. Further

More information

Topics. Computer Networks. Let s Get Started! Computer Networks: Our Definition. How are Networks Used by Computers? Computer Network Components

Topics. Computer Networks. Let s Get Started! Computer Networks: Our Definition. How are Networks Used by Computers? Computer Network Components Topics Use of networks Network structure Implementation of networks Computer Networks Introduction Let s Get Started! Networking today: Where are they? Powerful computers are cheap Networks are everywhere

More information

Notes on Network Security - Introduction

Notes on Network Security - Introduction Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network

More information

Chapter 9. IP Secure

Chapter 9. IP Secure Chapter 9 IP Secure 1 Network architecture is usually explained as a stack of different layers. Figure 1 explains the OSI (Open System Interconnect) model stack and IP (Internet Protocol) model stack.

More information

CN1047 INTRODUCTION TO COMPUTER NETWORKING CHAPTER 2 OSI MODEL

CN1047 INTRODUCTION TO COMPUTER NETWORKING CHAPTER 2 OSI MODEL CN1047 INTRODUCTION TO COMPUTER NETWORKING CHAPTER 2 OSI MODEL OSI Model The Open Systems Interconnection model (OSI Model) is a conceptual model that characterizes and standardizes the communication functions

More information

CS413: Computer Networks

CS413: Computer Networks CS413: Computer Networks 2005 Fall Term Midterm Exam Solution Student ID: Name: Problem No. Marks Your Marks 1 16 2 5 3 5 4 7 5 4 6 7 7 3 8 3 Total 50 1 [Marking schemes are given in blue color and the

More information

Ethernet. Ethernet. Network Devices

Ethernet. Ethernet. Network Devices Ethernet Babak Kia Adjunct Professor Boston University College of Engineering ENG SC757 - Advanced Microprocessor Design Ethernet Ethernet is a term used to refer to a diverse set of frame based networking

More information

The OSI Model and the TCP/IP Protocol Suite PROTOCOL LAYERS. Hierarchy. Services THE OSI MODEL

The OSI Model and the TCP/IP Protocol Suite PROTOCOL LAYERS. Hierarchy. Services THE OSI MODEL The OSI Model and the TCP/IP Protocol Suite - the OSI model was never fully implemented. - The TCP/IP protocol suite became the dominant commercial architecture because it was used and tested extensively

More information

Introduction Chapter 1. Uses of Computer Networks

Introduction Chapter 1. Uses of Computer Networks Introduction Chapter 1 Uses of Computer Networks Network Hardware Network Software Reference Models Example Networks Network Standardization Metric Units Revised: August 2011 Uses of Computer Networks

More information

Network Security. Vorlesung Kommunikation und Netze SS 10 E. Nett

Network Security. Vorlesung Kommunikation und Netze SS 10 E. Nett Network Security Internet not originally designed with (much) security in mind original vision: a group of mutually trusting users attached to a transparent network Security considerations in all layers!

More information

Transport and Network Layer

Transport and Network Layer Transport and Network Layer 1 Introduction Responsible for moving messages from end-to-end in a network Closely tied together TCP/IP: most commonly used protocol o Used in Internet o Compatible with a

More information

1 Introduction to mobile telecommunications

1 Introduction to mobile telecommunications 1 Introduction to mobile telecommunications Mobile phones were first introduced in the early 1980s. In the succeeding years, the underlying technology has gone through three phases, known as generations.

More information

Information System Security

Information System Security Information System Security Chapter 1:Introduction Dr. Lo ai Tawalbeh Faculty of Information system and Technology, The Arab Academy for Banking and Financial Sciences. Jordan Chapter 1 Introduction The

More information

EE4367 Telecom. Switching & Transmission. Prof. Murat Torlak

EE4367 Telecom. Switching & Transmission. Prof. Murat Torlak Packet Switching and Computer Networks Switching As computer networks became more pervasive, more and more data and also less voice was transmitted over telephone lines. Circuit Switching The telephone

More information

Overview of TCP/IP. TCP/IP and Internet

Overview of TCP/IP. TCP/IP and Internet Overview of TCP/IP System Administrators and network administrators Why networking - communication Why TCP/IP Provides interoperable communications between all types of hardware and all kinds of operating

More information

Protocol Data Units and Encapsulation

Protocol Data Units and Encapsulation Chapter 2: Communicating over the 51 Protocol Units and Encapsulation For application data to travel uncorrupted from one host to another, header (or control data), which contains control and addressing

More information

The OSI Model and the TCP/IP Protocol Suite

The OSI Model and the TCP/IP Protocol Suite The OSI Model and the TCP/IP Protocol Suite To discuss the idea of multiple layering in data communication and networking and the interrelationship between layers. To discuss the OSI model and its layer

More information

The OSI Model: Understanding the Seven Layers of Computer Networks

The OSI Model: Understanding the Seven Layers of Computer Networks Rab Nawaz Khan Jadoon Lecturer Department of Computer Sciences COMSATS Institute of Information Technology, Lahore, Pakistan Email: rabnawaz@ciitlahore.edu.pk Home: http://jadoon956.wordpress.com The OSI

More information

ISO-OSI 7-Layer Network Architecture

ISO-OSI 7-Layer Network Architecture ISO-OSI 7-Layer Network Architecture This lecture introduces the ISO-OSI layered architecture of Networks. According to the ISO standards, networks have been divided into 7 layers depending on the complexity

More information

CSCI 362 Computer and Network Security

CSCI 362 Computer and Network Security The Purpose of ing CSCI 362 Computer and Security Introduction to ing Goals: Remote exchange and remote process control. A few desirable properties: Interoperability, Flexibility, Geographical range, Scalability,

More information

Chapter 2 - The TCP/IP and OSI Networking Models

Chapter 2 - The TCP/IP and OSI Networking Models Chapter 2 - The TCP/IP and OSI Networking Models TCP/IP : Transmission Control Protocol/Internet Protocol OSI : Open System Interconnection RFC Request for Comments TCP/IP Architecture Layers Application

More information

ELEC3030 Computer Networks

ELEC3030 Computer Networks ELEC3030 Computer Networks Professor Sheng Chen: Building 86, Room 1021 E-mail: sqc@ecs.soton.ac.uk Download lecture slides from: http://www.ecs.soton.ac.uk/ sqc/el336/ or get them from Course Office (ECS

More information

TCP/IP Protocol Architecture. The Need For Protocol Architecture

TCP/IP Protocol Architecture. The Need For Protocol Architecture TCP/IP Protocol Architecture CSE 3213 Fall 2011 1 The Need For Protocol Architecture 1.) the source must activate communications path or inform network of destination 2.) the source must make sure that

More information

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Internet Protocol: IP packet headers. vendredi 18 octobre 13 Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)

More information

Introduction to Networking S Y STEMS

Introduction to Networking S Y STEMS Introduction to Networking CS 40: INTRODUCTION TO U NIX A ND L I NUX O P E R AT ING S Y STEMS Objectives Introduce networking, including what it is and what it contains, which includes: Networking layers

More information

EITF25 Internet Techniques and Applications L5: Wide Area Networks (WAN) Stefan Höst

EITF25 Internet Techniques and Applications L5: Wide Area Networks (WAN) Stefan Höst EITF25 Internet Techniques and Applications L5: Wide Area Networks (WAN) Stefan Höst Data communication in reality In reality, the source and destination hosts are very seldom on the same network, for

More information

Lecture 5. Different Kinds of Networks. Multiaccess vs Point-to-Point. Multiaccess vs. Point-to-Point. Local Area Networks. Wide Area Networks

Lecture 5. Different Kinds of Networks. Multiaccess vs Point-to-Point. Multiaccess vs. Point-to-Point. Local Area Networks. Wide Area Networks Different Kinds of Networks Lecture 5 Computer Networks January 24, 2005 Circuit switching: One electrical circuit assigned to each communication. Example: phone network. Guaranteed constant quality of

More information

Zarządzanie sieciami telekomunikacyjnymi

Zarządzanie sieciami telekomunikacyjnymi What Is an Internetwork? An internetwork is a collection of individual networks, connected by intermediate networking devices, that functions as a single large network. Internetworking refers to the industry,

More information

UPPER LAYER SWITCHING

UPPER LAYER SWITCHING 52-20-40 DATA COMMUNICATIONS MANAGEMENT UPPER LAYER SWITCHING Gilbert Held INSIDE Upper Layer Operations; Address Translation; Layer 3 Switching; Layer 4 Switching OVERVIEW The first series of LAN switches

More information

Layered protocol (service) architecture

Layered protocol (service) architecture Layered protocol (service) architecture The Internet is complex! many pieces : hosts access network routers links of various media applications protocols Question: Is there any hope of organizing a structure

More information

INF3510 Information Security University of Oslo Spring 2011. Lecture 9 Communication Security. Audun Jøsang

INF3510 Information Security University of Oslo Spring 2011. Lecture 9 Communication Security. Audun Jøsang INF3510 Information Security University of Oslo Spring 2011 Lecture 9 Communication Security Audun Jøsang Outline Network security concepts Communication security Perimeter security Protocol architecture

More information

Internet Technologies 3-Networking. F. Ricci 2010/2011

Internet Technologies 3-Networking. F. Ricci 2010/2011 Internet Technologies 3-Networking F. Ricci 2010/2011 Content Protocol Hierarchies Services and protocols Service Primitives Connection-Oriented and Connectionless Services Reference models OSI reference

More information

Chapter 2. The OSI Model and the TCP/IP Protocol Suite

Chapter 2. The OSI Model and the TCP/IP Protocol Suite Chapter 2 The OSI Model and the TCP/IP Protocol Suite TCP/IP Protocol Suite 1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter Outline TCP/IP Protocol

More information

EE 122: Layering and the Internet Architecture

EE 122: Layering and the Internet Architecture Organizing Functionality EE 122: Layering and the Internet Architecture Kevin Lai September 4, 2002 Many kinds of networking functionality - e.g., encoding, framing, routing, addressing, reliability, etc.

More information

PART OF THE PICTURE: The TCP/IP Communications Architecture

PART OF THE PICTURE: The TCP/IP Communications Architecture PART OF THE PICTURE: The / Communications Architecture 1 PART OF THE PICTURE: The / Communications Architecture BY WILLIAM STALLINGS The key to the success of distributed applications is that all the terminals

More information

Data Communication and Computer Network

Data Communication and Computer Network 1 Data communication principles, types and working principles of modems, Network principles, OSI model, functions of data link layer and network layer, networking components, communication protocols- X

More information

Architecture and Performance of the Internet

Architecture and Performance of the Internet SC250 Computer Networking I Architecture and Performance of the Internet Prof. Matthias Grossglauser School of Computer and Communication Sciences EPFL http://lcawww.epfl.ch 1 Today's Objectives Understanding

More information

What is CSG150 about? Fundamentals of Computer Networking. Course Outline. Lecture 1 Outline. Guevara Noubir noubir@ccs.neu.

What is CSG150 about? Fundamentals of Computer Networking. Course Outline. Lecture 1 Outline. Guevara Noubir noubir@ccs.neu. What is CSG150 about? Fundamentals of Computer Networking Guevara Noubir noubir@ccs.neu.edu CSG150 Understand the basic principles of networking: Description of existing networks, and networking mechanisms

More information

Module 11: TCP/IP Transport and Application Layers

Module 11: TCP/IP Transport and Application Layers Module 11: TCP/IP Transport and Application Layers 11.1 TCP/IP Transport Layer 11.1.1 Introduction to the TCP/IP transport layer The primary duties of the transport layer are to transport and regulate

More information

Lecture 1. Lecture Overview. Intro to Networking. Intro to Networking. Motivation behind Networking. Computer / Data Networks

Lecture 1. Lecture Overview. Intro to Networking. Intro to Networking. Motivation behind Networking. Computer / Data Networks Lecture 1 An Introduction to Networking Chapter 1, pages 1-22 Dave Novak BSAD 146, Introduction to Networking School of Business Administration University of Vermont Lecture Overview Brief introduction

More information

ECE 333: Introduction to Communication Networks Fall Lecture 2: Network Architectures

ECE 333: Introduction to Communication Networks Fall Lecture 2: Network Architectures ECE 333: Introduction to Communication Networks Fall 2001 Lecture 2: Network Architectures Layering Motivation Terminology Examples 1 Many issues to address in networks: Addressing, connection setup, code

More information

Principle of TCP/IP stack

Principle of TCP/IP stack Application note Principle of TCP/IP stack Explanation of TCP/IP stack used in this application Author : CHASSAING Jonathan GE5 2013-2014 Summary Introduction:... 2 History of TCP/IP... 2 How TCP/IP stack

More information

Table: Security Services (X.800)

Table: Security Services (X.800) SECURIT SERVICES X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers. Also the

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

SECURITY TRENDS-ATTACKS-SERVICES

SECURITY TRENDS-ATTACKS-SERVICES SECURITY TRENDS-ATTACKS-SERVICES 1.1 INTRODUCTION Computer data often travels from one computer to another, leaving the safety of its protected physical surroundings. Once the data is out of hand, people

More information

Access Control: Firewalls (1)

Access Control: Firewalls (1) Access Control: Firewalls (1) World is divided in good and bad guys ---> access control (security checks) at a single point of entry/exit: in medieval castles: drawbridge in corporate buildings: security/reception

More information

Indian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology

Indian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology Indian Institute of Technology Kharagpur TCP/IP Part I Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology Kharagpur Lecture 3: TCP/IP Part I On completion, the student

More information

Networking Test 4 Study Guide

Networking Test 4 Study Guide Networking Test 4 Study Guide True/False Indicate whether the statement is true or false. 1. IPX/SPX is considered the protocol suite of the Internet, and it is the most widely used protocol suite in LANs.

More information

cnds@napier Slide 1 Introduction cnds@napier 1 Lecture 6 (Network Layer)

cnds@napier Slide 1 Introduction cnds@napier 1 Lecture 6 (Network Layer) Slide 1 Introduction In today s and next week s lecture we will cover two of the most important areas in networking and the Internet: IP and TCP. These cover the network and transport layer of the OSI

More information

Introduction to computer networks and Cloud Computing

Introduction to computer networks and Cloud Computing Introduction to computer networks and Cloud Computing Aniel Nieves-González Fall 2015 Computer Netwoks A computer network is a set of independent computer systems that are connected by a communication

More information

WAN Data Link Protocols

WAN Data Link Protocols WAN Data Link Protocols In addition to Physical layer devices, WANs require Data Link layer protocols to establish the link across the communication line from the sending to the receiving device. 1 Data

More information

Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1 Cryptography and Network Security Chapter 1 Acknowledgments Lecture slides are based on the slides created by Lawrie Brown Chapter 1 Introduction The art of war teaches us to rely not on the likelihood

More information