Subject: System Web Security

Topic: Network Security

Difficulty: Medium

1. IP Sec Protocol

• Internet protocol security (IPsec) is a set of protocols that provides security for Internet Protocol.
• It can use cryptography to provide security.
• IPsec can be used for the setting up of virtual private networks (VPNs) in a secure manner.
• Also known as IP Security.

Basic Functions of IP sec are:

• Authentication

  With certain security mechanism, two communicating parties know that the data at destination is the same as when it's initially sent (data integrity) and that the sender is not impersonated by third party.(data origin authentication).

• Integrity

  Considered to be data integrity part of authentication (see above definition). Data is not allowed to be unmatched at source and at destination for two parties with certain security mechanism between them established.

• Confidentiality

  With certain security mechanism (so-called encryption/decryption), data is protected during transmission from third party’s knowing the content.

• Security Association (SA)

  An agreement between two communication parties on knowing and using certain combination of security mechanisms for data transmission between them. It's based on destination address and a certain index, called Security Parameters Index (SPI).

IPsec involves two security services:

• Authentication Header (AH): This authenticates the sender and it discovers any changes in data during transmission.
• Encapsulating Security Payload (ESP): This not only performs authentication for the sender but also encrypts the data being sent.

There are two modes of IPsec:

• Tunnel Mode: This will take the whole IP packet to form secure communication between two places, or gateways.

• Transport Mode: This only encapsulates the IP payload (not the entire IP packet as in tunnel mode) to ensure a secure channel of communication.

2. SSL

• "Secure Sockets Layer." SSL is a secure protocol developed for sending information securely over the Internet. Many websites use SSL for secure areas of their sites, such as user account pages and online checkout. Usually, when you are asked to "log in" on a website, the resulting page is secured by SSL.
• SSL encrypts the data being transmitted so that a third party cannot "eavesdrop" on the transmission and view the data being transmitted.
• Only the user's computer and the secure server are able to recognize the data.
• SSL keeps your name, address, and credit card information between you and merchant to which you are providing it. Without this kind of encryption, online shopping would be far too insecure to be practical.
• When you visit a Web address starting with "https," the "s" after the "http" indicates the website is secure.
• These websites often use SSL certificates to verify their authenticity.

Functions of SSL Protocol:

• Secure socket layer is used to provide the security protocol used by the Internet to provide an easy access to the websites.
• It provides a way to validate or identify the website by creating the information file and making the accessing possible.
• It creates an encrypted connection that provides the sending of the data from one source to another using the SSL.
• SSL provides a way to ensure that the security is being provided to the transaction and the data in use.

• The lock is used to display the browsers connection is closed or opened on the secure channel of SSL or TLS.

  Difference between SSL and IPsec Protocol