10 Summary
10.1 Summary of Sections 1–5
There are many terms and abbreviations relating to this topic, and it is important to understand them.
Looking at the background to network security can help to put its more technical aspects in context.
Communication networks and the data they carry are vulnerable to a range of attacks. These can be categorised as either passive or active attacks. In a passive attack, communication across a network is observed but data within messages is not interfered with and messages may not even be readable by the attacker. Traffic analysis is strongly associated with passive attacks, but may also be a legitimate process for effective network management. An active attack typically involves, for example, the modification of messages or their replay, or access to data and networks through the assumption of a false identity, leading to either the misuse of data or disruption of network services.
There are many opportunities for an attacker to gain physical access to networks and these need to be resisted by both electronic and mechanical means. The sharing of networks through, for example, the internet, provides opportunities for attack without the need for the attacker to be physically close to the target networks. Wireless LAN technology presents further opportunities for illicit network access.
Encryption is one of the fundamental building blocks of network security. Encryption transforms plaintext into ciphertext, while decryption reverses the process. Encryption systems are based on one of two basic methods. The first is a symmetric key system in which a single secret key is shared between the two communicating entities. The second is an asymmetric system which uses two mathematically related keys known as the public key and the private key. One key is used for encryption and the other for decryption. Asymmetric key systems place higher demands on processing resources than symmetric key systems and tend to be slower, but they are more scalable and they do not rely on any prior secret key exchange. Hybrid systems are a combination of symmetric and asymmetric key systems.
The implementation of encryption systems can be related to network protocol layers. Encryption can be applied in link layer or end-to-end mode. In link layer encryption, the encryption and decryption processes take place at each node along a path, but this can be expensive and slow. End-to-end encryption involves applying encryption at higher layers in the protocol stack. Network layer encryption and application layer encryption are examples. Security vulnerabilities arise when protocol header information is exposed during message transmission or at nodes where data is processed in unencrypted form.