As the technology is advancing various ways to hack data and files are generated in order to protect that data from getting manipulated and hacked network security is introduced. The use of networks and communications facilities for carrying data between users and computers is also growing. Network security measures are needed to protect data during transmission.
TCP/IP Communications Security
Here traffic is secured by using secure sockets layer (SSL) and virtual private networks (VPN). SSL is the flexible, older and more widely used protocol. To use this protocol one needs to write communicating applications. Applications do SSL processing. In VPN security is implemented at the IP or data link layer.
Aspects of security are:
• Attack: any action that compromises the security of information is security attack. Its examples are active and passive. Inactive, there is an attempt to alter system resources to affect their operation like a modification of message in transit and denial of service. In passive, there is an attempt to learn and make use of information from the system but does not affect system resources like eavesdropping and monitor transmission to obtain message contents or traffic analysis. There are various types of attacks like:
Interruption where an asset of the system is destroyed or becomes unavailable that is an attack on availability example cutting of a communication line
Interception where an unauthorized person, program, or computer gains access to an asset that attacks confidentiality example wiretapping to capture data in a network.
Modification means attack to an integrity example changing values in a data file
Fabrication where an unauthorized party inserts counterfeit objects into a system example addition of records to a data file.
• Mechanism: it is designed to detect, prevent or recover from a security attack. Most security mechanisms make use of cryptographic techniques. Encryption or encryption like transformations of information are the most common means of providing security.
• Service: it enhances the security of data processing systems and the information transfers of an organization. It makes use of one or more security mechanisms to provide the service.