Network Security,

Cyber Laws & Standards

Me Us

Kerberos : Working, AS, TGS, SS.

IP Security : Overview, Protocols - AH, ESP, Modes- transport and Tunnel.
Email security : SMTP, PEM, PGP.
y, Registration Authority, X.509/PKIX
Public Key Infrastructure (PKI) : Introduction, Certificates, Certificate authorit
certificate format.
ry, Cyber Stalking/Harassment, cyber pornography, identity theft
Cyber crime : Introduction, Hacking, Digital Forge
and fraud, cyber terrorism, cyber defamation
oduc tion , need , Cate gori es - Crim e again st individual, Government, Property.
Cyber laws: Intr
emen ting and Info rmat ion Secur ity Mana geme nt System, ISO 27001, ISO 20000,
Compliance standards : impl framework
BS 25999, PCI DSS, ITIL framework, COB IT

51 Kerberos TESA ; ;
4 Marks)
- 17,A sn
(S wn
ne
6 Marks)
the Kerberos with their AT, WAB,area
usage.

[at @ Explain
xpi te
of suitable diagram.
rv with help ieee
Explainplain the the Kerberos ———— Sec
tocol and it fs designed to provide strong authentication for client/server
Q 2
7 How it works?
a. Whatisis Ke Kerber’ os — pri
entication
~ Kerberos is a networ autthkey © ooo ee f
ide any security. There are
applications. It uses 5
ecre vee met wes er en t prot ocol s but they do nat prov
nly used by maliciou s hackers. Hence, the

ee es rg the net wor k and ie ‘co mmo

The internet wmts an insecure Plac rds of
wa
Ey network are ‘extremely vulnerab
le.

walls assume
but unfortunately, fire
k security problems
ill to solve their networassumption.
— es
men oer 2
ise firew?! bad
some es qt e utside
= tere are
tackers are O" re o
that at
 Mite on to these network security problems. i, .
ior a server and vice versa over an insecure network DiiNecsins
an encrypt all oftheir communications to assure privacy ang

fe m MIT, under copyright permissions.

fomsothat yore who wie tous i may ok vr he cade othe 3

who prefer to rely on a Professionally supp

orted product, Kerberos is available
as a
 of a Ticket Granting Ticket (IGT). It is @ simple ticket which Is
Now, the key is sent back to the client in the form
authenticating the lent fr future reference.
lssued by the Authentication Service (AS) and used for
 intimate the TGS that it has done, and sends
its own encrypted
key to

= ome
8
Ticket Grating Server (148)

Twnestam 8 arg
 =H Service Server (SS)

Fig. 5.1.6
tiated between client
8. Theclient then dec
rypts the tick
et. If the keys are stil stil valid then the communication is ini
er /aptlication.
mit logon information because
After the communi ication between the client and server, there is no need to trans
the client is authenticated until the session expires.

5.2 IP Security
Ee
(ST, 5.48, WB, 6 Marks)
h help of diagram
[an Eipiain 1PSec security wit
524 Overview ket s passes by can read the data and
any one wat chi ng the IP pac
The IP packets contain datkina in plaintext form i+ isms are there to prevent such kind of attacks
n can cha nge it. Som e ds of higher Jevel mechan uth ori zed mon itoring. Also there is en9 crneeypdtionto
eve uct ure fro m una
cure the network infra str u sing authentication and
Hence, there is 2 need to ffisec and 10 secure end-user-to-end-user
traffic
tra
control the network
mechanisms. of packets at the IP layer. it provides the secure
which Is developed to support secure andexchange
the Internetet
IPSecis a protocolacross 2 LAN, Prats ‘and public WANs, dat a during transmission.
.
communications an sp or t an d app lic ati ion lay er
J the tr
is to 10 encrypt and seal r
The overall idea of IPSEC Recolo

‘Original mag

‘Appecton
 the transport layer payload, adds iPSec Header and trailer encrypts the whole thing and
-Thu
the IPs,
header is not encrypted.
on of source and destination IP addresses,
as well as of the data itself. This provides
Ip packet consists of two portions +

ire veecer (0) Actual Data

The IPSec are implemented by adding the p heweader to standard default
IP header.
Such extension IP header follows the tandard IP heade
Basically IPSec offers two main services
© Authentication
© Confidentiality
Every service needs its s own own extension header.
‘ader. H Hence for above services, 1PS
header for authentication and another header ader forfor confidentiality
confidentiality, conn <i eolaaeaaial
IPSec consists of follow ng two main protocols.

Authentication Header (AH)

when adde d to an IP datag ram, ensur es the Intngr ity of she dato the authenticity of data’s origin and
The AHL, ts in the IP header, the AH protects the IP
optional anti-replay service By protecting the non-changing elemen
which enables data origin aut henti
cation:
address, der is
WP pack et with 2 CP OE ic checksum for contents of the packet. The AH hea
Fe irsex Ail ts a header in an need to changes
be tw ee n IP he ad e and between any subsequent packet contents, There is no of
simply ins erted
the pac ket . In this way, the security resides completely in the contents
the data contents of
the AH. :
odes transport mode and tunnel mode
Both AH can work in two m™ and the
‘A ut he nt ic at i fon Head er (AH) Is placed In between the original IP header
+ Here, the
Ait transport mode cket
original TCP header of the !?pa orig inal IP pack et 5 auth enti cate d and the AH is placed between the
comp let
-emp lete the final source and destination IP address,
AH tunnel mods pin tu innel mode, He ad er . Th e inner Ip header has
outer IP
.d New IP addr ess
Original 1P Header 2” der may conta ins different
whereas the outer IP hy ea
ft {sf tunnel mode : It
encrypts an entire ip
Packet. Here,
alg ith the ESP trailer encrypted, ip hy the ESP header is prefixed to the packet
ee andn
then the packet
information. os
Therefore this Packet cannot be ‘ader contains the desti
tanimiten vs ‘tination add ress as well as intermediate routing
ir
impossible. There! lore, @ new IP header is a »Otherwise, the delivery of the packet would be
ided, 1, which contains sufficient information
B forkey management and exchange, forrouting.
three protocols extsts :
1 Internet Security Association and Key Management Protocol eae
" iP)
o Oakley
© Secuire Key Exchange Mechanism for Inte
rnet (SKEM)
These keyey Management
Bement prprotocols can be collectively referred to as Internet Key Management Protocol (IkMP) or
Internet Key Exchange (IKE)

> "Sec does not require any specific security algorithm or method of implementation. It is an open framework,
which
will allow vendors to implement existing industry-standard algorithms suited for specific tasks.
~ 'PSec provides different security technologies which can be combined into a comprehensive solution to provide
confidentiality, integrity and authentication for networks,
= IniPSec security process, it uses cryptographic keys and has both the manual and automatic distribution of keys as
part of the protocol series.
= Automated is the default method of key management and is typically referred to as IKE. IKE authenticates each peer
keys.
in IPSec and consults the security policy, including the exchange of session

53 Email Security

QB. Explain e-mail security techniques

used application 01 n the Internet. Using Email, user can send a text
Electronic: mail (Email) is the most widely her Internet aes
and sounds etc toot
messages, pictures, videos
come *
for Emall messages has be
fe messae
For text Email transmission, th
system, ich are followed by the actual message contents means
2
2% umber of header fines which Date.
Every Email messat ge consistsof z er keywords ar ‘e- From, To, Subject and
Head
owed by 2 6010"
’ keyword, foll

ee SC
 i
-

y (SMTP) is a TCP/IP protocol that specifie

Mail Transfer s how computers ex change
Rica ice Office Protocol (POP). electronic mai,
SMTP is “requ uest/response” based, which mean
s the. ‘email client software at the sender's
mess
tothe ag
SMTP serve
e r. end gives the ema
‘Actually, SMTP server transfers the message
to the receiver's SMTP server. The Job of
‘email message between the sender and the receiver. SMTP’s mail is to Carr the

‘© Sending message can include text, voic

e, video or graphics,
© Mean also send the messages
on networks outside the internet.
SMIP uses TCP port number
25 for his Service. Hence, ema
Source machine established il Is delivered from sender
a TCP conn rection to port 25
ofthe destinati
to receiver by having the
on machine.

40
 Once the connect HOM Is establis
hed, the receiver
identifies itsel
self f with "220 Service Ready”.
{e) The sender identifie
s itself with the HELO
commnma
annd,
{d) The receiver accepts the sender's
Wdentification with "250 OK"
(e) H the mail service on
the destination is n ot availabl
reply in step 2 and the proce: 5s e, the destin ation host returns '421 Service Not Available"
terminated. e
2 Mail trahe
nsf: After
er thee connecti
ection
on h, has been established, the SMTPP sende
sen r may send
send one one oror m mot re messages to the

There are three logical phases to the transfer of a messa

fa) AMAIL command identifies the originator of the message
(0) One or more RCPT commands identify the recipientsof this message.
{c) ADATA command transfers the messa e text
% Connection termination : The SMTP sender clases the connection in the following manner,
(a) The send cd waits for a reply

(0) Sender initiates TCP close opera jon for the TCP connection.
(€) The receiver initiates its TCP clase after sending is reply to the QUIT command,
5.3.2 Privacy Enhanced Mail (PEM)

nce to e-mail seculiy (8-18,4

Describe the workingof PEMw! refere standard which provides the secure exchange of electronic mail
Q
i
in Internet
Privacy Enhanced Mail (PEM) is a ity.
~
that all lows confidentiality, authentication, and integr
of cryptographic techniques snot modified during transport
i
t
user to make o m sure t h a t ames sage
allows thehe user
ao user t0 Ve PEM messa ge which he has received is truly from the
authen
er an ticastion allow ®t s a to verify that the
~ Sa senden
Thenl la w e 5°" s e n
claims to have
person who pe kept secret from other people.
®0
~The confidentiality allows a message vanes fection seepution and megs egiy a shown in
ain eryptography
> _ PEM supports three ™
Fig. 5.3.2.

a a aa!

“
 +.
iCano
n nical Conversion
ed
| 2. Digtal Signature

4. Ba 64 s
Encoe
ie edie ng
|
Fig. 5.3.3 : PEM Operatio
ns

rating system. So, there

ation regardless of the

Ste
'ssages are travels ina

igital signature, as

12