计算机网络自顶向下方法第四版Chapter8_4e.ppt

Chapter 8Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) in substantially unaltered form, that you mention their source (after all, we’d like people to use our book!) If you post any slides in substantially unaltered form on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Thanks and enjoy! JFK/KWR All material copyright 1996-2007 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach ,4th edition. Jim Kurose, Keith RossAddison-Wesley, July 2007.  Chapter 8: Network Security Chapter goals: understand principles of network security: cryptography and its many uses beyond “confidentiality” authentication message integrity security in practice: firewalls and intrusion detection systems security in application, transport, network, link layers Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 End point authentication 8.5 Securing e-mail 8.6 Securing TCP connections: SSL 8.7 Network layer security: IPsec 8.8 Securing wireless LANs 8.9 Operational security: firewalls and IDS What is network security? Confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and availability: services must be accessible and available to users Friends and enemies: Alice, Bob, Trudy well-known in