Internet Security Applications

As with e-mail applications, several protocols, standards, and applications have been developed to provide security for Internet communications and transactions.

Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

The Secure Sockets Layer (SSL) protocol, developed by Netscape in 1994, provides session-based encryption and authentication for secure communication between clients and servers on the Internet. SSL operates at the Transport Layer (Layer 4) of the OSI model, is independent of the application protocol, and provides server authentication with optional client authentication. SSL uses the RSA asymmetric key system; IDEA, DES, and 3DES symmetric key systems; and the MD5 hash function. The current version is SSL 3.0. SSL 3.0 was standardized by the IETF in Transport Layer Security (TLS) 1.0 and released in 1999 with only minor modifications to the original SSL 3.0 specification. TLS 1.2 is the most current version of TLS.

See Chapter 5 for a complete discussion of the OSI model.

SSL is most visible to users when used in conjunction with web servers when they serve encrypted pages using the https protocol. SSL is also gaining favor as a protocol for Virtual Private Networks (VPNs) used for remote access.

Although it is not as popular as it once was, you should know that the Secure Electronic Transaction (SET) specification is an Internet security application developed jointly by MasterCard and Visa for secure e-commerce (see the sidebar “Secure Electronic Transaction [SET]”).

Secure Hypertext Transfer Protocol (S-HTTP)

Secure Hypertext Transfer Protocol (S-HTTP) is an Internet protocol that provides a method for secure communications with a web server. S-HTTP is a connectionless-oriented protocol that encapsulates data after security properties for the session have been successfully negotiated. It uses symmetric encryption (for confidentiality), message digests (for integrity), and public key encryption (for client-server authentication and non- repudiation). Instead of encrypting an entire session as in SSL, S-HTTP can be applied to individual web documents.

S-HTTP is not widely used, and should not be confused with https. See the earlier section on SSL/TLS.

IPSec

Internet Protocol Security (IPSec) is an IETF open standard for secure communications over public IP-based networks, such as the Internet. IPSec ensures confidentiality, integrity, and authenticity by using OSI model Layer 3 (Network) encryption and authentication to provide an end-to-end solution. IPSec operates in two modes:

Transport Mode: Only the data is encrypted.

Tunnel Mode: The entire packet is encrypted.

See Chapter 5 for more on IPSec.

The two modes of IPSec are Transport mode and Tunnel mode.

The two main protocols used in IPSec are

Authentication Header (AH): Provides integrity, authentication, and non-repudiation

Encapsulating Security Payload (ESP): Provides confidentiality (encryption) and limited authentication

Each pair of hosts communicating in an IPSec session must establish a security association (SA).

An SA is a one-way connection between two communicating parties; two SAs are required for each pair of communicating hosts. Additionally, each SA supports only a single protocol (AH or ESP). Thus, if both AH and ESP are used between two communicating hosts, a total of four SAs is required. An SA has three parameters that uniquely identify it in an IPSec session:

Security Parameter Index (SPI): The SPI is a 32-bit string used by the receiving station to differentiate between SAs terminating on that station. The SPI is located within the AH or ESP header.

Destination IP Address: The destination address could be the end station or an intermediate gateway or firewall, but it must be a unicast address. (See Chapter 5 for more on unicast addresses.)

Security Protocol ID: Either an AH or ESP association.

In IPSec, a security association (SA) is a one-way connection. You need a minimum of two SAs for two-way communications.

Key management is provided in IPSec by using the Internet Key Exchange (IKE). IKE is actually a combination of three complementary protocols: The Internet Security Association and Key Management Protocol (ISAKMP), the Secure Key Exchange Mechanism (SKEME), and the Oakley Key Determination Protocol. IKE operates in three modes: Main mode, Aggressive mode, and Quick mode.

Multi-Protocol Label Switching (MPLS)

Multi-Protocol Label Switching (MPLS) is an extremely fast method for forwarding packets through a network by using labels inserted between Layer 2 and Layer 3 headers in the packet. MPLS is protocol independent and highly scalable, providing Quality of Service (QoS) with multiple Classes of Service (CoS) and secure Layer 3 Virtual Private Network (VPN) tunneling.

Secure Shell (SSH-2)

Secure Shell (SSH-2, or version 2) is used for secure remote access as one alternative to Telnet. It can be used to provide confidentiality, integrity, and authentication. SSH-2 establishes an encrypted tunnel between the SSH client and SSH server and can also authenticate the client to the server. SSH version 1 is also widely used but has inherent vulnerabilities that are easily exploited.

SSH-2 (or simply SSH) is an Internet security application that provides secure remote access.

Wireless Transport Layer Security (WTLS)

The Wireless Transport Layer Security (WTLS) protocol provides security services for the Wireless Application Protocol (WAP) commonly used for Internet connectivity by mobile devices. WTLS provides three classes of security:

Class 1: Anonymous Authentication

Class 2: Server Authentication Only

Class 3: Client-Server Authentication: Additional (but somewhat limited) security is provided in WAP through the use of Service Set Identifiers (SSID) and Wired Equivalent Privacy (WEP) Keys. A significant improvement in wireless security incorporates the Extensible Authentication Protocol (EAP), which uses a Remote Authentication Dial-In User Service (RADIUS) server for authentication.

WEP has well-known and easily exploited vulnerabilities that render it largely ineffective. WEP should only be used if other security protocols are not available.