Internet security is utmost important in today’s world as it is the main network of networks. It is associated with various processes and security protocols. Since the internet is a huge area it has its application spread across various aspects.
Therefore, it needs security in messages, payment transactions, wireless communications, etc. This article will give you a vivid description of the types of security provided in each online field.
Virtual Private Network is a private network between a public network from where you can share data and information to another private pr public network. It was mainly developed to connect offices that are present in remote locations and to transfer data through them.
VPN has a vast area to cover which is beyond this article. But if you want more information you can go through Cooltechzone.com. A proper website which details everything you need to know about VPNs.
It can connect a computer with a network and side by side can pair up to two networks. It also allows a restricted communication network to be operated outside the office.
Today the flow of internet is best than it ever was. As a result, the business started with intranet communication. If a VPN is used in a business, it can spread out all of its documents to employees in remote areas.
The function of a VPN in short:
It helps in tracking as it tracks the machine and views the exit point of the VPN.
When someone connects to VPN, using the internet it creates a tunnel between them.
Again to create a VPN environment, a VPN router is designed especially for network communication.
The requirements of VPN:
It possesses a very slow internet connection.
Frequent breakage of connection.
It is unable to know how strong the encryption is.
Simple Mail Transfer Protocol or SMTP is one of the most secure systems in email communication services. It generally pulls out the message from the SMTP server of the receiver. It transfers the mail securely from the sender to the receiver. It runs in the application layer on top above TCP/IP. SMTP basically runs in the following way:
The text sent by the user/sender is taken by the SMTP server, at the user’s end.
The message is then passed on to the receiver’s SMTP server.
The receiver’s machine then pulls out the text from its SMTP server with the help of Post Office Protocol (POP) or Internet Mail Access Protocol (IMAP).
This protocol is actually very simple. The communication system consists of simple ASCII characters between the server and client. Hereby we are going to list down the actual steps of the interaction of SMTP where the server acts as a client and the receiver acts as the server.
The client requests an email transfer. The server then sends back a READY FOR MAIL reply showing that it is can receive messages from the client.
A HELLO command is sent to the server to show its identity.
The server sends back its own DNS name as a reply.
The client is now allowed to send emails. The mail transfer starts with a MAIL command that identifies the sender.
The receiver then sends an OK command and the sender acknowledges with a code 250 which also means OK.
The client then sends the list of recipients of the emails by one or more RCPT command. The server then has to send back a code 250: OK or 550: no such user here.
The client now sends a DATA command to inform that it is ready to start transmission.
It acknowledges it with code 354: Start mail input message.
The email is then sent followed with an identifier to indicate that the transmission is complete.
Server replies with code 250.
The client now sends a QUIT command.
The server also closes the connection by sending code 221: Service closing transmission channel message.
This is how there is a secured connection established to avoid interference of other faulty users. The SMTP server and client communicate with commands to build in a secured channel for email transition.
Wi-Fi Protected Access or WPA is a security service for any computing device operator who is connected to wireless internet service. It has mainly three functions:
Authentication: it uses a different Authentication Server (AS). It looks after mutual authentication and key management. It makes temporary keys to be used by the host and the AP.
Encryption: it uses the AES protocol to give stronger encryption.
Message Integrity: it also manages the integrity of the messages.
The Wi-Fi Protected Access works in the following ways:
To authenticate itself, the client host reaches the AP with a request.
The AP transfers it to AS. The AS is a RADIUS (Remote Authentication Dial-In User Service) server. It is a network protocol which is used to give centralized access to large networks. It is used by ISPs or corporations managing access to the Internet.
The AS now sends a challenge to the host machine.
When the user enters the password the challenge is encrypted with that password. This converted random challenge is sent back to the AS.
AS now decrypts the challenge sent by the host with the help of the password. It compares the decrypted one with the one sent by it in step 3 before transferring it to the host. If it matches it sends a successful message to the AP.
This process highly secures the WI-FI Access and makes a secured connection.
Security in GSM
The Global System for Mobile communication developed by ETSI was based on a 2G digital network and the usage of it by phones and tablets.
2G network was a revolutionary change as it completely demolishes the IG network.
The five types of GSM network where cell phones connect are:
Macro: The basic station antennae are used for a vast area.
Micro: It is generally used in urban areas.
Pico: They do not have long-range and are generally used indoors.
Femto: these cells are generally used in small business environments.
Umbrella: they cover shadow regions of smaller cells.
The most important feature of GSM is the introduction of SIM cards which is an operational smart card which stores all of our document and information. It has a variety of carrier frequency but most of the 2G networks lie between 900-1800 MHz bands.
Security systems in GSM:
Authentication: it starts with a challenge-response mechanism. With the beginning of the process, it sends a random 128-bit number to the subscriber. Then a 32 bit signed response using the A3 algorithm. A subscriber authentication key (Ki) is created by the handset and send to the network. The network gets the Ki, does the same job using A3 on the original 128-bit number and compares the result with the one received by the handset. If the two matches, the user is termed authenticated. The signed response occurs inside the SIM, IMSI or Ki never have left the SIM. This makes this process secure.
Signalling and Data Confidentiality: the SIM contains a cypher key generating algorithm(A8) which is used to produce 64-bit ciphering key Kc. It is obtained by using the same random number as used in the authentication of the A8 algorithm with Ki. Kc is later used for a secure connection between the subscriber and mobile telephony case station.
Voice and Data Security: to encrypt the voice and traffic between the handset and GSM network A5 algorithm is used. The user’s set sends a cypher mode request to the GSM. The network then starts encryption and decryption of the traffic using A5 and Kc.
Secure Electronic Transaction gives security to transaction done using a credit card. It has solid security as it is supported by major companies like Microsoft and MasterCard. The major advantage of SET protocol is that it keeps the details to merchants and does not give a scope to the hackers.
SET has some general requirements to follow-
They need to be confident in their OI and PI-based encryptions.
Authentication is needed for the cardholder to know if he is the user or not.
It also needs the best use of its security mechanism.
The function of the SET protocol:
It possesses a particular verification to check previous data between the cardholder and financial institute.
It provides the security that no other people except the intended one can see the message and for this, they use a particular encryption technique.
It also checks whether the card is used by an authorized person or not.
The major flaw of PI and OI based encryption was solved as the dual signature concept was introduced. It connected both order information OI and Payment information PI for merchant and bank respectively.
The document gives official permission of PI to be confidential of the fact that the money gets transferred only to the merchant.
Capture is the process by which payments are secured. It shows the amount captured by the internet banking system.
Nowadays, security is the main objective. Even internet communication is also not secured. These are a few of the protocols or process of alternate online security that we have listed. These will provide you with some basic knowledge of the security systems of the internet in different fields.
Hope this is useful to you.