Internet Security Issues

In this section we'll describe the security problems that arise from communicating over the Internet. We'll also list 3 specific security challenges that can be addressed through public-key cryptography.

Describe the 3 main security risks for the Internet.

The Problem With TCP/IP

All communication over the Internet uses the Transmission Control Protocol/Internet Protocol (TCP/IP). TCP/IP allows information to be sent from one computer to another through a variety of intermediate computers and separate networks before it reaches its destination.

Figure 2.2

The great flexibility of TCP/IP has led to its worldwide acceptance as the basic Internet and intranet communications protocol. At the same time, the fact that TCP/IP allows information to pass through intermediate computers makes it possible for a third party to interfere with communications as described below.

Figure 2.3

Normally, users of the many cooperating computers that make up the Internet or other networks don't monitor or interfere with the network traffic that continuously passes through their machines. However, many sensitive personal and business communications over the Internet require precautions that address the threats listed above.

Public-Key Cryptography

Public-key cryptography is a set of well-established techniques and standards that make it relatively easy to protect against the threats identified above. For each of the identified risks, public-key cryptography provides a solution:

Risk
Solution
Sniffing (eavesdropping) Encryption and Decryption
Allows two communicating parties to disguise information they send to each other.
Sabotage (tampering) Tamper detection
Allows the recipient of information to verify that it has not been modified in transit. Any attempt to modify data or substitute a false message for a legitimate one is detected.
Spoofing (misrepresentation) Authentication
Allows the recipient of information to determine its origin (that is, to confirm the sender's identity).


Top of Page
Copyright © 1999 Sun-Netscape Alliance.
All Rights Reserved.