Introduction to TCP/IP

 Introduction to TCP/IP

The World Wide Web (WWW) are familiar terms to 

millions of people all over the world. Many people depend on applications 

enabled by the Internet, such as electronic mail, WhatsApp, WeChat, Web 

access etc. The Transmission Control Protocol/Internet Protocol (TCP/IP) 

suite is the engine for the Internet and networks worldwide. The TCP/IP 

protocol suite is so named for two of its most important protocols:

Transmission Control Protocol (TCP) and Internet Protocol (IP). The Internet 

Protocol Suite is the phrase used in official Internet standards documents.

Protocols are set of formal rules or standards that are used to facilitate 

communications. The Transmission Control Protocol (TCP) is one of the 

core protocols of the Internet protocol suite (IP), and is commonly called 

TCP/IP. TCP provides reliable, ordered and error-checked delivery of a 

stream of octets between programs running on computers connected to a 

local area network, intranet or the public Internet. TCP/IP provides an end-

to-end connectivity specifying how data should be formatted, addressed, 

transmitted, routed and received at the destination. The TCP/IP suite is an 

open protocol standard that can be implemented on any platform regardless 

of the manufacturer. It can be implemented on Ethernet, X.25, and token 

ring, among other platforms.

Web browsers use TCP when they connect to servers on the World Wide 

Web, and it is used to deliver email and transfer files from one location to 

another. HTTP, HTTPS, SMTP, POP3, IMAP, SSH, FTP, Telnet and a 

variety of other protocols are typically encapsulated in TCP. Applications 

that do not require the reliability of a TCP connection may instead use the 

connectionless User Datagram Protocol (UDP), which emphasizes low-

overhead operation and reduced latency rather than error checking and 

delivery validation.

Read More

Security Services

Security service is a service, provided by a layer of communicating open 

systems in order to ensure adequate security of the systems or of data 

transfers as per the ITU-T X.800 recommendation. Authoritative definition 

that found in RFC 2828 is: “a processing or communication service that is 

provided by a system to give a specific kind of protection to system 

resources; security services implement security policies and are 

implemented by security mechanisms”.

X.800 divides security services into five categories. They are:

1. Authentication

2. Access control

3. Data confidentiality

4. Data Integrity

5. Non repudiation

And other information is

1) Authentication

The authentication service assures that the communication is authentic. If

the message is single, authentication service assures the recipient that the

message is from the source that it claims to be from. In the case of an on-

going interaction we need to take care of two aspects that are important for

connection of a terminal to a host. First, at the time of connection initiation,

there should be an assurance from the service that the two entities are

authentic and second, the service must assure that no interference is

present in the connection with no rumour for a third party for the purposes of

unauthorized transmission or reception.

2) Access Control

In network security, access control means the ability to limit and control the

access to host systems and applications via communications links. We can

achieve protection against unauthorized access and use of resources. So it

is required to identify each entity trying to gain access, so that access rights

can be tailored to the individual.

3) Data Confidentiality

Data confidentiality is the protection of transmitted data from passive

attacks. So it is required to identify several levels of protection. The other

aspect of confidentiality is the protection of traffic flow from analysis. Thisrequires that an attacker not be able to observe the source and destination,

frequency, length, or other characteristics of the traffic on a communications 

facility. The different types of confidentiality are:

i) Connection confidentiality: This service provides for the 

confidentiality of all user-data on a connection

ii) Connectionless confidentiality: This service is about the 

confidentiality of all user data in a single data block.

iii) Selective field confidentiality: This service provides for the 

confidentiality of selected fields within the (N)-user-data on an (N)-

connection or in a single data block.

iv) Traffic flow confidentiality: This service protects the information 

which might be derived from observation of traffic flows.

4) Data Integrity

Integrity can apply to a stream of messages, a single message, or selected 

fields within a message. A connection-oriented integrity service deals with a 

stream of messages. It assures that messages are received as sent with no 

duplication, insertion, modification, reordering, or replays. This service also 

addresses both message stream modification and denial of service. A

connectionless integrity service deals with individual messages. It provides 

protection only against message modification.

Now we can make a distinction between service with and without recovery. 

Since the integrity service relates to active attacks, the concern is usually 

about detection rather than prevention. If any integrity violation is detected, 

then the service simply reports this violation. So software or human 

intervention is required in this case to recover from the violation. But there 

are also mechanisms like automated recovery mechanisms available to 

recover from the loss of integrity of data.

5) Nonrepudiation

Nonrepudiation prevents either the sender or the receiver from denying a 

transmitted message. Thus, when a message is sent, the receiver can 

prove that the alleged sender in fact sent the message. Similarly, when a 

message is received, the sender can prove that the alleged receiver in fact 

received the message.

Read More