Secure Shell Research Paper

The use of SSH utilities at both end of connection are authenticated using a digital certificate. The passwords are encrypted unlike in utilities like Telnet. SSH has a built in username/password authentication system to establish a connection. SSH uses RSA public key cryptography for authentication and establishing connection. More often than not, SSH uses SSL under the hood, so they are both as secure as each other.

The proxy server effectively hides the true network addresses. In practice, many firewalls use two or more of these techniques in concert. A firewall is considered a first line of defense in file and network security. For greater security, data should be encrypted. (www.webopedia.com) Symmetric and asymmetric encryption Symmetric encryption is a type of encryption where the same key is used to encrypt and decrypt the message.

SSH has 3 main components as shown in figure 1: Transport Layer Protocol that provide confidentiality, integrity and authentication; User Authentication Protocol that authenticate client to the server; Connection Protocol that “multiplexes the encrypted tunnel into several logical channels” [1]. Figure 1: Components of SSH [3] The main benefits of SSH are: Privacy of data, Integrity of data, Authentication of senders and receivers, authorization to access, forwarding “to encrypt other TCP/IP based sessions” [2]. Privacy of data is maintained by encrypting that data that are transferred over the internet. The key is randomly selected and secretly negotiated between client and server and once the session is over, the key get discarded. Different Encryption algorithm are used such as 3-DES (triple-DES), IDEA, Blowfish.

Using two pair keys. h.     SSL- Secure Socket Loader- used mainly on web servers to transmit securely via HTTPS:// 3. Network protocols and organization a.     DMZ- Demilitarized zone- Zone used for public access. Used with FTP, web servers and DNS servers. b.     IDS- Intrusion Detection System- 2 types: Active and Passive c.     NAT- Network Address Translation- Appends to your logical port.

Only the authorised user can access the data. If any unauthorised person gets the data intentionally or by mistake then he cannot get the original data. In [2], they have addressed the secure hybrid framework to ensure the data security in cloud computing, which comprises public key algorithm RSA, private key algorithm AES and SHA algorithm which is used to convert arbitrary sized message into hash code with the help of hash function. They have integrated digital fingerprint mechanism to enhance the authenticatio... ... middle of paper ... ... is generated using secure hash algorithm which is combined with digital signature to form a concatenated string. This concatenated string is then encrypted with the help of public key of receiver and sent to the cloud user who requested data.

These keys consist of groups of letters, numbers, and symbols. If a website is secured by encryption, you will see a small lock on the lower right hand side of your screen on the status bar. There are two basic standards of encryption. They are, Secure Sockets Layer (SSL) and Secure Hypertext Transport Protocol (S-HTTP). Both of these allow the client and the server computers to manage encryption and decryption as they communicate with each other during a secure Internet session.

Part 4: Possible Solution and Prevention for Pharming 1. Use SSL (Secure Sockets Layer) Certificate in Authentication A SSL certificate can help prevent Internet users from being victimized by pharming attack when they attempt to visit a Web site. It is a digital certificate that authenticates the identity of a Web site to visiting browsers and encrypts information for the server via SSL technology. In other words, it is like a unique fingerprint or passport that identifies a legitimate website and builds trust. When an Internet user attempts to send confidential information to a Web server, the user’s browser will download and verify the SSL Certificate of the server connected and establish a secure connection.

When a datagram is passed internally within a private network it is secured behind a router and /or firewall. When datagrams are passed externally outsiders can monitor them as they pass over networks owned by other organizations (Comer, 1995). This can cause great security problems. Unencrypted packet headers contain valuable information about the internal structure of an organizations network. VPNs have overcome the problem of direct Internet access to servers and clients through a combination of the following security components: IP encapsulation, cryptographic authentication, and data payload encryption.

If you’re a business owner your business partners will fill more secure sharing ... ... middle of paper ... ...reate a secure environment for the exchange of data between network devices. It is a form of authentication and encryption. A key is generated and used for encryption and a certificate is generated and used to verify authentication. Symmetric key encryption or secret key cryptography uses a key that only the sender and receiver know. Both the sender and receiver use the same code or encryption to encrypt and decipher the messages.

One of the key elements of VPNs is encryption. To protect sensitive or non-routable data as it passes over the public Internet, we need to create a virtual private tunnel (Snyder, 2004). This tunnel is built by encrypting the packets or frames and then encapsulating these in regular IP traffic between the two hosts or networks. The protection and encapsulation of these packets is vital to the function of a VPN and one of the most complex pieces to get right (Schneier and Ferguson, 2006). VPNs work by creating a virtual tunnel over the public Internet.