tailieunhanh - Internetworking with TCP/IP- P64
Internetworking with TCP/IP- P64: TCP/IP has accommodated change well. The basic technology has survived nearly two decades of exponential growth and the associated increases in traffic. The protocols have worked over new high-speed network technologies, and the design has handled applications that could not be imagined in the original design. Of course, the entire protocol suite has not remained static. New protocols have been deployed, and new techniques have been developed to adapt existing protocols to new network technologies | Sec. Required Security Algorithms 589 Secure Sockets By the mid 1990s when it became evident that security was important for Internet commerce several groups proposed security mechanisms for use with the Web. Although not formally adopted by the IETF one of the proposals has become a de facto standard. Known as the Secure Sockets Layer SSL the technology was originally developed by Netscape Inc. As the name implies SSL resides at the same layer as the socket API. When a client uses SSL to contact a server the SSL protocol allows each side to authenticate itself to the other. The two sides then negotiate to select an encryption algorithm that they both support. Finally SSL allows the two sides to establish an encrypted connection . a connection that uses the chosen encryption algorithm to guarantee privacy . Firewalls And Internet Access Mechanisms that control internet access handle the problem of screening a particular network or an organization from unwanted communication. Such mechanisms can help prevent outsiders from obtaining information changing information or disrupting communication on an organization s intranet. Successful access control requires a careful combination of restrictions on network topology intermediate information staging and packet filters. A single technique known as an internet firewall has emerged as the basis for internet access control. An organization places a firewall at its connection to external networks . the global Internet . A firewall partitions an internet into two regions referred to informally as the inside and outside. Multiple Connections And Weakest Links Although concept seems simple details complicate firewall construction. First an organization s intranet can have multiple external connections. The organization must form a security perimeter by installing a firewall at each external connection. To guarantee that the perimeter is effective all firewalls must be configured to use exactly the
đang nạp các trang xem trước