Browse Prior Art Database

Data Security in Computer Networks Guest Editor's Introduction

IP.com Disclosure Number: IPCOM000131588D
Original Publication Date: 1983-Feb-01
Included in the Prior Art Database: 2005-Nov-11
Document File: 3 page(s) / 19K

Publishing Venue

Software Patent Institute

Related People

Subhash C. Kak: AUTHOR [+3]

Abstract

Data security in computer networks is becoming increasingly important owing to the expanding role of distributed computation, distributed databases, and telecommunication applications such as electronic mail and electronic funds transfer. There are several proprietary network architectures, including Arpanet, IBM's Systems Network Architecture, and Digital Equipment Corporation's Digital Network Architecture, as well as architectures for specialized applications. The International Standards Organization has proposed an architecture with the capability of universal networking as a first step toward protocol standardization. This model is called the reference model of open systems interconnection, or OSI (Figure 1).

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 33% of the total text.

Page 1 of 3

THIS DOCUMENT IS AN APPROXIMATE REPRESENTATION OF THE ORIGINAL.

This record contains textual material that is copyright ©; 1983 by the Institute of Electrical and Electronics Engineers, Inc. All rights reserved. Contact the IEEE Computer Society http://www.computer.org/ (714-821-8380) for copies of the complete work that was the source of this textual material and for all use beyond that as a record from the SPI Database.

Data Security in Computer Networks Guest Editor's Introduction

Subhash C. Kak

Louisiana State University

Data security in computer networks is becoming increasingly important owing to the expanding role of distributed computation, distributed databases, and telecommunication applications such as electronic mail and electronic funds transfer. There are several proprietary network architectures, including Arpanet, IBM's Systems Network Architecture, and Digital Equipment Corporation's Digital Network Architecture, as well as architectures for specialized applications. The International Standards Organization has proposed an architecture with the capability of universal networking as a first step toward protocol standardization. This model is called the reference model of open systems interconnection, or OSI (Figure 1).

In an OSI-based network, encryption can be done in any of the seven layers. The communication subnet consists of switches, multiplexers, or concentrators connecting transmission links. Since these links can be easily accessed, there might be a need for encryption on each data link. One can also choose to encrypt data above the network layer, i.e., the host-host layer, which constitutes an example of end-to-end encryption. The higher the layer at which encryption is performed, the greater security it provides to the user. However, data link encryption can mask traffic characteristics, and that by itself may be of interest to an unauthorized party; therefore, a combination of data link and end-to-end encryption techniques appears desirable.

When designing a computer network, several sources of data insecurity need to be considered. Prominent among these are spurious message injection, message reception by unauthorized receivers, transmission disruption, and rerouting data to fake nodes. To maintain security against these hazards, a combination of en

cryption algorithms on the data and appropriate pro tocols for message exchanges is utilized. These tech niques also facilitate the handling of other problems it computer communication networks, such as key dis tribution, authentication, privacy, digital signatures network mail, and transaction verification.

There are two approaches to encryption. The first re quires use of a secret transformation (key) to encrypt data that is then sent over a public channel. At the receiving station, the same key is used to convert the enciphered data back into the original form (Figure 2). The transformation key is sent to the authorized receiver over a secure channel and...