Free Samples
BN305 Virtual Private Networks
.cms-body-content table{width:100%!important;} #subhidecontent{ position: relative;
overflow-x: auto;
width: 100%;}
BN305 Virtual Private Networks
0 Download8 Pages / 1,872 Words
Course Code: BN305
University: Melbourne Institute Of Technology
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Question:
Discuss about the Virtual Private Networks For Account Owner.
Answer:
Introduction
Over the recent past technological boom has result into a drastic change in the way business is conducted. Information integrity and confidentiality has intensified as malicious users have sought to steal valuable and personal information through online means. This report discusses security technologies being used to ensure access to bank accounts online through a web browser is safe and secure.
Aunthentication Process
How browser ensures that it is communicating with the right server
When a user types a URL into a browser the DNS (Domain Name System) then looks up its IP address. In this case the IP address is of the server that the browser is requesting access to. DNS can thus be said to be a database containing a list of URLS and their corresponding IP addresses [1].
DNS information is stored/cached at different levels by different devices and applications to speed up the process of looking up corresponding IP addresses to URLs. The browser first queries its own cache for websites previously visited although the information stored here is only available for a fixed duration of time. If the DNS record is not in the browser cache. The operating system cache is then queried since the OS also maintains a cache of DNS records. If the DNS record is not in the OS cache, it then queries the router cache. If the DNS record is not in our local caches, the browser then queries its recursive DNS server (the ISP cache).
But the information required might still not be available at the ISP cache. The query then moves on to root DNS servers which provide access to the next layer of DNS severs. The root name servers then direct the browser request to top level domain servers
Domain names (for example those ending with a .com or .gov) have their own servers. The root name server then directs the browser query to the corresponding domain name server that will find the matching IP address of the URL the user keyed in [1]. if found its then returned to the DNS recursor then back to the browser. The browser only initiates a connection when it receives the correct IP address of the server else it displays a failed error message.
The browser then initiates a connection with the server after receiving it IP address using internet protocols. A TCP/IP three way handshake process is then initiated and a connection is only established when the browser and the sever exchange synchronize and acknowledge data packets [1].
The browser sends a synchronize data packet to the server requesting if it is open for a new connection. The server then responds acknowledging that it has open ports. On receiving these data packets the browser then replies by sending its own acknowledge packets and the TCP connection is established. If either of this process fails the browser displays an error message since it might not be in communication with the right server
The role of Digital Signatures in this process.
Digital signatures ensure that the integrity of the data in transmission is not compromised [2]. Since only the sender has information about the private key, they prove the origin of the message [3]. thus if the digital signature is verified, the receiver of the message not only knows that the message is authentic and was not modified during transmission but also proves that the message originated from the right source that claims to have sent it [2].
How server ensures that it is communicating to the right account owner
The server can ensures that it’s communicating with the right account owner using cooking session’s management. When a user enters their username and ID on a web page the browser sends his/her credentials to the server. The server receive the request, and gets the user ID and password from the data packer sent. It then compares the User ID against the stored password in its database. In the case where the server stores a hashed password it compared the value of the password.
If the passwords match the server creates a token so that the client will not have to send the user and password again in every request. This is done by adding a response header set cookie and an html document that the user requested for. If they do not match the server sends an error message back to the browser. The token is then put against the user credentials in the server’s database. The token is then sent to the client.
The user is now logged in and can access different services in the account. The browser sends these requests by setting them to the request header cookie. The server receives these requests and extracts the access token from each cookie, it then matches that token to the user credentials keeping the user logged in and providing user specific information as requested. If the token doesn’t match the server redirects the user back to the login page.
Other techniques that servers can use to authenticate clients
One time passwords
Here, when a user enters a username and password, the server and the browser generate a onetime password with a shared secret. These application rely on two factor authentication where the one time password has either the current time or a counter as a shared secret.
Signatures
When a user signs in, an API, using a private key, creates a hash for the request. The API and the server that the request is made to need to have the same key. This signature is then added in query strings or header along with a date
HTTP Basic authentication
This is a method where the client provides a username and password. They are not encrypted making it the easiest way to exercise some access control. The username and password is sent with every request header. The lack of encryption exposes them to attackers. There also no way to log out the user nor does their credentials expire other than when they change their passwords.
Practical Tasks
Open your browser, visit your online banking website and verify:
Where has the bank acquired its SSL certificate from?
the website uses a security certificate issued by Verizon Public SureServer CA G14-SHA2
What information is embedded inside the SSL certificate presented by the server?
The SSL certificate contains; the name of the name of the insurer (Verizon Public SureServer CA G14-SHA2), the name to whom the certificate is issued to (online.standardchartered.com) and the duration within which the certificate is valid
Which companies have issues certificates installed as the trusted root certificates on your computer? Describe the purpose of the trusted root certificates
Root certificates verify that the software or website owner is indeed who they represent themselves to be. This is important in this day and age since the number of people with malicious intent online is on the rise. Root certificates are issued by a certified authority putting them on the front lines of security on the internet.
Figures 5 and 6 shows that Installed root certificates on my computer are issued by a couple of companies including; Baltimore CyberTrust Root, Centum CA, GlobalSign, Microsoft Root Authority, Microsoft Root Certificate Authority, Microsoft Root Certificate Authority 2010, Microsoft Root Certificate Authority 2011, SecureTrust CA, VeriSign Class 3 Public Primary Certification among others.
Confidentiality and Intengrity Process
How the server and the browser agree on which cipher suit to use
Network connection secured by SSL/TLS e.g. HTTPS, FTPS and SMTP use cipher suites [4]. During a SSL handshake a server and browser (client) agree on a set of algorithms to secure the connection. The browser sends packets to the server with information about cipher suits it supports. On receiving this information the server compares them with cipher suits it supports (those enabled on its side). If a match is found it sends that information to the client and the chosen cipher suites are used.
Symmetrical secret key for encryption and hashing algorithm agreement process between server and browser
During the SSL handshake the clients sends “Client Hello” message to the server [1]. This message contains cipher suites it supports. On its side the server sends a “Server Hello” message containing the cipher suite that the server and client will use. It also a certificate which holds it public key. Depending on the cipher suite selected by the server, the client creates a symmetric key. Using the server’s public key, it encrypts it before sending it back to the server. With its private key the server decrypts the message and receives the symmetric key. Now both the server and client have a symmetric key that is then used for all communication [5].
Practical Tasks:
Which version of the SSL/TLS protocol is being used?
What encryption algorithm is being used for confidentiality?
What hashing algorithm is being used for integrity?
Protection Against Replay Attacks
Protection against replay attacks between server and browser
Replay attacks are a form on man in the middle attacks where an intruder steals packets moving in a network and forwards the packets as if they originated form him/her. In the scenario where the data packets are used to authenticate and get access, the intruder can get access to resources and data they shouldn’t have.
Windows uses Kerberos authentication protocol. The Kerberos authenticator is contained in the Kerberos protocol exchanges and hold authentication information including the ticket lifetime and the client’s timestamp. Kerberos logic works by checking the authenticator’s timestamp. If it’s earlier or at the same time as the previous authenticator, the Kerberos logic on the server will reject the packet. Similarly it rejects the message if the timestamp on the authenticator is not within 5 minutes of the local time server since the message was sent. This duration can be altered within windows to a preferred duration.
Conclusion
The changing business environment coupled with technological advancement has seen more and more business conducted online. This has opened up businesses to threats that were not a problem to them before. The report touches on a minor area within the online security realm. A lot more needs to be done to secure communication protocols and channels against malicious attacks.
References
[1] M. Wijesinghe (2017, April.).What happens when you type an URL in the browser and press enter? [Blog]. Available:https://medium.com/@maneesha.wijesinghe1/what-happens-when-you-type-an-url-in-the-browser-and-press-enter-bb0aa2449c1a
[2] IBM Knowledge Center. (2018, Aug.).Digital signatures in SSL and TLS [Online]. Available: https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_7.1.0/com.ibm.mq.doc/sy10520_.htm
[3] IBM Knowledge Center. (2018, Aug.).How SSL and TLS provide identification, authentication, confidentiality, and integrity [Online]. Available:https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_7.5.0/com.ibm.mq.sec.doc/q009940_.htm
[4] IBM Knowledge Center. (2018, Aug.). An overview of the SSL or TLS handshake. [Online]. Available: https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_7.1.0/com.ibm.mq.doc/sy10660_.htm
[5] John Carl Villanueva (2018, May.). Managed File Transfer and Network Solutions [Blog]. Available: https://www.jscape.com/blog/cipher-suites
Free Membership to World’s Largest Sample Bank
To View this & another 50000+ free samples. Please put
your valid email id.
Yes, alert me for offers and important updates
Submit
Download Sample Now
Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.
UploadUnique Document
DocumentUnder Evaluation
Get Moneyinto Your Wallet
Total 8 pages
PAY 5 USD TO DOWNLOAD
*The content must not be available online or in our existing Database to qualify as
unique.
Cite This Work
To export a reference to this article please select a referencing stye below:
APA
MLA
Harvard
OSCOLA
Vancouver
My Assignment Help. (2021). Virtual Private Networks. Retrieved from https://myassignmenthelp.com/free-samples/bn305-virtual-private-network/digital-structures.html.
“Virtual Private Networks.” My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/bn305-virtual-private-network/digital-structures.html.
My Assignment Help (2021) Virtual Private Networks [Online]. Available from: https://myassignmenthelp.com/free-samples/bn305-virtual-private-network/digital-structures.html[Accessed 18 December 2021].
My Assignment Help. ‘Virtual Private Networks’ (My Assignment Help, 2021)
My Assignment Help. Virtual Private Networks [Internet]. My Assignment Help. 2021 [cited 18 December 2021]. Available from: https://myassignmenthelp.com/free-samples/bn305-virtual-private-network/digital-structures.html.
×
.close{position: absolute;right: 5px;z-index: 999;opacity: 1;color: #ff8b00;}
×
Thank you for your interest
The respective sample has been mail to your register email id
×
CONGRATS!
$20 Credited
successfully in your wallet.
* $5 to be used on order value more than $50. Valid for
only 1
month.
Account created successfully!
We have sent login details on your registered email.
User:
Password:
Look no further if you are worried about the plagiarism issues in your assignments. Get 100% plagiarism free assignment help Melbourne from MyAssignmenthelp.com. Our 5000+ PhD-qualified, in-house writers develop each assignment from scratch. They understand that assignments should be informative, updated, and relevant to the current circumstances. The writing process involves looking for a essay topics, citing recent sources to keep the write-up relevant, and scan using the university-approved plagiarism checking tool.
Latest Management Samples
div#loaddata .card img {max-width: 100%;
}
MPM755 Building Success In Commerce
Download :
0 | Pages :
9
Course Code: MPM755
University: Deakin University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answers:
Introduction
The process of developing a successful business entity requires a multidimensional analysis of several factors that relate to the internal and external environment in commerce. The areas covered in this current unit are essential in transforming the business perspective regarding the key commerce factors such as ethics, technology, culture, entrepreneurship, leadership, culture, and globalization (Nzelibe, 1996; Barza, 2…
Read
More
SNM660 Evidence Based Practice
Download :
0 | Pages :
8
Course Code: SNM660
University: The University Of Sheffield
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answers:
Critical reflection on the objective, design, methodology and outcome of the research undertaken Assessment-I
Smoking and tobacco addiction is one of the few among the most basic general restorative issues, particularly to developed nations such as the UK. It has been represented that among all risk segments smoking is the fourth driving purpose behind infections and other several ailments like asthma, breathing and problems in the l…
Read
More
Tags:
Australia Maidstone Management Business management with marketing University of New South Wales Masters in Business Administration
BSBHRM513 Manage Workforce Planning
Download :
0 | Pages :
20
Course Code: BSBHRM513
University: Tafe NSW
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Task 1
1.0 Data on staff turnover and demographics
That includes the staffing information of JKL industries for the fiscal year of 2014-15, it can be said that the company is having problems related to employee turnover. For the role of Senior Manager in Sydney, the organization needs 4 managers; however, one manager is exiting. It will make one empty position which might hurt the decision making process. On the other hand, In Brisba…
Read
More
MKT2031 Issues In Small Business And Entrepreneurship
Download :
0 | Pages :
5
Course Code: MKT2031
University: University Of Northampton
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answer:
Entrepreneurial ventures
Entrepreneurship is the capacity and willingness to develop, manage, and put in order operations of any business venture with an intention to make profits despite the risks that may be involved in such venture. Small and large businesses have a vital role to play in the overall performance of the economy. It is, therefore, necessary to consider the difference between entrepreneurial ventures, individual, and c…
Read
More
Tags:
Turkey Istanbul Management University of Employee Masters in Business Administration
MN506 System Management
Download :
0 | Pages :
7
Course Code: MN506
University: Melbourne Institute Of Technology
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Introduction
An operating system (OS) is defined as a system software that is installed in the systems for the management of the hardware along with the other software resources. Every computer system and mobile device requires an operating system for functioning and execution of operations. There is a great use of mobile devices such as tablets and Smartphones that has increased. One of the widely used and implemented operating syste…
Read
More
Tags:
Australia Cheltenham Computer Science Litigation and Dispute Management University of New South Wales Information Technology
Next