100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Computer Networks and Security (2IC60) Summary Q4 2021 $4.31   Add to cart

Summary

Computer Networks and Security (2IC60) Summary Q4 2021

 70 views  3 purchases
  • Course
  • Institution

EN: Computer Networks and Security (2IC60) is a course taught at Eindhoven University of Technology. It is a mandatory course for Bachelor Computer Science and Engineering students. The course is given in the fourth quartile of the second year. Computer Networks and Security discusses the OSI model...

[Show more]

Preview 3 out of 30  pages

  • June 29, 2021
  • 30
  • 2020/2021
  • Summary
avatar-seller
Computer Networks and Security (2IC60) Summary
Q4 2021
This summary is a combination of the lecture slides and the lecture notes.

Contents
S01 / Chapter 1 – Introduction (network, security) ........................................................................................ 2
S02 / Chapter 2 – Protocol layering (layers, delay) ....................................................................................... 4
S03 / Chapter 3 – Application layer (HTTP, P2P) ......................................................................................... 6
S04 / Chapter 4 – Transport layer (UDP, TCP) ............................................................................................ 9
S05 / Chapter 5 – Network Layer................................................................................................................ 13
S06 / Chapter 6 – Link Layer ...................................................................................................................... 17
S07 / Chapter 7 – Authentication & Authorization ....................................................................................... 20
S08 / Chapter 8 – Network Security & Web Security .................................................................................. 22
S09 / Chapter 9 – Cryptography ................................................................................................................. 26
S10 / Chapter 10 – Network Security Protocols .......................................................................................... 29




1
Computer Networks and Security (2IC60) Summary Q4 2021 by Isabel Rutten

,S01 / Chapter 1 – Introduction (network, security)
A network is an interconnected configuration of system components that are designed to communicate
and share. Networking refers to communicating either with or within a group. Example: colony of ants
searching for food. A computer network is (a) physically an “infrastructure” (communication links, packet
switches) interconnecting “end-devices” (pc’s, smart tv’s, etc.) and (b) logically a facility providing
information exchange between programs that are not sharing memory. Most predictions about the future
market of computers were incorrect, but not Moore’s law: the number of transistors that fit in unit area of
an integrated circuit doubles every two years.
A network infrastructure consists of:
- network edge: end systems/devices (hosts) run applications at “edge of network”.
- access networks: connects end devices/network edges to a router
- network core: interconnected routers
In a client/server model, the client host requests and receives server from always-on server (e.g. e-mail).
A client is the party that initiates a connection while a server is the one that continuously awaits incoming
connections.
In a peer-to-peer model, there is minimal (or no) use of dedicated servers (e.g. BitTorrent).
An embedded system is a special purpose computer on hardware dedicated to that purpose, which range
from simple sensors to complex machines. Types of embedded systems:
- standalone: have a standalone functionality and do not communicate to other systems
- network-aware: allow access of some internal functionality from outside, simple data retrieval is possible
- network-connected: are ‘on-line’ using standard protocols, “machine-to-machine” networks
- network-central: have some standalone function but the design aim at operation in a networked context
- fully networked: do not have a meaningful standalone function when disconnected from the network
Dominating access connections: Digital Subscriber Line (DSL, copper, high speed, low costs, not shared),
Cable Internet (coaxial, high speed, low cost, shared connection: bad during peak hours, half-duplex),
Fiber to the Home (FTTH, fiber optic, very high speed, asymmetric, high cost, full-duplex)
Data can be transferred from edge to edge in two ways:
- circuit switching: provides dedicated path per call/session, resources reserved for the call, no sharing,
call setup needed, resources not used by call are idle, is created by logically dividing network into pieces.
Examples: Frequency Division Multiplexing (FDM, different frequency sub band allocated to every session),
Time Division Multiplexing (TDM, different time slice of a (fixed) time period allocated to every session),
combination of FDM and TDM, Code Division Multiplexing (CDM, every session uses a signal code which
is orthogonal to all the other codes that are used by other transmitters such that the multiplication by the
session’s own code will return zero for all transmissions except for this specific session).




- packet-switching: each end-to-end data stream is divided into packets, packets share network
resources, each packet uses full link bandwidth (for a very short time), prevents idle time, resources used
as needed (no reservations). Result: resource contention (bandwidth demand can exceed amount available
(congestion) which leads to too many packets. It uses statistical multiplexing: sequence of A & B packets
does not have a fixed pattern, bandwidth is shared on demand. Store-and-forward behavior: packets
move one hop at a time, node receives full packet before forwarding, takes L/R seconds to transmit (push
out) packet of L bits on a link at R bps, delay = 3L/R assuming zero propagation delay. It is also possible to
realize virtual circuits using packet switching (virtual → each packet uses entire channel resources but the
multiplexing of packets can be done in such a way to provide circuit-like guarantees for selected sessions).
Pro: packet switching allows more users to use the network than in the case of circuit switching.
2
Computer Networks and Security (2IC60) Summary Q4 2021 by Isabel Rutten

, The Internet is (a) physically a public network of computer networks and (b) logically a network facility that
provides services to (globally) distributed applications. An explanation for the industry boom in and around
Internet technology is Metcalfe’s law: the value of a network equals the square of the number of users.
There are three major standardization bodies for the Internet: ITU, IETF, IEEE. There are also government
regulations, like fighting digital crimes, facilitating open market competition and practicing censorship, or
local regulations enforced by network administrators.
Internet structure is a network of networks which is roughly hierarchical:
- tier-1 ISPs: at center, national/international coverage, treat each other as equals, interconnect peer
privately (e.g. KPN, Verizon)
- tier-2 ISPs: smaller (often regional) ISPs, connect to one or more tier-1 ISPs and possibly other tier-2
ISPs (privately), pays tier-1 ISP for connectivity to the rest of the Internet / is a customer of a tier-1 provider
- tier-3 ISPs and local ISPs: last hop network (closest to end systems), no peering, just purchases, are
customers of higher tier ISPs connecting them to the rest of the internet.
The Internet of Things (IoT) is (a) physically an extension of the Internet into the physical world
surrounding us using things and (b) logically a network that extends the reach of distributed applications to
billions of resource-poor devices. ‘Things’ in the context of the IoT are constrained devices, which are
connected to constrained network but then, united with ‘regular’ Internet services and broadband networks.
Their constraints include: low memory, low power, low throughput, etc.
Most common security attributes (CIA):
- Confidentiality: Keep your data hidden from those who are not supposed to see it.
- Integrity: Your data has not been altered by those who are not supposed to change it.
- Availability: Your data can be used by those who are supposed to use it.
Other security attributes include:
- Privacy: information about me is not misused (focus on purpose of data instead of who has data).
- Authenticity: is this information authentic (i.e. of undisputed origin, focuses on source instead of change)
- Non-repudiation: is this information undeniable (e.g. signature on a contract)
- Accountability: is the information provider accountable (i.e. can we punish provider if incorrect info)
A security policy explains what security attributes the system should achieve when (in which context) and
by which components and/or for what type of resources. It can be high-level (textual) or low level (code).
A security model is a formal framework used to express and interpret policies.
The security attributes of the system may be at risk from several types of threats. An attacker model
contains the capabilities and goals of an attacker and is used to determine whom we want to protect the
system against. They can be general or formal.
A chain is no stronger than its weakest link. So, consider all individual aspects of the system for security:
- Design: needs to address security goals which do not imply security problems
- Software quality: should not be flawed, example is buffer overflow vulnerability, not easy to solve bugs
- Security Tool Selection: leave choosing your crypto to the experts, obscurity is not good crypto
- System usage: users have different priorities but should still use the system appropriately
So, one needs to consider the system as a whole and consider security from the start.
Security tools by themselves do not make the system secure. A good security design determines what
security tools need to be employed where and when, considering the security requirements and the effects
including trade-offs) different tools have on these requirements. There are trade-offs between security
attributes. It is hard to quantify security but for cryptographic primitives one can look at the computational
cost for breaking a system, expressed by the entropy. For web applications, security metrics have been
defined by checking for common security issues and assigning a risk to each of them.
Security Requirement Engineering:
1) Identify actors and goals: actors are those with a legitimate interest, their goals may depend/conflict
2) Identify attackers, vulnerabilities and attacks: consider attacks by insiders, think of countermeasures.




3
Computer Networks and Security (2IC60) Summary Q4 2021 by Isabel Rutten

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller IsabelRutten. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $4.31. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67096 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$4.31  3x  sold
  • (0)
  Add to cart