WNS Unit-02
💡 Click on any image for better visualizing!

1)Describe the process of establishing a secure SSH connection for terminal access and file transfer over wireless networks.

Connect TCP to SSH server:

SSH Handshake:

SSH handshake

Prevent Man-in-the-Middle Attack:

Authentication:

Secure command-line shell:

SCP and SFTP:

WNS Unit-02

2) Importance of SSH Protocol:

1) Replacing Insecure Protocols:

2) Replacing Insecure File Transfer Protocol:

3) Encryption:

4) Authentication:

5) Security:

WNS Unit-02

3) IPsec, SSL, TLS

Protocol Description
IPsec
  • IPsec stands for Internet Protocol Security
  • IPsec is in the Network Layer (Layer-3)
  • IPsec is very complex
  • IPsec may cause overhead
  • IPsec works with IP Protocols
  • IPsec uses X.509 certificate
SSL
  • SSL stands for Secure Socket Layer
  • SSL lies between the Transport Layer (Layer-4) and the Application Layer (Layer-1)
  • SSL is very simple
  • SSL has lower overhead
  • SSL works with TCP Protocols
  • SSL uses X.509 certificate, where the client side is optional
TLS
  • TLS stands for Transport Layer Security
  • TLS is in the Transport Layer (Layer-4)
  • TLS is very simple
  • TLS has lower overhead
  • TLS works only with TCP Protocols
  • TLS uses X.509 certificate, where the client side is optional
IPsec TLS diagram
WNS Unit-02

4) Architecture of IPsec:

IPsec architecture

IPsec uses two protocols. They are:

a) ESP Protocol:

b) AH Protocol:

Encryption Algorithm:

Authentication Algorithm:

DOI:

Key Management:

WNS Unit-02

5) Wireless Transport Layer Security (WTLS):

SSL/TLS vs WTLS:

Operations of WTLS:

Handshake process:

Encryption Algorithm:

Authentication Algorithm:

Key Management:

WNS Unit-02

6) OSI Layer:

OSI stands for Open System Interconnection

The OSI Model consists of 7 Layers:

OSI vs TCP

i) Physical Layer:

ii) Data Link Layer:

iii) Network Layer:

iv) Transport Layer:

v) Session Layer:

vi) Presentation Layer:

vii) Application Layer:

WNS Unit-02

7) Data Link Layer:

a) Logical Link Control (LLC):

b) Media Access Control (MAC):

WNS Unit-02

8) Connection-Oriented Service VS Connectionless Service

Data Link Layer and Transport Layer can provide communication in two modes:

Connection-Oriented Service Connectionless Service
Connection is required between sender and receiver before the data transmission Connection is not required between sender and receiver before the data transmission
Packets follow the same route Packets do not follow the same route
Feasible and reliable Not feasible and unreliable
Less scalable and high overhead Highly scalable and low overhead
Handles errors Does not handle errors
Example: TCP (Transmission Control Protocol) Example: UDP (User Datagram Protocol)
Connection-Oriented Service Image
Connectionless Service Image

9)Cryptographic Framework:

Cryptographic framework

i) Authentication:

ii) Confidentiality:

iii) Data Integrity:

iv) Non-Repudiation:

Framework Structure for IoT Security:

i) Device-Level Security:

ii) Network Level Security:

iii) Application Level Security:

10) Unicast Key and Multicast Key:

i) Unicast Key:

ii) Multicast Key: