Security Protocols

Security Protocols

Security Protocols

IPSec (Internet Protocol Security) -

IPSec is a set of protocols for security at the network layer of the OSI model.

It encrypts the data when communication is happening between two computers.

But, in order to use IPSec, both sender and receiver must share a public key.

Public key locks and unlocks the data that is being communicated as it travels across a network.

Prevents data tampering.

In additional to encryption, IPSec also verifies the data is received exactly as what it was sent.

IPSec also has two modes -

Transport mode - only the message portion of data packet is encrypted. Tunnel mode - entire data packet is encrypted.

L2TP (Layer 2 Tunneling Protocol) -

Layer 2 tunneling protocol is a combination of Cisco’s layer 2 forwarding and Point to Point Tunneling Protocol (PPTP).

This protocol authenticates in two ways using digital certificates.

It authenticates both the computer and the user and it does this to ensure that the data is not tampered with during the authentication process which is known as man-in-the-middle attack.

Prevents man-in-the-middle attack.

SSL (Secure Sockets Layer) -

It is a protocol that is used to ensure security on the Internet.

SSL uses public key encryption to secure data and is commonly associated with http.

Ex - If you go to an e-commerce website, you will notice that an S has been added to http which indicates that you are now using SSL in your web browser.