Introduction their role in receipt of data. To

Topic: TechnologySoftware
Sample donated:
Last updated: May 3, 2019

Introduction  Securityplays an important role when it’s come to sharing the data over the internetand public’s main concern is how their data is going to be shared, who can haveaccess and how it can be prevented to be used by third parties. Increase in newtechnologies have put the security aspects like privacy, integrity,authenticity and non-repudiation in critical condition. Privacymeans that the data shared over the internet by two parties must not be sharedor accessed by third party. Integrity detects any changes in the shared databetween the time it was received and sent.

Authentication means that data isonly accessible to those it has been authorised for. Non-repudiation protectsthe data towards any claim by a third party stated as their role in receipt ofdata. To maintain these security levels of the applications and software’s ofnew technologies which are engaging in fast paced environment must be deliveredto the public in secure, scalable and manageable way for which many newarchitectures and protocols are being invented. (Oppliger, 2016)(T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013) (Linn, 1993.  TransportLayer Security (TLS) plays a deeper role in protecting the data shared over theinternet. The main purpose of TLS is to provide privacy and integrity to thedata being shared by the server between two parties or applications. TLS is afully independent protocol and can be used for any level of procedures.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

TLS iscomposed of two layers TLS Record Protocol and TLS Handshake Protocol. TLSRecord Protocol make sure that the connection made to share the data over theinternet is secure, private and reliable and on the other side TLS HandshakeProtocol lets the server and client make any changes to the data before it’sgoing to be transmitted or received. The two main layers of TLS Record Protocolare privacy and integrity. To provide the privacy over the internet to the applicationsTLS use public key cryptography, bulk encryption algorithms and shared keytechniques. Public key cryptography is developed to prevent the data and canonly be used by the authorised user to encrypt the data. Bulk encryptionalgorithms used to provide integrity by creating a small methodical fingerprint of the conversation. Authentication is use to provide the digital certificationto the both private and public keys used to encrypt the data.

These digital certificateshold the private key which can be requested from a client (Oppliger, 2016)(T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013) (Linn, 1993. SecureSockets Layer (SSL) protocol is a default Internet protocol developed byNetscape in 1994 to secure the transmitted data and communication over theinternet.

The main purpose of SSL is to make sure the communication madebetween two parties over the Internet stays private and vital and SSLcertificate is key for the web server to establish a secure SSL connection.However, TLS and SSL both have similarities but have different standards. Onthe other side, the new TLS versions v1.1 and v1.2 helped to tackle the databreaches by BEAST attack in result the TLS has been stated as the most secureprotocol over the internet as it provides more stronger procedures andcryptographs. To configure a server, it is important to install the software’sthat supports the latest version of TLS and to configure a program a user caneither use TLS or SSL as both provide similar level of security as stated abovebut have different values. (Oppliger, 2016)(T.

Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013) (Linn, 1993. Five Development Stages Below arethe five development stages which were found during the research. All of thefive developments are ranked according to the level of integrity, privacy andsecurity has been provided.  1.     Change Cipher Spec Protocol ChangeCipher Spec Protocol deliver as a single message which is generated through thesecure communications made between a server and the client in the beginning.

The message is encrypted and compressed under the constant connection state.The message has value of 1 and is only a single byte long. The communicationmade between the server and the client to make sure that the new transmitteddata over the server to new destination is secured with the newly transferredCipher Spec and keys. The message is only transferred after all the security measureshas been met and further steps has taken to protect the communication duringthe handshake. If re-handshake occurs during the transmitting of data, theorganisations should use the old Cipher Spec but as soon the data has beendelivered it is must to use the new Cipher Spec. The transmission of data staysunidentified on the both sides, so none of the organisations can find out any updateabout the each other (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013).

 2.     SSL/TLS Handshake TLShandshake protocols main role is to exchange a session and has three subprotocols which allows them to agree upon the security parameters like anencryption algorithms for the record layer before sending the data. 48 bytes ofmaster secret shared data between client and a server.

SSL and TLS versions arethe two main bodies of the protocols. SSL 3.0 haven’t been changed since it wasdeveloped in 1995, however TLS 1.0 was developed in 1999 have some changes.Some security issues were changed in TLS 1.1 version after the development.

TLS1.2 added up with encryption and hashing algorithms after the developmentprocess (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013). ·       TLS 1.

0 was released in 1999 and wasthe first version to specify a PRF (use by master secret generation) based onthe standard HMRC and implemented as a combination (XOR) of HMAC-MD5 andHMAC-SHA. The verify_data and master secret is based on PRF instead of customconstruction.·       TLS 1.1 was released in 2006 and havesome changes in which CBC encryption used explicit IVs, Implementations usesbad_record_mac alert to reply to any problems etc.

·       TLS 1.2 was released in 2008 and anextra support added for the authenticated encryptions and HMAC-SHA256 ciphersuites. To accept or verify the hash algorithms, clients can use the newextension called signature_algorithms.

  Asingle hash was replaced form MD5/SHA1 which was used for digital signatures.After the new changes have been made, it allows the cipher suite to performtasks on their own. (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013). 3.

     ClientHello Clienthello is the first message which is sent in a new handshake and used tocollaborate the client abilities and partialities towards a server, when aclient first connects to a server.  Thismessage is send at the start of the new handshake as a reply to the new serverHelloRequest. Client Hello contains 32 bytes of data from which 28 bytes arerandomly produced and the left four bytes hold extra details partial by theclient clocks. Random data is shared throughout the handshake by the client anda server which helps to protect the data from vulnerabilities and therandomness is use to maintain the integrity and privacy of the data. The ClientHello message contains the client cipher list which was transferred from clientto a server. This cipher suit contains has four aspects such as a key exchangealgorithms, bulk encryption algorithm, MAC algorithm and PRF. If the list hasnot have the required suites or it is not acceptable, the server will send afailure message and will close the connection.

After completing all theprocess, a message is sent and the client waits for the ServerHello message,however if there is another message arrive from the server is preserved as afatal error. (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013). 4.     RSA Key Exchange The termRSA key exchange can define as that the client produces a premaster secretwhich is 64 bytes in size and remains stable for many years.

This secret can beencrypted by using the public key obtained from the server certificate andsends it to the ClientKeyExchange message. The premaster secret can be accessedby the server through decrypting the message TLS uses the RSAES-PKCS1-v1_5encryption scheme or anyone who have access to the consistent private key. Thepremaster secret can be decrypted by the attackers if the version is mismatchedor unacceptable as than the one required. Version mismatching and avoidingattack can be treated by formatting and randomise the premaster secretcompletely. (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013). 5.     Alert Protocol Anotification sends to the other side as a part of the communications known asalert.

The alerts are either used for an update and errors messages. During theshutdown, the error message used as they come with the exception ofclose_notify. The increase in warning level can result in termination of theconnection, however other connection must continue. These alert messages areencrypted, compressed and delivers the strictness of the message with adescription of alert. Below are the two fields of alert messages: – Struct {AlertLevel level;AlertDescription description;} Alert; TheAlertLevel contains the alert which can be a fatal or warning. TheAlertDescription contains the details of the alert such as it is a Trojan etc. (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013).

  Three critical development  Securingthe server is very important while transferring the sensitive data from oneplace to another over the internet. Since, the protocols are linked to the websources and servers so there are less chances of getting in trouble. To attainany records or access the data a digital certificate needed which can beobtained by Certification authority such as RSA Data Security. Below is thecritical analysis of three top ranked development stages. 1.     As explained above, Change CipherSpec Protocol delivers a single message which is generated through the securecommunications between a server and the client happened in the beginning. Themessage has value of 1 and is only a single byte long. For the integrity andprivacy, the message is only transferred after all the security measures hasbeen met and further steps has taken to protect the data before it Istransmitting.

Integrity and privacy are two pillars to keep the data secure andconfidential. The code below shows the method of delivering the single messagewith a value of 1.  struct {            enum {change_cipher_spec(1), (255) } type;} ChangeCipherSpec; The ChangeCipherSpec shows that the new data has been transferred to newdestination safe and secured. (T.

Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013). 2.     The main role of the TLS handshakeprotocol is to allow the communication between a client and the sever. It allowsthe peers to agree upon the security parameters like an encryption algorithmsfor the record layer before sending the data. Before the release of TLS version1.2 there were many issues related to the security, privacy and integrity. Theseissues were a gateway for the attackers to steal or encrypt the data.

But afterthe release of TLS 1.2 the issues were tackled down by using the new encryptionand block cipher methods. These encryption methods allow the client to storethe data until other part meets all the security requirements. (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013). 3.

     ClientHello delivers a singlemessage which protect the data breaches. The message is created by the clienton the web browser when he/she start to download and the message pop up. Themessage is generated by the ClientHello for notifying the client.

As themessage will only be delivered to the other party until all the securitymeasures are fully met. After, the data can be encrypted with the help of adigital certificate. (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013). Critical Evaluation  Increase innew technologies have put the security aspects privacy, integrity, authenticityand non-repudiation in critical condition. Privacy means that the data sharedover the internet by two parties must not be shared or accessed by third party.

Integrity detects any changes in the shared data between the time it wasreceived and sent. Change Cipher Spec Protocol deliver of a single messagewhich is generated through the secure communications made between a server andthe client in the beginning. The message has value of 1 and is only a singlebyte long.

  Authentication means thatdata is only accessible to those it has been authorised for. Non-repudiationprotects the data towards any claim by a third party stated as their role inreceipt of data. The communication made between the server and the client tomake sure that the new transmitted data over the server to new destination issecured with the newly transferred Cipher Spec and keys. The message is onlytransferred after all the security measures has been met and further steps hastaken to protect the communication during the handshake.

If re-handshake occursduring the transmitting of data, the organisations should use the old CipherSpec but as soon the data has been delivered it is must to use the new CipherSpec. The transmission of data stays unidentified on the both sides, so none ofthe organisations can find out any update about the each other. For theintegrity and privacy, the message is only transferred after all the securitymeasures has been met and further steps has taken to protect the data before itIs transmitting. Integrity and privacy are two pillars to keep the data secureand confidential.

The code below shows the method of delivering the singlemessage with a value of 1. The ChangeCipherSpec shows that the new data hasbeen transferred to new destination safe and secured. To maintain thesesecurity levels of the applications and software’s of new technologies whichare engaging in fast paced environment must be deliver to the public in secure,scalable and manageable way for which many new architectures and protocols arebeing invented. (T. Dierks Independent, 08/2008) (McKinley, 2003) (Ristic, 2013, Hale, 2013).

 References MCKINLEY, H.L. 2003.

SSl and TLS: A beginners guide. SANSInstitute. T.DIERKS INDEPENDENT, E.

R. 08/2008. TheTransport Layer Security (TLS) Protocol                                   Version 1.2 Online.Network Working Group. Available: https://tools.ietf.

org/html/rfc5246?as_url_id=AAAAAAWHHyHNlFlnC-fwVc0huJa81smMYzdJbo5PYcZJrk-hIpVE_iUDo2Q4lP1iK3BluBfUu1AY9K_ZM71YcxhYP6axAccessed 05/12 2017. RISTIC,I. 2013. Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKIto Secure Servers and Web Applications, Feisty Duck. LINN,J. 1993.

Privacy Enhancement for InternetElectronic Mail:          Part I: MessageEncryption and Authentication Procedures Online. Available: https://tools.ietf.org/html/rfc1421.htmlAccessed 01/12 2017.

 OPPLIGER, R.2016. SSL and TLS: Theory and Practice,Artech House.

x

Hi!
I'm Mia!

Don't know how to start your paper? Worry no more! Get professional writing assistance from me.

Check it out