Internet security is part of a special computer security
related to the Internet, which protects the security of the browser but also
protects other applications and operating systems that exist on the computer
from virus attacks that enter through the internet at the moment we're using
the browser. The goal is to establish rules and measures to counter attacks
through the Internet. Internet is not secure channel to exchange information
that leads to a high risk of interference or fraud, such as different
phishing.Metode has been used to protect the transfer of data, including
encryption.
Types of security
Network layer security
TCP/IP can be made secure with the help of cryptographic
methods and protocols that have been developed for securing communications on
the Internet. These protocols include SSL and TLS for web traffic, PGP for
email, and IPsec for the network layer security.
IPsec Protocol
This protocol is designed to protect communication in a
secure manner using TCP/IP. It is a set of security extensions developed by
IETF, and it provides security and authentication at the IP layer by using
cryptography. To protect the content, the data is transformed using encryption
techniques. There are two main types of transformation that form the basis of
IPsec: the Authentication Header (AH) and Encapsulating Security Payload (ESP).
These two protocols provide data integrity, data origin authentication, and
anti-replay service. These protocols can be used alone or in combination to
provide the desired set of security services for the Internet Protocol (IP)
layer.
The basic components of the IPsec security architecture are
described in terms of the following functionalities:
- Security protocols for AH and ESP
- Security association for policy management and traffic processing
- Manual and automatic key management for the internet key exchange (IKE)
- Algorithms for authentication and encryption
The set of security services provided at the IP layer
includes access control, data origin integrity, protection against replays, and
confidentiality. The algorithm allows these sets to work independently without
affecting other parts of the implementation. The IPsec implementation is
operated in a host or security gateway environment giving protection to IP
traffic.
Security token
Electronic mail security (E-mail)
Email messages are composed, delivered, and stored in a
multiple step process, which starts with the message's composition. When the
user finishes composing the message and sends it, the message is transformed
into a standard format: an RFC 2822 formatted message. Afterwards, the message
can be transmitted. Using a network connection, the mail client, referred to as
a mail user agent (MUA), connects to a mail transfer agent (MTA) operating on
the mail server. The mail client then provides the sender’s identity to the
server. Next, using the mail server commands, the client sends the recipient
list to the mail server. The client then supplies the message. Once the mail
server receives and processes the message, several events occur: recipient
server identification, connection establishment, and message transmission.
Using Domain Name System (DNS) services, the sender’s mail server determines
the mail server for the recipient. Then, the server opens up a connection to
the recipient mail server and sends the
message employing a process similar to that used by the originating client,
delivering the message to the recipient.
- Pretty Good Privacy (PGP)
PGP provides confidentiality by encrypting messages to be
transmitted or data files to be stored using an encryption algorithm such 3DES
or CAST-128. Email messages can be protected by using cryptography in various
ways, such as the following:
- Signing an email message to ensure its integrity and confirm the identity of its sender.
- Encrypting the body of an email message to ensure its confidentiality.
- Encrypting the communications between mail servers to protect the confidentiality of both the message body and message header.
The first two methods, message signing and message body
encryption, are often used together; however, encrypting the transmissions
between mail servers is typically used only when two organizations want to
protect emails regularly sent between each other. For example, the
organizations could establish a virtual private network (VPN) to encrypt the
communications between their mail servers over the Internet. Unlike methods
that can only encrypt a message body, a VPN can encrypt entire messages,
including email header information such as senders, recipients, and subjects.
In some cases, organizations may need to protect header information. However, a
VPN solution alone cannot provide a message signing mechanism, nor can it
provide protection for email messages along the entire route from sender to
recipient.
- Multipurpose Internet Mail Extensions (MIME)
MIME transforms non-ASCII data at the sender's site to
Network Virtual Terminal (NVT) ASCII data and delivers it to client's Simple
Mail Transfer Protocol (SMTP) to be sent through the Internet. The server SMTP
at the receiver's side receives the NVT ASCII data and delivers it to MIME to
be transformed back to the original non-ASCII data.
- Secure/Multipurpose Internet Mail Extensions (S/MIME)
S/MIME provides a consistent means to securely send and
receive MIME data. S/MIME is not only limited to email but can be used with any
transport mechanism that carries MIME data, such Hypertext Transfer Protocol
(HTTP)
- Message Authentication Code
A Message Authentication Code is a cryptography method that
uses a secret key to encrypt a message. This method outputs a MAC value that
can be decrypted by the receiver, using the same secret key used by the sender.
The Message Authentication Code protects both a message's data integrity as
well as its authenticity.
This is the Colaborative Internet Security Network
This is the example one of the best Internet Security "Kaspersky Internet Security"
