Chapter 15
Security
We begin this chapter with a discussion of basic concepts (Section 15.1), including abstract models for network security and typical types of attacks and defenses in the field. Then we briefly introduce cryptography (Section 15.2), since cryptography provides the building blocks for network security protocols, which we discuss in Section 15.3, with an emphasis on IPSec. We round off the chapter with an examination of wireless security (Section 15.4), focusing especially on cellular and WiFi security.
15.1 Basic Concepts
Security is a large field that includes system, network, and physical security. By physical security we mean securing the cables and the network and computing equipment to prevent an attacker from “walking right in” and using consoles in a secure area, tapping cables, and so on. We discuss physical security briefly in Section 16.3.3. When using system security, we could include everything, including network and physical security, but often it is used to refer to securing the operations of machines such as routers and servers. Thus, system security is about defending against malicious code that seeks to subvert the regular functioning of the machine (e.g., viruses, trojans, rootkits). System security is also about defending against unauthorized access to services provided by the machine (i.e., against password crackers). By network security or communication security, we mean securing communications over a network from such attacks as modification ...
