Basic Security Requirements and Techniques

Just as the threats outlined above can be traced back to a few archetypal forms of attack, basic security properties can also be classified into a few fundamental building blocks. These properties can be combined to satisfy more complex security requirements:

Confidentiality

Stored or transmitted information cannot be read or altered by an unauthorized party.

Integrity

Any alteration of transmitted or stored information can be detected.

Authenticity

The identity of the provider of information (in some cases, the identity of the intended receiver as well) can be proven.

Obligation

A specified action such as sending, receiving, or deleting of information cannot be denied by any of the parties involved.

These security requirements need to be provided by two basic security elements: encryption (to provide confidentiality) and secure checksums (to provide integrity). Suitable combinations of these two elements may then be used to provide more complex services, such as authenticity and obligation.

The oldest form of encryption is usually termed symmetric encryption , which requires the sender and recipient to agree on a shared secret (i.e., a key or password), which is then used to encrypt and decrypt the information exchanged (see Figure 5-2). A large number of symmetric cryptosystems have been devised over the centuries, but despite their growing strength against cryptanalysis, they share two substantial operational shortcomings. The first ...

Get IPv6 Essentials now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.