currently, attacker's job is getting easier
(all data types are digitalized and intergrated in internet)
security can applied at various points(layers) in network
content, headers are encrypted
e.g.)wired : ethernet, wireless : WEP, 802.11i, 802.1x
all data from one node(one IP) to another are encryted
provides authentication, confidentiality, key management
e.g.) IPsec, VPNs
includes protocol mechanisms to enable two TCP users to dtermine the security mechanisms and services they will use.
e.g) SSL(Secure Socket Layer), SSH(Secure Shell), HTTPS(HTTP on SSL)
Software | Hardware | |
---|---|---|
Pros | cheap to reproduce and distribute | faster processing / temper-resistant(harder to break), 'token' can be carried by user |
Cons | almost impossible to protect secret parameters(ex)encryption keys) if an attacker has access to the device | more expensive |
some level of approval can only be obtained with hardware!