COLLEGE OF ENGINEERING AND TECHNOLOGY

DEPARTMENT OF INFORMATION TECHNOLOGY

Group Assignment

Course title:
Course code:
Instructor name:

Member name ID
1.Bona Abdisa su1400920
2. Bilise dibara su14
3. Getnet getu su140
4.Husen ali su140
5.Humed mohammad su140
 Table Content
1. Network Security ....................................................................................................... 1
Network Security .....................................................................................................2
1.1 How Does Network Security Work? .................................................................2
1.2 Types of Network Security ............................................................................... 3
2. TCP/IP Protocol Stack ............................................................................................... 5
2.1 Layers of the TCP/IP Protocol Stack ................................................................ 6
3. cryptography and Public key cryptography ............................................................... 7
3.1 Cryptography .....................................................................................................7
1. Symmetric Key Cryptography ............................................................................ 8
2.Asymmetric Key Cryptography ........................................................................... 9
3.2 Public Key Cryptography ..................................................................................9

I
1. Network Security

Network security is the protection of the network and data from unauthorized access,
misuse, or theft. It involves using both hardware and software technologies to create
and enforce rules and configurations. Network security aims to prevent, detect and
monitor threatsand ensure the integrity, confidentiality and availability of the network
and data.
Any action intended to safeguard the integrity and usefulness of your data and
network is known as network security. In other words, Network security is defined
as the activity created to protect the integrity of your network and data.

Network security is the practice of protecting a computer network from

unauthorized access, misuse, or attacks. It involves using tools, technologies, and
policies to ensure that data traveling over the network is safe and secure, keeping
sensitive information away from hackers and other threats.

In today’s digital landscape, network security has become a crucial aspect of IT

infrastructure. As organizations store vast amounts of sensitive information, including
customer data, financial records, and intellectual property, protecting this information
is vital to ensure business continuity and prevent data breaches.

1
 Network Security

1.1 How Does Network Security Work?

Network security uses several layers of protection, both at the edge of the network
and within it. Each layer has rules and controls that determine who can access
network resources. People who are allowed access can use the network safely, but
those who try to harm it with attacks or other threats are stopped from doing so.

The basic principle of network security is protecting huge stored data and networks
in layers that ensure the bedding of rules and regulations that have to be
acknowledged before performing any activity on the data. These levels are:

Physical Network Security: This is the most basic level that includes protecting the
data and network through unauthorized personnel from acquiring control over the
confidentiality of the network. The same can be achieved by using devices like
biometric systems. Focuses on protecting physical hardware and infrastructure from
unauthorized access or damage.

Examples: Surveillance cameras, Biometric access control, Locked server rooms, and
Security guards.

2
Technical Network Security: It primarily focuses on protecting the data stored in the
network or data involved in transitions through the network. This type serves two
purposes. One is protected from unauthorized users, and the other is protected from
malicious activities. Protects data as it moves through the network and ensures secure
communication.

Examples: Firewalls, Encryption, Antivirus software, and Intrusion Prevention

Systems (IPS).

Administrative Network Security: This level of network security protects user

behavior like how the permission has been granted and how the authorization
process takes place. This also ensures the level of sophistication the network might
need for protecting it through all the attacks. This level also suggests necessary
amendments that have to be done to the infrastructure.

Involves policies, procedures, and controls that define user access, roles, and security
protocols.

Examples: Password policies, Access control rules, User behavior monitoring, and
Security training.

1.2 Types of Network Security

There are several types of network security through which we can make our network
more secure, Your network and data are shielded from breaches, invasions, and
other dangers by network security. Here below are some important types of network
security:

Email Security

Email Security is defined as the process designed to protect the Email Account and
its contents safe from unauthorized access. For Example, you generally see, fraud
emails are automatically sent to the Spam folder. because most email service
providers have built-in features to protect the content.

The most common danger vector for a security compromise is email gateways.
Hackers create intricate phishing campaigns using recipients’ personal information

3
and social engineering techniques to trick them and direct them to malicious
websites. To stop critical data from being lost, an email security programme restricts
outgoing messages and stops incoming threats.

Network Segmentation

Network traffic is divided into several categories by software-defined segmentation,

which also facilitates the enforcement of security regulations. Ideally, endpoint
identity—rather than just IP addresses—is the basis for the classifications. To
ensure that the appropriate amount of access is granted to the appropriate
individuals and that suspicious devices are controlled and remediated, access
permissions can be assigned based on role, location, and other factors.

Access Control

Your network should not be accessible to every user. You need to identify every
user and every device in order to keep out any attackers. You can then put your
security policies into effect. Non-compliant endpoint devices might either have their
access restricted or blocked. Network access control (NAC) is this process.

Sandboxing

Sandboxing is a cybersecurity technique in which files are opened or code is

performed on a host computer that simulates end-user operating environments in a
secure, isolated environment. To keep threats off the network, sand-boxing watches
the code or files as they are opened and searches for harmful activity.

Cloud Network Security

This is very vulnerable to the malpractices that few unauthorized dealers might
pertain to. This data must be protected and it should be ensured that this protection
is not jeopardized by anything. Many businesses embrace SaaS applications for
providing some of their employees the allowance of accessing the data stored in the
cloud. This type of security ensures creating gaps in the visibility of the data.

4
Workloads and applications are no longer solely housed in a nearby data centre on-
site. More adaptability and creativity are needed to protect the modern data centre as
application workloads move to the cloud.

Web Security

A online security solution will restrict access to harmful websites, stop web-based
risks, and manage staff internet usage. Your web gateway will be safeguarded both
locally and in the cloud. “Web security” also include the precautions you take to
safeguard your personal website

2. TCP/IP Protocol Stack

The TCP/IP model is a fundamental framework for computer networking, consisting

of four layers: the Link Layer, the Internet Layer, the Transport Layer, and the
Application Layer. Each layer has specific functions that help manage different
aspects of network communication, ensuring reliable data transmission between
devices.
The TCP/IP Protocol Stack is a set of communication protocols that enables devices
to connect and communicate over the internet or any network. It organizes network
communication into multiple layers, each responsible for specific tasks. TCP/IP
stands for Transmission Control Protocol/Internet Protocol, the two core protocols
that define how data is transmitted across networks.
TCP/IP Stack is specifically designed as a model to offer highly reliable and end-to-
end byte stream over an unreliable internetwork.

5
2.1 Layers of the TCP/IP Protocol Stack

The TCP/IP model has four layers, each serving a distinct purpose:

Application Layer:

This layer interacts directly with the user and provides services such as email, web
browsing, and file transfers.

Protocols Used: HTTP, FTP, SMTP, DNS, POP3.

Transport Layer:

Ensures reliable data transmission between devices by managing data flow and error
handling.

Protocols Used: TCP (ensures reliable, connection-oriented communication)

UDP (provides fast, connectionless communication with no guarantee of delivery).

Internet Layer (Network Layer):

Responsible for logical addressing, packet routing, and forwarding data across
networks.

Protocols Used: IP, ICMP, ARP, IGMP.

Network Access Layer (Link Layer):

Manages data transmission over physical hardware like cables, switches, and routers.

Protocols Used: Ethernet, Wi-Fi, PPP.

6
3. cryptography and Public key cryptography

3.1 Cryptography

Cryptography is a technique of securing information and communications through

the use of codes so that only those persons for whom the information is intended can
understand and process it. Thus, preventing unauthorized access to information. The
prefix “crypt” means “hidden” and the suffix “graphy” means “writing”. In
Cryptography, the techniques that are used to protect information are obtained from
mathematical concepts and a set of rule-based calculations known as algorithms to
convert messages in ways that make it hard to decode them. These algorithms are
used for cryptographic key generation, digital signing, and verification to protect
data privacy, web browsing on the internet and to protect confidential transactions
such as credit card and debit card transactions.

Cryptography is the practice of securing information by converting it into an

unreadable format to prevent unauthorized access. It involves techniques that ensure
data confidentiality, integrity, and authenticity. Cryptography is widely used in
communication, online transactions, data protection, and secure access systems.

The foundation of cryptography lies in mathematical algorithms and complex keys

that scramble data, making it difficult for unauthorized users to decode without the
proper key. Modern crypto-graphic methods provide robust security for sensitive
information, such as passwords, credit card details, and personal data.

Cryptography is crucial in ensuring secure communication over insecure networks

such as the internet. It protects data both in transit (during transmission) and at rest
(when stored). For example, messaging apps use end-to-end encryption to protect

7
conversations from being intercepted, while online banking platforms employ
encryption protocols to secure financial transactions.

Cryptography also includes hashing algorithms, which are used to verify data integrity
by generating unique hash values that detect changes in the original data. This
technique is essential in password storage, digital signatures, and data verification
processes.

There are two main types of cryptographic techniques: Symmetric Encryption (where
the same key is used for encryption and decryption) and Asymmetric Encryption
(which involves a public and private key for added security). Both methods play a
vital role in protecting sensitive information.

1. Symmetric Key Cryptography

It is an encryption system where the sender and receiver of a message use a single
common key to encrypt and decrypt messages. Symmetric Key cryptography is
faster and simpler but the problem is that the sender and receiver have to somehow
exchange keys securely.

Symmetric Key Cryptography

8
2.Asymmetric Key Cryptography

In Asymmetric Key Cryptography, a pair of keys is used to encrypt and decrypt

information. A sender’s public key is used for encryption and a receiver’s private
key is used for decryption. Public keys and Private keys are different. Even if the
public key is known by everyone the intended receiver can only decode it because
he alone knows his private key. The most popular asymmetric key cryptography
algorithm is the RSA algorithm.

Asymmetric Key Cryptography

3.2 Public Key Cryptography

Public key cryptography is a method of secure communication that uses a pair of

keys, a public key, which anyone can use to encrypt messages or verify signatures,
and a private key, which is kept secret and used to decrypt messages or sign
documents. This system ensures that only the intended recipient can read an
encrypted message and that a signed message truly comes from the claimed
sender. Public key cryptography is essential for secure internet communications,
allowing for confidential messaging, authentication of identities, and verification of
data integrity.

 One algorithm is used for encryption and a related algorithm decryption with
pair of keys, one for encryption and other for decryption.
 Receiver and Sender must each have one of the matched pair of keys (not
identical) .
 One of the two keys must be kept secret.

9
 If one of the key is kept secret, it is very impossible to decipher message.
 Knowledge of the algorithm plus one of the keys plus samples of ciphertext
must be impractical to determine the other key.

10