BACKGROUND INFORMATION
Emerging technologies are quickly changing the ways in which we communicate and exchange information. Along with the speed, efficiency, and cost-saving benefits of the "digital revolution" come new challenges to the security and privacy of communications and information traveling across the global communications infrastructure.
In response to these challenges, the security mechanisms of traditional paper-based communications are being replaced by cryptographic security techniques. Through the use of cryptography, communication and information stored and transmitted by computers can be protected against interception to a high degree. Until recently, there was little commercial demand for encryption capabilities. Modern encryption technology was traditionally deployed to protect the confidentiality of military and diplomatic communications. With the advent of the computer revolution, and recent innovations in the science of encryption, a new market for cryptographic products has developed. Electronic communications are now widely used in the public economy and have become an integral component of the global economy. Computers store and exchange an increasing amount of highly personal information, including medical and financial data. In this electronic environment, the need for privacy-enhancing technologies is apparent. Communications applications such as electronic mail and electronic fund transfers require secure means of encryption and authentication -- features that can only be provided if cryptographic know-how is widely available and unencumbered by government regulation.
There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files. Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C. Cryptography can be strong or weak, as explained above. Cryptographic strength is measured in the time and resources it would require to recover the plaintext. PGP is also about the latter sort of cryptography, strong cryptography.
Cryptography works by a cryptographic algorithm, or cipher. A cipher is a mathematical function used in the encryption and decryption process. A cryptographic algorithm works in combination with a key a word, number, or phrase to encrypt the plaintext. The same plaintext encrypts to different cipher text with different keys. The security of encrypted data is entirely dependent on two things: the strength of the cryptographic algorithm and the secrecy of the key. A cryptographic algorithm, plus all possible keys and all the protocols that make it work comprises a cryptosystem. PGP is a cryptosystem.
In conventional cryptography, also called secret-key or symmetric-key encryption, one key is used for both encryption and decryption. The Data Encryption Standard (DES) is an example of a conventional cryptosystem that is widely employed by the Federal Government.
While modern cryptography is growing increasingly diverse, cryptography is fundamentally based on problems that are difficult to solve. A problem may be difficult because its solution requires some secret knowledge, such as decrypting an encrypted message or signing some digital document. The problem may also be hard because it is difficult to complete, such as finding a message that produces a given hash value.
Over the past few years, there has been a growing amount of business conducted over the Internet - this form of business is called electronic commerce or e-commerce. E-commerce is comprised of online banking, online brokerage accounts, and Internet shopping. One can book plane tickets, make hotel reservations, rent a car, transfer money from one account to another, buy compact disks, clothes, books and so on all while sitting in front of a computer. However, simply entering a credit card number on the Internet leaves one open to fraud. One cryptographic solution to this problem is to encrypt the credit card number when it is entered on-line; another is to secure the entire session. When a computer encrypts this information and sends it out on the Internet, it is incomprehensible to a third party viewer. Internet shopping center receives the encrypted information, decrypts it, and proceeds with the sale without fear that the credit card number slipped into the wrong hands. As more and more business is conducted over the Internet, the need for protection against fraud, theft, and corruption of vital information increases.
WORLD VIEWS ON ENCRYPTION
During the 1990's, the world has encountered an ever-growing problem with security encryption. The world countries have had to develop standards and guidelines for encryption procedures. Some countries vary according to each need. Some contain a very restricted and strongly enforced encryption policy, while others have a minimal encryption policy. The Electronic Privacy Information Center of Washington, DC conducted a worldwide research project studying the various world countries and their encryption policies. They flagged each country as a green, yellow, or red. The green flag signified that there is a minimal regulation on the imports and exports of the countries encrypted hardware and software guidelines. A yellow flag signified that there were some moderate encryption guidelines. And a Red flag signified that there is a strong encryption regulation and that all hardware and software products are strictly monitored.
U.S. LAWS
Over the past few years, the United States has tightened the regulation of encrypted products to and from the U.S. Fears of terrorist activities or, in general, activities that could jeopardize security within the U.S is a direct result of the regulations. Though, the US has lighted the regulation a bit within over the last year, several laws are trying to be passed in order for the government to be allowed access to any and all encrypted products. Since these laws have not been passed, currently there are no domestic use or import controls on cryptography in the United States. The Federal Bureau of Investigation has several times proposed legislation that would require all manufacturers of encryption products and network services to include key recovery or escrow mechanisms to enable "immediate decryption of communications or electronic information encrypted by such products or services on the public network." The FBI proposal would also empower the Attorney General to act as final arbiter of whether an encryption method conforms to government eavesdropping standards. No new technology with encryption mechanisms would be able to be manufactured, sold, resold, distributed or imported without the prior approval of the chief law enforcement official of the United States.
In the US, the export of non-military cryptographic hardware and software is administered by the Bureau of Export Administration (BXA), a component of the Department of Commerce. However, in 1996, the International Traffic in Arms Regulation governing the export of cryptography was overhauled. Responsibility for cryptography exports was transferred to the Department of Commerce from the Department of State. However, the Department of Justice is now part of the export review process. In addition, the National Security Agency (NSA) remains the final arbiter of whether to grant encryption products export licenses. On September 16, 1998 the government announced plans for revised export control requirements. On December 31, 1998, the BXA announced the new licensing requirements for cryptographic exports. The first of these is a key recovery agent requirement for license exception Key Management Infrastructure (KMI) eligibility for exports and re-exports of recovery encryption commodities and software were eliminated. Secondly, the Exports and re-exports of encryption commodities, software and technology, including source code of any key length, are also eligible under a license exception to U.S. subsidiaries for internal company proprietary use to all destinations except Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria. And thirdly, encryption commodities and software of any key length are authorized for on-line merchants in 45 countries. Such commodities and software must be limited to client-server applications (e.g., Secure Socket Layer (SSL) based applications) or applications specially designed for on-line transactions. However, these kind of regulations are leading to court rulings that state the constitutionally protect rights of its citizens are not being upheld. An example of this was in May 1999, a federal appeals court affirmed the judgment of a lower court and held that the Export Administration Regulations unconstitutionally limit the freedom to distribute encryption software.
WASSENAAR ARRANGEMENT
The United States, as the primary force behind the Wassenaar Arrangement and its predecessor COCOM, maintains export controls on cryptographic hardware and software products. The Wassenaar Arrangement is an agreement between thirty-three countries worldwide. This is an agreement on export controls for conventional arms and dual use goods and technologies. The participating states of the Wassenaar Arrangement are: Argentina, Australia, Austria, Belgium, Bulgaria, Canada, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Japan, Luxembourg, Netherlands, New Zealand, Norway, Poland, Portugal, Republic of Korea, Romania, Russian Federation, Slovak Republic, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom and United States. The Wassenaar Arrangement was established in order to contribute to regional and international security and stability, by promoting transparency and greater responsibility in transfers of conventional arms and dual-use goods and technologies, thus preventing destabilizing accumulations. Participating States seek, through their national policies, to ensure that transfers of these items do not contribute to the development or enhancement of military capabilities, which undermine these goals, and are not diverted to support such capabilities. The decision to transfer or deny transfer of any item will be the sole responsibility of each Participating State. All measures undertaken with respect to the arrangement will be in accordance with national legislation and policies and will be implemented on the basis of national discretion.
CHINA'S LAWS
In China, the encryption regulation in 1999 has been flagged at a green standard. Any hardware or software being imported or exported to or from China is allowed with various licenses that are approved by the Chinese government. The application must be filled out and filed with the government in advance by the corporations. After approval the State will allow for the corporations to engage in the business of importing and exporting encryption products. The licenses are valid for one year and afterwards an extension may be applied for.
EUROPE'S LAWS
In Europe, many of the large countries follow similar pattens for encryption regulation, except for Russia. Russia has a tight grip on the import and export of encrypted products. They monitor everything that is produced and used in the country. In both, 1999 and 1998, Russia has been a flag of red. The government of Russia prohibits the import of cryptographic products without a license. The President of Russia issued a law that prohibits all activities in the development, sale, and use of cryptography without a license issued by the Federal Agency for Government Communications and Information (FAPSI), Russia's equivalent of the NSA. Russia is a participant in the Wassenaar Arrangement and restricts the export of cryptographic hardware and software.
France has incorporated a lighter encryption regulation. They are flagged with a combination of yellow and green. This was a dramatic change from the previous year which used a combination of red and yellow. On January 19,11999, Prime Minister Lionel Jospin announced a dramatic cryptography policy change. He stated that the French government has allowed time to reflect on the security issue and decided to opt for a fundamental change of direction. This new direction aims to make the use of encryption totally permitted in France. This would allow for a total freedom of use with encryption products, with one restraint to maintain control over exports which result from France's international engagements. But the Government wished that the hindrances which handicap citizens who are anxious to protect the confidentiality of their exchanges, and the development of electronic commerce, be lifted without delay. French export control laws do not distinguish between tangible and intangible cryptographic products. The Commerce/NSA report states that "France has the most comprehensive crypto logic control and use regime in Europe, and possibly worldwide." A lot of the third world.
Germany has taken a passive approach for the regulation of their cryptography regulations. They are flagged as a green. Germany has been at the forefront of opposing restrictions on encryption. According to the Embassy of the Federal Republic of Germany in Washington and the Federal Ministry of Economics and Technology there are no controls on the use of encryption software or hardware. The import of encryption is not regulated as well. Export controls on encryption are comparable to those of the United States as they existed until early in 1997. The digital signature system mandated uses asymmetric encryption. This system requires a secret key to be held by the signer and a public key that is certified by a Certificate Authority. The encryption algorithm to be used is not defined in the law. This ensures the availability of reliable and strong encryption in Germany on a sustainable basis to guard the interests of German security and criminal prosecution authorities and to promote the strength of the market position of German producers of encryption systems.
Great Britain has eased their restrictions a bit with moving to a green-yellow combination. There are currently neither domestic use restrictions nor are there any import controls on encryption products in the United Kingdom. The UK has been the strongest supporter of the US's efforts to promote key escrow and limitations on encryption. Licensed service providers that provide encryption services are required to make recovery of keys (or other information protecting the secrecy of the information) possible through suitable storage arrangements. The Government intends to introduce legislation to enable law enforcement agencies to obtain a warrant for lawful access to information necessary to decrypt the content of communications or stored data. The United Kingdom also maintains export controls on cryptography pursuant to its participation in the Wassenaar Arrangement.
PUBLIC-KEY INFRASTRUCTURE
As the world increasingly turns to electronic business, electronic credentials that prove identity are becoming a necessity. Much like a drivers license proves identity in the offline world, public-key infrastructure (PKI) delivers a way to prove identity in the online world. PKI ensures that people are who they say they are and also proves that documents haven't been tampered with, which is critical when conducting online transactions, such as placing orders or transferring money. Here's a simplified look at these state-of-the-art passports to the online world.The magic of PKI occurs through the use of extremely long prime numbers, called keys. Two keys are involved - a private key, which only you have access to, and a public key, which can be accessed by anyone. The two keys work together, so a message scrambled with the private key can only be unscrambled with the public key and vice versa. The more digits in these keys, the more secure the process.
Just as you prove your identity through a handwritten signature offline, you use a digital signature to prove your identity online. But without seeing a person sign the document, how can you prove it's the right person?
This is where public-key cryptography comes in. A large piece of data set to be encoded - for instance, a document - is run through a complicated mathematical computation to generate a single large number, called a hash. The original data and the hash are inextricably linked. If either changes, the hash won't match and the message cannot be decoded.
To digitally sign a document, a hash is taken of the document and then signed with a user's (let's call him Curly) private key. These digital signitures contain many parts including the certificate holder's identity, the certificate serial number, a valid unchangeable date for the transaction, the certificate's expiration date, a copy of the certificate holder's public key, and the identity of the issuing certificate authority. Data scrambled with Curly's private key can only be unscrambled with Curly's public key. Any entity can verify the validity of the document by unscrambling the hash with Curly's public key and checking that against another hash computed from the received data.
If the hashes match, the data was not tampered with and Curly's digital signature is on it. But because I didn't watch Curly sign the document, I don't know that it wasn't signed by an imposter. This issue is solved because only Curly has his private key, and so he is the only one who could have signed the document.
How do I know I have the correct key to verify the signature? This is where the concept of trust enters the system, creating the need for a certificate authority to verify online identity. The certificate authority is like an online passport bureau - a trusted entity that makes the PKI system work. The private key is securely generated by Curly, and after verifying Curly's identity, the certificate authority signs Curly's public key with its own private root key. The combination of Curly's public key and the signature of the certificate authority completes Curly's digital certificate.Curly's digital certificate is his online passport, validated by the certificate authority's watermark.
Let's look at how all this works together in a simple transaction. Curly wants to send Alice a confidential e-mail. Curly would use Alice's public key, stored in her certificate, to scramble the message. When Alice receives the message, she uses her private key to unscramble it. Because no one else possess Alice's private key, only she can unscramble the message.
Like any security technology,
digital signatures used in the PKI model aren't perfect. If the certificate
authority's root key is stolen, then anyone can create digital certificates,
which compromises the trust level of the certificate authority and makes
all the certificates from that certificate authority null and void. Certificate
authorities go to great lengths to keep their keys secure, including armored
bunkers. Additionally, if Curly loses his private key, or if it's stolen,
then
anyone possessing the private key can pose as Curly.
More importantly, thousands of applications used throughout businesses need to be PKI-ready. Applications need to know how to ask Curly to sign data and how to validate the data using certificates. For PKI to become a widely used technology, it must become a transparent part of everyday software, so end users don't need to understand all the complexity behind keys, hashes and digital certificates.
SECRET KEYS
Secret keys are not nearly as neat as the earlier mentioned public key system. Secret keys are basically predetermined values for different characters. In a secret key system, only a few people are allowed to get the key. Secret keys are mainly known and possessed by two parties to send messages back and forth. This is a good system if only Curly and Alice are communicating but gets very complicated with more users to ensure privacy. If a key gets out in a secret key system, it is devastating to the privacy. If Larry were to possess the secret key in this system, he could encrypt and decrypt messages.
APPLICATION LAYER ENCRYPTION VS. NETWORK LAYER
Application layer encryption programs such as PGP encrypt only the user content of the message. Application layer encryption programs do not protect against tampering in transit and protection against resending the data. Network layer encryption allows the entire message including the original message header to be encrypted and a new header called the authentication header with a hop-count function is added. Between the authentication header and the hop-count function messages are almost guaranteed not to have undetected tampering. Application layer encryption may be enough protection from prying eyes for some but to be completely safe and to ensure authenticity network layer encryption should be used. Two examples of network layer encryption include IPSec and LDAP which will be discussed in detail later.
IPSEC
IPv4 relies on a 32 bit addressing scheme which when deployed was sufficient, but with recent growth a new addressing scheme is needed. As this is not an immediate concern and short term solutions have been made to prolong the availability of addresses while waiting for the transition to the new 128 bit addressing protocol IPv6.
A more urgent problem is data security or the lack of it. During the Internet's growth, it started attracting not only academic circles and research labs, but also banking, commerce, and business. These businesses provide a growing market area that has yet to be fully exploited. The lack of security is a major obstacle to fully exploiting the Internet's potential. IPv4 does not provide measures which assures data being received has not been altered or has been sent from the claimed source. The most often deployed practice of security is application layer security. PGP is an example of an application layer security program that is used. However PGP and other application layer security programs do not protect from all forms of attack, and does not encourage standardization.
Some companies have hid themselves behind firewalls to protect their computers from the cruel outside world. Firewalls work by analyzing the incoming packets of information and determine if they contain valid data. This might seem good, but firewalls restrict access to the outside world from within the LAN, by restricting the number and type of sites that can be visited.
Because of the need for an upgrade to IPv4 anyway, it was logical that the new version contain a native security system which would allow the users to communicate freely and securely. At the same time, it was realized that because the Internet is a vast and complex network, the transition to the new version of the protocol would not be immediate. Therefore, the security implementation would need to be compatible with and adaptable to IPv4.
WHAT IPSEC CAN DO
IPSec is a set of protocols being developed by the IETF to support secure exchange of packets at the IP layer. IPSec specifies ways for securing private information transmitted over public networks. Services supported by IPSec include confidentiality (encryption), autheniticity (proof of sender), integrity (detection of data tampering) and replay protection (defense against unauthorized resending of data). IPSec also specifies procedures for key management. Internet Key Exchange (IKE), the IPSec key management protocol, is a series of steps that establishes keys for encrypting and decypting information, and it defines a common language that communications between to computers will use. Since the Internet Engineering Task Force (IETF) is developing IPSec and IKE together, the way data protection is performed is being standardized. Thus, making it possible for security systems to be developed by different vendors to work together. IPSec has been tested on and works with Windows, Unix, Linux, and Macintosh systems.
AUTHENTICATION & INTEGRITY
Authentication guarantees that the data received is the same as the data that was sent and that the claimed sender is the actual sender. Integrity means that we are sure the transmitted data has arrived at destination without undetected alteration. The Authentication Header (AH) is a way of providing strong integrity and authentication for IP packets. It might also provide non-repudiation depending on which cryptographic algorithm is used and how keying is performed. The security is provided by adding authenticaiton information to the IP packet which is calculated using all of the fields in the IP packet. This includes not only the IP header but also the other headers and the user data basically all of the fields that do not change in transit. Fields not included are the hop-count field in IPv6 and the time-to-live field in IPv4.
Not surprisingly this system provides much better security than the current bare version of IPv4. Authentication might actually be sufficient for some users who do not require confidentiality (encryption). The argument for not using more security measures for some types of packets is the processing costs associated with computation of the additional data by the participating systems. The authentication data is carried in its own payload, so the systems not involved with authentication may ignore it.
When used with IPv6, the AH is normally placed after the Fragmentation and End-to-End headers, but before the ESP and TCP layer headers. In IPv4, AH is placed immediately after the IPv4 header. See the appendix for some examples of the IP header structures with and without the AH.
CONFIDENTIALITY
Confidentiality is the property of communicating so that the intended recipients know what was sent, but unintended parties cannot determine what was sent. This is commonly called encryption. IPSec provides encryption services through Encapsulation Security Payload (ESP). ESP can also provide data origin authentication, connectionless integrity, and anti-replay service. Encryption can be selected independent of all other services
IPSec encryption works in two basic ways. The first, transport mode, is the basic way IPSec is implemented. It is the direct relaying of protected data from computer to computer. Transport mode is used in devices that incorporate IPSec into the way they stack TCP/IP data. An example of this would be two computers in a peer to peer network communicating with IPSec enabled TCP/IP.
The second way IPSec works is tunnel mode. In tunnel mode, IP traffic generated by hosts without IPSec support is captured from the wire by a security device or gateway. As shown in the appendix, the gateway encapsulates the entire IP packet with IPSec encyption, including the original IP header. It then adds a new IP header to the data packet and sends it across the public network to a second gateway, where the information is decrypted and sent in its original form to the designated recipient.
Tunneling is performed by a virtual private network (VPN) device which resides at the entrance and exit points of a network. The device encrypts and authenticates outgoing traffic and decrypts and authenticates incoming data according to the methods outlined by IPSec.
Tunneling is used to create secure VPNs. It enables distributed private networks to communicate securely over untrusted public networks. When using tunneling over the Internet, companies can build low cost secure wide area networks (WANs), intranets and extranets at a fraction of the cost associated with traditional dedicated lines. VPNs implemented in non-Internet environments, such as frame relay networks, provide comprehensive protection for critical applications. Any way tunneling is configured; it will save money both in terms of reduced communication costs and prevented security breaches.
ENCRYPTION STRENGTH
The encryption and authentication
algorithms used for IPSec are the heart of the the system. They are directly
responsible for the strength the securtity system can provide. There are
however major drawbacks in this area. Since the Internet is a global network,
the IP should provide uniform security everywhere. Many countries as discussed
before either restrict or forbid the use of encryption algorithms. This
means that the IPSec algorithms must be able to balance between the legal
restrictions in use of strong encryption and authentication, and the one
that is available everywhere.
All host claiming to provide
IPSec services must implement the AH with at least the MD5 algorithm using
a 128-bit key as specified in the AH RFC. An implementation may support
other authentication algorithms in addition to keyed MD5. All ESP implementations
must support the use of the Data Encryption Standard (DES) in Cipher-Block
Chaining (CBC) mode as detailed in the ESP specification. Other cryptographic
algorithms and modes may also be implemented in addition to this mandatory
algorithm and mode. MD5 and DES-CBC should be set as default algorithms.
SECURITY ASSOCIATION
In order to use the security mechanisms, an agreement must be reached on how they are going to be used. Security Association (SA) is a set of security information relating to a given network connection or set of connections. The concept of a SA is fundamental to both the IP-ESP and the IP-AH. The combination of a given Security Parameter Index (SPI) and the destination address uniquely identify a particular SA. This model is required by the implementation of IPSec, which also supports other options. An SA normally includes the following parameters:
Required
Authentication algorithm
and algorithm mode is being used by the IP-AH.
Keys that are used with
the authentication algorithm are in use with the AH.
Encryption algorithm, algorithm
mode, and transform are being used with the IP-ESP.
Keys that are used with
the encryption algorithm are in use with the ESP.
Presence and size of a cryptographic
synchronization or initialization vector field for the encryption algorithm.
Recommended
The authentication algorithm
and mode are used with the ESP transform.
Authentication keys are
used with the authentication algorithm that is part of the the ESP transform.
The lifetime of the key
or time when the key change should occur.
The source addresses of
the SA.
The sensitivity level (ex.
Secret or Unclassified) of the protected data. Required for all systems
claiming to provide
multi-level
security.
A Security Association is normally one-way. An authenticated communication session between two hosts will normally have two SPIs in use, one in each direction.
MEMORY AND CPU CONSIDERATIONS
Packets that are processed by IPSec will be slower than packets that are processed through classic crypto, like PGP. There are several reasons for this and they may cause significant performance problems. One reason for performance problems is IPSec introduces packet expansion, which is more likely to require fragmentation and the corresponding reassembly of IPSec packets. Another reason for performance problems is encrypted packets will probably be authenticated, which means that there are two cryptographic operations being performed for every packet instead of one when using PGP. The final reason IPSec may experience performance problems is the authentication algorithms are slow. To minimize the impact of the crypto subsystem on the rest of the router, use Group 1 for Diffie-Hellman key exchanges within IKE, use MD5 as your hashing algorithm, and use longer lifetimes for keys. In tradeoff for this performance tuning, you might get weaker cryptography. Ultimately, it is up to the administrator and needed performance to determine which features of IPSec to use and which not to use.
IPSEC'S PUBLIC KEY
IPSec uses a public key system as discussed previously. These keys are relied upon for the authentication and encryption algorithms to be used with AH and ESP. With this dependency on public keys, there is a requirement for a public key infrastructure. Unfortunately at this time, there is no system for automatic key distribution. Work is currently underway on such a system, and manual key distribution must be used. Although manual key distribution is the most secure method to distribute keys and the simplest one, it does not scale well. Manual distribution can be used for LANs and some firewall systems, but is a short-term approach. For the lastest information or more details visit the IETF web site.
LDAP
A little history is warranted here. X.500 was meant to serve as a univeral, standards-based directory service, but it proved overly complicated and ran only on high-powered Unix machines. Most users at the time and now have PC-class platforms. So an alternative was needed.
LDAP (Lightweight Directory Access Protocol) began life as a low-cost, PC based front end for accessing X.500 directories. It furnished a subset of X.500's functionality. But as LDAP has matured, it has added features not found in X.500 and has moved into areas not addressed by the older spec, like API's and data formats. LDAP applications can be loosely grouped into three categories: those that locate network users and resources, those that manage resources, and those that authenticate and secure users and resources.
Directory services are fast becoming the key to the enterprise, allowing applications to locate the resources they need and enabling net managers to authenticate end-users. Corporate networkers need to be clear about what LDAP is capable of, where it's headed, and what it was not intended to do.
LDAP can save companies time and money. It can help network managers keep pace with the rising demand for directory services. New applications appear every day. But there are limits to what the protocol can do for distributed computing. Knowing what LDAP can and can't do is the only way to ensure proper implementation.
WHAT LDAP DOES DO
Currently LDAP has eight features and functions for defining or performing directory-related tasks like storage and retrieval. We will only go over the most important features of LDAP in this paper. Information models organized according to collections of attributes and values, define what kinds of data can be stored and how that data behaves. The information model, inherited almost unchanged from X.500, is extensible and almost any kind of new information can be added to a directory.
LDAP schema defines the actual data elements that can be stored in a particular server and how they relate to real-world objects. Collections of values and attributes representing objects such as countries, organizations, or people are defined in the standard. Also individualized servers can define new schema elements.
The security model spells out how information is secured against unauthorized access. In LDAP the directory acts as a gatekeeper and decides how has access to what. In this capacity LDAP performs to critical jobs. First it serves as a authentication database. Extensible authentication allows clients and servers to prove their identity to one another. LDAP uses the extensible simple authentication and security layer (SASL). LDAP also uses the secure sockets layer. Confidentiality and integrity also can be implemented, safeguarding the privacy of information and protecting against active attacks from hackers. Second, once the identity of a user has been established, LDAP controls access to resources, applications, and services using stored policies.
Like IPSec, LDAP permits network administrators to use their directories to implement public key infrastucture security. From the user's point of view, LDAP provides the directory in which the public keys of other users are found, enabling secure communication. From the administrator's point of view, LDAP directories are the way in which public keys can be centrally deployed and managed.
WHAT LDAP DOESN'T DO
LDAP is not a replacement for relational databases. LDAP lacks the heavy update, transaction processing, and reporting capabilities of these products. LDAP also doesn't offer two-phase commits, a true relational structure, or a relational query language like SQL. Using LDAP to implement an airline reservation system would be a serious mistake.
Second, it's not reasonable to expect LDAP to serve as a file system. Its information model is based on simple pairings of attributes and values. Thus, it's not well suited to the BLOB (binary large object) data that is managed by typical file systems. LDAP also is not optimized for write performance and is unable to furnish byte-range access to values. Finally, it does not have the locking semantics needed to read and write protect files.
Third, LDAP is not a stand-in for DNS, which is the world's largest distributed database. Although LDAP's abilities are a superset of DNS's--whose biggest job is translating application layer addresses to IP addresses--there is a good argument for leaving DNS alone. DNS is working well. Also, LDAP does not support the connectionless transport that DNS usually runs over. Ultimately, LDAP may have a role in managing or augmenting the information found in DNS. For example, it could link contact information to host information.
LDAP is not the ultimate directory protocol. Even as it grows to include stand-alone and replicated servers, LDAP should be thought of as a good method for accessing information from a variety of directories. With so many vendors (Lotus, IBM, Novell, and Microsoft, for example) adding support for LDAP in their directories, LDAP has a good chance of being the glue that ties together all of the information found in these directories for use on intranets. But if you're looking to combine disparate directory information with different schemas into a single meta-directory, you'll have to wait for other protocols or products.
CONCLUSION
Encryption will play an integral part of future communications technology,
as well as protect a person’s right to privacy. Legal barriers to encryption
are an intolerable sacrifice of freedom and privacy for a token, ineffectual
commitment to security.
I hope you found this helpful.
Works Cited
http://www.whatis.com
Costa, Peter. Nation, Ryan. "Encryption -The Future of Encryption." April 29, 1998.Internet URL: http://www.biz.uiowa.edu/class/6K180_park/Student-Reports/rnation/Future.htm
Hoffman, Alan. Vance, Eric. "Sides Debate Future of Encryption: Easy Answers Hard to Find."July 13, 1998. Internet URL:http://www.ljextra.com/securitynet/articles/0713encrypt.html
Kerstetter, Jim. Berinato, Scott. "Verifone to License New Encryption Engine." June 27, 1997 Internet URL:http://www.zdnet.com/zdnn/content/pcwk/1428/pcwk0067.html
Rosen, Arnold. "The Enigma Codes" March, 1998. Internet URL:http://www.sid.cam.ac.uk/members/html/pheon_2__the_enigma_codes.html
Morrissey, Tom. "Cryptography" Internet URL: http://sis.bris.ac.uk/~tm7733/encrypt.html
Anonymous. "RSA Labs FAQ - Is RSA Patented?" Internet URL:
http://www.rsa.com/rsalabs/faq/html/6-3-1.html
Moeller, Michael. "Crypto Man: RSA founder discuses future of encryption." January 24, 1997 Internet URL: http://www.zdnet.com/zdnn/content/pcwo/0124/pcwo0005.html
Berrman, Jerry."Testimony given before the U.S. House of Representatives Science, Space, and Technology Committee." May 3, 1994 Internet URL:http://www.eff.org/pub/Privacy/Digital_Telephony_FBI/berman_eff_clip-dt.testimony
Center for Democracy and Technology. (1992). U.S. Encryption
Policy,
Current Encryption Export Regulations. Available: www.cdt.org/crypto/admin/index.shtml
Commerce and ForeignTrade. (1997). Available: www.toad.com/dnssec/ear-734.3.txt
Encryption: the law enforcement view. (1999). Available: news.bbc.co.uk/hi/english/special_report 1999/03/99/economy/newsid_290000/290952.stm
International Traffic in Arms Regulations. (1997). Available: jya.com/itar.htm
Mills, Elinor. (1998). U.S. government to set new
standard for encryption.
Available: www.cnn.com/TECH/computing/9808/25/govencrypt.idg/
National Bureau of Standards. (1992).
What is DES? Available: www.thenextwave.com/page19.html
Office of the Press Secretary. (1998). Statement By The
Press Secretary,
Administration Updates Encryption Policy. Available: www.cdt.org/crypto/admin/whousepress091698.html
PGP 5.0 Exported. (1997). Available: mail.telstar.net/mirror/pgp/pgp50.shtml
RSA Data Security Conference. (1999). RSA Code-Breaking
Contest Again
Won by Distributed.Net and Electronic Frontier Foundation (EFF).
Available:
www.rsa.com/pressbox/html/990119-1.html
Safety and Freedom through Encryption (SAFE) Bill. (1999).
Available:
www.epic.org/crypto/legislation/safe_bill_106.html