IP Security

Ξ May 31st, 2007 | → 14 Comments | ∇ Security, Technology |

ipsec.jpgYou cannot talk about VPNs without saying something about IP Security (IPSec). IPSec is a framework of open standards. It is not bound to any specific encryption or authentication algorithm keying technology. IPSec acts on the network layer, where it protects and authenticates IP packets between participating peers such as firewalls, routers, or concentrators. IPSec security provides four major functions:

  • Confidentiality The sender can encrypt the packets before transmitting them across the network. If such a communication is intercepted, it cannot be read by anybody.
  • Data integrity The receiver can verify whether the data was changed while traveling the Internet.
  • Origin authentication The receiver can authenticate the source of the packet.
  • Antireplay protection The receiver can verify that each packet is unique and is not duplicated.

Encryption
When packets are traveling on the Internet, they are vulnerable to eavesdropping. Clear-text messages can be intercepted and read by anybody. Therefore, to keep the data secure, it can be encrypted. For encryption to work, both the sender and the receiver need to know the rules that were used to encrypt the original message. There are two types of encryption:

  • Symmetric
  • Asymmetric

With symmetric key encryption, each peer uses the same key to encrypt and decrypt data. With asymmetric key encryption, each peer uses a different key to encrypt and decrypt the message. Both the Data Encryption Standard (DES) and Triple DES (3DES) require a symmetric shared secret key. The problem is then to give those keys to both users. The keys can be sent by mail, courier, or public key exchange. The easiest method to exchange the key is Diffie-Hellman public key exchange. This key exchange provides a way for the users to establish a shared secret key, which only they know, although they are sending it over an insecure channel.

Public key cryptosystems rely on a two-key system:

  • A public key, which is exchanged between the users
  • A private key, which is kept secret by the owners
  • (more…)

 

Pengenalan General Packet Radio Service (GPRS)

Ξ May 1st, 2007 | → 10 Comments | ∇ Technology, Wireless |

GPRS adalah jasa baru yang di desain untuk jaringan GSM (Global System for Mobile Communications). GSM adalah teknologi selular digital yang digunakan seluruh dunia (worldwide), dominan di Eropa dan Asia, dengan perkiraan jumlah pelanggan saat ini 400 juta dan terus bertambah. GSM adalah “world’s leading standard” di dunia komunikasi wireless digital.

GPRS distandarisasi oleh European Telecommunications Standards Institute (ETSI). Aplikasi yang diharapkan banyak digunakan pada GPRS adalah akses internet/intranet.

GPRS mempunyai 2 elemen jaringan:

SGSN — Mengirimkan dan menerima data dari mobile stations, dan “maintain information” tentang lokasi mobile station (MS). SGSN melakukan komunikasi antara MS dan GGSN.

GGSN — “wireless gateway” yang memungkinkan pengguna “mobile cell-phone” mengakses “public data network (PDN)” atau “specified private IP networks”.

Gambar berikut memperlihatkan “basic GPRS network components”, serta fungsinya yang umum digunakan pada jaringan GPRS.

GPRS Component

“User sessions” terhubung dari mobile station (MS) ke Base Transceiver Station (BTS), yang juga terhubung ke Base Station Controller (BSC). Kombinasi fungsi dari BTS dan BSC sering dikenal sebagai Base Station Subsystem (BSS). Dari sini, SGSN menyediakan akses ke GGSN, yang berperan sebagai gateway ke “data network”. (more…)