lOMoAR cPSD| 31622326

Internet protocols

The Internet Protocol (IP) is the method or protocol by which data is sent from one
computer to another on the Internet. Each computer (known as a host) on the
Internet has at least one IP address that uniquely identifies it from all other
computers on the Internet. IP information is attached to each packet, and this
information helps routers to send packets to the right place. Every device or domain
that connects to the Internet is assigned an IP address, and as packets are directed
to the IP address attached to them, data arrives where it is needed.

What is TCP/IP?
TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a suite of
communication protocols used to interconnect network devices on the internet.
TCP/IP is also used as a communications protocol in a private computer network
(an intranet or extranet).

The entire IP suite -- a set of rules and procedures -- is commonly referred to as

TCP/IP. TCP and IP are the two main protocols, though others are included in the
suite. The TCP/IP protocol suite functions as an abstraction layer between internet
applications and the routing and switching fabric.

TCP/IP specifies how data is exchanged over the internet by providing end-to-end
communications that identify how it should be broken into packets, addressed,
transmitted, routed and received at the destination. TCP/IP requires little central
management and is designed to make networks reliable with the ability to recover
automatically from the failure of any device on the network.

The two main protocols in the IP suite serve specific functions. TCP defines how
applications can create channels of communication across a network. It also manages
how a message is assembled into smaller packets before they are then transmitted
over the internet and reassembled in the right order at the destination address.
 lOMoAR cPSD| 31622326

IP defines how to address and route each packet to make sure it reaches the right
destination. Each gateway computer on the network checks this IP address to
determine where to forward the message.

A subnet mask tells a computer, or other network device, what portion of the IP
address is used to represent the network and what part is used to represent hosts, or
other computers, on the network.

Network address translation (NAT) is the virtualization of IP addresses. NAT helps

improve security and decrease the number of IP addresses an organization needs.

Common TCP/IP protocols include the following:

● Hypertext Transfer Protocol (HTTP) handles the communication between a

web server and a web browser.
● HTTP Secure handles secure communication between a web server and a
web browser.
● File Transfer Protocol handles transmission of files between computers.
How does TCP/IP work?
TCP/IP uses the client-server model of communication in which a user or machine (a
client) is provided a service, like sending a webpage, by another computer (a server) in
the network.

Collectively, the TCP/IP suite of protocols is classified as stateless, which means each
client request is considered new because it is unrelated to previous requests. Being
stateless frees up network paths so they can be used continuously.

The transport layer itself, however, is stateful. It transmits a single message, and its
connection remains in place until all the packets in a message have been received and
reassembled at the destination.

The TCP/IP model differs slightly from the seven-layer Open Systems Interconnection
(OSI) networking model designed after it. The OSI reference model defines how
applications can communicate over a network.

Why is TCP/IP important?

TCP/IP is nonproprietary and, as a result, is not controlled by any single company.
Therefore, the IP suite can be modified easily. It is compatible with all operating
 lOMoAR cPSD| 31622326

systems (OSes), so it can communicate with any other system. The IP suite is also
compatible with all types of computer hardware and networks.

TCP/IP is highly scalable and, as a routable protocol, can determine the most efficient
path through the network. It is widely used in current internet architecture.

The 4 layers of the TCP/IP model

TCP/IP functionality is divided into four layers, each of which includes specific
protocols:

1. The application layer provides applications with standardized data

exchange. Its protocols include HTTP, FTP, Post Office Protocol 3, Simple
Mail Transfer Protocol and Simple Network Management Protocol. At the
application layer, the payload is the actual application data.
2. The transport layer is responsible for maintaining end-to-end
communications across the network. TCP handles communications
between hosts and provides flow control, multiplexing and reliability. The
transport protocols include TCP and User Datagram Protocol, which is
sometimes used instead of TCP for special purposes.
3. The network layer, also called the internet layer, deals with packets and
connects independent networks to transport the packets across network
boundaries. The network layer protocols are IP and Internet Control Message
Protocol, which is used for error reporting.
4. The physical layer, also known as the network interface layer or data link
layer, consists of protocols that operate only on a link -- the network
component that interconnects nodes or hosts in the network. The protocols
in this lowest layer include Ethernet for local area networks and Address
Resolution Protocol.
Uses of TCP/IP
TCP/IP can be used to provide remote login over the network for interactive file transfer
to deliver email, to deliver webpages over the network and to remotely access a server
host's file system. Most broadly, it is used to represent how information changes form
as it travels over a network from the concrete physical layer to the abstract application
layer. It details the basic protocols, or methods of communication, at each layer as
information passes through.

Pros and cons of TCP/IP

The advantages of using the TCP/IP model include the following:
 lOMoAR cPSD| 31622326

● helps establish a connection between different types of computers;

● works independently of the OS;
● supports many routing protocols;
● uses client-server architecture that is highly scalable;
● can be operated independently;
● supports several routing protocols; and
● is lightweight and doesn't place unnecessary strain on a network or
computer.

The disadvantages of TCP/IP include the following:

● is complicated to set up and manage;

● transport layer does not guarantee delivery of packets;
● is not easy to replace protocols in TCP/IP;
● does not clearly separate the concepts of services, interfaces and protocols,
so it is not suitable for describing new technologies in new networks; and
● is especially vulnerable to a synchronization attack, which is a type of denial-
of-service attack in which a bad actor uses TCP/IP.
How are TCP/IP and IP different?
There are numerous differences between TCP/IP and IP. For example, IP is a low-level
internet protocol that facilitates data communications over the internet. Its purpose is
to deliver packets of data that consist of a header, which contains routing information,
such as source and destination of the data, and the data payload itself.

IP is limited by the amount of data that it can send. The maximum size of a single IP
data packet, which contains both the header and the data, is between 20 and 24 bytes
long. This means that longer strings of data must be broken into multiple data packets
that must be independently sent and then reorganized into the correct order after they
are sent.

Since IP is strictly a data send/receive protocol, there is no built-in checking that

verifies whether the data packets sent were actually received.

In contrast to IP, TCP/IP is a higher-level smart communications protocol that can do

more things. TCP/IP still uses IP as a means of transporting data packets, but it also
connects computers, applications, webpages and web servers. TCP understands
 lOMoAR cPSD| 31622326

holistically the entire streams of data that these assets require in order to operate, and
it makes sure the entire volume of data needed is sent the first time. TCP also runs
checks that ensure the data is delivered.

As it does its work, TCP can also control the size and flow rate of data. It ensures that
networks are free of any congestion that could block the receipt of data.

An example is an application that wants to send a large amount of data over the
internet. If the application only used IP, the data would have to be broken into multiple
IP packets. This would require multiple requests to send and receive data, since IP
requests are issued per packet.

With TCP, only a single request to send an entire data stream is needed; TCP handles
the rest. Unlike IP, TCP can detect problems that arise in IP and request retransmission
of any data packets that were lost. TCP can also reorganize packets so they get
transmitted in the proper order -- and it can minimize network congestion. TCP/IP
makes data transfers over the internet easier.

TCP Header Diagram

The diagram of TCP Header is shown below:

TCP Header Format

The TCP header format is classified into various fields that are as follows:
 lOMoAR cPSD| 31622326

● Source port
● Destination port
● Sequence number
● Acknowledgement number
● HLEN
● Control Flag Bits
● Window size
● Checksum
● Options
● Source Port

It defines the port number of the application program in the sender’s host. The source
port is 16 bits in size.
Destination Port
It defines the port number of the application program in the receiver’s host. The
destination port is 16 bits in size.
Sequence Nnmber
It conveys to the receiving host which octet in this sequence comprises the first byte in
the segment. The sequence number is a 32-bit field. TCP assigns a unique sequence
number to each byte of data contained in the TCP segment.
Acknowledgement Number
The acknowledgement number specifies the sequence number of the next octet that
the receiver expects to receive. The acknowledgement number is a 32bit field. During
the three-way handshake, the request segment is sent for connection establishment.
HLEN
This field specifies the number of 32-bit words present in the TCP header. This field
helps the receiver to know from where the actual data begins. The HLEN field is of 4
bits, and it ranges from 20 bytes to 60 bytes in tcp header size.
Control Flag Bits
The control flag bit is 6 bits. The control flag field is basically divided into the following
felids that are as follows:

● If the URG(Urgent pointer)=1, then the urgent pointer is in use otherwise, it is not
in use.
● IF ACK = 1 means the acknowledgement number is valid, and if ACK = 0 means
the segment does not contain acknowledgement.
● If PSH(Push the data without buffering) = 1 means the request to forward the
data to the application layer without buffering it.
● If RST = 1 means it abruptly resets the connection whenever there is a host crash
or is sometimes used to reject a segment.
 lOMoAR cPSD| 31622326

● SYN: Synchronize sequence numbers during connection establishment

Connection request: SYN=1,ACK=0
Reply: SYN=1,ACK=1
FIN: Terminate the connection

Window Size
It tells how many bytes may be sent, starting at the acknowledged byte. It advertises
how much data (in bytes) the sender can receive without acknowledgement. Thus, the
window size is used for Flow Control.
Checksum
The checksum is used for error detection. It checksums the data, header, and pseudo-
header. The sender adds CRC checksum to the checksum field before sending the
data. The receiver rejects the data that fails the CRC check.
Options
The options field is used for several purposes. The options field contains 40 bytes of
information. Some widely used options are:

● MSS(maximum segment size)

● Window scale
● Time Stamp

Internet Protocol Version 4 (IPv4)

Internet Protocol is one of the major protocols in the TCP/IP protocols suite. This
protocol works at the network layer of the OSI model and at the Internet layer of the
TCP/IP model. Thus this protocol has the responsibility of identifying hosts based upon
their logical addresses and to route data among them over the underlying network.
IP provides a mechanism to uniquely identify hosts by an IP addressing scheme. IP
uses best effort delivery, i.e. it does not guarantee that packets would be delivered to
the destined host, but it will do its best to reach the destination. Internet Protocol
version 4 uses 32-bit logical address.

IPv4 - Packet Structure

Internet Protocol being a layer-3 protocol (OSI) takes data Segments from layer-4
(Transport) and divides it into packets. IP packet encapsulates data unit received from
above layer and add to its own header information.
 lOMoAR cPSD| 31622326

The encapsulated data is referred to as IP Payload. IP header contains all the

necessary information to deliver the packet at the other end.

IP header includes many relevant information including Version Number, which, in this
context, is 4. Other details are as follows −
● Version − Version no. of Internet Protocol used (e.g. IPv4).
● IHL − Internet Header Length; Length of entire IP header.
● DSCP − Differentiated Services Code Point; this is Type of Service.
● ECN − Explicit Congestion Notification; It carries information about the
congestion seen in the route.
● Total Length − Length of entire IP Packet (including IP header and IP Payload).
● Identification − If IP packet is fragmented during the transmission, all the
fragments contain same identification number. to identify original IP packet they
belong to.
● Flags − As required by the network resources, if IP Packet is too large to handle,
these ‘flags’ tells if they can be fragmented or not. In this 3-bit flag, the MSB is
always set to ‘0’.
● Fragment Offset − This offset tells the exact position of the fragment in the
original IP Packet.
● Time to Live − To avoid looping in the network, every packet is sent with some
TTL value set, which tells the network how many routers (hops) this packet can
 lOMoAR cPSD| 31622326

cross. At each hop, its value is decremented by one and when the value reaches
zero, the packet is discarded.
● Protocol − Tells the Network layer at the destination host, to which Protocol this
packet belongs to, i.e. the next level Protocol. For example protocol number of
ICMP is 1, TCP is 6 and UDP is 17.
● Header Checksum − This field is used to keep checksum value of entire header
which is then used to check if the packet is received error-free.
● Source Address − 32-bit address of the Sender (or source) of the packet.
● Destination Address − 32-bit address of the Receiver (or destination) of the
packet.
● Options − This is optional field, which is used if the value of IHL is greater than 5.
These options may contain values for options such as Security, Record Route,
Time Stamp, etc.

IPv4 - Addressing
IPv4 supports three different types of addressing modes. −
Unicast Addressing Mode
In this mode, data is sent only to one destined host. The Destination Address field
contains 32- bit IP address of the destination host. Here the client sends data to the
targeted server −

Broadcast Addressing Mode

In this mode, the packet is addressed to all the hosts in a network segment. The
Destination Address field contains a special broadcast address, i.e. 255.255.255.255.
When a host sees this packet on the network, it is bound to process it. Here the client
sends a packet, which is entertained by all the Servers −
 lOMoAR cPSD| 31622326

Multicast Addressing Mode

This mode is a mix of the previous two modes, i.e. the packet sent is neither destined to
a single host nor all the hosts on the segment. In this packet, the Destination Address
contains a special address which starts with 224.x.x.x and can be entertained by more
than one host.

Here a server sends packets which are entertained by more than one servers. Every
network has one IP address reserved for the Network Number which represents the
network and one IP address reserved for the Broadcast Address, which represents all
the hosts in that network.
Hierarchical Addressing Scheme
 lOMoAR cPSD| 31622326

IPv4 uses hierarchical addressing scheme. An IP address, which is 32-bits in length, is

divided into two or three parts as depicted −

A single IP address can contain information about the network and its sub-network and
ultimately the host. This scheme enables the IP Address to be hierarchical where a
network can have many sub-networks which in turn can have many hosts.
Subnet Mask
The 32-bit IP address contains information about the host and its network. It is very
necessary to distinguish both. For this, routers use Subnet Mask, which is as long as
the size of the network address in the IP address. Subnet Mask is also 32 bits long. If
the IP address in binary is ANDed with its Subnet Mask, the result yields the Network
address. For example, say the IP Address is 192.168.1.152 and the Subnet Mask is
255.255.255.0 then −

This way the Subnet Mask helps extract the Network ID and the Host from an IP
Address. It can be identified now that 192.168.1.0 is the Network number and
192.168.1.152 is the host on that network.
Binary Representation
The positional value method is the simplest form of converting binary from decimal
value. IP address is 32 bit value which is divided into 4 octets. A binary octet contains 8
bits and the value of each bit can be determined by the position of bit value '1' in the
octet.

Positional value of bits is determined by 2 raised to power (position – 1), that is the
value of a bit 1 at position 6 is 2^(6-1) that is 2^5 that is 32. The total value of the octet
is determined by adding up the positional value of bits. The value of 11000000 is
128+64 = 192. Some examples are shown in the table below −
 lOMoAR cPSD| 31622326

IPv4 - Address Classes

Internet Protocol hierarchy contains several classes of IP Addresses to be used
efficiently in various situations as per the requirement of hosts per network. Broadly,
the IPv4 Addressing system is divided into five classes of IP Addresses. All the five
classes are identified by the first octet of IP Address.
Internet Corporation for Assigned Names and Numbers is responsible for assigning IP
addresses.
The first octet referred here is the left most of all. The octets numbered as follows
depicting dotted decimal notation of IP Address −
 lOMoAR cPSD| 31622326

The number of networks and the number of hosts per class can be derived by this
formula −

When calculating hosts' IP addresses, 2 IP addresses are decreased because they

cannot be assigned to hosts, i.e. the first IP of a network is network number and the
last IP is reserved for Broadcast IP.
Class A Address
The first bit of the first octet is always set to 0 (zero). Thus the first octet ranges from 1 –
127, i.e.

Class A addresses only include IP starting from 1.x.x.x to 126.x.x.x only. The IP range
127.x.x.x is reserved for loopback IP addresses.

The default subnet mask for Class A IP address is 255.0.0.0 which implies that Class A
addressing can have 126 networks (27-2) and 16777214 hosts (224-2).

Class A IP address format is

thus: 0NNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH

Class B Address
An IP address which belongs to class B has the first two bits in the first octet set to 10,
i.e.

Class B IP Addresses range from 128.0.x.x to 191.255.x.x. The default subnet mask for
Class B is 255.255.x.x.

Class B has 16384 (214) Network addresses and 65534 (216-2) Host addresses.

Class B IP address format is: 10NNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH

 lOMoAR cPSD| 31622326

Class C Address
The first octet of Class C IP address has its first 3 bits set to 110, that is −

Class C IP addresses range from 192.0.0.x to 223.255.255.x. The default subnet mask
for Class C is 255.255.255.x.

Class C gives 2097152 (221) Network addresses and 254 (28-2) Host addresses.

Class C IP address format is: 110NNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH

Class D Address
Very first four bits of the first octet in Class D IP addresses are set to 1110, giving a
range of −

Class D has IP address range from 224.0.0.0 to 239.255.255.255. Class D is reserved

for Multicasting. In multicasting data is not destined for a particular host, that is why
there is no need to extract host address from the IP address, and Class D does not
have any subnet mask.
Class E Address
This IP Class is reserved for experimental purposes only for R&D or Study. IP addresses
in this class ranges from 240.0.0.0 to 255.255.255.254. Like Class D, this class too is
not equipped with any subnet mask.

Ipv6:

IPv6 is a 128-bits address having an address space of 2128, which is way bigger than
IPv4. IPv6 use Hexa-Decimal format separated by colon (:) .

Features of ipv6

● Larger Address Space:

In contrast to IPv4, IPv6 uses 4 times more bits to address a device on the
Internet. This much of extra bits can provide approximately 3.4×1038 different
combinations of addresses. This address can accumulate the aggressive
requirement of address allotment for almost everything in this world. According
to an estimate, 1564 addresses can be allocated to every square meter of this
earth.
● Simplified Header:
 lOMoAR cPSD| 31622326

IPv6’s header has been simplified by moving all unnecessary information and
options (which are present in IPv4 header) to the end of the IPv6 header. IPv6
header is only twice as bigger than IPv4 providing the fact the IPv6 address is
four times longer.
● End-to-end Connectivity:
Every system now has unique IP address and can traverse through the internet
without using NAT or other translating components. After IPv6 is fully
implemented, every host can directly reach other host on the Internet, with
some limitations involved like Firewall, Organization’s policies, etc.
● Auto-configuration:
IPv6 supports both stateful and stateless auto configuration mode of its host
devices. This way absence of a DHCP server does not put halt on inter segment
communication.
● Faster Forwarding/Routing:
Simplified header puts all unnecessary information at the end of the header. All
information in first part of the header are adequate for a Router to take routing
decision thus making routing decision as quickly as looking at the mandatory
header.
● IPSec:
Initially it was decided for IPv6 to must have IPSec security, making it more
secure than IPv4. This feature has now been made optional.
● No Broadcast:
Though Ethernet/Token Ring are considered as broadcast network because they
support Broadcasting, IPv6 does not have any Broadcast support anymore left
with it. It uses multicast to communicate with multiple hosts.
● Anycast Support:
This is another characteristic of IPv6. IPv6 has introduced Anycast mode of
packet routing. In this mode, multiple interfaces over the Internet are assigned
same Anycast IP address. Routers, while routing, sends the packet to the
nearest destination.
● Mobility:
IPv6 was designed keeping mobility feature in mind. This feature enables hosts
(such as mobile phone) to roam around in different geographical area and
remain connected with same IP address. IPv6 mobility feature takes advantage
of auto IP configuration and Extension headers.
● Enhanced Priority support:
Where IPv4 used 6 bits DSCP (Differential Service Code Point) and 2 bits ECN
(Explicit Congestion Notification) to provide Quality of Service but it could only
be used if the end-to-end devices support it, that is, the source and destination
device and underlying network must support it.
In IPv6, Traffic class and Flow label are used to tell underlying routers how to
efficiently process the packet and route it.
 lOMoAR cPSD| 31622326

● Smooth Transition:
Large IP address scheme in IPv6 enables to allocate devices with globally
unique IP addresses. This assures that mechanism to save IP addresses such as
NAT is not required. So devices can send/receive data between each other, for
example VoIP and/or any streaming media can be used much efficiently.
Other fact is, the header is less loaded so routers can make forwarding decision
and forward them as quickly as they arrive.
● Extensibility:
One of the major advantage of IPv6 header is that it is extensible to add more
information in the option part. IPv4 provides only 40-bytes for options whereas
options in IPv6 can be as much as the size of IPv6 packet itself.

Addressing Modes
In computer networking, addressing mode refers to the mechanism how we address a
host on the network. IPv6 offers several types of modes by which a single host can be
addressed, more than one host can be addressed at once or the host at closest
distance can be addressed.
Unicast
In unicast mode of addressing, an IPv6 interface (host) is uniquely identified in a
network segment. The IPv6 packet contains both source and destination IP addresses.
A host interface is equipped with an IP address which is unique in that network
segment. A network switch or router when receives a unicast IP packet, destined to
single host, sends out to one of its outgoing interface which connects to that particular
host.

[Image: Unicast Messaging]

 lOMoAR cPSD| 31622326

Multicast
The IPv6 multicast mode is same as that of IPv4. The packet destined to multiple hosts
is sent on a special multicast address. All hosts interested in that multicast
information, need to join that multicast group first. All interfaces which have joined the
group receive the multicast packet and process it, while other hosts not interested in
multicast packets ignore the multicast information.

[Image: Multicast Messaging]

Anycast
IPv6 has introduced a new type of addressing, which is called Anycast addressing. In
this addressing mode, multiple interfaces (hosts) are assigned same Anycast IP
address. When a host wishes to communicate with a host equipped with an Anycast IP
address, sends a Unicast message. With the help of complex routing mechanism, that
Unicast message is delivered to the host closest to the Sender, in terms of Routing
cost.
 lOMoAR cPSD| 31622326

[Image: Anycast Messaging]

Let’s take an example of TutorialPoints.com Web Servers, located in all continents.
Assume that all Web Servers are assigned single IPv6 Anycast IP Address. Now when a
user from Europe wants to reach TutorialsPoint.com the DNS points to the server
which is physically located in Europe itself. If a user from India tries to reach
Tutorialspoint.com, the DNS will then point to Web Server physically located in Asia
only. Nearest or Closest terms are used in terms of Routing Cost.
In the above picture, When a client computer tries to reach a Server, the request is
forwarded to the Server with lowest Routing Cost.

Address Types
Hexadecimal Number System
Before introducing IPv6 Address format, we shall look into Hexadecimal Number
System. Hexadecimal is positional number system which uses radix (base) of 16. To
represent the values in readable format, this system uses 0-9 symbols to represent
values from zero to nine and A-F symbol to represent values from ten to fifteen. Every
digit in Hexadecimal can represent values from 0 to 15.

[Image: Conversion Table]

Address Structure
An IPv6 address is made of 128 bits divided into eight 16-bits blocks. Each block is
then converted into 4-digit Hexadecimal numbers separated by colon symbol.
 lOMoAR cPSD| 31622326

For example, the below is 128 bit IPv6 address represented in binary format and
divided into eight 16-bits blocks:
0010000000000001 0000000000000000 0011001000110100 1101111111100001
0000000001100011 0000000000000000 0000000000000000 1111111011111011
Each block is then converted into Hexadecimal and separated by ‘:’ symbol:
2001:0000:3238:DFE1:0063:0000:0000:FEFB
Even after converting into Hexadecimal format, IPv6 address remains long. IPv6
provides some rules to shorten the address. These rules are:

Rule:1 Discard leading Zero(es):

In Block 5, 0063, the leading two 0s can be omitted, such as (5th block):
2001:0000:3238:DFE1:63:0000:0000:FEFB

Rule:2 If two of more blocks contains consecutive zeroes, omit them all and replace
with double colon sign ::, such as (6th and 7th block):

2001:0000:3238:DFE1:63::FEFB
Consecutive blocks of zeroes can be replaced only once by :: so if there are still blocks
of zeroes in the address they can be shrink down to single zero, such as (2nd block):
2001:0:3238:DFE1:63::FEFB
Interface ID
IPv6 has three different type of Unicast Address scheme. The second half of the
address (last 64 bits) is always used for Interface ID. MAC address of a system is
composed of 48-bits and represented in Hexadecimal. MAC address is considered to
be uniquely assigned worldwide. Interface ID takes advantage of this uniqueness of
MAC addresses. A host can auto-configure its Interface ID by using IEEE’s Extended
Unique Identifier (EUI-64) format. First, a Host divides its own MAC address into two
24-bits halves. Then 16-bit Hex value 0xFFFE is sandwiched into those two halves of
MAC address, resulting in 64-bit Interface ID.
 lOMoAR cPSD| 31622326

[Image: EUI-64
Interface ID]
Global Unicast Address
This address type is equivalent to IPv4’s public address. Global Unicast addresses in
IPv6 are globally identifiable and uniquely addressable.

[Image: Global Unicast Address]

Global Routing Prefix: The most significant 48-bits are designated as Global Routing
Prefix which is assigned to specific Autonomous System. Three most significant bits of
Global Routing Prefix is always set to 001.
Link-Local Address
Auto-configured IPv6 address is known as Link-Local address. This address always
starts with FE80. First 16 bits of Link-Local address is always set to 1111 1110 1000
0000 (FE80). Next 48-bits are set to 0, thus:

[Image: Link-Local Address]

Link-Local addresses are used for communication among IPv6 hosts on a link
(broadcast segment) only. These addresses are not routable so a Router never
forwards these addresses outside the link.
Unique-Local Address
This type of IPv6 address which is though globally unique, but it should be used in local
communication. This address has second half of Interface ID and first half is divided
among Prefix, Local Bit, Global ID and Subnet ID.
 lOMoAR cPSD| 31622326

[Image: Unique-Local Address]

Prefix is always set to 1111 110. L bit, which is set to 1 if the address is locally
assigned. So far the meaning of L bit to 0 is not defined. Therefore, Unique Local IPv6
address always starts with ‘FD’.
Scope of IPv6 Unicast Addresses:

[Image: IPv6 Unicast Address Scope]

The scope of Link-local address is limited to the segment. Unique Local Address are
though locally global but are not routed over the Internet, limiting their scope to an
organization’s boundary. Global Unicast addresses are globally unique and
recognizable. They shall make the essence of Internet v2 addressing.

Special Addresses
Version 6 has slightly complex structure of IP address than that of IPv4. IPv6 has
reserved few addresses and address notations for special purposes. See the table
below:
Special Addresses:
 lOMoAR cPSD| 31622326

● As shown in the table above 0:0:0:0:0:0:0:0/128 address does not specify to

anything and is said to be an unspecified address. After simplifying, all 0s are
compacted to ::/128.
● In IPv4, address 0.0.0.0 with netmask 0.0.0.0 represents default route. The
same concept is also applie to IPv6, address 0:0:0:0:0:0:0:0 with netmask all 0s
represents default route. After applying IPv6 simplying rule this address is
compressed to ::/0.
● Loopback addresses in IPv4 are represented by 127.0.0.1 to 127.255.255.255
series. But in IPv6, only 0:0:0:0:0:0:0:1/128 address represents Loopback
address. After simplying loopback address, it can be represented as ::1/128.
Reserved Multicast Address for Routing Protocols:

● The above table shows reserved multicast addresses used by interior routing
protocol.
● All addresses are reserved in similar IPv4 fashion
Reserved Multicast Address for Routers/Node:

● These addresses helps routers and hosts to speak to available routers and hosts
on a segment without being configured with an IPv6 address. Hosts use EUI-64
based auto-configuration to self-configure an IPv6 address and then speaks to
available hosts/routers on the segment by means of these addresses.

Headers
The wonder of IPv6 lies in its header. IPv6 address is 4 times larger than IPv4 but the
IPv6 header is only 2 times larger than that of IPv4. IPv6 headers have one Fixed
Header and zero or more Optional (Extension) Headers. All necessary information
which is essential for a router is kept in Fixed Header. Extension Header contains
optional information which helps routers to understand how to handle a packet/flow.
Fixed Header
 lOMoAR cPSD| 31622326

[Image: IPv6 Fixed Header]

IPv6 fixed header is 40 bytes long and contains the following information.
S.N. Field & Description

1 Version (4-bits): This represents the version of Internet Protocol, i.e. 0110.

Traffic Class (8-bits): These 8 bits are divided into two parts. Most significant 6 bits are use
2 Service, which tells the Router what services should be provided to this packet. Least signif
used for Explicit Congestion Notification (ECN).

Flow Label (20-bits): This label is used to maintain the sequential flow of the packets belon
communication. The source labels the sequence which helps the router to identify that this
3
belongs to a specific flow of information. This field helps to avoid re-ordering of data packet
designed for streaming/real-time media.

Payload Length (16-bits): This field is used to tell the routers how much information this pa
in its payload. Payload is composed of Extension Headers and Upper Layer data. With 16 bi
4
bytes can be indicated but if Extension Headers contain Hop-by-Hop Extension Header than
exceed 65535 bytes and this field is set to 0.

Next Header (8-bits): This field is used to indicate either the type of Extension Header, or if
5 Header is not present then it indicates the Upper Layer PDU. The values for the type of Uppe
same as IPv4’s.

Hop Limit (8-bits): This field is used to stop packet to loop in the network infinitely. This is s
6 IPv4. The value of Hop Limit field is decremented by 1 as it passes a link (router/hop). When
reaches 0 the packet is discarded.

7 Source Address (128-bits): This field indicates the address of originator of the packet.

8 Destination Address (128-bits): This field provides the address of intended recipient of the
Extension Headers
 lOMoAR cPSD| 31622326

In IPv6, the Fixed Header contains only information which is necessary and avoiding
information which is either not required or is rarely used. All such information, is put
between the Fixed Header and Upper layer header in the form of Extension Headers.
Each Extension Header is identified by a distinct value.
When Extension Headers are used, IPv6 Fixed Header’s Next Header field points to the
first Extension Header. If there is one more Extension Header, then first Extension
Header’s ‘Next-Header’ field point to the second one, and so on. The last Extension
Header’s ‘Next-Header’ field point to Upper Layer Header. Thus all headers from point
to the next one in a linked list manner.
If the Next Header field contains value 59, it indicates that there’s no header after this
header, not even Upper Layer Header.
The following Extension Headers must be supported as per RFC 2460:

The sequence of Extension Headers should be:

These headers:
● 1. Should be processed by First and subsequent destinations.
● 2. Should be processed by Final Destination.
Extension Headers are arranged one after another in a Linked list manner, as depicted
in the diagram below:
 lOMoAR cPSD| 31622326

[Image: Extension Headers Connected Format]

Computer network components and their functions

A computer network is an interconnection of two or more computers with the aim of

sharing resources and communication. Computer network components are devices
that kames up the network to enable it to achieve its objective of sharing and
communication.

Networking components include hardware, software, and protocols components

that facilitate interconnection. Hardware networking components are routers,
switches, firewalls, bridges, gateways, servers, clients, access points, MODEM, and
hub among others

Types of components
 lOMoAR cPSD| 31622326

● Hardware networking components

● Networking software components

Hardware networking components

Hardware networking components are physical devices that make up the network.
Depending on the type of network you can have different components for each
network. Below are some of the main hardware network components that you find in
almost all types of networks.

Router

A network router is a device that is used to connect to different types of networks that
use different protocols. It is mostly used to link Local networks (LAN) to Wide Area
Networks (WAN) specifically the Internet. Its other function is to route the message
using the best and fast route to the destination.

When a user within a LAN sends an email, for example, the router checks the
destination and forwards the message using the best path. Routers mostly are linked
to an internet service provider who connects the user to the internet and the world.

Networking switch

A network switch is a device that acts as an interconnection point for different devices
within the same network. It is mostly used to create a star topology type of connection
within a room or building. It has multiple ports depending on its size to connect
devices.

Their main purpose is to act as a central connection point for other networking devices
on the network. When it receives a message it decodes it and sends it directly to the
addressed device instead of broadcasting to all other devices. This feature makes it an
intelligent switch or hub.

There are different types of network switches such as managed and those that are not
managed.

Networking Hub

Just like a network switch, hubs are used as a central point of connection for other
networking devices. However, unlike the switch when they get the message they
broadcast it to all other devices connected to it.
 lOMoAR cPSD| 31622326

This leaves all other devices to decide if the message was met for them or not. This can
congest the network. Different types of hubs are active and passive hubs.

Network server computer

A server computer is a powerful computer within the network that is used to manage
devices, users, and applications within a network. For a small network, you don’t
require a server computer. However, in a business setup, a server may be necessary.

The hardware server computer can be used for different roles within the network such
as web server, application server, and file server among others. You can read this other
article on different types of server computers. Again here are our recommended
physical computer servers for small businesses that we recommend.

MODEM (MODulation/DEModulation)

The term MODEM is derived from the function of the device which is to modulate and
demodulate. Modems are to convert digital signals that computers produce into
analog signals that can be transferred over the telephone line process called
modulation.

When the data reach the destination it is converted from analog signals back to digital
signals that the computer can use a process called demodulation.

In earlier devices, they used to come as separate device but today they are integrated
within the networking devices that require those capabilities.

Network Interface Card/Connector (NIC)

This is a network component that is integrated within the network device that is a
connection point between the device and network media such as cable.

The NIC can be wired or wireless. Wired NICs have ports to connect to the cable
either ethernet, coaxial, or fiber cables. Wireless NIC has antennas that can be used to
receive and broadcast wireless signals.

We have an article on the function, types, and uses of network interface cards you can
read for more details.

Repeater

Just as the name suggests, it is used to regenerate the signal and retransmit it.
 lOMoAR cPSD| 31622326

Transmission media. When signals are transmitted over a long distance they tend to
get weak.

A repeater is positioned in the middle so that it receives the signal, boosts them, and
then retransmitted to the destination. Most hubs and switches act as repeaters.

Bridge

They are used to split a large network into smaller manageable networks. Instead of
managing 200 computers with one big network bridge can be used to break it down
into 2 networks of 100 by 100 computers.

The two networks are still within the same LAN but now they can be managed as if they
are totally different networks. This makes it simple to manage and troubleshoot
network problems.

Endpoint devices

These are devices that are connected to the network for communication and sharing
resources. The devices are mostly different types of personal computers. They include
desktop computers, printers, laptops, smartphones, tablets, or any other devices
connected to the network.

The devices can access the network either using a wired network or wireless
depending on the organization’s policies.

Gateway

This is a device that is mostly used to link to networks that use different protocols for
communication. They are gatekeepers when the message needs to get in or out of the
network. Mostly routers act as network gateways.

Networking media

Signals require a mode of traveling from one device to another hence media.
Networking media are categorized into 2 types wired/corded and wireless/cordless.

Wired types of media are copper telephone cables, coaxial, twisted pair, and fiber
optic cables. For wireless, we have technologies such as radio frequency, infrared, and
microwave.
 lOMoAR cPSD| 31622326

Firewall

A firewall can be a hardware or software component. It is a security device that is used

to determine what comes to the network and what gets out. Firewall rules are created
depending on the organization’s ICT policies to ensure data and ICT infrastructure are
secure from unauthorized users.

Modulation techniques:

Modulation can be digital or analog. Input wave of analog scheme varies continuously
like a sine wave. Voice is sampled at some rate then compressed and turned into a bit-
stream then superimposed on the carrier signal, in digital modulation. This all happens
because the communication systems have used a powerful and beautiful technique
called Modulation.

Modulation:

The process by which data/information is converted into electrical/digital signals for

transferring that signal over a medium is called modulation. It increases strength for
maximum reach of the signals. The process of extracting information/data from the
transmitted signal is called demodulation. A Modem is a device that performs both
modulation and demodulation processes. The various forms of modulation are
designed to alter the characteristic of carrier waves. The most commonly altered
characteristics of modulation include amplitude, frequency, and phase.
Carrier signal: The signals which contain no information but have a certain phase,
frequency, and amplitude are called carrier signals.
Modulated signals: The signals which are the combination of the carrier signals and
modulation signals are modulated signals. The modulated signal is obtained after the
modulation of the signals.

Types of modulation:

1. Amplitude modulation: It is a type of modulation in which only the amplitude of the

carrier signal is varied to represent the data being added to the signals whereas the
phase and the frequency of the signal are kept unchanged.
 lOMoAR cPSD| 31622326

Amplitude Modulation

2. Frequency modulation: It is a type of modulation in which only the frequency of the

carrier signal is varied to represent the frequency of the data whereas the phase and the
amplitude of the signals are kept unchanged.

Frequency Modulation

3. Phase modulation: It is a type of modulation in which the phase of the carrier signal
is varied to represent the data being added to the signal. Different information values
are represented by different phases. For example: ‘1’ may be represented by 0° while ‘0’
by 180°.

Phase Modulation

What is the need for modulation?

● Size of antenna: As we know that the size of the antenna is inversely

proportional to the frequency of the radiated signal and antenna size must be
1/10th of the wavelength. If the frequency signals are more than 5KHz in that
 lOMoAR cPSD| 31622326

case it is quite impossible to set up an antenna of that size. So, by using the
modulation technique the size of the antenna is reduced.
● Wireless communication: Modulation provides a wireless connection to
transmit the signals to a longer distance. Earlier we used wire systems (like
the telephone) to transfer information with the help of telephonic wires but it
was not possible to spread the wires all over the world for communication. By
using the modulation technique, the cost of wire is saved and even
information can be transferred to longer distances faster.

Working of Modulation:

Information/data can be added to the carrier signal by varying its amplitude, frequency,
and phase. Basically, modulation is applied to electromagnetic signals like radio waves,
optics, and computer networks. It can also be applied to direct current that can be
treated as a degenerate carrier wave with a fixed amplitude and frequency of 0 Hz by
turning it off and on as in a digital current loop and in Morse code telegraphy.

Advantages of modulation:

● It reduces the size of the antenna.

● It reduces the cost of wires.
● It prohibits the mixing of signals.
● It increases the range of communication.
● It improves the reception quality.
● It easily multiplexes the signals.
● It also allows the adjustment of the bandwidth.

Disadvantages of modulation:

● The cost of the equipment is higher.

● The receiver and the transmitter are very complicated.
● For better communication, the antennas for the FM system must be kept
closed.
● It is not efficient for large bandwidth.
● Power wastage takes place.

Digital-to-Analog signals is the next conversion we will discuss in this chapter. These
techniques are also called as Digital Modulation techniques.
 lOMoAR cPSD| 31622326

Digital Modulation provides more information capacity, high data security, quicker
system availability with great quality communication. Hence, digital modulation
techniques have a greater demand, for their capacity to convey larger amounts of data
than analog modulation techniques.

There are many types of digital modulation techniques and also their combinations,
depending upon the need. Of them all, we will discuss the prominent ones.

ASK – Amplitude Shift Keying

The amplitude of the resultant output depends upon the input data whether it should
be a zero level or a variation of positive and negative, depending upon the carrier
frequency.

FSK – Frequency Shift Keying

The frequency of the output signal will be either high or low, depending upon the input
data applied.

PSK – Phase Shift Keying

The phase of the output signal gets shifted depending upon the input. These are mainly
of two types, namely Binary Phase Shift Keying BPSK and Quadrature Phase Shift
Keying QPSK, according to the number of phase shifts. The other one is Differential
Phase Shift Keying DPSK which changes the phase according to the previous value.

Need for information security:

Information security is needed because some organizations can be damaged by hostile

application or intruders. There can be multiple forms of damage which are interrelated.
These includes −

● It can be damage or destruction of computer systems.

● It can be damage or destruction of internal data.
● It can be used to loss of sensitive information to hostile parties.
● It is the use of sensitive information to steal items of monetary value.
● It is the use of sensitive information against the organization’s customers which
may result in legal action by customers against the organization and loss of
customers.
● It is used to damage to the reputation of an organization.
 lOMoAR cPSD| 31622326

● It can be used to monetary damage due to loss of sensitive information,

destruction of data, hostile use of sensitive data, or damage to the organization’s
reputation.

Ethical Issues in Information Technology (IT)

I nformation Technology specifies to the components that are used to store, fetch
and manipulate the information at the minimum level with the server having an
operating system. Information Technology have a wide area of applications in
education, business, health, industries, banking sector and scientific research at a
large level. With the leading advancement in information technology, it is necessary to
have the knowledge of security issues, privacy issues and main negative impacts of IT.
To deal with these issues in IT society it is important to find out the ethical issues.
Some of the major ethical issues faced by Information Technology (IT) are Trade
Secrets
7. Liability
8. Piracy
These are explained with their affects as following below:
1. Personal Privacy:
It is an important aspect of ethical issues in information technology. IT
facilitates the users having their own hardware, operating system and
software tools to access the servers that are connected to each other and to
the users by a network. Due to the distribution of the network on a large
scale, data or information transfer in a big amount takes place which leads to
the hidden chances of disclosing information and violating the privacy of any
individuals or a group. It is a major challenge for IT society and organizations
to maintain the privacy and integrity of data. Accidental disclosure to
inappropriate individuals and provisions to protect the accuracy of data also
comes in the privacy issue.

2. Access Right:
The second aspect of ethical issues in information technology is access
right. Access right becomes a high priority issue for the IT and cyberspace
with the great advancement in technology. E-commerce and Electronic
payment systems evolution on the internet heightened this issue for various
corporate organizations and government agencies. Network on the internet
cannot be made secure from unauthorized access. Generally, the intrusion
 lOMoAR cPSD| 31622326

detection system are used to determine whether the user is an intruder or an

appropriate user.

3. Harmful Actions:
Harmful actions in the computer ethics refers to the damage or negative
consequences to the IT such as loss of important information, loss of
property, loss of ownership, destruction of property and undesirable
substantial impacts. This principle of ethical conduct restricts any outsiders
from the use of information technology in manner which leads to any loss to
any of the users, employees, employers and the general public. Typically,
these actions comprises of the intentional destruction or alteration of files
and program which drives a serious loss of resources. To recover from the
harmful actions extra time and efforts are required to remove the viruses
from the computer systems.

4. Patents:
It is more difficult to deal with these types of ethical issues. A patent can
preserve the unique and secret aspect of an idea. Obtaining a patent is very
difficult as compared with obtaining a copyright. A thorough disclosure is
required with the software. The patent holder has to reveal the full details of a
program to a proficient programmer for building a program.

5. Copyright:
The information security specialists are to be familiar with necessary
concept of the copyright law. Copyright law works as a very powerful legal
tool in protecting computer software, both before a security breach and
surely after a security breach. This type of breach could be the mishandling
and misuse of data, computer programs, documentation and similar
material. In many countries, copyright legislation is amended or revised to
provide explicit laws to protect computer programs.

6. Trade Secrets:
Trade secrets is also a significant ethical issue in information technology. A
trade secret secures something of value and usefulness. This law protects
the private aspects of ideas which is known only to the discover or his
confidants. Once disclosed, trade secret is lost as such and is only protected
by the law for trade secrets. The application of trade secret law is very broad
in the computer range, where even a slight head start in the advancement of
software or hardware can provide a significant competitive influence.
 lOMoAR cPSD| 31622326

7. Liability:
One should be aware of the liability issue in making ethical decisions.
Software developer makes promises and assertions to the user about the
nature and quality of the product that can be restricted as an express
warranty. Programmers or retailers possess the legitimate to determine the
express warranties. Thus they have to be practical when they define any
claims and predictions about the capacities, quality and nature of their
software or hardware. Every word they say about their product may be as
legally valid as stated in written. All agreements should be in writing to
protect against liability. A disclaimer of express warranties can free a
supplier from being held responsible of informal, speculative statements or
forecasting made during the agreement stages.

8. Piracy:
Piracy is an activity in which the creation of illegal copy of the software is
made. It is entirely up to the owner of the software as to whether or not users
can make backup copies of their software. As laws made for copyright
protection are evolving, also legislation that would stop unauthorized
duplication of software is in consideration. The software industry is prepared
to do encounter against software piracy. The courts are dealing with an
increasing number of actions concerning the protection of software.

● Laws
o Rules that mandate or prohibit certain behavior
o Drawn from ethics
● Ethics
o Define socially acceptable behaviors
● Key difference
o Laws carry the authority of a governing body
o Ethics do not carry the authority of a governing body
▪ Based on cultural mores ´ Fixed moral attitudes or customs
o Some ethics standards are universal

● Liability
o Legal obligation of organization
 lOMoAR cPSD| 31622326

o Extends beyond criminal or contract law

o Include legal obligation to restitution
o Employee acting with or without the authorization performs and illegal
or unethical act that causes some degree of harm
o Employer can be held financially liable
● Due care
o Organization makes sure that every employee knows what is
acceptable or unacceptable
o Knows the consequences of illegal or unethical actions
● Due diligence
o Requires
▪ Make a valid effort to protect others
▪ Maintains the effort
● Jurisdiction
o Court’s right to hear a case if a wrong is committed
o Term – long arm
▪ Extends across the country or around the world
 lOMoAR cPSD| 31622326

● Policies
o Guidelines that describe acceptable and unacceptable employee
behaviors
o Functions as organizational laws
o Has penalties, judicial practices, and sanctions
● Difference between policy and law
o Ignorance of policy is acceptable
o Ignorance of law is unacceptable
● Keys for a policy to be enforceable
o Dissemination
o Review
o Comprehension
o Compliance
o Uniform enforcement

● Civil – govern a nation or state

● Criminal – addresses activities and conduct harmful to public
● Private – encompasses family, commercial, labor, and regulates the
relationship between individuals and organizations
● Public – regulates the structure and administration of government agencies
and their relationships with citizens, employees, and other governments

● Organizations do business on the Internet – they do business globally

● Professionals must be sensitive to the laws and ethical values of many
different cultures, societies, and countries.
● Few international laws relating to privacy and informational security
● International laws are limited in their enforceability

● International task force

 lOMoAR cPSD| 31622326

● Designed to oversee range of security functions

● Designed to standardized technology laws across international borders
● Attempts to improve the effectiveness of international investigations into
breaches of technology law
● Concern raised by those concerned with freedom of speech and civil liberties
 lOMoAR cPSD| 31622326

● Overall goal
o Simplify the acquisition of information for law enforcement agencies in
certain types of international crime

● Created by the World Trade Organization

● Introduced intellectual property rules into the multilateral trade system
● First significant international effort to protect intellectual property rights
● Covers five issues
o What basic principles of the trading system and other international
intellectual property agreements should be applied
o How to give adequate protection to intellectual property rights
o How countries should enforce those rights adequately in their own
territories
o How to settle disputes on intellectual property between members of the
WTO
o Special transitional arrangements during the period when the new
system is being introduced

● American contribution to WTO

● Plan to reduce the impact of copyright, trademark, and privacy infringement
● United Kingdom has implemented a version
o Database Right

● Prohibits the circumvention protections and countermeasures implemented

by copyright owners to control access to protected content
● Prohibits the manufacture of devices to circumvent protections and
countermeasures that control access to protected content
● Bans trafficking in devices manufactured to circumvent protections and
countermeasures that control access to protected content
● Prohibits the altering of information attached or imbedded into copyrighted
material
 lOMoAR cPSD| 31622326

● Excludes Internet service providers from certain forms of contributory

copyright infringement

● Association of Computing Machinery

o <World’s first educational and scientific computing society=
o Strongly promotes education
 lOMoAR cPSD| 31622326

o Provides discounts for student members

● International Information Systems Security Certification Consortium, Inc. (ISC)2

o Nonprofit organization
o Focuses on the development and implementation of information
security certifications and credentials
o Manages a body of knowledge on information security
o Administers and evaluated examinations for information security
certifications

● Information Systems Audit and Control Association

o Focuses on auditing, control, and security
o Membership includes technical and managerial professionals
o Does not focus exclusively on information security
o Has many information security components?

● Information Systems Security Associations (ISSA)

o Nonprofit society of information security professionals
o Mission – bring together qualified information security practioners
▪ Information exchange
Education development
▪
o Focus – <promoting management practices that will ensure the
confidentiality, integrity, and availability of organizational information
resources=
● Systems Administration, Networking, and Security Institute (SANS)
o Professional research and education cooperative
o Current membership > 156,000
▪ Security professionals
▪ Auditors
▪ System administrators
▪ Network administrators
● Offers set of certifications

● Department of Homeland Security

● Five directorates or divisions
● Mission – protecting the people as well as the physical and informational
assets of the United States
 lOMoAR cPSD| 31622326

● Directorate of Information and Infrastructure

o Creates and enhances resources used to discover and responds to
attacks on national information systems and critical infrastructure
● Directorate of Science and Technology
o Research and development activities in support of homeland defense
o Examination of vulnerabilities
 lOMoAR cPSD| 31622326

o Sponsors emerging best practices

● National InfraGard Program

● Each FBI office establishes a chapter
● Collaborates with public and private organizations and academia
● Serves members in 4 ways
▪ Maintains an intrusion alert network using encrypted e−mail
▪ Maintains a secure Web site for communication about suspicious activity or
intrusions
▪ Sponsors local chapter activities
▪ Operates a help desk for questions
● Contribution – free exchange of information to and from the private sector in the areas
of threats and attacks on information resources
● National Security Agency (NSA)
<The nation’s cryptologic organization. It coordinates, directs, and performs highly
specialized activities to protect U.S. information systems and produce foreign
intelligence information& It is also one of the most important centers of foreign language
analysis and research within the Government.=
● U. S. Secret Service
▪ Located in Department of the Treasury
▪ Charged with the detection and arrest of any person committing a United States
federal offense relating to computer fraud and false identification crimes
 lOMoAR cPSD| 31622326

RISK MANAGEMENT IN INFORMATION SECURITY

Information security risk management is the ongoing procedure of discovering,

correcting, and avoiding security issues. Risk assessment is an elemental part of an
organization's risk management procedure, designed to support appropriate security
levels for its data systems and data.

Risk is basically anything that threatens or limits the ability of an organization to

implement its mission. Risk Management should be a group of continuous and
developing processes that are used throughout an organization’s approaches and should
methodically address some risks surrounding previous, present and future activities.

The information security risks facing an organization will vary with the feature of the
processing implemented by the organization and the sensitivity of the data processed.
An understanding of risk and the software of risk assessment methodology is important
to being able to efficiently and effectively make a secure computing environment.

It is the procedure of identifying vulnerabilities and threats to the data resources used by
an organization in implementing business objectives, and determining what
countermeasures, if some take in decreasing risk to an acceptable level, depends on the
value of the data resource to the organization. Successful risk management needs the
difficulty of all levels of employers of an organization.

A successful risk management program supports an organization consider the complete

range of risks it faces. Risk management also determines the relationship between risks
and the cascading impact they can have on an organization's strategic objectives.

This holistic method to handling risk is defined as enterprise risk management because
of its emphasis on anticipating and understanding risk across an organization. Moreover
a focus on inside and outside threats, enterprise risk management (ERM) emphasizes the
importance of handling positive risk.

Positive risks are opportunities that can enhance business value or, conversely, damage
an organization if not taken. Indeed, the objective of risk management program is not to
remove all risk but to preserve and add to enterprise value by creating smart risk
decisions.

There are three types of risk management which are as follows −

● Project risks − Project risks concern multiple forms of budgetary, schedule,

personnel, resource, and user-associated problems. A basic project risk is
schedule slippage. Because the software is intangible, it is complex to monitor
and control a software project. It is complex to control something which cannot be
 lOMoAR cPSD| 31622326

recognized. For some manufacturing program, including the manufacturing of

cars, the plan executive can identify the product taking shape.
● Technical risks − Technical risks concern potential issues, implementation,
interfacing, testing, and maintenance problems. It also includes an ambiguous
specification, incomplete specification, changing specification, technical
uncertainty, and technical obsolescence. Some technical risks appear because of
the development team's insufficient knowledge about the project.
● Business risks − In business risks, it involves risks of building an excellent product
that no one required, losing budgetary or personnel commitments, etc.

lOMoARcPSD|31622
SECURITY REQUIREMENTS TO E-COMMERCE

8.0Security Threats to E-commerce

E-Commerce security requirements can be studied by examining the overall process,
beginning with the consumer and ending with the commerce server. Considering each
logical link in the commerce chain, the assets that must be protected to ensure secure
e-commerce include client computers, the messages travelling on the communication
channel, and the web and commerce servers – including any hardware attached to the
servers. While telecommunications are certainly one of the major assets to be
protected, the telecommunications links are not the only concern in computer and e-
commerce security.

a) Client Threats

Until the introduction of executable web content, Web pages were mainly static.
Coded in HTML, static pages could do little more than display content and provide
links to related pages with additional information. However, the widespread use of
active content has changed this perception.

i. Active content: Active content refers to programs that are embedded

transparently in web pages and that cause action to occur. Active content can
 lOMoAR cPSD| 31622326

display moving graphics, download and play audio, or implement web-based

spreadsheet programs. Active content is used in e-commerce to place items
one wishes to purchase into a shopping cart and to compute the total invoice
amount,including sales tax, handling, and shipping costs. The best known
active content forms are Java applets, ActiveX controls, JavaScript, and
VBScript.

ii. Malicious codes: Computer viruses, worms and Trojan horses are examples
of malicious code. A Trojan horse is a program which appears to perform a
useful function, but performs an unexpected action. Virus is a code segment
which replicates by attaching copies to existing executables.
 lOMoAR cPSD| 31622326

iii. Server-side masquerading: Masquerading lures a victim into believing that

the entity with which it is communicating is a different entity. For example, if
a user tries to log into a computer across the Internet but instead reaches
another computer that claims to be the desired one, the user has been
spoofed. This may be a passive attack (in which the user does not attempt to
authenticate the recipient, but merely accesses it), but it is usually an active
attack.

b) Communication channel threats

The internet serves as the electronic chain linking a consumer (client) to an e-

commerce resource. Messages on the internet travel a random path from a source
node to a destination node. The message passes through a number of intermediate
computers on the network before reaching the final destination. It is impossible to
guarantee that every computer on the internet through which messages pass is safe,
secure, and non-hostile.

i. Confidentiality threats: Confidentiality is the prevention of unauthorized

information disclosure. Breaching confidentiality on the internet is not difficult.
Suppose one logs onto a website that contains a form with text boxes for name,
address, and e- mail address. When one fills out those text boxes and clicks the
submit button, the information is sent to the web-server for processing. One
popular method of transmitting data to a web-server is to collect the text box
responses and place them at the end of the target server‘s URL. The captured
data and the HTTP request to send the data to the server is then sent. Now,
suppose the user changes his mind, decides not to wait for a response from the
website server, and jumps to another website instead, the server company may
choose to collect web demographics and log the URL from which the user just
 lOMoAR cPSD| 31622326

came from. By doing this, the company has breached confidentiality by

recording the secret information the user has just entered.

ii. Integrity threats: An integrity threat exists when an unauthorized party can alter
a message stream of information. Unprotected banking transactions are
subject to integrity violations.Cyber vandalism is an example of an integrity
violation. Cyber vandalism is the electronic defacing of an existing website
page. Masquerading or spoofing – pretending to be someone you are not or
representing a website as an original when it really is a fake.
 lOMoAR cPSD| 31622326

Integrity threats can alter vital financial, medical, or military information. It can have
very serious consequences for businesses and people.

iii. Availability threats: The purpose of availability threats, also known as delay or
denial threats, is to disrupt normal computer processing or to deny processing
entirely. For example, if the processing speed of a single ATM machine
transaction slows from one or two seconds to 30 seconds, users will abandon
ATM machines entirely. Similarly, slowing any internet service will drive
customers to competitors‘ web or commerce sites.

c) Server threats

The server is the third link in the client-internet-server trio embodying the e-commerce
path between the user and a commerce server. Servers have vulnerabilities that can
be exploited by anyone determined to cause destruction or to illegally acquire
information.

i. Web-server threats: Web-server software is designed to deliver web pages by

responding to HTTP requests. While web-server software is not inherently high-
risk, it has been designed with web service and convenience as the main design
goal. The more complex the software is, the higher the probability that it
contains coding errors (bugs) and security weaknesses that provide openings
through which malicious users can use.

ii. Commerce server threats: Several pieces of software comprise the commerce
server software suite, including an FTP server, a mail server, a remote login
server and operating systems on host machines. Each of this software can have
security holes and bugs.
 lOMoAR cPSD| 31622326

iii. Database threats: E-commerce systems store user data and retrieve product
information from databases connected to the web-server. Besides product
information, databases connected to the web contain valuable and private
information that could damage a company if it were altered or disclosed. Some
databases store username/password pairs in a non-secure way. If someone
obtains user authentication information, then he or she can masquerade as a
legitimate database user and reveal private and costly information.
 lOMoAR cPSD| 31622326

iv. Common gateway interface threats: A common gateway interface (CGI)

implements the transfer of information from a web-server to another program,
such as a database program. CGI and the programs to which they transfer data
provide active content to web pages. Because CGIs are programs, they present
a security threat if misused. Defective or malicious CGIs with free access to
system resources are capable of disabling the system, calling privileged (and
dangerous) base system programs that delete files, or viewing confidential
customer information,including usernames and passwords.

v. Password hacking: The simplest attack against a password-based system is to

guess passwords. Guessing of passwords requires that access to the
complement, the complementation functions, and the authentication
functions be obtained. If none of these have changed by the time the password
is guessed, then the attacker can use the password to access the system.
 lOMoAR cPSD| 31622326

Security Requirements for E-Commerce:

i. Authentication
This is the ability to say that an electronic communication (whether via email or web)
does genuinely come from who it purports to.
In online commerce the best defense against being misled by an imposter is provided
by unforgeable digital certificates from a trusted authority (such as VeriSign).
Although anyone can generate digital certificates for themselves, a trusted authority
demands real- world proof of identity and checks its validity before issuing a digital
certificate. Only certificates from trusted authorities will be automatically recognized
and trusted by the major web browser and email client software.

ii. Privacy

In online commerce, privacy is the ability to ensure that information is accessed and
changed only by authorized parties. Typically this is achieved via encryption. Sensitive
data (such as credit card details, health records, sales figures etc.) are encrypted
before being transmitted across the open internet via email or the web.

iii. Authorization

Authorization allows a person or computer system to determine if someone has the

authority to request or approve an action or information. In the physical world,
authentication is usually achieved by forms requiring signatures, or locks where only
authorized individuals hold the keys.
Authorization is tied with authentication. If a system can securely verify that a request
for information (such as a web page) or a service (such as a purchase requisition) has
come from a known individual, the system can then check against its internal rules to
see if that person has sufficient authority for the request to proceed.
 lOMoAR cPSD| 31622326

iv. Integrity
Integrity of information means ensuring that a communication received has not
been altered or tampered with. If someone is receiving sensitive information
online, he not only wants to ensure that it is coming from who he expects it to
(authentication), but also that it hasn‘t been intercepted by a hacker while in
transit and its contents altered.

v. Non-repudiation

Non-repudiation allows one to legally prove that a person has sent a specific email
or made a purchase approval from a website. In the realm of e-commerce, non-
repudiation is achieved by using digital signatures. Digital signatures which have
been issued by a trusted authority (such as VeriSign) cannot be forged and their
validity can be checked with any major email or web browser software. A digital
signature is only installed in the personal computer of its owner, who is usually
required to provide a password to make use of digital signature to encrypt or
digitally sign their communications. If a company receives a purchase order via
email which has been digitally signed, it has the same legal assurances as on
receipt of a physical signed contract.

Virtual Organization:

A Virtual Organization is a type of organization whose members are geographically

separated and usually work by computer e-mail and software system while
appearing to others to be a single, combined organization with a real physical
location.

An example of a virtual organization is British Telecom. It operates in over a hundred

countries and is able to do so because it does not follow the structure of a "regular"
organization.
 lOMoAR cPSD| 31622326

Business transactions on web:

There are two primary types of e-commerce . One is B2B and other is B2C. You are
engaging in B2B ( business-to-business e-commerce ) when you buy products or
services for your own business. B2C( business-to-customer ) is far more common .
it occurs when you buy products online for yourself.

The process of Business transaction over internet is simple . For example consider
you want to purchase a book from a website . First you should go to the vendor web
site and select what are the items ( books ) you want to purchase with the help of
different catalog (according to your choice : fiction,no-fiction ,short story etc.) . Then
you have to select the book with the buy now option . After that you have to enter
your details for the delivery .

Typically the payment methods are debit ,credit card and online banks . payment is
the final steps of any business transaction .

Next process is Consumer Information Security and Concerns . You have to enter
all the card details / bank details (for example card number , validity etc. ) . Then it
will redirect to bank site with security ( Most of the payment sites enabled secure
socket layer — SSL security to send your confidential data )

E-Governance:

Electronic Governance or E-Governance is the application of Information and

Communication Technology (ICT) for providing government services, interchange of
statistics, communication proceedings, and integration of various independent
systems and services. Through the means of e-governance, government services are
made available to citizens in a suitable, systematic, and transparent mode. The three
main selected groups that can be discriminated against in governance concepts are
government, common people, and business groups.
E-governance is the best utilization of information and communication technologies
to mutate and upgrade the coherence, productivity, efficacy, transparency, and
liability of informational and transnational interchanges within government, between
government agencies at different levels, citizens & businesses. It also gives
authorization to citizens through access and use of information. Generally, E-
 lOMoAR cPSD| 31622326

governance uses information and communication technologies at various levels of

the government and the public sector to enhance governance.
Theoretical studies state that E-Governance is the procedure of change of the
correlation of government with its ingredients, the citizens, the businesses, and its
own organs, through the use of tools of information and communication technology.
The UNESCO states that E-governance is the public sector’s use of information and
communication automation in order to upgrade information and service delivery,
stimulating resident involvement in the decision-making process and making
government more liable, unambiguous and productive.
Elements of E-Governance:
Basic elements of e-governance are:
1. Government
2. Citizens
3. Investors/Businesses
Types of E-Governance:
E-governance is of 4 types:
1. Government-to-Citizen (G2C): The Government-to-citizen mentions the
government services that are acquired by the familiar people. Most of the
government services come under G2C. Similarly, the primary aim of
Government-to-citizen is to supply facilities to the citizens. It also helps
ordinary people to minimize the time and cost to carry out a transaction. A
citizen can retrieve the facilities anytime from anywhere. Similarly,
spending the administrative fee online is also possible due to G2C. The
facility of Government-to-Citizen allows the ordinary citizen to outclass
time limitations. It also focuses on geographic land barriers.
2. Government-to-business (G2B): Government-to-business is the
interchange of services between Government and Business firms. It is
productive for both government and business firms. G2B provides access
to pertinent forms needed to observe. It also contains many services
interchanged between business sectors and government. Similarly,
Government-to-business provides timely business information. A business
organization can have easy and easy online access to government
agencies. G2B plays an important role in business development. It
upgrades the efficiency and quality of communication and transparency of
government projects.
 lOMoAR cPSD| 31622326

3. Government-to-Government (G2G): The Government-to-Government

mentions the interaction between different government departments,
firms, and agencies. This increases the efficiency of government
processes. In G2G, government agencies can share the same database
using online communication. The government departments can work
together. This service can increase international discretion and relations.
G2G services can be at the local level or at the international level. It can
convey to both global government and local government. It also provides a
safe and secure inter-relationship between domestic and foreign
governments. G2G builds a universal database for all members to upgrade
service.
4. Government-to-Employee (G2E): The Government-to-Employee is the
internal part of G2G section. It aims to bring employees together and
improvise knowledge sharing. It provides online facilities to the
employees. Similarly, applying for leave, reviewing salary payment record
and checking the balance of holiday. The G2E sector yields human
resource training and development. So, G2E is also the correlation
between employees and government institutions.
Advantages of E-Governance:
The supreme goal of e-governance is to be able to provide an increased portfolio of
public services to citizens in a systematic and cost effective way. It allows for
government transparency because it allows the public to be informed about what
the government is working on as well as the policies they are trying to implement.
The main advantage while executing electronic government will be to enhance the
efficiency of the current system.
Another advantage is that it increases transparency in the administration, reduces
costs, increases revenue growth, and also improves relationships between the
public and the civic authorities.
Disadvantages of E-Governance:
The main disadvantage regarding e-governance is the absence of fairness in public
access to the internet, of trustworthy information on the web, and disguised agendas
of government groups that could have an impact and could bias public opinions.
 lOMoAR cPSD| 31622326

Electronic Data Interchange (EDI) in the Government Industry

EDI technology is used in the Government Industry to cut levels of human

interference and labour costs across the supply chain, which comprises of
Manufacturers, Suppliers, Customers, Contractors and Vendors etc. The
import/export trade has become much easier as Governments, through the use of
EDI can send customs documents.

Some of the popular EDI messages used in the Government Industry include:

● Customs related (for air, road, rail and ocean)

● Healthcare and Insurance messages
● Food Grains and Traceability messages
● Government tendering
● Homeland security messages
● Banking & Financial messages

Benefits of EDI in the Government Industry:

1. Improvement in both the reporting of injuries and reporting times.
2. EDI enables report maintenance documents to be sent out on a routine
basis.
3. World trade made easier through the use of EDI customs documents
between countries.
4. Speedy processing of business transactions due to the
elimination of paper-based communication.
5. Messages to help faster delivery of service to citizens.

Electronic payments:

Electronic Payments entail the transfer of funds through electronic or digital

mediums. You can choose from different e-payment methods like mobile wallets,
 lOMoAR cPSD| 31622326

bank cards, mobile banking, etc. E-payments are quick and efficient, and the fund
transfer typically takes place instantly. It is a secure mode of making payments.

E-cash:

eCash is known as Electronic Cash which is a digital currency technique from which
transactions can be achieved anywhere through the internet.

What Is a Credit Card?

A credit card is a card issued by a financial institution, typically a bank, and it

enables the cardholder to borrow funds from that institution. Cardholders agree to
pay the money back with interest, according to the institution’s terms. Credit cards
are issued in the following variety of categories:

● Standard cards simply extend a line of credit to their users for making
purchases, balance transfers, and/or cash advances, and they often have no
annual fee.
● Premium cards offer perks such as concierge services, airport lounge access,
special event access, and more, but they usually have higher annual fees.
● Rewards cards offer cash back, travel points, or other benefits to customers
based on how they spend.
● Balance transfer cards have low introductory interest rates and fees on
balance transfers from another credit card.
● Secured credit cards require an initial cash deposit that is held by the issuer
as collateral.
● Charge cards have no preset spending limit but often don’t allow unpaid
balances to carry over from month to month.

What Is a Debit Card?

A debit card is a payment card that makes payments by deducting money directly
from a consumer’s checking account, rather than on-loan from a bank or card
issuer. Debit cards offer the convenience of credit cards and many of the same
consumer protections when issued by major payment processors such as Visa or
Mastercard.7
 lOMoAR cPSD| 31622326

There are two types of debit cards that do not require the customer to have a
checking or savings account, in addition to one standard type.

● Standard debit cards draw on your bank account.

● Electronic benefits transfer (EBT) cards are issued by state and federal
agencies to allow qualifying users to use their benefits to make purchases.8
● Prepaid debit cards give people without access to a bank account a way to
make electronic purchases up to the amount that was preloaded onto the
card.

Digital Forensics is a branch of forensic science which includes the identification,

collection, analysis and reporting any valuable digital information in the digital
devices related to the computer crimes, as a part of the investigation. In simple words,
Digital Forensics is the process of identifying, preserving, analyzing and presenting
digital evidences. The first computer crimes were recognized in the 1978 Florida
computers act and after this, the field of digital forensics grew pretty fast in the late
1980-90’s. It includes the area of analysis like storage media, hardware, operating
system, network and applications. It consists of 5 steps at high level:
 lOMoAR cPSD| 31622326

1. Identification of evidence: It includes of identifying evidences related to

the digital crime in storage media, hardware, operating system, network
and/or applications. It is the most important and basic step.
2. Collection: It includes preserving the digital evidences identified in the
first step so that they doesn’t degrade to vanish with time. Preserving the
digital evidences is very important and crucial.
3. Analysis: It includes analyzing the collected digital evidences of the
committed computer crime in order to trace the criminal and possible path
used to breach into the system.
4. Documentation: It includes the proper documentation of the whole digital
investigation, digital evidences, loop holes of the attacked system etc. so
that the case can be studied and analysed in future also and can be
presented in the court in a proper format.
 lOMoAR cPSD| 31622326

5. Presentation: It includes the presentation of all the digital evidences and

documentation in the court in order to prove the digital crime committed
and identify the criminal.

Branches of Digital Forensics:

● Media forensics: It is the branch of digital forensics which includes
identification, collection, analysis and presentation of audio, video and
image evidences during the investigation process.
● Cyber forensics: It is the branch of digital forensics which includes
identification, collection, analysis and presentation of digital evidences
during the investigation of a cyber crime.
● Mobile forensics: It is the branch of digital forensics which includes
identification, collection, analysis and presentation of digital evidences
during the investigation of a crime committed through a mobile device like
mobile phones, GPS device, tablet, laptop.
● Software forensics: It is the branch of digital forensics which includes
identification, collection, analysis and presentation of digital evidences
during the investigation of a crime related to softwares only.