Transport Security Layer provides a simple API with sockets, which is similar and analogous to TCP's API. Design of these protocols use popular Application Program Interfaces (API) to TCP, called “sockets" for interfacing with TCP layer.Īpplications are now interfaced to Transport Security Layer instead of TCP directly. Transport Layer Security (TLS) protocols operate above the TCP layer. However, it can be employed by any application running over TCP. The security at this layer is mostly used to secure HTTP based web transactions on a network. Transport layer security schemes can address these problems by enhancing TCP/IP based network communication with confidentiality, data integrity, server authentication, and client authentication. Or he could carry out an identity theft by collecting Bob's name and credit card details. After receiving Bob's order, he could take Bob's money and flee. Lastly, if no server authentication is used, a server could display Alice's famous logo but the site could be a malicious site maintained by an attacker, who is masquerading as Alice. If no data integrity measure is used, an attacker could modify Bob's order in terms of type or quantity of goods. The attacker can then make purchases at Bob's expense. If transactions did not use confidentiality (encryption), an attacker could obtain his payment card information. All this sounds good, but in absence of network security, Bob could be in for a few surprises. Bob clicks on Submit and waits for delivery of goods with debit of price amount from his account. In a form on the website, Bob enters the type of good and quantity desired, his address and payment card details. Let's discuss a typical Internet-based business transaction.īob visits Alice’s website for selling goods. Anything above TCP/IP is implemented as user process. TCP and IP layers are implemented in the operating system. In this chapter, we will discuss the process of achieving network security at Transport Layer and associated security protocols.įor TCP/IP protocol based network, physical and data link layers are typically implemented in the user terminal and network card hardware. In the last chapter, we discussed some popular protocols that are designed to provide application layer security. As mentioned earlier, these protocols work at different layers of networking model. There are popular standards for real-time network security protocols such as S/MIME, SSL/TLS, SSH, and IPsec. To achieve this goal, many real-time security protocols have been designed. Network security entails securing data against attacks while it is in transit on a network.