mirror of
https://github.com/jackyzha0/quartz.git
synced 2025-12-26 06:14:06 -06:00
51 lines
1.1 KiB
Markdown
51 lines
1.1 KiB
Markdown
---
|
|
title: "07-cryptography-applications"
|
|
aliases:
|
|
tags:
|
|
- comp210
|
|
- lecture
|
|
---
|
|
|
|
|
|
interest doesn't have low level security
|
|
- this would decrease compatibility
|
|
- easier to add this at hosts and software layer
|
|
|
|
# Layer model
|
|
- each layer of network hides information about lower levels and adds information for higher levels\
|
|
- transmission is only at physical layer
|
|
|
|
OSI model - more complicated but most common
|
|
|
|
TCP model
|
|
- application (http etc)
|
|
- transport (tcp etc)
|
|
- network (IP)
|
|
- data link (ethernet, wifi)
|
|
- physical layer
|
|
|
|
# End to end principle
|
|
- add "smarts" at the endpoints
|
|
- easier to change these than the middle
|
|
- keep middle simple, scalable, dumb
|
|
- KISS
|
|
|
|
# security not built in
|
|
- originall no security
|
|
- security was added
|
|
- http -> https
|
|
- ssl (secure socket layer) has been replaced by tls
|
|
- tls (transport layer security)
|
|
- ftp - sftp (file transfer)
|
|
- scp (secure copy)
|
|
- ssh (secure shell)
|
|
|
|
# security certificates
|
|
- client needs to authenticate the server
|
|
- also vice versa
|
|
- need to establish secure connection
|
|
- trusted third parties are used to sign server host's certificates
|
|
- "tree of trust"
|
|
- based on public key crypto
|
|
|