The Evolution of Security Protocols

ITS 370 Information Security

Spring 2020

Prof. ShinPing Tucker

Hunter Wikstrom

 

Milestone events

1930: Cryptographic Device, The Enigma Machine, shows us an early example of multilayered protection protocols.

1960: The Cold War brought on an increase of computers coming online to complete a networked communication system

1968: ARPANET comes online, we know it as the internet today.

1979: Rand Report R-609 becomes declassified and defines multiple controls and mechanisms necessary for protecting computer data.

1980: Transmission Control Protocol (TCP) and Internet Protocol (IP) are created and are still used as primary protocols to this day.

1982: US Department of Defense Computer Security Evaluation Center publishes first version of Trusted Computer Security (TCSEC) documents.

1986: Computer Fraud and Abuse act is enacted. Prohibits access to computers without authorization or more than authorization.

1987: The Computer Security Act in enacted.

1992: Internet Engineering Task Force develop Simple Internet Protocol Plus (SIPP) creating what is now known as IPSEC Security.

 

Narrative

It is no secret that today’s society relies heavily on technology and internet-based communications. There are many American’s who spend over 10 hours a day looking at a screen be it for work, shopping, or entertainment. Have you ever stopped to ask yourself “what keeps my information safe?” The answer to this question is number of security protocols that have been developed and improved since the creation of the internet.

What are Security Protocols? A protocol is a sequence of rules and events that ensure the protection of our data. This is important when we are transferring data from one party to another. These protocols are constantly in use and protect your data every day. The next time you make a purchase on Amazon be thankful these protocols are in place to protect your credit card data.

When it comes to security protocols, they begin sooner than you may think. Our first major taste of protocols came in 1930 when the famous cryptographic device, the enigma machine, was used to protect sensitive tactical information through multiple layers of security.

As time goes on the need for security protocols rises. In 1960 The Cold War saw many more mainframe computers brought online to accomplish sophisticated tasks and to complete a networked communication system. The system ARPANET came online in 1968 and we know it as the internet today.

As technology progresses, the need for standardized controls increases. In 1979 The world gets its first look at the recently declassified Rand Report R-609. This report defines the controls and mechanisms necessary to protect computerized data.

In 1980 Transmission control Protocol and Internet Protocol are developed as the primary protocols for ARPANET and are still used as the primary internet protocols today.

With the increase of computer usage and networked communication the need for regulation is in on the rise. In 1986 The computer Fraud and Abuse Act is declared and is followed up by the Computer Security Act in 1987.

When considering your security while using the computer or browsing the web it is important to account for attacks that you do not see. This is where a Firewall comes in. Firewalls monitor incoming and outgoing network traffic and make a barrier between your internal network and incoming traffic. This helps protect you from malicious things such as viruses and hackers.

Today there are multiple protocols that keep us safe on the internet and they are things we do not often think about. When looking at handshake protocols we must consider SSL and TLS protocols. What these protocols do is establish a secure connection between the client and the server. The client sends a “hello” message, cryptographic algorithms, and it compresses the files in whatever method is supported by the server.

The Server sends back another cryptographic algorithm, the session ID, The server’s Digital certificate, and the server’s public key.

Once the client gets this information it was contact the servers CA and verify that the server is legitimate and establishes trust, once this is done keys can be exchanged and messages and can be sent.

When using these protocols an observer can see the start and end points but cannot see the data that is being transmitted.

As security and privacy become more important people are looking towards VPNs. VPNs are virtual private networks that can make your internet usage of a public network much safer using tunneling protocols. These protocols encrypt you sent data and decrypt it on the receiving end. You can also use a VPN to access restricted sites and overcome censorship that may be accruing in your region.

 

Video

 

References

Udacity. “Transport Layer Security.” Youtube.com, Udacity, www.youtube.com/watch?v=sCuVLyvxM5g.

NordVPN. “Why Do You Need a VPN?” Youtube.com, NordVPN, www.youtube.com/watch?v=h70914fqalA.

Whitman, Michael E. Principles of Information Security. CENGAGE LEARNING CUSTOM P, 2018.