Cramster.com - Homework Solutions, Lecture Notes, Exams, and Free Online Homework Help
Sign Up Now! Login Customer Support Cramster Blog
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Problem Solved.
    Home    
    Homework Help    
   Answer Board   
    Resources (Beta)    
   
You Are Here: Home > Answer Board > Computer Science > Topic: VPN
Member's Topic Headline:

VPN

Know the answer? Have a better solution? Share it.
Get Help Now.
View homework problems
explained for free!
Member Testimonials

Question:

Advertisement:
Answer | Ask New Question | Customize Profile | Leaderboards | 
FAQ

Member's Avatar
Mentor
Karma Points: 445
Respect (96%):
Date Posted: 7/23/2008 2:33:00 AM  Status: Closed
VPN
Course Textbook Chapter Problem
N/A N/A N/A N/A
Question Details:
what is VPN in detail,
Helping Others is My HOBBY
Hope for LIFE SAVER RATE

Answers:

Member's Avatar
Scholar
Karma Points: 259
Date Posted: 7/23/2008 3:43:09 AM  Status: Live
Asker's Rating: None Provided    Moderator's Rating: Helpful
Response:
A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger network when this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such as authentication or content encryption. VPNs, for example, can be used to separate the traffic of different user communities over an underlying network with strong security features.
I did my best to answer your question. You do your best to rate me High. :-)

Member's Avatar
Guru
Karma Points: 2,014
Date Posted: 7/23/2008 6:55:54 AM  Status: Live
Asker's Rating: Lifesaver   
Response:
A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's network. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities, but at a much lower cost.
 
A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol (L2TP). In effect, the protocols, by encrypting data at the sending end and decrypting it at the receiving end, send the data through a "tunnel" that cannot be "entered" by data that is not properly encrypted. An additional level of security involves encrypting not only the data, but also the originating and receiving network addresses.
 

The term "VPN," or "Virtual Private Network," is one of the most overused buzzwords in the industry today. Proponents claim that VPNs can solve many issues, from extending the enterprise to include strategic business partners and customers, to providing remote users secure multiprotocol access to corporate Intranets, to securing corporate data for transport over the public Internet.

Vendors and consumers alike disagree as to what, exactly, a VPN is. With all the excitement, speculation and competing messages in the press regarding this technology, it's hard to figure out some of the basic questions. What exactly is a VPN? Why do you need a VPN? And what are some of the technologies used in deploying a VPN? This article will attempt to answer some of these questions.

Towards a Connected Planet

While the Internet holds incredible promise as an enabler for eBusiness, there are some major stumbling blocks that must be addressed if an organization is truly to conduct mission-critical business functions over the 'net. The Internet's greatest assets are its openness and ubiquity. But these characteristics are also its greatest weaknesses.

Historically, organizations built and deployed mission-critical applications over private local- and wide area networks (LANs and WANs), where the infrastructure was a known entity and access was tightly controlled. The end result was a private data communications infrastructure that had somewhat predictable application availability, performance and security.

Enter the 'Net. The types of applications being deployed across the public Internet today are increasingly mission-critical, whereby business success can be jeopardized by poor application performance. We've all heard the horror stories of frantic Internet traders trying desperately to unload stocks as the markets dropped, while bandwidth constraints hampered their attempts. Remember the phrase "form follows function"? It doesn't matter how attractive and potentially lucrative our applications are if they don't function reliably and consistently. The unpredictable nature of Internet traffic can be a major risk factor for e-business.

What about security? As you increase your connectivity, you increase your exposure and therefore your potential security risks. A disconnected stand-alone personal computer with sensitive information is vulnerable only to people who can gain physical access to it. Connect it to the Internet, however, and you drastically increase its exposure and attendant vulnerability.

Furthermore, data in transit across the Internet is subject to such threats as spoofing, session hijacking, sniffing, and man-in-the-middle attacks.

The desire to use the Internet for business and the the risk factors associated with doing so have given rise to a new technology niche: Virtual Private Networks (VPN). VPNs typically are IP-based networks (usually the public Internet) that use encryption and tunneling to achieve one or more of the following goals:

  • connect users securely their own corporate network (remote access)
  • link branch offices to an enterprise network (intranet)
  • extend organizations' existing computing infrastructure to include partners, suppliers and customers (extranet).

The idea is to extend trust relationships across an economical public network without sacrificing security. Ideally, a VPN should behave similarly to a private network; it should be secure, highly available and have predictable performance.

Approaches

Many VPN technologies already exist, with more being developed, marketed and deployed each day. Some products are based on standards (usually emerging standards); others are proprietary. Some address very specific requirements, such as secure remote access over the Internet for mobile users, while others focus more on secure LAN-to-LAN connectivity. Each product and technology has inherent strengths and weaknesses.

The trick is to understand the current technology landscape; to understand how to choose the right solutions dependent on the underlying problems that must be addressed; and to understand where the technology will likely head in the future.

Looking at the design goals for a VPN, security is the focus of most solutions available today, and we therefore begin with approaches to ensuring Confidentiality, Integrity and Authentication. Performance and availability, also important goals, are discussed towards the end of the article.

Confidentiality

Confidentiality protects the privacy of information being exchanged between communicating parties. Towards this end, every VPN solution provides encryption of some sort.

The two primary cryptographic systems in use today are secret key cryptography and public key cryptography. Secret (or private) key cryptography uses a shared key which is used to encrypt and decrypt messages. The major problem with private key cryptography is key exchange. Sending secret keys across the Internet unencrypted is not an option for obvious reasons. This is where public key cryptography can help. Public key cryptography uses a mathematically linked key pair for each communicating party. This means that data encrypted with one key can be decrypted with the other key in the pair. A sender can encrypt a message with the recipient's public key, which as the name implies is publicly available (on a server, for example). The recipient can then decrypt the message using his or her own private key.

Public key systems enable encryption over an unsecured network as well as a mechanism to exchange secret keys. On the downside, public key cryptography is computationally intensive, and therefore often combined with secret key cryptography to get the best blend of performance and functionality. For example, the Diffie-Hellman public key algorithm can be used in conjunction with the DES secret key algorithm-Diffie-Hellman to produce the secret key and DES to encrypt the traffic.

Integrity

Integrity ensures that information being transmitted over the public Internet is not altered in any way during transit. VPNs typically use one of three technologies to ensure integrity:

  • One-way hash functions - A hash function generates a fixed-length output value based on an arbitrary-length input file. The idea is that it's easy to calculate the hash value of a file but mathematically difficult to generate a file that will hash to that value. To validate the integrity of a file, a recipient would calculate the hash value of that file and compare it to the hash value sent by the sender. Thus, the recipient can be assured that the sender had the file at the time he or she created the hash value. Examples of hash algorithms are MD5, SHA-1 and RIPE-MD-160.
  • Message-authentication codes (MACs) simply add a key to hash functions. A sender would create a file, calculate a MAC based on a key shared with the recipient, and then append it to the file. When the recipient receives the file, it is easy to calculate the MAC and compare it to the one that was appended to the file.
  • Digital signatures can also be used for data integrity purposes. A digital signature is essentially public key cryptography in reverse. A sender digitally "signs" a document with their private key and the recipient can verify the signature via the sender's public key.
MasooM's Comment:
Dear i m v.thankfull of u for solving my problem in detail, once again thanx alot
Hope this will help you,
Don't forget to LIFE SAVER RATE to my answer plz.

Ziaxp (MIT)



By reading or posting messages on these forums, you are agreeing to the Answer Board's Terms of Service and Conduct (TSC).


About Cramster | Terms of Use | Privacy Policy | Contact Us | Press Room | Site Map | Support | Anti-Cheating Policy

Cramster.com is not affiliated with any publisher. Book covers, title and author names appear for reference only.
Copyright © 2008 Cramster, Inc.