Properties of Secure Communication

When two people want to communicate securely over the computer network, certainly sender wants only the receiver to be able to understand a message that sender has sent even though they are communicating over an insecure medium where an intruder may intercept, read and perform computation on whatever is transmitted from sender to receiver. A receiver also wants to be sure that the message he/she receives from a sender indeed sends by a real sender and sender also wants to sure that person to whom he/she communicating is indeed the actual receiver. Sender and receiver also want to make sure that the content of their message has not been altered in transit. Considering these requirements, we can identify the following desirable properties for secure communication, as essential task of Network Security:

Fig: Sender, Receiver and Intruder (Alice, Bob, and Trudy)

Properties of Secure Communication

Confidentially

Only the sender and intended receiver should be able to understand the content of the transmitted message. Because intruder may tap the message, it is necessary that the message somehow encrypted so that data can't be understood by other than the receiver. But there should be some mechanism (Algorithm) to decrypt the message by the receiver. This aspect of confidentiality is probably the most commonly known meaning of the term "Secure Communication"

Authentication

Both the sender and receiver should able to confirm the identity of the other party involved in the communication to confirm that the other party is indeed who or what he/she claim to be. Face-to-face human communication solves this problem easily by visual recognition. When Communicating entities exchange message over the secure medium where they can't see the other party.

Message Integrity and Non-reliability

Even if the sender and receiver are able to authenticate each other, they also want to ensure that the content of their communications is not altered, either maliciously or by the accident, in transmission. Checksumming techniques, Digital Signature message digest is some ways to provide such message integrity and non-repudiation.

Access control and availability

Some user may be legitimate to access resources while others are not. This leads to the notion of access control; ensuring the entities seeking to gain access to resources are allowed to do so only if they have the appropriate access rights, and perform their access in a well-defined manner. Access controls can be implemented by firewalls on application-level, on packet-filtering etc.

References:

1. A.S. Tanenbaum, “Computer Networks”, 3rd Edition, Prentice Hall India, 1997.
2. W. Stallings, “Data and Computer Communication”, Macmillan Press, 1989.
3. Kurose Ross, “Computer Networking: A top-down approach”, 2nd Edition, Pearson Education
4. Larry L. Peterson, Bruce S. Davie, “Computer Networks: A Systems Approach”, 3rd Edition, Morgan Kaufmann Publishers