If IPSec provides security at the network layer, why is it that security mechanisms are still needed at layers above IP?


If IPSec provides security at the network layer, why is it that security mechanisms are still needed at layers above IP?

Solution Preview:

Internet Protocol Security (IPsec):

It is a protocol suite which is for security of the Internet Protocol communications. In which, each and every packet of the IP are authenticated and encrypted during that particular communication. It also includes rules for mutual authentication between the two communicating parties at the start of the session. In which cryptographic keys are being used for that particular session.

It is an end to end scheme which operates at the Internet layer of the IP Layer Suite

  1. a pair of hosts (host-to-host)
  2. Between a pair of security gateways (network-to-network)
  3. Between a security gateway and a host (network-to-host).

Some other secure systems at the higher level of the TCP/IP are:

  1. Secure Sockets Layer (SSL)
  2. Transport Layer Security (TLS)
  3. Secure Shell (SSH)

IPsec protects any application traffic across an IP network from any layer protocol above it, but if the layer is using the protocol other than IP then IPsec is useless.

Suppose transport layer protocol uses UDP or RDP then the IPsec will not work, as the data is not going over the IP layer hence it is not secure hence security at the higher layer is required. For this purpose the SSL (secure Socket Layer) is developed in order to secure the Transport layer and its protocol as the security provided by the IPsec do not work for these protocol except IP.

Application Layer also uses IP packets for most of the security purposes but since applications also use other protocols for communication the IPsec security do not fulfil all security concerns arising in the Application layer hence the alternatives needed to be used.

Due to the some of the following short comings IPsec is not used for higher layer securities:

  1. Security on the gateway is essential if the IPsec have to function as it is designed.
  2. It cannot provide the end-to-end security when working at the layers above. It encrypts the connection between the two communicating parties but do not encrypt the messages exchanged between the two parties.
  3. Analysis of the packets at the IPsec can occur only for the unencrypted packets hence the layer will not be secure if the packet analysis have to be done.

What We Offer:
• On-time delivery guarantee
• PhD-level professionals
• Automatic plagiarism check
• 100% money-back guarantee
• 100% Privacy and Confidentiality
• High Quality custom-written papers

find the cost of your paper

prepare a lead container of mass 1.5 kg and pour 0.65 kg of water into it, both at the room temperature of 20.5°C.

You are at a restaurant eating lunch with a friend. After the meal, your friend realizes they left their wallet at home. Your friend gives you a piece of silver….

Given the above information, how many people did McKinsey and BCG hire in the year 2013?

There are two big consulting firms in Melbourne, McKinsey and Boston Consulting Group (BCG); assume that their clients view them as providing identical consulting services. They hire people on yearly….

write a program that reads a file and displays all of the words in it that are misspelled.

A spell checker can be a helpful tool for people who struggle to spell words correctly. In this exercise, you will write a program that reads a file and displays….