Network security
Network security

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Network security


10.1 Summary of Sections 1–5

There are many terms and abbreviations relating to this topic, and it is important to understand them.

Looking at the background to network security can help to put its more technical aspects in context.

Communication networks and the data they carry are vulnerable to a range of attacks. These can be categorised as either passive or active attacks. In a passive attack, communication across a network is observed but data within messages is not interfered with and messages may not even be readable by the attacker. Traffic analysis is strongly associated with passive attacks, but may also be a legitimate process for effective network management. An active attack typically involves, for example, the modification of messages or their replay, or access to data and networks through the assumption of a false identity, leading to either the misuse of data or disruption of network services.

There are many opportunities for an attacker to gain physical access to networks and these need to be resisted by both electronic and mechanical means. The sharing of networks through, for example, the internet, provides opportunities for attack without the need for the attacker to be physically close to the target networks. Wireless LAN technology presents further opportunities for illicit network access.

Encryption is one of the fundamental building blocks of network security. Encryption transforms plaintext into ciphertext, while decryption reverses the process. Encryption systems are based on one of two basic methods. The first is a symmetric key system in which a single secret key is shared between the two communicating entities. The second is an asymmetric system which uses two mathematically related keys known as the public key and the private key. One key is used for encryption and the other for decryption. Asymmetric key systems place higher demands on processing resources than symmetric key systems and tend to be slower, but they are more scalable and they do not rely on any prior secret key exchange. Hybrid systems are a combination of symmetric and asymmetric key systems.

The implementation of encryption systems can be related to network protocol layers. Encryption can be applied in link layer or end-to-end mode. In link layer encryption, the encryption and decryption processes take place at each node along a path, but this can be expensive and slow. End-to-end encryption involves applying encryption at higher layers in the protocol stack. Network layer encryption and application layer encryption are examples. Security vulnerabilities arise when protocol header information is exposed during message transmission or at nodes where data is processed in unencrypted form.


Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371