BrownEyesRunt

Network security is concerned mainly with the following two elements:

- Confidentiality. Information should be available only to those who have rightful access to it.

- Authenticity and integrity. The sender of a message and the message itself should be verified at the receiving point.

For example user 1 sends a message ("I am user 1") to user 2. In part (a) of the figure, the network lacks any security

system, so an intruder can receive the message, change its content to a different message ("Hi! I am user 1") and send it to

user 2. User 2 may not know that this falsified message is really from user 1 (authentication) and that the content of the

message is what user 1 (confidentiality). In part (b) of the figure, a security block is added to each side of the

communication, and a secret key that only users 1 and 2 would know about is included. Therefore, the message is changed to a

form that cannot be altered by the intruder, who would be disabled in this communication transaction.