Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Đây là loại chữ ký đôi khi được gọi là chữ ký ngẫu nhiên. Một khó khăn nữa là nó cần phải là không thể để theo dõi chiếc ví trên cơ sở của bản sắc của guardianÂ. Vì vậy, cơ chế là cần thiết để làm mờ nguồn gốc của chính chữ ký của guardianÂ. Một cơ chế như vậy đã được đề xuất trong [7]. | Communication Network 151 Encryption of the upper-layer protocol packets by a lower-layer protocol makes sense only if the upper-layer protocol is end-to-end. In other words it should be used only if the potentially untrustworthy intermediate network nodes do not need the control information of the upper-layer packet in order to forward it to its destination. However if the packet control information is needed by the intermediate nodes e.g. IP destination address another technique must be applied. This technique is called tunneling. It can be applied if the upper-layer protocol information such as origin and destination address must be hidden. A tunnel is basically the encapsulation of a protocol by another protocol that can securely transfer the protected protocol s packets over an insecure network segment. Examples of tunneling are described in Section 11.4 L2TP and Section 12.3.3.2 IPsec ESP in tunnel mode . If the upper-layer protocol to be protected is an application it can send its data over a secure session or secure channel established by a lower-layer protocol. This lower layer is actually a session layer although the term is never used in the Internet model. A secure session protocol handles application data as a bit stream. It adds protection and forwards the protected data to the transport layer for transmission. An example of a secure channel is TLS see Section 13.4 . Tampering with control information means intercepting packets intended for other recipients and altering their headers and or trailers. This type of threat can lead to various attacks depending on the meaning of the modified header or trailer field. For example if a packet is intercepted and modified in such a way that the connection reset flag is set e.g. RST flag in a TCP segment see Section 12.2.3 the receiver will close the connection although that was not the authorized sender s intention. This attack is actually a denial-of-service attack because it prevents the authorized sender .
