Embedded systems that are connected to any network, be it the full Internet or a small LAN, have to conform to the various protocols that have been designed and implemented to keep the network running - see Figure 1. Obviously, there must be communications protocols, including low-level (such as Ethernet or wireless technologies), medium level (such as TCP and IP), and high-level (HTTP, FTP). These protocols all work together to provide the vast array of services available from networked devices.
Each of those levels, however, is subject to a number of different failures and attacks, and therefore, many protocols have been adapted to include a notion of security. For the low-level, security may be as simple as checking hardware MAC addresses against a known list, or as complicated as WPA and other wireless technologies. In the middle, there are protocols like the Secure Sockets Layer (SSL) that provide blanket security for higher level protocols. At the high level, there are various schemes that protect information, such as HTTP authentication. With all of these protocols, how can a simple, resource-constrained device hope to keep up?
Well, in order to answer that question, we first need to look at some of the protocols that we need to implement in order for our devices to be able to be connected to a network. Only by looking at some details will we be able to pick the protocols that are relevant to our applications - and "trim the fat" we do not need off of the protocols we do need.
As it turns out, there are so many options available to us that we can pick and choose not only the protocols that we need, but also parts of those protocols that we are most interested in. This chapter will cover a number of protocols and technologies that are commonly used in networked systems. We will look at each from a high level first then dig into the details.
Figure 1: Embedded Devices on a Local Area Network
The point of this chapter is to familiarize the reader with the technique we will use later to choose security options for a particular application. Essentially, we will look at the intended use of a protocol or technology, then what makes that technology work, and finally, if and how we can adapt that technology to suit our requirements. For now, we will only look at the protocols from a standard PC-level view. Chapter 5 will cover the specific challenges related to using these technologies in a constricted resource environment.
The following is meant to be either an introduction to the material or a refresher for more experienced readers. It is not intended as a complete reference for the protocols discussed, but rather as a starting point for research. We will break down each technology to get a good idea of how it will be useful for us, leaving the mundane details to other references.
This chapter will provide a basis for understanding the role of security in network communications protocols using protocols primarily designed for wired communications. We will use this as a springboard into the material on security protocols in the next chapter.
We end the chapter with a short discussion on wireless protocols, but due to the complexity of the security for wireless communications (and the fact that security is a major feature of all wireless protocols), we will leave the detailed discussion of wireless security for Chapter 6, after we have had some time to cover security protocols (Chapter 3), the Secure Sockets Layer (SSL, Chapter 4), and the detailed discussion of security issues for resource-constrained systems (Chapter 5). The reason we push off the wireless discussion is that the intervening chapters all cover material that is incorporated into the common wireless standards (for example, 802.11 Wi-Fi relies on SSL for many of its built-in security features).