Which
of the following security protocols provides confidentiality, integrity, and authentication of network
traffic with end-to-end and intermediate-hop security?
A.
IPSec
B.
SET
C.
SWIPE
D.
SKIP
Explanation:
The Software IP Encryption Protocol (SWIPE) is an IP (Internet Protocol) security
protocol that operates at the Internet Layer of the Internet
Protocol Suite. It provides confidentiality, integrity, and authentication of network traffic, and can be
used to provide both end-to-end and
intermediate-hop security. SWIPE is concerned only with security mechanisms; policy and key
management are handled outside the protocol.
It works by augmenting each packet with a cryptographically-strong authenticator and/or encrypting
the data to be sent.
Answer option B is incorrect. Secure Electronic Transaction (SET) was a standard protocol for
securing credit card transactions over insecure
networks, specifically, the Internet. SET was not itself a payment system, but rather a set of security
protocols and formats that enable users
to employ the existing credit card payment infrastructure on an open network in a secure fashion.
However, it failed to gain traction. VISA now
promotes the 3-D Secure scheme.
SET allowed parties to cryptographically identify themselves to each other and exchange
information securely. SET used a blinding algorithm
that, in effect, would have let merchants substitute a certificate for a user’s credit-card number. If
SET were used, the merchant itself would
never have had to know the credit-card numbers being sent from the buyer, which would have
provided verified good payment but protected
customers and credit companies from fraud.
Answer option A is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It
secures traffic by using encryption and digital
signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be
read. IPSec also provides sender verification
that ensures the certainty of the datagram’s origin to the receiver.
Answer option D is incorrect. SKIP (Simple Key-Management for Internet Protocol) is developed by
the IETF Security Working Group for the
sharing of encryption keys. It is used to protect sessionless datagram protocols. SKIP works at Layer 3
of the OSI model. It integrates with
the IPSec (Internet Protocol Security).