Security Model for TCP/IP Protocol Suite M. Anand Kumar Department of Information Technology, Karpagam University, India anandm_ss@yahoo.co.in Dr. S. Karthikeyan Department of Information Technology, College of Applied Sciences Sultanate of Oman skaarthi@gmail.com Abstract—the Internet has instantly evolved into a vast global network in the growing technology. TCP/IP Protocol Suite is the basic requirement for today’s Internet. Internet usage continues to increase exponentially. So network security becomes a growing problem. Even though IPv6 comes with build mechanism IPsec for security, it lacks security in Application layer of TCP/IP protocol suite. IPv6 solves most of the security breaches for IPv4 with the use of IPsec. But IPsec doesn’t have any security provision in the application layer. So there is a need for security mechanism. In this paper some of the security flaws of IPv6 are identified and we present a new architecture for TCP/IP protocol suite. Our proposed architecture includes a layer called security layer, which guarantees security to Application layer using a protocol Application layer security protocol (ALSP). Index Terms— Internet, TCP/IP, Cryptography, Security, Protocol I. INTRODUCTION The perception of security is traditionally connected to exigencies of defending sensitive data from illegal access. But at the moment network security is often approached from a different perception. With the growing use of the Internet infrastructure for commercial applications, the demand for Quality of service is one of the emerging paradigms in Internet and seems to be the corner stone for more and more network services [1]. An increasing number of applications need multifaceted, consistent control protocols for guaranteeing Quality of service. As an outcome the need for security in network infrastructure is stronger than ever. Internet is based on TCP/IP protocol suite. IP was not planned with security in mind. The severe security flaws of the TCP/IP protocol suite exist since the host relies on IP source address for authentication. The existing network layer protocol in the TCP/IP protocol suite is at present IPv4 (Internet-working protocol version 4). Even though IPv4 is well designed, its security breaches make it inappropriate for the fast emerging Internet. To over come these drawbacks, IPv6 (Internet-networking protocol version 6) also known as IPng was planned which became a standard in the recent past. [1]. Internet Protocol version 6 or IPv6 is an enhanced version of the IPv4, which is a current version, and most widely used Internet Protocol. IP enables data to be sent from one workstation to another in a network and is known as a connectionless protocol since there is no continuous connection between the two communicating devices. Therefore when a message is sent by means of IP it is broken up into packets, which may travel through a number of different routes to their final destination, and on arrival at their destination they are reassembled in their original form. Each device in a network has an IP address, which is used by the IP protocol to ensure that the packets of information reach their correct destination. It holds great guarantee to become the backbone of the prospect of the Internet and offers an important improvement over IPv4 in terms of scalability, security, mobility and convergence [2]. The Internet Engineering Task Force (IETF) standardized the basic framework of the IPv6 protocol in the 1990s. But, there is still ongoing development of certain advanced aspects of the protocol [2]. The rest of the paper is presented as follows. In section II we describe the architecture of TCP/IP model followed by cryptographic algorithms in section III. We then describe the proposed architecture in section IV. In section V, we analyze the performance and finally conclude in section VI. II. TCP/IP ARCHITECTURE OVERVIEW The TCP/IP protocol suite, as well referred to as the Internet protocol suite, is the set of communications protocols that implements the protocol stack on which the Internet and most commercial networks run. It is named after the two most important protocols in the suite: the Transmission Control Protocol (TCP) and the Internet Protocol (IP). Internet Protocol is the foundation of the TCP/IP protocol suite, since it is the mechanism responsible for delivering datagram’s The TCP/IP protocol suite—like the OSI reference model—is defined as a set of layers. Upper layers are logically closer to the user and deal with more abstract data, relying on lower layer protocols to translate data into forms that are transmitted physically over the network [4] JOURNAL OF ADVANCES IN INFORMATION TECHNOLOGY, VOL. 2, NO. 2, MAY 2011 87 © 2011 ACADEMY PUBLISHER doi:10.4304/jait.2.2.87-91