CS 142 Lecture Notes: Network Security

Slides:



Advertisements
Similar presentations
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Advertisements

HTTPS and the Lock Icon Dan Boneh. Goals for this lecture Brief overview of HTTPS: How the SSL/TLS protocol works (very briefly) How to use HTTPS Integrating.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
SSL Spoofing Man-In-The-Middle attack on SSL Duane Peifer.
Online Security Tuesday April 8, 2003 Maxence Crossley.
CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 
Internet-Based Client Access
Lectures and Practicals Mon 8-10 SC1222 TUE SC1222 Office: SC Website: mis.csit.sci.tsu.ac.th/kanida.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
System settings for e-tendering portal
An Empirical Study of Visual Security Cues to Prevent the SSLstripping Attack Dongwan Shin and Rodrigo Lopes In Proc. 27 th Annual Computer Security Applications.
Secure Socket Layer (SSL) and Secure Electronic Transactions (SET) Network Security Fall Dr. Faisal Kakar
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
CS 241 Section (04/19/12). MP8  Web Server  Due: Tuesday, May 1 st, 11:59pm  What will you be doing?  Creating a web-server in C that serves HTML.
Ram Santhanam Application Level Attacks - Session Hijacking & Defences
The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Washington System Center © 2005 IBM Corporation August 25, 2005 RDS Training Secure Socket Layer (SSL) Overview z/Series Security (Mary Sweat, Greg Boyd)
Saphe surfing! 1 SAPHE Secure Anti-Phishing Environment Presented by Uri Sternfeld.
SSL. Why Is Security Important ●Security is important on E-Commerce because it makes sure that your information gets from your computer to their server.
Beavercreek High School BYOD Student Training: Wi-Fi Login and Authentication Portal.
By Chris Zachor CS 650.  Introduction  SSH Overview  Scenarios  How To:  Results  Conclusion.
VuGen - Secured application recording (
Slide 1 Phishing s CS 142 Lecture Notes: Security Attacks: Phishing.
Transport Layer Security (TLS) Extensions: Extension Definitions draft-ietf-tls-rfc4366-bis-00.
1 Cryptography CSS 329 Lecture 12: Kerberos. 2 Lecture Outline Kerberos - Overview - V4 - V5.
Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.
Computer and Network Security
Executive Director and Endowed Chair
The Secure Sockets Layer (SSL) Protocol
Chapter 7 - Secure Socket Layer (SSL)
Web Security CS-431.
Setting and Upload Products
Data Virtualization Tutorial… SSL with CIS Web Data Sources
Network Security Gene Itkis
Virtual Private Network (VPN)
Secure Sockets Layer (SSL)
BINF 711 Amr El Mougy Sherif Ismail
How to Check if a site's connection is secure ?
Topic 1: Data, information, knowledge and processing
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
CSE 4095 Transport Layer Security TLS, Part II
CS 142 Lecture Notes: Network Security
Using SSL – Secure Socket Layer
CSE 4095 Transport Layer Security TLS
12 E-Commerce Overview.
CS 465 TLS Last Updated: Oct 31, 2017.
WI / XA Integration with NetScaler Gateway: How it works
Cryptography and Network Security
CS 142 Lecture Notes: Security Attacks: Phishing
CS 142 Lecture Notes: Security Attacks: Phishing
TLS and DLP Behind the green lock.
SSL Protocol Figures used in the presentation
The Secure Sockets Layer (SSL) Protocol
SSL Decryption Explained
CS 142 Lecture Notes: Securing the Connection
Access eJournals Form Your Home
CS 142 Lecture Notes: Network Security
Lecture 10: Network Security.
SSL/TLS.
Unit 8 Network Security.
Advanced Computer Networks
Cryptography and Network Security
TLS Encryption and Decryption
Scott Miller TSM Team Lead Ray Mah Architect, Foundation
Presentation transcript:

CS 142 Lecture Notes: Network Security Certificates CS 142 Lecture Notes: Network Security

SSL/TLS Overview Most common: only the server is authenticated Browser client-hello server-hello + {server-cert}SKCA Key exchange (several options) Random key K client-key-exchange: {K}PKserver K {HTTP data}K Most common: only the server is authenticated CS 142 Lecture Notes: Network Security

SSL Stripping Replace https:// with http:// Active Attacker Browser HTTP request HTTP request Modified response HTTP response HTTP request HTTPS request HTTP response HTTPS response Browser Server Attacker opens HTTPS session, forwards requests and responses Attacker observes private info CS 142 Lecture Notes: Network Security

CS 142 Lecture Notes: Network Security HTTPS Indicators HTTP HTTPS Firefox 10 IE 8 Click on fav icon gives pop-up on bottom. Chrome 17 CS 142 Lecture Notes: Network Security 4

Mixed Content Indicators Silly dialogs Firefox 10: no SSL indicator Chrome 17: caution sign IE 8: warning dialog, no SSL lock CS 142 Lecture Notes: Network Security

CS 142 Lecture Notes: Network Security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.