Technology assistance

Slides:

Advertisements

Similar presentations

Dating Portal showcase Copyright © 2007 Credentica Inc. All Rights Reserved. February 15th - 16th, 2007.

Advertisements

CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.

1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

10/20/2011Pomcor 1 Deployment and Usability of Cryptographic Credentials Francisco Corella Karen Lewison Pomcor.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.

COMP3123 Internet Security Richard Henson University of Worcester October 2010.

Using Digital Credentials On The World-Wide Web M. Winslett.

Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne May 31, 2013 draft-peterson-secure-origin-ps-00.

PREVENTING CALLERID SPOOFING Henning Schulzrinne FCC draft-peterson-secure-origin-ps-00.

Via contains the address at which the originator is expecting to receive responses to this request. Mandatory To contains a display name and a SIP URI.

Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.

The Session Initiation Protocol (SIP) Common Log Format (CLF)‏ IETF 74, March 2009, San Francisco, CA (USA)‏ Vijay K. Gurbani Eric Burger Humberto Abdelnur.

1 Computer Communication & Networks Lecture 27 Application Layer: Electronic mail and FTP Waleed.

Secure Electronic Transaction (SET)

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Slide 1 Message Analysis Table.

August 2005IETF63 - SIPPING1 Recommended Relationships between Different Types of Identifiers draft-schulzrinne-sipping-id-relationships-00 Henning Schulzrinne.

An Overview of Single Sign-On, Federation, Its Benefits, and Basic Procedures for Integrating Applications.

The attacks ● XSS – type 1: non-persistent – type 2: persistent – Advanced: other keywords (, prompt()) or other technologies such as Flash.

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-01.

SOURCE IDENTITY (ORIGIN AUTHENTICATION) Henning Schulzrinne August 2013 draft-peterson-secure-origin-ps-01 + mailing list discussion.

Robocalling in the VoIP Age Henning Schulzrinne, FCC What does VoIP offer to robocallers? We (kind of) solved the spam problem – why not robocalls?

SIP Security Issues : The SIP Authentication Procedure and its Processing Load Speaker: Lin-Yi Wu Advisor : Prof. Yi-Bing Lin Date : 2003/04/09.

How to Use the Portal E-rate Program Applicant Training November 2015.

December 14, 2000Securely Available Credentails (SACRED) - Framework Draft 1 Securely Available Credentials (SACRED) Protocol Framework, Draft Specification.

1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

The Exchange Network Node Mentoring Workshop User Management on the Exchange Network Joe Carioti February 28, 2005.

Postech DP&NM Lab Session Initiation Protocol (SIP) Date: Seongcheol Hong DP&NM Lab., Dept. of CSE, POSTECH Date: Seongcheol.

How to retrieve Forgotten Password ?. If password is forgotten, Click Forgot Password ???

1 Authentication Celia Li Computer Science and Engineering York University.

SIP AAI a possibility for TF-EMC2 and TF-ECS cooperation

Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing.

Trust Profiling for Adaptive Trust Negotiation

Training Objectives About D2F Download Installation Configuration

Public Key Infrastructure (PKI)

EDC Process Proposal Brian Brandaw Manager of IT Common Platforms

Cryptography and Network Security

Secure Sockets Layer (SSL)

Chapter 8 Building the Transaction Database

Connection Establishment in BFCP draft-ietf-xcon-bfcp-connection-00

Session Initiation Protocol (SIP)

Chris Wendt, David Hancock (Comcast)

KMIP Client Registration Ideas for Discussion

SIP Preconditions for Media Privacy

Emergency Service Identifiers draft-ietf-ecrit-service-urn-01

Website: Contact No: ID:

SAML assisted Diffie-Hellman MIKEY

2016 Annual CPNI Training CPNI & PI Awareness Beth Slough,

European Citizens’ Initiative, Commission regulation proposal Focus on IT aspects Jérôme Stefanini DIGIT.B.2 05/06/2018.

Hannes Tschofenig Henning Schulzrinne M. Shanmugam

KMIP Entity Object and Client Registration

Cryptography and Network Security

Secure Electronic Transaction (SET) University of Windsor

Digital Certificates and X.509

Recommended Relationships between Different Types of Identifiers draft-schulzrinne-sipping-id-relationships-00 Henning Schulzrinne (Columbia U.) Eunsoo.

Lecture 5: Transport layer (TLS / SSL) and Security ( PGP )

Secure Electronic Transactions (SET)

IEEE IETF Liaison Report

RPIDS and tuple issues Henning Schulzrinne with help from Paul Kyzivat

RPIDS - Rich Presence Information Data Format for Presence Based on the Session Initiation Protocol (SIP) Henning Schulzrinne (ed.) Vijay Gurbani Krisztian.

Cryptography and Network Security

Employee Self-Service (ESS) Portal

Presentation transcript:

Technology assistance

Caller ID spoofing Caller ID Act of 2009: Prohibit any person or entity for transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm, or wrongfully obtain anything of value.

Henning Schulzrinne, FCC Number authentication From: Alice <sip:alice@example.com> To: Bob <sip:bob@example.net> Contact: <sip:alice@pc33.example.com> Date: Thu, 21 Feb 2002 13:02:03 GMT Call-ID: a84b4c76e66710 CSeq: 314159 INVITE RFC 3893 (2004) public-private key pair provided with phone number

Caller identification known caller previous calls sent her emails what’s your SSN? name unimportant bank ✔ credit card office ✔ can you recommend student X? name unimportant IEEE ✔ known university ✔

Henning Schulzrinne, FCC Attribute validation Attribute Validation Server (AVS): Issuer e.g., fcc.gov {Alice’s username, credentials, user ID, role} Attribute Reference ID (ARID) https:/fcc.gov/4163 3. Validates ARID with access code and retrieves selected attributes (e.g., Alice’s role) 1. Requests an ARID, selecting attributes to disclose HTTP over TLS SIP over TLS 2. Makes a call with the ARID and part of access code Caller: Principal = Alice Employee of fcc.gov tel:+12345678 Callee: Relying Party = Bob Accepts calls from members in *.gov; does not know Alice’s phone number draft-ono-dispatch-attribute-validation