Integrated Security System

Slides:



Advertisements
Similar presentations
Cryptography and Network Security
Advertisements

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
VPNs  IETF developing IPsec security standards IP securityIP security At the internet layerAt the internet layer Protects all messages at the transport.
Electronic Transaction Security (E-Commerce)
Cryptography and Network Security Chapter 17
Chapter 8 Web Security.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
The Secure Sockets Layer (SSL) Protocol
Chapter 7 - Secure Socket Layer (SSL)
Virtual Private Network (VPN)
Cryptography and Network Security
Secure Sockets Layer (SSL)
UNIT.4 IP Security.
Visit for more Learning Resources
Cryptography and Network Security Chapter 16
Using SSL – Secure Socket Layer
CSE 4095 Transport Layer Security TLS
Cryptography and Network Security
Web Security and Security
Cryptography and Network Security
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
The Secure Sockets Layer (SSL) Protocol
Lecture 5: Transport layer (TLS / SSL) and Security ( PGP )
From Web Security by Lincoln pp – 35-51
Secure Socket Layer (SSL) Transport Layer Security (TLS)
Transport Layer Security (TLS)
Network Security 4/21/2019 Raj Rajarajan.
Unit 8 Network Security.
Electronic Payment Security Technologies
Module 4 System and Application Security
Virtual Private Networks (VPN)
Cryptography and Network Security
Presentation transcript:

Integrated Security System When two parties communicate … Their software usually handles the details First, negotiate security methods Then, authenticate one another Then, exchange symmetric session key Then can communicate securely using symmetric session key and message- by-message authentication

SSL Integrated Security System Secure Sockets Layer Developed by Netscape TLS (now) Netscape gave IETF control over SSL IETF renamed it TLS (Transport Layer Security) Usually still called SSL

Location of SSL Below the Application Layer IETF views it at the transport layer Protects all application exchanges Not limited to any single application WWW transactions, e-mail, etc. E-Mail WWW E-Mail WWW SSL SSL

SSL Operation Browser & Webserver Software Implement SSL User can be unaware

SSL Operation SSL ISS Process Two sides negotiate security parameters Webserver authenticates itself Browser may authenticate itself but rarely does Browser selects a symmetric session key, sends to webserver Adds a digital signature and encrypts all messages with the symmetric key

Importance of SSL Supported by Almost All Browsers Problems De facto standard for Internet application security Problems Relatively weak security Does not involve security on merchant server Does not validate credit card numbers Viewed as an available but temporary approach to consumer security

Other ISSs SSL is merely an example integrated security system Many other ISSs exist IPsec PPP and PPTP Etc.

Other ISSs All ISSs have the same general steps Negotiate security parameters Authenticate the partners Exchange a session key Communicate with message-by- message privacy, authentication, and message integrity

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.