Z39.50 and Cryptography ZIG July 13 th 2000 Poul Henrik Jørgensen, DBC

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
CP3397 ECommerce.
Presentation 5: Security Internetteknologi 2 (ITNET2)
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Encryption, SSL and Certificates BY JOSHUA COX AND RACHAEL MEAD.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.
Secure Sockets Layer. SSL SSL is a communications protocol layer which can be placed between TCP/IP and HTTP It intercepts web traffic and provides security.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
6/3/2015topic1 Web Security Qiang Yang Simon Fraser University Thanks: Francis Lau (HKU)
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Web services security I
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Cryptography 101 Frank Hecker
CSCI 6962: Server-side Design and Programming
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
1 Chapter 8: Security in Electronic Commerce IT357 Electronic Commerce.
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
May 2002Patroklos Argyroudis1 A crash course in cryptography and network security Patroklos Argyroudis CITY Liberal Studies.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Web Security : Secure Socket Layer Secure Electronic Transaction.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
IM NTU Distributed Information Systems 2004 Security -- 1 Security Yih-Kuen Tsay Dept. of Information Management National Taiwan University.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Secure Socket Layer SSL and TLS. SSL Protocol Peer negotiation for algorithm support Public key encryptionPublic key encryption -based key exchange and.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Electronic Banking & Security Electronic Banking & Security.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
The Secure Sockets Layer (SSL) Protocol
Computer Communication & Networks
Secure Sockets Layer (SSL)
The Secure Sockets Layer (SSL) Protocol
Electronic Payment Security Technologies
Presentation transcript:

Z39.50 and Cryptography ZIG July 13 th 2000 Poul Henrik Jørgensen, DBC

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC2 Is Cryptography Relevant to Z39.50?  Authentication: identify users (and servers) internally.  Confidentiality: keep searches, responses (and users) secret to from others.  Integrity: prevent tampering with searches and responses.  Non-repudiation: prove the transactions.

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC3 Security Threats  Spoofing: Masquerading as one of the parties.  Eavesdropping: Snooping on traffic between parties.  Tampering: Forgery or modification of messages.  Repudiation: Denying the transaction.

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC4 Symmetric Encryption  A single common encryption key is used to encode and decode messages  Both sender and receiver must know the common key  The common key need to be exchanged beforehand by some other secure method  Symmetric encryption is simple and fast  But - key management is impractical with large number of senders and receivers!

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC5 Public-key Cryptography  Public-key (PK) encryption algorithms use pairs of matched (asymmetric) keys for encryption and decryption.  Each user has a Public key and a corresponding Private (secret) key  Public-key cryptography is used to exchange symmetric keys securely.  Public-keys are also used to validate digital signatures.

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC6 Public-key Usage  Alice creates a new symmetric session-key.  Alice encrypts the session-key by means of Bob’s public key.  Alice transmits the encrypted message containing the session-key to Bob.  Bob decrypts Alice’s message with the session- key by means of his private key.  Alice and Bob both encrypt and decrypt subsequent messages by means of the session-key.

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC7 Digital Signatures and Certificates  Sender”sign” messages by means of his private secret key.  Recipient verify the senders signature by means of the senders public key.  The senders identity is certified by means of a”Certificate” which is digitally signed by a trusted third party.

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC8 Secure Socket Layer (SSL)  SSL is a communication layer on top of TCP/IP  SSL is supported by current browsers  Browser request a copy of a HTTPS servers’ certificate  Browser verify identity of the server by checking the certificate and the digital signature  Browser create a symmetric session key

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC9 Secure Socket Layer cont.  Browser encrypt the session key by means of the HTTP servers public key and transmits the session key to the server  Session data is encrypted and decrypted both ways at both ends by means of the symmetric session key 

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC10 Z39.50 and Symmetric Keys  A new Z39.50 Init Request option may specify use of a symmetric encryption algorithm within a Z39.50 session  Symmetric encryption key must be exchanged outside of the Z39.50 protocol, e.g. based on a predefined user password  Only Z39.50 user data is encrypted – not protocol elements

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC11 Z39.50 and Symmetric Keys cont.  Encryption and decryption must be handled by Z39.50 server and client applications.  This solution require limited changes to Z39.50 toolkits in order to handle a new Init Request option.  Z39.50 servers and clients must be modified to encrypt- and decrypt data via passwords or other symmetric keys.

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC12 Z39.50 with Symmetric Keys Encryption Toolkit ZS-Client Application Z-Client Toolkit Encryption Toolkit ZS-Server Application Z-Server Toolkit Z39.50 Session

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC13 Z39.50 and SSL  Z39.50 over SSL offers a complete security solution  Transparent to Z39.50 server and z-client applications  Require no changes to the Z39.50 protocol  Require a compatible Z39.50 toolkit on both z- server and z-client that utilise a SSL library  May require key certificates on Z39.50 server

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC14 Z39.50 Over SSL Z-Client Application ZS-Client Toolkit SSL Toolkit Z-Server Application ZS-Server Toolkit SSL Toolkit Encrypted Z39.50 Session

ZIG July 2000 CryptoPoul Henrik Jørgensen, DBC15 Summary  Security is primarily relevant to identify Z39.50 users  Confidentiality of queries and presented data may also be an issue  SSL require Z39.50 SRPM toolkits to utilise SSL libraries, but is transparent to z-servers and clients  Simple symmetric keys may require modifications to Z39.50 protocol and to z-servers and clients

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.