SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

Slides:

Advertisements

Similar presentations

CP3397 ECommerce.

Advertisements

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography and Network Security

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Chapter 9 Deploying IIS and Active Directory Certificate Services

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.

Computer Science Public Key Management Lecture 5.

Configuring Active Directory Certificate Services Lesson 13.

Apache Security with SSL Using FreeBSD SANOG VI IP Services Workshop July 18, 2005 Hervey Allen Network Startup Resource Center.

Secure Sockets Layer (SSL) Fred Schank Kevin Wetter.

Cryptography 101 Frank Hecker

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data.

CSCI 6962: Server-side Design and Programming

Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.

Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.

IT:Network:Applications.  Single Key (Symmetric) encryption ◦ One “key” or passphrase used to encrypt and decrypt ◦ FAST – good for large amounts of.

Secure Electronic Transaction (SET)

Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.

Masud Hasan Secue VS Hushmail Project 2.

Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

1 Apache and Virtual Sites and SSL Dorcas Muthoni.

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Configuring Directory Certificate Services Lesson 13.

Types of Electronic Infection

Module 9: Fundamentals of Securing Network Communication.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.

Data Encryption using SSL Topic 5, Chapter 15 Network Programming Kansas State University at Salina.

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Windows 2000 Certificate Authority By Saunders Roesser.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Topic 14: Secure Communication1 Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Advanced Sendmail Part 1

Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.

Digital Signatures and Digital Certificates Monil Adhikari.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

X509 Web Authentication From the perspective of security or An Introduction to Certificates.

Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.

Key management issues in PGP

SSL Certificates for Secure Websites

Using SSL – Secure Socket Layer

Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE

Chapter 4 Cryptography / Encryption

Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE

Presentation transcript:

SSL & SharePoint IT:Network:Applications

Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration

What is Secure Socket Layer? SSL is the standard technology to create an encrypted link between a web server and a browser. All data passed between server and client is private Requires a SSL certificate Creating a SSL certificate includes: Completing several questions regarding the identity of your site and complany Web server creates two keys, public and private known as asymetric encryptiong SSL has been succeeded by Transport Layer Security (TLS) which is based on SSL

Encryption 101 Single Key (Symmetric) encryption One “key” or passphrase used to encrypt and decrypt FAST – good for large amounts of data How do you get the key across the network? Ex: AES, DES, DES3 Advanced Encryption Standard Data Encryption Standard Triple DES Dual key (or Asymmetric or public key) encryption Two mathematically related keys Public – used to encrypt / verify signature Everyone knows public key Private – used to decrypt / sign Only sender/receiver have private key Slower functioning – not applicable for entire files Ex: RSA, DSA

Encryption 101 Asymmetric Encryption Alice sends data and encrypts with Bobs public key Can give public key to anyone Bob receives Alice’s encrypted data. Bob decrypts Alice’s data with private key Only Bob has private key – Only Bob can decrypt request!

Encyption 101 How do you know it’s my public key? “Bad” server could claim to be web server for my bank “Here’s my public key, encrypt your account and send it to me” Why do we listen to the request? Sent from a “trusted” site. Ie. A site “resembling” your bank

Encryption 101 Certificates Digital construct (X.509) that contains my public key and other info Subject: who owns this key Valid dates: start and expire Issuer of certificate etc Issuer is someone we both trust Browser recognized issuer, accepts cert Browser doesn’t recognize issuer, rejects cert Usually asks User what to do

Encryption 101 How get cert VeriSign, DigiCert, Thawte, GoDaddy etc Pay them and they give you cert Usually underwritten by big bank – TRUST Recognized by most browsers – good for outside Gen your own e.g., Microsoft Certertificate Server (this is what we will do) Microsoft CA (Certificate Authority) e.g., OpenSSL – comes with Linux

Encryption 101 Microsoft Certificate Service Issues certificates for you – Acts as Certificate Authority (CA) Can implement a CA hierarchy Root server is at top – issues certs for other CA’s Subordinate CA Gets cert from “higher” CA – sort of like introducing it Issues certs for “lower” CA’s & end servers Can be Enterprise or Standalone Enterprise requires a Domain Controller/Active Directory (Domain Member?) Can automate issuing of some certs Stand-alone can be on any Microsoft Server Must do “issuing” yourself

Encryption 101 Two methods: Self Signed Request Certificate

Encryption 101 Request Cert for Web site Create Request

Encryption 101 Select Provider

Encryption 101 Provide Name

Encryption 101 Certificate for web site request

Encryption 101 Creating Self Signed Server Certificates  Create Self Signed  Provide name  Edit Site Bindings

Encryption 101 Secure Web! Browse by https:

SharePoint Customization Site collections  group of Web sites that have the same owner and share administration settings, for example, permissions. When you create a site collection, a top-level site is automatically created in the site collection. You can then create one or more subsites below the top-level site. Can be created through Central Administration PowerShell SharePoint provides site collection templates for the following categories: Collaboration Meetings Custom

Sharepoint integration Configure outgoing mail SharePoint sends/receives s for several reasons Create alerts to track site items such as lists, libraries and documents Site administrators can receive messages about site administrator issues such as site owners exceeding their storage space

Sharepoint integration Configure incoming mail 4 step process 1.Enable incoming in SharePoint 2.Install the SMTP service on one of the SharePoint web servers 3.Configure Exchange to forward messages to SharePoint 4.Specify which lists and libraries will be mail enabled More next week on this topic