Technology – Broad View1 Networks  For the most part, not a technology, but political/financial issue Available bandwidth continuously increasing (“√2-rule”

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
CP3397 ECommerce.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Cryptography 101 Frank Hecker
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Secure Electronic Transaction (SET)
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Digital Signatures, Message Digest and Authentication Week-9.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Welcome to the Introduction of Digital Signature Submitted By: Ankit Saxena.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Digital Signatures and Digital Certificates Monil Adhikari.
Private key
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Biometric Encryption Base RSA Algorithm Supervisor: Ass. Prof. Dr. Dang Tran Khanh Student: Dung Ngo Dinh.
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
INFSO-RI Enabling Grids for E-sciencE Sofia, 17 March 2009 Security, Authentication and Authorisation Mike Mineter Training, Outreach.
Key management issues in PGP
Basics of Cryptography
Computer Communication & Networks
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Chapter 4 Cryptography / Encryption
Install AD Certificate Services
PKI (Public Key Infrastructure)
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Introduction to Cryptography
Presentation transcript:

Technology – Broad View1 Networks  For the most part, not a technology, but political/financial issue Available bandwidth continuously increasing (“√2-rule” – doubling every two years) Cost/bandwidth ratio continuously decreasing networking technologies for high bandwidth available today (2.5 GBit/s, 10 GBit/s and higher, Ethernet, SDH, WDM,...) In principle, applies both to fibre optics as well as copper technologies for transmission of audio/video available (e.g. DiffServ, MPLS) transmitting audio/video via low-cost access points possible  Still open, to do in many networks: install transmission methods for audio/video via low-cost access network wide coordinate activities on European or world-wide basis (e.g. MPLS-Gateways)

Technology – Broad View2 Storage  Harddisks: Capacity: “√2-rule” Cost/capacity – ratio decreasing (IDE-RAIDs, S-ATA)  Tapes: “√2-rule” for capacity (AIT 1,2,3, LTO 1,2,3, S-AIT)  Future Holographic Storage: From todays viewpoint: unlimited storage capacity Probably available soon: 1 TByte DVD  „Input-bandwidth“ of archive: “√2-rule” (e.g. GWDG 400 MByte/s Peak)  Intelligent Storage Management (HSM etc.)  Media Migration / Refreshment needed for long term archiving  Policy needed that takes into account data volume, copying time and data integrity checks

Technology – Broad View3 Server Certificates, Authentication for Servers How can we be sure that an archive site is indeed the site it claims to be?  standards and technology available (X.509, Public Key Infrastructures...)  usability o.k. (Web-Browser)  users will accept (small) overhead if added value obvious  cost acceptable (typical 100 € per server and year)  cost reduction possible (e.g. certificates issued by scientific computing centers)

Technology – Broad View4 User Certificates, Authentication for Users How can we be sure that someone is indeed who he claims to be?  standards and technology available (X.509, Public Key Infrastructures...)  usability of certificates o.k. wrt signing & encrypting  Requesting a certificate, installing it today somehow tricky  Same applies to generating Private-Public-Key-Pair, securely storing private key, being mobile with private key (smart cards, usb tokens …)  Cost is an issue  cost reduction possible (e.g. certificates issued by scientific computing centers)  Support for users by scientific computing centers increasing  Secure authentication of user to server still an issue

Technology – Broad View5 A few words on basic security technologies  Certificate, Certification authority (CA), public key cryptosystem, public key infrastructure (PKI) …what is it all about???  Certificates, CA, PKI... what is it good for???  How do we use them to ensure message/data Integrity? Confidentiality? Authenticity?

Technology – Broad View6  Pair of (different but „corresponding“) keys  Both may be used for encryption/decryption  Encrypt with one, decrypt (only!) with the other  The basic „trick“: One is kept secret (private key), one made available to others (public key) -> ensure integrity and confidentiality  Let others encrypt message sent to you with your public key, decrypt message (only!) with own private key: ensures confidentiality  Encrypt „fingerprint of message“ with own private key, let others decrypt (only!) with your public key: ensures integrity Public key cryptosystems sK: Secret (Private) Key, pK: Public Key, Dig Sig: Digital Signature X Hash Value Y H(X) = Y F(Y, sK) = Z Z Document X DigSig Signer: Sender, Author, … (sK, pK) Hash Function Asymmetric Encryption Signed Document

Technology – Broad View7  Authenticity: how to make sure that the „person behind a public key“ is the person who she/he claims to be?  Idea: ask him to show his/her identity card!  Certificate is a „digital identity card“  A trustworthy third party signs relation of a public key and name, organisation, -adress etc. CA Trust Center (sK, pK) Hash Function Asymmetric Encryption Hash Value Seriennnummer ID der CA Gültigkeitsperiode Optionale Angaben Version Serial Number CA ID Validity Period Certificate Owner ID Optional Extensions Signature Owner pK Signature Algorithm Version Serial number CA ID Validity period Certificate owner ID Optional extensions Owner pK e.g. SHA-1 e.g. RSA Signature Algorithm = (Hash Function ID, Cipher ID) X.509v3 Certificate (Subject) Certificates, Certification Authorities sK: Secret (Private) Key, pK: Public Key, ID: Identifier, CA: Certification Authority SHA: Secure Hash Algorithm, RSA: Rivest Shamir Adleman

Technology – Broad View8 Public Key Infrastructure - PKI  PKI: infrastructure for administratoin of certificates (issue, revoke, distribute …)  PKI is a hierarchical structure, a hierarchy of certification authorities  Root-CA, Sub-CA on multiple levels  Root certificate issued by Root  Certificate for Sub-CA issued by Root  Certificate for Alice issued by Sub-CA sK: Secret (Private) Key, pK: Public Key, ID: Identifier, CA: Certification Authority CA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.