PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.

Slides:



Advertisements
Similar presentations
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
Module 5: Configuring Access to Internal Resources.
Web Server Administration TEC 236 Securing the Web Environment.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
Introduction To Windows NT ® Server And Internet Information Server.
Internet Protocol Security (IPSec)
Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
1 Enabling Secure Internet Access with ISA Server.
Public Key Infrastructure Ammar Hasayen ….
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Internet Information Server 6.0. Overview  What’s New in IIS 6.0?  Built-in Accounts and IIS 6.0  IIS Pass-Through Authentication  Securing Web Traffic.
Module 1: Installing Internet Information Services 5.0.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Session 11: Security with ASP.NET
Internet-Based Client Access
Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks.
Web Server Administration Chapter 10 Securing the Web Environment.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Securing Microsoft® Exchange Server 2010
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
15.47 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
1 Web services and security ---discuss different ways to enforce security Presenter: Han, Xue.
ArcGIS Server and Portal for ArcGIS An Introduction to Security
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Building Security into Your System Bill Major Gregory Ponto.
Module 8: Planning and Troubleshooting IPSec. Overview Understanding Default Policy Rules Planning an IPSec Deployment Troubleshooting IPSec Communications.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.
Module 11: Securing a Microsoft ASP.NET Web Application.
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
1 Installing and Maintaining ISA Server Planning an ISA Server Deployment Understand the current network infrastructure. Review company security.
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
Module 3 Planning for Active Directory®
Understand Internet Security LESSON Security Fundamentals.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
Secure Socket Layer SSL and TLS. SSL Protocol Peer negotiation for algorithm support Public key encryptionPublic key encryption -based key exchange and.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
Module 8: Implementing Group Policy. Overview Multimedia: Introduction to Group Policy Implementing Group Policy Objects Implementing GPOs on a Domain.
Module 3: Enabling Access to Internet Resources
Enabling Secure Internet Access with TMG
Securing the Network Perimeter with ISA 2004
Module 8: Securing Network Traffic by Using IPSec and Certificates
Implementing TMG Server Publishing
Cisco Real Exam Dumps IT-Dumps
Server-to-Client Remote Access and DirectAccess
Module 8: Securing Network Traffic by Using IPSec and Certificates
Building Security into Your System
Module 8: Implementing Group Policy
Designing IIS Security (IIS – Internet Information Service)
IS 4506 Configuring the FTP Service
Presentation transcript:

PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi

Overview  Introduction to SSL Security  Enabling SSL on a Web Server  Implementing Certificate-based Authentication

Introduction to SSL Security  Why Use SSL to Secure Web Traffic?  Multimedia: Using SSL to Secure Web Traffic  Certificates Used for an SSL Session  Guidelines for Choosing a Private or Commercial CA

Why Use SSL to Secure Web Traffic? By default, HTTP packets are transmitted as plaintext Implement SSL to: Encrypt the transmitted data at the application layer Enable Web clients to authenticate the Web server By default, HTTP packets are transmitted as plaintext Implement SSL to: Encrypt the transmitted data at the application layer Enable Web clients to authenticate the Web server

Using SSL to Secure Web Traffic Web Client Internet Web Server HTTP

Certificates Used for an SSL Session Certificate typeUsagePurpose Server certificates Mandatory  Secure transmission of the session key  Authenticate the Web server User certificates Optional  Authenticate the user  Implement certificate-based authentication of Web users

Guidelines for Choosing a Private or Commercial CA Business requirement Private CA Commercial CA Increase user confidence in your Web site Minimize the configuration of internal computers Include liability insurance Enforce your organization’s security policy Give end users flexibility for managing certificates Reduce the costs of issuing certificates

Enabling SSL on a Web Server  How to Acquire a Web Server Certificate from a Private CA  How to Acquire a Web Server Certificate from a Commercial CA  SSL Configuration Options  Certificate Deployment for Complex Configurations  Guidelines for Enabling SSL Security

Implementing Certificate-based Authentication  Web-based Authentication Methods  Types of Certificate Mapping  How to Implement Certificate Mapping in IIS  How to Implement Certificate Mapping in Active Directory  Guidelines for Certificate Mapping

Web-based Authentication Methods Authentication method Authentication security Anonymous authentication N/A Basic authentication * Digest authentication **.NET Passport *** Integrated Windows authentication **** Basic authentication with SSL **** Client certificates ***** * = low; ***** = high

Types of Certificate Mapping Mapping typeDescriptionUse when One to one A single certificate maps to one user account Each user must be uniquely identified Many to one Multiple certificates map to one user account based on common attributes Multiple users require the same level of access

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.