1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

Slides:



Advertisements
Similar presentations
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Advertisements

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Module 5: Configuring Access to Internal Resources.
Grid Security. Typical Grid Scenario Users Resources.
Chapter 5 Network Security Protocols in Practice Part I
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.
Online Security Tuesday April 8, 2003 Maxence Crossley.
6/15/2015 3:39 PM Lecture 6: Identity and Data Mining James Hook (Some material from Bishop, 2004) CS 591: Introduction to Computer Security.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #13-1 Chapter 14: Identity What is identity Multiple names for one thing Different.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #15-1 Chapter 14: Identity What is identity Multiple names for one thing Different.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.
1 Authentication Protocols Celia Li Computer Science and Engineering York University.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Cisco Discovery Working at a Small-to-Medium Business or ISP CHAPTER 7 ISP Services Jr.
CS526: Information Security Chris Clifton October 16, 2003 Authentication.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Module 9: Fundamentals of Securing Network Communication.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
The Inter-network is a big network of networks.. The five-layer networking model for the internet.
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
CSC 382: Computer SecuritySlide #1 CSC 382: Computer Security Identity.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Translate tech terms into plain English. ?
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Protocols for public-key management. Key management –two problems Distribution of public keys (for public- key cryptography) Distribution of secret keys.
Presented by Rebecca Meinhold But How Does the Internet Work?
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Slide #15-1 Chapter 14: Identity What is identity Multiple names for one thing Different contexts, environments Pseudonymity and anonymity.
Chapter 14: Representing Identity Dr. Wayne Summers Department of Computer Science Columbus State University
DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.
Uniform Resource Locator URL protocol URL host Path to file Every single website on the Internet has its own unique.
Securing Access to Data Using IPsec Josh Jones Cosc352.
@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
© 2003, Cisco Systems, Inc. All rights reserved.
Chapter 13. Identity.
Chap 13. Representing Identity
Computer Security: Art and Science
Chapter 18 IP Security  IP Security (IPSec)
IIS.
De-anonymizing the Internet Using Unreliable IDs By Yinglian Xie, Fang Yu, and Martín Abadi Presented by Peng Cheng 03/22/2017.
Chapter 14: Representing Identity
Message Digest Cryptographic checksum One-way function Relevance
Network Hardware and Protocols
Computer Security: Art and Science
Presentation transcript:

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004

2 Overview Certificates Network identities R ers

3 What is Identity? Def: A principal is a unique entity. An identity specifies a principal. A principal may be a person, an organization, or an object

4 Example Identities URL File name File descriptor Login User Identification Number (UID)

5 Certificates Used to bind crypto keys to identifiers Certification Authority (CA) vouches for identity of principal to which certificate is issued CA authentication policy describes level of authentication required to identify principal when certificate issued CA issuance policy describes principals to whom CA will issue certificates

6 Internet Policy Registration Authority (IPRA) Sets policies for all subordinate CAs Certifies Policy Certification Authorities (PCAs) – each may have their own authentication and issuance policy – may not conflict with IPRA PCAs issue certificates to CAs CAs issue certificates to organizations and individuals

7 Network Identities Media Access Control (MAC) address used at link layer Internet Protocol (IP) address used at network layer Host name used at application layer Dynamic Host Configuration Protocol (DHCP) may be used to temporarily assign an IP address

8 Domain Name System (DNS) Records Forward: map host name to IP address Reverse: map IP addresses to host names May compare forward and reverse mappings in order to determine whether to trust a host name

9 Cookies Used to represent state of a web session Fields: – Name, value: bind value to name – Expires: delete at end of session or at specified time – Domain: to whom cookie may be sent, must have embedded "." – Path: restricts domain – Secure: whether to use SSL

10 Anonymity on the Web Pseudo-anonymous r er - replaces originating address before forwarding, keeps mapping of anonymous identities and associated origins Cypherpunk r er (type 1) - deletes header of incoming message and forwards remainder – typically used in chain – typically enciphered messages

11 Attacking Cypherpunk Monitor traffic in/out of r ers Observe times of arrival/departure Observe size of messages Flood r er with messages to defeat countermeasures

12 Mixmaster R ers (Type 2) Cypherpunk r er plus: – padding or fragmentation to create fixed size records – uniquely numbered messages to avoid replay attacks

13 Why is Anonymity Needed? Whistleblowing Protection of privacy ???

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.