EEC 688/788 Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

Slides:



Advertisements
Similar presentations
Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
Advertisements

Public Key Infrastructure (PKI)
Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Public Key Management and X.509 Certificates
Report on Attribute Certificates By Ganesh Godavari.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Slide 1 Many slides from Vitaly Shmatikov, UT Austin Public-Key Infrastructure CNS F2006.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Secure Communications … or, the usability of PKI.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao
EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Unlinkable Secret Handshakes and Key-Private Group Key Management Schemes Author: Stanislaw Jarecki and Xiaomin Liu University of California, Irvine From:
EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao
EEC 688/788 Secure and Dependable Computing Lecture 12 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
EEC-484/584 Computer Networks Lecture 18 Wenbing Zhao (Part of the slides are based on materials supplied by Prentice-Hall)
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Computer Science Public Key Management Lecture 5.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
Galileo - Knowledge Testing Service e-MSoft Artur Majuch.
1 Lecture 11 Public Key Infrastructure (PKI) CIS CIS 5357 Network Security.
EEC 688/788 Secure and Dependable Computing
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
Configuring Directory Certificate Services Lesson 13.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Compliance Defects in Public- key Cryptography “ A public-key security system trusts its users to validate each others’s public keys rigorously and to.
15.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Key Management.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
ASYNCHRONOUS LARGE-SCALE CERTIFICATION BASED ON CERTIFICATE VERIFICATION TREES Josep Domingo-Ferrer, Marc Alba and Francesc Sebé Dept. of Computer Engineering.
Protocols for public-key management. Key management –two problems Distribution of public keys (for public- key cryptography) Distribution of secret keys.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Leveraging Campus Authentication for Grid Scalability Jim Jokl Marty Humphrey University of Virginia Internet2 Meeting April 2004.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Pkiuniversity.com. Alice Bob Honest Abe’s CA Simple PKI hierarchy.
Creating and Managing Digital Certificates Chapter Eleven.
Cryptography and Network Security Chapter 14
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Digital Signatures and Digital Certificates Monil Adhikari.
1 Public Key Infrastructure Dr. Rocky K. C. Chang 25 February, 2002.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Digital Signatures A digital signature is a protocol that produces the same effect as a real signature: It is a mark that only the sender can make but.
Information Security message M one-way hash fingerprint f = H(M)
EEC 688/788 Secure and Dependable Computing
زير ساخت كليد عمومي و گواهي هويت
جايگاه گواهی ديجيتالی در ايران
Digital Certificates and X.509
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
Chapter 15 Key Management
Presentation transcript:

EEC 688/788 Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

2 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao Outline Reminder: –Midterm#1: 9/21 Monday Public key management Mock quiz & Q/A

3 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao Management of Public Keys Problem statement Certificates X.509 Public key infrastructure

4 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao Problems with Public-Key Management If Alice and Bob do not know each other, how do they get each other’s public keys to start the communication process ? –It is essential Alice gets Bob’s public key, not someone else’s A way for Trudy to subvert public-key encryption

5 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao Certificates Certification Authority (CA): an organization that certifies public keys –It certifies the public keys belonging to people, companies, or even attributes –CA does not need to be on-line all the time (in ideal scenarios) A possible certificate and its signed hash

6 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao X.509 Devised and approved by ITU The basic fields of an X.509 certificate

7 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao Public-Key Infrastructures A Public-Key Infrastructure (PKI) is needed for reasons of –Availability, Scalability, Ease of management A PKI has multiple components –Users, CAs, Certificates, Directories A PKI provides a way of structuring these components and define standards for the various documents and protocols –A simple form of PKI is hierarchical CAs

8 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao Public-Key Infrastructures Hierarchical PKI A chain of trust/certification path: A chain of certificates going back to the root

9 6/27/2015 EEC688/788: Secure & Dependable ComputingWenbing Zhao Public-Key Infrastructures Revocation: sometimes certificates can be revoked, due to a number of reasons Reinstatement: a revoked certificate could conceivably be reinstated Each CA periodically issues a CRL (Certificate Revocation List) giving the serial numbers of all certificates that it has revoked –A user who is about to use a certificate must now acquire the CRL to see if the certificate has been revoked Having to deal with revocation (and possibly reinstatement) eliminates one of the best properties of certificates, namely, that they can be used without having to contact a CA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.