Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

CP3397 ECommerce.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
Cryptography and Network Security
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
More Trick For Defeating SSL
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,
Chapter 5 Network Security Protocols in Practice Part I
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Security+ Guide to Network Security Fundamentals, Fourth Edition
Chapter 8 Web Security.
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.
DIGITAL CERTIFICATE & SSL PRESENTED BY, SWAPNA ERABATHINI.
CSCI 6962: Server-side Design and Programming
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Secure Electronic Transaction (SET)
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
Secure Socket Layer (SSL)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Component 9 – Networking and Health Information Exchange Unit 1-1 ISO Open Systems Interconnection (OSI) This material was developed by Duke University,
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Web Security : Secure Socket Layer Secure Electronic Transaction.
06 APPLYING CRYPTOGRAPHY
Chapter 21 Distributed System Security Copyright © 2008.
Module 9: Fundamentals of Securing Network Communication.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Data Encryption using SSL Topic 5, Chapter 15 Network Programming Kansas State University at Salina.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
INDEX oWoWhat is TCP/IP protocol suite ? oDoDifferent layers. oEoEncapsulation. oPoProtocol Interface.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Washington System Center © 2005 IBM Corporation August 25, 2005 RDS Training Secure Socket Layer (SSL) Overview z/Series Security (Mary Sweat, Greg Boyd)
CONTROLLING USER ACCESS: AUTHENTICATION AND AUTHORIZATION DEFIANA ARNALDY, M.SI
1 Certification Issue : how do we confidently know the public key of a given user? Authentication : a process for confirming or refuting a claim of identity.
Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.
Setting and Upload Products
Chapter 5 Network Security Protocols in Practice Part I
Information Security message M one-way hash fingerprint f = H(M)
Using SSL – Secure Socket Layer
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
Cryptography and Network Security
Install AD Certificate Services
PKI (Public Key Infrastructure)
Electronic Payment Security Technologies
Presentation transcript:

Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District

WHAT ARE WE HERE for?

WHAT’S A Digital Certificate? A (digital) form of identification –Drivers License –Passport Provides “information” about identity –Contains the public key of the entity identified in the certificate –The public key is matched to an identity and guaranteed by the issuer (Certificate Authority)

Certificate Uses Personal –Used to identify/validate individuals Server –Used to verify its identity to users –Bases for encryption Software Publisher –Used to sign/verify software Authority –Used to verify “signed” certificates

Certificate “Flavors” Public –Public signed certificate leveraging the PKI (Public Key Infrastructure) Private –Self generated/signed Wild Card –Used to represent a domain rather then a site Secure –40 to 256 bit encryption Secure Pro –128 to 256 bit encryption Extended Validation (EV) –Triggers the green address bar

Makeup of a Certificate Version number: X.509 standard Serial number –Uniquely identifies the certificate Certificate algorithm identifier –Key algorithm used to sign the certificate Issuer Validity period –The start (Valid from) and expiration date (Valid to) Subject –Name of the owner

Makeup of a Certificate Subject public key information –The owners public key and its algorithms Issuer unique identifier Subject unique identifier –Unique identifier of the certificate owner Extensions –Additional information related to the use and handling Certification authority's digital signature –Digital signature made with the certification authority's private key

Certificate Verification Certification Authority’s Name Your Identification Information Your Public Key Value Certification Authority’s Digital Signature Certificate Authority’s Public Key Message Digest

Certificate Verification

WHERE to GET CERTIFICATES Generate your own

How to Get Certificates Generate a request from the server Send the request to the certificate authority (CA) The certificate authority (CA) verifies your identity The certificate authority (CA) signs the certificate and returns it You install the certificate on your server

COMMON ERRORS Outside valid dates Site name does not match –Custom URL –Redirect Cannot be validated against the CA Common with self signed certificates Key does not match

SSL/TLS Secure Socket Layer – SSL Transport Layer Security – TLS Really what we are talking about is encryption that provides cryptographic security over network infrastructure like the Internet Encrypts the end-to-end segments of the connections at the Transport Layer (UDP/TCP) Commonly used to secure application protocols like HTTP, SMTP, ETC

SSL/TLS Link Network Transport Application Telnet, FTP, SMTP, HTTP TCP UDP IP, ICMP, IGMP Network interface and device driver TLS/SSL ENCAPSULATION

SSL/TLS

Questions?