Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Cryptography and Network Security

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

(4.4) Internet Protocols Layered approach to Internet Software 1.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Electronic Transaction Security (E-Commerce)

1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter 8 Web Security.

Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.

Chapter 19 Security.

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

1 6 Chapter 6 Implementing Security for Electronic Commerce.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Encryption Objective 1: Explain data encryption procedures.

Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Cryptography, Authentication and Digital Signatures

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Encryption and Security Dylan Anderson Michael Huffman Julie Rothacher Dylan Anderson Michael Huffman Julie Rothacher.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Web Security : Secure Socket Layer Secure Electronic Transaction.

Types of Electronic Infection

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

Public Key Encryption.

ELC 200 Day 11. Agenda Questions? Assignment 3 is Not Corrected  Missing assignments Assignment 4 is posted  Due March 9:30 AM  Assignment4.pdf.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.

CIS 325: Data Communications1 Chapter Seventeen Network Security.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

Jump to first page Internet Security in Perspective Yong Cao December 2000.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

1 6 Chapter 6 Implementing Security for Electronic Commerce.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.

1 Internet data security (HTTPS and SSL) Ruiwu Chen.

TOPIC: HTTPS (Security protocol)

PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471

Unit 8 Network Security.

Electronic Payment Security Technologies

Cryptography and Network Security

Presentation transcript:

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone other than the sender and receiver  Purpose: Secure stored information and information transmission  Provides: –Message integrity –Authentication –Confidentiality

Symmetric Key Encryption  In symmetric-key encryption, each computer has a secret key (code)  Symmetric-key requires that you know which computers will be talking to each other so you can install the key on each one.  Symmetric-key encryption is essentially the same as a secret code that each of the two computers must know in order to decode the information.

Public Key Encryption  Public-key encryption uses two different keys at once - a combination of a private key and a public key  The private key is known only to your computer, while the public key is given by your computer to any computer that wants to communicate securely with it  Although a message sent from one computer to another won't be secure since the public key used for encryption is published and available to anyone, anyone who picks it up can't read it without the private key  Messages are encrypted with the recipient's public key and can only be decrypted with the corresponding private key.

SSL  A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information.

 Look for the "s" after "http" in the address whenever you are about to enter sensitive information, such as a credit- card number, into a form on a Web site  When you're accessing sensitive information, such as an online bank account or a payment transfer service like PayPal or Google Checkout, chances are you'll see this type of format change and know your information will pass along securely

 SSL make significant use of certificate authorities  The padlock symbol lets you know that you are using encryption  Once your browser requests a secure page and adds the "s" onto "http," the browser sends out the public key and the certificate, checking three things: 1) that the certificate comes from a trusted party; 2) that the certificate is currently valid; and 3) that the certificate has a relationship with the site from which it's coming.

Digital Signatures  A digital certificate is a unique piece of code or a large number that says that the Web server is trusted by an independent source known as a certificate authority. The certificate authority acts as a middleman that both computers trust. It confirms that each computer is in fact who it says it is, and then provides the public keys of each computer to the other.

Protecting Servers and Clients  Operating system controls: Authentication and access control mechanisms  Anti-virus software: Easiest and least expensive way to prevent threats to system integrity

Protecting Networks: Firewalls and Proxy Servers  Firewall: Hardware or software filters communications packets; prevents some packets from entering the network based on a security policy  Firewall methods include: –Packet filters  Proxy servers: Software servers that handle all communications originating from or being sent to the Internet

10 Firewalls and Proxy Servers