Case Study II: A Web Server CSCI 8710 September 30 th, 2008.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Systems engineering | universität duisburg-essen stochastische netze 2 daniel bambeck, robert mandir ws 04/05 1 Case Study II: A Web Server Based on the.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Principles of Information Security, 2nd edition1 Cryptography.
Distribution of Sample Means, the Central Limit Theorem If we take a new sample, the sample mean varies. Thus the sample mean has a distribution, called.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Chapter 8 Network Security 4/17/2017
1 Confidence Intervals for Means. 2 When the sample size n< 30 case1-1. the underlying distribution is normal with known variance case1-2. the underlying.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
CSCI 6962: Server-side Design and Programming
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
Linux Networking and Security Chapter 8 Making Data Secure.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Types of Electronic Infection
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Estimation Chapter 8. Estimating µ When σ Is Known.
Csci5233 computer security & integrity 1 Cryptography: an overview.
DIGITAL SIGNATURE.
Csci5931 Web Security1 GS: Chapter 3 Encryption, Authentication and Java Cryptography.
Network Security Chapter 8 12/13/ Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental.
Encryption. What is encryption? Encryption is conversion of original data to another data that can be converted back to original data by authorized persons.
Statistics for Business and Economics 8 th Edition Chapter 7 Estimation: Single Population Copyright © 2013 Pearson Education, Inc. Publishing as Prentice.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.
Network Security Chapter 8 Institute of Information Science and Technology. Chengdu University YiYong 2008 年 2 月 25 日.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
The Secure Sockets Layer (SSL) Protocol
Inference for the Mean of a Population
Secure Sockets Layer (SSL)
Chapter 8 Network Security.
12 E-Commerce Overview.
CompTIA Security+ Study Guide (SY0-501)
Section 2: Estimating with Small Samples
Chapter 8 Network Security.
The Secure Sockets Layer (SSL) Protocol
Unit 8 Network Security.
Electronic Payment Security Technologies
Presentation transcript:

Case Study II: A Web Server CSCI 8710 September 30 th, 2008

The Web Server A large company uses an internal Web server to allow its programmers, testers, and documentation personnel to download two types of files: – PDF files containing documents and manuals – ZIP files containing software files. The server has one CPU and 4 identical disks. – PDF files are stored on disks 1 and 2 (with evenly distributed access) – ZIP files are stored in disks 3 and 4 (with evenly distributed access)

Capacity Planning Questions How many PDF and ZIP file downloads can be sustained concurrently with given response times? What is the impact of using Secure Sockets Layer (SSL) for secure downloads?

From the Web Log

Confidence Interval Estimation of the Mean Known population standard deviation. Unknown population standard deviation: – Large samples: sample standard deviation is a good estimate for population standard deviation. OK to use normal distribution. – Small samples and original variable is normally distributed: use t distribution with n-1 degrees of freedom.

Confidence Interval Estimation of the Mean

Central Limit Theorem

Confidence Interval (large (n>30) samples)

Confidence Interval (small samples, normally distributed population)

Computing Important Quantiles in Excel

Building the Performance Model

Service Demands

Original Layout QN Model

Balanced Configuration

Secure Download Scenarios

Symmetric Encryption and Decryption

Public Key Encryption and Decryption

Performance Considerations Public Key (PK) cryptography is orders of magnitude slower than symmetric key cryptography. – encrypting a 128-byte block using a public key of 512 bits takes 3.5 msec on a Pentium-II 266 MHz while symmetric key encryption using AES would take less than one microsecond on the same machine.

Performance Considerations Symmetric key cryptography is not scalable to a large number of users: they are required to share a secret key. It is faster to encrypt with a public key than to decrypt with a secret key.

Message Digest

Performance of Message Digest Functions Message digest generation is a fast operation. For example, the hash generation rate of SHA- 1 is 13 clock cycles per byte on a Pentium machine. So, a digest of a 1-Mbyte file would be generated in approximately 13 msec on a 1 GHz Pentium machine.

Digital Signature

SSL Protocol Overview

Generation of a Server Certificate

Verification of a Server Certificate

SSL Connection Establishment

CPU Times for Various Security Options

Results for Secure Downloads

Experimental Comparison of Two Servers

Using Confidence Intervals to Compare the Two Servers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.