SSL Certificates for Secure Websites Dan Roberts Kent Network Users Group Wednesday, 17 March 2004.

Slides:



Advertisements
Similar presentations
INFN CA1 active since July manager: –Roberto Cecchini types of certificates released: –personal –server –object signing.
Advertisements

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Setting up Joshua Sanford David Sanchez.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Public Key Management and X.509 Certificates
Report on Attribute Certificates By Ganesh Godavari.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Intel Confidential 1 Configure PKI Web Server Certificates for each Management Controller.
Implementing Native Mode and Internet Based Client Management.
Internet Security Terms and Techniques Chris Avram Faculty of Information Technology Monash University 1U-Cubed ‘99Chris Avram.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.
Configuring Active Directory Certificate Services Lesson 13.
Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data.
CSCI 6962: Server-side Design and Programming
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
IT:Network:Applications.  Single Key (Symmetric) encryption ◦ One “key” or passphrase used to encrypt and decrypt ◦ FAST – good for large amounts of.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Internet Trust Defined. Delivered. Electronic Business the Way It Was Meant to Be.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
The Windows NT ® 5.0 Public Key Infrastructure Charlie Chase Program Manager Windows NT Security Microsoft Corporation.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Module 9: Fundamentals of Securing Network Communication.
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
Building Security into Your System Bill Major Gregory Ponto.
Windows 2000 Certificate Authority By Saunders Roesser.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
Public Key Infrastructure (PKI) Chien-Chung Shen
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Computer and Network Security - Message Digests, Kerberos, PKI –
Establishing a Geocities Account Mark Branom
Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.
Digital Signatures and Digital Certificates Monil Adhikari.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Quiz 2 Post-Mortem Bruce Maggs. 2 Create a new BitCoin address, and use it only once. E.g., create a new wallet. Create a new address and mine a BitCoin.
Maryknoll Wireless Network Access Steps for Windows 7 As of Aug 20, 2012.
Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
TOPIC: HTTPS (Security protocol)
Setting and Upload Products
SSL Certificates for Secure Websites
THE STEPS TO MANAGE THE GRID
How to Check if a site's connection is secure ?
Security in ebXML Messaging
CA Certificates on TBS WiFi
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
CS – E-commerce Technologies – Lecture 07
Install AD Certificate Services
Building Security into Your System
Electronic Payment Security Technologies
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Introduction to Let’s Encrypt
Presentation transcript:

SSL Certificates for Secure Websites Dan Roberts Kent Network Users Group Wednesday, 17 March 2004

Two Features of SSL Website Security Encrypted data channel for privacy SSL certificate for identity verification – Is the organization who it claims to be? – Is this a legitimate company?

Website with CA-signed SSL Certificate “I am wfs.kent.edu.. you can verify my identity with VeriSign.” Through your browser’s pre- established trust relationship with VeriSign, you automatically trust anyone who presents one of their certificates.

Website with Self-signed SSL Certificate “I am webmail.kent.edu.. you can verify my identity with webmail.kent.edu” Since there is no pre- existing trust relationship with webmail.kent.edu in your browser, a security alert message appears.

Self-signed SSL Certificates Free and unlimited supply Only trust relationship between users and server already exists Use for: – Internal development – Intranet applications

Self-signed SSL Certificates Kent has its own self-signing Certification Authority (CA) at – Installed on growing number of campus PCs Certificate signing requests can be submitted to Greg Dykes or Dan Roberts

CA-signed SSL Certificates Expensive (VeriSign $250-$400/cert per yr) Useful when trust is not a given – Allows user to verify your identity – Eliminates warning message Use for: – Public-facing web sites – Transactions involving commerce and/or exchange of personal information

Alternative to VeriSign GeoTrust – Trusted root certification authority – Same pre-established trust as VeriSign – Managed PKI services with certificate request processing tools for supporting constituents – Less cost (less than $150/cert per year) – Quantity and multi-year discounts available – Website:

GeoTrust’s CA certificate GeoTrust’s CA certificate has 99.9% browser penetration, and appears in your computer’s Trusted Root Certification Authority container as “Equifax”

Discussion University-wide opportunity to lower costs and centralize certificate management – Use self-signed certificates internally – Use alternate CA for public-facing sites Concerns? Questions? Suggestions? Interested in participating?

Contact Information Dan Roberts Administrative Computing Services

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.