Chapter 14: Representing Identity Dr. Wayne Summers Department of Computer Science Columbus State University

Slides:

Advertisements

Similar presentations

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.

Advertisements

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Grid Security. Typical Grid Scenario Users Resources.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #13-1 Chapter 14: Identity What is identity Multiple names for one thing Different.

Use of Kerberos-Issued Certificates at Fermilab Kerberos  PKI Translation Matt Crawford & Dane Skow Fermilab.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

1 Version 3.0 Module 9 TCP/IP Protocol and IP Addressing.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #15-1 Chapter 14: Identity What is identity Multiple names for one thing Different.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

23-Support Protocols and Technologies Dr. John P. Abraham Professor UTPA.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Addressing Networking for Home and Small Businesses – Chapter 5.

CS526: Information Security Chris Clifton October 16, 2003 Authentication.

Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Exploring How IP Address Protocols Work INTRO v2.0—4-1.

CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing

1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Objectives: Chapter 5: Network/Internet Layer  How Networks are connected Network/Internet Layer Routed Protocols Routing Protocols Autonomous Systems.

CHAPTER 3 PLANNING INTERNET CONNECTIVITY. D ETERMINING INTERNET CONNECTIVITY REQUIREMENTS Factors to be considered in internet access strategy: Sufficient.

1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.

Module 9: Fundamentals of Securing Network Communication.

CSC 382: Computer SecuritySlide #1 CSC 382: Computer Security Identity.

CS 447 Networks and Data Communication ARP (Address Resolution Protocol) for the Internet Department of Computer Science Southern Illinois University Edwardsville.

Translate tech terms into plain English. ?

Chapter 23: ARP, ICMP, DHCP CS332, IS333 Spring 2014.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

Network Address Translation External/ Internal/. OVERLOADING In Overloading, each computer on the private network is translated to the same IP address;

TCP/IP (Transmission Control Protocol / Internet Protocol)

CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing

1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Dynamic Host Configuration Protocol (DHCP)

IP addresses IPv4 and IPv6. IP addresses (IP=Internet Protocol) Each computer connected to the Internet must have a unique IP address.

Slide #15-1 Chapter 14: Identity What is identity Multiple names for one thing Different contexts, environments Pseudonymity and anonymity.

1 Internet Protocols To support the Internet and all its services, many protocols are necessary Some of the protocols that we will look at: –Internet Protocol.

Connection Technologies and IP Addressing CONNECTING TO THE INTERNET.

Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University

DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.

: MobileIP. : r Goal: Allow machines to roam around and maintain IP connectivity r Problem: IP addresses => location m This is important for efficient.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.

TCP/IP Protocol Suite and IP Addressing Presented By : Dupien AMS.

Chapter 26: Network Security Dr. Wayne Summers Department of Computer Science Columbus State University

Chapter 13. Identity.

Chapter 5 Network and Transport Layers

Chap 13. Representing Identity

Module 3: Enabling Access to Internet Resources

Computer Security: Art and Science

Chapter 6 – Routing.

NAT/ARP/RARP (Ch 5 & 8) Dr. Clincy Lecture.

Chapter 14: Representing Identity

Chapter 26: Network Security

Chapter 27: System Security

8PM – Quickly Overview Final Project

Ch. 11 – Cipher Techniques Dr. Wayne Summers

Chapter 17: Confinement Problem

Chapt. 10 – Key Management Dr. Wayne Summers

Ch 17 - Binding Protocol Addresses

Advanced Computer Networks

Presentation transcript:

Chapter 14: Representing Identity Dr. Wayne Summers Department of Computer Science Columbus State University

2 Representing Identity  Principal - unique entity (ex. File, user)  Identity - specifies a principal (ex. Filename, UID)  Authentication binds a principal to a representation of identity internal to the computer  Principals may be grouped into sets called groups  Role – type of group that ties membership to function

3 Naming and Certificates  Certificate – mechanism for binding cryptographic keys to identifiers –X.509v3 certificates use Distinguished Names: /O=Columbus State University/OU=Computer Science Dept/CN=Wayne Summers  CA authentication policy –describes the level of authentication required to identify the principal to whom the certificate is to be issued –Defines the way in which principals prove their identity  CA issuance policy describes the principals to whom the CA will issue certificates

4 Identity on the Web  Host Identity –Ethernet (MAC) address: E9-72-B3-75 –IP address: –Host name: jaring.colstate.edu  Static & Dynamic Identifiers –ARP (maps MAC and IP addresses) –DNS (maps IP addresses and host names) –DHCP – provides a dynamic IP address –NAT (Network Address Translation): router that translates between external and internal (private) addresses (e.g. 10.x.y.z)

5 Identity on the Web  State and Cookies –Cookie – token that contains information about the state of a transaction on a network name and associated value are encoded to represent the state Expiration field indicates when the cookie is valid Domain indicates for which domain the cookie is intended Path restricts the dissemination of the cookie within the domain Secure field restricts the use of the cookie to over SSL connections only

6 Anonymity on the Web  Anonymizer – site that hides the origin of the connection (similar to a proxy server)  Pseudo-anonymous r er – r er that replaces the originating address before it forwards the but keeps the mappings  Cyberpunk (type 1) r er – strips the header before forwarding  Mixmaster (type 2) r er- Cyperpunk r er that only handles enciphered messages and pads messages to a fixed size before sending them