01/02/2016Web security and Trust Management 1 Reza Mousoli 2002-4 Web Security and Trust Management.

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

Virtual Private Networks
Computer and Network Security Mini Lecture by Milica Barjaktarovic.
PKI Implementation in the Real World
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Core Web Service Security Patterns
Online Security Tuesday April 8, 2003 Maxence Crossley.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Windows Server WHAT IS ACTIVE DIRECTORY? FUNDAMENTALS OF THE ACTIVE DIRECTORY – Benefits of Using the Active Directory in an Enterprise Environment.
Introduction To Windows NT ® Server And Internet Information Server.
Pervasive Computing and Communication Security (PerSec 2006) March 13th, 2006 Florina Almenárez, Andrés Marín, Daniel Díaz, Juan Sánchez
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.
By Karan Oberoi.  A directory service (DS) is a software application- or a set of applications - that stores and organizes information about a computer.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.
Exam2 Review. 5-2 Q1: What Is the Purpose of a Database? Organize and keep track of things Keep track of multiple themes General rule:  Single theme.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Masud Hasan Secue VS Hushmail Project 2.
The Windows NT ® 5.0 Public Key Infrastructure Charlie Chase Program Manager Windows NT Security Microsoft Corporation.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 5: Active Directory Logical Design.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
University of Westminster – Y. Zetuny, G. Terstyanszky, S. Winter, P. Kacsuk Centre for Parallel Computing Cavendish School of Informatics.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Configuring Directory Certificate Services Lesson 13.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Designing Authentication for a Microsoft Windows 2000 Network Designing Authentication in a Microsoft Windows 2000 Network Designing Kerberos Authentication.
Module 9: Fundamentals of Securing Network Communication.
Goal and Requirement Change Management in Enterprise Architecture Abelneh Teka 13, June 2012.
® Gradient Technologies, Inc. Inter-Cell Interworking Access Control Across the Boundary Open Group Members Meeting Sand Diego, CA USA April 1998 Brian.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
CSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana Viswanath Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure.
© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
Activity 4 Protecting Ourselves. Keeping Safe There are lots of different ways we can be at risk on the Internet. How can we protect ourselves and keep.
Computer and Network Security - Message Digests, Kerberos, PKI –
Creating and Managing Digital Certificates Chapter Eleven.
Computer Science and Engineering 1 Mobile Computing and Security.
Introduction to Active Directory
Private key
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Virtual Private Network Access for Remote Networks
Secure Connected Infrastructure
SECURING NETWORK TRAFFIC WITH IPSEC
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
{ Security Technologies}
Protecting Privacy During On-line Trust Negotiation
Presentation transcript:

01/02/2016Web security and Trust Management 1 Reza Mousoli Web Security and Trust Management

01/02/2016Web security and Trust Management 2 Context Rapid technological progress Borderless Internet No regulations No LAN, but WAN Perception of victimless crime

01/02/2016Web security and Trust Management 3 Trust a fuzzy word in computer security research Vagueness of common language. objective is, Security in distributed systems. Should Trust in this context be uniform and predictable for the same set of data?? i.e. FIXED.

01/02/2016Web security and Trust Management 4 Trusting Behaviour Trusting Intention Situational Decision to Trust Dispositional Trust Trusting Beliefs System Trust Belief Formation Processes Human Trust Model

01/02/2016Web security and Trust Management 5 The logic is simple. One has Trusting Beliefs about another, one will be willing to depend on that person (Trusting Intention). If one intends to depend on the person, then one will behave in ways that manifest that intention to depend (Trusting Behaviour)

01/02/2016Web security and Trust Management 6 Closed systems security. Distributed system security PKI ad-hoc methods heavily based on the strength of cryptography is the main method of enforcing security on the web. BUT……… Security is only as strong as the weakest link in the chain.

01/02/2016Web security and Trust Management 7 Corporations view of Trust IBM, Microsoft, Verisign, RSA, market and sell products that address security and Trust management problems. Product such as IBM ‘s Trust Authority, VeriSign’s Site Trust Services, MS Domain Trust or RSA Clear Trust; define Trust in their own terms

01/02/2016Web security and Trust Management 8 Corporations view of trust Generally means authorization,PKI, IPsec, public and private key encryption, SSL, SSO. i.e. Static trust. We need Dynamic Trust Management

01/02/2016Web security and Trust Management 9 Buzz Word!

01/02/2016Web security and Trust Management 10 VersiSign Trust Authority IBM RSA ClearTrust ® Kyberpass Trust services Entrust Authority ™ HP Trust Services

01/02/2016Web security and Trust Management 11 In NT, Trusts were limited to the two domains involved in the Trust and the Trust relationship was one-way. In Windows 2000 and above, all Trusts are transitive and two-way. Both domains in a Trust relationship automatically Trust each other. Windows Trust

01/02/2016Web security and Trust Management 12

01/02/2016Web security and Trust Management 13 This means that if Domain A trusts Domain B and Domain B trusts Domain C, users from Domain C (when granted the proper permissions) can access resources in Domain A.

01/02/2016Web security and Trust Management 14 The Trust-management by Blaze “Does the set C of credentials prove that the request r complies with the local security policy P?” - Trust properties for modelling??? - Transitive? - Symmetric?

01/02/2016Web security and Trust Management 15 Trust and Reputation

01/02/2016Web security and Trust Management 16 Trust and Reputation

01/02/2016Web security and Trust Management 17 Reputation Agents

01/02/2016Web security and Trust Management 18 Reputation Model In this model, only 2 ratings by an agent are considered: an “approve” (represented by ‘1’) or “disapprove” (represented by ‘0’) for an object o k in the environment. Let this rating process be represented by: Rating: r :A  O  {1,0} (3.3) where ik r represents the rating by agent a i on object o k. To model the process of opinion sharing between agents, the concept of an encounter is required. An encounter is an event between 2 different agents (a i, a j ) such that the query agent a i asks the response agent a j for a j ’s rating of an object: Encounter: e  E  A 2  O  {0,1}  {  } (3.4)

01/02/2016Web security and Trust Management 19 Trust Rating estimates Trust calculation algorithms:- Fuzzy Logic Logic of Uncertainty Bayesian Logic

01/02/2016Web security and Trust Management 20 Bayesian Estimate Rating Let xab(i) be the indicator variable for a’s approval of b after the ith encounter between them. If a and b have had n encounters in the past, the proportion of number of approvals of b by a can be modeled with a Beta prior distribution: Let n = total number of encounters between a and b in the past p = number of approvals of b by a in the past q = true proportion of number of approvals for b by a qˆ = estimator for q based on all encounters between a and b

01/02/2016Web security and Trust Management 21 Estimate of Approval by the Agent

01/02/2016Web security and Trust Management 22 Future Research Trust calculation algorithms Computable elements of trust Simulation and implementation

01/02/2016Web security and Trust Management 23 Discussions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Условия использования

© 2024 SlidePlayer.com. Inc. All rights reserved.