Presentation is loading. Please wait.

Presentation is loading. Please wait.

Integrated Security System

Published bySebastiana Prado Modified over 5 years ago

Similar presentations

Presentation on theme: "Integrated Security System"— Presentation transcript:

1 Integrated Security System
When two parties communicate … Their software usually handles the details First, negotiate security methods Then, authenticate one another Then, exchange symmetric session key Then can communicate securely using symmetric session key and message- by-message authentication

2 SSL Integrated Security System
Secure Sockets Layer Developed by Netscape TLS (now) Netscape gave IETF control over SSL IETF renamed it TLS (Transport Layer Security) Usually still called SSL

3 Location of SSL Below the Application Layer
IETF views it at the transport layer Protects all application exchanges Not limited to any single application WWW transactions, , etc. WWW WWW SSL SSL

4 SSL Operation Browser & Webserver Software Implement SSL
User can be unaware

5 SSL Operation SSL ISS Process Two sides negotiate security parameters
Webserver authenticates itself Browser may authenticate itself but rarely does Browser selects a symmetric session key, sends to webserver Adds a digital signature and encrypts all messages with the symmetric key

6 Importance of SSL Supported by Almost All Browsers Problems
De facto standard for Internet application security Problems Relatively weak security Does not involve security on merchant server Does not validate credit card numbers Viewed as an available but temporary approach to consumer security

7 Other ISSs SSL is merely an example integrated security system
Many other ISSs exist IPsec PPP and PPTP Etc.

8 Other ISSs All ISSs have the same general steps
Negotiate security parameters Authenticate the partners Exchange a session key Communicate with message-by- message privacy, authentication, and message integrity

Download ppt "Integrated Security System"

Similar presentations

Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.

Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
VPNs  IETF developing IPsec security standards IP securityIP security At the internet layerAt the internet layer Protects all messages at the transport.

VPNs  IETF developing IPsec security standards IP securityIP security At the internet layerAt the internet layer Protects all messages at the transport.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Chapter 8 Web Security.

Chapter 8 Web Security.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.

Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.

1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.

Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
Introduction to Secure Sockets Layer (SSL) Protocol Based on: https://developer.mozilla.org/En/Introduction_to_SSL#The_SSL_Protocol.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Similar presentations

Ads by Google