Download presentation
Presentation is loading. Please wait.
Published byAthena Fairman Modified over 9 years ago
1
VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E. Wang Second Reader: Prof. Richard Smith
2
Voyager: Yet Another Secure Web Browser2 Scope of the Project Study of Secure Socket Layer(SSL) Protocol SSL Handshake Protocol SSL Record Protocol Demonstrate how SSL can be used to make clients secure against a secure server Keys and Digital Certificates Role of Gateways in SSL communication
3
Voyager: Yet Another Secure Web Browser3 Requirement Specification 1. Introduction to SSL 1. What is SSL and how SSL works 2. Client and Server Authentication 3. SSL Handshake Protocol 4. SSL Record Protocol 2. Difference between http and https 1. Demonstrated by developing a Browser that understands http and https. 3. Certificates and Digital Signatures 4. Role of Gateways in SSL communication
4
Voyager: Yet Another Secure Web Browser4 1. Difference between http and https http Stateless protocol Non secure connection Non Secure Sockets https Session based protocol Secure connection Secure Sockets
5
Voyager: Yet Another Secure Web Browser5 2. Introduction to SSL SSL- Developed by Netscape Communication SSL – accepted universally on the World Wide Web for AUTHENTICATED and ENCRYPTED communication between clients and servers IETF standard called Transport Layer Security is based on SSL SSL protocol runs above TCP/IP and below higher level protocols such as HTTP Uses TCP/IP to authenticate itself to an SSL enabled client
6
Voyager: Yet Another Secure Web Browser6 What does SSL actually do? Fragments messages to be transmitted into manageable blocks Compresses the data Encrypts and transmits the data Received data is decrypted Verified, decompressed Reassembled and transmitted to higher layers
7
Voyager: Yet Another Secure Web Browser7 SSL in TCP/IP Protocol Stack
8
Voyager: Yet Another Secure Web Browser8 SSL Record Layer Receives uninterrupted data from upper layers Fragmentation / Reassemble data Compresses/Decompress data Encrypt/Decrypt and verification of data
9
Voyager: Yet Another Secure Web Browser9 SSL Handshake Protocol Maintains information about the current state and next state called the pending state Once the handshake is complete, the two parties have shared secrets used to encrypt records and compute keyed messages authentication codes on their contents. Maintains the handshake state information of the client and server and ensures that the protocol state machines of client and server work consistently
10
Voyager: Yet Another Secure Web Browser10 SSL Record Protocol Receives uninterrupted data from upper layers Fragmentation / Reassemble data Compresses/Decompress data Encrypt/Decrypt and verification of data
11
Voyager: Yet Another Secure Web Browser11 Design:Secure Library Class Diagram
12
Voyager: Yet Another Secure Web Browser12 http connection sequence diagram
13
Voyager: Yet Another Secure Web Browser13 https connection sequence diagram
14
Voyager: Yet Another Secure Web Browser14 How/Why Gateways use SSL SSL designed to provide security between client and server and avoid man-in-the-middle attack SSL considers a proxy server as a middleman Gateways act as clients and authenticate servers. Client authentication is not possible. Gateway/proxy can internally authenticate client within the firewall Packet Filtering by allowing specific ports for specific traffic. 443 in case of SSL SSL can works with gateways that support SOCKS. SOCKS is a networking proxy protocol that enables hosts on one side of a SOCKS server to gain full access to hosts on the other side of the SOCKS server without requiring direct IP-reach ability. SOCKS is often used as a network firewall, redirecting connection requests from hosts on opposite sides of a SOCKS server. The SOCKS server authenticates and authorizes requests, establishes a proxy connection, and relays data between hosts.
15
Voyager: Yet Another Secure Web Browser15 Gateways and SSL Proxy Server should support SOCKS to support SSL With SOCKS, DNS is the responsibility of the client SSL tunneling, DNS is the responsibility of the proxy Proxy Server can spoof mock on behalf of internal client. Makes connection faster
16
Voyager: Yet Another Secure Web Browser16 Implementation Details Client/Server setup for development Voyager Front-end: Developed Using Java Swing. JRE:1.3.1_02 Secure Library: Developed using Java and JSSE. Testing: Running Apache Tomcat as a Secure Web Server on Local System on port #: 8443 JSSE is Java implementation of SSL developed by SUN Key/certificate generation Key/certificate generation using Keytool RSA algorithm used for key generation X.509v3 certificates generated Import/Export certificate to make certificate available for authentication
17
Voyager: Yet Another Secure Web Browser17 Voyager Snapshots
18
Voyager: Yet Another Secure Web Browser18 Securely Accessing Tomcat Apache Default page though Voyager
19
Voyager: Yet Another Secure Web Browser19 Accessing Golden-1 web site through Voyager
20
Voyager: Yet Another Secure Web Browser20 Conclusion Opportunity to learn about network security How SSL works/implemented Setting up client servers for secure communications Thanks to Dr. Wang and Prof. Dick Smith
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.