Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trust and the Public Key Infrastructure (PKI) Sangyoon Oh Florida State University Computer Security Projects GS5891-01 Spring 2001.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Trust and the Public Key Infrastructure (PKI) Sangyoon Oh Florida State University Computer Security Projects GS5891-01 Spring 2001."— Presentation transcript:

1 Trust and the Public Key Infrastructure (PKI) Sangyoon Oh Florida State University Computer Security Projects GS5891-01 Spring 2001

2 4/20/2001Computer Security2 Outlines Security on Current Internet What is PKI? Structures and Models Weaknesses and Right PKI Trustworthiness in open network

3 4/20/2001Computer Security3 Security on Internet Internet is cloud of connection User is responsible for everything E-commerce and B2B grow rapidly Needs framework to exchange data and money securely and privately

4 4/20/2001Computer Security4 Public Key Infrastructure Alice CA Bob Privacy: Bob ’ s public key Bob ’ s public key Alice ’ s public key Authentication: Alice ’ s private key

5 4/20/2001Computer Security5 Structures and Models Hierarchical structure: X.509 Pretty Good Privacy Virtual Private Network Secure connection over the phone line. Network service provider & Hardware vender Authentication, Encryption, Tunneling, Access Control

6 4/20/2001Computer Security6 Weakness Security is as strong as weakest link User computer is not safe: Private key Hacker use Root certificate RA (certificate content) - CA link is very weak.

7 4/20/2001Computer Security7 Right PKI Choose the right structure B2B, B need Hierarchical structure: X.509 Right Implementation Stochastic, security policy management prevent reliability failure and low level penatration Right Choice of PKI Structure prevent malicious attack

8 4/20/2001Computer Security8 Valuation of Trust (Thomas Beth, Malte Borcherding, Birgit Klein) Direct and Recommended Trust Trust Value Deriving Trust Relationships Combination of Trust Values Use: entrust task worth 100 unit, risk 49 unit.

9 4/20/2001Computer Security9 Secure communication in an unknown network ( M. Burmester and Y. Desmedt) Structure of trust graph is not known except attacker Using query flood, get neighbor list. Label the vertexes Get a good approximation of the trust graph

10 4/20/2001Computer Security10 Reference Which PKI (Public Key Infrastructure) is the right one? -- Carlisle Adams, Mike Burmester, Yvo Desmedt (2000) Valuation of Trust in Open Networks -- Thomas Beth, Malte Borcherding, Birgit Klein (1994) Secure communication in an unknownnetwork using certificates. -- M. Burmester and Y. Desmedt. (1999) Ten Risks of PKI: What you’re not being told about Public Key Infrastructure. -- Carl Ellison, Bruce Schneier (2000) Security in Computing, 2 nd -- Charles P. Pfleeger

11 4/20/2001Computer Security11 Reference Con ’ t A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. -- Rivest, R. L., Shamir, A., and Adleman, L. (1978). SPKI/SDSI 2.0 A Simple Distributed Security Infrastructure -- Ronald L. Rivest (1997) Virtual Private Networks -- Cris Banson (1999) What is a VPN? -- Paul Ferguson, Geoff Huston (1998)

Download ppt "Trust and the Public Key Infrastructure (PKI) Sangyoon Oh Florida State University Computer Security Projects GS5891-01 Spring 2001."

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
Computer Security CIS326 Dr Rachel Shipsey.

Computer Security CIS326 Dr Rachel Shipsey.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Security in Internet: what is it now? A presentation by Dmitry Belyavsky, TCI ENOG 6 / RIPE NCC Regional Meeting Kiev, Ukraine, October 2013.

Security in Internet: what is it now? A presentation by Dmitry Belyavsky, TCI ENOG 6 / RIPE NCC Regional Meeting Kiev, Ukraine, October 2013.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Public Key Infrastructure Ben Sangster February 23, 2006.

Public Key Infrastructure Ben Sangster February 23, 2006.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.

Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.
Computer Security Key Management

Computer Security Key Management
Is Hierarchical Public-key Certification The Next Target For Hackers? 報告人:范亞亭 2005/10/06.

Is Hierarchical Public-key Certification The Next Target For Hackers? 報告人:范亞亭 2005/10/06.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Similar presentations

Ads by Google