Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke."— Presentation transcript:

1 Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke

2 CE23-2 Study Questions How does SSL/TLS use encryption? What prevents spoofing of the public key? How do digital signatures detect text alteration? Why not send confidential data via e-mail? Why is //https the only practical secure transmission on public wireless networks?

3 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-3 How Does SSL/TLS Use Encryption? Encryption techniques – Senders use key to encrypt plaintext message – Recipient uses key to decrypt Symmetric encryption – Both parties use same key Asymmetric encryption – Parties use two keys Public key, private key Message encoded with one, decoded with other Slower, but easier to implement

4 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-4 Secure Socket Layer (SSL) Protocol that uses both symmetric and asymmetric encryption Works between Levels 4 and 5 of TCP-OSI protocol architecture Asymmetric encryption transmits symmetric key which is used for balance of session – Allows client to verify that it is communicating with true Web site – Web site not spoofed – Users are not verified, and may be spoofed

5 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-5 How Do Digital Signatures Detect Text Alteration? Most messages sent using plaintext – Can be intercepted and altered Digital signatures – Ensure no alteration of plaintext messages – Plaintext message hashed Method that mathematically manipulates message to create bit string

6 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-6 Digital Signature, continued Bit string called message digest – Fixed length – Protected when transmitted One-way process Authentication programs ensure hashed messages not altered

7 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-7 Authentication Message digest encrypted using sender’s private key – Called signing the message Receiver decrypts digital signature with sender’s public key – Called true party’s public key Compares message digest with original message digest – If different, then message altered

8 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-8 What Prevents Spoofing of the Public Key? You need public key from party you are communicating with SSL/TLS uses digital signatures – Supplied by certificate authorities (CA) Trusted, independent third-party companies Only verifies that company has public key, not legitimacy of company Sent in plaintext – Signed by CA with its digital signature Browsers contain public keys for common CAs

9 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-9 Why Not Send Confidential Data via E-mail? Layer 5 protocols can use SSL/TLS – //https uses SSL/TLS – Secure transmission – ftp may use SSL/TLS – Few e-mail uses SSL/TLS May be digitally signed

10 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-10 //https and Public Wireless Networks Potential intruders must get physical access to wired network No direct connection needed for wireless network – Can be protected with sophisticated equipment – Wired Equivalent Privacy (WEP) is a wireless security standard – Wi-Fi protected Access (WPA) and WPA2 offer improved security

11 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-11 Testing Security Tendency to believe that system is secure White-hat hackers break into networks for the purpose of testing system for organization – Hire only reputable firms – Ensure firms have liability insurance to cover problems How does an organization handle results? – May be too expensive – May not be able to cure problem – Knowing about weakness that can’t be fixed exposes liability

12 © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke CE23-12 Active Review How does SSL/TLS use encryption? What prevents spoofing of the public key? How do digital signatures detect text alteration? Why not send confidential data via e-mail? Why is //https the only practical secure transmission on public wireless networks?

Download ppt "Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.

1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Similar presentations

Ads by Google