We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published bySteven McFadden
Modified over 2 years ago
SSL Trust Pitfalls Prof. Ravi Sandhu
2 © Ravi Sandhu 2006 SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol
3 © Ravi Sandhu 2006 CLIENT-SIDE SSL (OR 2-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol
4 © Ravi Sandhu 2006 MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL X Q A R ST CEGIKMO abcdefghijklmnop
5 © Ravi Sandhu 2006 MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL Essentially the model on the web today Deployed in server-side SSL mode Client-side SSL mode yet to happen
6 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser Web server Server-side SSL Ultratrust Security Services
7 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser Web server Server-side SSL Ultratrust Security Services Mallorys Web server BIMM Corporation Server-side SSL
8 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser Web server Server-side SSL Ultratrust Security Services Mallorys Web server Server-side SSL BIMM Corporation Ultratrust Security Services
9 © Ravi Sandhu 2006 REFERENCES "The problem with multiple roots in Web browsers-certificate masquerading" by Hayes, J.M. Proceedings Seventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE (WET ICE '98) June 1998 Page(s):
SSL Trust Pitfalls Prof. Ravi Sandhu. 2 © Ravi Sandhu 2002 THE CERTIFICATE TRIANGLE user attributepublic-key X.509 identity certificate X.509 attribute.
SSL Trust Pitfalls Prof. Ravi Sandhu. 2 © Ravi Sandhu SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol.
DIGITAL CERTIFICATES Prof. Ravi Sandhu. 2 © Ravi Sandhu PUBLIC-KEY CERTIFICATES reliable distribution of public-keys public-key encryption sender needs.
PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
ISA 662 SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later.
The Future: Evolution of the Technology Ravi Sandhu Chief Scientist TriCipher, Inc. Los Gatos, California Executive Director and Chaired Professor Institute.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 4: There’s more to it than RACF.
1 Password-based authenticated key exchange Ravi Sandhu.
Authentication: the problem that will not go away Prof. Ravi Sandhu Chief Scientist Protecting Online Identity.
© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.
1 Rethinking Password Strategies Ravi Sandhu Chief Scientist
Module 1: Creating Responsive Pages with Ajax Creating Partial-Page Updates by Using AJAX Scripting Actions on the Web Client.
Web 2.0 MIS XLB.B Jack G. Zheng May 27 th Evolution of Web Pre-web (before 1990) Early web (1990s) Dynamic web (since late 1990s) Infrastructural.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Active Directory Federation Services How does it really work? John Craddock
© 2005 Ravi Sandhu Role Usage and Activation Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security.
Gail-Joon Ahn and Ravi Sandhu George Mason University Myong Kang and Joon Park Naval Research Laboratory Injecting RBAC to Secure a Web-based Workflow.
Regnet Specification : Technical point of view REGNET.
Application Service Providers The new way of working.
Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.
© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director February © Ravi Sandhu.
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Crash course on SSL/TLS Ran Canetti December 2009 ( Based on slided by Jörg Schwenk)
Internet Applications INTERNET APPLICATIONS. Internet Applications Domain Name Service Proxy Service Mail Service Web Service.
Digital Object Architecture an advanced architecture for information management.
© 2016 SlidePlayer.com Inc. All rights reserved.