We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published bySteven McFadden
Modified over 3 years ago
SSL Trust Pitfalls Prof. Ravi Sandhu
2 © Ravi Sandhu 2006 SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol
3 © Ravi Sandhu 2006 CLIENT-SIDE SSL (OR 2-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol
4 © Ravi Sandhu 2006 MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL X Q A R ST CEGIKMO abcdefghijklmnop
5 © Ravi Sandhu 2006 MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL Essentially the model on the web today Deployed in server-side SSL mode Client-side SSL mode yet to happen
6 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser Web server Server-side SSL Ultratrust Security Services
7 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser Web server Server-side SSL Ultratrust Security Services Mallorys Web server BIMM Corporation Server-side SSL
8 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser Web server Server-side SSL Ultratrust Security Services Mallorys Web server Server-side SSL BIMM Corporation Ultratrust Security Services
9 © Ravi Sandhu 2006 REFERENCES "The problem with multiple roots in Web browsers-certificate masquerading" by Hayes, J.M. Proceedings Seventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE (WET ICE '98) June 1998 Page(s):
SSL Trust Pitfalls Prof. Ravi Sandhu. 2 © Ravi Sandhu 2002 THE CERTIFICATE TRIANGLE user attributepublic-key X.509 identity certificate X.509 attribute.
SSL Trust Pitfalls Prof. Ravi Sandhu. 2 © Ravi Sandhu SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol.
1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates.
SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu CONTEXT Mid to late 90’s SSL 1.0 never released SSL 2.0 flawed SSL 3.0 complete redesign TLS from Netscape.
1 Federated Identity and Single-Sign On Prof. Ravi Sandhu Executive Director and Endowed Chair February 15, 2013
DIGITAL CERTIFICATES Prof. Ravi Sandhu. 2 © Ravi Sandhu PUBLIC-KEY CERTIFICATES reliable distribution of public-keys public-key encryption sender needs.
PKI interoperability and policy in the wireless world.
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.
Building Security into Your System Bill Major Gregory Ponto.
SSL(Secure Socket Layer) Guided By:- Presented By:- Richard Sinn Jimmy Mehta
1 The Quest for Single-Sign On Prof. Ravi Sandhu Executive Director and Endowed Chair February 8, © Ravi Sandhu.
Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.
© 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
1 Panel on Data Usage Management: Technology or Regulation? Prof. Ravi Sandhu Executive Director and Endowed Chair DUMA 2013 May 23, 2013
End User Controlled Web Interaction Flow Using Service Oriented Architecture Model The 2nd IEEE Workshop on Enabling the Future Service-Oriented Internet.
Module 10: Identity and Access Services in Windows Server 2008 Active Directory.
Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)
NETWORK SECURITY 06APPLYING CRYPTOGRAPHY. Contents 6.1Digital Certificates 6.2Pubic Key Infrastructure 6.3Key Management 6.4Cryptographic Transport Protocols.
SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
Cryptography Introduction to Cryptography. Objectives A conceptual understanding of secret-key, public-key, and hashing cryptographic algorithms and how.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
Web 2.0 Applications. Tasks that can be completed with Dropbox.
© 2017 SlidePlayer.com Inc. All rights reserved.