Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security Chapter 16
Advertisements

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Lecture 6: Web security: SSL
Cryptography and Network Security
Secure Socket Layer.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Internet Security Protocols
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Cryptography and Network Security
Cryptography and Network Security Chapter 17
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.
Chapter 8 Web Security.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Andreas Steffen, , 11-SSH.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen M. Liebi Institute for Internet Technologies and Applications.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Learning Aid Type Text Page 206 MGS GROUP C Svitlana Panasik.
Material being covered 3/9 Remainder of Text Chapter 6 (Q5, 6) Text Chapter 6A Material Posted 3/9 Midterm Information Introduction to Text Chapter 7.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Security Essentials Chapter 5
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
Tunneling and Securing TCP Services Nathan Green.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
SARVAJANIK COLLEGE OF ENGINEERING & TECHNOLOGY. Secure Sockets Layer (SSL) Protocol Presented By Shivangi Modi Presented By Shivangi ModiCo-M(Shift-1)En.No
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Gold Coast Campus School of Information Technology 2003/16216/3112INT Network Security 1Copyright © Griffith University, INT / 3112INT Network.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
Understand Internet Security LESSON Security Fundamentals.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
Cryptography and Network Security
Dr.Bremnavas Ismail Mohideen
Secure Sockets Layer (SSL)
UNIT.4 IP Security.
Visit for more Learning Resources
Cryptography and Network Security Chapter 16
Cryptography and Network Security
Cryptography and Network Security Chapter 16
Cryptography and Network Security
SSL (Secure Socket Layer)
Cryptography and Network Security Chapter 16
Cryptography and Network Security
Presentation transcript:

Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1

 Transport-level security (Chapter 16)  Web Security Considerations  Secure Socket Layer and Transport Layer Security  Transport Layer Security (TLS)  HTTPS  Secure Shell (SSH)

 Internet security : is a branch of computer security browser security  Secure Socket Layer (SSL) security services between TCP (Transmission Control Protocol) and applications use TCP via Transport Layer Service  SSL/TLS confidentiality & data integrity symmetric encryption & message authentication code (MAC)  HTTPS (HTTP over SSL) combination of HTTP and SSL secure communication between Web browser & Web server  Secure Shell (SSH) secure remote logon and other secure client/server facilities involves provides by Refers to implemen t provides

 Internet is two-way Web is vulnerable to attacks  Business transactions Reputations damaged and money lost Web servers subverted  Web software hide many potential security flaws vulnerable to a variety of security attacks

 Web server launching pad attacker access data systems connected to server at local site  Untrained (in security matters) users are common clients Web-based services not have tools or knowledge to effective countermeasures

 SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private  TLS (Transport Layer Security) is just an updated, more secure, version of SSL  SSL was developed by Netscape is an American computer services company, best known for Netscape navigator, its web browser

 SSL Record Protocol provides two security services  Confidentiality: Handshake Protocol defines a shared secret key that is used for conventional encryption  Message Integrity: Handshake Protocol defines a shared secret key that is used to form a message authentication code (MAC) SSL Protocol Stack

 Most complex part of SSL  Used before any application data is transmitted  Allows the server and client to authenticate each other  Negotiate an encryption & MAC algorithm & cryptographic keys to protect data

 Type (1 byte) Indicates one of 10 messages  Length (3 bytes) length of the message in bytes  Content (≥ 0 bytes) parameters associated with this message

 Least complex part of SSL  Consists of a single message (single byte with the value 1)  Updates cipher suite to be used on this connection

 Convey SSL-related alerts to the peer entity  Alert messages are compressed and encrypted  Each message in this protocol consists of two bytes warning fatal 1 2 Unexpected _ message An appropriate message was received

 What is HTTPS?  HTTPS built into all modern Web browsers  URL (Uniform Resource Locator)  port 443  port 80 Hypertext Transfer Protocol (HTTPS): is an application protocol to exchange or transfer hypertext Hypertext: is text displayed on a computer display with hyperlinks to other text which the reader can immediately access

Protocol Identifier Domain Name Protocol Type Source Location  URL is a web address  ftp://  Uniform Resource Locator (URL) was developed by Tim Berners-Lee in 1994 and the Internet Engineering Task Force (IETF) URI working group

 What is SSH?  SSH is a protocol for secure network communications designed to be simple and inexpensive  What are versions of SSH?  SSH1 /file transfer  SSH2 fixes security flaws of SSH1 SSH Communications Security Corporation is a Finnish company was founded by Tatu Ylönen in It is known as the inventor and original developer of the Secure Shell protocol and it currently has about 100 employees

 SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user  There are several ways to use SSH 1. Automatically generated public-private key pair to simply encrypt a network connection and use password authentication to log on 2. Manually generated public-private key pair

Thank you for your attention

1. information-center information-center 2. checker/views/certCheck.jsp checker/views/certCheck.jsp 3. networks/comparison-osi-tcp-model networks/comparison-osi-tcp-model SSYKE2_8.0.0/com.ibm.java.security.compone nt.80.doc/security- component/jsse2Docs/ssloverview.html SSYKE2_8.0.0/com.ibm.java.security.compone nt.80.doc/security- component/jsse2Docs/ssloverview.html

/from-netscape-to-firefox-the-story-of- mozilla-firefox/ 12/from-netscape-to-firefox-the-story-of- mozilla-firefox/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.