Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Introduction to Cryptography
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Principles of Information Security, 2nd edition1 Cryptography.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Chapter 29 Internet Security
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Cryptography 101 Frank Hecker
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Chapter 31 Network Security
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
Masud Hasan Secue VS Hushmail Project 2.
Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.
Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
06 APPLYING CRYPTOGRAPHY
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Public Key Encryption.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 29 Internet Security.
Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
The Secure Sockets Layer (SSL) Protocol
Public Key Infrastructure
The Secure Sockets Layer (SSL) Protocol
Electronic Payment Security Technologies
Presentation transcript:

Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007

Overview Symmetric/Asymmetric Key Digital Signatures Certificates SSL Protocol Commonly Used Certificates VNC Tunneling PGP/GnuPG Conclusion

Symmetric Encryption “Private” Key “Private” Key Same key for encryption and decryption Same key for encryption and decryption Strengths: Efficient Strengths: Efficient Weakness: Parties involved Weakness: Parties involved

Symmetric Encryption Cont’d

Asymmetric Encryption “Public” Key Encryption “Public” Key Encryption Based on Key Pair Based on Key Pair 2 Keys 2 Keys Public Public Private Private Strength: Keys are related but not equal Strength: Keys are related but not equal Weakness: Computation time Weakness: Computation time

Asymmetric Key cont’d Many public keys, One private key Many public keys, One private key One way Encryption/Decryption One way Encryption/Decryption A User’s Private Key A User’s Public Key(s)

Asymmetric Key cont’d

Digital Signatures A electronic signature that validates data integrity A electronic signature that validates data integrity One way hashing algorithm One way hashing algorithm Strength: Data validation Strength: Data validation Weakness: Doesn’t validate the sender Weakness: Doesn’t validate the sender

Digital Signatures cont’d

Certificates An electronic document used to identify an entity An electronic document used to identify an entity Can identify the entity’s name, public key, date of issuance, and date of revocation Can identify the entity’s name, public key, date of issuance, and date of revocation Issued by Certificate Authority in public domain Issued by Certificate Authority in public domain

Secure Socket Layer Netscape vs. Microsoft TLS Netscape vs. Microsoft TLS Typically used on a client/server network Typically used on a client/server network Two Parts: Two Parts: Handshake Handshake Bulk-Data Transfer Bulk-Data Transfer

SSL Handshake Consists of four parts: Consists of four parts: Message Exchange Message Exchange Public-Key Computations Public-Key Computations Random-Number Generation Random-Number Generation Handshake Authentication Handshake Authentication

Commonly Used Certificates Client SSL Client SSL Server SSL Server SSL S/MIME S/MIME CA Certificates CA Certificates

VNC Tunneling through SSH VNC - Virtual Network Computing VNC - Virtual Network Computing Unsecured – data transmitted in plain text Unsecured – data transmitted in plain text SSH – Secure Shell SSH – Secure Shell Enables strong security with VNC capability Enables strong security with VNC capability

PGP and GnuPG Based on public key architecture Based on public key architecture Handled by multiple OS Handled by multiple OS Encrypted messages sent with software Encrypted messages sent with software

Conclusion Symmetric/Asymmetric systems Symmetric/Asymmetric systems Digital Signatures Digital Signatures Certificates Certificates SSL SSL VNC Tunneling VNC Tunneling PGP/GnuPG PGP/GnuPG

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.