Pooja programmer,cse department

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Public Key Infrastructure and Applications

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Cryptographic Technologies

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure Electronic Transaction (SET)

Linux Networking and Security Chapter 8 Making Data Secure.

Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

Not only business information, but a large amount of personal information too is now digitized and stored in computer connected to the internet. System.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .

1 Session 4 Module 6: Digital signatures. Digital Signatures / Session4 / 2 of 18 Module 4, 5 - Review (1)  Java 2 security model provides a consistent.

Digital Signatures and Digital Certificates Monil Adhikari.

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.

 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.

Electronic mail security

Public Key Infrastructure (PKI)

Security is one of the most widely used and regarded network services

Security Outline Encryption Algorithms Authentication Protocols

Unit 3 Section 6.4: Internet Security

SSL Certificates for Secure Websites

Cryptography and Network Security

Computer Communication & Networks

Secure Sockets Layer (SSL)

Information and Network Security

Digital Signature.

E-Commerce Security.

Using SSL – Secure Socket Layer

NET 311 Information Security

12 E-Commerce Overview.

Cryptography and Network Security

Chapt. 10 – Key Management Dr. Wayne Summers

Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE

ELECTRONIC MAIL SECURITY

ELECTRONIC MAIL SECURITY

CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9

The Secure Sockets Layer (SSL) Protocol

Lecture 5: Transport layer (TLS / SSL) and Security ( PGP )

Chapter 4 Cryptography / Encryption

Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE

CDK: Chapter 7 TvS: Chapter 9

Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,

Unit 8 Network Security.

Electronic Payment Security Technologies

Cryptography and Network Security

Chapter 8 roadmap 8.1 What is network security?

Presentation transcript:

Pooja programmer,cse department Securing Data over Internet Pooja programmer,cse department

What is secure communication? The first thing that we have to understand is that what a secure communication is. People who are new to the field of computer security tend to think that a secure communication is simply any communication where data is encrypted. However, security encompasses much more than simply encrypting and decrypting data. Most people consider the three pillars of a secure communication are.

1.Confidentiality 2.Integrity 3.Authenticity

Privacy: A secure conversation should be private Privacy: A secure conversation should be private. In other words, only the sender and the receiver should be able to understand the conversation. Integrity: A secure communication should ensure the integrity of the transmitted message. This means that the receiving end must be able to know for sure that the message he is receiving is exactly the one that the transmitting end sent him. Authentication: A secure communication should ensure that the parties involved in the communication are who they claim to be. Authorization: Authorization refers to mechanisms that decide when a user is authorized to perform a certain task.

Cybercriminals can trade with your personal data Privacy is about respecting individuals and their personal life. Internet privacy is a subcategory of data privacy. And data privacy issues can arise in response to information from a wide range of sources, such as: healthcare records, criminal justice investigations and proceedings, financial institutions and transactions, genetic material, privacy breaches, residence and geographic records, user preferences using persistent cookies. What can happen without secured network? Cybercriminals can trade with your personal data Free online services use your data to make money Are the government’s intentions good?

Introduction to Cryptography Cryptography is the art of writing in secret characters. Encrypting is the act of translating a normal message to a message written with secret characters, also known as the encrypted message. Decrypting is the act of translating a message written with secret characters into a readable message, the unencrypted message.

Digital Signatures Integrity is guaranteed in public key systems by using digital signatures. A digital signature is a piece of data which is attached to a message and which can be used to find out if the message was tempered with during the conversation.

The digital signature for a message is generated in two steps: A message digest is generated. A message digest is a summary of the message. The message digest is generated using a set of hashing algorithms. The message digest is encrypted using the sender’s private key. The resulting encrypted message digest is the digital signature. The digital signature is attached to the message and sent to the receiver. The receiver then does the following: By using the sender’s public key, decrypts the digital signature to obtain the message digest generated by the sender. Uses the same message digest algorithm used by the sender to generate a message digest of the received message. Compares both message digest the one sent by the sender as digital signature and the one generated by the receiver. If they are not exactly the same, the message has been tampered with by a third party.

PGP ENCRYPTION

PGP DECRYPTION

SSL ENCRYPTION SSL is primarily used to encrypt confidential data sent over an insecure network such as the Internet. In the HTTPS protocol, the types of data encrypted include the URL, the HTTP header, cookies and data submitted through forms. A web page secured with SSL has a URL that begins with “https://”.

SSL ENCRYPTION

DIGITAL CERTIFICATES Digital certificate is an attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message a who he or she claims to be, and to provide the receiver with the means to encode a reply. The main purpose of the digital certificate is to ensure that the public key contained in the certificate belongs to the entity to which the certificate was issued.

DIGITAL CERTIFICATION

HOW A CERTIFICATE IS ISSUED Key Generation: The individual requesting certification generates key pairs of public and private keys. Matching of Policy Information: The applicant packages the additional information necessary for the CA to issue the certificate such as proof of identity, tax ID number, e-mail address ETC. Sending of Public Keys and Information: The applicant sends the public keys and information to the CA.

Verification of Information: The CA applies whatever policy rules it requires in order to verify that the applicant should receive a certificate. Certificate Creation: The CA creates a digital document with the appropriate information and signs it using the CA’s private key. Sending/Posting of Certificate: The CA may send the certificate to the applicant, or post it publicaly as appropriate.

THANK YOU