Web Security (TRANSPORT-LEVEL SECURITY)

Slides:



Advertisements
Similar presentations
Cryptography and Network Security Chapter 16
Advertisements

Web security: SSL and TLS
Lecture 6: Web security: SSL
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
Secure Socket Layer.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Internet Security Protocols
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Cryptography and Network Security
Cryptography and Network Security Chapter 17
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Chapter 8 Web Security.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Security Essentials Chapter 5
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
Web Security Network Systems Security
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography CSS 329 Lecture 13:SSL.
Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
TLS/SSL Protocol Presented by: Vivek Nelamangala Includes slides presented by Miao Zhang on April Course: CISC856 - TCP/IP and Upper Layer Protocols.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Executive Director and Endowed Chair
CSCI 555 Adv Computer Security
Transport-Level Security
Cryptography and Network Security
Dr.Bremnavas Ismail Mohideen
Secure Sockets Layer (SSL)
UNIT.4 IP Security.
CSCE 715: Network Systems Security
Visit for more Learning Resources
Cryptography and Network Security Chapter 16
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
CSE 4095 Transport Layer Security TLS, Part II
Cryptography and Network Security
Cryptography and Network Security Chapter 16
Secure Web Application-SSL
Cryptography and Network Security
Web Security (TRANSPORT-LEVEL SECURITY)
SSL (Secure Socket Layer)
Chapter 7 WEB Security.
Security at the Transport Layer: SSL and TLS
The Secure Sockets Layer (SSL) Protocol
Cryptography and Network Security Chapter 16
Chapter 7 WEB Security.
Transport Layer Security (TLS)
Cryptography and Network Security
Presentation transcript:

Web Security (TRANSPORT-LEVEL SECURITY) Secure Socket Layer Transport Layer Security

Web Security ◆ Secure Socket Layer (SSL) provides security services between TCP and applications that use TCP. The Internet standard version is called Transport Layer Service (TLS). ◆ SSL/TLS provides confidentiality using symmetric encryption and message integrity using a message authentication code. ◆ SSL/TLS includes protocol mechanisms to enable two TCP users to determine the security mechanisms and services they will use.

Web Security Threats

Web Traffic Security Approaches

1. SECURE SOCKET LAYER Two important SSL concepts are the SSL session and the SSL connection, which are defined in the specification as follows. • Connection: A connection is a transport (in the OSI layering model definition) that provides a suitable type of service. For SSL, such connections are peer-to-peer relationships. The connections are transient. Every connection is associated with one session. • Session: An SSL session is an association between a client and a server. Sessions are created by the Handshake Protocol. Sessions define a set of cryptographic security parameters which can be shared among multiple connections

session state A session state is defined by the following parameters. • Session identifier • Peer certificate • Compression method • Cipher spec • Master secret • Is resumable

connection state A connection state is defined by the following parameters. Server and client random Server write MAC secret Client write MAC secret Server write key Client write key Initialization vectors Sequence numbers

SSL Architecture

SSL Record Protocol The SSL Record Protocol provides two services for SSL connections: • Confidentiality: The Handshake Protocol defines a shared secret key that is used for conventional encryption of SSL payloads. • Message Integrity: The Handshake Protocol also defines a shared secret key that is used to form a message authentication code (MAC).

SSL Record Protocol Operation

SSL Record Protocol header • Content Type (8 bits): The higher-layer protocol used to process the enclosed fragment. • Major Version (8 bits): Indicates major version of SSL in use. For SSLv3, the value is 3. • Minor Version (8 bits): Indicates minor version in use. For SSLv3, the value is 0. • Compressed Length (16 bits): The length in bytes of the plaintext fragment (or compressed fragment if compression is used)

SSL Record Format

SSL Record Protocol Payload

Alert Protocol Messages • unexpected_message • bad_record_mac • decompression_failure • handshake_failure • illegal_parameter • close_notify • no_certificate • bad_certificate • unsupported_certificate • certificate_revoked • certificate_expired • certificate_unknown:

Handshake Protocol

2. TRANSPORT LAYER SECURITY Version Number Message Authentication Code Pseudorandom Function Alert Codes Cipher Suites Client Certificate Types Cryptographic Computations Padding

Pseudorandom Function

Alert Codes record_overflow unknown_ca access_denied decode_error protocol_version insufficient_security unsupported_extension internal_error decrypt_error

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.