 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Public Key Infrastructure and Applications

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Principles of Information Security, 2nd edition1 Cryptography.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Cryptographic Technologies

Business Data Communications, Fourth Edition Chapter 10: Network Security.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Computer and Network Security Risanuri Hidayat, Ir., M.Sc.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Chapter 20: Network Security Business Data Communications, 4e.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Chapter 31 Network Security

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.

Saad Haj Bakry, PhD, CEng, FIEE 1 Information Security for e -Business Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Supporting Technologies III: Security 11/16 Lecture Notes.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

每时每刻可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.

1 E-Commerce Security Part II – Security Techniques.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Security Content 1. Requirements of Security 2. Private Key, Public Key, Digital Signature 3. Security Protocols (SSL, SET) 4. Security Attack, Network.

Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.

Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.

Computer and Internet Security. Introduction Both individuals and companies are vulnerable to data theft and hacker attacks that can compromise data,

Types of Electronic Infection

Not only business information, but a large amount of personal information too is now digitized and stored in computer connected to the internet. System.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

Network Security Celia Li Computer Science and Engineering York University.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

1 6 Chapter 6 Implementing Security for Electronic Commerce.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Security Issues in Information Technology

Chapter 40 Internet Security.

Computer Communication & Networks

ECT 455/HCI 513 E-Commerce Web Site Engineering

Electronic Payment Security Technologies

Presentation transcript:

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems 7.3Secret-key Cryptography 7.4Public Key Cryptography 7.5Key Agreement Protocols 7.6Key Management 7.7Digital Signatures 7.8Public Key Infrastructure, Certificates and Certification Authorities 7.9Cryptoanalysis 7.10Security Protocols Secure Sockets Layer (SSL) Secure Electronic Transaction™ (SET™) 7.11Security Attacks 7.12Network Security Firewalls Kerberos Biometrics

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.13Steganography

 2001 Prentice Hall, Inc. All rights reserved. 7.1 Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing –Four requirements of a secure transaction Privacy – information not read by third party Integrity – information not compromised or altered Authentication – sender and receiver prove identities Non-repudiation – legally prove message was sent and received –Availability Computer systems continually accessible

 2001 Prentice Hall, Inc. All rights reserved. 7.2 Ancient Ciphers to Modern Cryptosystems Cryptography –Secures information by encrypting it –Transforms data by using a key A string of digits that acts as a password and makes the data incomprehensible to those without it –Plaintext – unencrypted data –Cipher-text – encrypted data –Cipher of cryptosystem – technique for encrypting messages Ciphers –Substitution cipher Every occurrence of a given letter is replaced by a different letter

 2001 Prentice Hall, Inc. All rights reserved. 7.2 Ancient Ciphers to Modern Cryptosystems –Transposition cipher Shifts the ordering of letters –Modern cryptosystems Digital Key length – length of string used to encrypt and decrypt

 2001 Prentice Hall, Inc. All rights reserved. 7.3 Secret-key Cryptography Secret-key cryptography –Same key to encrypt and decrypt message –Sender sends message and key to receiver Problems with secret-key cryptography –Key must be transmitted to receiver –Different key for every receiver –Key distribution centers used to reduce these problems Generates session key and sends it to sender and receiver encrypted with the unique key Encryption algorithms –Dunn Encryption Standard (DES), Triple DES, Advanced Encryption Standard (AES)

 2001 Prentice Hall, Inc. All rights reserved. 7.3 Secret-key Cryptography Encrypting and decrypting a message using a symmetric key

 2001 Prentice Hall, Inc. All rights reserved. 7.3 Secret-key Cryptography Distributing a session key with a key distribution center

 2001 Prentice Hall, Inc. All rights reserved. 7.4 Public Key Cryptography Public key cryptography –Asymmetric – two inversely related keys Private key Public key –If public key encrypts only private can decrypt and vice versa –Each party has both a public and a private key –Either the public key or the private key can be used to encrypt a message –Encrypted with public key and private key Proves identity while maintaining security RSA public key algorithm

 2001 Prentice Hall, Inc. All rights reserved. 7.4 Public Key Cryptography Encrypting and decrypting a message using public-key cryptography

 2001 Prentice Hall, Inc. All rights reserved. 7.4 Public Key Cryptography Authentication with a public-key algorithm

 2001 Prentice Hall, Inc. All rights reserved. 7.5 Key Agreement Protocols Key agreement protocol –Process by which parties can exchange keys –Use public-key cryptography to transmit symmetric keys Digital envelope –Encrypted message using symmetric key –Symmetric key encrypted with the public key –Digital signature

 2001 Prentice Hall, Inc. All rights reserved. 7.5 Key Agreement Protocols Creating a digital envelope

 2001 Prentice Hall, Inc. All rights reserved. 7.6 Key Management Key management –Handling and security of private keys –Key generation The process by which keys are created Must be truly random

 2001 Prentice Hall, Inc. All rights reserved. 7.7 Digital Signatures Digital signature –Authenticates sender’s identity –Run plaintext through hash function Gives message a mathematical value called hash value Hash value also known as message digest –Collision Occurs when multiple messages have same hash value –Encrypt message digest with private-key –Send signature, encrypted message (with public-key) and hash function Timestamping –Binds a time and date to message, solves non-repudiation –Third party, timestamping agency, timestamps messags

 2001 Prentice Hall, Inc. All rights reserved. 7.8 Public Key Infrastructure, Certificates and Certification Authorities Public Key Infrastructure (PKI) –Integrates public key cryptography with digital certificates and certification authorities –Digital certificate Digital document issued by certification authority Includes name of subject, subject’s public key, serial number, expiration date and signature of trusted third party –Verisign ( Leading certificate authority –Periodically changing key pairs helps security

 2001 Prentice Hall, Inc. All rights reserved. 7.9 Cryptoanalysis Cryptoanalysis –Trying to decrypt ciphertext without knowledge of the decryption key –Try to determine the key from ciphertext

 2001 Prentice Hall, Inc. All rights reserved Security Protocols Transaction security protocols –Secure Sockets Layer (SSL) –Secure Electronic Transaction™ (SET™)

 2001 Prentice Hall, Inc. All rights reserved Secure Sockets layer (SSL) SSL –Uses public-key technology and digital certificates to authenticate the server in a transaction –Protects information as it travels over Internet Does not protect once stored on receivers server –Peripheral component interconnect (PCI) cards Installed on servers to secure data for an SSL transaction

 2001 Prentice Hall, Inc. All rights reserved Secure Electronic Transaction™ (SET™) SET protocol –Designed to protect e-commerce payments –Certifies customer, merchant and merchant’s bank –Requirements Merchants must have a digital certificate and SET software Customers must have a digital certificate and digital wallet –Digital wallet Stores credit card information and identification –Merchant never sees the customer’s personal information Sent straight to banks Microsoft Authenticode –Authenticates file downloads –Informs users of the download’s author

 2001 Prentice Hall, Inc. All rights reserved Security Attacks Types of security attacks –Denial of service attacks Use a network of computers to overload servers and cause them to crash or become unavailable to legitimate users Flood servers with data packets Alter routing tables which direct data from one computer to another Distributed denial of service attack comes from multiple computers –Viruses Computer programs that corrupt or delete files Sent as attachments or embedded in other files –Worm Can spread itself over a network, doesn’t need to be sent

 2001 Prentice Hall, Inc. All rights reserved Security Attacks Types of viruses –Transient virus Attaches itself to specific program Is run every time the program is run –Resident virus Once loaded operates for duration of computer’s use –Logic bomb Triggers when a given condition is met, such as clock on computer matching a specified time –Trojan horse Malicious program that hides within a friendly program Web defacing –Hackers illegally change the content of a Web site

 2001 Prentice Hall, Inc. All rights reserved Security Attacks Anti-virus software –Reactive – goes after already known viruses – VirusScan scans to search computer for viruses ActiveShield checks all downloads – Another virus software distributor Computer Emergency Response Team (CERT ® )Computer Emergency Response Team (CERT ® ) –Responds to reports of viruses and denial of service attacks –Provides CERT Security Improvement Modules

 2001 Prentice Hall, Inc. All rights reserved Network Security Network security –Allow authorized users access –Prevent unauthorized users from obtaining access –Trade-off between security and performance

 2001 Prentice Hall, Inc. All rights reserved Firewalls Firewall –Protects local area network (LAN) from outside intruders –Safey barrier for data flowing in and out –Prohibits all data not allowed or permits all data not prohibited Types of firewalls –Packet-filtering firewalls Rejects all data with local addresses from outside Examine only the source of the content –Application level firewalls Attempt to scan data

 2001 Prentice Hall, Inc. All rights reserved Kerberos Kerberos –Uses symmetric secret-key cryptography to authenticate users in a network –Authenticates a client computer and that computer’s authority to access specific parts of the network

 2001 Prentice Hall, Inc. All rights reserved Biometrics Biometrics –Uses unique personal information to identify Examples are fingerprints, eyeball iris scans or face scans

 2001 Prentice Hall, Inc. All rights reserved Steganography Steganography –Practice of hiding information within other information Digital watermarks –Hidden within documents and can be shown to prove ownership

 2001 Prentice Hall, Inc. All rights reserved Steganography Example of a conventional watermark Courtesy of Blue Spike, Inc.

 2001 Prentice Hall, Inc. All rights reserved Steganography An example of steganography: Blue Spike’s Giovanni digital watermarking process Courtesy of Blue Spike, Inc.