Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing1 Announcements HW 4 due Thursday – 11:00 AM If you have any questions regarding HW3, Project Proposal and.

Slides:



Advertisements
Similar presentations
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Advertisements

CP3397 ECommerce.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Page 15/5/2015 CSE 542: Graduate Operating Systems Outline  Chapter 18: Protection  Chapter 19: Security  A Method for Obtaining Digital Signatures.
Digital Signatures. Anononymity and the Internet.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
Cryptography and Network Security Chapter 17
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Cryptography Basic (cont)
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Web Server Administration Chapter 10 Securing the Web Environment.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Chapter 21 Distributed System Security Copyright © 2008.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Public Key Encryption.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
3/15/01CSCI {4,6}900: Ubiquitous Computing1 Announcements.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Fall 2006CS 395: Computer Security1 Key Management.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Chapter 17 Risks, Security and Disaster Recovery
Message Digest Cryptographic checksum One-way function Relevance
CSE 542: Operating Systems
Public-Key, Digital Signatures, Management, Security
Security Outline Encryption Algorithms Authentication Protocols
CSE 542: Operating Systems
Advanced Computer Networks
CSE 542: Operating Systems
CSE 542: Operating Systems
Outline A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Proceedings of MOBICOM, 2001 Sensor.
Presentation transcript:

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing1 Announcements HW 4 due Thursday – 11:00 AM If you have any questions regarding HW3, Project Proposal and Midterm, please drop by during the office hour (or by appt)

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing2 Outline Introduction to cryptography –Technology aspects Encryption: asymmetric key, symmetric key Authentication and access control –Social aspects

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing3 Risk analysis Important to understand threat and perform risk analysis –No system is “secure”, systems usually trade security for performance, ease of use etc. –If information is worth x and it costs y to break into system and if (x < y), then not worth encryption –Wasteful to build a system that is more secure than is necessary Ssh in CS dept – good Denying news server access from outside UGA - bad –Palm pilots may not require powerful encryption systems if they are expected to be physically secure

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing4 End-to-end argument End-to-end argument is appropriate for building a secure system –Perform security at lower levels if simple and does not impact performance –Higher levels usually know best regarding data integrity requirements Access Point Server Mobile device Should this link be encrypted?

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing5 Security Attacks Social engineering attacks –Preys on people gullibility (good nature), hardest to defend E.g. I once got an unlisted number from a telephone operator because I sounded desperate (I was, but that was not the point) E.g. If I walk in with coupla heavy looking boxes into the elevator to go to Boyd 5 th floor (at night) would you let me in? You can go into “secure” companies by looking like you “belong” there Denial of service attacks –Network flooding, Distributed DOS, holding resources, viruses

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing6 Common technology - firewalls Firewalls are used to restrict the kinds of network traffic in/out of companies –Application level proxies –Packet level firewalls Does not prevent end-to-end security violations –People sometimes list of internal computer users outside firewall to scrupulous “researchers” – s viruses exploit certain vulnerabilities in VBS to get around firewalls

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing7 Encryption methods Symmetric cryptography –Sender and receiver know the secret key (apriori ) Fast encryption, but key exchange should happen outside the system Asymmetric cryptography –Each person maintains two keys, public and private M  PrivateKey(PublicKey(M)) M  PublicKey (PrivateKey(M)) –Public part is available to anyone, private part is only known to the sender –E.g. Pretty Good Privacy (PGP), RSA

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing8 My Public Key -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGPfreeware for non-commercial use mQGiBDqtLPwRBADnG0+9IkDvI8t/3wdL3CSO4DytEH0NjrNwAYYIaewp3MklsxkP p6iVblwiiCH4T4Nqkaru+kaEQ1hSTa7E/F9yQCWN5J0u1U7mtgTKFyt7VG0txAVx tV7TuyxNogJkpm2BqoKqqUdCdbm+GurX/G2ynbINjEOvhcy0i1ttxgyDrwCg/8HZ tM0i06VVNcR/QCmA+JdHGwMEAIjXLVV97huEtpuWDiq4J53ecV3HXQm6XoUZq4Sc n+nsvXe4UD+6ldub/riOqBy22fBBAKhUsM3lGFgr7h19X3RGdw/yBVox+BLajpW+ F+ddjJAVSFeTvNanhnXL9a3nwCThb4aEUTdD61kgoUWJl2BnsK1DUSo2X6AsZYo+ GknOA/92dUNYUzspPLkXvPjOo+uJErZA4aN+UYsJwD3AlYugVLkc3nQBQySO4bAR XitjnN0DA6Kz/j6e+cqReCyEuBnPtaY/Nn/dAn1lgUlJ/EtKQ9J4krI3+RxRmlpY UtWyTaakV/QCXkB/yB9i6iAfsCprlcRSpmZAGuNXr+pHTHB0ILQmU3VyZW5kYXIg Q2hhbmRyYSA8c3VyZW5kYXJAY3MudWdhLmVkdT6JAFgEEBECABgFAjqtLPwICwMJ CAcCAQoCGQEFGwMAAAAACgkQlU7dFVWfeisqTACfXxU9a1mbouW2nbWdx6MHatQ6 TOgAoM9W1PBRW8Iz3BIgcnSsZ2UPNJHDuQINBDqtLPwQCAD2Qle3CH8IF3Kiutap QvMF6PlTETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfU odNQ+PVZX9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7H AarTW56NoKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxb LY7288kjwEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyE pwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1Xp Mgs7AAICCACLxNC3Vth553Y90JCVyM9mPWzvrkjfEGfBiCFDZ0HONW81ywUyV6jT O/1sUsgR7jGB26XBsnIY96a9WTpUoI+20YstFLRj8sXOVXuaP/YTmgSLv82O6SWd Bze1S0YJcU31/zdCftsz67UWT8vg39yeGyQ5KQP83p9DKpi4Z5K4M29p8eCt9BY+ kid94h9+16ZT8JLF0iEwGapZvpaTucCNoC8t6CKPto0dGpkYp7uBYoSzLgNvUh2n BjGVEmLuioabqbOaomDErITY2iNcW3CCgjjYvgg/Hnu7HB2xKzuVUN1NTGogcuNI Yx88mi+d/HxTY6YNr9xNW0f0pWkZDVB0iQBMBBgRAgAMBQI6rSz8BRsMAAAAAAoJ EJVO3RVVn3orYhIAoIQPxGvHmX8c6kaAZqko1zYCeixcAJ9tp5h/KQZrIN/BpyTW 9Xgv4qxKEA== =Pv5O -----END PGP PUBLIC KEY BLOCK-----

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing9 RSA Named after Rivest, Shamir and Adleman (‘morrow) –Only receiver receives message: Encode message using receivers public key –Only sender could’ve sent the message Encode message using sender’s private key –Only sender could’ve sent the message and only receiver can read the message Encode message using receivers public key and then encode using our private key

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing10 Strength Strength of crypto system depends on the strengths of the keys Computers get faster – keys have to become harder to keep up If it takes more effort to break a code than is worth, it is okay –Transferring money from my bank to my credit card and Citibank transferring billions of dollars with another bank should not have the same key strength

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing11 Public Key Infrastructure (PKI) Process of issuing, delivering, managing and revoking public keys E.g. Secure Sockey Layer (SSL) –Client C connects to Server S 1.C requests server certificate from S 2.S sends server certificate with Spublic to C 3.C verifies validity of Spublic 4.C generate symmetric key for session 5.C encrypts Csymmetric using Spublic 6.C transmits Csymmetric(data) and Spublic(Csymmetric) to S

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing12 Authentication Identification verification process –E.g. kerberos certificates, digital certificates, smart cards Used to grant resources to authorized users

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing13 Discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.