Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Slides:

Advertisements

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Advertisements

CP3397 ECommerce.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Chapter 5 Network Security Protocols in Practice Part I

McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Guide to Network Defense and Countermeasures Second Edition

Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Chapter 29 Internet Security

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Chapter 20: Network Security Business Data Communications, 4e.

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.

How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Network Security7-1 Today r Collect Ch6 HW r Assign Ch7 HW m Ch7 #2,3,4,5,7,9,10,12 m Due Wednesday Nov 19 r Continue with Chapter 7 (Security)

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.

Chapter 13 – Network Security

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

ECE509 Cyber Security : Concept, Theory, and Practice Cryptography Spring 2014.

Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.

ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 12 Network Security (2)

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

Ch 8. Security in computer networks Myungchul Kim

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Network Security Understand principles of network security:

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.

IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.

Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,

1 6 Chapter 6 Implementing Security for Electronic Commerce.

K. Salah1 Security Protocols in the Internet IPSec.

Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.

Securing Access to Data Using IPsec Josh Jones Cosc352.

Last time Message Integrity Authentication

Security in the layers 8: Network Security.

Security Protocols in the Internet

Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls

Unit 8 Network Security.

Presentation transcript:

Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Krerk Piromsopa. Network Security Communicate securely. –Secrecy (Understand only by the sender and intended) –Authentication (Confirm Identity of other party involved) –Message integrity (The message is not altered) Passive Intruder, Active Intruder Both party might be Routers, applications, etc.. LAN. –Packet sniffer (Ethernet promiscuous mode)

Krerk Piromsopa. Secrecy (Encryption) Symmetric Key Cryptography –Caesar cipher –DES (Data Encryption Standard) Public Key Encryption –RSA algorithm (Ron Rivest, Adi Shamir, and Leonard Adleman)

Krerk Piromsopa. Authentication Digital Signature Key Distribution and Certification (KDC) Certification Authority (CA)

Krerk Piromsopa. Protocols PGP S/MIME SSL SET IPsec –AH(Authentication Header) –ESP

Krerk Piromsopa. Secure sockets layer (SSL) Client Server Browse secure page Send server’s CA Got server’s Public Key Make Random symmetic key and encrypts using server’s Public Key Got symmetric key

Krerk Piromsopa. SSL

Krerk Piromsopa. Secure Public Key encryption –inefficient for long messages (attachments,images, audio, video) Symmetric key session Hash function and digital signatures PGP S/MIME

Krerk Piromsopa. PGP PGP (short for Pretty Good Privacy), created by Philip Zimmermann, is the de facto standard program for secure and file encryption on the Internet. Its public-key cryptography system enables people who have never met to secure transmitted messages against unauthorized reading and to add digital signatures to messages to guarantee their authenticity. Why do we need PGP? sent over the Internet is more like paper mail on a postcard than mail in a sealed envelope. It can easily be read, or even altered, by anyone with privileged access to any of the computers along the route followed by the mail. Hackers can read and/or forge . Government agencies eavesdrop on private communications.

Krerk Piromsopa. Secure electronic transaction (SET) Developed by Visa and MasterCard in Feb 1996 three software components –Browser wallet –Merchant server –Acquirer gateway

Krerk Piromsopa. IPsec Authentication Header (AH) –Provides source host identification and data integrity –not secrecy –RFC 2402 AH header includes –Next Header field –Security Parameter Index –Sequence Number –Authentication Data (digital signature) Encapsulation Security Payload (ESP) –Encrypt IP Datagram –RFC 2406

Krerk Piromsopa. Firewalls Benefits –Prevent intruders from interfering with the daily operation of the internal network. Denail-of-service attack (SYN flooding) –Prevent intruders from deleting or modifying information stored within the internal network. –Prevent intruders from obtaining secret information. Packet Filtering –Source/Destination IP address, TCP and UDP Source/Destination Port, ICMP message type, TCP SYN and ACK Application Gateways –Provide services for limit number of user.

Krerk Piromsopa. Firewalls

Krerk Piromsopa. Firewalls

Krerk Piromsopa. VPN

Krerk Piromsopa. Microsoft Passport Single-Sign-On

Krerk Piromsopa. Microsoft Passport Risk DNS attacks Active attacks

Krerk Piromsopa. EC investigates MS Passport's Privacy The European Commission is studying Microsoft's Passport system to ensure that the sign-on software complies with security and privacy requirements An EC working party has questioned whether the Passport system breaks the European Union-US Safe Harbour agreement on data protection, which restricts the migration of personal data beyond the control of computer users to other countries. Source: Computer Weekly, 20 August 2002

Krerk Piromsopa. Reference Firewall Figures from