IETF sec - 1 Security Work in the IETF Scott Bradner Harvard University

Slides:



Advertisements
Similar presentations
© 2006 NEC Corporation - Confidential age 1 November SPEERMINT Security Threats and Suggested Countermeasures draft-ietf-speermint-voipthreats-01.
Advertisements

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Guide to Network Defense and Countermeasures Second Edition
Cryptography and Network Security
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Internet Security CS457 Seminar Zhao Cheng. Security attacks interruption, interception, modification, fabrication passive attack, active attack.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
The Aerospace Clinic 2002 Team Members Nick Hertl (Project Manager) Will Berriel Richard Fujiyama Chip Bradford Faculty Advisor Professor Michael Erlinger.
October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.
© 2004, The Technology Firm SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –
Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –
Chapter 8 Web Security.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Dr. Philip Cannata 1 Principles of Network Applications.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Internet-Based Client Access
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
Internet Security - Farkas1 CSCE 813 Midterm Topics Overview.
What makes a network good? Ch 2.1: Principles of Network Apps 2: Application Layer1.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
The Aerospace Clinic 2002 Team Members Nick Hertl (Project Manager) Will Berriel Richard Fujiyama Chip Bradford Faculty Advisor Professor Michael Erlinger.
LDAP Directory Services: Security. Directory Security Syllabus  Brief Review of Directories and LDAP  Brief Review of Security  Basic Security Concepts.
Sockets process sends/receives messages to/from its socket
Russ Housley IETF Chair Internet2 Spring Member Meeting 28 April 2009 Successful Protocol Development.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
IP Security. P R E S E N T E D B Y ::: Semester : 8 ::: Year : 2009 Naeem Riaz Maria Shakeel Aqsa Nizam.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
Security, Accounting, and Assurance Mahdi N. Bojnordi 2004
Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.
Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Smart Objects and the Internet Architecture Fred Baker.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
Chapter 18 IP Security  IP Security (IPSec)
Cryptography and Network Security Chapter 16
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Cryptography and Network Security
Integrated Security System
Presentation transcript:

IETF sec - 1 Security Work in the IETF Scott Bradner Harvard University

IETF sec - 2 Syllibus u IETF security “rules” u security at the IP layer u security above the IP layer u key distribution u applications u summary

IETF sec - 3 IETF Security Rules u all RFCs must have a meaningful (in context) Security Considerations section not always the case with old RFCs u most IETF charters say that security must be addressed as a basic issue u security ADs carefully review security issues with documents offered for publication as RFCs u note: “security” includes integrity, confidentiality, privacy, scalability, reliability,...

IETF sec - 4 IETF Security Rules, contd. u most applications must have a mandatory-to- implement security option can negotiate alternatives u working group can not assume that the technology will be only used in a confined environment e.g., IP storage - not just the glass house anymore u authentication & confidentially must be addressed u can not overload TCP port 80 can not piggyback on the web getting through a firewall by the way RFC 3093 is a joke

IETF sec - 5 Security at the IP Layer u IPsec IETF packet-level authentication & encryption u best implemented in OS Kernel u can provide protection to all applications can live under legacy applications u mostly used in VPN applications and between firewall products

IETF sec - 6 Security above Transport u SSL/TLS TLS: IETF “Transport Layer Security” protocol u can be implemented in an application does not require OS support comes from history - Netscape could not depend on OS u perhaps the most used security technology on the Internet used by browsers everyday to do commerce on the Internet

IETF sec - 7 SSL/TLS, contd. u integration into Browser makes it invisible to end- users this is a Good Thing ™ u TLS is "good enough” to have displaced “better” solutions e.g., Secure Electronic Transaction (SET) standard designed by Visa and Mastercard

IETF sec - 8 Key Distribution, a Big Problem u “big” in that it requires infrastructure infrastructure is hard to deploy u IETF PKIX Group is profiling X.509 for use in the Internet largest user: TLS u DNS Security may also be used for Key Distribution some day problems deploying it so far u will DNS be our Key Management System or will PKIX? jury still out

IETF sec - 9 Applications u secure mail: SMIME & PGP/MIME Key Distribution is still a problem user applications are available, but hard to use hope to see some real deployment as people realize the need to secure u SMIME & TLS used to secure IETF VoIP signaling u TLS used for many applications PKIX, LDAP, BEEP, SASL, L2TP, SMTP,...

IETF sec - 10 Summary & Problems u IETF demands “good” security u standard development community is reluctant sometimes u users seen as not wanting security tell that to the feds

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.