Presentation is loading. Please wait.

Presentation is loading. Please wait.

Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Published byVictor Hoover Modified over 8 years ago

Similar presentations

Presentation on theme: "Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University."— Presentation transcript:

1 Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

2 Krerk Piromsopa. Network Security Communicate securely. –Secrecy (Understand only by the sender and intended) –Authentication (Confirm Identity of other party involved) –Message integrity (The message is not altered) Passive Intruder, Active Intruder Both party might be Routers, applications, etc.. LAN. –Packet sniffer (Ethernet promiscuous mode)

3 Krerk Piromsopa. Secrecy (Encryption) Symmetric Key Cryptography –Caesar cipher –DES (Data Encryption Standard) Public Key Encryption –RSA algorithm (Ron Rivest, Adi Shamir, and Leonard Adleman)

4 Krerk Piromsopa. Authentication Digital Signature Key Distribution and Certification (KDC) Certification Authority (CA)

5 Krerk Piromsopa. Protocols PGP S/MIME SSL SET IPsec –AH(Authentication Header) –ESP

6 Krerk Piromsopa. Secure sockets layer (SSL) Client Server Browse secure page Send server’s CA Got server’s Public Key Make Random symmetic key and encrypts using server’s Public Key Got symmetric key

7 Krerk Piromsopa. SSL

8 Krerk Piromsopa. Secure Email Public Key encryption –inefficient for long messages (attachments,images, audio, video) Symmetric key session Hash function and digital signatures PGP S/MIME

9 Krerk Piromsopa. PGP PGP (short for Pretty Good Privacy), created by Philip Zimmermann, is the de facto standard program for secure e-mail and file encryption on the Internet. Its public-key cryptography system enables people who have never met to secure transmitted messages against unauthorized reading and to add digital signatures to messages to guarantee their authenticity. Why do we need PGP? E-mail sent over the Internet is more like paper mail on a postcard than mail in a sealed envelope. It can easily be read, or even altered, by anyone with privileged access to any of the computers along the route followed by the mail. Hackers can read and/or forge e-mail. Government agencies eavesdrop on private communications.

10 Krerk Piromsopa. Secure electronic transaction (SET) Developed by Visa and MasterCard in Feb 1996 three software components –Browser wallet –Merchant server –Acquirer gateway

11 Krerk Piromsopa. IPsec Authentication Header (AH) –Provides source host identification and data integrity –not secrecy –RFC 2402 AH header includes –Next Header field –Security Parameter Index –Sequence Number –Authentication Data (digital signature) Encapsulation Security Payload (ESP) –Encrypt IP Datagram –RFC 2406

12 Krerk Piromsopa. Firewalls Benefits –Prevent intruders from interfering with the daily operation of the internal network. Denail-of-service attack (SYN flooding) –Prevent intruders from deleting or modifying information stored within the internal network. –Prevent intruders from obtaining secret information. Packet Filtering –Source/Destination IP address, TCP and UDP Source/Destination Port, ICMP message type, TCP SYN and ACK Application Gateways –Provide services for limit number of user.

13 Krerk Piromsopa. Firewalls

14 Krerk Piromsopa. Firewalls

15 Krerk Piromsopa. VPN

16 Krerk Piromsopa. Microsoft Passport Single-Sign-On

17 Krerk Piromsopa. Microsoft Passport Risk DNS attacks Active attacks

18 Krerk Piromsopa. EC investigates MS Passport's Privacy The European Commission is studying Microsoft's Passport system to ensure that the sign-on software complies with security and privacy requirements An EC working party has questioned whether the Passport system breaks the European Union-US Safe Harbour agreement on data protection, which restricts the migration of personal data beyond the control of computer users to other countries. Source: Computer Weekly, 20 August 2002

19 Krerk Piromsopa. Reference Firewall Figures from http://www.firewalls.pl/ http://www.setco.org/ http://avirubin.com/passport.html http://www.usabilitynews.com/news/article644.asp

Download ppt "Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University."

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CP3397 ECommerce.

CP3397 ECommerce.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.

McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 29 Internet Security

Chapter 29 Internet Security
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Similar presentations

Ads by Google