Date post: | 12-Nov-2014 |
Category: |
Technology |
Upload: | jernej-virag |
View: | 623 times |
Download: | 0 times |
Web securityJernej Virag
SSLv3 and TLSSecure Socket Layer
SSLv3• Provides reliable end-to-end security service
• Two layers of protocols
SSL record protocol
Fragment
Compress
Add MAC Encrypt
Append SSL
header
SSL cypher spec and altert
• Ciper spec protocolo a single byte that makes new cypher settings valid from the moment
onward
• Alert protocolo notifies of possible SSL problems and errorso fatal errors cause immediate connection termination
SSL handshake protocol
TLS• Updated version of SSLv3
• Differences
o versiono MACo pseudorandom functiono alert codes in alert protocolo certificates, certificate types, certificate verificationo padding
SETSecure Electronic Transactions
SET• Provides secure channel of communication for all
payment transaction parties
• Provides trust with X.509v3 certificates
• Ensures privacy by providing minimal set of data for all parties
SET participants
SET payment sequence
Pre-transaction
Customer opens accountCustomer receives certificateMerchants have certificate
Customer order
Customer places orderMerchant is verifiedOrder and payment are sent
Merchant processing
Merchant requests payment authorizationMerchant confirms orderMerchant provides serviceMerchant requests payment
Dual signature
SNMPNetwork management security
SNMP• Collection of tools for network monitoring and
control
• Key elementso management stationo management agento management information baseo network management protocol
SNMP
USM• Protection and privacy in SNMP
o prevents modificationo prevents masqueradeo prevents message stream modificationo prevents disclosure
• Does not prevent DDoS and traffic analysis
VACM
?