tailieunhanh - Lecture Network security: Chapter 26 - Dr. Munam Ali Shah

The learning objectives for this chapter include: You would be able to present an understanding of transaction that is carried out over the internet, you would be able demonstrate knowledge about different entities and their role in a SET. | Network Security Lecture 26 Presented by: Dr. Munam Ali Shah Part – 2 (e): Incorporating security in other parts of the network Summary of the Previous Lecture In previous lecture we continued our discussion on Authentication Applications and more precisely we talked about Kerberos in detail Kerberos versions, threats and vulnerabilities were explored We also talked about which makes use of certificates Issued by a Certification Authority (CA), containing: version, serial number, signature algorithm identifier, issuer name (CA), name of the CA that created and singed this certificate and period of validity etc. We also talked about one way, two way and three way authentication in Summary of the Previous Lecture Outlines of today’s lecture We will talk about SET (Secure Electronic Transaction) SET Participants Requirements Features Dual Signature Signature verification Objectives You would be able to present an understanding of transaction that is carried out over the | Network Security Lecture 26 Presented by: Dr. Munam Ali Shah Part – 2 (e): Incorporating security in other parts of the network Summary of the Previous Lecture In previous lecture we continued our discussion on Authentication Applications and more precisely we talked about Kerberos in detail Kerberos versions, threats and vulnerabilities were explored We also talked about which makes use of certificates Issued by a Certification Authority (CA), containing: version, serial number, signature algorithm identifier, issuer name (CA), name of the CA that created and singed this certificate and period of validity etc. We also talked about one way, two way and three way authentication in Summary of the Previous Lecture Outlines of today’s lecture We will talk about SET (Secure Electronic Transaction) SET Participants Requirements Features Dual Signature Signature verification Objectives You would be able to present an understanding of transaction that is carried out over the Internet. You would be able demonstrate knowledge about different entities and their role in a SET Secure Electronic Transactions (SET) Open encryption & security specification To protect Internet credit card transactions Developed in 1996 by Mastercard, Visa Not a payment system Rather a set of security protocols & formats secure communications amongst parties Provides trust by the use of certificates Privacy by restricted info to those who need it SET Participants Interface b/w SET and bankcard payment network . a Bank Provides authorization to merchant that given card account is active and purchase does not exceed card limit Must have relationship with acquirer issue public-key certificates for cardholders, merchants, and payment gateways 8 SET Requirements Provide confidentiality of payment and ordering data. (SET uses encryption to provide confidentiality) Ensure the integrity of all transmitted data: (DS are used to provide integrity) Provides authentication .