tailieunhanh - SSL (Secure Socket Layer)

transport layer security service originally developed by Netscape version 3 designed with public input subsequently became Internet standard known as TLS (Transport Layer Security) uses TCP to provide a reliable end-to-end service SSL has two layers of protocols | Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats integrity confidentiality denial of service authentication need added security mechanisms SSL (Secure Socket Layer) transport layer security service originally developed by Netscape version 3 designed with public input subsequently became Internet standard known as TLS (Transport Layer Security) uses TCP to provide a reliable end-to-end service SSL has two layers of protocols SSL probably most widely used Web security mechanism. Its implemented at the Transport layer; cf IPSec at Network layer; or various Application layer mechanisms eg. S/MIME & SET (later). Where SSL Fits HTTP SMTP POP3 80 25 110 HTTPS SSMTP SPOP3 443 465 995 Secure Sockets Layer Transport Network Link Uses Public Key Scheme Each client-server pair uses 2 public keys one for client (browser) created when browser is installed on client machine one for server (http server) created when server is installed on server hardware 2 private keys one for client browser one for server (http server) SSL Architecture Stallings Fig 17-2. SSL Architecture SSL session an association between client & server created by the Handshake Protocol define a set of cryptographic parameters may be shared by multiple SSL connections SSL connection a transient, peer-to-peer, communications link associated with 1 SSL session SSL Record Protocol confidentiality using symmetric encryption with a shared secret key defined by Handshake Protocol IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 message is compressed before encryption message integrity using a MAC (Message Authentication Code) created using a shared secret key and a short message SSL Record Protocol defines these two services for SSL connections. SSL Change Cipher Spec Protocol one of 3 SSL specific . | Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats integrity confidentiality denial of service authentication need added security mechanisms SSL (Secure Socket Layer) transport layer security service originally developed by Netscape version 3 designed with public input subsequently became Internet standard known as TLS (Transport Layer Security) uses TCP to provide a reliable end-to-end service SSL has two layers of protocols SSL probably most widely used Web security mechanism. Its implemented at the Transport layer; cf IPSec at Network layer; or various Application layer mechanisms eg. S/MIME & SET (later). Where SSL Fits HTTP SMTP POP3 80 25 110 HTTPS SSMTP SPOP3 443 465 995 Secure Sockets Layer Transport Network Link Uses Public Key Scheme Each client-server pair uses 2 public keys

• An ninh - Bảo mật
• Network security
• attack techniques
• defensive techniques
• operating system security
• application security
• security policy
• Network Security Fundamentals
• Guide to Network Security Fundamentals
• Information security
• Security policy cycle
• Risk identification
• Designing security
• Microsoft networks
• Security design
• Acceptable use policy
• Security policy checklist
• Windows Server 2008
• kỹ thuật viên tin học
• Local Policy
• Local Sercurity Policy
• ứng dụng Group Policy
• Local Security Policy
• hệ thống mạng
• quản trị mạng
• tài liệu học quản trị mạng
• cách làm local security policy
• hệ điều hành
• Windows 7
• Policy
• Local User
• Wireless
• Wireless Network Security
• International Journal of computer science & communication networks
• Information security policy
• Protecting the companys assets
• Integrity and availability
• children
• enviroment
• security
• safety
• Rand
• Security Standpoint
• TCP IP
• Security PerspectiveUpper Layers
• Cryptography
• security mechanisms
• Network Security Protocols
• PHP Security
• Data security
• Lecture Data security and encryption
• Mã hóa dữ liệu
• Bảo mật dữ liệu
• IPSec security framework
• IPSec security policy
• Summary of doctoral thesis
• Doctoral summary of History
• Social security policy
• Social security
• Social security in Dien Bien province
• Obtaining food security
• Obtaining food security in Vietnam
• Costs of obtaining food security
• Obtaining food
• Draws policy recommendations
• Security Service
• data transfers RFC 2828