Web security<br />Jernej Virag<br />
SSLv3 and TLS<br />Secure Socket Layer<br />
SSLv3<br />Provides reliable end-to-end security service<br />Two layers of protocols<br />
SSL record protocol<br />
SSL cypher spec and altert<br />Ciper spec protocol<br />a single byte that makes new cypher settings valid from the momen...
SSL handshake protocol<br />
TLS<br />Updated version of SSLv3<br />Differences<br />version<br />MAC<br />pseudorandom function<br />alert codes in al...
SET<br />Secure Electronic Transactions<br />
SET<br />Provides secure channel of communication for all payment transaction parties<br />Provides trust with X.509v3 cer...
SET participants<br />
SET payment sequence<br />
Dual signature<br />
SNMP<br />Network management security<br />
SNMP<br />Collection of tools for network monitoring and control<br />Key elements<br />management station<br />management...
SNMP<br />
USM<br />Protection and privacy in SNMP<br />prevents modification<br />prevents masquerade<br />prevents message stream m...
VACM<br />
?<br />
Upcoming SlideShare
Loading in …5
×

Security

644 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
644
On SlideShare
0
From Embeds
0
Number of Embeds
48
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • negotiates certificate, encryption and MAC algorithmfirst thing when establishing SSL link
  • user security model
  • view-based access control model
  • Security

    1. 1. Web security<br />Jernej Virag<br />
    2. 2. SSLv3 and TLS<br />Secure Socket Layer<br />
    3. 3. SSLv3<br />Provides reliable end-to-end security service<br />Two layers of protocols<br />
    4. 4. SSL record protocol<br />
    5. 5. SSL cypher spec and altert<br />Ciper spec protocol<br />a single byte that makes new cypher settings valid from the moment onward<br />Alert protocol<br />notifies of possible SSL problems and errors<br />fatal errors cause immediate connection termination<br />
    6. 6. SSL handshake protocol<br />
    7. 7. TLS<br />Updated version of SSLv3<br />Differences<br />version<br />MAC<br />pseudorandom function<br />alert codes in alert protocol<br />certificates, certificate types, certificate verification<br />padding<br />
    8. 8. SET<br />Secure Electronic Transactions<br />
    9. 9. SET<br />Provides secure channel of communication for all payment transaction parties<br />Provides trust with X.509v3 certificates<br />Ensures privacy by providing minimal set of data for all parties<br />
    10. 10. SET participants<br />
    11. 11. SET payment sequence<br />
    12. 12. Dual signature<br />
    13. 13. SNMP<br />Network management security<br />
    14. 14. SNMP<br />Collection of tools for network monitoring and control<br />Key elements<br />management station<br />management agent<br />management information base<br />network management protocol<br />
    15. 15. SNMP<br />
    16. 16. USM<br />Protection and privacy in SNMP<br />prevents modification<br />prevents masquerade<br />prevents message stream modification<br />prevents disclosure<br />Does not prevent DDoS and traffic analysis<br />
    17. 17. VACM<br />
    18. 18. ?<br />

    ×