Chapter 29 Internet Security
CONTENTS <ul><li>INTRODUCTION </li></ul><ul><li>PRIVACY </li></ul><ul><li>DIGITAL SIGNATURE </li></ul><ul><li>SECURITY IN ...
INTRODUCTION 29.1
Figure  29-1 Aspects of security
PRIVACY 29.2
Figure  29-2 Secret-key encryption
In secret-key encryption,  the same key is used by the sender  (for encryption)   and the receiver  (for decryption).   Th...
Secret-key encryption is often called  symmetric encryption because  the same key can  be used in both directions.
Secret-key encryption is  often used for long messages.
We discuss one secret-key  algorithm in Appendix E.
KDC   can solve the problem  of secret-key distribution.
Figure  29-3 Public-key encryption
Public-key algorithms are more  efficient for short messages.
A  CA   can certify the binding between  a public key and the owner.
Figure  29-4 Combination
To have the advantages of both  secret-key and public-key  encryption, we can encrypt the secret key  using the public key...
DIGITAL SIGNATURE 29.3
Figure  29-5 Signing the whole document
Digital signature cannot be  achieved using only secret keys.
Digital signature does not  provide privacy.  If there is a need for privacy,  another layer of  encryption/decryption  mu...
Figure  29-6 Signing the digest
Figure  29-7 Sender site
Figure  29-8 Receiver site
SECURITY IN THE INTERNET 29.4
APPLICTION LAYER SECURITY 29.5
Figure  29-9 PGP at the sender site
Figure  29-10 PGP at the receiver site
TRANSPORT LAYER SECURITY (TLS) 29.6
Figure  29-11 Position of TLS
Figure  29-12 Handshake protocol
SECURITY AT THE IP LAYER (IPSec) 29.7
Figure  29-13 Authentication
Figure  29-14 Header format
Figure  29-15 ESP
Figure  29-16 ESP format
FIREWALLS 29.8
Figure  29-17 Firewall
Figure  29-18 Packet-filter firewall
A packet-filter firewall filters  at the network or transport layer.
Figure  29-19 Proxy firewall
A proxy firewall  filters at the application layer.
Upcoming SlideShare
Loading in …5
×

Ch29

286 views

Published on

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
286
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ch29

  1. 1. Chapter 29 Internet Security
  2. 2. CONTENTS <ul><li>INTRODUCTION </li></ul><ul><li>PRIVACY </li></ul><ul><li>DIGITAL SIGNATURE </li></ul><ul><li>SECURITY IN THE INTERNET </li></ul><ul><li>APPLICATION LAYER SECURITY </li></ul><ul><li>TRANSPORT LAYER SECURITY: TLS </li></ul><ul><li>SECURITY AT THE IP LAYER: IPSEC </li></ul><ul><li>FIREWALLS </li></ul>
  3. 3. INTRODUCTION 29.1
  4. 4. Figure 29-1 Aspects of security
  5. 5. PRIVACY 29.2
  6. 6. Figure 29-2 Secret-key encryption
  7. 7. In secret-key encryption, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared.
  8. 8. Secret-key encryption is often called symmetric encryption because the same key can be used in both directions.
  9. 9. Secret-key encryption is often used for long messages.
  10. 10. We discuss one secret-key algorithm in Appendix E.
  11. 11. KDC can solve the problem of secret-key distribution.
  12. 12. Figure 29-3 Public-key encryption
  13. 13. Public-key algorithms are more efficient for short messages.
  14. 14. A CA can certify the binding between a public key and the owner.
  15. 15. Figure 29-4 Combination
  16. 16. To have the advantages of both secret-key and public-key encryption, we can encrypt the secret key using the public key and encrypt the message using the secret key.
  17. 17. DIGITAL SIGNATURE 29.3
  18. 18. Figure 29-5 Signing the whole document
  19. 19. Digital signature cannot be achieved using only secret keys.
  20. 20. Digital signature does not provide privacy. If there is a need for privacy, another layer of encryption/decryption must be applied.
  21. 21. Figure 29-6 Signing the digest
  22. 22. Figure 29-7 Sender site
  23. 23. Figure 29-8 Receiver site
  24. 24. SECURITY IN THE INTERNET 29.4
  25. 25. APPLICTION LAYER SECURITY 29.5
  26. 26. Figure 29-9 PGP at the sender site
  27. 27. Figure 29-10 PGP at the receiver site
  28. 28. TRANSPORT LAYER SECURITY (TLS) 29.6
  29. 29. Figure 29-11 Position of TLS
  30. 30. Figure 29-12 Handshake protocol
  31. 31. SECURITY AT THE IP LAYER (IPSec) 29.7
  32. 32. Figure 29-13 Authentication
  33. 33. Figure 29-14 Header format
  34. 34. Figure 29-15 ESP
  35. 35. Figure 29-16 ESP format
  36. 36. FIREWALLS 29.8
  37. 37. Figure 29-17 Firewall
  38. 38. Figure 29-18 Packet-filter firewall
  39. 39. A packet-filter firewall filters at the network or transport layer.
  40. 40. Figure 29-19 Proxy firewall
  41. 41. A proxy firewall filters at the application layer.

×