Three Approaches for Web Security: 1.IP-Level Security 2.SSL/TLS between TCP layer and Application Layer 3.Application-Level Security, such as PGP over SMTP and SET Over HTTP SSL/TLS 1.History: SSL is originated by Netscape. But TLS is the Internet standard version of it. TLS is essentially SSLv3.1 and it’s compatible with SSLv3 …
Network Security Essentials — Notes7. Web Security Read More »
Two major schemes for Email Security: PGP and S/MIME 1.PGP: A package of five services a.Authentication — Digital Signature by HASH + RSA b.Confidentiality i.Generate a one-time symmertric key for each msg ii.Distribute this key by encrypting it with receiver’s public key c.Compression d.Email Compatibility e.Sementation 2.S/MIMIE: Let’s …
Network Security Essentials — Notes6. Email Security Read More »
1. Kerberos a. Suitable for an distributed architecture consisting several servers and some clients b. Based on symmertric key scheme c. A 3rd-party provides authentication service d. Fundamentals: It’s too complicated. Let’s forget it for now 2.X.509 Authentication Service a. Overview i.Related to directory service ii.A framework of …
Network Security Essentials — Notes5. Authentication Applications Read More »