Documente Academic
Documente Profesional
Documente Cultură
Presented By:
Rachita Singh
Fadi Farhat
Fall, 2007
1 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Table of Contents
Introduction
Security and Privacy
Basic Security Services
Privacy Mechanisms
Proposed Techniques
- Centralization of Information
- Smart Card Technology using different keys
What people should do to help their privacy?
Conclusion
References
Questions
2 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Introduction
Our paper has two major purposes:
1- Define some terms and concepts of basic
cryptographic methods by using the Privacy
Mechanisms.
3 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Security and Privacy
4 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Elements of Cryptography
5 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Basic Security Services
1. Authentication
It provides us the assurance that the communicating
entity is the one it claims to be
6 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Basic Security Services
2. Access Control
The prevention of unauthorized use of a resource
(i.e. this service controls who can have access to a
resource, under what conditions access can occur,
and what those accessing the resource are allowed
to do).
3. Confidentiality
It is the protection of information from unauthorized
disclosure (against eavesdropping).
7 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Basic Security Services
4. Traffic-flow confidentiality
The protection of information that might be derived
from observation of traffic flows.
5. Integrity
Data integrity is the assurance that the data is
consistent, correct and accessible. Assurance that
data received are exactly as sent by an authorized
sender i.e. no modification, insertion, deletion or
replay.
8 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Basic Security Services
6. Non-repudiation
It is the concept of protection against denial by one
of the parties in a communication.
6.1.Origin non-repudiation
It is the proof that the message was sent by the
specified party.
9 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
1. Encryption (Encipherment)
- Credit-card information
- Bank-account information
- Medical information
10 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
Encryption
Mechanism
11 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
Symmetric encryption
12 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
Public-key cryptography
13 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
Asymmetric
Encryption
This figure explains
while Bob is writing an
e-mail to Nancy, Bob
has the public key of
Nancy, public key of
Nancy is widely
distributed, he can
encrypt that message
and send it to Nancy,
Nancy with her private
key can decrypt the
message and no
intruder should be able
to decrypt the message.
14 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
Private Key encryption
Private Key means that each computer has a secret
key that it can use to encrypt a packet of information.
15 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
16 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
2. Digital Signature
A digital signature is basically a way to
ensure that an electronic document is
authentic. Authentic means that you know
who created the document and that it has
not been altered.
17 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
This figure tells us 3. Hash Functions and
that a hash function Message Digest
creates a fixed
length string from
a block of data. It is
also called a
message digest
function.
These (fast)
functions analyze a
message and
produce a fixed
length digest which
is practically
unique. It is used to
create a signature
for a message
which can be used
to verify its integrity
18 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
4. Access Control
19 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
5. Traffic Padding
It is the process of intercepting and examining
messages in order to deduce information from
patterns in communication.
20 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Privacy Mechanisms
6. Routing control
21 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Proposed Techniques
1- Centralization of Information.
22 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
The idea is to create a Passport account
with the detailed information that will be
saved in a central database and
protected by several security levels.
23 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
Objectives
Secure sign-in.
24 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
Two of the famous groups
The Liberty Alliance Project:
It was established in September 2001 for more than 160 companies.
The goal of the group was to establish an open standard for federated
network identity.
.NET Passport:
It is a unified-login service presented by Microsoft to allow users log in
to many websites using one account.
(MSN Messenger, MSN Hotmail, MSN Music, and other sites and
services )
25 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
Secure sign-in service
To access a participating site, the browser will send an initial
HTTP request message.
The site will return an HTTP redirect message for the co-
branded sign-in page on the Passport server.
The site will add its unique ID and a return URL to the HTTP.
Passport server will check the site ID and return URL before
displaying the authentication.
26 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
Security levels
Standard sign-in
Secure channel sign-in
Strong credential sign-in
27 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
28 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
29 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
Strong credential sign-in security level
If a user enters a password incorrectly five
consecutive times, .NET Passport automatically
blocks access to the account for two minutes,
making it difficult for an attacker to launch a
password cracker.
30 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
Key management
Key management is .NET Passport’s Achilles’ heel, as it is
for all cryptographic security systems. The Passport server
shares a Triple-DES key with each participating site, which it
uses to encrypt information it transfers to the participating
sites in HTTP redirect messages.
31 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Centralization of Information
Suggestions for the centralization of Information
32 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Smart Card Technology using different keys
Receive information.
Process it.
Deliver outputs.
33 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Smart Card Technology using different keys
Objectives
The Smart Card will store different personal information
such as Medical and Banking information.
34 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Smart Card Technology using different keys
Example
35 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Smart Card Technology using different keys
36 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Smart Card Technology using different keys
Security Issue
37 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Smart Card Technology using different keys
Proposed Solution
38 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
What people should do to help their privacy?
Internet privacy is the ability to control who will
access the information and what part of
information.
39 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
What people should do to help their privacy?
40 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
What people should do to help their privacy?
41 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Conclusion
We presented the Security Services and there role
towards protecting information over the Internet.
42 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
References
[1] Rolf Oppliger, “Microsoft .NET Passport”, IEEE
Computer Society, July 2003, pp. 29–35.
43 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal
Questions
44 564 Fall 2007 Security and Privacy on the Internet - Dr. A.K. Aggarwal