LECTURE 8
This lecture is about security in application. It covers Electronic Mail Security and web security. What is e-mail? An e-mail is a message made up of a string of ASCII characters in a format specified by RFC 822. Email has two part, header and body. Header part used to state the sender and email recipient. Body part is content of the message or email. Security that provided in e-mail is confidentiality, data origin authentication, message integrity, non-repudiation of origin and key management. It have 2 main category of email security threat which is threats to the security of e-mail itself and threats to an organisation that are enabled by the use of e-mail.
Multipurpose Internet Mail Extensions (MIME)
Extends the format of Internet mail to allow non-US-ASCII textual messages, non-textual messages, multipart message bodies, and non-US-ASCII information in message headers.
Web Security include security of server, security of client and network traffic security between a browser and a server.
SSL/TLS
Like most modern security protocols, is based on cryptography. When an SSL session is established, the server begins by announcing a public key to the client. No encryption is in use initially, so both parties (and any eavesdropper) can read this key, but the client can now transmit information to the server in a way that no one else could decode. The client generates 46 bytes of random data, forms them into a single very large number according to PKCS#1, encrypts them with the server's public key, and sends the result to the server. Only the server, with its private key, can decode the information to determine the 46 original bytes. This shared secret is now used to generate a set of conventional RC4 cipher keys to encrypt the rest of the session.
SSH (Secure Shell)
A network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for Telnet and other insecure remote shells, which send information, notably passwords, in plaintext, leaving them open for interception. The encryption used by SSH provides confidentiality and integrity of data over an insecure network, such as the Internet.
SET
An open encryption and security specification designed to protect credit card transactions on the internet
No comments:
Post a Comment