TAILIEUCHUNG - Lecture notes on Computer and network security: Lecture 20 - Avinash Kak

Lecture 20: PGP, IPSec, SSL/TLS, and Tor Protocols. After studying this chapter you will be able to understand: PGP: A case study in email security, key management issues in PGP, packet-level security with IPSec, transport Layer Security with SSL/TLS, heartbeat extension to the SSL/TLS protocol, the tor protocol for anonymized routing. | Lecture 20: PGP, IPSec, SSL/TLS, and Tor Protocols Lecture Notes on “Computer and Network Security” by Avi Kak (kak@) March 29, 2016 4:00pm c 2016 Avinash Kak, Purdue University Goals: • PGP: A case study in email security • Key management issues in PGP • Packet-level security with IPSec • Transport Layer Security with SSL/TLS • Heartbeat Extension to the SSL/TLS protocol • The Tor protocol for anonymized routing CONTENTS Section Title Page Providing Security for Internet Applications 3 Application Layer Security — PGP for Email Security 8 Key Management Issues in PGP and PGP’s Web of Trust IPSec – Providing Security at the Packet Layer 15 25 IPv4 and IPv6 Packet Headers 30 IPSec: Authentication Header (AH) 33 IPSec: Encapsulating Security Payload (ESP) and Its Header 40 IPSec Key Exchange 47 SSL/TLS for Transport Layer Security 50 The Twin Concepts of “SSL Connection” and “SSL Session” 56 The SSL Record Protocol 60 The SSL Handshake Protocol 63 The Heartbeat Extension to the SSL/TLS Protocol 68 The Tor Protocol for Anonymized Routing 72 Homework Problems 86 2 Computer and Network Security by Avi Kak Lecture 20 : PROVIDING SECURITY FOR INTERNET APPLICATIONS • As described in detail in my previous lectures, there are three fundamental aspects to providing information security in internet applications: – authentication – confidentiality – key management • As shown in Figure 1, information security may be provided at different layers in the internet suite of communication protocols: – We can provide security services in the Network Layer by using, say, the IPSec protocol, as shown in part (a) of Figure 1. While eliminating (or reducing) the need for higher level protocols to provide security, this approach, if solely relied upon, makes it difficult to customize the security policies to specific applications. It .

• An ninh - Bảo mật
• Network security
• Lecture notes on Computer and network security
• Computer security
• Internet applications
• Application layer security
• Transport layer security
• Web security
• security rules
• encryption techniques
• security techniques
• Security chat rooms
• especially
• Network Security Tools
• CCNA Security
• Lecture CCNA Security
• Modern Network Security Threats
• Evolution of Network Security
• Drivers for Network Security
• Network Perimeter
• Network Perimeter Security
• Network Security Principles
• Cryptography
• IDS Tools
• CGI attacks
• network intruders
• Managing Security
• Wireless
• Wireless Network Security
• attack techniques
• defensive techniques
• operating system security
• application security
• security policy
• Network Security Fundamentals
• Guide to Network Security Fundamentals
• Information security
• Define information security
• Information security careers
• Operational security
• Harden physical security
• Secure the physical environment
• Mobile device security
• Lecture Network security
• Computer network
• Computer hacking
• Internet security
• Network security model
• Securing the Network Infrastructure
• Network cable plant
• Secure removable media
• Network security hacks
• Ebook Network security hacks
• Network security technologies
• Unix host security
• Windows host security
• Wireless Security
• Advanced security
• Computer forensics
• Harden security
• Network Management Security
• Management Security
• security mechanisms
• security services
• security architecture
• encryption system
• Security principles
• Effective authentication methods
• Control access to computer systems
• Security Baselines
• Disable nonessential systems
• Harden operating systems
• Protect e mail systems
• World Wide Web vulnerabilities
• Security policy cycle
• Risk identification
• Security management
• Identity management
• Plan for change management
• CompTIA® Security+
• CompTIA Security+ certification
• Linux file manipulation tools
• Internal physical security controls
• Network hardware security modules