UNIT-III

Access Control Systems and Methodology

and Cryptography

By Shailee Shah
Assistant professor
President Institute of Computer Application
3.1 Access Control Systems and Methodology
➢ Introduction

❑ Access controls are a collection of mechanisms that work together to create a security
architecture that protects the assets of an information system.

❑ One of the goals of access control is personal accountability, which is the mechanism that
proves someone performed a computer activity at a specific point in time.

❑ This chapter covers terminology and principles of authentication used in the Access Control
domain, along with some of the more popular techniques and protocols used in commercial
software to control access.

❑ This chapter also covers single sign-on techniques and the methods commonly used to
permit remote access to corporate and back-office systems (office networks and servers that
front-office personnel access to do their jobs).

2
Terms and Concepts
❑ Access control is the heart of an information technology (IT) security system and is needed
to meet the major objectives of InfoSec: confidentiality and integrity.

❑ You must be familiar with certain concepts and terms to gain an appreciation for access
control needs and the techniques involved in meeting these needs. The following sections
discuss these terms.
1. Identification

2. Authentication

3. Least Privilege (Need to Know)

4. Information Owner

5. Discretionary Access Control

6. Access Control Lists

7. User Provisioning

8. Mandatory Access Control

9. Role-Based Access Control

3
Identification

❑ Identification credentials uniquely identify the users of an information system.

❑ Identification equates to a user’s offline identity through his or her name, initials, or

email address, or a meaningless string of characters.

❑ Think of identification credentials in terms of how you identify yourself in the offline

world: name, social security number, student ID number, and so on.

Authentication

❑ Authentication credentials permit the system to verify someone’s identification

credential.

❑ Authenticating yourself to a system involves giving it the information you have

established to prove that you are who you say you are. Most often this is a simple
password that you set up when you receive the privilege to access a system. You might
initially receive an assigned password, with the requirement that you reset it to
something more personal that only you can remember.

4
❑ Offline, your picture on your credential (license, credit card, and so forth) allows the

world to check the legitimacy of your identification claim. Your photo authenticates
your identity. Another common authentication of your identity is your signature.

❑ If your signature matches the signature on your credential, the recipient can be

reasonably assured that you are who your ID claims you are.

Least Privilege (Need to Know)

❑ The principle of least privilege is the predominant strategy to ensure confidentiality. The

objective is to give people the least amount of access to a system that they need to
perform the job they’re doing.

❑ The “need to know” concept governs the privilege (authority) to perform a transaction

or access a resource (system, data, and so forth). The military has a strict methodology
for implementing this concept, using sensitivity labels to stored information and
clearance levels to personnel; access is granted only when the subject also has the need
to know.

❑ Thus, not all users (subjects) with Top Secret clearances can gain access to all Top
5
Secret information.
Information Owner

❑ An information owner is one who maintains overall responsibility for the information

within an information system.

❑ In the corporate world, it might be a department head or a division executive.

❑ In the academic world, it might be a dean of records or a university president.

❑ Information owners can delegate the day-to-day work to a subordinate or to an

information technology department, but they cannot delegate the overall responsibility
for the information and the system that maintains it.

❑ The information owner must be the one to make the decisions about who uses the

system and how to recover the system in case a disaster

6
Discretionary Access Control

❑ The principle of discretionary access control (DAC) dictates that the information owner

is the one who decides who gets to access the system(s).

❑ This is how most corporate systems operate. DAC authority can be delegated to others

who then are responsible for user setup, revocation, and changes (department moves,
promotions, and so forth).

❑ Most of the common operating systems on the market today (Windows, Mac OS X,

UNIX, Novell’s NetWare, and so forth) rely on DAC principles for access and
operation.

Access Control Lists

❑ An access control list (ACL) is simply a list or a file of users who are given the

privilege of access to a system or a resource (such as a database).

❑ Within the file is a user ID and an associated privilege or set of privileges for that user

and that resource. The privileges are typically Read, Write, Update, Execute, Delete,
and Rename.
7
User Provisioning

❑ The activity of bringing new employees into an organization includes granting them

access to the systems that they need to perform their duties.

❑ User provisioning activities include checking management approvals for granting

access. Identity management seeks to reduce the number of different IDs a person
requires for accessing various systems, including email IDs, mainframe access IDs (if
present), application IDs, and network IDs.

❑ User provisioning tools help managers determine what rights their employees possess

and to recertify their need for ongoing access periodically .

8
Mandatory Access Control

❑ In a system that uses mandatory access control the system decides who gains access to

information based on the concepts of subjects, objects, and labels.

❑ MAC is most often used in military and governmental systems and is rarely seen in the

commercial world.

❑ In a MAC environment, objects (including data) are labeled with a classification (Secret,

Top Secret, and so forth), and subjects, or users, are cleared to that class of access.

Subjects: The people or other systems that are granted a clearance to access an object within
the information system.

Objects: The elements within the information system that are being protected from use or
access.

Labels: The mechanism that binds objects to subjects. A subject’s clearance permits access to
an object based on the labeled security protection assigned to that object. For example,
only subjects who are cleared to access Secret objects may access objects labeled Secret or
less than Secret, provided that they also possess the need to know.
9
Role-Based Access Control

❑ Role-based access control (RBAC) groups users with a common access need.You can

assign a role for a group of users who perform the same job functions and require
similar access to resources.

❑ Role-based controls simplify the job of granting and revoking access by simply

assigning users to a group and then assigning rights to the group for access control
purposes.

❑ This is especially helpful in companies that experience a high rate of employee turnover

or frequent changes in employee roles.

10
Principles of Authentication
❑ The idea of authentication is that only the legitimate user possesses the secret information

needed to prove to a system that he or she has the right to use a specific user ID. These
secrets are commonly passwords, but history shows that passwords are problematic.

The Problems with Passwords

❑ Sometimes passwords cause more problems than they solve. It is often said in the security

field that people are the weakest link in the security chain.

❑ Passwords can be insecure: Given the choice, people will choose easily

remembered and easily guessed passwords, such as names of relatives, pets, phone
numbers, birthdays, hobbies, and other similar items.

❑ Passwords are easily broken: Common words in an ordinary dictionary make for

poor choices of passwords. Free and widely available programs are available on the
Internet to crack passwords through a dictionary attack. A dictionary attack involves
rapidly cycling through words, phrases, and common permutations of words and
phrases to match a password and record it for someone to exploit at some future
11
point.
Multifactor Authentication
❑ It’s possible to add more sophistication to authenticating users than using passwords

alone.

❑ With two or three factors (multifactor authentication) to authenticate, an information

owner can gain confidence that users who access their systems are indeed authorized to
access those systems.

❑ This is accomplished by adding more controls or devices to the password authentication

process.

12
Two-Factor Authentication
❑ With a two-factor authentication system, a user has a physical device (a card, token,

smart card, USB flash drive, and so forth) that contains his or her credentials, protected
by a personal identification number (PIN) or a password that the user keeps secret.

❑ This condition is described as something you have plus something you know

(SYH/SYK). An example is your debit card and PIN used to access an automated teller
machine (ATM) at your bank.

❑ The card identifies you as the account holder, and the PIN authenticates you to the

device. Because these PINs are usually only four characters long and usually consist of
only numbers, the number of possibilities (entropy) of the system is 10,000 (0000 to
9999).

❑ Because a brute-force attack will eventually hit the right PIN, the ATM permits only

three tries before it retains the card and notes the attempted breach of your account,
forcing the user to contact the bank to restore the ATM privilege.

13
Three-Factor Authentication
❑ In a three-factor system, unique information related to the user is added to the two-

factor authentication process.

❑ This unique information might be a biometric (fingerprint, retinal scan, and so forth)

needed for authentication.

❑ These systems are common for physical access to secured areas and can be replicated

for computer or logical access.

❑ The three-factor mechanism is described as something you have plus something you

know plus something you are (SYH/SYK/SYA). For example, a person trying to access
a data center door might be required to swipe a card (a badge), enter a PIN on a keypad
to prove that she’s the owner of the badge, and offer a fingerprint or iris or retinal scan
to prove that she is the person assigned the badge and PIN.

14
Biometrics
❑ Biometric methods of identification work by measuring unique human characteristics as

a way to confirm identity. The following are common biometric techniques in use
today:

1. Fingerprint recognition

2. Signature dynamics

3. Iris scanning

4. Retina scanning

5. Voice prints

6. Face recognition

❑ The most common biometric in use is fingerprint recognition. Consider some

advantages of fingerprints:

1. Fingerprints can’t be lent out like a physical key or token and can’t be forgotten like
a password.

2. Fingerprints are a good compromise in ease of use, cost, and accuracy. 15

 3. Fingerprints contain enough inherent variability to enable unique identification even in
very large databases (think millions of records).

4. Fingerprints last virtually forever—or at least until some extraordinary circumstance

prevents their use (amputation, dismemberment, and so forth).

5. Fingerprints make network login and authentication effortless.

❑ The following are practical applications for biometric identification/authentication:

1. Handling network access control

2. Tracking staff time and attendance

3. Authorizing financial transactions

4. Distributing government benefits (Social Security, public assistance, and so forth)

5. Verifying identities at point of sale

6. Working in conjunction with ATM cards, credit cards, or smart cards

7. Controlling physical access to office buildings or homes

8. Protecting personal property

9. Preventing kidnapping in schools, play areas, and other locations

10. Protecting children from fatal gun accidents

11. Controlling voting, passports, visas, and immigration 16

Single sign-on
❑ System a user needs access to requires a unique ID and password, thus requiring the

user to maintain a number of ID/password pairs. Internet sites exacerbate this problem
by requiring users to register and create a user ID and password.

❑ A single sign-on (SSO) system can simplify this. In an SSO system, users have one

password for all corporate and back-office systems and applications that they need to
perform their jobs.

❑ That way, they can remember and use one consistent password, thus increasing the

security of the overall system of access controls. Although this goal sounds reasonable,
it’s actually quite difficult to implement.

❑ One common approach to managing IDs and passwords is to create a password or PIN

vault. These programs use secure methods to locally store IDs and passwords that are
protected by a master password that unlocks the vault when it’s needed.

❑ A free, open-source version of this concept, developed by Bruce Schneier, a well-known

industry expert on cryptography, is available from Sourceforge.com.

17
Kerberos
❑ Kerberos is a network authentication protocol named for the three-headed dog that guarded the

entrance to Hades in Greek mythology.

❑ Kerberos is designed to provide authentication for client/server applications by using

symmetric key cryptography .

❑ A free implementation of Kerberos is available from the MIT.

❑ Kerberos is available in many commercial products as well. The Kerberos protocol uses robust

cryptography so that a client can prove his or her identity to a server (and vice versa) across an
insecure network connection, such as the Internet.

❑ After a client and server have used Kerberos to prove their identities, they can also encrypt all

their communications to ensure privacy and data integrity as they go about their business.

❑ Kerberos works by assigning a unique key, called a ticket, to each user who logs on to the

network. The ticket is then embedded in messages that permit the receiver of the message
(programs or other users) to positively identify the sender of the message.

18
❑ When using Kerberos, users need to log in only once, and each resource they want to access

checks their tickets for currency and validity when a request for access is made.

19
Remote User Access and Authentication
❑ When working at remote locations or telecommuting from home, additional security

problems arise because of the use of insecure networks (such as the Internet) to create a
connection to the corporate local area network (LAN).

❑ Addressing these problems requires additional access control mechanisms to protect

both the LAN and the users.

Remote Access Dial-In User Service
❑ Remote Access Dial-In User Service (RADIUS) is a client/server protocol and software

that enables remote access users to communicate with a central server to authenticate
dial-in users and authorize their access to the requested system or service.

❑ For example, you might need to dial up an external network to gain access so that you

can perform work, deposit a file, or pick up a file. The earliest versions of America
Online (AOL) used RADIUS, or RADIUS-like technology, to authenticate legitimate
AOL users.

❑ RADIUS allows a company to maintain user profiles in a central database that all
20
remote servers can share.
 ❑ RADIUS allows a company to set up a policy that can be applied at a single administered

network point. Having a central service also means it’s easier to track usage for billing and
network statistics.

❑ RADIUS is the de facto industry standard for many network product companies and is in

wide use throughout corporate networks primarily for system and network administrators to
log in and manage remote devices (routers, servers, and so on).

❑ Authenticating to a RADIUS server might require using an ID/password combination or,

more often, a token or smart card for multifactor authentication.

Virtual Private Networks

❑ A virtual private network (VPN) is the more common means for remote users to access

corporate networks.

❑ With a VPN, a user connects to the Internet via his or her ISP and initiates a connection to

the protected network, creating a private tunnel between the endpoints that prevents
eavesdropping or data modification.

❑ VPNs often use strong cryptography to both authenticate senders and receivers of messages
21
and to encrypt traffic so that it’s invulnerable to a man-in-the middle (MitM) attack.
3.2 Cryptography
➢ Introduction

❑ In the offline world, it’s easy to ask someone for an ID to prove that people are who

they claim to be.

❑ As a society, we’ve generally grown to trust photo IDs and written signatures as a way

of verifying the legitimacy of certain rights, such as the right to use a credit card or
drive a car.

❑ In the online world, checking the same claims to access rights can be performed only

through technology, primarily cryptography.

❑ Generally, this is accomplished by binding a person to a pair of cryptographic keys

using tightly controlled and secure conditions. When the trusted key issuance process is
complete, these keys are used to keep messages private, authenticate the sender, and test
the integrity of messages.

❑ This achieves two objectives of security: confidentiality and integrity. Because most

computer application-level security relies on cryptography, having a strong foundational

22
understanding of this topic is essential.
Applying Cryptography to Information Systems
❑ Applied cryptography, the science of secret writing, enables the storage and transfer of

information in forms that reveal it only to those permitted to see it, while hiding that
information from everyone else.

❑ In the 20th century, international governments began to adopt the use of cryptography to

protect their private and sensitive information and for communication purposes.

❑ Until the past 25 years or so, governments and military organizations were the exclusive users

of cryptography: They secured their own private data and tried to crack everyone else’s.

❑ The United States National Security Agency (NSA) is a large government agency devoted to

developing and protecting robust cryptography to protect secrets.

❑ Today, certain elements of cryptography are treated as munitions, so various government

agencies (including the NSA) tightly control cryptography’s uses and export. U.S. encryption
export policy rests on three principles: review of encryption products before sale, streamlined
post-export reporting, and license review of certain exports and re-exports of strong
encryption to foreign governments.
23
❑ As of December 2004, some controls were’relaxed and others were clarified in a

“Commercial Encryption Export Controls”

❑ Since the 1970s, academic interest in cryptography has grown at a tremendous rate. With this

proliferation of research, private citizens have gained access to various cryptography

techniques to protect personal information and conduct secure electronic transactions.

❑ Although the U.S. government is not keen on carte blanche permission to export software or

devices that use strong cryptography, advancements in the field continue, primarily within
academia.

❑ If the government continued to have its way, the NSA would be the only user of strong

cryptography, but the Clinton administration changed in the 1990s.

❑ With the aid of supercomputers (massively parallel processors), communities of hackers who

work together to crack the strongest cryptosystems, and the increasing sophistication of
modern computer technology, cryptography is becoming more tried and true. It is evolving
into a highly reliable process with well-established practices
24
Basic Terms and Concepts
❑ Cryptography is a domain loaded with new terms and concepts. Following are some of

the more common terms and concepts you’re likely to encounter when studying the
field of cryptology:

1. A cryptosystem disguises messages, allowing only selected people to see through

the disguise.

2. Cryptography is the science (or art) of designing, building, and using

cryptosystems.

3. Cryptanalysis is the science (or art) of breaking a cryptosystem.

4. Cryptology is the umbrella study of cryptography and cryptanalysis.

5. Cryptographers rely on two basic methods of disguising messages : transposition, in

which letters are rearranged into a different order, and substitution, in which letters
are replace

❑ Plain text is the message that is passed through an encryption algorithm, or cipher—it

becomes ciphertext. When ciphertext is passed through a decryption algorithm, it

25
becomes plain text again.
Strength of Cryptosystems
❑ A strong cryptosystem is considered strong only until it’s been cracked. That might

sound like common sense, but you can never prove that a cryptosystem is strong or
unbreakable—you can simply ensure that certain properties are present within it.

❑ Each defeat of an attempt to crack a cryptosystem strengthens the belief in its ability to

secure.

❑ The most popular commercial cryptosystems found in software products have similar

characteristics. Their algorithms are made readily available to the public and the
strength of the algorithm rests in the keys used to encrypt and decrypt .

❑ The basic idea is to keep the keys, not the algorithm, secret. Many government

cryptosystems are kept secret and are not intended for public or commercial use.

❑ Strong cryptosystems produce cipher text that always appears random to standard

statistical tests.

26
27
28
Cryptosystems Answer the Needs of Today’s E-Commerce
❑ Before you move on to specific implementations of data encryption and secure

networks, it’s important to understand that different situations call for different levels of
security.

❑ A college student sending an email home to his parents for money is mainly concerned

that the note reaches its intended destination and that no one tampers with the contents
of the note.

❑ An internal corporate memo to all employees, on the other hand, might contain sensitive

information that should not go beyond the company’s intranet. The CEO assumes that
when she sends the note, only the intended audience will read the note.

❑ Likewise, the employees assume that the note did indeed come from the president and

no one else. No real authentication is performed because the company’s email system
relies on the notion of trust.

29
The Role of Keys in Cryptosystems
❑ Keys (secrets) used for encryption and decryption come in two basic forms, symmetric and

asymmetric. This simply means that either the same key is used to both encrypt and decrypt,
or a pair of keys is needed.

❑ When the same key is used to both encrypt and decrypt messages, it’s called symmetric key

or shared secret cryptography.

❑ When different keys are used, it’s called asymmetric key cryptography.

❑ The Data Encryption Standard (DES) uses the former technique; RSA (named after its

inventors, Rivest, Shamir, and Adelman) uses the latter technique. Pretty Good Privacy
(PGP), discussed later.

❑ An even easier method of cryptography is the substitution cipher. The Caesar cipher uses

simple letter substitution. It originated with the Greeks long before Caesar’s time and first
appeared in one of the earliest works on military science.

❑ On the Internet, the most popular example of a Caesar cipher is called ROT13, from “rotate

alphabet 13 places.”

❑ Do method ROI13 with example 30

 Symmetric Keys
❑ When you use the same key to both encrypt and decrypt a message, it’s called symmetric key

cryptography.

❑ The most common form of symmetric key cryptography is the Data Encryption Standard.

❑ DES was developed by IBM at the request of the U.S. government.

❑ It uses 64 bits of data (8 bytes) with a 56-bit (7 byte) key within it.

❑ Triple DES (3DES) is identical but uses a double-length key (128 bits) that encrypts, then

encrypts, and then encrypts again .

❑ Banks commonly use 3DES to protect your PIN number when you enter it at an ATM or on a

point-of-sale keypad (where you swipe your credit or debit card at the cash register).

❑ The bank never stores your PIN as you know it: It’s always stored in encrypted forms, to

prevent its use in the event of theft.

❑ If the ATM enciphers your PIN exactly as your bank stores it, access is granted.

❑ One of the most significant challenges of symmetric key cryptography lies in sharing keys

before they’re needed. 31

 Asymmetric Keys
❑ With asymmetric key cryptography, two keys are needed. A message encrypted using one

key can be decrypted only using the other, and vice versa.

❑ One key is called a public key, and the other is called a private key. Fundamental to

operating properly, the private key must always remain private and must never be shared or
copied from where it was generated.

❑ Using asymmetric key cryptography, you share your public key with everyone you want to

communicate with privately, but you keep your private key secret.

❑ Your private key essentially is your identity—when someone can successfully decrypt a

message that you sent encrypted with your private key, they know that the message could
have come from only you if the decryption using the public key succeeds.

❑ That’s the basis of asymmetric key or public key infrastructures (PKI).

❑ The two keys that comprise a key pair are mathematically related, but neither can be derived

from the other. Typically, the keys used with strong asymmetric key cryptography are 1024
bits long (128 bytes) and are meant to foil a brute force attack on messages that are signed
and encrypted using standard PPK applications. 32
 Asymmetric Keys
❑ PPK cryptography enables you to communicate over any open channel with high degrees of

confidence and permits you to trust in these ways:

Authentication: Messages you receive came from their advertised source.

Privacy: Messages you send can be read only by their intended receiver(s).

Message integrity: All messages sent and received arrived intact.

33
Putting the Pieces to Work
❑ Now that you’ve begun to understand the principles of public and private key pairs, it’s time

to examine how PPK systems are used for authentication, privacy, and message integrity.

❑ To start, you need to be familiar with a computer programming technique called hashing. A

hash is a transformation of data into distilled forms that are unique to the data. This is a one-
way function—it’s easy to do and nearly impossible to undo.

Digesting Data

❑ Several well-known digest-creation techniques, including the Secure Hashing Algorithm

(SHA) and the Message Digest 5 (MD5) algorithm, are common.

❑ Using one of the variations of SHA, unique message digests (fingerprints) can be computed

so that the chances of two different messages computing to the same digest values are 1 in
1048.

❑ After computing the message digest for your message, you encrypt it using your private key

and append (attach) the encrypted message digest to your original message. This process is
called creating a digital signature or digitally signing a message.
34
❑ At this point, if you send your message to your recipient (who already holds a copy of your

public key), that person can test your signature to see if the message really came from you
and arrived unaltered.

❑ how digital signing works: Because the digital signature can be decrypted only using your

public key, your recipient knows that you created the digest because you never shared your
private key with anyone else.

❑ Your recipient’s software also uses the same hashing algorithm that you used to compute

message digests, so he runs the message he received through it.

❑ His software then compares the newly calculated message digest to the one he successfully

decrypted from you.

❑ If they match, he’s now also assured that the message he received is the same message that

you sent, without any alteration.

35
36
Digital Certificates
❑ Digital certificates behave in the online world the same way driver’s licenses, passports, and

other trusted documents behave beyond the online world.

❑ Digital certificates use the basic PPK cryptography principles discussed previously to offer

the security people demand for private communications and electronic commerce.

❑ The digital certificate standard X.509 governs how certificates are constructed and used

between communicating parties.

❑ Digital certificates are issued by a trusted party, called a certificate authority, or CA. These

CAs operate on behalf of those who want to operate a public key infrastructure (PKI) using
X.509 recommended standards.

37
38
Examining Digital Cryptography
❑ Several types of cryptosystems have come into the mainstream over the years. The most

significant categories follow:

1. Hashing functions (SHA-1 and SHA-3)

2. Block ciphers (DES, 3DES, and AES)

3. Implementations of RSA Public-Private Key (PPK)

39
Hashing Functions
❑ Thus far, you’ve seen some of the most common hashing functions to create the message

digest for digitally signed messages. Hashing-type functions can also be used with symmetric
key cryptography; the result of the operation is called a message authentication code.

❑ Hashing is a powerful mechanism for protecting user passwords. If a system requires IDs and

passwords for any reason, it is best to store the passwords people create in the form of a hash
value. That way, even if hackers steal the security database records, they won’t be able to use
the data to impersonate customers directly.

❑ Instead, they’ll need to use additional resources and time to attempt to find out what passwords

are associated with which user IDs. UNIX and Linux operating systems implemented this
technique right from the start.

❑ Many Microsoft Windows implementations are similar but are considered weaker because of

backward-compatibility issues to older versions of Microsoft operating systems. The Secure

Hashing Algorithm (SHA) variants are the most common forms of hashing functions you’ll
encounter with most commercial software.
40
Block Ciphers
❑ Earlier, you read about DES, Triple-DES, and AES as the most common forms of symmetric

key block cipher cryptosystems. DES uses a 56-bit (7 bytes plus a checksum byte) key, which
is considered weak today. Triple DES uses a 112-bit (14 bytes plus 2 checksum bytes) key, and
AES uses a variable-length key (256 bits, 512 bits, and so on).

❑ Block ciphers are important for encrypting/decrypting data in bulk, such as files or batches of

data. They’re also useful for encrypting data in storage systems to prevent unauthorized
access.

❑ Block ciphers can be used to encrypt data fields (attributes) in records and tables, entire

records of data, or entire files or database tables.

❑ Besides DES, 3DES, and AES, plenty of other block cipher algorithms exist, and many of

them have already been subjected to brutal cryptanalysis attacks.

41
Implementations of PPK Cryptography
❑ Public-private key cryptography has found its way into numerous implementations

intended to better secure Internet communications and prove identities, including these
systems:
1. Secure Sockets Layer (SSL)
2. Transport Layer Security (TLS)
3. Pretty Good Privacy (PGP)
4. Secure Multipurpose Internet Mail Extensions (S/MIME)
5. Secure Electronic Transactions (SET)

42
Secure Sockets Layer (SSL)
❑ Secure Sockets Layer (SSL) is the most popular form of PPK and has become the standard for

transporting private information across the Internet.

❑ SSL addresses some of the concerns of transporting confidential data via the Internet.

❑ The goals of SSL are to ensure the privacy of the connection, to authenticate a peer’s identity,

and to establish a reliable transport mechanism for the message using integrity checks and
hashing functions.

❑ SSL was designed for client/server applications, to prevent the unwanted tampering of data

transmission, whether eavesdropping, data alteration, or message forgery.

❑ It’s intended to ensure the privacy and reliability of communications between two applications.

When you shop online, you’re already likely using SSL, whether you know it or not.

❑ Consider two signs that SSL is active during an Internet session:

❑ The URL begins with https // instead of http ://.

❑ A little padlock appears on the status bar of the browser.

43
Transport Layer Security (TLS)
❑ The Transport Layer Security (TLS) protocol is designed to provide communications privacy over the

Internet.

❑ The protocol allows client/server applications to communicate in ways that are designed to prevent

eavesdropping, tampering, or message forgery.

❑ The goals of TLS protocols are to provide the following:

Cryptographic security: TLS should be used to establish a secure connection between two parties.

Interoperability: Independent programmers should be able to develop applications using TLS that can then
successfully exchange cryptographic parameters without knowing one another’s code.

Extensibility: TLS seeks to provide a framework into which new public key and bulk encryption methods
can be incorporated as necessary. This also accomplishes two subgoals: It prevents the need to create a
new protocol, which would risk the introduction of possible new weaknesses, and it avoids the need to
implement an entire new security library.

Relative efficiency: Cryptographic operations, particularly public key operations, tend to be highly CPU
intensive. For this reason, the TLS protocol has incorporated an optional session caching scheme to reduce
the number of connections that need to be established from scratch. Additionally, care has been taken to
reduce network activity.
44
Pretty Good Privacy (PGP)
❑ Pretty Good Privacy (PGP) is a distributed key-management approach that does not rely on

certificate authorities. Users can sign one another’s public keys, adding some degree of
confidence to a key’s validity.

❑ PGP was written by Phil Zimmerman in the mid-1980s.

❑ PGP is often used to encrypt documents that can be shared via email over theopen Internet.

Users of PGP password-protect the file, the password is used in the process of encryption, and,
upon arrival, the password is requested.

❑ Only at the point the exact password is entered can the file be decrypted. Users share the

password “out of band” by sending it in a separate message or leaving the recipient a voice
message with the password to use.

45
Secure Multipurpose Internet Mail Extensions (S/MIME)
❑ Based on technology from RSA Data Security, Secure/Multipurpose Internet Mail Extensions

(S/MIME) offers another standard for electronic mail encryption and digital signatures.

❑ S/MIME, along with a version of PGP called Open PGP, were implemented in the original

Netscape Communications Corporation web browsers.

❑ S/MIME and Open PGP use proprietary encryption techniques and handle digital signatures

differently.

❑ Simply put, if Person A uses a web browser that supports S/MIME and tries to communicate

with Person B, who uses a different browser supported by PGP, the two individuals most likely
will not be able to communicate successfully.

46
Secure Electronic Transactions (SET)
❑ Secure Electronic Transactions (SET) was designed to address most of theconsumer demands

for privacy when using a credit card to shop online.

❑ This protocol covers the steps from the point a particular payment card isselected for use

through the point the merchant completes the transaction andsettles the batch with the acquirer
bank or processor.

❑ SET was designed to use a robust set of strictly controlled digital certificates to identify

cardholders, merchants, and acquiring payment gateways, to ensure the security of messages
passing through open channels such as the Internet.

❑ It also uses multiple forms of symmetric key cryptography (such as DES) to provide

confidentiality of payment card and transaction data

47
THANK YOU
☺

48