Escolar Documentos
Profissional Documentos
Cultura Documentos
Seal
Fingerprint
Contract
Signature
Confidentiality
Authentication
Ability to verify the identity of
people/organizations
Data/Message Integrity
Ensuring communications were not modified in
transit/storage
Nonrepudiation
Parties cannot deny a communication. Proof
that the sender sent and proof that the receiver
received
Hasing
Another use of one way functions!
You can start from the same data and get the
same result, but it is nearly impossible to work
backwards
A hash forms a message digest of the data.
A smaller version
However, the values for the one way hash
function are not secret
Hasing Example
We could choose an algorithm Sum (mod
12)
123 222 143 212 (four 8 bit characters)
Sum = 700, mod 12 4
4 is the hash (or checksum)
message Hashing A value
Sender algorithm say X
message
X=Hash Value
message
Hashing
Y
message algorithm
Receiver X
If X = Y, message
X sent and received
are the same.
What kinds of security questions
arise?
From the users perspective
How can the user be sure that the Web
server is owned and operated by a
legitimate company?
How does the user know that the Web page
and form do not contain some malicious or
dangerous code or content?
How does the user know that the owner of
the Web site will not distribute the
information the user provides to some other
party?
From the companys perspective
How does the company know the user will
not attempt to break into the Web server or
alter the pages and content at the site?
How does the company know that the user
will not try to disrupt the server so that it is
not available to others?
From both parties perspectives
How do both parties know that the network
connection is free from eavesdropping by a third
Party on the line?
How do they know that the information sent back-
And forth between the server and the users
browserhas not been altered?
Threats and Attacks
virus
A piece of software code that inserts itself into
a host, including the operating systems, in order
to propagate; it requires that its host program
run to activate it
worm
A software program that runs independently,
consuming the resources of its host in order to
maintain itself, that is capable of propagating a
complete working version of itself onto another
machine
Online Payment Technology