Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Security 4 - Transport Level Security (TLS (Transport Layer…
Network Security 4 - Transport Level Security
Overview and ToySSL
Transport Layer Security
Advantages
"for all application" per user / per connection
"end 2 end" , process to process - user based
Disadvantages
"trust in solution" - protocol cipher suite dependent
the same for all application
Characteristics
no network technology dependence
significant protocol suiote dependence -> TCP/IP
provided goals
Confidentiality
Data origin authentication, peer entity authentication
Connectionless integrity, conection-oriented integrity with recovery
access controll
SSL and TCP/IP
by ssl/TLS is TCP/IP unprotected
by IPsec is TCP Protected
SSL - Secure Sockets Layer
"https" = http over ssl
provides:
Confidentiality
Integrity
Authentication
oiriginal goals
web server authentication
encryption
e-commerce
optional client authentication
available to all TCP apps - secure socket interface
ToySSL
Simple Secure Channel
Handshake
Key Derivation
Data Transfer
Connection Closure
SSL - Secure Sockets Layer
Security Services
Peer entity authentication
user data confidentiality
user data integrity
Handshake
Server authenticaton
Negotiation (Verhandlung): agree on crypto algorithms
establish keys
Client authentication protocol
HTTPS
HTTP over SSL
encrypts
url
document contents
form data
cookies
HTTP headers
TLS (Transport Layer Security)
and SSH (Secure Shell)
convert insecure TCP connection into a secure ssh connection
both SSL/TLS and SSH are suited to secure Internet communication
Transport layer security protocols offer true end-to-end protection for user data exchange bettween application processes
but protocol header fields of lower layer protocols ca not be protected this way, so tehy offer no countermeasure to threats to the network infrastructure itself