SSL Trust Pitfalls Prof Ravi Sandhu SERVERSIDE SSL

  • Slides: 9
Download presentation
SSL Trust Pitfalls Prof. Ravi Sandhu

SSL Trust Pitfalls Prof. Ravi Sandhu

SERVER-SIDE SSL (OR 1 -WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol © Ravi

SERVER-SIDE SSL (OR 1 -WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol © Ravi Sandhu 2006 2

CLIENT-SIDE SSL (OR 2 -WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol © Ravi

CLIENT-SIDE SSL (OR 2 -WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol © Ravi Sandhu 2006 3

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X S Q A a R C

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X S Q A a R C b c © Ravi Sandhu 2006 T E d e G f g I h i K j k M l m O n o p 4

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL v Essentially the model on the web

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL v Essentially the model on the web today v Deployed in server-side SSL mode v Client-side SSL mode yet to happen © Ravi Sandhu 2006 5

SERVER-SIDE MASQUARADING Bob Web browser Server-side SSL www. host. com Web server Ultratrust Security

SERVER-SIDE MASQUARADING Bob Web browser Server-side SSL www. host. com Web server Ultratrust Security Services www. host. com © Ravi Sandhu 2006 6

SERVER-SIDE MASQUARADING Bob Web browser Server-side SSL BIMM Corporation www. host. com Web server

SERVER-SIDE MASQUARADING Bob Web browser Server-side SSL BIMM Corporation www. host. com Web server Server-side SSL Mallory’s Web server Ultratrust Security Services www. host. com © Ravi Sandhu 2006 7

SERVER-SIDE MASQUARADING Bob Web browser Server-side SSL www. host. com Web server Server-side SSL

SERVER-SIDE MASQUARADING Bob Web browser Server-side SSL www. host. com Web server Server-side SSL BIMM Corporation Ultratrust Security Services www. host. com © Ravi Sandhu 2006 Mallory’s Web server Ultratrust Security Services www. host. com 8

REFERENCES v "The problem with multiple roots in Web browsers-certificate masquerading" by Hayes, J.

REFERENCES v "The problem with multiple roots in Web browsers-certificate masquerading" by Hayes, J. M. Proceedings Seventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE 1998. (WET ICE '98) 17 -19 June 1998 Page(s): 306 -311. © Ravi Sandhu 2006 9

SSL Trust Pitfalls Prof Ravi Sandhu SERVERSIDE SSLSSL Trust Pitfalls Prof Ravi Sandhu SERVERSIDE SSL
SSL Trust Pitfalls Prof Ravi Sandhu SERVERSIDE SSLSSL Trust Pitfalls Prof Ravi Sandhu SERVERSIDE SSL
SSL Trust Pitfalls Prof Ravi Sandhu THE CERTIFICATESSL Trust Pitfalls Prof Ravi Sandhu THE CERTIFICATE
OMAM and PEI Prof Ravi Sandhu Ravi SandhuOMAM and PEI Prof Ravi Sandhu Ravi Sandhu
Introduction to Information Security Ravi Sandhu Ravi SandhuIntroduction to Information Security Ravi Sandhu Ravi Sandhu
SSL Prof Ravi Sandhu SECURE SOCKETS LAYER SSLSSL Prof Ravi Sandhu SECURE SOCKETS LAYER SSL
SSL SSL SSL Client CS SC SSL ServerSSL SSL SSL Client CS SC SSL Server
SSL Prof Ravi Sandhu CONTEXT v Mid toSSL Prof Ravi Sandhu CONTEXT v Mid to