cross tool semantics for protocol security goals
play

Cross-Tool Semantics for Protocol Security Goals SSR December 5, - PowerPoint PPT Presentation

Jan 27, 2023 •112 likes •703 views

Cross-Tool Semantics for Protocol Security Goals SSR December 5, 2016 Gaithersburg, MD Joshua D. Guttman, John D. Ramsdell, Paul D. Rowe The MITRE Corporation {guttman, ramsdell, prowe}@mitre.org 2 Transparency in Security Standardization

  1. Cross-Tool Semantics for Protocol Security Goals SSR December 5, 2016 Gaithersburg, MD Joshua D. Guttman, John D. Ramsdell, Paul D. Rowe The MITRE Corporation {guttman, ramsdell, prowe}@mitre.org

  2. 2 Transparency in Security Standardization § Public trust in standardized security protocols is based in transparency – Rigorous analysis can help rule out hidden insecurities § True transparency requires – Reproducibility of results – By multiple, independent parties – Using a diversity of methods or tools § Sometimes analysis can be opaque – Reliance on expert knowledge – Reliance on specific tool set

  3. 3 ISO/IEC 29128 § Standardized framework for the verification of cryptographic protocols Self-assessment evidence Protocol Adversary Security description model properties § Highest assurance level (4) requires – Formal, tool-supported, analysis of unbounded sessions § Reproducibility calls for tool-independent inputs – We claim our first-order language of security goals is tool-independent

  4. 4 Main Contributions Impact: § Improve reproducibility of formal analyses Technical: § New semantics of first-order language for security goals – Originally designed for strand spaces (CPSA) – Adapted for applied 𝜌 (ProVerif) § Proof of compatibility of the two semantics

  5. 5 Compatible Cross-Tool Semantics Applied 𝝆 Strand spaces - 𝐶 *+, ℙ P 𝑔 𝒣ℒ(ℙ) 𝒣ℒ( P ) ⊨ ⊨ strand traces - runs 𝐶 .*

  6. 6 Simple Example Protocol (SEP) 𝒃 𝑩 ⟶ 𝑪: 𝑙 𝒕𝒍(𝒃) 𝒒𝒍(𝒄) 𝒕 𝑪 ⟶ 𝑩: 𝒆 < Clients 𝐵 may not always choose symmetric key 𝑙 randomly Servers 𝐶 always choose data d randomly

  7. 7 Sample Goals 𝑩 has finished a session with 𝑪 ; If 𝑪 previously transmitted 𝒆 with then 𝑪 ’s private decryption key 𝒒𝒍 𝑪 ?𝟐 and matching parameters is uncompromised the session key 𝒍 is freshly chosen 𝒆 remains confidential and then

  8. 8 Goal Language Protocol-Dependent Protocol-Independent § Role position predicates § Ordering and equality – InitStart(n), RespDone(m) – Preceq(m,n), Coll(m,n), d = d’ § Parameter predicates § Freshness and secrecy – Self(n,a), SessKey(m,k) – Unq(d), UnqAt(m,d), Non(sk(a))

  9. 9 Sample Goal Formalized 𝑩 has finished a session with 𝑪 ; If 𝑪 ’s private decryption key 𝒒𝒍 𝑪 ?𝟐 𝑪 previously transmitted 𝒆 with then and matching parameters is uncompromised the session key 𝒍 is freshly chosen and ∀ n,a,b,k,d. ∃ m. InitDone(n) ∧ Self(n,a) ∧ Peer(n,b) ∧ RespDone(m) ∧ Self(m,b) ∧ Peer(m,a) ∧ ⟹ SessKey(n,k) ∧ Data(n,d) ∧ SessKey(n,k) ∧ Data(m,d) ∧ Non(pk(b) -1 ) ∧ Unq(k) Preceq(m,n)

  10. 10 Applied 𝝆 Syntax out ℓ 𝑑, 𝑣 . 𝑄 𝑄, 𝑅 = in 𝑑, 𝑦 . 𝑄 let 𝑦 ∶ s = 𝑤 in 𝑄 else 𝑅 0 sum 𝑜 R ∶ s . 𝑄 (𝑄 ∣ 𝑅) new 𝑜 ∶ s . 𝑄 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . 𝑄 [\ , 𝑜 R ∈ 𝒪 [] ) ℓ . 𝑄 (𝑑, 𝑢𝑗𝑒 ∈ 𝐷ℎ, 𝑦 ∈ 𝒴, 𝑜 ∈ 𝒪

  11. 11 Applied 𝝆 Protocols ` 𝑩 ⟶ 𝑪: 𝑙 [<(`) a<(b) [ 𝑪 ⟶ 𝑩: 𝑒 < Init = !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 Resp = !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙: skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 <

  12. 12 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 <

  13. 13 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 <

  14. 14 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 <

  15. 15 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 < (InitStart , out 𝑢𝑗𝑒, 𝑛 k , 𝓕 𝟐 ).

  16. 16 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 < (InitStart , out 𝑢𝑗𝑒, 𝑛 k , 𝓕 𝟐 ).

  17. 17 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 < (InitStart , out 𝑢𝑗𝑒, 𝑛 k , 𝓕 𝟐 ). ( ⊥ , in 𝑢𝑗𝑒, 𝑛 n , 𝓕 𝟑 ).

  18. 18 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 < (InitStart , out 𝑢𝑗𝑒, 𝑛 k , 𝓕 𝟐 ). ( ⊥ , in 𝑢𝑗𝑒, 𝑛 n , 𝓕 𝟑 ).

  19. 19 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 < (InitStart , out 𝑢𝑗𝑒, 𝑛 k , 𝓕 𝟐 ). ( ⊥ , in 𝑢𝑗𝑒, 𝑛 n , 𝓕 𝟑 ). (RespStart , ⊥ , 𝓕 𝟒 ).

  20. 20 Operational Trace Semantics !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . ` sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . sum 𝑙: skey . out InitStart ( 𝑢𝑗𝑒, 𝑙 [<(`) ) . a<(b) in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑒 ∶ data = 𝑒𝑓𝑑 [ 𝑨, 𝑙 in InitDone . 𝟏 !new 𝑢𝑗𝑒 . out 𝑑, 𝑢𝑗𝑒 . sum 𝑏 ∶ agt . sum 𝑐 ∶ agt . in ( 𝑢𝑗𝑒, 𝑨 ) . let 𝑦: ⊤ = 𝑒𝑓𝑑 ` 𝑨, 𝑡𝑙(𝑐) in [ ) . 𝟏 let 𝑙 ∶ skey = 𝑤𝑓𝑠 𝑦, 𝑞𝑙(𝑏) in RespStart . new 𝑒 ∶ data . out RespDone ( 𝑢𝑗𝑒, 𝑒 < (InitStart , out 𝑢𝑗𝑒, 𝑛 k , 𝓕 𝟐 ). ( ⊥ , in 𝑢𝑗𝑒, 𝑛 n , 𝓕 𝟑 ). (RespStart , ⊥ , 𝓕 𝟒 ).

Recommend

Transport Layer Security The TLS Protocol Transport Layer Security (TLS) Security goals:

Transport Layer Security The TLS Protocol Transport Layer Security (TLS) Security goals:

IN3210 Network Security Transport Layer Security The TLS Protocol Transport Layer Security (TLS) Security goals: Authentication Integrity Confidentiality Transparent security protocol between TCP and application

1k views • 66 slides
OsmocomBB A tool for GSM protocol level security Harald Welte gnumonks.org gpl-violations.org

OsmocomBB A tool for GSM protocol level security Harald Welte gnumonks.org gpl-violations.org

GSM/3G Network Security Introduction Security Problems and the Baseband OsmocomBB Project Summary OsmocomBB A tool for GSM protocol level security Harald Welte gnumonks.org gpl-violations.org OpenBSC airprobe.org hmw-consulting.de SSTIC

629 views • 35 slides
OpenBSC network-side GSM stack A tool for GSM protocol level security analysis Harald Welte

OpenBSC network-side GSM stack A tool for GSM protocol level security analysis Harald Welte

GSM/3G security Implementing GSM protocols Security analysis Summary OpenBSC network-side GSM stack A tool for GSM protocol level security analysis Harald Welte gnumonks.org gpl-violations.org OpenBSC airprobe.org hmw-consulting.de SSTIC

1.16k views • 34 slides
Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and

Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and

Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and Objectives Goals and Objectives CAR adopted the Forest Protocols in 2005 CAR Board directed staff in 2007 to: Initiate a stakeholder process

532 views • 25 slides
Formal Semantics and Automated Verification for the Border Gateway Protocol Konstantin Doug

Formal Semantics and Automated Verification for the Border Gateway Protocol Konstantin Doug

Formal Semantics and Automated Verification for the Border Gateway Protocol Konstantin Doug Emina Michael Arvind Zachary Weitz Woos Torlak D. Ernst Krishnamurthy Tatlock The Border Gateway Protocol The Border Gateway Protocol AS AS

645 views • 29 slides
The Network Network Security Secure against what/whom Security goals Attacker model Same

The Network Network Security Secure against what/whom Security goals Attacker model Same

The Network Network Security Secure against what/whom Security goals Attacker model Same hub `trusted LAN Internet Eavesdrop / block messages / insert messages / ... Typical attacker model security protocol analysis: Attacker

780 views • 63 slides
Cross-Cutting Models of Lexical Semantics Joseph Reisinger and Raymond Mooney Distributional

Cross-Cutting Models of Lexical Semantics Joseph Reisinger and Raymond Mooney Distributional

Cross-Cutting Models of Lexical Semantics Joseph Reisinger and Raymond Mooney Distributional Lexical Semantics Represent meaning as a point/vector in a high-dimensional space Word relatedness correlates with some distance metric

804 views • 32 slides
Call Semantics Finding Remote Objects Method Call Semantics what does it mean to It

Call Semantics Finding Remote Objects Method Call Semantics what does it mean to It

Network Programming Paradigms Sockets programming: design a protocol CSCE 515: first, then implement clients and servers Computer Network that support the protocol. Programming RMI: Develop an application, then move ------ Remote Method

204 views • 4 slides
Semantics 1 / 21 Outline What is semantics? Denotational semantics Semantics of naming What

Semantics 1 / 21 Outline What is semantics? Denotational semantics Semantics of naming What

Semantics 1 / 21 Outline What is semantics? Denotational semantics Semantics of naming What is semantics? 2 / 21 What is the meaning of a program? Recall: aspects of a language syntax : the structure of its programs semantics : the

551 views • 21 slides
Runtime Monitoring, Verification, Enforcement and Control of C Programs (From Tool to Semantics)

Runtime Monitoring, Verification, Enforcement and Control of C Programs (From Tool to Semantics)

Introduction Preliminaries Semantics of Runtime Control Semantics of Synthesis of Controlling Programs Expressiveness of Controlling Runtime Monitoring, Verification, Enforcement and Control of C Programs (From Tool to Semantics) Zhe Chen

558 views • 55 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
The ARCHES cross-correlation tool cois-Xavier Pineau 1 Fran 1 Observatoire Astronomique de

The ARCHES cross-correlation tool cois-Xavier Pineau 1 Fran 1 Observatoire Astronomique de

The ARCHES cross-correlation tool cois-Xavier Pineau 1 Fran 1 Observatoire Astronomique de Strasbourg, Universit e de Strasbourg, CNRS Paris, 1 th December, 2015 1 / 36 INTRODUCTION This talk: Cross-correlation tool development &amp;

1.26k views • 76 slides
Protocol Security Engineering &quot;

Protocol Security Engineering &quot;

Can we avoid Protocol Security meltdown? Brian Monahan Trusted Systems Lab HP Labs, Bristol, UK Tel: +44 (0)117 312-8935 Email: brian_monahan@hp.com Presented at STORK : Towards a Roadmap for Future Research 26-27 November 2002 What is

203 views • 3 slides
Limitless HTTP in an HTTPS World Inferring the Semantics of the HTTPS Protocol without Decryption

Limitless HTTP in an HTTPS World Inferring the Semantics of the HTTPS Protocol without Decryption

Limitless HTTP in an HTTPS World Inferring the Semantics of the HTTPS Protocol without Decryption Blake Anderson, PhD ; Andrew Chi ; Scott Dunlop ; and David McGrew, PhD Cisco, University of North Carolina contact:

363 views • 22 slides
Automated Reasoning for Security Protocol Analysis The ASW Protocol Revisited: A Unified View

Automated Reasoning for Security Protocol Analysis The ASW Protocol Revisited: A Unified View

Automated Reasoning for Security Protocol Analysis The ASW Protocol Revisited: A Unified View Paul Hankes Drielsma and Sebastian M odersheim Information Security, ETH Zurich ARSPA Paul Hankes Drielsma 1 Introduction ASW: an

508 views • 14 slides
IPv6 Protocol IPv6 Protocol Does it solve all the security problems of IPv4? Franjo Majstor

IPv6 Protocol IPv6 Protocol Does it solve all the security problems of IPv4? Franjo Majstor

IPv6 Protocol IPv6 Protocol Does it solve all the security problems of IPv4? Franjo Majstor EMEA Consulting Engineer fmajstor@cisco.com Cisco Systems, Inc. 1 fmajstor@cisco.com, IPv6 Security Agenda IPv6 Primer IPv6 Protocol

241 views • 21 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CPSC 410/611 Operating Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies

419 views • 19 slides
Computational Linguistics: Semantics Raffaella Bernardi University of Trento Contents First

Computational Linguistics: Semantics Raffaella Bernardi University of Trento Contents First

Computational Linguistics: Semantics Raffaella Bernardi University of Trento Contents First Last Prev Next 1. Recall: goals Back to our Goals: 1. provide students with an overview of the field with focus on the syntax-semantics

121 views • 11 slides
Cryptography and Network Security IPSEC Security architecture and protocol stack Secure

Cryptography and Network Security IPSEC Security architecture and protocol stack Secure

Cryptography and Network Security IPSEC Security architecture and protocol stack Secure applications: Applicaz. (SHTTP) PGP, SHTTP, SFTP, or SSL/TLS Security down in the TCP protocol stack -SSL between TCP IPSEC and applic. layer

723 views • 59 slides
The HTTP Protocol The HTTP Protocol How to write servers and clients in Java Anders Mller

The HTTP Protocol The HTTP Protocol How to write servers and clients in Java Anders Mller

Objectives Objectives How the HTTP protocol works An Introduction An Introduction to XML and Web Technologies to XML and Web Technologies The SSL security extension from a programmer's point of view The HTTP Protocol The HTTP Protocol

433 views • 10 slides
Real-Time Transport Protocol (RTP) August 12, 2001 RTP 2 RTP protocol goals mixers and

Real-Time Transport Protocol (RTP) August 12, 2001 RTP 2 RTP protocol goals mixers and

RTP 1 Real-Time Transport Protocol (RTP) August 12, 2001 RTP 2 RTP protocol goals mixers and translators control: awareness, QOS feedback media adaptation August 12, 2001 RTP 3 RTP the big picture application media

821 views • 42 slides
Outline Cross-site scripting CSci 5271 More cross-site risks Introduction to Computer Security

Outline Cross-site scripting CSci 5271 More cross-site risks Introduction to Computer Security

Outline Cross-site scripting CSci 5271 More cross-site risks Introduction to Computer Security Web security, part 2 Announcements intermission Stephen McCamant Confidentiality and privacy University of Minnesota, Computer Science &amp;

892 views • 6 slides
TAIC PART 2010 Linguistic Security Testing for Textual Protocols Authors Ben Kam, Tom Dean

TAIC PART 2010 Linguistic Security Testing for Textual Protocols Authors Ben Kam, Tom Dean

TAIC PART 2010 Linguistic Security Testing for Textual Protocols Authors Ben Kam, Tom Dean Queens University, Canada Linguistic Security Testing for Textual Protocols Goals and History 1. Protocol Tester Protocol Tester Group

720 views • 17 slides
Executing Formal Semantics with the Tool David L AZAR 1 Andrei A RUSOAIE 2 , ERB , A 1,2

Executing Formal Semantics with the Tool David L AZAR 1 Andrei A RUSOAIE 2 , ERB , A 1,2

Executing Formal Semantics with the Tool David L AZAR 1 Andrei A RUSOAIE 2 , ERB , A 1,2 Traian S ANUT Chucky E LLISON 1 Radu M EREUTA 2 Dorel L UCANU 2 , U 1,2 Grigore R OS 1 University of Illinois at Urbana-Champaign 2 University

417 views • 24 slides

More recommend