Secure Socket Layer Transport Layer Security
01.07.2013 Views
Share Embed Flag

Secure Socket Layer Transport Layer Security

Secure Socket Layer Transport Layer Security

Secure Socket Layer Transport Layer Security

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
mi.parisdescartes.fr

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Conclusion<br />

SSL / TLS is the most widely deployed security protocol, standard standar<br />

Easy to implement, deploy and use; widely available<br />

Flexible, supports many scenarios and policies<br />

Mature cryptographic design<br />

But SSL is not always the best tool… tool<br />

Use IP-Sec IP Sec e.g. for anti-clogging, anti clogging, broader protection,<br />

multicast<br />

Use application security, e.g. s/mime, for non-repudiation,<br />

non repudiation,<br />

store-and store and-forward forward communication (not online)<br />

Beware of spoofing<br />

Many browsers allow hard-to hard to-detect detect spoofing<br />

Many users will not detect simple spoofing (similar URL)<br />

Web Spoofing Attack<br />

• Web spoofing attack:<br />

• Copy & modify target website<br />

• User visits the spoofing site<br />

• User exposes password, credit card<br />

numbers, etc.<br />

User is not aware<br />

Spoofing site can forward information<br />

to the target, to avoid detection<br />

Detect incorrect location (URL)?<br />

Most users do not notice<br />

Or – spoof the location bar too… too<br />

Client<br />

Spoofing<br />

site<br />

Bank<br />

site

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!