Mạng máy tính 1 - Chương XII: Aan ninh mạng cục bộ không dâyWPA là một giải pháp tình thế WPA2 là chuẩn IEEE 802.11i 802.11i dùng khái niệm an ninh mạng mạnh mẽ(RSN -Robust Security Network) Khác biệt lớn nhất: AES được dùng cho mã hóa Mã hóa AES được thực hiện trong phần cứng Đòi hỏi bộ xử lý mạnh hơn
38 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 137 | Lượt tải: 0
Mạng máy tính 1 - Chapter 11: Malicious softwarethree broad lines of defense: 1. attack prevention & preemption (before) 2. attack detection & filtering (during) 3. attack source traceback & ident (after) huge range of attack possibilities hence evolving countermeasures
28 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 137 | Lượt tải: 0
Mạng máy tính 1 - Chapter 10: FirewallsEvolution of information systems Now everyone want to be on the Internet Interconnect networks has persistent security concerns ▫ can’t easily secure every system typically use a Firewall to provide perimeter defence as part of comprehensive security strategy
32 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 123 | Lượt tải: 0
Mạng máy tính 1 - Chapter 9: Intrudersmost promising approach to improving password security allow users to select own password but have system verify it is acceptable ▫ simple rule enforcement (see earlier slide) ▫ compare against dictionary of bad passwords ▫ use algorithmic (markov model or bloom filter) to detect poor choices
25 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 126 | Lượt tải: 0
Mạng máy tính 1 - Chapter 8: IP securityInternet Security Association and Key Management Protocol provides framework for key management defines procedures and packet formats to establish, negotiate, modify, & delete SAs independent of key exchange protocol, encryption alg, & authentication method
20 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 132 | Lượt tải: 0
Mạng máy tính 1 - Chapter 7: Web securitymerchant sends payment gateway a payment capture request gateway checks request then causes funds to be transferred to merchants account notifies merchant using capture response
27 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 124 | Lượt tải: 0
Mạng máy tính 1 - Chapter 6: Electronic mail securityDoes not rely on certificate authorities in PGP every user is own CA ▫ can sign keys for users they know directly (certificates are like X.509) forms a “web of trust” ▫ trust keys have signed ▫ can trust keys others have signed if have a chain of signatures to them key ring includes trust indicators users can also revoke their keys
26 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 123 | Lượt tải: 0
Mạng máy tính 1 - Chapter 5: Digital signatures(Step 1) Key generation: Every entity generates a public-private key pair ▫ choose a random private key ▫ compute the public key (Step 2) Registration: Every entity should ▫ provide proof of their identity (to the CA) (Step 3) Obtain certificate from the CA ▫ CA signs a certificate which binds the identity of A to A’s public key
23 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 136 | Lượt tải: 0
Mạng máy tính 1 - Chapter 4: Message authenticationSheart of the algorithm processing message in 1024-bit blocks consists of 80 rounds ▫ updating a 512-bit buffer ▫ using a 64-bit value Wt derived from the current message block ▫ and a round constant based on cube root of first 80 prime numbers
32 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 138 | Lượt tải: 0
Mạng máy tính 1 - Chapter 3: Public key cryptographyBased on the difficulty of discrete log problem (like DH) All entities agree on a prime p (say 200 digits long) and a generator g Alice chooses a random value a as her private key (a < p also has typically the same number of digits as p) Alice compute α = ga mod p as her public key
67 trang | Chia sẻ: nguyenlam99 | Ngày: 10/01/2019 | Lượt xem: 130 | Lượt tải: 0
