想从安全概念的演化来看 车用 通信保密,50s,60s, 计算机安全,70s,80s 信息安全,80s,90s 民用 ·信息保障 安全技术=军火 出口限制 復大辱软件学院
11 从安全概念的演化来看 • 通信保密, 50s, 60s, • 计算机安全, 70s, 80s • 信息安全, 80s, 90s • 信息保障 安全技术 = 军火 出口限制 军用 民用
本课着重讨论:Web&Ec ·安全性 Confidentiality integrity denial of service Authentication 隐私保护(双重数字签名) 法律问题 12 復大辱软件学院
12 本课着重讨论:Web&EC • 安全性 – Confidentiality – integrity – denial of service – Authentication • 隐私保护(双重数字签名) • 法律问题
Outline Web EC Security Considerations Definitions, web, EC threats Secure Socket Layer(SsL) and Transport Layer Security(TLs) Secure Electronic Transaction(SET 13 復大辱软件学院
13 Outline • Web & EC Security Considerations – Definitions: web, EC – threats • Secure Socket Layer (SSL) and Transport Layer Security (TLS) • Secure Electronic Transaction (SET)
ota Security facilities in TCP/IP HttpfTpsmTp S/MIME PGP SET Http Ftp SmtP SSL or tls Kerberos SMTP Http TCP TCP UDP TCP IP/IPSec IP IP (a) Network Level (b)Transport Level (c)Application Level 復大辱软件学院
14 Security facilities in TCP/IP
SSL and tls originally developed by Netscape subsequently became Internet standard known as TLs (Transport Layer Security) TLS working group was formed within IETF SsL has two layers of protocols First version of TLs v1.0(1999 )can be vⅰ ewed as an sslv3.1 15 復大辱软件学院
15 SSL and TLS • originally developed by Netscape • subsequently became Internet standard known as TLS (Transport Layer Security) • TLS working group was formed within IETF • SSL has two layers of protocols • First version of TLS V1.0 (1999) can be viewed as an SSLv3.1