SlideShare una empresa de Scribd logo

Secure & authentication By Lai HIEU - eXo SEA

Descargar como PPT, PDF
Thuy_Dang
Thuy_Dang

This presentation comes from eXo Platform SEA by Lai Trung Hieu

TecnologíaEducación
1 de 34
Secure & Authentication of communication Lai Trung Hieu Collaboration Team
Introduction
DNS Spoofing
 
Website security indicators https://www.google.com/support/chrome/bin/answer.py?answer=95617&hl=en-US
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
Secure & Authentication
SSL story SSL was invented by Netscape Communications in 1994. May 1996, Internet Engineering Task Force (IETF) start to research TLS to be standardize SSL protocol. TLS then became an IETF standards track protocol . January 1999 TLS, 1.0 (SSL 3.1) first published in RFC 2246 1999 to be update version for SSL 3.0. April 2006, TLS 1.1 (SSL 3.2) August 2008 TLS 1.2 (SSL 3.3)
TLS/SSL fundamental Based on public key cryptography
Applications ,[object Object],[object Object],[object Object],[object Object],[object Object]
Digital certificate & PKI
Copyright 2010 eXo Platform SAS Digital certificate Electronic document which uses a digital signature to bind a public key with an identity
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Public key infrastructure Public & private key concept
 
An example conversation
Introduction {Some thing} information to be exchanged {Something}key information encrypted by key Digest[Something] make a digest for information
Digital signature Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! {digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
Exchange keys Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my public key. Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
Digital certificate Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
Nobita : Hi, Are you Doraemon? Xeko : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Xeko : ???
Exchange secret key(session key) Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key Nobita : Ok, Doreamon. Here is{secret key}Doraemon’s public key Doraemon : {blah blah}secret-key Nobita: {blah hihi}secret-key
Java security architecture overview
Copyright 2010 eXo Platform SAS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Basic Security Architecture
Copyright 2010 eXo Platform SAS
Cryptography • Message digest algorithms • Digital signature algorithms • Symmetric bulk encryption • Symmetric stream encryption • Asymmetric encryption • Password-based encryption (PBE) • Elliptic Curve Cryptography (ECC) • Key agreement algorithms • Key generators • Message Authentication Codes (MACs) • (Pseudo-)random number generator java.security java.crypto ,[object Object],[object Object],[object Object],[object Object]
Public Key Infrastructure ,[object Object],[object Object],[object Object],[object Object]
Authentication ,[object Object],[object Object],[object Object],[object Object]
Secure Communication ,[object Object],[object Object],[object Object],[object Object],[object Object]
Access Control ,[object Object],[object Object],[object Object]
eXo platform implementation
[object Object],[object Object],[object Object],[object Object]
Q & A
Thank you!

Recomendados

DDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internetDDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internet
Tom Paseka
 
Class Project Showcase: DNS Spoofing
Class Project Showcase: DNS SpoofingClass Project Showcase: DNS Spoofing
Class Project Showcase: DNS Spoofing
Beibei Yang
 
BCS_PKI_part1.ppt
BCS_PKI_part1.pptBCS_PKI_part1.ppt
BCS_PKI_part1.ppt
UskuMusku1
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
Olle E Johansson
 
15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept
Mostafa El Lathy
 
Pki by Steve Lamb
Pki by Steve LambPki by Steve Lamb
Pki by Steve Lamb
Information Security Awareness Group
 
Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy Nolan
Joao Galdino Mello de Souza
 
#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLS#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLS
Olle E Johansson
 

Recomendados

DDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internetDDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internet
Tom Paseka
 
Class Project Showcase: DNS Spoofing
Class Project Showcase: DNS SpoofingClass Project Showcase: DNS Spoofing
Class Project Showcase: DNS Spoofing
Beibei Yang
 
BCS_PKI_part1.ppt
BCS_PKI_part1.pptBCS_PKI_part1.ppt
BCS_PKI_part1.ppt
UskuMusku1
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
Olle E Johansson
 
15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept
Mostafa El Lathy
 
Pki by Steve Lamb
Pki by Steve LambPki by Steve Lamb
Pki by Steve Lamb
Information Security Awareness Group
 
Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy Nolan
Joao Galdino Mello de Souza
 
#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLS#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLS
Olle E Johansson
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
Venkatesh Iyer
 
Security via Java
Security via JavaSecurity via Java
Security via Java
Bahaa Zaid
 
HTTPS, Here and Now
HTTPS, Here and NowHTTPS, Here and Now
HTTPS, Here and Now
Philippe De Ryck
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
Sylvain Maret
 
Introduction to Cryptography.pptx
Introduction to Cryptography.pptxIntroduction to Cryptography.pptx
Introduction to Cryptography.pptx
ssuser62852e
 
[Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things![Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things!
OWASP
 
Network security
Network securityNetwork security
Network security
Dhaval Kaneria
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSecure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Sylvain Maret
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
BU
 
Ip sec talk
Ip sec talkIp sec talk
Ip sec talk
anoean
 
SSL/TLS for Mortals (Voxxed Days Luxembourg)
SSL/TLS for Mortals (Voxxed Days Luxembourg)SSL/TLS for Mortals (Voxxed Days Luxembourg)
SSL/TLS for Mortals (Voxxed Days Luxembourg)
Maarten Mulders
 
SSL
SSLSSL
SSL
theekuchi
 
The new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiThe new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pki
Nathan Winters
 
#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS
Olle E Johansson
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
SSL247®
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
Toni de la Fuente
 
8.X Sec & I Pv6
8.X Sec & I Pv68.X Sec & I Pv6
8.X Sec & I Pv6
phanleson
 
Web cryptography javascript
Web cryptography javascriptWeb cryptography javascript
Web cryptography javascript
Jose Manuel Ortega Candel
 
Web Security
Web SecurityWeb Security
Web Security
Ram Dutt Shukla
 
MEET-BIS Vietnam TOR_ ES_2013
MEET-BIS Vietnam TOR_ ES_2013MEET-BIS Vietnam TOR_ ES_2013
MEET-BIS Vietnam TOR_ ES_2013
Thuy_Dang
 
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEAScala - By Luu Thanh Thuy CWI team from eXo Platform SEA
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
Thuy_Dang
 

Más contenido relacionado

Similar a Secure & authentication By Lai HIEU - eXo SEA

Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
Toni de la Fuente
 
8.X Sec & I Pv6
8.X Sec & I Pv68.X Sec & I Pv6
8.X Sec & I Pv6
phanleson
 

Similar a Secure & authentication By Lai HIEU - eXo SEA (20)

Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
 
Security via Java
Security via JavaSecurity via Java
Security via Java
 
HTTPS, Here and Now
HTTPS, Here and NowHTTPS, Here and Now
HTTPS, Here and Now
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
 
Introduction to Cryptography.pptx
Introduction to Cryptography.pptxIntroduction to Cryptography.pptx
Introduction to Cryptography.pptx
 
[Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things![Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things!
 
Network security
Network securityNetwork security
Network security
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSecure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
Ip sec talk
Ip sec talkIp sec talk
Ip sec talk
 
SSL/TLS for Mortals (Voxxed Days Luxembourg)
SSL/TLS for Mortals (Voxxed Days Luxembourg)SSL/TLS for Mortals (Voxxed Days Luxembourg)
SSL/TLS for Mortals (Voxxed Days Luxembourg)
 
SSL
SSLSSL
SSL
 
The new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiThe new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pki
 
#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
 
8.X Sec & I Pv6
8.X Sec & I Pv68.X Sec & I Pv6
8.X Sec & I Pv6
 
Web cryptography javascript
Web cryptography javascriptWeb cryptography javascript
Web cryptography javascript
 
Web Security
Web SecurityWeb Security
Web Security
 

Más de Thuy_Dang

MEET-BIS Vietnam TOR_ ES_2013
MEET-BIS Vietnam TOR_ ES_2013MEET-BIS Vietnam TOR_ ES_2013
MEET-BIS Vietnam TOR_ ES_2013
Thuy_Dang
 
Os gi introduction made by Ly MInh Phuong-SOC team
Os gi introduction made by Ly MInh Phuong-SOC teamOs gi introduction made by Ly MInh Phuong-SOC team
Os gi introduction made by Ly MInh Phuong-SOC team
Thuy_Dang
 

Más de Thuy_Dang (13)

MEET-BIS Vietnam TOR_ ES_2013
MEET-BIS Vietnam TOR_ ES_2013MEET-BIS Vietnam TOR_ ES_2013
MEET-BIS Vietnam TOR_ ES_2013
 
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEAScala - By Luu Thanh Thuy CWI team from eXo Platform SEA
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
 
Shell scripting - By Vu Duy Tu from eXo Platform SEA
Shell scripting - By Vu Duy Tu from eXo Platform SEAShell scripting - By Vu Duy Tu from eXo Platform SEA
Shell scripting - By Vu Duy Tu from eXo Platform SEA
 
AOP-IOC made by Vi Quoc Hanh and Vu Cong Thanh in SC Team
AOP-IOC made by Vi Quoc Hanh and Vu Cong Thanh in SC TeamAOP-IOC made by Vi Quoc Hanh and Vu Cong Thanh in SC Team
AOP-IOC made by Vi Quoc Hanh and Vu Cong Thanh in SC Team
 
Mcf presentation by Hai NGUYEN-Portal team
Mcf presentation by Hai NGUYEN-Portal teamMcf presentation by Hai NGUYEN-Portal team
Mcf presentation by Hai NGUYEN-Portal team
 
Web accessibility developers by Bao AN - eXo SEA
Web accessibility developers by Bao AN - eXo SEAWeb accessibility developers by Bao AN - eXo SEA
Web accessibility developers by Bao AN - eXo SEA
 
SEO presentation By Dang HA - ECM team
SEO presentation By Dang HA - ECM teamSEO presentation By Dang HA - ECM team
SEO presentation By Dang HA - ECM team
 
Xss.e xopresentation from eXo SEA
Xss.e xopresentation from eXo SEAXss.e xopresentation from eXo SEA
Xss.e xopresentation from eXo SEA
 
Lotus Collaboration by Le Thanh Quang in CT
Lotus Collaboration by Le Thanh Quang in CT Lotus Collaboration by Le Thanh Quang in CT
Lotus Collaboration by Le Thanh Quang in CT
 
Regular expression made by To Minh Hoang - Portal team
Regular expression made by To Minh Hoang - Portal teamRegular expression made by To Minh Hoang - Portal team
Regular expression made by To Minh Hoang - Portal team
 
Os gi introduction made by Ly MInh Phuong-SOC team
Os gi introduction made by Ly MInh Phuong-SOC teamOs gi introduction made by Ly MInh Phuong-SOC team
Os gi introduction made by Ly MInh Phuong-SOC team
 
eXo Presentation: Bonita by Nguyen Anh Vu
eXo Presentation: Bonita by Nguyen Anh VueXo Presentation: Bonita by Nguyen Anh Vu
eXo Presentation: Bonita by Nguyen Anh Vu
 
Chromattic usage in eXo Social
Chromattic usage in eXo SocialChromattic usage in eXo Social
Chromattic usage in eXo Social
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Último (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Secure & authentication By Lai HIEU - eXo SEA

  • 1. Secure & Authentication of communication Lai Trung Hieu Collaboration Team
  • 4.  
  • 5. Website security indicators https://www.google.com/support/chrome/bin/answer.py?answer=95617&hl=en-US
  • 6.
  • 8. SSL story SSL was invented by Netscape Communications in 1994. May 1996, Internet Engineering Task Force (IETF) start to research TLS to be standardize SSL protocol. TLS then became an IETF standards track protocol . January 1999 TLS, 1.0 (SSL 3.1) first published in RFC 2246 1999 to be update version for SSL 3.0. April 2006, TLS 1.1 (SSL 3.2) August 2008 TLS 1.2 (SSL 3.3)
  • 9. TLS/SSL fundamental Based on public key cryptography
  • 10.
  • 12. Copyright 2010 eXo Platform SAS Digital certificate Electronic document which uses a digital signature to bind a public key with an identity
  • 13.
  • 14. Public key infrastructure Public & private key concept
  • 15.  
  • 17. Introduction {Some thing} information to be exchanged {Something}key information encrypted by key Digest[Something] make a digest for information
  • 18. Digital signature Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! {digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
  • 19. Exchange keys Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my public key. Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
  • 20. Digital certificate Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
  • 21. Nobita : Hi, Are you Doraemon? Xeko : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Xeko : ???
  • 22. Exchange secret key(session key) Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key Nobita : Ok, Doreamon. Here is{secret key}Doraemon’s public key Doraemon : {blah blah}secret-key Nobita: {blah hihi}secret-key
  • 24.
  • 25. Copyright 2010 eXo Platform SAS
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 32.
  • 33. Q & A