type remailer Columbus State University

Document Sample
type remailer Columbus State University Powered By Docstoc
					Chapter 14: Representing Identity



             Dr. Wayne Summers
       Department of Computer Science
          Columbus State University
        Summers_wayne@colstate.edu
        http://csc.colstate.edu/summers
                                                    2
Representing Identity
 Principal - unique entity (ex. File, user)
 Identity - specifies a principal (ex. Filename,
  UID)
 Authentication binds a principal to a
  representation of identity internal to the
  computer
 Principals may be grouped into sets called
  groups
 Role – type of group that ties membership to
  function
                                                                      3
Naming and Certificates
 Certificate – mechanism for binding
  cryptographic keys to identifiers
   – X.509v3 certificates use Distinguished Names: /O=Columbus
     State University/OU=Computer Science Dept/CN=Wayne
     Summers

 CA authentication policy
   – describes the level of authentication required to identify the
     principal to whom the certificate is to be issued
   – Defines the way in which principals prove their identity

 CA issuance policy describes the principals to whom the
  CA will issue certificates
                                                                           4
Identity on the Web
 Host Identity
   – Ethernet (MAC) address: 00-07-E9-72-B3-75
   – IP address: 192.168.0.3
   – Host name: jaring.colstate.edu

 Static & Dynamic Identifiers
   –   ARP (maps MAC and IP addresses)
   –   DNS (maps IP addresses and host names)
   –   DHCP – provides a dynamic IP address
   –   NAT (Network Address Translation): router that translates
       between external and internal (private) addresses (e.g. 10.x.y.z)
                                                                                  5
Identity on the Web
 State and Cookies
   – Cookie – token that contains information about the state of a
     transaction on a network
       •   name and associated value are encoded to represent the state
       •   Expiration field indicates when the cookie is valid
       •   Domain indicates for which domain the cookie is intended
       •   Path restricts the dissemination of the cookie within the domain
       •   Secure field restricts the use of the cookie to over SSL connections
           only
                                                      6
Anonymity on the Web
 Anonymizer – site that hides the origin of the
  connection (similar to a proxy server)
 Pseudo-anonymous remailer – remailer that
  replaces the originating e-mail address before it
  forwards the e-mail but keeps the mappings
 Cyberpunk (type 1) remailer – strips the header
  before forwarding
 Mixmaster (type 2) remailer- Cyperpunk
  remailer that only handles enciphered messages
  and pads messages to a fixed size before
  sending them

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:3
posted:10/7/2012
language:English
pages:6