Cryptographic Tasks What is the difference between passive and active security threats? - Review Gadget Terbaru Fajar Nugraha Wahyu

Breaking

Monday 20 March 2017

Cryptographic Tasks What is the difference between passive and active security threats?



Cryptographic Tasks


Arranged by :

Fajar Nugraha Wahyu                             (11140910000013)

                                      



JURUSAN TEKNIK INFORMATIKA
FAKULTAS SAINS DAN TEKNOLOGI
UIN SYARIFHIDAYATULLAH
JAKARTA
2017



1.      What is the OSI security architecture?

The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. The document defines security attacks, mechanisms, and services, and the relationships among these categories.

2.      What is the difference between passive and active security threats?
Passive attacks have to do with eavesdropping on, or monitoring, transmissions. Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored.
Active attacks include the modification of transmitted data and attempts to gain unauthorized access to computer systems.

3.      List and briefly define categories of passive and active security attacks.
Passive attacks : release of message contents and traffic analysis. Active attacks : masquerade, replay, modification of messages, and denial of service.

4.      List and briefly define categories of security services.
Authentication: The assurance that the communicating entity is the one that it claims to be.
Access control: The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do).
Data confidentiality: The protection of data from unauthorized disclosure.
Data integrity: The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).
Nonrepudiation: Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.
Availability service: The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system (i.e., a system is available if it provides services according to the system design whenever users request them).

5.      List and briefly define categories of security mechanisms.
Encipherment
The use of mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys.
Digital Signature
Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery (e.g., by the recipient).
Access Control
A variety of mechanisms that enforce access rights to resources.
Data Integrity
A variety of mechanisms used to assure the integrity of a data unit or stream of data units.
Authentication Exchange
A mechanism intended to ensure the identity of an entity by means of information exchange.
Traffic Padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
Routing Control
Enables selection of particular physically secure routes for certain data and allows routing changes, especially when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain properties of a data exchange.
Trusted Functionality
That which is perceived to be correct with respect to some criteria (e.g., as established by a security policy).
Security Label
The marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource.
Event Detection
Detection of security-relevant events.
Security Audit Trail
Data collected and potentially used to facilitate a security audit, which is an independent review and examination of system records and activities.
Security Recovery
Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions.


Problems
1.1  Draw a matrix similar to Table 1.4 that shows the relationship between security services and attacks.
                                                                      Attack
Service
Release of Message
Traffic Analysis
Masquerade
Replay
Modification of Message
Denial of Service
Peer entity authentication


Y



Data origin authentication


Y



Access control


Y



Confidentiality
Y





Traffic flow confidentiality

Y




Data integrity



Y
Y

Nonrepudiation


Y



Availability





Y


1.2  Draw a matrix similar to Table 1.4 that shows the relationship between security mechanisms and attacks.
                                                                      Attack
Service
Release of Message
Traffic Analysis
Masquerade
Replay
Modification of Message
Denial of Service
Encipherment
Y





Digital Signature


Y
Y
Y

Access Control
Y
Y
Y
Y

Y
Data Integrity



Y
Y

Authentication Exchange
Y

Y
Y

Y
Traffic Padding

Y




Routing Control
Y
Y



Y
Notarization


Y
Y
Y

Top of Form
Bottom of Form

No comments:

Post a Comment