INFORMATION SECURITY (CS) TWO MARK QUESTIONS AND .. But note : Even if the possibilities are reduced to one of two messages of equal .. SECURITY TME: am – am SUB CODE: CS CLASS / SEM: ME / I . NE Networking And Information Security Notes. Click Below Links to CP Advanced Operating System Notes. CLICK BELOW LINK. SE Object Oriented Software Engineering NOTES CLICK BELOW LINK TO DOWNLOAD CS NETWORK SECURITY NOTES.
|Published (Last):||6 October 2006|
|PDF File Size:||2.81 Mb|
|ePub File Size:||15.38 Mb|
|Price:||Free* [*Free Regsitration Required]|
SVCE | Department of Computer Science and Engineering
Short note on confidentiality and integrity. Confidentiality is the concealment of information or resources. The need for keeping information secret arises from the use of computers in sensitive fields such as government and industry. Integrity refers to the trustworthiness of data or resources, and it is usually phrased in terms of preventing improper or unauthorized change. Integrity mechanisms fall into two classes: Differentiate Denial of receipt and Denial of service. Denial of receipta false denial that an entity received some information or message, is a form of deception.
Suppose a customer orders an expensive product, but the vendor demands payment before shipment. Denial of servicea long-term inhibition of service, is a form of usurpation, although it is often used with other mechanisms to deceive. The attacker prevents a server from providing a service.
Write the trusting that mechanisms work requires several assumptions. Trusting that mechanisms work requires several assumptions. Short note on Protection State. The state of a system is the collection of the current values of all memory locations, all secondary storage, and all registers and other components of the system.
The subset of this collection that deals with protection is the protection state of the system.
biological databases lecture notes
An access control matrix is one tool xs9224 can describe the current protection state. Write about Principle of Attenuation of Privilege. Principle of Attenuation of Privilege. A subject may not give rights it does not possess to another. Write the types of Security Policies. List out the Types of Access Control. Define interchange key and session key. Short note on cryptographic checksum function. The initial phase of session setup uses a public key cryptosystem to exchange keys.
The messages are enciphered using a classical cipher and are checksummed using a cryptographic checksum. Write an Overview securiity Computer Security with neat examples. Computer security rests on confidentiality, integrity, and availability. Integrity cs92224 data integrity the content of the information and origin integrity the source of the data, often called authentication.
Availability refers to the ability to use the information or resource desired. Availability is an important aspect of reliability as well as of system design because an unavailable system is at least as bad as no system at all. An information transfer path is a sequence of objects o 1The ring policy ignores the issue of indirect modification and focuses on direct modification only. This solves the problems described above. The rules are as follows. Any subject may read any object, regardless of integrity levels.
Lipner provides two security levels, in the following order higher to lower: He similarly defined five categories: Write about the Key Exchange and key generation. The goal of key exchange letcure to enable Alice to communicate secretly to Bob, and vice versa, using a shared cryptographic key. Solutions to securlty problem must meet the following criteria. The key that Alice and Bob are to share cannot be transmitted in the clear.
Either it must be enciphered when sent, or Alice and Bob must derive it without an exhange of data from which the key can be derived. Alice and Bob can exchange data, but a third party cannot derive the key from the data exchanged. Alice and Bob may decide to trust a third party called “Cathy” here. The cryptosystems and inforjation are publicly known. The only secret data is to be the cryptographic cz9224 involved. The secrecy that cryptosystems inofrmation resides in the selection of the cryptographic key.
Informatkon strong mixing function is a function of two or more inputs that produces an output each bit of. List out the authentication system consisting of five components. The set A of authentication information is the set of specific information with which entities prove their identities.
The set C of complementary information is the set of information that the system stores and uses to validate the authentication information. The set F of complementation functions that generate the complementary information from the authentication information. That is, for f F, f: The set L of authentication functions that verify identity. That is, for l L, l: The set S of selection functions that infromation an entity to create or alter the authentication and complementary information. What is proactive password checker?
A proactive password checker is software that enforces specific restrictions on the selection of new passwords. Distinguish between the authentication policy and issuance policy.
Define the State and Cookies. A message given to a Web browser by a Web server. The browser niformation the message in a text file. The message is then sent back to the server each time the browser requests a page lectre the server.
Explaion about the locks and keys technique. The locks and keys technique combines features of access control lists and capabilities. A piece of information the lock is associated with the object and a second piece of information the key is associated with those subjects authorized to access the object and the manner in which they are allowed to access the object.
Write about the Confinement Flow Model. O x O is a relation with ab if and only if information can flow from a to b ; and, for each a Oconfine a is a pair a La U SC I x SC Iwith a L I a Uand the interpretation that for a Oif x a Uinformation can flow from x to aand if a L xinformation can flow from a to x. Draw the use of an SPI to check for corrupted files. Use of an SPI to check for corrupted files.
Write the covert channel. A covert storage channel uses an attribute of the shared resource.
A covert timing channel uses a temporal or ordering relationship among accesses to a shared resource. Define noiseless covert channel. A noiseless covert channel is a covert channel that uses a resource available to the sender and receiver only. A noisy covert channel is a covert channel that uses a resource available to subjects other than the sender and receiver, as well as to the sender and receiver. Short note on Copying and Amplifying Capabilities.
The ability to copy capabilities implies the ability to give rights. To prevent processes from indiscriminately noes away rights, a copy flag is associated with capabilities. A process cannot copy a capability to another process unless the copy flag is set.
If the process does copy the capability, the copy flag may be turned off at the discretion of either the process or the kernel.
Brief the Biometrics common charecteristics. Biometrics is the automated measurement of biological or behavioral features that identify a person. When a user is given an account, the system administration takes a set of measurements that identify that user to an acceptable degree of error.
Whenever the user accesses the system. Keystrokes – Keystroke dynamics requires a signature based on securty intervals, keystroke pressure, keystroke duration, and where the key is struck on the edge or in the middle.
This signature is believed to be unique in the same way that written signatures are unique. Explain about the Representing Identity. The theme of identity runs throughout humanity’s experience, and computers are no exception. In computer science, an identity is the basis for assignment of privileges and is integral in the designation of a protection domain.
An identity specifies a principal. The identity of a file or other entity here called an “object” depends secuurity the system that contains the object. Specific systems may add additional constraints.
Systems lectre user identity in a number of different ways. Indeed, the securityy system may use different representations of identity in different contexts. The “entity” may be a set of entities referred to by a single identifier. The members of the set must be distinguishable, but the set may have an identity separate from any of its elements.
A CA authentication policy describes the level of authentication required to identify the principal to whom the certificate is to be issued. A CA issuance policy describes the principals to whom the CA will issue certificates.