Computer Security
VerifiedAdded on 2023/06/15
|27
|7709
|240
AI Summary
This module covers topics like access control matrix, malware, buffer overflow, type safety, biometric system and more. It discusses the advantages and disadvantages of access control list and capability, role of security reference monitor, security identifiers, and access control model. It also covers virtual and physical address, privileges level, and DMA attack. Additionally, it talks about password risk reduction, biometric system components, and S-KEY one-time password system.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: Computer Security
Computer security
Computer security
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Computer Security 2
Computer Security 3
Table of Contents
I Module...................................................................................................................................................3
II Module.................................................................................................................................................7
III Module.............................................................................................................................................11
IV Module.............................................................................................................................................16
V Module..............................................................................................................................................20
References..............................................................................................................................................25
Table of Contents
I Module...................................................................................................................................................3
II Module.................................................................................................................................................7
III Module.............................................................................................................................................11
IV Module.............................................................................................................................................16
V Module..............................................................................................................................................20
References..............................................................................................................................................25
Computer Security 4
I Module
Answer to question no. 1
(a)Access control matrix- It is a security model used for protection of computer system which
defines the right of each object in the system. It is an array to keep the data secure like date,
time, location, identity and previous records and information is safeguarded from everyone
except the one who need to low. This approach is used in practise as it provides permission of
concrete access. Access to any type of information is regulated by access control matrix and
limits electronic access to a network, computer, and digital file by an unauthorised user.
(b) Access control list (ACL) store column of matrix with the resource and widely used in
groups where in capabilities are used to hold a ticket to use each of the resource. Access
control list is associated with each object in the system and provide authentication to object in
the list. Capabilities are random bit of sequence which is managed by operating System which
can be passed from one process to another. ACL and capability is related to Access control
matrix as it indicates who is allowed to perform, what function can be done,who can read,
write or manipulate the information.
Advantages and Disadvantages- ACL has set of accessible objects which are not bounded and
is based on the users, but in case of ACL there are chances of worms, virus and stack overflow
attacks. In case of Capability every process has a specific set of access rights also deleting a
operator from the list to access the resource can’t be done by capability. In short it provides
varying levels of security and prevention from thefts.
(c) Windows access control system out performs todays standard offerings in terms of
expandability, flexibility and performance. Windows access control system is based on
latest .net software platform. Process- It segregates all the information of its security token
STS, STS access an incorruptible gateway within an authentication system. Future, security
token is a digital key which authorize a person access to security gate.
I Module
Answer to question no. 1
(a)Access control matrix- It is a security model used for protection of computer system which
defines the right of each object in the system. It is an array to keep the data secure like date,
time, location, identity and previous records and information is safeguarded from everyone
except the one who need to low. This approach is used in practise as it provides permission of
concrete access. Access to any type of information is regulated by access control matrix and
limits electronic access to a network, computer, and digital file by an unauthorised user.
(b) Access control list (ACL) store column of matrix with the resource and widely used in
groups where in capabilities are used to hold a ticket to use each of the resource. Access
control list is associated with each object in the system and provide authentication to object in
the list. Capabilities are random bit of sequence which is managed by operating System which
can be passed from one process to another. ACL and capability is related to Access control
matrix as it indicates who is allowed to perform, what function can be done,who can read,
write or manipulate the information.
Advantages and Disadvantages- ACL has set of accessible objects which are not bounded and
is based on the users, but in case of ACL there are chances of worms, virus and stack overflow
attacks. In case of Capability every process has a specific set of access rights also deleting a
operator from the list to access the resource can’t be done by capability. In short it provides
varying levels of security and prevention from thefts.
(c) Windows access control system out performs todays standard offerings in terms of
expandability, flexibility and performance. Windows access control system is based on
latest .net software platform. Process- It segregates all the information of its security token
STS, STS access an incorruptible gateway within an authentication system. Future, security
token is a digital key which authorize a person access to security gate.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Computer Security 5
Role of Security Reference Monitor (SRM)- It defines set of access control policies on a
system to ensure access by authenticated user. It provides sequence to work with access
control.
Role of Access Control Lists(ACLs) and Access Control Entries (ACEs) – ACL is sued to
determine which object has what security and defines what functions can be done future who
can read, write or manipulate the information. ACEs are entries in access control list which
contains the access rights information related to each user in the system.
Role of Security Identifiers (SIDs)- Each user is linked to a unique Id which is used to
authorizing the identity of a user uniquely.
(d) Access control model for information is used for protecting resource and also control the
permission of the file. It focuses on security issues using security labels that denote security
classes. Security label is a gate for the sensitivity of data, if the user don’t clear the gate it
cannot access the information of the system (Choi & Kim, 2014).
Answer to question no. 3
(a) Malware is also known as ‘malicious software’. It often gets installed in our computers
without our prior knowledge and decreases the performance of the system, redirects to other
pages automatically and so on. Malware do things like stealing personal information like credit
cards numbers or password delete some information; attack other network or sending spam
mails. Some examples are viruses, worms, spyware, adware and Trojans. Viruses are software
that are created to damage or harm the system where in Worms infects computer and make it
very slow.
(b) Real life example of worm and viruses: MyDoom it is spreading via E-mail, it is junk in a
amil file it progates in other system and injects the other system also. Sasser is a worm which
spreads and inject the system by scanning the IP address and downloading the virus I the
personal systems.
Role of Security Reference Monitor (SRM)- It defines set of access control policies on a
system to ensure access by authenticated user. It provides sequence to work with access
control.
Role of Access Control Lists(ACLs) and Access Control Entries (ACEs) – ACL is sued to
determine which object has what security and defines what functions can be done future who
can read, write or manipulate the information. ACEs are entries in access control list which
contains the access rights information related to each user in the system.
Role of Security Identifiers (SIDs)- Each user is linked to a unique Id which is used to
authorizing the identity of a user uniquely.
(d) Access control model for information is used for protecting resource and also control the
permission of the file. It focuses on security issues using security labels that denote security
classes. Security label is a gate for the sensitivity of data, if the user don’t clear the gate it
cannot access the information of the system (Choi & Kim, 2014).
Answer to question no. 3
(a) Malware is also known as ‘malicious software’. It often gets installed in our computers
without our prior knowledge and decreases the performance of the system, redirects to other
pages automatically and so on. Malware do things like stealing personal information like credit
cards numbers or password delete some information; attack other network or sending spam
mails. Some examples are viruses, worms, spyware, adware and Trojans. Viruses are software
that are created to damage or harm the system where in Worms infects computer and make it
very slow.
(b) Real life example of worm and viruses: MyDoom it is spreading via E-mail, it is junk in a
amil file it progates in other system and injects the other system also. Sasser is a worm which
spreads and inject the system by scanning the IP address and downloading the virus I the
personal systems.
Computer Security 6
(d) (i) Buffer overflow is when data overwrites the memory locations as there is no space
available in the memory. Attacker uses this for purposely for crashing the target system as
buffer overflow leads to changing the layout of a program by replacing it with some malicious
code. Buffer overflow is one of the weaknesses of security as it enables hacker to modify the
internal variables. It leads to vulnerabilities as the additional data may contain malicious code
which may result in unofficial access to the organization. Attacker tries to exploit the buffer
overflow to change the architecture and operating system.
(ii) To reduce the risk of buffer overflow process known as fuzzing is used to check if the
system accepts additional data or not. Stack Guard is a complier used to prevent and stop
stack buffer overflow. If the attacker tries to overwrite the buffer section, it won’t be possible.
Other than that there are some tools used to identify buffer overflow. Functions like strncpy()
is used for prevention as it examine and eliminates bugs from the software. As removing bugs
from a program is not feasible but using these functions it is possible to some extent.
(e) Type safety is used to prevent type errors that usually occur due to different data types. It
ensures that the program is well defined and behaves properly. C, C++ is not at type safe
language wherein the platform of Java, Python and Ruby is type safe. Type safety ensures that
operations of an object are always compatible and the program will not go wrong at the run
time. It is useful as it shows the strength by enforcing variants in the program, and enforces
abstract types which characterize the modules and keep it hidden from clients.Type safety
enforces garbage collection which avoids temporal violations of memory but uses more
memory.
Answer to question no. 4
(a) An address is used to refer to a location in computer memory
(i) Fundamental difference between virtual and physical address is that virtual address is
generated during the execution of a program by CPU. It is not possible to access the physical
address directly by the user where logical address can be used to access the physical address.
(d) (i) Buffer overflow is when data overwrites the memory locations as there is no space
available in the memory. Attacker uses this for purposely for crashing the target system as
buffer overflow leads to changing the layout of a program by replacing it with some malicious
code. Buffer overflow is one of the weaknesses of security as it enables hacker to modify the
internal variables. It leads to vulnerabilities as the additional data may contain malicious code
which may result in unofficial access to the organization. Attacker tries to exploit the buffer
overflow to change the architecture and operating system.
(ii) To reduce the risk of buffer overflow process known as fuzzing is used to check if the
system accepts additional data or not. Stack Guard is a complier used to prevent and stop
stack buffer overflow. If the attacker tries to overwrite the buffer section, it won’t be possible.
Other than that there are some tools used to identify buffer overflow. Functions like strncpy()
is used for prevention as it examine and eliminates bugs from the software. As removing bugs
from a program is not feasible but using these functions it is possible to some extent.
(e) Type safety is used to prevent type errors that usually occur due to different data types. It
ensures that the program is well defined and behaves properly. C, C++ is not at type safe
language wherein the platform of Java, Python and Ruby is type safe. Type safety ensures that
operations of an object are always compatible and the program will not go wrong at the run
time. It is useful as it shows the strength by enforcing variants in the program, and enforces
abstract types which characterize the modules and keep it hidden from clients.Type safety
enforces garbage collection which avoids temporal violations of memory but uses more
memory.
Answer to question no. 4
(a) An address is used to refer to a location in computer memory
(i) Fundamental difference between virtual and physical address is that virtual address is
generated during the execution of a program by CPU. It is not possible to access the physical
address directly by the user where logical address can be used to access the physical address.
Computer Security 7
Physical address deals with load time address binding wherein virtual address deals with
compile time address binding.
(ii) Using Virtual management system is very important as it helps in clearing the shared
memory space. Also if the application is not in use, freeing it in turn increase memory isolation
by using the technique of paging. (a) It eliminates the concept of external fragmentation as
pages are mapped automatically. (b) Also allocating the memory is cheap and efficient and is
part of memory management as it creates virtual memory space for the system.
(b) (i) Privileges level are used by processor to grant different access rights to the user. As each
user cannot be granted with all the permission, thus using these privileges level by the
processor limited access is provided.
(ii) There are three privileges level, zero level allow the user to access all the commands and
information, then user level is used to provide limited access to user by granting read only
permission, then last is privileged level that grants complete control over the system.
(iii) The new Intel processor privilege level has four levels now, in which an zero level is
assigned to operating system of kernel and ring 3 is used by users. If a program is designed to
operate in zero level it cannot be used outside the assigned privilege level.
(c)(i) DMA is an attack which violets computer security as an attacker can penetrate in the
system. If a device is using DMA an unimpeded access to some address space would bypass
security measures by installing malwares in the system, access the encryption keys violating
confidentiality. Other than that a proper synchronization mechanism is needed in the device to
avoid accessing non updated information. It sometimes leads to cache coherency problem if
the data stored in RAM is not updates with the correct data in cache.
(ii) Intel Trusted Execution Technology (Intel TXT) has primarily goals of providing
authenticity to operating system and creates a secure environment. Intel processor partitions the
protected data, the protected partition cannot be modified from other processor thus protect it
Physical address deals with load time address binding wherein virtual address deals with
compile time address binding.
(ii) Using Virtual management system is very important as it helps in clearing the shared
memory space. Also if the application is not in use, freeing it in turn increase memory isolation
by using the technique of paging. (a) It eliminates the concept of external fragmentation as
pages are mapped automatically. (b) Also allocating the memory is cheap and efficient and is
part of memory management as it creates virtual memory space for the system.
(b) (i) Privileges level are used by processor to grant different access rights to the user. As each
user cannot be granted with all the permission, thus using these privileges level by the
processor limited access is provided.
(ii) There are three privileges level, zero level allow the user to access all the commands and
information, then user level is used to provide limited access to user by granting read only
permission, then last is privileged level that grants complete control over the system.
(iii) The new Intel processor privilege level has four levels now, in which an zero level is
assigned to operating system of kernel and ring 3 is used by users. If a program is designed to
operate in zero level it cannot be used outside the assigned privilege level.
(c)(i) DMA is an attack which violets computer security as an attacker can penetrate in the
system. If a device is using DMA an unimpeded access to some address space would bypass
security measures by installing malwares in the system, access the encryption keys violating
confidentiality. Other than that a proper synchronization mechanism is needed in the device to
avoid accessing non updated information. It sometimes leads to cache coherency problem if
the data stored in RAM is not updates with the correct data in cache.
(ii) Intel Trusted Execution Technology (Intel TXT) has primarily goals of providing
authenticity to operating system and creates a secure environment. Intel processor partitions the
protected data, the protected partition cannot be modified from other processor thus protect it
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Computer Security 8
from DMA. Similarly, Intel chipset provides isolation to data sets to ensure the protection of
data also various Authenticated Code modules generates secure cryptography keys and
provides trusted environment at runtime.
II Module
Answer to question no. 1
(a) (i) Buffer overflow is a type of attack where certain section of memory is overwritten
with more data that the amount of data can be fitted. This in turn spills the memory area
automatically and manages the overflow.
(ii) Buffer overflow is caused due to malicious attacker who sends wrong input in the
program and attempts to store in the buffer which is not large enough. Buffer flow is
caused as some languages do not have any built in protection against overwriting data in
the memory.
(iii) Buffer overflow can be reduced by using a process known as fuzzing, which checks that
the system is not accepting additional data. Stack Guard complier can be used to stop buffer
overflow, as when the attacker tries to overwrite the buffer section, it is not possible. Other
functions like strncpy() is used to avoid and eliminate the bugs from the software.
(b) (i) If an incompatible operand is passed to a function, which cannot be handled by the data
type causes type error. It also causes vulnerabilities in software; there are two type of errors
type1 and type2. Type1 inserts incorrect value and type2 create virtual existence of the thing
that is not present. It doesn’t resemble the usual data types used like strings, arrays, objects and
Java script function. Type Error is usual caused due to using wrong data types or operations.
(ii) Type safety uses complier to automatically check the type at the time of compiling and
throws an error if the assigned data type to the variable is not correct. It help in providing
from DMA. Similarly, Intel chipset provides isolation to data sets to ensure the protection of
data also various Authenticated Code modules generates secure cryptography keys and
provides trusted environment at runtime.
II Module
Answer to question no. 1
(a) (i) Buffer overflow is a type of attack where certain section of memory is overwritten
with more data that the amount of data can be fitted. This in turn spills the memory area
automatically and manages the overflow.
(ii) Buffer overflow is caused due to malicious attacker who sends wrong input in the
program and attempts to store in the buffer which is not large enough. Buffer flow is
caused as some languages do not have any built in protection against overwriting data in
the memory.
(iii) Buffer overflow can be reduced by using a process known as fuzzing, which checks that
the system is not accepting additional data. Stack Guard complier can be used to stop buffer
overflow, as when the attacker tries to overwrite the buffer section, it is not possible. Other
functions like strncpy() is used to avoid and eliminate the bugs from the software.
(b) (i) If an incompatible operand is passed to a function, which cannot be handled by the data
type causes type error. It also causes vulnerabilities in software; there are two type of errors
type1 and type2. Type1 inserts incorrect value and type2 create virtual existence of the thing
that is not present. It doesn’t resemble the usual data types used like strings, arrays, objects and
Java script function. Type Error is usual caused due to using wrong data types or operations.
(ii) Type safety uses complier to automatically check the type at the time of compiling and
throws an error if the assigned data type to the variable is not correct. It help in providing
Computer Security 9
secure environment as it do not allow to access any private memory location or member whose
permission is not granted to be accessed. It makes sure that objects are isolated from one
another. Thus type safety creates a safe environment and avoids chances of attack.
(c) (i)Arc injection attack inject a jump to redirect the execution of a program t some other
code area in the memory. It is also known as return to libc attack where library as lot of
predefined codes that re useful for the attacker which provides type definitions, string handling
mechanism, memory allocation and other operating system services. Because of availability of
the large number of functions libc's codes are used instead of using code injection technique.
(ii) There are various compliers which are used to identify stack problems. Like using -fstack
function is useful as it provides solution for the worst condition by using canary space
fundamental. Canary space is used at the end of the stack so that data can be written after it has
been modified. Another method is using CPU watchpoints, it a way to look at the canary space
condition for accessing it. This software implementation is used to check the availability of
canary space automatically after predefined intervals so that problem of buffer overflow
doesn’t occur.
Answer to question no.3
(i) If the password is communicated through an insecure root or stored in the insecure network
may lead to malicious user accessing the data. Any hostile user may enter the system and track
all the information which destroys the confidentiality of the information (Du, 2011).
(ii) The risk of password can be reduced by using the password on the secure
environment. When the password is shared over network it is encrypted so that no third
party user can track it.
secure environment as it do not allow to access any private memory location or member whose
permission is not granted to be accessed. It makes sure that objects are isolated from one
another. Thus type safety creates a safe environment and avoids chances of attack.
(c) (i)Arc injection attack inject a jump to redirect the execution of a program t some other
code area in the memory. It is also known as return to libc attack where library as lot of
predefined codes that re useful for the attacker which provides type definitions, string handling
mechanism, memory allocation and other operating system services. Because of availability of
the large number of functions libc's codes are used instead of using code injection technique.
(ii) There are various compliers which are used to identify stack problems. Like using -fstack
function is useful as it provides solution for the worst condition by using canary space
fundamental. Canary space is used at the end of the stack so that data can be written after it has
been modified. Another method is using CPU watchpoints, it a way to look at the canary space
condition for accessing it. This software implementation is used to check the availability of
canary space automatically after predefined intervals so that problem of buffer overflow
doesn’t occur.
Answer to question no.3
(i) If the password is communicated through an insecure root or stored in the insecure network
may lead to malicious user accessing the data. Any hostile user may enter the system and track
all the information which destroys the confidentiality of the information (Du, 2011).
(ii) The risk of password can be reduced by using the password on the secure
environment. When the password is shared over network it is encrypted so that no third
party user can track it.
Computer Security 10
(b) Biometric system is used in security purpose as it works by mapping the pattern of
human with the use of advanced technology. The architecture of biometric basically
connects software and hardware components. Finger print is one of the biometric system,
which include various components.
Sensor- It captures the digital image of finger which is future processed and stored in the
database for identifying the correct user. Verifying the correct user helps in attaining a
good security.
Processor- The stored mage in the database is minutely observed and processed as the
security relies in matching the input minutely. The scanned input is future processed like
performing segmentation, normalization and estimating the frequency of image which is
future applied to enhance the quality of image for extraction.
Extractor- Finding the similarity and finding the correct match, is done using the concept
of crossing number.
Identification- finally identifying the correct user by matching the finger prints and
identifying it helps people to save time. Only the correct user is identified and granted
the access to information.
(c) Type I error occurs when authenticated user gets rejected because biometric system
doesn’t recognize it and Type II error occurs when an unauthorized user gets an access. Type I
error can be controlled as the value of alpha is 0.05 that means only 5% would be rejected.
Type II probability is denoted by beta which has value more than alpha.
(d) (i) S-KEY is a one-time password system; the password is used for user authentication.
Always a unique password is generated and S-key stores all the passwords used. User selects a
unique secret password and uses it for authentication. S –Key are used for multiple applications
to produce one-time password. It hosts the password by using hash function and compares the
result with the previous results.
(b) Biometric system is used in security purpose as it works by mapping the pattern of
human with the use of advanced technology. The architecture of biometric basically
connects software and hardware components. Finger print is one of the biometric system,
which include various components.
Sensor- It captures the digital image of finger which is future processed and stored in the
database for identifying the correct user. Verifying the correct user helps in attaining a
good security.
Processor- The stored mage in the database is minutely observed and processed as the
security relies in matching the input minutely. The scanned input is future processed like
performing segmentation, normalization and estimating the frequency of image which is
future applied to enhance the quality of image for extraction.
Extractor- Finding the similarity and finding the correct match, is done using the concept
of crossing number.
Identification- finally identifying the correct user by matching the finger prints and
identifying it helps people to save time. Only the correct user is identified and granted
the access to information.
(c) Type I error occurs when authenticated user gets rejected because biometric system
doesn’t recognize it and Type II error occurs when an unauthorized user gets an access. Type I
error can be controlled as the value of alpha is 0.05 that means only 5% would be rejected.
Type II probability is denoted by beta which has value more than alpha.
(d) (i) S-KEY is a one-time password system; the password is used for user authentication.
Always a unique password is generated and S-key stores all the passwords used. User selects a
unique secret password and uses it for authentication. S –Key are used for multiple applications
to produce one-time password. It hosts the password by using hash function and compares the
result with the previous results.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Computer Security 11
(ii) If the attacker impersonated the host than it will track the flow of traffic on the
network or can trace the flow of data over the network and can silently read the
information via host.
Answer to question no. 4
(a) (i) Example- Like Alice can rw the file ‘result.doc’ it means that Alice can read and
write In the file but don’t have write to execute the file. Similarly If bob is granted with
the permission of rx that means Bob can read and execute the file, but it cannot make
any changed in the file.
(ii) Access mask is used to describe access rights which specify that the request is
granted to an object or it can access the object or not. Access mask make sure that
access right assigned are used correctly.
(b) The Reference Monitor can decide whether it is a subject or an object via security
model. If an access request is received in the form of subject than reference monitor
concludes that subject has referenced an object.
(c) (i) Role based operating system regulates the access of user to network and the system.
In RBAC user acquire the role of the system, by using the acquired role it access the
object of the system.
Subject is basically defined as person or agent who wants to access the information,
Role is a job function that defines the authority level of access, or it is organizational
function with a clear definition of inherent responsibility and authority.
Permission is mode of accessing the file that is read, write or execute. Permission is
assigned to role, and by using this permission it is determined that the user is allowed to
access the data in the system or not. User-role permission makes the work simple to
perform user assignment.
(ii) If the attacker impersonated the host than it will track the flow of traffic on the
network or can trace the flow of data over the network and can silently read the
information via host.
Answer to question no. 4
(a) (i) Example- Like Alice can rw the file ‘result.doc’ it means that Alice can read and
write In the file but don’t have write to execute the file. Similarly If bob is granted with
the permission of rx that means Bob can read and execute the file, but it cannot make
any changed in the file.
(ii) Access mask is used to describe access rights which specify that the request is
granted to an object or it can access the object or not. Access mask make sure that
access right assigned are used correctly.
(b) The Reference Monitor can decide whether it is a subject or an object via security
model. If an access request is received in the form of subject than reference monitor
concludes that subject has referenced an object.
(c) (i) Role based operating system regulates the access of user to network and the system.
In RBAC user acquire the role of the system, by using the acquired role it access the
object of the system.
Subject is basically defined as person or agent who wants to access the information,
Role is a job function that defines the authority level of access, or it is organizational
function with a clear definition of inherent responsibility and authority.
Permission is mode of accessing the file that is read, write or execute. Permission is
assigned to role, and by using this permission it is determined that the user is allowed to
access the data in the system or not. User-role permission makes the work simple to
perform user assignment.
Computer Security 12
(ii) Hierarchal RBAC provides additional support of inheritance between roles like an
inheritance relation among roles. Inheritance can be described in terms of permissions that is r1
“inherits” role r2 if all privileges of r2 are also privileges of r1. It composes the role from
multiple subordinate roles and defines the relations and roles that are intended to be
represented. Then it provide uniform treatment of user or role assignment, which can be
included in the role hierarchy, using the same relation to denote the user assignment to roles,
as well as permission inheritance from a role to its assigned users.
III Module
Answer to question no. 3
(a)
(i) Buffer overflow is a program where writing data in buffer exceeds the buffer boundary
which in turn overwrites the exciting data with the new one as buffer is not able to handle the
extra data.
(ii) Buffer overflow can be caused like in s7case of stack when the size is predefined and if
additional data is entered in the stack will lead to overflow. Similarly, if the size of a file is
fixed it cannot store additional data in it, if data is entered are than the defined capacity will
lead to buffer overflow.
(iii) Risk of buffer overflow can be avoided by using safe libraries as in C, C++ buffer
overflow is very common thus high degree of correctness can be maintained by using standard
library functions. These standard library functions automatically take cares of buffer
management and reducing the chances of buffer overflow. Also by using pointer protection as
(ii) Hierarchal RBAC provides additional support of inheritance between roles like an
inheritance relation among roles. Inheritance can be described in terms of permissions that is r1
“inherits” role r2 if all privileges of r2 are also privileges of r1. It composes the role from
multiple subordinate roles and defines the relations and roles that are intended to be
represented. Then it provide uniform treatment of user or role assignment, which can be
included in the role hierarchy, using the same relation to denote the user assignment to roles,
as well as permission inheritance from a role to its assigned users.
III Module
Answer to question no. 3
(a)
(i) Buffer overflow is a program where writing data in buffer exceeds the buffer boundary
which in turn overwrites the exciting data with the new one as buffer is not able to handle the
extra data.
(ii) Buffer overflow can be caused like in s7case of stack when the size is predefined and if
additional data is entered in the stack will lead to overflow. Similarly, if the size of a file is
fixed it cannot store additional data in it, if data is entered are than the defined capacity will
lead to buffer overflow.
(iii) Risk of buffer overflow can be avoided by using safe libraries as in C, C++ buffer
overflow is very common thus high degree of correctness can be maintained by using standard
library functions. These standard library functions automatically take cares of buffer
management and reducing the chances of buffer overflow. Also by using pointer protection as
Computer Security 13
it prevents attacker to encode/decode pointers and it automatically XORs pointers and also
checks the buffer space before sending it to buffer memory.
(b) (i) Type error occurs when an operand is passed to a function which is incompatible
to handle that data type. It cause software vulnerabilities as type I is it inserts incorrect
value of true and type II create virtual hypothesis of the thing which is not there and
falsely interprets the presence or absence of something. It doesn’t recognize the usual
data types like arrays, numbers, objects, strings and the JavaScript function. Thus using
wrong data types or operations cause Type Error.
(ii) Type safety refers that complier automatically validates the type while compiling and
instantly throws an error if wrong type is assigned to the variable. It provides a secure
environment as it doesn’t access of any private members or memory location that it not
permitted to be accessed. It also ensures that objects are isolated from each other. Therefore
safe environment is created and avoid malicious corruption or undefined behaviour. For secure
system it also provides the requirement for explicit type conversion for a language so that it
doesn’t leads unexpected or unintuitive behaviour.
(c)
(i) Arc injection is also known a Return-to-libc, libs is a program having various useful
functions like C library standards, type definitions, memory allocation and various
operating system services. It redirects the execution flow to other code of the memory. It
is caused because due to inserting of large number of data which causes difficulty of
executing code on stack thus causes memory attack. It provides the solution if buffer is
not big enough for the code.
(ii) There are some compilers which is used to identify stacks problems. First is using –fstack
it creates the solution for worst case scenario by creating canary space at the end of each task
so that even if the data is modified it can be written. Second method is using CPU watchpoints
which includes a way to watch the canary space for writing access. Thus this software
implementation is used to check the canary space at a predefined interval so that buffer
it prevents attacker to encode/decode pointers and it automatically XORs pointers and also
checks the buffer space before sending it to buffer memory.
(b) (i) Type error occurs when an operand is passed to a function which is incompatible
to handle that data type. It cause software vulnerabilities as type I is it inserts incorrect
value of true and type II create virtual hypothesis of the thing which is not there and
falsely interprets the presence or absence of something. It doesn’t recognize the usual
data types like arrays, numbers, objects, strings and the JavaScript function. Thus using
wrong data types or operations cause Type Error.
(ii) Type safety refers that complier automatically validates the type while compiling and
instantly throws an error if wrong type is assigned to the variable. It provides a secure
environment as it doesn’t access of any private members or memory location that it not
permitted to be accessed. It also ensures that objects are isolated from each other. Therefore
safe environment is created and avoid malicious corruption or undefined behaviour. For secure
system it also provides the requirement for explicit type conversion for a language so that it
doesn’t leads unexpected or unintuitive behaviour.
(c)
(i) Arc injection is also known a Return-to-libc, libs is a program having various useful
functions like C library standards, type definitions, memory allocation and various
operating system services. It redirects the execution flow to other code of the memory. It
is caused because due to inserting of large number of data which causes difficulty of
executing code on stack thus causes memory attack. It provides the solution if buffer is
not big enough for the code.
(ii) There are some compilers which is used to identify stacks problems. First is using –fstack
it creates the solution for worst case scenario by creating canary space at the end of each task
so that even if the data is modified it can be written. Second method is using CPU watchpoints
which includes a way to watch the canary space for writing access. Thus this software
implementation is used to check the canary space at a predefined interval so that buffer
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Computer Security 14
overflow doesn’t occur.
Answer to question no. 4
(a)
(i) The key difference between logical and physical difference is that it is not possible to access
the physical address directly by the user where logical address can be used to access the
physical address. Physical address deals with load time address binding wherein virtual address
deals with compile time address binding.
(ii) Virtual memory allows more than one applications to run on the system, it is used by
operating system to provide hardware support, allows running more applications at once and
allows running larger applications with less real RAM and it is not necessary to buy more
memory. It has the ability to load and execute a program in less memory space even if it
requires a larger amount of memory.
(b)
(i) These privilege levels are also known as protection rings, in the ring the innermost ring has
highest priority which tends to protect data from faults by improving fault tolerance capacity
and avoiding malicious and providing computer security. The level 0 is used by the kernel and
level 3 is used by application programs. These levels ensure that data is protected to a certain
extent and saves the software to avoid vulnerabilities (Gollmann & Snekkenes, 2017).
(ii) In Unix system the supervisor owns all the privilege levels and provides security to the
system. Different privileges level assigns the access rights accordingly. The least privileged level
grant the access right to everyone, whereas the most privileged level in the system is granted to the
one who control the entire system.
(c)(i) Direct memory access is used for violating attacks and maintains computer security so
that attack does not penetrate in the system. By using DMA an unauthorized access to address
space is not possible but due to directly accessing memory space it installs malware in the
overflow doesn’t occur.
Answer to question no. 4
(a)
(i) The key difference between logical and physical difference is that it is not possible to access
the physical address directly by the user where logical address can be used to access the
physical address. Physical address deals with load time address binding wherein virtual address
deals with compile time address binding.
(ii) Virtual memory allows more than one applications to run on the system, it is used by
operating system to provide hardware support, allows running more applications at once and
allows running larger applications with less real RAM and it is not necessary to buy more
memory. It has the ability to load and execute a program in less memory space even if it
requires a larger amount of memory.
(b)
(i) These privilege levels are also known as protection rings, in the ring the innermost ring has
highest priority which tends to protect data from faults by improving fault tolerance capacity
and avoiding malicious and providing computer security. The level 0 is used by the kernel and
level 3 is used by application programs. These levels ensure that data is protected to a certain
extent and saves the software to avoid vulnerabilities (Gollmann & Snekkenes, 2017).
(ii) In Unix system the supervisor owns all the privilege levels and provides security to the
system. Different privileges level assigns the access rights accordingly. The least privileged level
grant the access right to everyone, whereas the most privileged level in the system is granted to the
one who control the entire system.
(c)(i) Direct memory access is used for violating attacks and maintains computer security so
that attack does not penetrate in the system. By using DMA an unauthorized access to address
space is not possible but due to directly accessing memory space it installs malware in the
Computer Security 15
system which in turn violates the confidentiality of data. Other than that a correct
synchronization tool is needed in the device to evade accessing un-updated information.
Sometimes using data stored in RAM it leads to cache coherency problem if the data is not
updated with the correct data in cache.
(ii) Intel TXT stands for Intel Trusted Execution Technology have fundamental goals of
providing authenticity to operating system and create a protected environment. It uses the
concept of portioning the data, protected data is portioned and cannot be modified by other
processor and it also protects data from direct access. Similarly, Intel chipset provides isolation
to data sets to ensure the protection of data also various Authenticated Code modules generates
secure cryptography keys and provides trusted environment at runtime.
Answer to question no. 5
(a) (i) The /etc/ is owned by the root user and gives the writable permission to each user. The
encrypted passwords are stored in this file. It is a text file that contains basic information about
the account that is running on the Linux.
Uid is a unique identifier to identify the system, su is used to promotes the status of super user.
The /etc/shadow file contains encrypted passwords as well as ageing and information when the
password will expire.
(ii) The password file is secure and it contains user information and provides rights that who
can see the list of passwords and hashes. These password file is important for security purpose
and it is installed in default. The right to permission to access these files are assigned. It helps
in keeping track of each user on the system. It contains information like username, identity of
user and also basic account information for each user is mentioned.
(iii) The salt is a string of two characters used to perturb the algorithm in many different ways.
It encrypts the string constantly and returns the encrypted password value. Exhaustive searches
of space are also possible by using parallel spacing. DES algorithm makes use of cryptography
system which in turn violates the confidentiality of data. Other than that a correct
synchronization tool is needed in the device to evade accessing un-updated information.
Sometimes using data stored in RAM it leads to cache coherency problem if the data is not
updated with the correct data in cache.
(ii) Intel TXT stands for Intel Trusted Execution Technology have fundamental goals of
providing authenticity to operating system and create a protected environment. It uses the
concept of portioning the data, protected data is portioned and cannot be modified by other
processor and it also protects data from direct access. Similarly, Intel chipset provides isolation
to data sets to ensure the protection of data also various Authenticated Code modules generates
secure cryptography keys and provides trusted environment at runtime.
Answer to question no. 5
(a) (i) The /etc/ is owned by the root user and gives the writable permission to each user. The
encrypted passwords are stored in this file. It is a text file that contains basic information about
the account that is running on the Linux.
Uid is a unique identifier to identify the system, su is used to promotes the status of super user.
The /etc/shadow file contains encrypted passwords as well as ageing and information when the
password will expire.
(ii) The password file is secure and it contains user information and provides rights that who
can see the list of passwords and hashes. These password file is important for security purpose
and it is installed in default. The right to permission to access these files are assigned. It helps
in keeping track of each user on the system. It contains information like username, identity of
user and also basic account information for each user is mentioned.
(iii) The salt is a string of two characters used to perturb the algorithm in many different ways.
It encrypts the string constantly and returns the encrypted password value. Exhaustive searches
of space are also possible by using parallel spacing. DES algorithm makes use of cryptography
Computer Security 16
for password authentication. In this there is a problem of password allocation to other file
which can be resolved by shadow file.
(iv) There are vulnerabilities in this approach as all the information is visible to user, so people
can use the password and save it on back-up and can be misused as /etc/password keep actual
password stored. The information is stored in readable form as it contains the password
information which could be readable by unprivileged user which makes the system vulnerable
to interception.
(v) Unix is stable and is flexible which is built to provide high security and permission features
than before. It solves the problem of creating large monolithic programs by offering support of
virtual memory. Where user can run number of programs at the same time and have rich
collection of small utilities/commands to perform tasks.
(b) (i)Access control mechanism works in various levels first is user in the application level
express security policy, and then the application is written at the middle level which adds more
protection such as database management and also provides access control to users. Finally
memory address is provided to each process. For granting the permission of read ‘r’ is used; for
granting the permission to modify the file ‘w’ is used and for granting permission to execute
the file ‘x’ is used. (-) is used is no permission is provided to the user. Various users in the
system are: root user, system user and group user. Root user or super user has capacity to make
any changes in the system and have unlimited access whereas system user is able to access the
file according to the permission granted.
(ii) Only the root or super user is allowed to change the permission of a directory or file. It can
set the access permission of read, write or execute in the system.
for password authentication. In this there is a problem of password allocation to other file
which can be resolved by shadow file.
(iv) There are vulnerabilities in this approach as all the information is visible to user, so people
can use the password and save it on back-up and can be misused as /etc/password keep actual
password stored. The information is stored in readable form as it contains the password
information which could be readable by unprivileged user which makes the system vulnerable
to interception.
(v) Unix is stable and is flexible which is built to provide high security and permission features
than before. It solves the problem of creating large monolithic programs by offering support of
virtual memory. Where user can run number of programs at the same time and have rich
collection of small utilities/commands to perform tasks.
(b) (i)Access control mechanism works in various levels first is user in the application level
express security policy, and then the application is written at the middle level which adds more
protection such as database management and also provides access control to users. Finally
memory address is provided to each process. For granting the permission of read ‘r’ is used; for
granting the permission to modify the file ‘w’ is used and for granting permission to execute
the file ‘x’ is used. (-) is used is no permission is provided to the user. Various users in the
system are: root user, system user and group user. Root user or super user has capacity to make
any changes in the system and have unlimited access whereas system user is able to access the
file according to the permission granted.
(ii) Only the root or super user is allowed to change the permission of a directory or file. It can
set the access permission of read, write or execute in the system.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Computer Security 17
IV Module
Answer to question no. 1
(a) (i) Penetrate and patch test is used to access the hacker attack by searching the flaws in the
network. It is used by the people who have large development applications. There are various
issues in this approach like developers can only patch few problems other problems penetrate
in the system. Also it fixes the symptoms of problem but do not deal with underlying cause.
And also in some cases patches are not applied because admin of the system overlooks it and
do not make any change in the system (Borders, 2015).
(ii) Principals which can be used for development of secure software
By reducing the surface area- Every application added on the system adds some amount. To
avoid the risk surface area should be less so that there is no vulnerabilities. Additionally
controlling the access privilege to resources limits the chance of unauthorized attacks.
Fixing security issues correctly- It is important to fix the bugs so that it do not penetrate in the
system and cause failure later on. Thus developing and fixing the issues without introducing
regressions is essential.
(b) (i) Viruses are worms are malicious programs and cause damage to the system but there is a
difference. Viruses get attached to the programs and spread from one system due to some
human action to another leaving infections in the whole way wherein worms travel from other
system to other without any human action. Worms travel via e-mail and viruses are hidden in
word file. Worms spread faster than virus as it has the capability to replicate itself.
(ii) It is true that worms cause more severe threats as it has the capability of copying and travel
across but it consumes too much of systems memory and also consumes high bandwidth just
responding to web servers by making them slow and eventually stopping them to respond.
Internet worms exploit the access rights and create the network unprotected.
IV Module
Answer to question no. 1
(a) (i) Penetrate and patch test is used to access the hacker attack by searching the flaws in the
network. It is used by the people who have large development applications. There are various
issues in this approach like developers can only patch few problems other problems penetrate
in the system. Also it fixes the symptoms of problem but do not deal with underlying cause.
And also in some cases patches are not applied because admin of the system overlooks it and
do not make any change in the system (Borders, 2015).
(ii) Principals which can be used for development of secure software
By reducing the surface area- Every application added on the system adds some amount. To
avoid the risk surface area should be less so that there is no vulnerabilities. Additionally
controlling the access privilege to resources limits the chance of unauthorized attacks.
Fixing security issues correctly- It is important to fix the bugs so that it do not penetrate in the
system and cause failure later on. Thus developing and fixing the issues without introducing
regressions is essential.
(b) (i) Viruses are worms are malicious programs and cause damage to the system but there is a
difference. Viruses get attached to the programs and spread from one system due to some
human action to another leaving infections in the whole way wherein worms travel from other
system to other without any human action. Worms travel via e-mail and viruses are hidden in
word file. Worms spread faster than virus as it has the capability to replicate itself.
(ii) It is true that worms cause more severe threats as it has the capability of copying and travel
across but it consumes too much of systems memory and also consumes high bandwidth just
responding to web servers by making them slow and eventually stopping them to respond.
Internet worms exploit the access rights and create the network unprotected.
Computer Security 18
(c)(i)Malware signature is a unique bit of strings which act as fingerprint to detect o identify
the viruses. It basically scans the occurrence of malicious code in the system. Signatures are
also used to detect the attacks by matching patterns and bit sequences in network traffic.
(ii) Techniques used to hide malware are using packers as it wraps the signature and decodes
only at the time of runtime. These packers are used to hide signatures from malware. Crypters
are used to encrypt the fingerprints to avoid the detection of signatures. Other technique is
using polymorphic malware which automatically uses the packer and crypter technique to
change the look of signature.
Answer to question no. 2
(i) (a) Vulnerability is failure of system unit which effects the hostile environment. It creates
chances of attacks and discloses the security of the system. It compromises security of a
network. It impacts the system by preventing authorized access to resources or interface on the
system by external user. Exploiting of vulnerability provides attacker to gain private
information of an organisation. It also cause email interruptions and loss of sensitive
information
(ii) Threats can be prevented by using proper encryption techniques, avoiding spoofing and
sniffing where third party hides their true identity and tries to access the data, using updated
antiviruses. Encryption is the process to keep the text saves in chipper text form so that the text
can be decrypted only by a valid user and this avoids the chances of leakage of data.
(iii) If the effect of threats has destroyed the entire system, and finically extra support is needed
to remove the bug and bring the system back to the original condition, count measure
technique is used in that case.
(c)(i)Malware signature is a unique bit of strings which act as fingerprint to detect o identify
the viruses. It basically scans the occurrence of malicious code in the system. Signatures are
also used to detect the attacks by matching patterns and bit sequences in network traffic.
(ii) Techniques used to hide malware are using packers as it wraps the signature and decodes
only at the time of runtime. These packers are used to hide signatures from malware. Crypters
are used to encrypt the fingerprints to avoid the detection of signatures. Other technique is
using polymorphic malware which automatically uses the packer and crypter technique to
change the look of signature.
Answer to question no. 2
(i) (a) Vulnerability is failure of system unit which effects the hostile environment. It creates
chances of attacks and discloses the security of the system. It compromises security of a
network. It impacts the system by preventing authorized access to resources or interface on the
system by external user. Exploiting of vulnerability provides attacker to gain private
information of an organisation. It also cause email interruptions and loss of sensitive
information
(ii) Threats can be prevented by using proper encryption techniques, avoiding spoofing and
sniffing where third party hides their true identity and tries to access the data, using updated
antiviruses. Encryption is the process to keep the text saves in chipper text form so that the text
can be decrypted only by a valid user and this avoids the chances of leakage of data.
(iii) If the effect of threats has destroyed the entire system, and finically extra support is needed
to remove the bug and bring the system back to the original condition, count measure
technique is used in that case.
Computer Security 19
(iv) Shortcomings of using numerical approach to risk management is that the analysis is not precise and
is confusing sometimes. Numerical analysis is generally expensive and demand advanced tools for
calculations. By using this approach it requires more amount of time with bigger expenditure.
(b) (i) Paging is a memory management technique which divides memory into fixed sized blocks.
Swapping can be done easily and it share common code in a time sharing environment.
Segmentation leads to external fragmentation and paging leads to internal fragmentation.
Difference between segmentation and paging is that in paging physical memory is divided into
fixed size frames, when memory is needed available frames are allocated and are located
anywhere in the memory whereas in segmentation memory is not divided systematically and
these segments are placed in the available holes of memory. Also page is a fixed sized blocks
whereas segment is a variable-sized block.
(ii) Difference between paging and segmentation on the basic of security is that paging
allocates the memory anywhere in the memory with can be attacked by the third party user as
attacker knows that it is fixed size block and tries to capture the pattern of memory.
(iii) Paging don’t support external fragmentation and the segments can grow without any
reshuffling of pages. But it supports flexibility of sharing the information and process can run
even if the pages are swapped. Segmentation is useful as it decrease the size of table and
decreases the overhead of memory
(c) (i) Interrupt vector table is used to list the interrupt handlers. Interrupt vector is the memory
location which in turn handlers interrupt and give priority to interrupts and saves the interrupts
in the queue. So that even if more than one interrupt occurs it can be handled using Interrupt
vector table.
(ii) In interrupt driven software the problems of security arises as the interrupt overload is very
high and it usually causes the problem of stack overflow.
Answer to question no. 4
(iv) Shortcomings of using numerical approach to risk management is that the analysis is not precise and
is confusing sometimes. Numerical analysis is generally expensive and demand advanced tools for
calculations. By using this approach it requires more amount of time with bigger expenditure.
(b) (i) Paging is a memory management technique which divides memory into fixed sized blocks.
Swapping can be done easily and it share common code in a time sharing environment.
Segmentation leads to external fragmentation and paging leads to internal fragmentation.
Difference between segmentation and paging is that in paging physical memory is divided into
fixed size frames, when memory is needed available frames are allocated and are located
anywhere in the memory whereas in segmentation memory is not divided systematically and
these segments are placed in the available holes of memory. Also page is a fixed sized blocks
whereas segment is a variable-sized block.
(ii) Difference between paging and segmentation on the basic of security is that paging
allocates the memory anywhere in the memory with can be attacked by the third party user as
attacker knows that it is fixed size block and tries to capture the pattern of memory.
(iii) Paging don’t support external fragmentation and the segments can grow without any
reshuffling of pages. But it supports flexibility of sharing the information and process can run
even if the pages are swapped. Segmentation is useful as it decrease the size of table and
decreases the overhead of memory
(c) (i) Interrupt vector table is used to list the interrupt handlers. Interrupt vector is the memory
location which in turn handlers interrupt and give priority to interrupts and saves the interrupts
in the queue. So that even if more than one interrupt occurs it can be handled using Interrupt
vector table.
(ii) In interrupt driven software the problems of security arises as the interrupt overload is very
high and it usually causes the problem of stack overflow.
Answer to question no. 4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Computer Security 20
(a) Biometric system works on mapping pattern with the use of technology to provide
advanced security. The architecture of biometric maps the hardware and software components.
Basic components of finger print system are:
Sensor – It captures digital image which is processed and stored in the database which is future
used for identification and verification. It helps in attaining advance method for security.
Image Processor- The image stored in database is processed minutely as the performance and
security measures relies on the input scanned. Many processes are applied to image like image
segmentation, normalization and estimation of frequency which are applied to boost the quality
of image in terms of usability for minutia extraction.
Minutia Extractor- The concept of crossing number is used to match the similarities between
two ridges and finding out if they are identical or not.
Identification- Finally, identifying and verifying the processes which help people to be clear
and save time. Only the correct under is identified and granted the permission to access the
data.
(b) (i) Tokens are used to authorize access to a network, it is based on authentication which
ensures that every request to server is convoyed to a signed token which in turn verifies the
authenticity and then replies to the request. These tokens transfer one time password over the
network or some unique identity which is confidential and cannot be disclosed. Each user in
the system has user tokens that are generated so that users access the services without
disclosing their actual credentials.
(ii) Previously applications used confirm the user identity through session cookies, but only
token authentication uses tokens and lower the load of the network, user generates the token,
using this token user connects to the server and request for the information on the server.
(a) Biometric system works on mapping pattern with the use of technology to provide
advanced security. The architecture of biometric maps the hardware and software components.
Basic components of finger print system are:
Sensor – It captures digital image which is processed and stored in the database which is future
used for identification and verification. It helps in attaining advance method for security.
Image Processor- The image stored in database is processed minutely as the performance and
security measures relies on the input scanned. Many processes are applied to image like image
segmentation, normalization and estimation of frequency which are applied to boost the quality
of image in terms of usability for minutia extraction.
Minutia Extractor- The concept of crossing number is used to match the similarities between
two ridges and finding out if they are identical or not.
Identification- Finally, identifying and verifying the processes which help people to be clear
and save time. Only the correct under is identified and granted the permission to access the
data.
(b) (i) Tokens are used to authorize access to a network, it is based on authentication which
ensures that every request to server is convoyed to a signed token which in turn verifies the
authenticity and then replies to the request. These tokens transfer one time password over the
network or some unique identity which is confidential and cannot be disclosed. Each user in
the system has user tokens that are generated so that users access the services without
disclosing their actual credentials.
(ii) Previously applications used confirm the user identity through session cookies, but only
token authentication uses tokens and lower the load of the network, user generates the token,
using this token user connects to the server and request for the information on the server.
Computer Security 21
V Module
Answer to question no. 1
(a) (i) Computer security refers to protection of information, network as well as computation
power. It provides protection to the system from thefts and disruptions. It ensures that data is
encrypted and cannot be accessed by unauthorized user. Computer security guarantees that to
damage occurs to the hardware, software or services of computer.
(ii) The three corresponding security notions of security described by Anderson in 1972 are
Unauthorized information release- In this an unauthorized user reads the information stored in
the system illegally or captures the traffic pattern of information.
Unauthorized information modification- Unauthorized entities make changes to the
information stored and the user is not able to figure out the changes made.
Unauthorized denial of use- Some third party user denies the use of services by the actual user.
(ii) For password file security violation can be dangerous like if the information is released
to unauthorized user it can be misused reading to lack of confidentiality.
Other one is if the password file is modified by unauthorized user than the actual user will not
be able to access the file. Denial of use is a major problem as actual user is not able to open is
file even if it is authorised.
(b)
(i) Reference monitor encapsulates the access method which supports certain security
policies and before accessing the resources permission is asked. It satisfies the properties of
completeness, isolation and verifiability. Reference validation is used to describe the set of
V Module
Answer to question no. 1
(a) (i) Computer security refers to protection of information, network as well as computation
power. It provides protection to the system from thefts and disruptions. It ensures that data is
encrypted and cannot be accessed by unauthorized user. Computer security guarantees that to
damage occurs to the hardware, software or services of computer.
(ii) The three corresponding security notions of security described by Anderson in 1972 are
Unauthorized information release- In this an unauthorized user reads the information stored in
the system illegally or captures the traffic pattern of information.
Unauthorized information modification- Unauthorized entities make changes to the
information stored and the user is not able to figure out the changes made.
Unauthorized denial of use- Some third party user denies the use of services by the actual user.
(ii) For password file security violation can be dangerous like if the information is released
to unauthorized user it can be misused reading to lack of confidentiality.
Other one is if the password file is modified by unauthorized user than the actual user will not
be able to access the file. Denial of use is a major problem as actual user is not able to open is
file even if it is authorised.
(b)
(i) Reference monitor encapsulates the access method which supports certain security
policies and before accessing the resources permission is asked. It satisfies the properties of
completeness, isolation and verifiability. Reference validation is used to describe the set of
Computer Security 22
requirements, and then validation is encompassed on the requirements of proper access
policies. As well as trusted computing base is a collection of firmware’s that take care of the
bugs and vulnerabilities occurring in the system.
(ii) Operating system, reference monitor, validation mechanism and trusted computing base
is related to each other as shown:
Reference monitor provides aces to the user processors and gain access of objects from the
operating system.
(c) Software bug is an error or fault in the system which decreases the productivity,
and cause the system to behave in different way. Vulnerability is defined as the
capacity of that cause harmful effects on the system and cause security risk. Threats
cause damage to the system.
Answer to question no. 2
requirements, and then validation is encompassed on the requirements of proper access
policies. As well as trusted computing base is a collection of firmware’s that take care of the
bugs and vulnerabilities occurring in the system.
(ii) Operating system, reference monitor, validation mechanism and trusted computing base
is related to each other as shown:
Reference monitor provides aces to the user processors and gain access of objects from the
operating system.
(c) Software bug is an error or fault in the system which decreases the productivity,
and cause the system to behave in different way. Vulnerability is defined as the
capacity of that cause harmful effects on the system and cause security risk. Threats
cause damage to the system.
Answer to question no. 2
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Computer Security 23
(a)
(i) Access control matrix- It is a safekeeping model which provides protection of computer
system and also defines the right of every entity in the system. It uses an array to keep the data
secure from everyone except the one who is authorized. This approach is used in to provide
access permission to users. Access to any type of data is controlled by access control matrix
and bounds the unauthorized access to a network, computer and digital file by an unauthorised
user.
(ii) Access control list (ACL) is used to store the data regarding the resources in the column of
matrix whereas the capabilities are used to hold a permit to use each of the resource. Access
control list is related with every object in the system which provides authentication to all the
object in the list. Capabilities are casual arrangement of bits which is managed by operating
system and is passed from one process to other. Both the terms are related to Access control
matrix which indicates what function can be done, who can perform the functions like who are
allowed to read, write or manipulate the information.
(b) The working mechanism of access control is different is various levels. User level is the
first level which provides security then the middle level expresses security policy for more
protection. Access permission and Memory address is assigned to each process, permission can
be only read ‘r’ , write‘w’ or execute ‘x’ . If in case no permission need to be granted (-) is
used. Root user of the system has unrestricted access and holds the ability to make any kind of
changes in the system.
(c) Unix access control system.
(a) (i) The /etc/password is owned by the super user, which gives the accessing permission to each
user. The passwords are stored in encrypted format in the file.
Uid is a unique identifier to identify the user of the system; gid is used to provide identity to
group of users; su is used to stimulate the status of root user. The /etc/shadow file contains
encoded passwords as well as the information about when the password session will expire.
(a)
(i) Access control matrix- It is a safekeeping model which provides protection of computer
system and also defines the right of every entity in the system. It uses an array to keep the data
secure from everyone except the one who is authorized. This approach is used in to provide
access permission to users. Access to any type of data is controlled by access control matrix
and bounds the unauthorized access to a network, computer and digital file by an unauthorised
user.
(ii) Access control list (ACL) is used to store the data regarding the resources in the column of
matrix whereas the capabilities are used to hold a permit to use each of the resource. Access
control list is related with every object in the system which provides authentication to all the
object in the list. Capabilities are casual arrangement of bits which is managed by operating
system and is passed from one process to other. Both the terms are related to Access control
matrix which indicates what function can be done, who can perform the functions like who are
allowed to read, write or manipulate the information.
(b) The working mechanism of access control is different is various levels. User level is the
first level which provides security then the middle level expresses security policy for more
protection. Access permission and Memory address is assigned to each process, permission can
be only read ‘r’ , write‘w’ or execute ‘x’ . If in case no permission need to be granted (-) is
used. Root user of the system has unrestricted access and holds the ability to make any kind of
changes in the system.
(c) Unix access control system.
(a) (i) The /etc/password is owned by the super user, which gives the accessing permission to each
user. The passwords are stored in encrypted format in the file.
Uid is a unique identifier to identify the user of the system; gid is used to provide identity to
group of users; su is used to stimulate the status of root user. The /etc/shadow file contains
encoded passwords as well as the information about when the password session will expire.
Computer Security 24
(ii) The working mechanism of access control varies in various levels. First level is user level
then the middle level which expresses security policy, adds more protection so that application
can be written and provides proper access control to users. Memory address is assigned to each
process and permission is granted like for read ‘r’ is used; for giving the permission to modify
the file ‘w’ is used and for execution of file ‘x’ is used. (-) is used for granting no permission to
the user. Several users in the system are: root user, system user and group user. Super user or
root user have unlimited access and holds the ability to make any kind of changes in the
system. On the other hand system user cannot make any changes and access the file according
to the permission granted.
Answer to question no. 3
(a) (i) The basic difference between physical and virtual address sis that virtual address is
generated at the time of execution of the code and it is basically used to access physical
address. As physical address cannot be accessed directly by user. Load time address binding is
done by using physical address but for compile time address binding virtual address is used.
(ii) By using the concept of Virtual management is efficient for the system as it helps in clears
the shared memory space and makes it available for other task. Also if the program is not in
use, freeing the space at that particular time increases memory isolation and this is done by
paging. (a) It also eliminates the theory of external fragmentation as pages are mapped
automatically. (b) Method used for allocating the memory is cheap and very efficient and it
also creates virtual space in the system.
(b) (i) The primary objective of memory management is to provide a detailed description of
hardware and provide relocation that is the ability to move the process in the memory space
without having the effect on its execution and also allows sharing of process to access the portion
(ii) The working mechanism of access control varies in various levels. First level is user level
then the middle level which expresses security policy, adds more protection so that application
can be written and provides proper access control to users. Memory address is assigned to each
process and permission is granted like for read ‘r’ is used; for giving the permission to modify
the file ‘w’ is used and for execution of file ‘x’ is used. (-) is used for granting no permission to
the user. Several users in the system are: root user, system user and group user. Super user or
root user have unlimited access and holds the ability to make any kind of changes in the
system. On the other hand system user cannot make any changes and access the file according
to the permission granted.
Answer to question no. 3
(a) (i) The basic difference between physical and virtual address sis that virtual address is
generated at the time of execution of the code and it is basically used to access physical
address. As physical address cannot be accessed directly by user. Load time address binding is
done by using physical address but for compile time address binding virtual address is used.
(ii) By using the concept of Virtual management is efficient for the system as it helps in clears
the shared memory space and makes it available for other task. Also if the program is not in
use, freeing the space at that particular time increases memory isolation and this is done by
paging. (a) It also eliminates the theory of external fragmentation as pages are mapped
automatically. (b) Method used for allocating the memory is cheap and very efficient and it
also creates virtual space in the system.
(b) (i) The primary objective of memory management is to provide a detailed description of
hardware and provide relocation that is the ability to move the process in the memory space
without having the effect on its execution and also allows sharing of process to access the portion
Computer Security 25
of main memory without compromising the protection.
(ii) The updated privilege level of Intel has aim of providing authenticity to operating system and
creates a secure network. The data is partitions into many portions; the important data is kept in
protected partition which cannot be modified from any the processor. It has 4 levels, the zeroth
level is assigned to operating system and the rest levels are used by users. The privileges of each
level are bounded to its own level.
(c)
(i) Memory management is used as it dynamically allocates the memory portions whenever the
programs need it. Also when the memory is not needed by the program it frees it automatically
making it available for other programs.
(ii) Allocation of memory occurs by partition pool method in which dynamically memory
blocks are allocated to the program whenever program needs extra memory. Similarly, like
garbage collector is used to free the memory space, memory management automatically
reallocated the block of memory space which is not in use.
References
Borders, K. R. (2015). U.S. Patent No. 9,055,093. Washington, DC: U.S. Patent and
Trademark Office.
Choi, C., Choi, J., & Kim, P. (2014). Ontology-based access control model for security policy
reasoning in cloud computing. The Journal of Supercomputing, 67(3), 711-722.
of main memory without compromising the protection.
(ii) The updated privilege level of Intel has aim of providing authenticity to operating system and
creates a secure network. The data is partitions into many portions; the important data is kept in
protected partition which cannot be modified from any the processor. It has 4 levels, the zeroth
level is assigned to operating system and the rest levels are used by users. The privileges of each
level are bounded to its own level.
(c)
(i) Memory management is used as it dynamically allocates the memory portions whenever the
programs need it. Also when the memory is not needed by the program it frees it automatically
making it available for other programs.
(ii) Allocation of memory occurs by partition pool method in which dynamically memory
blocks are allocated to the program whenever program needs extra memory. Similarly, like
garbage collector is used to free the memory space, memory management automatically
reallocated the block of memory space which is not in use.
References
Borders, K. R. (2015). U.S. Patent No. 9,055,093. Washington, DC: U.S. Patent and
Trademark Office.
Choi, C., Choi, J., & Kim, P. (2014). Ontology-based access control model for security policy
reasoning in cloud computing. The Journal of Supercomputing, 67(3), 711-722.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Computer Security 26
Du, W. (2011). SEED: hands-on lab exercises for computer security education. IEEE Security
& Privacy, 9(5), 70-73.
Gollmann, D., & Snekkenes, E. (Eds.). (2017). Computer Security–ESORICS 2017: 22nd
European Symposium on Research in Computer Security, Oslo, Norway,
September 11-15, 2017, Proceedings (Vol. 10492). Springer.
Du, W. (2011). SEED: hands-on lab exercises for computer security education. IEEE Security
& Privacy, 9(5), 70-73.
Gollmann, D., & Snekkenes, E. (Eds.). (2017). Computer Security–ESORICS 2017: 22nd
European Symposium on Research in Computer Security, Oslo, Norway,
September 11-15, 2017, Proceedings (Vol. 10492). Springer.
Computer Security 27
1 out of 27
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.