Security in Computing: Electronic Espionage, Access Control, Encryption, Viruses, Web Security, and Network
VerifiedAdded on 2022/10/10
|8
|1514
|266
AI Summary
This document covers various topics related to security in computing such as electronic espionage, access control, encryption, viruses, web security, and network. It also includes countermeasures for identification and authentication attacks and a bibliography.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Security in Computing 1
Security in Computing
By (Name)
The Name of the Class (Course)
Professor (Tutor)
The Name of the School (University)
The City and State where it is located
The Date
Security in Computing
By (Name)
The Name of the Class (Course)
Professor (Tutor)
The Name of the School (University)
The City and State where it is located
The Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security in Computing 2
Security in Computing
Chapter 1
1.1) Electronic Espionage Effects
a. High and stiff competition.
b. Damaged reputation
c. Loss of trade-secrets, trademarks and copyrights.
1.2) Security breach example
The 2019 attack on Microsoft’s Microsoft Office 365.
https://www.techworld.com/security/uks-most-infamous-data-breaches-3604586/
Chapter 2
1.1) An access control directory provides a means in whch objects (users and files alike) are
use-protected. Objects and files are protected by associating each user with a list of files
an objects they can access (read) and edit (write) (Hu, et al., 2006). In operating systems,
this creates a directory in which each file is associated with an owner who has full control
and can give these rights to other user(s). A user control matrix refers basically to a
control matrix derived from access control directory depicting what rights different users
have over different objects. It is represented in form in form of triples and are mostly
sparse since not ll subjects have control rights to most files/objects.
1.2) Biometrics-based authentication technologies are relatively new and have not yet diffused
into the markets well. Many people find their applications intrusive. Cultures might be
abused in such cases as fingerprinting, face and geometry recognition.
Security in Computing
Chapter 1
1.1) Electronic Espionage Effects
a. High and stiff competition.
b. Damaged reputation
c. Loss of trade-secrets, trademarks and copyrights.
1.2) Security breach example
The 2019 attack on Microsoft’s Microsoft Office 365.
https://www.techworld.com/security/uks-most-infamous-data-breaches-3604586/
Chapter 2
1.1) An access control directory provides a means in whch objects (users and files alike) are
use-protected. Objects and files are protected by associating each user with a list of files
an objects they can access (read) and edit (write) (Hu, et al., 2006). In operating systems,
this creates a directory in which each file is associated with an owner who has full control
and can give these rights to other user(s). A user control matrix refers basically to a
control matrix derived from access control directory depicting what rights different users
have over different objects. It is represented in form in form of triples and are mostly
sparse since not ll subjects have control rights to most files/objects.
1.2) Biometrics-based authentication technologies are relatively new and have not yet diffused
into the markets well. Many people find their applications intrusive. Cultures might be
abused in such cases as fingerprinting, face and geometry recognition.
Security in Computing 3
The systems can become a single point of failure in an organization (Jain, et al., 2004).
While forgetting passwords can be attributed to human error or fault, losing biometrics,
which could be disastrous, is not.
Since the readers use sampling to establish threshold for user acceptance, variation in
angles from which the biometrics are taken reduces the readers’ accuracy. The devices
samples the biometrics, measures hundreds of key points before comparing them against
some given sets of measurement to draw a perfect or close match. False negatives and
positives still occur with the devices thus posing security threats.
1.3) Encryption
a) One-way hash function
Refers to an encryption algorithm that convert strings of varied length into fixed-length
bits sequence. Encryption keys generated this way are hard to reverse unlike the case of
message digest. The functions are useful in the creation of ‘change detection algorithm’
that is dependant of sealed bits.
b) Cryptographic checksum.
This refers to a function that is used generate checksum. As a digest funtion, it uses a
cryptographic key that is assumed to only be known to data’s sender and recipient.
This prevents attackers from modifying error detection mechanisms and the bits as
well. The checksum shrinks and transforms data in accordance to the value of data
bits.
c) Public key cryptography
The systems can become a single point of failure in an organization (Jain, et al., 2004).
While forgetting passwords can be attributed to human error or fault, losing biometrics,
which could be disastrous, is not.
Since the readers use sampling to establish threshold for user acceptance, variation in
angles from which the biometrics are taken reduces the readers’ accuracy. The devices
samples the biometrics, measures hundreds of key points before comparing them against
some given sets of measurement to draw a perfect or close match. False negatives and
positives still occur with the devices thus posing security threats.
1.3) Encryption
a) One-way hash function
Refers to an encryption algorithm that convert strings of varied length into fixed-length
bits sequence. Encryption keys generated this way are hard to reverse unlike the case of
message digest. The functions are useful in the creation of ‘change detection algorithm’
that is dependant of sealed bits.
b) Cryptographic checksum.
This refers to a function that is used generate checksum. As a digest funtion, it uses a
cryptographic key that is assumed to only be known to data’s sender and recipient.
This prevents attackers from modifying error detection mechanisms and the bits as
well. The checksum shrinks and transforms data in accordance to the value of data
bits.
c) Public key cryptography
Security in Computing 4
This is a type of encryption technique in which each of the two communicating
parties have two keys that are publicly shared. Public key cryptography is based on
key divulgence while keeping decryption key secret. The two keys are generated
using mathematically related pairs.
d) RSA algorithm
This encryption algorithm was developed by Rivest, Shamir and Adleman as an
alternative to the then widely used National Bureau of Standards algorithm. It is used
to implement both public key and digital signatures. (Milanov, 209) Encryption keys
are kept public while decryption ons remain secret.
e) Triple DES
An encryption algorithm that is a variation of Data encryption Standard and that
which uses block cipher algorithms are applied thrice to all data blocks encryption
key size increases thus ensuring additional security through improved encryption
capabilities.
Chapter 3
3.1) Buffer overflow diagram
Buffer overflow error refers to an abnormal program that is characterised by overrunning
of buffer’s boundary while writing data. Such operations overwrite adjacent memory locations
and are often triggered by wrong inputs especially where input data is bigger than actual
available storage space. Possible results include data corruption, unexpected transfer of
system/data control, violation of memory access protocols and program termination while an
arbitrary code is executed by an attacker.
This is a type of encryption technique in which each of the two communicating
parties have two keys that are publicly shared. Public key cryptography is based on
key divulgence while keeping decryption key secret. The two keys are generated
using mathematically related pairs.
d) RSA algorithm
This encryption algorithm was developed by Rivest, Shamir and Adleman as an
alternative to the then widely used National Bureau of Standards algorithm. It is used
to implement both public key and digital signatures. (Milanov, 209) Encryption keys
are kept public while decryption ons remain secret.
e) Triple DES
An encryption algorithm that is a variation of Data encryption Standard and that
which uses block cipher algorithms are applied thrice to all data blocks encryption
key size increases thus ensuring additional security through improved encryption
capabilities.
Chapter 3
3.1) Buffer overflow diagram
Buffer overflow error refers to an abnormal program that is characterised by overrunning
of buffer’s boundary while writing data. Such operations overwrite adjacent memory locations
and are often triggered by wrong inputs especially where input data is bigger than actual
available storage space. Possible results include data corruption, unexpected transfer of
system/data control, violation of memory access protocols and program termination while an
arbitrary code is executed by an attacker.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Security in Computing 5
3.2) Buffer overflow countermeasures
1. Writing secure codes- overflow errors do occur when a buffer is stuffed with more
code than it can hold. While some methods do not check memory size bounds, the
best way to avoid these errors would be to not allow them to happen at all. System
developers can effectively avoid these errors by not using functions that are
vulnerable.
2. Invalidation of stack execution- invalidating stack execution processes would be
efficient since most malicious codes reside in stack. Segment violation would then
occur anytime an instruction tries executing from the stack.
3. Compile tools- use compiler tools that offer warnings in case of situations that could
lead to buffer overflow errors. Such compilers also check programs for the presence
of vulnerable functions such as get () and strcpy () among others.
4. Dynamic run-time checks- the method uses safety code being preloaded and prevent
erroneous uploads that might lead to attacks.
3.2) Buffer overflow countermeasures
1. Writing secure codes- overflow errors do occur when a buffer is stuffed with more
code than it can hold. While some methods do not check memory size bounds, the
best way to avoid these errors would be to not allow them to happen at all. System
developers can effectively avoid these errors by not using functions that are
vulnerable.
2. Invalidation of stack execution- invalidating stack execution processes would be
efficient since most malicious codes reside in stack. Segment violation would then
occur anytime an instruction tries executing from the stack.
3. Compile tools- use compiler tools that offer warnings in case of situations that could
lead to buffer overflow errors. Such compilers also check programs for the presence
of vulnerable functions such as get () and strcpy () among others.
4. Dynamic run-time checks- the method uses safety code being preloaded and prevent
erroneous uploads that might lead to attacks.
Security in Computing 6
3.3) Viruses
Viruses refers to programs (either transient or resident) that modify other programs by way of
passing malicious code to them. Transient virus has a life that depends on its host’s life. It runs
when host program executes and terminates with the termination of the host program too. A
resident virus on the other hand refers to a type of virus whose life does not depend on its host’s.
Such programs remain active and are evn activated by standalone programs.
Viruses spread through infected software downloads, visits to unknown links, through e-mail
attachments, running on outdated operating systems, and by sharing infected external media.
Chapter 4: Web security
1) Man-in-the-browser attack takes place just the same way as a man-in-the-middle attack,
with the main difference being that the former uses Trojan horse to intercept and
manipulate communication between a browser and its security libraries. A malicious code
is inserted into a browser to infect it and create a path for attackers to intercept and reuse
obtained credentials.
2) Page-in-the-middle refers to a type of attack that redirects legitimate web users to other
pages. The attack waits until users have visited certain pages before presenting to them
some fictitious webpage links. From this webpage, attackers easily gain credentials and
information that can be used to cause more havoc.
3) Countermeasures for identification and authentication attacks
Identification and authentication attacks can be minimized by use of strong password
policy. Strong passwords should not have easily guessable characters but should instead
be a combination of uppercase, lowercase, symbols, numbers and special characters.
3.3) Viruses
Viruses refers to programs (either transient or resident) that modify other programs by way of
passing malicious code to them. Transient virus has a life that depends on its host’s life. It runs
when host program executes and terminates with the termination of the host program too. A
resident virus on the other hand refers to a type of virus whose life does not depend on its host’s.
Such programs remain active and are evn activated by standalone programs.
Viruses spread through infected software downloads, visits to unknown links, through e-mail
attachments, running on outdated operating systems, and by sharing infected external media.
Chapter 4: Web security
1) Man-in-the-browser attack takes place just the same way as a man-in-the-middle attack,
with the main difference being that the former uses Trojan horse to intercept and
manipulate communication between a browser and its security libraries. A malicious code
is inserted into a browser to infect it and create a path for attackers to intercept and reuse
obtained credentials.
2) Page-in-the-middle refers to a type of attack that redirects legitimate web users to other
pages. The attack waits until users have visited certain pages before presenting to them
some fictitious webpage links. From this webpage, attackers easily gain credentials and
information that can be used to cause more havoc.
3) Countermeasures for identification and authentication attacks
Identification and authentication attacks can be minimized by use of strong password
policy. Strong passwords should not have easily guessable characters but should instead
be a combination of uppercase, lowercase, symbols, numbers and special characters.
Security in Computing 7
These passwords should be changed regularly and same passwords should not be used in
different platforms. A network system should be used to monitor all sniffing and
password theft attempts.
Another way to use multi-factor authentication mechanisms. These methods rely on more
than one method of authentication using indipendent and different credentials as a way of
identifying and authenticating users before logging in or before initiating any
transactions.
4) PGP
PGP encrypted emails use public keys shared among two communicating parties. An
attacker can only perform an EFAIL attack if only the participants themselves are
vulnerable. A digital certificate containing users’ keys and certificates are obtained
through certification authority and stored in browsers’ cache. A private key only known
to the recipient is used to decode publicly encrypted messages thus ensuring that
encrypted and secured emails are exchanged between the two parties and that no intercept
can take place.
Chapter 6: Network
Ping of death- this refers a simple attack in which an attacker sends a flood of ping
messages to a target victim/host. The attack only succeeds where the attacker’s bandwidth is
bigger than that of the victim.
Smurf- this is a variation of the ping attack and uses packets that has two extra twists;
choosing a network to attack, spoofing source addresses in the ping packet to make it appear as if
it is originating from the victim; and sending broadcast requests to network hosts.
These passwords should be changed regularly and same passwords should not be used in
different platforms. A network system should be used to monitor all sniffing and
password theft attempts.
Another way to use multi-factor authentication mechanisms. These methods rely on more
than one method of authentication using indipendent and different credentials as a way of
identifying and authenticating users before logging in or before initiating any
transactions.
4) PGP
PGP encrypted emails use public keys shared among two communicating parties. An
attacker can only perform an EFAIL attack if only the participants themselves are
vulnerable. A digital certificate containing users’ keys and certificates are obtained
through certification authority and stored in browsers’ cache. A private key only known
to the recipient is used to decode publicly encrypted messages thus ensuring that
encrypted and secured emails are exchanged between the two parties and that no intercept
can take place.
Chapter 6: Network
Ping of death- this refers a simple attack in which an attacker sends a flood of ping
messages to a target victim/host. The attack only succeeds where the attacker’s bandwidth is
bigger than that of the victim.
Smurf- this is a variation of the ping attack and uses packets that has two extra twists;
choosing a network to attack, spoofing source addresses in the ping packet to make it appear as if
it is originating from the victim; and sending broadcast requests to network hosts.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security in Computing 8
Bibliography
Hu, V. C., David, F. & Richard, D. K., 2006. Assessment of access control systems. s.l.:US
Department of Commerce, National Institute of Standards and Technology.
Jain, A. K. et al., 2004. Biometrics: a grand challenge. s.l., IEEE, pp. 935-942.
Milanov, E., 209. The RSA algorithm. In: RSA Laboratories. s.l.:s.n., pp. 1-11.
Bibliography
Hu, V. C., David, F. & Richard, D. K., 2006. Assessment of access control systems. s.l.:US
Department of Commerce, National Institute of Standards and Technology.
Jain, A. K. et al., 2004. Biometrics: a grand challenge. s.l., IEEE, pp. 935-942.
Milanov, E., 209. The RSA algorithm. In: RSA Laboratories. s.l.:s.n., pp. 1-11.
1 out of 8
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.