Computer Security: CIA Triad, Design Principles, and IP Traceback

Verified

Added on 2025/04/24

AI Summary

Desklib provides past papers and solved assignments for students. This report covers computer security, CIA triad, and IP traceback.

Task 1
Confidential Integrity and Availability or also known as CIA, it forms on the basis of guides,
policies, and regulations of information security in any organization. Three are the most
important and essential factor of computer security.
Figure 1 Structure of CIA (Extra.tees.ac.uk, 2019)
CONFIDENTIALITY
Confidentiality could be related to privacy. Restricting someone to access some authorized
data can be a simple definition of confidentiality. Sensitive data can be prevented by
restricting the users or a wrong person which can misuse the data is confidentiality. For
maintaining confidentiality encryption techniques are used which will make hard for an
attacker to decrypt the message without any encryption key. VPN tunnel can be used to
protect data from the attacker. VPN means that Virtual Private Network and it helps the data
to move data safely over the network.
INTEGRITY
The next part is about the integrity of data. Integrity will make sure that data should not be
modified by any person. Data integrity will be failed when there will be a corruption of data.
Hash functions can be used to check whether that data is been modified or not. There are two
common types of hash functions: SHA (Secure Hash Algorithm) and MD5(Message Direct
5). MD5 is a 128-bit hash whereas SHA is 160-bit hash.
AVAILABILITY
Data can be accessed by a person who have the authorisation to access the data. In case of
confidentiality and Integrity attackers were got failed and tried to attack availability and
attack the systems using DOS i.e Denial of Service attack to make server down and to make
website inaccessible from the authorized user.
For Example, If a corporate office has three main servers installed in their office and then the
attacker could access the primary server of the corporative. After accessing the primary
server accessing secondary servers will not be a problem for the attacker.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Task 2
Five general design principles of computer security are:
FOCUS OF CONTROL
It means that which systems should be on a more focus. If the focus of control will be on the
right system then it will help to prevent the unauthorized access from an unknown person or
attacker. The focus should be on data which should be confidential or the operations which
are performed in an organization like a credit card, debit card etc. or it should be focused on
users which should be authorized access user only.
THE MAN-MACHINE SCALE
It will decide which layer should be provided with security features. It could be followed or
placed in any of the below-mentioned layers:
 Applications
 Services
 Hardware
 OS
 OS kernel
Security mechanisms are placed in less complexity security layer.
COMPLEXITY VS ASSURANCE
If the system design is very much complex for preventing unauthorised access, it may
increase the cost of the system. For balancing the cost and complexity, general mechanism is
used which are simple compared to previous systems and are less costly. To provide better
security cost of the system will be high.
CENTRALISED OR DECENTRALISED
Centralized means that the center of the system will be on a central node which is somewhere
in the server. Decentralized means that the server wouldn’t have any central node but it is
distributed or decentralized into many parts in the server. Nowadays computer network has
distributed architecture. In centralized control, there might be a performance issue because of
a central node like CPU in the Operating System. To provide better performance distributed
network is being used.
BLOCKING ACCESS TO THE LAYER BELOW
For preventing the flow of sensitive data from the layer, the layer is being blocked so that
data wouldn’t flow from one layer to another layer. Blocking of data would not be done in a
layer just below it may make the system less secured.

TASK 3
S-BOX Table:
00 01 10 11
00 0011 0100 1111 0001
01 1010 0110 0101 1011
10 1110 1101 0100 0010
11 0111 0000 1001 1100
0 1 2 3
0 3 8 15 1
1 10 6 5 11
2 14 13 4 2
3 7 0 9 12
Steps to find a substitute of decimal numbers 12,7 and 2.
 Decimal numbers will be converted into binary numbers first.
 First and last bit of the binary number is being taken.
 Row number will be represented by first and last number.
 Column number will be represented by another part of the binary number.
 After that searching will be done in S-Box by the column number and the row
number, which ever matches that will be replaced as a substituted binary.
 Now Substituted Binary number will be converted into a decimal number.

12 7 2
Binary number = 1100
First and last bit = 10
Number of Row = 10
Number of Column = 10
Binary Substituted number=
0100
Decimal substituted
number= 4
Binary number = 0111
First and last bit = 01
Number of Row = 01
Number of Column = 11
Binary Substituted
number= 1011
Decimal Substituted
number= 11
Binary of 2 = 0010
First and last bit = 00
Number of Row = 00
Number of Column = 01
Binary Substituted number=
0100
Decimal Substituted
number= 8

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

TASK 4
The values which has been asked are mentioned below:
W[4] = a0fafe17
W[5] = 88542cb1
W[6] = 23a33939
W[7] = 2a6c7605
List of operations which have been performed in subkey generation algorithm:
 RotWord() – circular shift on left which is of 1 Byte on word.
 AddRoundKey() – Adding of a round key
 SubWord() – Substituting input string from S-box
 SubWord(RotWord(temp)) – XORed a word with round constant i.e Rcon[j]

TASK 5
The topic which is being chosen for the project title is “ Passive IP Traceback Disclosing
the Locations of IP Spoofers From Path Backscatter”.
REFERENCES
 Yao, G., Bi, J., & Vasilakos, A. V. (2015). Passive IP traceback: Disclosing the locations of
IP spoofers from path backscatter. IEEE Transactions on Information Forensics and Security,
10(3), 471-484.
In this journal how to achieve passive IP traceback is being described including its history
and what efforts have been made previously. Why we should use passive IP Traceback is
being explained in this research journal.
 KUMAR, K. S., Tiwari, A., & Singh, A. (2016). Passive IP Traceback: Disclosing the
Locations of IP Spoofers from Path Backscatter.
In this research paper how to disclose the locations of IP spoofers is being described and why
it is important to disclose the IP spoofer. Loss which can be done and problems due to IP
spoofing is being explained and explaination what should be done in this field is being
explained.