3. Security Engineering Flashcards
Define TCB
Trusted computer base
Define Security perimeter
Delineates the trusted and untreated components of a computer system
Define reference monitor
An abstract machine concept that mediates all access between subjects and objects
What are the two execution types?
Cooperative multitasking- does not allow for individual or isolation process.
Pre-emptive multitasking - allowed for true isolation of resources. Each task runs on its own space and processor time.
What are the two CPU modes?
User state - (Problem Mode) - processor operates in reduced access to resources.
Privileged (kernel mode) - processor operates in ring 0, which has the highest level of trust.
What are the three security models?
- Bell-LaPadula
- BIBA
- Clark-Wilson
Basics of Bell-LaPadula
- Subject cannot read data from a security level higher then its own.
- Subject cannot write down to a security level lower then its own.
No read up, no write down.
Basics of BIBA
- Designed to protect integrity of knowledge base.
- Subject cannot read data from object of lower level.
- Subject cannot write to an object with a higher level.
- A subject cannot call upon a subject at a higher level.
Basics of Clark-Wilson
- Separation of duties
- Enforces well-formed transitions by using the access triple: User>transformation procedure>Constained Data Item
- Stops unauthorized users from making changes
- Stops authorized users from making improper changes
- Maintain internal and external consistency.
Define Discretionary Access Control
Security of object is at owners control.
Access granted through ACL
Identity based.
Define Mandatory Access Control
OS makes decision based on a security label system.
Data owners CANNOT grant access
Subjects label must dominate the objects level.
User and data given clearance level.
What are the four common architectures?
- Distributed computing
- Service Oriented Architecture
- Internet rich apps
- Ubiquitous computing - wireless networking
What are the services provided by cryptography
PAIN
Privacy: prevents unauthorized disclosure
Authenticity: verifies the claimed identity
Integrity: detects modification or corruption
Non-Repudiation: combines authorization and integrity. User cannot dispute having sent a message.
What are some examples of symmetric cryptography?
Stream, RC-4, Block, AES/3DES
What are other names for symmetric cryptography?
Private, shared key, secret.
What is the default standard for cryptography block ciphers?
AES
Describe asymmetric cryptography.
Public key - private key pairs.
What are the asymmetric algorithms?
RSA and DSA
ECC and El Gamal
Dickie Hellman and knapsack.
If not one of these then it is likely symmetric algorithm.
How man bits is the MD5 hashing algorithm?
128bit
How many bits is the SHA-1 algorithm?
160bit
How many bits is the SHA-256 algorithm?
256bit
What is a collision?
Two different documents make the same hash.
What is a birthday attack?
Trying to force a hashing collision.
What is an HMAC?
Hashed Message Authentication Code
Message+Symmetric Number+hashing algorithm
Gives integrity and reasonable authenticity. But does not provide true authenticity.
What is OCSP?
Online Certificate Status Protocol.
This streamlines the process of verifying whether or not a certificate has been revoked.
What are the two frameworks of IPSec?
Tunnel mode: whole packet is encapsulated.
Transport mode: only the payload is encapsulated.
What is ESP?
Encapsulating security payload.
Provides authenticity and integrity through a MAC.
For ANY indication that confidentiality is needed, you must use which exchange?
ESP
Define AH.
Authentication Header.
Provides integrity, authenticity, and non-repudiation through the use of an ICV (Integrity Check Value).
List the types of attacks on cryptography.
- Cipher text only - attacker only has cipher text and must brute force it.
- Known plain text - attacker has the cipher text, but knows what some of it is in plain text.
- Chosen plaintext - attacker can see the full text encrypted and decrypted.
- Chosen ciphertext - attacker can see whatever they want in plain or cypher. Sometimes called a midnight attack.
- Meet in the middle - attacker tries to learn what each key does individually (used in 3DES attacks)
