Chapter 1 Flashcards
What is Cryptography?
To encode a message
What four main areas can Cryptographic algorithms and protocols be classified?
Symmetric encryption, asymetric encryption, data integrity algorithms, and authentication protcols
What is symmetric encryption
used to conceal the contents of blocks or streams of data of any size
What is asymmetric encryption
used to conceal small blocks of data
What is the data integrity algorithm
Used to protect blocks of data
What is a authentication protocol
designed to authenticate the identity of entities
What is computer Security?
protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources
What are the two concepts related to confidentiality?
Data confidentiality and privacy
What are the two concepts related to integrity?
Data and system integrity
What is a CIA triad?
Integrity, Availability, Confidentiality, Authenticity, and Accountability
What are the challenges of computer security?
1) requirements 2) security mechanism or algorithm 3) procedures 4) where to use security mechanism 5) security mechanisms involve more than a particular algorithm or protocol 6) Computer and network security 7) users and system managers perceive security as negative 8) Requires regular or constant monitoring 9) Security is implemented after the design of the system is completed 10) Security admins/users view strong security as a impediment
OSI security architecture is what?
Focuses on security attacks, mechanisms, and services Is a recommendation by the X.800
What is the difference between a passive and active attack?
Passive-eavesdropping on, or monitoring of transmissions Active-Some modification of the data stream or the creation of a false stream
What are the four active attack categories?
masquerade, replay, modification of messages, and denial of service
What is a masquerade?
pretending to be a different entity
What does replay means in relation to the active attack category?
passive capture of data unit retransmission to produce an unauthorized effect
What are two specific authentication services?
peer entity authentication- provides for the corroboration of the identity of a peer entity in an association Data origin authentication-provides for the corroboration of the source of a data unit
What is access control?
the ability to limit and control the access to host systems and applications via communications links
What is data confidentiality?
protection of transmitted data from passive attacks
What is a connection-oriented integrity service?
assures that messages are received as sent with no duplication, insertion, modification, reordering, or replays
What is nonrepudiation?
prevents either sender or receiver from denying a transmitted message
What are the fundamental security design principles?
Economy of mechanism Fail-safe defaults Complete mediation Open design Separation of privilege Least privilege Least common mechanism Psychological acceptability Isolation Encapsulation Modularity Layering Least astonishment
What is economy of mechanism?
design of security measures embodied in both hardware and software should be as simple and small as possible
What is fail-safe default?
access decisions should be based on permission
