Domain 3: Security Engineering Flashcards

1
Q

Asymetric Encryption

A

2 keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Graham-Denning Security Model

A
Defines rights based on the commands that the subjects can execute
R1:  Transfer access
R2: Grant access
R3: Delete access
R4: Read objects
R5: Create objects
R6: Delete objects
R7: Create subjects
R8: Delete subjects
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Brewer-Nash Security Model

A

Designed to avoid conflicts of interests

AKA: Chinese wall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Clark-Wilson

A
  • Well formed transactions
  • authorization access modifications made in organized manner
  • Real-world technology model
  • Separation of duties ensures that authorized users do not change data in inappropriate way
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Biba Security Model

A

Integrity of objects

  • Simple Integrity Axiom
    • no read down
    • Integrity Axiom
      • no write up
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Lattice-based Access Control

A

Upper and Lower Limits

  • Every relationship between subjects and objects has upper and lower limits.
  • Multilevel and multilateral
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Bell-LaPadula Security Model

A

Confidentiality of objects

  • Designed for Dept of Defense
  • Simple Security Property
    • No read up
    • Security Property
    • No write down
  • Strong Tranquility Property - security labels will not change while system on operating.
  • Weak Tranquility Property - security labels will not change in a way that conflicts with defined security properties.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ITSEC

Information Technology Security Evaluation Criteria

A
  • Used extensively in Europe
  • Assurance correctness rating E0 (inadequate) - E6 (formal model of security policy)
  • References the orange book but added
    F- Functionality
    Q- Effectiveness
    E- Correctness
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TCSEC

Trusted Computer System Evaluation Criteria

A
  • Orange Book
  • Developed on 1983
    (KNOW THE LEVELS)
    D- minimal protections
    C- Discretionary protection
    B- Mandatory protection
  • B1 labeled
  • B2 structured
  • B3 Security Domains
    A- Verified Protection
    -A1- Verified Domains
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Rule-based Access Control

RBA

A
  • Firewall
  • Based on a set of rules
  • Stored in Access Control List
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Role-based Access Control

A
  • Non-discretionary access control

- Assigns permissions to roles in the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Mandatory Access Control

MAC

A
  • Access control where OS constrains the ability of the subject to access or perform on a object
  • Rules enforced on OS kernel
  • Security policy administrator controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Trusted Computer System Evaluation Criteria

A
  • Discretionary access control (DAC)
  • Restricts access to objects based on the identity of the subjects and the groups they belong to
  • Subjects with certain permissions are capable of passing that permission
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

4 Modes of Systems/ Access Control

A
  1. Dedicated - one classification for all objects - subject must have clearance equal or greater than the system label
  2. Systems High - mixed labels - subject must have clearance equal or greater than the highest object label
  3. Compartmented -objects placed in compartments. Subjects must have a formal need to know.
    >All subjects must have- NDA for ALL. Clearance for ALL information on the system.
  4. Multi-level- objects of varying levels. Subjects with varying clearances can access the system, Reference monitor mediates access. NDA. Clearance for SOME information on the system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Common Criteria

A
  • Internationally agreed upon standard for describing
    and the the security of IT products.
    -primary objects is to eliminate known vulnerabilities of the target for testing.

Terms:
>Target of Evaluation (ToE): system or product being tested
>Security Target (ST): documentation describing the TOE
>Protections Profile (PP): independent set of security requirements and objectives for a specific category of products or systems
>Evaluation Assurance Level (EAL): evaluation score of the tested…
- Latest version July 2009

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Common Criteria 7 levels of Evaluations (EAL)

A

EAL1: Functionally tested
EAL2: Structurally tested
EAL3: Methodically tested and checked
EAL4: Methodically designed, tested, and reviewed
EAL5: Semi-formally designed and tested
EAL6: Semi-formally verified, designed, and tested
EAL7: Formally verified, designed, and tested

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Layering

A
  • Separates HW and SW functions into Modular tiers.
  • Actions that take place at one layer to not directly affect components of another
  • Generic list of security architecture layers
    .Kernel - 0
    .OS - 1
    .Hardware - 2
    .Applications - 3
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Abstractions

A

Unnecessary details are hidden from the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Ring Model

A
  • CPU HW layering to separate and protect domains (user mode from kernel mode)
  • Ring 0: Kernel
  • Ring 1: OS components outside of Ring 0
  • Ring 2: Device drivers
  • Ring 3: User applications
  • Processes communicate between ring via system call.
  • Rings allow abstraction.
  • Allows layering
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Computer Bus

A
  • Primary communications channel on a computer.

- Communications between CPU, memory, and input/output devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Northbridge

Southbridge

A
  • Northbridge = memory controller hub
    . connects cpu to ram and video memory
    . directly connected to CPU

Southbridge = I/O controller hub
. connects I/O devices
. Keyboards, mice, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Thread

A
  • CPU action where one process has spawned another process

- Threads can share memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Trusted Platform Module

A
  • International standard
  • Hardware-based encryption (fast)
  • Platform integrity and disk encryption (primary uses)
  • Boot integrity
  • DoD requires TPM 1.2 or higher
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Kernel

A
  • Interface between OS and HW
  • Reference monitor is its core function: mediates all access between subjects and objects.
    -Two primary types
    . Monolithic kernel: compiles int one static executable.
    . Microkernel: modular, can add functionality
    -Reference monitor is core
    .
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Cloud computing
- Leverages economies of scale . IaaS - customer configures OS and all else . PaaS - pre-configured OS, customer does all else . SaaS - everything is configured, customer uses. (Webmail) - Cloud Security Issues . Need strict SLA . Limited visibility . Shared infrastructure and shared target . Right to audit, right to assess (vulnerabilities), right to test (pentest) . Physical boundaries (geographical)
26
Emanations
- Energy the escapes and electronic signal - Potential side-channel attack - TEMPEST: NSA spec and NATO cert referring to spying through leaking emanations.
27
Rootkit
- Replaces part of the kernel or OS | - User-mode (ring 3, called userland) and kernel mode (ring 0)
28
Database Security
- Polyinstantiation: two different objects with the same name - Inference: requires deductions using clues - Aggregation: mathematical process that asks every question, no deduction. - Data Mining: searching through DB looking for patterns
29
Cryptography - Key Terms
- Cryptology: the science of secure communications - Cryptography: creates messages with hidden meanings - Cryptoanalysis: the science of breaking hidden messages (recovering their meanings) - Cryptology: encompasses cryptography and cryptoanalysis - Cipher: cryptographic algorithm - Plaintext: an unencrypted message - Cyphertext: an encrypted message - Encryption: converts plaintext to cyphertext - Decryption: turning cyphertext back into plaintext.
30
Confusion, Diffusion, Substitution, Permutation
- Confusion: means the relationship between the plaintext and cyphertext should be as confused or random as possible - Diffusion: the order of the plaintext should be diffused (dispersed) in the cyphertext - Substitution: replace one character with another to provide diffusion - Permutation:provided confusion by rearranging the characters of the plaintext; anagram style
31
Cryptographic Strength
- Work factor: how long it takes to break a cryptosysten (decrypt a cyphertext without a key) - Kerchoffs' principle - secrecy of the cryptographic algorithm does not provide strength
32
Monoalphabetic and Polyalphabetic Ciphers
Monalphabetic cyphers: uses one alphabet, a specific letter " like E" is substituted for another (like X). - Suseptible to frequency analysis Polyalphabetic cipher: uses multiple alphabets: E may be substituted for X one round and S the next round.
33
Rotation Cipher
- Julius Caesar - Rotated each letter of the plaintext forward three times. (Rot-3) A became D - Rot-13 frequently used
34
Codebooks
- assign a codeword for important people, locations and terms - One-Time Pad . Uses identical paired pads of random characters . One page used to encrypt (sender) and decrypt (receiver) . Pages never reused . Only encryption method that is mathematically proved to be secure if the following conditions are met: 1. character are truly random 2. pads are kept secure 3. No page is ever reused.
35
Wassenaar Agreement
- 1996 | - many countries relaxed restrictions on exporting cryptography
36
Data Encryption Standard (DES) Symmetric Encryption
- Describes the Data Encryption Algorithm (DEA) - 1976 was made the US federal standard symmetric cipher - 64-bit block size (64 bits each round and a 56-bit key)
37
DES | 5 modes
- Modes primary difference is block versus (emulated stream, use of initialization vectors and whether errors in encryption propagate to subsequent blocks. - 5 modes . Electronic code book (ECB) - Weakest . Cipher block chaining (CBC) . Cipher feedback (CFB) . Output feedback (OFB) . Counter mode (CTR) Notice the words "chaining" and "feedback" - Chaining = block mode - Feedback = stream mode
38
Electronic Code Book (ECB) Data Encryption Standard (DES) -Symmetric Encryption
- Simplest and weakest form of DES | - Identical plaintext and identical keys encrypt to identical cyphertext
39
Cipher Block Chaining (CBC) Data Encryption Standard (DES) -Symmetric Encryption
- First encrypted block is the initialization vector (IV) - Chaining destroys patterns. - One limitation is CBC encryption error will propagate. . an error in one block will cascade through subsequent block due to chaining, thus destroying their integrity
40
Cipher Feedback (CFB) Data Encryption Standard (DES) -Symmetric Encryption
- Feedback = stream | - Errors propagate
41
Output Feedback (OFB) Data Encryption Standard (DES) -Symmetric Encryption
- Stream - Uses previous ciphertext for feedback - Error WILL NOT propagate
42
Counter (CTR) Data Encryption Standard (DES) -Symmetric Encryption
- Uses a counter | - Errors WILL NOT propagate
43
Mode Comparison Chart
Memorize
44
Triple DES
- applies singe DES 3 times per block - 168 bits of key length - 1999 became a recommended standard - primary weakness is slow and complex
45
International Data Encryption Algorithm (IDEA)
- International replacement to DES | - Uses 128-bit key and 64-bit block size
46
Advanced Encryption Standard (AES) Symmetric Encryption
- Current US standard for symmetric block - Rijndael algorithm chosen in 1999 - 128 bit block size -Uses . 128 bit (10 rounds) . 192-bits (12 rounds) . 256-bits (14 rounds)
47
Symmetric Encryption AES Four functions
- SubBytes: confusion by substituting bytes - ShiftRows: diffusion by shifting rows - MixColumns: diffusion by mixing columns - AddRoundKeys: final function applied to each round, subket different for each round
48
Symmetric Encryption Blowfish Twofish
- Block ciphers by Bruce Schneier - Blowfish: 32 - 488 bits. default is 128. Keys encrypt 64 bits of data - Twofish: 128-bit blocks, using 128-256 bit keys
49
Symmetric Encryption RC5 and RC6
RC5 - symmetric block cipher by RSA laboratories - uses 32-bit blocks Key sizes 0 - 2040 bits RC6 - based on RC5 but altered to meed AES requirements - 128-bit blocks encrypted, using keys of 128, 192 or 256 bits
50
Asymmetric Encryption
-Solved the challenge of pre-shared key -1976 Diffie-Hillman key exchange -2 keys, if you encrypt with one you may decrypt with the other -called public-key -Math lies beneath. . one-way functions; easy to computer one way, difficult to computer in opposite direction.
51
Asymmetric Encryption Method: Factoring Prime numbers
Factoring Prime numbers - factoring a composite number (prime x prime) to its prime - no shortcut has been found for hundreds of years. - basis of RSA algorithm - public key: factoring large primes number is so difficult that the composite can be publicly posted - private key: the prime number that are multiplied to create the public key. must be kept secret
52
Asymmetric Encryption Method: Discrete Logarithm
Discrete Logarithm - is the opposite of exponentiation - asking what number is factored to create 9999999999999 - basis of Diffie-Hilman and EIGamal asymmetric algorithm
53
Diffie-Hillman Key exchange Asymmetric Encryption
allows two parties to securely agree on a symmetric key via a public channel
54
Elliptical Curve Cryptography (ECC) Asymmetric Encryption
- one way function the uses discrete logarithms applied to elliptic curves - requires less computational power because of shorter keys compared to other asymmetric methods - often used on lower power devices.
55
Hash Functions
-provides encryption using an algorithm and no key -called "one way hash functions" because there is no way to reverse the encryption -variable length plaintext is hashed in the fixed length hash values called "hash" or message digest" -primarily used to provide integrity . if the hash of a plaintext has changed, then the plaintext itself has changed -Collision: more than one document can produce the same hash
56
Hash Algorithms
- Secure Hash Algorithms-1 (SHA-1) 160-bit hash and message digest - Message Digest 5 (MD5): creates 128-bit hash - Newer alternatives like SHA-2 are recommended
57
Hash Algorithms MD5
-Message Digest Algorithm 5 by Ronald Rivest -create 128-bit hash value based on any input value length -Weakness discovered where collisions can be found MD6 now recommended (2008)
58
Hash Algorithms Secure Hash Algorithm (SHA)
- SHA-1 - 1993 Created 160-bit hash value - SHA-2 recommended over SHA-1 and MD5 - SHA-3 is the standard in 2015 (Keccak algorithm)
59
Hash Algorithms HAVAL
- Hash of variable length - 126, 160, 192,224,256 length message digests - 3,4 or 5 rounds
60
Cryptographic Attacks Brute Force Known Plaintext Chosen Plaintext
-Brute Force: used crytpoanalysts to recover plaintext without the key or to recover the key itself. . Every possible key . Effective key-based ciphers (except one-time pad) -Known Plaintext: . relies on recovering and analyzing a matching plaintext and ciphertext pair . goal is the derive the key used Chosen Plaintext: . chooses the plaintext to be encrypted . goal is to derive the key . adapts further rounds of encryption based on the previous rounds
61
Cryptographic Attacks Chosen Ciphertext Meet in the middle
-Chosen Ciphertext . similar to chosen plaintext, except cryptoanalyst chooses the ciphertext to be decrypted . usually launched against asymmetric cryptosystems -Meet in the Middle . attacker has a copy of a matching plaintext and ciphertext, and seeks to recover the two keys used to encrypt . encrypts one side, decrypts the other side and meets in the middle . common attack again "double DES"
62
Cryptographic Attacks Known Key Differential Cryptanalysis
Known Key: . cryptanalyst know something about the key, i.e. all upper case letters, so omits other character in attack Differential Cryptanalysis: . seeks to find difference between related plaintexts that are encrypted
63
Cryptographic Attacks Linear cryptanalysis Side-channel attack
Linear cryptanalysis: . analysts finds large amounts of plaintext/ciphertext pairs created with the same key. Studies to derive information about the key used to create them Side Channel attack: . uses physical data to break a cryptosystem, such a monitor CPU cycles used while encrypting
64
Cryptographic Attacks Birthday attacks Key Clustering
Birthday attacks: . named after the birthday paradox Key Clustering: . occurs when two different symmetric keys applied to same plaintext produce the same ciphertext
65
Digital Signatures
- Used the cryptographically sign documents - Provide nonrepudiation - Uses hash function - Creates digital signature by encrypting the hash with a private key - Provide authentication and integrity, which form non-repudiation - Do not provide confidentiality as the plaintext remain unencrypted.
66
HMAC
- Combines symmetric encryption with hashing - HMACs are used by IPSec - Two parties must preshare a secret key - The receiver hashed the plaintext locally and also decrypts the HMAC with their copy of the private key, recovering the sender's hash
67
Public Key Infrastructure
- Leverages 3 forms of encryption to provide and manage digital certificates - Used for SSL websites
68
PKI Certificate Authorities
-Certificate Authorities . Issue digital certificates . Authenticate identity before issuing . May be private or public run -Certificate Revocation List maintained by CAs
69
IPSec
- Suite of protocols that provide cryptographic layer to both IPv4 and IPv6 - Includes two primary protocols . Authentication Header (AH) . Encapsulating Header (ESP)
70
IPSec AH ESP
- Authentication header: provided authentication and integrity for each packet on network data. No confidentiality - Encapsulating header: provides confidentiality be encrypting packet data
71
IPSEC Tunnel Mode Transport Mode
-Transport Mode: used by security gateway ( which provides point to point IPSec tunnels. - ESP Tunnel mode encrypts the entire packet - ESP Transport mode only encrypts the data
72
IPSec Internet Key Exchange (IKE)
- IPSec can use a variety of encryption algorithms (MD5m SHA-1 - Algorithm selection process negotiated by Internet Key Exchange (IKE) - Two side of the IPSec tunnel will typically use IKE to negotiate that hightest and fastest level of security, selecting AES over single DES for confidentiality, for example, if both sides support AES
73
SSL and TLS
-Secure Socket Layer (SSL): authenticates and provides confidentiality to web traffic . developed for Netscape browser in 1990s -Transport Layer Security (TLS): Successor to SSL . TLS 1.3 is the current release in RFC 8446 (August 2018) -Both uses as a part of HTTPS
74
PGP
-Pretty Good Privacy . Asymmetric Encryption . Phil Zimmerman - uses web of trust model to authenticate digital certificates
75
S/MIME
- MIME Multipurpose Internet Mail Extensions | - S/MIME leverages PKI to encrypt and authenticate MIME encrypted mail
76
Escrow Encryption Clipper chip
- Takes private key and divides into two parts. - Parts held in escrow by trusted third party, will only release with court order Clipper chip: the name of the technology used in Escrow Encryption Standard. - announced in 1993 by US Government - created media firestorm and abandoned on 1996