Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

System Security > Internte Security Protocols and Standards > Flashcards

Internte Security Protocols and Standards Flashcards

1
Q

Secure Mail S/MIME (Multi purpose internet mail extension)

A

S/MIME is a security enhancement of th eMIME standard

MIME - RFC 822
header (to,from,subject, and other fields to route) assumes ASCII text

body message (format, encoding) text/image/audio/video

S/MIME set of additional MIME content types
ability to sign/encrypt emails

Enveloped data -> encrypted content + keys used to encrypt
Signed data -> digital signature, content+signature in base64. content = message digest encrypted with signer’s pk. only recipient with S/MIME capability can see it
clear-signed data -> digital signature of content, encoded using base64 receipients without S/MIME can view the message but not verify it
signed and eveloped data -> signed-only and encrypted-only entities may be nested. encrypted data +sign or otherwayround

RSA or Digital Signature Algorithm (DSA) of a SHA-256 message hash
international standard X.509v3

DKIM
validates origin while S/MIME doesn’t
uses ADMD’s private key to sign the message
administrative mgmt domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

TLS architecture

A

Reliable end-to-end secure service
two layers of protocols
Record protocol -> basic security services to higher-layers
Provides confidentiality -> Handshake shared secret key used for symmetric encryption of SSL payloads
Message integrity -> Handshake protocol shared secret key to form Message Authentication Code (MAC)

TLS = Three higher-layer protocol
Handshake + Change Cipher Spec + Alert protocols

Concepts:
Connection -> transport that provides a suitable service p2p relationships, transient, one session
Session -> association between client/server; set of cryptographic sec parameters shared among multiple connections

Change Cipher Spec -> byte with value 1; cause the pending state to be copied into the current state
Alert -> convey TLS related alerts to peer entity
warning(1) or fatal(2) severity of the message; fatal terminates connection no new connection can be made
2nd byte type of alter
fatal alert -> MAC changed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

TLS - Handshake protocol

A

Phase 1
initiate logical connection establish security, sec cpabilities, protocol version, session ID, cipher suite, compression and initial

Phase 2
share underlying public key encryption scheme used
server sends certificate, key additional information and request for client certificate

Phase 3
client validates server certificate is valid and checks parameters are acceptable. if all satisfactory, client sends certificate and its public key scheme information

Phase 4
completes secure connection, applies change cipher sec protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TLS - Heartbeat

A

request + response, generates traffic to prevent firewall to close connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

System Security (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions