Security & Robustness Flashcards
What are the 4 pillars of security?
- Authentication
- Authorisation
- Integrity & Non-repudiation
- Confidentiality
Name 3 forms of authentication
- password controlled access
- pre-registration scheme
- self-registration scheme
Briefly describe 4 different types of authorisation (access control)
- Mandatory: for high security systems, permissions given by security manager for threads to touch certain data
- Discretionary - users set access rights to files
- Role-based - users are granted certain roles, which have certain access permissions
- Lattice-based - users mst exceed access level of object
What are the 5 security elements of the Java security manager?
- Permissions; actions code can perform
- Code sources; origins of code
- Protection domains; maps permissions to code sources
- Key stores; digital signatures
- Policy files; lists permissions
What are the main technolgoies associated with secure transmission of data?
- digital signatures
- digital certificates
- message digests (digital fingerprints)
What is a cryptographic hash?
- Function that converts a string into a limited length hashcode
- keyless algorithm; easy to compute
- hard to recover original message
- hard to obtain collisions (meesages that have same hashcode)
- discontinuous mapping; similar messages dont have similar hashcodes
Describe what happens during a simple message digest and its weakness
- sender sends message m and digest d = h(m)
- reciever computes d’=h(m) and then checks if d = d’
- if not message has been tampered
weakness is if d and m are both modified during transit
Describe what a message authentication code is? (complex message digest)
- users have shared password P
- sender computes digest d = h(p||m)
- sender computes mac = h(p||d)
- sends message m and mac
- reciever computes digest d’ = h(p||m)
- reciever checks mac’ = h(p||d’)
What is symmetric key encryption? What are its issues?
- both parties use same key for encryption and decryption
issues:
- key sharing
- key management
What is public/private key encryption? How does it solve issues of symmetric key encryption?
use 2 related prime keys
- sender encrypts with public key
- reciever decrypts with private key
- no key transmission issues
- no key management issues
What is a digital signature?
- comibination of message digest & extra encryption
- authenticates sender, and message integrity
- sender encrypts digest with own private key
- reciever decrypts digest with senders public key
What is a digital certificate?
Certifying authority vouches for a 3rd party by issuing a digital certificate
What do we look at to see if systems are robust?
- if a system is distributed & has redundancy
- available under stress
- failsafe transactions
- penetration resistant
What is meant by physical protection of data?
- multiple copies of database in speparate locations
- regular backups of whole dataset to remote locations
- data storage in the cloud
- use RAID architecture (redundant array of independent disks)
What is an SQL view?
- derived table; computed from other tables
- enhances usability and security in large databases
- can be inefficient as it hides a complex subquery
How do we control access to data to make databases more penetration resistant?
- ensreu users have restricted views of data
- prohibit arbitrary free-data entry where possible
- provide restricted choice selections
How do we make databases more resistant to penetration?
- control access to data
- validate all inputs
What is a failsafe transaction?
- set of updates wrapped up in one transaction, whic fails or succeeds as a whole to protect against loss of service
- upon failure database must rollback or revert
What are 3 possible strategies to prevent data loss during transaction interruption?
- deffered update; write changes to temp file and commit all at once or rollback if failed
- immediate update; log old values and revert if transactions fial
- shadow paging; dynamic pointers to blocks of current data; merge or revert if fail.
What are 4 issues with concurrent database access?
- dirty read; read data out of date
- non-repeatable read; inconsistent queries
- phantom read; queries return extra data
- lost update; simulatenous updates mean one is lost
Describe different types of concurrency control (7)
- serialize all transactions +all transactions execute in sequence BUT bottleneck reduces performace
- Row locking +transactions locked out while row updates BUT possible deadlock
- Deadlock avoidance +aborts transactions if locks cant be obtained BUT aborts valid transactions
- Deadlock detection to break circular deadlocks resulting in fewer aborts
- Shared & Exclusive locks; locks shared for reading but not for writing
- Phantom & Intent locks; phantom lock reserves empty row for insertion, intent lock declares intent to commit changes
- Timestamping
