X) Internet Security and Digital Signatures Flashcards
Firewall
A firewall can be either hardware or software used for protecting against unauthorised access to a network.
Numbered doors called ports are opened so that only certain traffic is allowed to pass through.
Packet Filtering
A technique used by the firewall which inspects packets of data to check which port they are attempting to access.
If the traffic is allowed through, the port must be opened for the duration of the connection, otherwise, the firewall will close the connection by default.
Stateful Inspection
Stateful inspection is a technique for examining the contents of data packets and rejecting them if they do not form part of the recognised communication.
The firewall keeps track of all open communication channels and therefore knows the contents of each packet received.
Proxy Server
A proxy server makes a web request on behalf of the computer on its network, its job is to hide the true IP address from the recipient.
The proxy server enables for; anonymous surfing, filtering undesirable online content and provides a cache of previously visited sites to speed access.
Encryption
Encryption is the act of encoding data so that it cannot be deciphered unless a numerical key is used to decrypt it.
Symmetric Encryption
Where the sender and receiver both use the same key to encrypt and decrypt data.
The issue is that if the key is intercepted then it would be possible for the unauthorised 3rd party to gain access to any data encrypted using that key.
Asymmetric Encryption
Where a public and private key is used to encrypt and decrypt data. 3rd parities cannot access the data being transmitted as they only have the public key and not the private key.
Trojans
Malware that is hidden within a file that is seen to be innocent. A trojan can remain undetected for a long time, it is only activated when the program containing the trojan is executed.
Viruses
A virus is a malware program designed to cause damage to a computer system or allow a hacker to gain unauthorised access.
The virus replicates itself causing damage to a computer or network as it spreads everywhere.
Worms
A worm is a standalone program, where once in a computer system replicates itself and spreads. Worms exploit vulnerabilities in a system, the worm doesn’t need to be attached to a file to infect a computer.
Digital Signatures
A digital signature is a method for ensuring that an encrypted message comes from a trusted source.
The digital signature is created by reducing the unencrypted message to produce a hash, then encrypting the hash using their private key.
The sender adds the digital signature with the message, then encrypts the data using the replicants private key.
How is a digital signature is encrypted and decrypted?
- The sender applies a hash algorithm to create a hash value. The hash encrypted is then applied to the senders private key, this creates a digital signature and the signature is appended to the message being sent.
- The signature is decrypted using the senders public key. The hash value is recalculated and compared.
Digital Signatures verification
A digital signature verifies the integrity of a message’s content.
Once a message arrives from a sender, the receiver can get the certificate that belongs to the supposed sender from a certificate server.
Digital Certificates
Digital certificates are used to verify the identity of the owner of each public key and to obtain the key itself.
When a sender signs a message, they send their digital certificate. The Certificate Authority (CA) provides;
- A serial number
- Expiry date
- name of the holder
- holders public key
- CA’s signature of the certificate to verify the holder’s integrity.