1. (1.5pt) List and briefly define the fundamental security design principles 2.
ID: 3879812 • Letter: 1
Question
1. (1.5pt) List and briefly define the fundamental security design principles 2. (1pt) What is the difference between a session key and a master key? 3. (1pt) What is the OSI security architecture? 4. (1pt) What is the difference between passive and active security attacks? 5. (1.5pt) Consider a desktop publishing system used to produce documents for various organizations: 5.a. Give an example of a type of publication for which confidentiality of the stored data is the most important requirement. 5.b. Give an example of a type of publication in which data integrity is the most important requirement. 5.c. Give an example in which system availability is the most importantExplanation / Answer
1)Answer:
I mentioned below fundamental security design principles. The are
2)Answer:
A session key is a temporary encryption key used by two principals. A master key is a long-lasting key that is used to a key distribution center and a principal for the purpose of encoding the transmission of session keys. Typically, the master keys are distributed by noncryptographic means.
3)Answer:
OSI Security Architecture:
The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. The document defines security attacks, mechanisms, and services, and the relationships among these categories.
4)Answer:
difference between active and passive attacks:
Passive Attacks
A passive attack involves someone listening in on telecommunications exchanges or passively recording computer activity. An example of the former is an attacker sniffing network traffic using a protocol analyzer or some other packet capturing software. The attacker finds a way to plug into the network and begins capturing traffic for later analysis. Other attackers rely on keyloggers, usually as a Trojan horse in a "free download," to record keystrokes such as user IDs and passwords. The goal, regardless of the method, is just to listen and record the data passing through. The passive attack itself is not harmful, per se, but the information gathered during the session could be extremely damaging.
Active Attack
Active attacks on computers involve using information gathered during a passive attack, such as user IDs and passwords, or an outright attack using technological "blunt instruments." Such instruments include password crackers, denial-of-service attacks, email phishing attacks, worms and other malware attacks. In an active attack, the attacker is out to bring a website down, steal information or even destroy computing equipment. As network administrators install defenses against existing attack tools, hackers develop more sophisticated tools and the game of technology leapfrog continues.
The difference between active and passive attacks in case of active attack involve the updating upon the data means the active attack access the data and then perform alteration upon the data and than data transmit on the network but in case of passive attack the attacker just access the message and the contents of the message without any alteration upon the data means just type attack just involve to read and access the message the content mean just observe the message .
The active attack easy to detect but not easy to protect but passive attack difficult to detect easy to prevent
Examples of the Active attack
Replay
Message modification
Denial of service
Example of the Passive attack
Traffic Analysis
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.