Overview:
Q. Threat
A potential for violation of security, which exists when there
is a circumstance, capability, action, or event that could breach security and
cause harm. That is, a threat is a possible danger that might exploit vulnerability.
Q. Attack
An assault on system security that derives from an
intelligent threat; that is, an intelligent act that is a deliberate attempt
(especially in the sense of a method or technique) to evade security services
and violate the security policy of a system.
Q. What is OSI security
architecture?
The Open Systems Interconnection (OSI) architecture provides
a systematic framework for defining security attacks, mechanisms, and services.
Q. What is the
difference between passive and active security threats?
A passive attack attempts to learn or make use of
information from the system but does not affect system resources. An active
attack attempts to alter system resources or affect their operation.
Q. List and briefly
define categories of passive and active security attacks?
Passive Attacks:
Passive attacks are in the nature of eavesdropping on, or
monitoring of transmission. The goal of the opponent is to obtain information
that is being transmitter.
a)
Release
of message content: Read contents of message transmitted between two or
more users. Message transmission can be happened using email message, file or
any other electronic manner.
b)
Traffic
analysis:observe pattern of messages from two or more users. This is
subtler.
Active Attacks:
a)
Masquerade:
It takes place one entity pretends to be a different entity. A masquerade
attack usually includes one of the other forms of active attack.
b)
Replay:
It involves the passive capture of data unt and its subsequent retransmission
to produce an unauthorized effect.
a)
Modification
of messages: It simply means that some portion of a legitimate message is
altered, or that messages are delayed or reordered, to produce an unauthorized
effect.
b)
Denial of
service: It prevents or inhibits the normal use or management of communications
facilities. This attack may have a specific target.
Q. List and briefly
define categories of security services?
X.800 and RFC2828 defines security services in their own
ways. We can say security services provide protection of system resources, data
transmission, implementation of security policies and mechanism.
X.800 divides security services into five categories and
fourteen specific services.
i) Authentication: The assurance that the communicating
entity is the one that it claims.
a) Peer
entity authentication
b)
Data-Origin authentication
ii) Access control: The prevention of unauthorized use of a
resource.
iii) Data confidentiality: the protection of data from
unauthorized disclosure.
a)
Connection confidentiality
b)
Connectionless confidentiality
c)
Selective field confidentiality
d)
Traffic flow confidentiality
iv) Data integrity: The assurance that data received are
exactly as sent by an authorized entity.
a)
Connection integrity with recovery
b)
Connection integrity without recovery
c)
Selective field connection integrity
d)
Connectionless integrity
e)
Selective field connectionless integrity
v) Nonrepudiation: Provides protection against denial by one
of the entities involved in a communication of having participated in all or
part of the communication.
a) Nonrepudiation,
Origin
b) Nonrepudiation, Destination
Q. List and briefly
define categories of security mechanisms?
Security mechanisms defined in X.800 as listed below:
Specific security mechanisms:
1)
Encipherment: The use of mathematical algorithms
to transform data into a form that is not readily intelligible.
2)
Digital signature:Data appended to , or a
cryptographic transformation of, a data unit that allows a recipient of the
data unit to prove the source and integrity of the data unit and protect
against forgery.
3)
Access control: A variety of mechanisms that
enforce access rights to resources.
4)
Data integrity: A variety of mechanisms used to
assure the integrity of a data unit or stream of data units.
5)
Authentication exchange: A mechanism intended to
ensure the identity of an entity by means of information exchange.
6)
Traffic padding: The insertion of bits into gaps
in a data stream to frustrate traffic analysis attempts.
7)
Routing control: Enables selection of particular
physically secure routes for certain data and allows routing changes,
especially when a breach of security is suspected.
8)
Notarization: The use of a trusted third party
to assure certain properties of a data exchange.
No comments:
Post a Comment