Documente Academic
Documente Profesional
Documente Cultură
b.) access control and threats to servers that include impersonation, eavesdropping, denial of service, packet replay, and packet modification.
Continue
Continued
Threats to servers: o These are more prone to attacks which exploits the bugs in server software. o Vulnerable software running, usage of popluar programs, eavesdropping the conversation, spoofing the system etc. enhances the attacking chances. o DoS, eavesdropping,service overloading, message overloading, packet replay are common threats. o To prevent them access to accounts, protect from unauthorized access must be done.
What it does
o o o It provides several level of security: Screen packets and filter the network traffic allow/restrict access to certain applications Firewalls range from simple traffic logging systems that record all network traffic to complex one such as screening of packets o Most secure are application gateways and provide proxy services to users o In case of heavy traffic, hardened firewall machines are set up.
Data security
Message security
Packet sniffing : monitors network by compromising host and installing sniffer program
Secret/symmetri c crptography
Asymmetric cryptography
Encryption/encipher
It means to convert plaintext into a scrambled text which cannot be read by anyone.
Single-key/symmetric
It involves the encryption and decryption by using single key that is shared between transmitter and reciever. It suffers from problem of key distribution. The generation, transmission and storage of keys is called key management. In business environment it is impossible that key management is flawless. Therefore this method is impractical
Asymmetric/public key
It involves usage of 2 keys: private and public keys Information encrypted with private key can only be opened by public key and vice versa. The private key is secret whereas public key is known to everyone. These keys are maintained in central repository so no problem of key-distribution, the private key is main concern to management
DES
It is the implementation of secret-key cryptography It operates on 64-bit of blockof message. And uses 56-bit key Designed for hardware implementation It deploys more than one stage of encryption This can be cracked so its advanced version like des3, desx are used
RSA algorithm
It is a public key cryptographic system required for encryption and authentication This is hard to crack, as long prime number multiplication is used It is used in wide variety products, platforms and industries e.g. www browsers,on ethernet networks, secure telephones
Digital signatures
In business transcations , authnticatio refres to use of digital signatures that verifies digital document. It is neede for proliferation of e-commerce The recipient, as well as third party verifies that the document did originate from the person hose signature are attached and that document is not altered since it signed.
Email typing