Warning:
JavaScript is turned OFF. None of the links on this page will work until it is reactivated.
If you need help turning JavaScript On, click here.
This Concept Map, created with IHMC CmapTools, has information related to: ch7, threats: -leakage-the acquisition of info by unauthorized recpients -tampering-unauthorized alteration of info -vandalism-interference with the proper operation of a system without gain to the perpetrator attacks: -eavesdropping-obtaining copies of messages without authority -masquerading-sending or receiving messages using the identity of another principal without their authority -message tampering-intercepting messages and altering their contents before passing them on to the intended recipient. -replaying- storing intercepted messages and sending them at a later date. -denial of service- flooding a channel or other resource with messages in order to deny access for others contains info leakage: if the transmission of a message between two processes can be observed, some info can be gleaned from its mere existence, threats: -leakage-the acquisition of info by unauthorized recpients -tampering-unauthorized alteration of info -vandalism-interference with the proper operation of a system without gain to the perpetrator attacks: -eavesdropping-obtaining copies of messages without authority -masquerading-sending or receiving messages using the identity of another principal without their authority -message tampering-intercepting messages and altering their contents before passing them on to the intended recipient. -replaying- storing intercepted messages and sending them at a later date. -denial of service- flooding a channel or other resource with messages in order to deny access for others contains Threats from mobile code: recently developed programming languages have been designed to enable programs to be loaded into a process from a remote server and then executed locally, internal interfaces and objects within an executing process may be exposed to attack by mobile code, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access includes Cryptography pragmatics, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access includes Digital signatures, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access includes Cryptographics Algorithms, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access has securing electronic transactions: -email-cryptographic security is now used -purchase of goods and services- -banking transactions- -micro transaction-the internet lends itself to the supply of small quantities of info and other services to many customers to secure web purchases: 1 authenticate the vendor tot he buyer 2 keep credit card #'s from falling into enemies hands 3 ensure that goods are delivered to buyer without alteration and disclosure 4 authenticate the identity of the account holder to the bank before giving them access to their account, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access includes Security Techniques, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access includes Needhad-Schroder, Kerberos, TLS, WIFI, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access has threats: -leakage-the acquisition of info by unauthorized recpients -tampering-unauthorized alteration of info -vandalism-interference with the proper operation of a system without gain to the perpetrator attacks: -eavesdropping-obtaining copies of messages without authority -masquerading-sending or receiving messages using the identity of another principal without their authority -message tampering-intercepting messages and altering their contents before passing them on to the intended recipient. -replaying- storing intercepted messages and sending them at a later date. -denial of service- flooding a channel or other resource with messages in order to deny access for others, Security: resources must be protected against unauthorized access enemies can access network, they can copy or attempt to messages in that network the role of crytography: provides basis for most security mechanisms, is the art of encoding info in a format that only the intended recipients can access has designing secure systems: is an exercise in balancing costs against the threats