The Digital Security Drivers Computer Science Essay

Published:

Your system is only as secure as the people who use it. If a shopper chooses a weak password, or does not keep their password confidential, then an attacker can pose as that user. This is significant if the compromised password belongs to an administrator of the system. In this case, there is likely physical security involved because the administrator client may not be exposed outside the firewall. Users need to use good judgment when giving out information, and be educated about possible phishing schemes and other social engineering attacks.

Secure Socket Layer (SSL)

Secure Socket Layer (SSL) is a protocol that encrypts data between the shopper's computer and the site's server. When an SSL-protected page is requested, the browser identifies the server as a trusted entity and initiates a handshake to pass encryption key information back and forth. Now, on subsequent requests to the server..

Server firewalls

Lady using a tablet
Lady using a tablet

Professional

Essay Writers

Lady Using Tablet

Get your grade
or your money back

using our Essay Writing Service!

Essay Writing Service

A firewall is like the moat surrounding a castle. It ensures that requests can only enter the system from specified ports, and in some cases, ensures that all accesses are only from certain physical machines.

A common technique is to setup a demilitarized zone (DMZ) using two firewalls. The outer firewall has ports open that allow ingoing and outgoing HTTP requests. This allows the client browser to communicate with the server.

Firewalls and honey pots

3) Threats drivers

Threat Analysis - determine the level and types of attacks reasonably expected and experienced on client security and server security tthreats.

Snooping the shopper's computer

Millions of computers are added to the Internet every month. Most users' knowledge of security vulnerabilities of their systems is vague at best. Additionally, software and hardware vendors, in their quest to ensure that their products are easy to install, will ship products with security features disabled. In most cases, enabling security features requires a non-technical user to read manuals written for the technologist.

 Sniffing the network

In this scheme, the attacker monitors the data between the shopper's computer and the server. He collects data about the shopper or steals personal information, such as credit card numbers.

Guessing passwords

Another common attack is to guess a user's password. This style of attack is manual or automated. Manual attacks are laborious, and only successful if the attacker knows something about the shopper. For example, if the shopper uses their child's name as the password.

Some other Examples

Cyber vandalism

Mail Bombing

Spoofing

Tampering'

Repudiation''

Information disclosure

Denial of service'

Elevation of privilege

 

 4) Regulatory drivers

Confidentiality

The term used to prevent the of information to unauthorized individuals or systems.

Eg:-A credit card transaction trough the Internet requires the card number to transaction

from Customer to merchant and from merchant to transaction processing Network. This system confidentiality data encrypting the card number during transmission (In databases,

log files, backups, printed receipts, and so on), restricting access to The places it stored.

If any unauthorized party gain card number any way, lost confidentiality.

Integrity

The information integrity means that data cannot be modified unauthorized. Although it can be viewed as a special case of Consistency .Integrity is violated that message is actively modified in transit. Information security systems provide message integrity in data addition confidentiality.

Availability

Those who have any information system to serve it purpose, to be information must be available when it is needed. This means that computing systems used store and process the information, the security controls are used to protect it, and communication channels used access it must functioning correctly. The High availability systems target to available all times, prevents service destruction due to power failure, hardware failures, and system upgrades. Ensuring availability involves preventing to denial-of-service attacks.

Authenticity

In the process of computing, e-Business and information security is necessary to ensure the data, transactions, communications or documents (electronically or physical) are genuine. It is most important for authenticate to validate that both parties involved are who they come as they are.

Non-repudiation

In the law of non-repudiation implement to intention fulfill their obligations to implies

Lady using a tablet
Lady using a tablet

Comprehensive

Writing Services

Lady Using Tablet

Plagiarism-free
Always on Time

Marked to Standard

Order Now

that one party of a transaction cannot having received a transaction no other party

deny having sent a transaction. E-commerce uses such as digital signatures and

encryption to authenticity and non-repudiation. Discussion any five regulatory

mechanisms:  

 

2

1. Symmetric algorithms (block ciphers and stream ciphers)

With Symmetric algorithms cryptographyis a single key is used for both encryption

and decryption. As acording to above diagram the sender uses the key (some set of rules)

to encrypt the plaintext and sends it ciphertext to receiver. The receiver apply the the

same key (or rule) decrypt the message and rearrage to the plaintext.single key is used

for both ways, symmetric encryption. is also called Secret Key Cryptography

Symmetric algorithms operate in one of several modes

Electronic Codebook (ECB) mode

Cipher Block Chaining (CBC) mode

Cipher Feedback (CFB) mode

Output Feedback (OFB)

2. Asymmetric algorithms (public key ciphers)

Asymmetric algorithms is the most significant new development in

cryptography in the last 300-400 years. Modern Asymmetric algorithms was first

called by Stanford University professor Martin Hellman and graduate student

Whitfield Diffie in 1976. This system secure communication over a non-secure communications channel without having share a secret key.

3. Un-keyed algorithms (Arbitrary length hash functions

Un-keyed algorithms also called message digests and one-way encryption,

This use no key instead, a fixed-length hash value is plaintext that to be recovered.

Hash algorithms commanly used digital fingerprint of a file's contents, to ensure the file

has not been intruder or virus. Hash also commonly many operating systems use to

encrypt passwords. Hash provide a measure integrity of the file.

3.

1. Buffer overflow

The buffer overflow is a program that process store more data into the buffer to hold. Then buffers are created to contain redundent amount of data.The extra information that can overflow into adjacent buffers.The corrupting or overwriting the data held in them accidentally through programming errors.The buffer overflow increas common type of security attack on data integrity. In the buffer overflow attacks extra data may contain codes designed to specific actions.In the instructions on attack computer that damage the user's files and change data.disarrange the confidential information. The Buffer overflow attacks are created using C programming language supplied by the framework and poor programming supplied the vulnerability.

In July 2000, the first vulnerability to buffer overflow attack was discovered in

Microsoft Outlook and Outlook Express. That programming flaw make possible

attacker to compromise the integrity of the specific target .The computer simply send e-mail message. Its Unlike typical e-mail virus, users canot protect them by not opening attached files.In this type of Vanarability user did not even have to open the message to enable the attack. The certain programs' message header had a defect senders to overflow the area with extra data, which allowed to execute whatever type of code they recipient's computers Because of this process as soon as the recipient downloaded the message from the server, buffer overflow attack was very difficult to defend. But Microsoft has since created a patch to eliminate and reduce vulnerability.

Countermeasures

Choice of programming language

Chosen of a programming language have a Significant effect on the occurrence

of buffer overflows. The most popular languages are C and C++ have vast body of software having been written in these languages. C and C++ are no built-in protection against accessing or overwriting data in any part of memory; The most specific, they do not check data written to a buffer is within that buffer. However the standard C++ libraries provide many ways to safe buffering data and techniques to avoid buffer overflows..

Use of safe libraries

The buffer overflows problems common in the C and C++ languages.Because they

are low level representation of buffers as contain data types. Buffer overflows has

been avoided by maintaining a high degree of correctness in code The buffer management. It has also been recommended to avoid standard library functions

that are not bounds checked.

Buffer overflow protection

Lady using a tablet
Lady using a tablet

This Essay is

a Student's Work

Lady Using Tablet

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Examples of our work

Pointer protection

The PointGuard was proposed as compiler-extension prevent attackers for being able

to reliably manipulate pointers and addresses. This approach works by having the compiler add code to automatically encode pointers before and after used. Because the attacker does not know what value will be used to encode/decode the pointer, It cannot prevent overwrites it with a new value.But PointGuard never released,Microsoft implemented a similar approach with Windows XP SP2 and Windows Server 2003 SP.

Executable space protection

The space protection in to buffer overflow protection and prevents execution of code on the stack. The attacker may use buffer overflows to insert code into the memory of the program, but with the space protection, any attempt to execute code will cause an exception.

Addressspace layout randomization

In ASLR computer security feature will involves arranging positions of key data areas, The base of the executable and position of libraries and stack, randomly process in address space.

Deep packet inspection

The deep packet inspection (DPI) detect the network parameter, Basic remote attempts buffer overflows by use of attack signatures and heuristics.They are able to block packets whic signature known attack., long series of No-Operation instructions is detected, these are once used when the location of the variable.

2. Denial of Service (DOS) attacks

The denial of service attack is one of the best examples of impacting site availability. It involves getting the server to perform a large number of mundane tasks, exceeding the capacity of the server to cope with any other task. For example, if everyone in a large meeting asks you your name all at once, and every time you answer, they ask you again. You have experienced a personal denial of service attack. To ask a computer its name, you use ping. DoS attack. The smart hacker gets the server to use more computational resources in processing the request than the adversary does in generating the request.

Types of vanarability with DOS Attack

Slow the network performance as usual (opening files or accessing web sites)

Particular web site is unavailable.

web site access gets inability.

Received Spam e-mails amount is increase this type attack is called e-mail bomb.

Countermeasures for DOS Attack

Firewall and router filtering

Firewall as a Relay

Firewall as semi-transparent Gateway

Ingress filtering

Egress filtering

Disable broadcast amplification

Operating system improvements

Brute force

Request Dropping

Security Architecture

Protocol improvements

Cookies

Stateless protocols:

Client-Puzzle protocols:

Theoretical work

Well-Known DoS Attacks

Smurf Attack:

Apache2

ARP Poison

Back

CrashIIS

DoSNuke

Land: In Land attacks

Mailbomb

SYN Flood:

Ping of Death

Process Table

Smurf Attack

SSH Process Table

UDP Storm

4.

802.11 wireless network

In year 1997 the Institute of Electrical and Electronics Engineers (IEEE) was created the First WLAN stranderd. This family consists of a series of over -the -air modulation techniques.That stranderd was called 802.11. This was olny supported Maxximum network bandwidth of 2 Mbps. Its too slow for most applications.So this reson 802.11 products are no longer manifactured.

COMPARISON

802.11A

802.11G

1

Release Year

Sep 1999

Jun 2003

2

Frequency Rate GHz

5GHz / 3.7GHz

2.4 GHz

3

Bandwidth

20 MHz

20 MHz

4

Data Rate per Stream (Mbit/s)

6, 9, 12, 18, 24, 36, 48, 54

6, 9, 12, 18, 24, 36, 48, 54

5

Allowable MIMO streams (multiple-input and multiple-output)

1

1

6

Modulation

OFDM-Orthogonal frequency-division multiplexing

OFDM-Orthogonal frequency-division multiplexing

DSSS-Direct-sequence spread spectrum

7

Approximate indoor range

35 m or 115 ft

38 m or 125 ft

8

Approximate outdoor range

190m or 390ft

140m or 460ft

1. 802.11a

Early 802.11a standard uses same data link layer protocol of OSI frame as the original standard, but an OFDM -Orthogonal frequency-division multiplexing in (physical layer). 802.11a frequency rates are 5 GHz band with a maximum up to 54 Mbit/s. However 2.4 GHz band is heavily used the point of being crowded. The significant advantage is unused 5 GHz band gives in 802.11a.And disadvantage is this high carrier frequency also brings a effective overall range of 802.11a is less than of 802.11b/gantage.802.11a has same or greater range due to less interference. Due to higher frequency 802.11a signals are more difficulty penetrating walls and other material obstructions.

When 802.11b was development, IEEE created a second edition standard to the original 802.11 standard called 802.11a.Because of 802.11b is much faster than did 802.11a, some Professional believe that 802.11a was created after 802.11b. The 802.11a also created at the same time. Due high cost, 802.11a is mostly found on business networks and 802.11b is most used to serves home market.

In out these 802.11a and 802.11b utilize different frequencies, and these two technologies are incompatible each other. Some market product vendors offer hybrid 802.11a/b network but these products implement the two standards each devices must use one or the other.

Pros of 802.11a - fast maximum speed; reguler frequencies prevent signal

interference from other devices.

Cons of 802.11a - highest cost; short range signal more easily obstructed

2. 802.11g

In ealy June 2003, the modulation standard was ratified as 802.11g. In 2002 and 2003, WLAN products supporting a newer standard called 802.11g emerged on the market.This is work 2.4 GHz band (like 802.11b), but uses same OFDM based transmission scheme such as used in 802.11a. It operates at a maximum physical layer bit rate of 54 Mbit/s.In exclusive of forward error correction codes andt 22 Mbit/s average throughput. 802.11g hardware is fully backwards compatible with 802.11b hardware and therefore is less legacy issues that reduce throughput when it compared to 802.11a by reduceing 21%.

The 802.11g was drafted in Nov of 2001. The 802.11g operates same frequence as 802.11b 802.11g devices bandwidth of maximum of 22Mbps and communicate at up to 54Mbps. 802.11g is sometimes called 'Turbo Mode' on some 802.11b cards.Like 802.11b,

802.11g also same interference and security issues.this operates at 2.4Ghz and may cause

problems with 2.4Ghz cordless telephones.

In 802.11g product communicates with 11Mbps 802.11b product, and drop down 11Mbps or less depending on the signal strength. In oder you purchase an 802.11g product for use with an 802.11b access point, it expect only 11Mbps.Eraly 802.11b, 802.11g devices suffer interference from other products operating in the 2.4 GHz band, for example wireless keyboards. 802.11g attempts to combine the best of both 802.11a and 802.11b.

Pros of 802.11g - fast maximum speed; signal range good and not easily

Obstructed

Cons of 802.11g - costs more than 802.11b; appliances may interfere on the

unregulated signal frequency

802.11 wireless network security issues

Easy Access

"Rogue" Access Points

Unauthorized Use of Service

Service and Performance Constraints

MAC Spoofing and Session Hijacking

Traffic Analysis and Eavesdropping

Higher Level Attacks

802.11 wireless network security prevention

Adapted infrastructure

Avoid using default values

Filtering MAC addresses

WEP - Wired Equivalent Privacy

Improve authentication

Conclusion

All to-gether wireless LAN security can be challenging because of the press

has generated, all of the challeng are address by reasonable security precautions. Network designs are, continue to be affected by the new development of the new technologies and user demands.