Professional Documents
Culture Documents
Computer Security - Docx1
Computer Security - Docx1
ATTACK EXAMPLE
Act of human error Accidental deletion of database record by
employee
Compromise to intellectual property Piracy
Trespass Unauthorized access of data collection
A deliberate act of exposure Blackmail for information disclosure
A deliberate act of sabotage or vandalism to a Destruction of computer system
Computer system
A deliberate act of theft Illegal certification of equipment or
information
Deliberate software attack Viruses, worms, denial of service, packet
Forces of Nature Fire, floods, volcanic eruption, thunder, and
lightening
Quality of Service deviation from the Service Power failure
provider
Technical or hardware failure The computer fails to boot
Software failure or error Software fails to start
Technological obsolete or outdated Software version outdated
IT system Architecture
1.1. Security components in the organization to counter threats that may or may not occur
LAN (Local Area Network) is the connection of computers within a defined organization's
defined location for communication purposes. Since the organization is using LAN for
communication, there is sharing of data that needs to be protected against Intrusions such as TCP
hijacking, packet sniffing, denial of service, and much more that are likely to compromise the
organization operations. This can be done by Installing a firewall to filter all information from
Cryptography 2
the network entering the organization LAN network, Authenticating, using WPA and WPA2
This is the Verification of what the user or machine claims to be by what it has or stores. This
can be achieved by using Biometrics identifications of the user, use of secure passwords, or even
use of recognition such as Iris, Voice, or face. Attackers may attempt to compromise the security
Physical security involves installing security to the computer system to the organization; There
are various Physical Security can be put in place example include: Locking up sensitive room or
area, Setting up a surveillance camera in a sensitive area, Protect portables such as laptops and
UPS can be secure that they only operate when connected to the Company LAN, disable the
drives and the USB ports to restrict employees from transferring company Sensitive data and
Deploy physical security such as guards or police officers in sensitive places. Physical security
Personal security is also an essential aspect to consider among the organization's employees for
them to execute security measures effectively. They should take into consideration not to interact
with strangers with attack intentions, not to share confidential information with strangers, and
even taking into account what they feed. A personal attack is likely to occur such that an
1.1.5. Availability.
Cryptography 3
The company IT system availability may be compromised by attackers through denial of service
to the organization's client. By this, the system is made unusable or unavailable to its users. The
best way to counter this is to implement an Intrusion detection system (IDS) to monitor the
network activities and alert the admins when there is any malicious activity that is likely to
occur.
1.1.6 Privacy.
The organization should have a sound measure of which information should be made available to
third parties and which data should be kept confidential from unauthorized users and attackers
who may like to access the organization's sensitive information for their advantage to
compromise the organization. Privacy can be achieved by encrypting data such that only trusted
1. Authentication users
6. Data Encryption.
Cryptography 4
7. Surveillance Camera.
Steganography
Steganography entails hiding sensitive or secret information inside ordinary data, which is not
applicable, this confidential information will only be known which the person who has an idea of
what the typical data has, average network user will only see the ordinary data such as picture
file but has no idea what it carries. The main concerns of steganography are concealing and
deceiving. The messaged is hidden with the various platforms and kept secret from regular users
fooled by the data being transmitted d is composed of. There are multiple types of
1. Image steganography
2. Audio steganography
3. Image steganography.
The image steganography uses an image to hide sensitive information. The regular users will
only see a picture of a given type but have no idea what it carries. Audio steganography uses
audio files to hide sensitive information such that users can be deceived that this is just an audio
file. Video steganography uses video files to hide sensitive data to trick the other network users.
It is essential to consider that attacker sometimes uses the e-steganography techniques to attack
organization by sending enticing files such a lovely picture advert which when clicked executes
and installs a virus into the organization network or computers. Therefore, the organization
should educate employees not to visit unsafe websites or click some popping adverts with the
organization computers.
Cryptography 5
A Common Access Card (CAC) is a smart card that serves as a standard identification for United
States Active Duty Uniform Defense Personnel, including the National Guard and Selected
Reserve, civilian employees of the United States Coast Guard (USCG), civilian employees of the
Department of Defense (DoD) and other DoD and USCG contractor personnel. The card is used
for physical access into buildings and other controlled spaces, as well as access to government
defense computer systems and networks, and satisfies the requirement for two-factor
authentication.
CAC employs two-factor authentication: the physical card and the card owner’s personal
identification number (PIN). These two features allow rapid authentication and a security boost
in terms of physical security and logic.
Bar code
Integrated circuit chip (ICC)
Magnetic strip
RFID technology
Visual identification
Digital Signature.
A digital signature enables the organization to verify the author, date, and time of the signature,
also authenticate the message. The digital signature meant the note is genuine from the sender,
and the employee cannot deny his actions. The digital signature aims at the authenticity of the
comes from employ A with its valid digital signature. The message will not be considered, and
contains its valid digital signature; Employee A cannot later deny his action of signing.
Integrity, once Employ A has signed the message, marks the final action of the news, and any
Firewall Security.
This is the barrier between the Local Area Network and The internet; it helps minimize the
organization's security risk and maintain the confidentiality of the organization's private
Hashing
Hashing provides a method to prove that the message sent and received is similar and no
modification took place by comparing the received message after unlashing and the initial letter
before hashing
Data Encryption.
Alam, in his article of Performance and Efficiency Analysis of Different Block Cipher
Algorithms of Symmetric Key Cryptography, point out that data encryption involves encoding
information or data into a human non-readable format such that the data cannot be read to
understanding by the typical human observation until and decryption algorithm is run on the
Cryptography 7
data. Encryption uses an encryption algorithm to convert plain text into ciphertext. There are two
1. Symmetric encryption
2. Asymmetric encryption
The symmetric encryption uses one Key for both the encryption and decryption process; for
example, if BOB says Hello to Alice, the "hello" plain text will be passed to the Encryption
algorithm with a secret key to get cipher text (Apoorva, 2013). When Alice receives this test, he
uses the same Key used in encryption to decrypt the cipher text.
The Asymmetric encryption, Bob will encrypt the "hello" text with the Alice public Key, which
is known and not kept secret, but when Alice receives this cipher text, she will use her private
Caesar cipher
It is the old method of data encryption that involves the substitution method of letters; for
Polyalphabetic cipher
It is a substitution cipher based on multiple substitutions i.e., the plain text is encrypted to a
One time pad cipher has a unique characteristic such as it is unbreakable, cannot be broken to
success, the Key used has the same length has the message encrypted and guessing such a
lengthy key is tedious, The Key is used once and never be reused after encryption.
RSA
Apoorva Points out that RSA is an asymmetric encryption algorithm that is considered to be the
most secure, was discovered by Rivets, Shamir, and Adelman hence the name.
1. Greater than 1 but less than p-1 and q-1. This is a must satisfy a condition for e.
2. The pair of n and e forms the public Key, i.e., public vital equals ed.
1. text)= Cd mod n.
The block cipher takes a block of plain text and generates identical ciphertext. The choice of the
block text does not affect the strength of the cipher text but the length of the encryption key used.
Network Vulnerability:
According to Elminaam, Organization security architecture is the general term used to define the
overall system required to protect its IT Infrastructure. The architecture usually comprises the
Cryptography 9
process and procedure used to prevent. Mitigate and investigate different threats. The
1. People
2. Tools
3. Processes
1. Security protocols which outline the rules to prevention, mitigation, and prevention of the
threats
2. Account creation and management give a guide concerning user account creation and
3. Security roles and responsibility for every person who uses the system.
4. Auditing the security architecture, since this is an evolving process, there is a need to
audit the architecture's planned objective to see if the architecture is achieving the
intended purpose.
Authentication: This is the act of verifying the user identity, i.e., what the user
Integrity: This ensures that the data does not during the time it leaves the source at arrive the
destination address.
This is the intrusion into a network to access organizations' information against the organization's
This is the sending and executing viruses and worms to the organization's computer assets. Can
TCP hijacking
If an attacker learns the associated TCP state for the connection, then the relationship can be
hijacked! An attacker can insert malicious data into the TCP stream, and the recipient will
Packet sniffing
Email is a form of communication to many people and organization and therefore need to be
protected against the following threats and attacks: Message confidentiality, Message Message
Cryptography 11
blocked delivery, Message content and origin modification, Message content and origin forgery
Integrity for email security is as important as confidentiality. The hash function provides
integrity in the digital signature called message integrity check (MIC). By using the RSA
encryption technique with a long-bit key, we can offer end-to-end solid security for email.
Confidentiality, sender chooses symmetric encryption algorithm key. Use this key to encrypt the
entire Message to be sent, including FROM: TO: subject: etc. then the message sender prepends
the plaintext header. The sender encrypts the message key using the recipient's public key for
Thakur Points out that PGP operates with the principle of "ring of trust" to solve the key
distribution issue. User can give their public key to another, or they can take from a server. At
the bottom of the Message, many people include their PGP public keys. In this, one person can
give the second person's key to the third, fourth, fifth, and so on.
It starts by creating a random session Key; this random session key is used to encrypt the
Message
The session key is then encrypted using the public key; a hash function for message integrity is
then generated. The hash function is then signed and encrypted using the sender’s private key.
The session key, hash and the encrypted message are then attached together and then sent to the
recipient.
References
Cryptography 12
Alma, M. I., & Khan, M. R.: Performance and Efficiency Analysis of Different Block Cipher
7, 204-6, (2013).
Thakur, J., & Kumar, N.: DES, AES and Blowfish: Symmetric Key Cryptography Algorithms