Professional Documents
Culture Documents
Assignment No: 1
Assignment No: 1
Assignment No: 1
ROLLNO: Se-18-305
Assignment No : 1
Q1:
Confidentiality:To access debit or credit cards one must enter a security password which is available only
to authorized users and aimed at further enhancing the level of security.Proper encryption of PIN
ensures that high level of confidentiality is maintained while lack of attention towards the same could
lead to breach of data or customers information.
Integrity:Use of advanced, efficient technology and proper optimization & Collaboration of ATMs is
necessary to ensure their integrity is maintained and customers information is secure.
Availability:The frequency of ATM should enhance depending upon the demand of the customers and
further should be frequently updated with cash to provide accurate services. While ATM which is out of
service could lead to customer dissatisfaction, that of ATM with accuracy in services could attract more
and more customers.
Q2:
a.
Confidentiality:
Web server contains the public information. So everyone can access that information.
Integrity:
Server maintains public information. So there may be anyone can modify that is either authorized user
or intruder.So impact of integrity level is moderate.
Availability:
Loss of information is not a biggest issue in this server.So impact of availability level is moderate.
b.
Confidentiality:
Web server contains the sensitive information. If any of data loss is occurred then it gives high loss.So
impact of the confidentiality level is high.
Integrity:
Server maintains private information. If any modifications occurred it gives huge loss
Availability:
c.
Confidentiality:
Web server contains only routine information not privacy related information. So everyone can access
that information.So there is no confidentiality is provided.So impact of confidentiality level is low
Integrity:
Server maintains routine information. If data loss is occured , it is not a big issue.
Availability:
Loss of information is not a biggest issue in this server.So impact of availability level is low.
d.
Web server contains private information that is pre solicitation phase contract information only.
Integrity:
Availability:
Confidentiality:
Web server does not contain private information.So impact of confidentiality level is low
Integrity:
Availability:
e.
Confidentiality:
Web server maintains real time information. So loss of confidentiality is not a big problem.
Integrity:
Availability:
Data availability is required at any time.Therefore impact of availability level is high.
Confidentiality:
Web server does not contain private information.So impact of confidentiality level is low
Integrity:
Availability:
Q3:
•) Passive attacks have to do with eavesdropping on, or monitoring transmissions. Email, file transfers,
and client/server exchanges are examples of transmissions that can be monitored.
•)Active attacks include the modification of transmitted data and attempts to gain unauthorized access
to computer systems.
Active attacks include Deception, Disruption, Usurpation (An event that results in control of system
services of functions by an unauthorized entity)
Q4:
Social engineering is the art of manipulating people so they give up confidential information. The types
of information these criminals are seeking can vary, but when individuals are targeted the criminals are
usually trying to trick you into giving them your passwords or bank information, or access your computer
to secretly install malicious software–that will give them access to your passwords and bank information
as well as giving them control over your computer.
Q5:
SECURITY SERVICES:
•)Authentication (Assures a message is authentic)
•)Access Control (each entity is identified or authenticated to obtain correct access rights)
SECURITY MECHANISMS:
•)Data Integrity - A variety of a mechanisms used to assure the integrity of a data unit or stream of data
units.
•)Digital Signature - Used in cryptographic transformation to allow a recipient of the data unit to prove
the source and integrity of the data unit and protect against forgery (by the recipient.)
•)Encipherment - Mathemtical algorithms to transform readable data to a form that's not readable
Q6:
Encryption is the method by which information is converted into secret code that hides the
information's true meaning.
Decryption is the method of getting the original information by decoding the secret code.
BLOCK DIAGRAM:
Q7:
In this type of attack, some plaintext-ciphertext pairs are already known. Attacker maps them in order to
find the encryption key. This attack is easier to use as a lot of information is already available.
In this type of attack, the attacker chooses random plaintexts and obtains the corresponding ciphertexts
and tries to find the encryption key. Its very simple to implement like KPA but the success rate is quite
low.
In this type of attack, only some cipher-text is known and the attacker tries to find the corresponding
encryption key and plaintext. Its the hardest to implement but is the most probable attack as only
ciphertext is required.
In this type of attack, attacker intercepts the message/key between two communicating parties through
a secured channel.
This attack is similar CPA. Here, the attacker requests the cipher texts of additional plaintexts after they
have ciphertexts for some texts.
Q8:
Q9:
Assuming depth = 2
Hpyitdyoo
apbrhatyu
Q10:
"CS6D-TECHNIQUE"
In this technique,the english alphabets of the message are replaced with their corresponding and
previous english alphabets alternatively.
For e.g:
AFTER ENCRYPTION:
IDMJP VPQMC
You can observe that the first alphabet "H" is replaced with its corresponding alphabet "I" while the next
alphabet "E" is replaced with its previous english alphabet "D" then the replacement with corresponding
and previous alphabets goes on and the message is encrypted.
To decrypt the message,simply do the opposite of encyption i.e replace the first english alphabet of the
message with its previous english alphabet and the next english alphabet of the message with its
corresponding english alphabet and so on.
ENCRYPTED MESSAGE:
IDMJP VPQMC
AFTER DECRYPTION:
HELLO WORLD