Professional Documents
Culture Documents
Final essay qu (بعد التعديل)
Final essay qu (بعد التعديل)
Final essay qu (بعد التعديل)
Client:
Is an entity that consists of an operating system and a collection of
programs to perform a set of function.
________________________________
Server:
provides one or more services that may range from minimal server-
based computing (such as for database server or image-processing
server).
A server is a passive machine; it only responds to inquiries or
requests from clients.
________________________________
Classes of Security Risks:
can be divided into three categories:
i. Breaching secret data,
ii. Unauthorized logons,
iii. Unauthorized denial of service.
________________________________
Security Concepts: (حاول تفهمهم بس..)
The Basic concepts ..
1. Identification..()انت مين
Users are identified to a computer or an application through a user
identifier or user-id.
2. Authentication..()بتأكد من هويتك
used to verify the identity of user. This verification requires the
exchange of shared secrets between the user and the application.
8. Denial of Service.. :
attack is one in which the attacker takes over or consumes a
resource so that no one else can use it.
_____________________________________
C h a p t e r 2 : L o g o n a n d A u t h e n t i c a t i o n
Logon Process:
The user logon process begins with the user entering an
identification (ID), followed by verify the identity of the user.
First, the user selects the desired application to log on. The
application ask the user to enter an identifier (ID); the user enters
the ID.the application ask the user to enter the password,the user
sends the password to the application.
Now the application compares the password it received from the
user to the one retrieved from its ID-password database. If the two
matches, the user is logged on to the application; otherwise the
application informs the user that the password or the ID is invalid.
________________________________
Authentication : ##
Is the process of verifying something, Such as a user's identity, a
network address, or the integrity of a data string.
In computer networks, users can be authenticated based on one or
more of the following:
i. Something the user knows..
Users are given a secret to memorize, such as a password. The
password should be known only to the user and the system.
ii. Something the user has..
User may be given item such as keys, badges or other devices. These
devices, in turn, help the system to authenticate the users.
iii. Something the user is..
The user is given a token card that shares a secret key with the
system.
This key is called the shared secret key. The card displays a number
that changes over time, these secrets should be shared only between
the user and the system.
________________________________
3. Minimum Length: ()لزم يكون الباس ليه طول معين علشا ن ميتخمنش باهولة
short passwords are easier to guess than long ones, many systems
require that the passwords must be of a minimum length.
4. User Lockouts :
This feature allows the system administrator to lock out an ID that
has not used for a certain amount of time or that has not changed
the password within the specified time limit.
#######
symmetric key encryption scheme uses the same key for encryption
and decryption.
asymmetric key encryption and is the basis of the public key schemes.
private key known only to the user
public key known to every one
C h a p t e r 3 : W o r k s t a t i o n S e c u r i t y
Audit Trail:
The process of automatic recording and saving of several significant
system events.
________________________________
Intrusion Detection:
Is the process of detecting and identifying unauthorized or unusual
activities on the system. By using the audit records.
________________________________
Profiles:
The behavior of a subject (or a group of subjects) on an object (or a
group of objects),include the description of normal behavior of
subjects with respect to the objects.
________________________________
Anomaly Records:
Is created when the audit records show some abnormal behavior
compared to that in the profiles.
Background:
The scientifically correct definition for a computer virus is self-
reproducing automation. Viruses have the capability to control of the
computer.
________________________________
___________________________________________________________
Ch4
Distributed Security Services
Encryption:
Is the process of transforming data into an unintelligible form in
another a way the original data can be obtained only by using the
decryption process and the encryption key.
The original data is called plain_text and the encrypted data is called
cipher data.
Transposition:
A given text can be transposed in several ways.
Substitution:
A given text can also be encrypted by substituting each letter with
another letter.
Data integrity:
Is protection of information from modification by unauthorized users.
Data integrity is not the same as data confidentiality.
Digital Signature:
provides proof of authenticity and origination of data. Digital
signature is different from encryption.
________________________________________
) (Very Important #######
)هى هى الرسمة اللى فوق بس هتجيلك بالشكل ده وانت هتكتب مكان الرقام(
CH5
Access Control
Subjects:
Is capable of accessing an object.
Examples of a subject include an individual user, a user group, a
terminal, a host, or an application.
Access Rights:
define the ways in which a subject can access the object. Access
rights are specified for each pair of subjects and objects.
Objects:
An object is an entity to which access can be controlled.
Examples of objects can be as detailed as the individual data fields
or as aggregate as groups of programs, records, files, or entire
databases.
Access control:
enforces the access rights when a subject requests to access an
object.
has also been defined as comprising the mechanisms that enforce on
subject requests for access to objects as specified in the security
policy.
Access Control:
2. A Capability List..
CL for a subject specifies the rights to access each object.
___________________________________________________________
CH7
Internet Firewalls
Firewalls :
protect private networks from intrusion, and other attacks from the
Internet, an adequate barrier is required.
should intercept all the traffic between a given private network and
the Internet.
provides controlled access between a private network and the
Internet. It intercepts each message between the private network
and the Internet.
determines whether a data packet or a connection request should be
permitted to pass through the firewall or be discarded.
The filter:
executes a set of rules that have been defined by the firewall
administrator at configuration time.
Gateway:
intercepts the traffic and authenticates users at the TCP/IP
application level.
Risks:
Not Addressed By Firewalls There are several types of security
exposures to private networks that a firewall cannot address.
We list some such exposures . . .
1. Insider's Intrusion:
The firewall cannot protect the resources from attack by an internal
user of the private network.
2. Direct Internet Traffic:
A firewall is beneficial only if all the Internet traffic is handled
through the firewall.
The firewall cannot protect the resources of the private network
from the traffic that takes place directly with the Internet
3. Virus Protection:
Typically, a firewall cannot protect a private network from external
viruses.
_________________________________________________