版權說明:本文檔由用戶提供并上傳,收益歸屬內容提供方,若內容存在侵權,請進行舉報或認領
文檔簡介
1>Whatarebasiccomponentsofcomputersecurity?trytogivetheconnotationof
eachiteminyourlist.
Ans:Confidentiality:Keepingdataandresourceshidden.
Integrity:referstothetrustworthinessofdataorresources,anditisusuallyphrasedintermsof
preventingimproperorunauthorizedchange.Integrityincludesdataintegrityandoriginintegrity.
Availability:referstotheabilitytousetheinformationorresourcedesired,enablingaccesstodata
andresources.
2、Whalaresecuritypolicyandsecurilymechanism?
Ans:Asecuritypolicyisastatementofwhatis,andwhatisnot,allowed.
Asecuritymechanismisamethod,tool,orprocedureforenforcingasecuritypolicy.
3、WhataredifferencesbetweenMACandDAC?Ppi」|WhatareMACandDAC
Ans:MAC:identityisirrelevant,systemmechanismcontrolsaccesstoobject,andindividual
cannotalterthataccess
DAC:isbasedonuseridentity,individualusersetsaccesscontrolmechanismtoallowordeny
accesstoanobject
,DiscretionaryAccessControl(DAC,IBAC)
-individualusersetsaccesscontrolmechanismtoallow
ordenyaccesstoanobject
,MandatoryAccessControl(MAC)
-systemmechanismcontrolsaccesstoobject,and
individualcannotalterthataccess
4>Consideracomputersystemwiththreeusers:Alice,BobandCyndy.Aliceownsthefilealicerc,
andBobandCyndycanreadit.CyndycanreadandwriteBob'sfilebobre,butAlicecanonly
readit.OnlyCyndycanreadandwriteherfilecyndyrc.Assumethattheownerofeachofthese
filescanexecuteit.
?createthecorrespondingaccesscontrolmatrix.
?CyndygivesAlicepermissiontoreadcyndyrc.AndAliceremovesBob'sabilitytoread
alicerc.Showthenewaccesscontrolmatrix.
?(必考)
Ans:
(Read>writeOwns>execute)
aliceiccyndy尸c
oxr
/I/ice
rox
Reb
rrworwx
CTxzyrZv
alice丁cCncJyp-u
oxrr
4lice
ox
Bob
rrworwx
Uyndy
Ans:
theCaesarcipherisaclassicalcipher.Sender,receiversharecommonkey
Keysmaybethesame,ortrivialtoderivefromoneanother
Twobasictypes:TranspositionciphersandSblem:Keyistooshort
(Transpositionciphers:
PlaintextisHELLOWORLD
Rearrangeas
HLOOL
ELWRD
CiphertextisHLOOLELWRD
Substitutionciphers:PlaintextisHELLOWORLD
Changeeachlettertothethirdletterfollowingit(XgoestoA,YtoB,ZtoC)
Keyis3,usuallywrittenasletter
CiphertextisKHOORZRUOG)
VigenereCipherLikeCaesarcipher,butuseaphrase
Example
MessageTHEBOYHASTHEBALL
KeyVIG
EncipherusingCaesarcipherforeachletter:
keyVIGVIGVIGVIGVIGV
plainTHEBOYHASTHEBALL
cipherOPKWWECIYOPKWIRG
6、Whataredefinitionsofobjectandsubject?(很有可能會考)
Ans:
Thesetofallprotectedentities(thatis,entitiesthatarerelevanttotheprotectionstateofthe
system)iscalledthesetofobjectsO.
ThesetofsubjectsSisthesetofactiveobjects,suchasprocessesandusers.
Subjectcanbeobject,Andnotviceversa
7、Specifythealgorithmofpublickeydigitalsignatures(數?■M
Ans:
Senderuseshashfunctiontocompresstheplaintexttogeneratethehashvalue,andthen
senderusestheprivatekeytoencryptthehashvalue,thehashvalueafterencryptionand
plaintextpassedtothereceiver,thenthereceiverusesthepublickeyofthesenderto
decrypt,andthereceiveruseshashfunctiontocompresstheplaintext,andgenerateanother
hashvalue,finallycomparetwohashvalues,iftheyequal,soitistherealsignature,
otherwisenot.
8、Listthebasicrequirementsofcryptographicchecksumfunction.
Ans:
Cryptographicchecksumh:AfB:
ForanyxeA,h(x)iseasytocompute
ForanyyGB,itiscomputationallyinfeasibletofindxeAsuchthath(x)=y
Itiscomputationallyinfeasibletofindtwoinputsx,xzGAsuchthatx#x'andh(x)=h(x')
Alternateform(stronger):GivenanyxeA,itiscomputationallyinfeasibletofindadifferentx'e
Asuchthath(x)=h(x').
9、Whataredifferencesbetweentheclassicalkeycryptographyandpublickeycryptography?(必
號)
Ans:
theclassicalkeycryptographyhasonekey,Sender,receiversharecommonkey,Keysmaybethe
same,ortrivialtoderivefromoneanother.
publickeycryptographyhasTwokeys,Privatekeyknownonlytoindividual,Publickeyavailable
toanyone.
II"ibiIcprimenumber:.」
點:答案可能不唯一)
Ans:
n=pq=917(|)(H)=(p-1)(^-1)=72,e*dmod(|)(n)=l,e=5,d=29.
Publickey(e,n)=(5,91)
privatekey:d=29
11、ClassesofThreats
Ans:
?Disclosure
-Snooping
?Deception
-Modification,spoofing,repudiationoforigin,denialofreceipt
?Disruption
-Modification
?Usurpation
-Modification,spoofing,delay,denialofservice
12、GoalsofSecurity
Ans:
?Prevention
-Preventattackersfromviolatingsecuritypolicy
?Detection
-Detectattackers*violationofsecuritypolicy
?Recovery
-Stopattack,assessandrepairdamage
-Continuetofunctioncorrectlyevenifattacksucceeds
13、AccessControlMatrixModel
Ans:
SubjectsS={Si,…,s〃}
ObjectsO={Oi,...,Om}
Rights
EntriesA[sho.]cR
A回oy]={rx,…,ry]
meanssubjects;has
rightsq,&over
objecta.
14、TypesofSecurityPolicies
Ans:
?Military(governmental)securitypolicy
-Policyprimarilyprotectingconfidentiality
?Commercialsecuritypolicy
-Policyprimarilyprotectingintegrity
?Confidentialitypolicy
-Policyprotectingonlyconfidentiality
?Integritypolicy
-Policyprotectingonlyintegrity
15、IntegrityandTransactions
Ans:
?Begininconsistentstate
-"Consistent“definedbyspecification
?Performseriesofactions(transaction)
-Actionscannotbeinterrupted
-Ifactionscomplete,systeminconsistentstate
-Ifactionsdonotcomplete,systemrevertsto
beginning(consistent)state
16>Securitylevels
Ans:
-TopSecret:highest
-Secret
-Confidential
-Unclassified:lowest
ReadingInformation
?Informationflowsup,notdown
-"Readsup"disallowed,“readsdown"allowed
?SimpleSecurityCondition(Step1)
-SubjectscanreadobjectoifTL(o)<L(s)and
shaspermissiontoreado
?Note:combinesmandatorycontrol(relationshipof
securitylevels)anddiscretionarycontrol(the
requiredpermission)
-Sometimescalled“noreadsup"rule
WritingInformation
?Informationflowsup,notdown
-"Writesup“allowed,''writesdown"disallowed
?*-Property(Step1)
SubjectscanwriteobjectoiffL(s)WL(o)and
shaspermissiontowriteo
?Note:combinesmandatorycontrol(relationshipof
securitylevels)anddiscretionarycontrol(the
requiredpermission)
-Sometimescalled“nowritesdown^^rule
17、LevelsandLattices
Ans:
?(4,C)dorn(AiffArWAand。
?Examples
-(TopSecret,{NUC,ASI})dom(Secret,{NUC})
-(Secret,{NUC,EUR})dom(Confidential,{NUC,EUR})
-(TopSecret,{NUC})—\dom(Confidential,{EUR})
?LetCbesetofclassifications,Ksetofcategories.
SetofsecuritylevelsL=CxK,domformlattice
-lub(L)=(max(A),C)
partialordering
—glb(L)=0)
18、Biba'sModel
Ans:
1.seScanreadoOifff(s)Wz(o)
2.s£ScanwritetooG(9iffz(o)W/(s)
3.當£Scanexecutes?eSiffz(52)W/(sj
19、OperationalIssues
Ans:
?Cost-BenefitAnalysis
-Isitcheapertopreventorrecover?
?RiskAnalysis
-Shouldweprotectsomething?
-Howmuchshouldweprotectthisthing?
?LawsandCustoms
-Aredesiredsecuritymeasures(安全措施)illegal?
一Willpeopledothem?
20>HumanIssues
Ans:
?OrganizationalProblems
-Powerandresponsibility
-Financialbenefits
?Peopleproblems
-Outsidersandinsiders
-Socialengineering
21>Mapping
Ans:
SiS2*S4
SiAown
S2Bown
$3Ckown
S4Dend
ABXY力$2S3S4S5
力Aown
head
S2Bown
S3Xown
After3(自,D)=(k2,Y,R)
whereisthecurrentS4Yown
stateandk2thenextstate
S5bk-,end
S1S2S3S4
力Aown
S2Bown
S3Xown
AfterS(k,C)=(4X,R)
wherekisthecurrentS4Dend
stateandk、thenextstate
22、ALL
TheVigeneretableau
ABCDEFGHfJKLMNOPQPSrUVWXYZ
AABCDEFGHIJKLMNOPORSTUVWXYZ
BBCDEFGHIJKLMNOPORSTUVWXYzA
CCDEFGHIJKLMNOPORSTUVWXYZAB
DDEFGHIJKLMNOPORSTUVWXYZAB
FFGHIJKLMNOPQRTUVWXYZABCDE
GGHIJKLMNOPORUVWXYZABCOEF
HHIJKLMNOPORSUVWXYZA6CDEFG
IJKLMNOPORTUVWXYZABCDEFGH
JKLMNOPORSUWXYZABCDEFGKI
KKLMNOPORSTuVWXYZABODEF
LMNOPORSTUVWXYZABCDEFGHIJK
MMNOPORSTUVWXYzABCDEFGHIJKL
NNOPORSTUVWXZABCDEFGHIJKLM
OPQRSTUWXYA8CDEFGHIJKLMN
PPORSTUVWXYzABCDEFGHIJKLMNO
ORSTUVWXZABCDEFGHIJKLMNOP
RRTUVWXYABCDEFGHIJKLMNOPO
SUVWXYZABCDEFGHIJKLMNOPOR
TuWXYZABCDEFGHIJKLMNOPORS
UWXZABCOEFGHIJKLMNOPORST
VWXZABCDEFGHIJKLMNOPORSTU
WXYZABCDEFGHIJKLMNOPQRSTUV
XXYZA8CDEFGHIJKLMNOPORSTUV隊
YZABCDEFGHIJKLMNOPORSTUVWX
ZABCDEFGHIJKLMNOPORSTUVWXY
AttackingtheCipher
?Exliaustivesearch
Ifthekeyspaceissmallenough,tryallpossible
keysuntilyoufindtherightone
—Caesarcipherhas26possiblekeys
?Statisticalanalysis
—Compareto1-grammodelofEnglish
ClassicalCryptography
?Sender,receiversharecommonkey
-Keysmaybethesame,ortrivialtoderivefrom
oneanother
-Sometimescalledsymmetriccryptography
?Twobasictypes
-Transpositionciphers
-Substitutionciphers
Combinationsarecalledproductciphers
Attacks
?Opponentwhosegoalistobreakcryptosystemis
theadversary
-KerckhoffsAssumption:adversaryknowsalgorithm
used,butnotkey.
?Threetypesofattacks:
ciphertextonly:adversaryhasonlyciphertext;goalisto
findplaintext,possiblykey
-knownplaintext',adversaryhasciphertext,
correspondingplaintext;goalistofindkey
-chosenplaintext,adversarymaysupplyplaintextsand
obtaincorrespondingciphertext;goalistofindkey
Algorithm
?Choosetwolargeprimenumbersp,q
-Letn=pq\then=(p-1)(^-1)
-Choosee<nsuchthateisrelativelyprimeto
帕2).
-Computedsuchthatedmod弧〃)=1
?Publickey:(e,/7);privatekey:d
?Encipher:c=memodn
?Decipher:m=cdmodn
Assurance(背背)
?Specification
-Requirementsanalysis
-Statementofdesiredfunctionality
?Design
-Howsystemwillmeetspecification
?Implementation
-Programs/systemsthatcarryoutdesign
*124.必8勺
TyingTogether(背背)
SecurityPolicy
?Policypartitionssystemstatesinto:
-Authorized(secure)
?Thesearestatesthesystemcanenter
Unauthorized(nonsgauw)
,Ifthesystementersanyofthesestates,it'sa
securityviolation
?Securesystem
-Startsinauthorizedstate
-Neverentersunauthorizedstate
Problems
?HowdoesBobknowheistalkingtoAlice?
Replayattack:EverecordsmessagefromAlice
toBob,laterreplaysit;Bobmaythinkhe's
talkingtoAlice,butheisn't
Sessionkeyreuse:Evereplaysmessagefrom
Ali
溫馨提示
- 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
- 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯系上傳者。文件的所有權益歸上傳用戶所有。
- 3. 本站RAR壓縮包中若帶圖紙,網頁內容里面會有圖紙預覽,若沒有圖紙預覽就沒有圖紙。
- 4. 未經權益所有人同意不得將文件中的內容挪作商業或盈利用途。
- 5. 人人文庫網僅提供信息存儲空間,僅對用戶上傳內容的表現方式做保護處理,對用戶上傳分享的文檔內容本身不做任何修改或編輯,并不能對任何下載內容負責。
- 6. 下載文件中如有侵權或不適當內容,請與我們聯系,我們立即糾正。
- 7. 本站不保證下載資源的準確性、安全性和完整性, 同時也不承擔用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。
最新文檔
- 賒銷額度協議書
- 樓棟長志愿服務協議書
- 背書轉讓協議書
- 變更孩子撫養權協議書
- 綜合還款協議書
- 考研錄取協議書
- 房屋代買賣合同協議書
- 酒場休戰協議書
- 道路綠化協議書
- 米油回收協議書
- 《公路路基路面現場測試規程》(3450-2019)
- 診所收費標準價目表
- 高血壓病人自我-管理行為測評量表
- 起重作業培訓-指揮手勢-旗語
- 碳鋼管道焊接工藝規程完整
- 《送元二使安西》完整課件
- 防騙反詐類知識考試題庫100題(含答案)
- 北師大版小學數學二年級下冊第7單元《奧運開幕》練習試題
- 山西河曲晉神磁窯溝煤業有限公司煤炭資源開發利用、地質環境保護與土地復墾方案
- 高考英語分層詞匯1800(適合藝考生使用)
- 市政工程質量保修書
評論
0/150
提交評論