第一章

1.1 What is the OSI security architecture?

To assess effectively the security needs of an organization and to evaluate and

choose various security products and policies, the manager responsible for security

needs some systematic way of defining the requirements for security and character

izing the approaches to satisfying those requirements. This is difficult enough in a

centralized data processing environment; with the use of local and wide area net

works, the problems are compounded.

ITU-T3 Recommendation X.800, Security Architecture for OSI, defines such a

systematic approach.4 The OSI security architecture is useful to managers as a way

of organizing the task of providing security. Furthermore, because this architecture

was developed as an international standard, computer and communications vendors

have developed security features for their products and services that relate to this

structured definition of services and mechanisms.

For our purposes, the OSI security architecture provides a useful, if abstract,

overview of many of the concepts that this book deals with. The OSI security archi

tecture focuses on security attacks, mechanisms, and services. These can be defined

briefly as

■ Security attack: Any action that compromises the security of information

owned by an organization.

■ Security mechanism: A process (or a device incorporating such a process)

that is designed to detect, prevent, or recover from a security attack.

■ Security service: A processing or communication service that enhances the

security of the data processing systems and the information transfers of an

organization. The services are intended to counter security attacks, and they

make use of one or more security mechanisms to provide the service.

In the literature, the terms threat and attack are commonly used to mean more

or less the same thing. Table 1.1 provides definitions taken from RFC 4949, Internet

Security Glossary.

1.2 List and briefly define the three key objectives of computer security.

Confidentiality

Integrity

Availability

1.3 List and briefly define categories of passive and active security attacks.

Passive attacks (Figure 1.2a) are in the nature of eavesdropping on, or monitoring

of, transmissions. The goal of the opponent is to obtain information that is being

transmitted. Two types of passive attacks are the release of message contents and

traffic analysis.

Active attacks (Figure 1.2b) involve some modification of the data stream or the

creation of a false stream and can be subdivided into four categories: masquerade,

replay, modification of messages, and denial of service.

1.6 List and briefly define the fundamental security design principles.

Despite years of research and development, it has not been possible to develop

security design and implementation techniques that systematically exclude security

flaws and prevent all unauthorized actions. In the absence of such foolproof tech

niques, it is useful to have a set of widely agreed design principles that can guide

the development of protection mechanisms. The National Centers of Academic

Excellence in Information Assurance/Cyber Defense, which is jointly sponsored by

the U.S. National Security Agency and the U.S. Department of Homeland Security,

list the following as fundamental security design principles [NCAE13]:

■ Economy of mechanism

■ Fail-safe defaults

■ Complete mediation

■ Open design

■ Separation of privilege

■ Least privilege

■ Least common mechanism

■ Psychological acceptability

■ Isolation

■ Encapsulation

■ Modularity

■ Layering

■ Least astonishment

The first eight listed principles were first proposed in [SALT75] and have withstood

the test of time. In this section, we briefly discuss each principle.

Economy of mechanism means that the design of security measures embod

ied in both hardware and software should be as simple and small as possible.

The motivation for this principle is that relatively simple, small design is eas

ier to test and verify thoroughly. With a complex design, there are many more

opportunities for an adversary to discover subtle weaknesses to exploit that may

be difficult to spot ahead of time. The more complex the mechanism, the more

likely it is to possess exploitable flaws. Simple mechanisms tend to have fewer

exploitable flaws and require less maintenance. Further, because configuration

management issues are simplified, updating or replacing a simple mechanism

becomes a less intensive process. In practice, this is perhaps the most difficult

principle to honor. There is a constant demand for new features in both hard

ware and software, complicating the security design task. The best that can be

done is to keep this principle in mind during system design to try to eliminate

unnecessary complexity.

Fail-safe defaults means that access decisions should be based on permission

rather than exclusion. That is, the default situation is lack of access, and the protec

tion scheme identifies conditions under which access is permitted. This approach

exhibits a better failure mode than the alternative approach, where the default is

to permit access. A design or implementation mistake in a mechanism that gives

explicit permission tends to fail by refusing permission, a safe situation that can

be quickly detected. On the other hand, a design or implementation mistake in a

mechanism that explicitly excludes access tends to fail by allowing access, a failure

that may long go unnoticed in normal use. Most file access systems and virtually all

protected services on client/server systems use fail-safe defaults.

Complete mediation means that every access must be checked against the

access control mechanism. Systems should not rely on access decisions retrieved

from a cache. In a system designed to operate continuously, this principle requires

that, if access decisions are remembered for future use, careful consideration be

given to how changes in authority are propagated into such local memories. File

access systems appear to provide an example of a system that complies with this

principle. However, typically, once a user has opened a file, no check is made to see

if permissions change. To fully implement complete mediation, every time a user

reads a field or record in a file, or a data item in a database, the system must exercise

access control. This resource-intensive approach is rarely used.

Open design means that the design of a security mechanism should be open

rather than secret. For example, although encryption keys must be secret, encryption

algorithms should be open to public scrutiny. The algorithms can then be reviewed

by many experts, and users can therefore have high confidence in them. This is the

philosophy behind the National Institute of Standards and Technology (NIST)

program of standardizing encryption and hash algorithms, and has led to the wide

spread adoption of NIST-approved algorithms.

Separation of privilege is defined in [SALT75] as a practice in which mul

tiple privilege attributes are required to achieve access to a restricted resource.

A good example of this is multifactor user authentication, which requires the use of

multiple techniques, such as a password and a smart card, to authorize a user. The

term is also now applied to any technique in which a program is divided into parts

that are limited to the specific privileges they require in order to perform a specific

task. This is used to mitigate the potential damage of a computer security attack.

One example of this latter interpretation of the principle is removing high privilege

operations to another process and running that process with the higher privileges

required to perform its tasks. Day-to-day interfaces are executed in a lower privi

leged process.

Least privilege means that every process and every user of the system should

operate using the least set of privileges necessary to perform the task. A good

example of the use of this principle is role-based access control. The system security

policy can identify and define the various roles of users or processes. Each role is

assigned only those permissions needed to perform its functions. Each permission

specifies a permitted access to a particular resource (such as read and write access

to a specified file or directory, connect access to a given host and port). Unless a

permission is granted explicitly, the user or process should not be able to access the

protected resource. More generally, any access control system should allow each

user only the privileges that are authorized for that user. There is also a temporal

aspect to the least privilege principle. For example, system programs or administra

tors who have special privileges should have those privileges only when necessary;

when they are doing ordinary activities the privileges should be withdrawn. Leaving

them in place just opens the door to accidents.

Least common mechanism means that the design should minimize the func

tions shared by different users, providing mutual security. This principle helps

reduce the number of unintended communication paths and reduces the amount of

hardware and software on which all users depend, thus making it easier to verify if

there are any undesirable security implications.

Psychological acceptability implies that the security mechanisms should not

interfere unduly with the work of users, while at the same time meeting the needs of

those who authorize access. If security mechanisms hinder the usability or accessibil

ity of resources, then users may opt to turn off those mechanisms. Where possible,

security mechanisms should be transparent to the users of the system or at most

introduce minimal obstruction. In addition to not being intrusive or burdensome,

security procedures must reflect the user’s mental model of protection. If the protec

tion procedures do not make sense to the user or if the user must translate his image

of protection into a substantially different protocol, the user is likely to make errors.

Isolation is a principle that applies in three contexts. First, public access sys

tems should be isolated from critical resources (data, processes, etc.) to prevent dis

closure or tampering. In cases where the sensitivity or criticality of the information

is high, organizations may want to limit the number of systems on which that data is

stored and isolate them, either physically or logically. Physical isolation may include

ensuring that no physical connection exists between an organization’s public access

information resources and an organization’s critical information. When implement

ing logical isolation solutions, layers of security services and mechanisms should be

established between public systems and secure systems responsible for protecting

critical resources. Second, the processes and files of individual users should be iso

lated from one another except where it is explicitly desired. All modern operating

systems provide facilities for such isolation, so that individual users have separate,

isolated process space, memory space, and file space, with protections for prevent

ing unauthorized access. And finally, security mechanisms should be isolated in the

sense of preventing access to those mechanisms. For example, logical access control

may provide a means of isolating cryptographic software from other parts of the

host system and for protecting cryptographic software from tampering and the keys

from replacement or disclosure.

Encapsulation can be viewed as a specific form of isolation based on object

oriented functionality. Protection is provided by encapsulating a collection of pro

cedures and data objects in a domain of its own so that the internal structure of a

data object is accessible only to the procedures of the protected subsystem, and the

procedures may be called only at designated domain entry points.

Modularity in the context of security refers both to the development of security

functions as separate, protected modules and to the use of a modular architecture for

mechanism design and implementation. With respect to the use of separate security

modules, the design goal here is to provide common security functions and services,

such as cryptographic functions, as common modules. For example, numerous proto

cols and applications make use of cryptographic functions. Rather than implement

ing such functions in each protocol or application, a more secure design is provided

by developing a common cryptographic module that can be invoked by numerous

protocols and applications. The design and implementation effort can then focus on

the secure design and implementation of a single cryptographic module and includ

ing mechanisms to protect the module from tampering. With respect to the use of a

modular architecture, each security mechanism should be able to support migration

to new technology or upgrade of new features without requiring an entire system

redesign. The security design should be modular so that individual parts of the secu

rity design can be upgraded without the requirement to modify the entire system.

Layering refers to the use of multiple, overlapping protection approaches

addressing the people, technology, and operational aspects of information systems.

By using multiple, overlapping protection approaches, the failure or circumven

tion of any individual protection approach will not leave the system unprotected.

We will see throughout this book that a layering approach is often used to provide

multiple barriers between an adversary and protected information or services. This

technique is often referred to as defense in depth.

Least astonishment means that a program or user interface should always

respond in the way that is least likely to astonish the user. For example, the mechanism

for authorization should be transparent enough to a user that the user has a good intui

tive understanding of how the security goals map to the provided security mechanism.

第三章

3.1 Describe the main requirements for the secure use of symmetric encryption.

There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. At a minimum, we would like the algo

rithm to be such that an opponent who knows the algorithm and has access to

one or more ciphertexts would be unable to decipher the ciphertext or figure

out the key. This requirement is usually stated in a stronger form: The oppo

nent should be unable to decrypt ciphertext or discover the key even if he or

she is in possession of a number of ciphertexts together with the plaintext that

produced each ciphertext.

2. Sender and receiver must have obtained copies of the secret key in a secure

fashion and must keep the key secure. If someone can discover the key and

knows the algorithm, all communication using this key is readable.

3.5 What are the two general approaches to attacking a cipher?

■ Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus

perhaps some knowledge of the general characteristics of the plaintext or even

some sample plaintext–ciphertext pairs. This type of attack exploits the charac

teristics of the algorithm to attempt to deduce a specific plaintext or to deduce

the key being used.

■ Brute-force attack: The attacker tries every possible key on a piece of cipher

text until an intelligible translation into plaintext is obtained. On average, half

of all possible keys must be tried to achieve success.

ComSec作业一：抄书题相关推荐

函授计算机基础知识考试试题,2020年函授本科计算机应用基础课后作业、模拟题及答案.doc...
2020年函授本科计算机应用基础课后作业.模拟题及答案.doc 学海无涯第一章作业14题一.单项选择题(共12小题,每题7分,共84.0分)第1题在计算机中,用文字.图像.语言.情景.现象所表示 ...
ComSec 作业七：Signature
ComSec 作业七:Signature 13.2 数字签名应该具有哪些性质? 13.3 数字签名应满足哪些要求? 13.6 直接数字签名方法中会遇到哪些威胁? 13.2 数字签名应该具有哪些性质? ...
浙江大学远程教育平台计算机基础知识,浙江大学远程教育_计算机基础_第3次作业_Word知识题...
浙江大学远程教育计算机基础第3次作业 Word知识题第3章文字处理Word 2010(单选题) 完成下列题目,这些题目与期末考试题或将来的统考题类似,请同学们认真做一遍.注意:上传你所做的答案 ...
浙江大学远程教育计算机作业4,浙江大学远程教育_计算机基础_第4次作业_Excel知识题...
浙江大学远程教育计算机基础第4次作业 Excel知识题第4章电子表格Excel 2010(单选题) 完成下列题目,这些题目与期末考试题或将来的统考题类似,请同学们认真做一遍.注意:上传你所做的答 ...
北理嵩天老师 Python程序设计课后作业易错题总结
Python程序设计课后作业易错题总结最近小c君在学习北理的嵩天老师在中国大学MOOC上发布的,<Python程序设计>课程. 下面是我总结该课程课后作业的易错题,分享给大家.同时非常推 ...
2021年人工神经网络第四次作业 - 第三题Cifar10
简介: 在Paddle下使用最基本的BP网络以及LeNet网络结构,测试了Cifar10数据集合.但实际运行在测试集合上的效果始终没有突破0.3,具体原因还需要进行查找. 后来经过测试,发现问题出现 ...
2021年人工神经网络第四次作业-第五题：危险品识别
简介: 通过对于物品X射线数据集合的整理,挑选出15类体积比较大的物品,训练LeNet网络进行识别. 关键词: X射线,危险品识别,LeNet,Paddle #mermaid-svg-wZUMACG ...
2021-06-082021年春季学期-信号与系统-第十五次作业-第四小题参考答案
本文是 2021年春季学期-信号与系统-第十五次作业参考答案中各小题的参考答案. §04 第四小题 4.已知x[n],y[n]x\left[ n \right],y\left[ n \right]x ...
电大计算机2019作业,【电大题】2019年最新国家开放大学电大《人文英语2、3、》网络核心课形考网考作业两套汇编附全答案.docx...
[电大题]2019年最新国家开放大学电大<人文英语2.3.>网络核心课形考网考作业两套汇编附全答案.docx 文档编号:768065 文档页数:61 上传时间: 2019-10-17 文 ...

ComSec作业一：抄书题

第一章