Professional Documents
Culture Documents
Crime :
Crime is an action prohibited by law, or the failure to fulfil a required duty, which can result
in legal punishment.
Email-Spoofing:
• A spoofed E-Mail is one that appears to originate from one source but actually has
been sent from another source.
• For example, Roopa has an email address roopa@gmail.com. Let us her friend Sheela
become her enemy spoof her Email and sends obscene messages to all her
acquaintances.
Spamming:
Cyber defamation:
• Cyber defamation occurs when defamation takes place with the help of computers and
/or the Internet.
• Theft occurs when an authorized person uses the Internet hours paid for by another
person.
• Internet time theft comes under hacking because the person who gets access to
someone else’s ISP user ID and password either by hacking or by gaining accessthe
Internet without the other person’s knowledge.
Salami Attack:
• These attacks are used for committing financial crimes. The idea here is to make the
alteration so insignificant that in a single case it would go completely unnoticed.
• For example, a bank employee inserts a program, into the bank’s servers, that deducts
a small amount of money from the account of every customer.
Data Diddling:
• A data diddling attack involves altering raw data just before it is processed by a
computer and then changing it back after the processing is completed.
• Altering the numbers in a financial spreadsheet before submitting it for approval.
Forgery:
• Counterfeit currency notes, postage and revenue stamps, mark sheets etc., can be
forged using sophisticated computers, printers and scanners.
• Outside many colleges there are soliciting the sale of fake mark sheets or even degree
certificates. These are made using computers and high quality scanners and printers.
Web Jacking:
Hacking
• Every act committed toward breaking into a computer and/or network is hacking and
it is an offense.
• Hackers write or use readymade-computer programs to attack the target computer.
• They possess the desire to destruct and they get enjoyment out of such destruction.
• Some hackers hack for personal monetary gains, such as stealing credit card
information, transferring money from various bank accounts to their own account
followed by withdrawal of money.
• The purposes of hacking are many, the main ones are as follows:
Greed
Power
Publicity
Revenge
Adventure
Desire to access forbidden information
Destructive mindset
Online frauds:
• An online fraud includes Spoofing website and E-Mail security alerts, hoax mails
about virus threats, lottery frauds and spoofing.
• In spoofing websites and E-mail security threats, fraud sets create authentic looking
websites that are actually nothing but a spoof.
• The purpose of these websites is to make the user enter personal information which is
then used to access business and bank accounts.
• Example: Using someone else's credit card information to make unauthorized
purchases online.
• Email bombing refers to sending a large number of E-Mails to the victim to crash
victim’s E-Mail account or to make victim’s mail servers crash.
• Computer program can be written to instruct a computer to do such tasks on a
repeated basis.
2. Kerberos:
1. Authentication:
• User authenticates with the AS by providing their credentials
(username and password).
• AS verifies the credentials and issues a TGT encrypted with a
secret key derived from the user's password.
2. Authorization:
• User requests a service ticket from TGS for a specific service.
• TGS verifies the TGT and issues a service ticket encrypted with a
session key.
3. Access:
• User presents the service ticket to the desired service.
• The service decrypts the service ticket using the session key and
grants access if valid.
X.509 Certificates:
1. Public Key: The public key is used for encryption and verifying digital
signatures.
2. Private Key: Kept secret, the private key is used for decrypting data
encrypted with the corresponding public key and for creating digital
signatures.
3. Certificate Authority (CA): A trusted entity that issues digital certificates.
CAs verify the identity of certificate holders before issuing certificates.
4. Subject: The entity the certificate is issued to, such as a person,
organization, or a device.
5. Issuer: The CA that issues the certificate.
6. Validity Period: The timeframe during which the certificate is
considered valid.
7. Digital Signature: A cryptographic technique used to verify the
authenticity and integrity of the certificate.
1. Certificate Request:
• An entity requests a certificate from a CA.
• The CA verifies the identity of the entity and creates a certificate
containing the entity's public key and other relevant information.
2. Certificate Issuance:
• The CA signs the certificate with its private key, creating a digital
signature.
• The CA's public key, which is widely distributed and trusted, can
be used to verify the CA's signature on the certificate.
3. Certificate Usage:
• The entity can use its private key to encrypt data or create digital
signatures.
• Other parties can use the entity's public key, obtained from the
certificate, to decrypt messages encrypted by the entity or verify
digital signatures created by the entity.
3.Elliptic curve: