Professional Documents
Culture Documents
Authentication/Digital Signatures:
Electronic Money:
The definition of electronic money (also called electronic cash or
digital cash) is a term that is still evolving. It includes transactions
carried out electronically with a net transfer of funds from one party
to another, which may be either debit or credit and can be either
anonymous or identified. There are both hardware and software
implementations.
Encryption/Decryption in email:
Encryption in WhatsApp:
Vulnerability:
What is Plaintext?
What is Ciphertext?
IPS is a control system that accepts and rejects a IDS is a detection and monitoring tool which do
IPS requires that the database to regularly updated IDS requires human or another system to examine
It should be placed after the firewall device in a IDS should be placed after the firewall.
network.
IPS provides detection and reaction support. IDS provides decoupling detection and reaction
functionalities.
In IPS, configuration mode is an inline mode or as In IDS, configuration mode is the inline mode,
Types of IDS:-
Network Intrusion Detection System (NIDS)
Types of IPS:-
1. Network-based intrusion prevention system (NIPS):
It monitors the entire network for suspicious traffic by analyzing protocol
activity.
Public key infrastructure or PKI is the governing body behind issuing digital
certificates. It helps to protect confidential data and gives unique identities to
users and systems. Thus, it ensures security in communications.
The public key infrastructure uses a pair of keys: the public key and the private
key to achieve security. The public keys are prone to attacks and thus an intact
infrastructure is needed to maintain them.
Public key infrastructure affirms the usage of a public key. PKI identifies a
public key along with its purpose. It usually consists of the following
components:
A digital certificate also called a public key certificate
Private Key tokens
Registration authority
Certification authority
CMS or Certification management system
Working on a PKI:
The core of the X.509 authentication service is the public key certificate
connected to each user. These user certificates are assumed to be produced
by some trusted certification authority and positioned in the directory by the
user or the certified authority. These directory servers are only used for
providing an effortless reachable location for all users so that they can acquire
certificates. X.509 standard is built on an IDL known as ASN.1. With the help
of Abstract Syntax Notation, the X.509 certificate format uses an associated
public and private key pair for encrypting and decrypting a message.
Once an X.509 certificate is provided to a user by the certified authority, that
certificate is attached to it like an identity card. The chances of someone
stealing it or losing it are less, unlike other unsecured passwords. With the
help of this analogy, it is easier to imagine how this authentication works: the
certificate is basically presented like an identity at the resource that requires
authentication.
Public Key certificate use
1. Authentication
2. Confidentiality
3. Compression
4. Email Compatibility
5. Segmentation
VPN stands for the Virtual Private Network. A virtual private network (VPN)
is a technology that creates a safe and encrypted connection over a less
secure network, such as the Internet. A Virtual Private Network is a way to
extend a private network using a public network such as the Internet. The
name only suggests that it is a Virtual “private network,i.e., a” i.e. user can
be part of a local network sitting at a remote location. It makes use of
tunneling protocols to establish a secure connection.
5. The receiver can compute the message digest from the message (actual
message is sent with the digital signature).
6. The message digest computed by receiver and the message digest (got
by decryption on digital signature) need to be same for ensuring integrity.
Ques9:- What is Kerberos?
Database:
The Authentication Server verifies the access rights of users in the
database.
o Packet-filtering Firewalls
o Application-level Gateways (Proxy Firewalls)
o Network Address Translation (NAT) Firewalls
o Cloud Firewalls
o Unified Threat Management (UTM) Firewalls
Packet-filtering Firewalls
A packet filtering firewall is the most basic type of firewall. It acts like a management
program that monitors network traffic and filters incoming packets based on
configured security rules. These firewalls are designed to block network
traffic IP protocols, an IP address, and a port number if a data packet does not match
the established rule-set.
Unlike basic firewalls, these firewalls transfer requests from clients pretending to be
original clients on the web-server. This protects the client's identity and other
suspicious information, keeping the network safe from potential attacks. Once the
connection is established, the proxy firewall inspects data packets coming from the
source. If the contents of the incoming data packet are protected, the proxy firewall
transfers it to the client. This approach creates an additional layer of security between
the client and many different sources on the network.
When multiple devices are used to connect to the Internet, NAT firewalls create a
unique IP address and hide individual devices' IP addresses. As a result, a single IP
address is used for all devices. By doing this, NAT firewalls secure independent network
addresses from attackers scanning a network for accessing IP addresses. This results in
enhanced protection against suspicious activities and attacks.
In general, NAT firewalls works similarly to proxy firewalls. Like proxy firewalls, NAT
firewalls also work as an intermediate device between a group of computers and
external traffic.
Cloud Firewalls
Whenever a firewall is designed using a cloud solution, it is known as a cloud firewall
or FaaS (firewall-as-service). Cloud firewalls are typically maintained and run on the
Internet by third-party vendors. This type of firewall is considered similar to a proxy
firewall. The reason for this is the use of cloud firewalls as proxy servers. However, they
are configured based on requirements.
The most significant advantage of cloud firewalls is scalability. Because cloud firewalls
have no physical resources, they are easy to scale according to the organization's
demand or traffic-load. If demand increases, additional capacity can be added to the
cloud server to filter out the additional traffic load. Most organizations use cloud
firewalls to secure their internal networks or entire cloud infrastructure.
Unified Threat Management (UTM) Firewalls
UTM firewalls are a special type of device that includes features of a stateful inspection
firewall with anti-virus and intrusion prevention support. Such firewalls are designed
to provide simplicity and ease of use. These firewalls can also add many other services,
such as cloud management, etc.
Diffie-Hellman algorithm:
P and G are both publicly available numbers. Users (say Alice and Bob)
pick private values a and b and they generate a key and exchange it
publicly. The opposite person receives the key and that generates a
secret key, after which they have the same secret key to encrypt.
Example:
Encryption:
S/MIME allows you to encrypt your email messages.
When you send an encrypted email, only the
intended recipient with the correct private key
can decrypt and read it. This ensures that even if
someone intercepts your email, they can't
understand the content without the right
decryption key.
Digital Signatures:
S/MIME also supports digital signatures. When you
sign an email with your private key, the recipient
can use your public key to verify that the email
actually came from you and that it hasn't been
altered in transit. It adds a layer of
authentication and ensures the integrity of the
message.
Keyloggers:
These input to the function will provide us with the output signature
containing two components – ‘s’ and ‘r’. Therefore, the original message
concatenated with the signature is sent to the receiver. Receiver Side : At
the receiver end, verification of the sender is done. The hash code of the
sent message is generated. There is a verification function which takes the
following inputs –