Académique Documents
Professionnel Documents
Culture Documents
Biometrics
fingerprint, hand geometry, iris, retina, signature, and voice. Biometric technologies can be the
foundation of highly secure identification and personal verification solutions. The popularity and use
of biometric systems has increased because of the increased number of security breaches and
transaction fraud. Biometrics provides confidential financial transactions and personal data privacy.
For example, Apple uses fingerprint technology with its smartphones. The user’s fingerprint unlocks
the device and accesses various apps such as online banking or payment apps.
When comparing biometric systems there are several important factors to consider including
accuracy, speed or throughput rate, acceptability to users, uniqueness of the biometric organ and
action, resistance to counterfeiting, reliability, data storage requirements, enrollment time, and
intrusiveness of the scan. The most important factor is accuracy. Accuracy is expressed in error
The first error rate is Type I Errors or false rejections. A Type I Error rejects a person that registers
and is an authorized user. In access control, if the requirement is to keep the bad guys out, false
rejection is the least important error. However, in many biometric applications, false rejections can
have a very negative impact on business. For example, bank or retail store needs to authenticate
customer identity and account balance. False rejection means that the transaction or sale is lost, and
the customer becomes upset. Most bankers and retailers are willing to allow a few false accepts as
The acceptance rate is stated as a percentage and is the rate at which a system accepts unenrolled
individuals or imposters as authentic users. False acceptance is a Type II error. Type II errors allow
the bad guys in so they are normally considered to be the most important error for a biometric
The most widely used method to measure the accuracy of biometric authentication is the Crossover
Error Rate (CER). The CER is the rate where false rejection rate and the false acceptance rate are
equal as shown in the figure.
An access badge allows an individual to gain access to an area with automated entry points. An
entry point can be a door, a turnstile, a gate, or other barrier. Access badges use various
A card reader reads a number contained on the access badge. The system sends the number to a
computer that makes access control decisions based on the credential provided. The system logs the
transaction for later retrieval. Reports reveal who entered what entry points at what time.
All physical access controls including deterrent and detection systems ultimately rely on personnel to
intervene and stop the actual attack or intrusion. In highly secure information system facilities,
guards control access to the organization’s sensitive areas. The benefit of using guards is that they
can adapt more than automated systems. Guards can learn and distinguish many different
conditions and situations and make decisions on the spot. Security guards are the best solution for
access control when the situation requires an instantaneous and appropriate response. However,
guards are not always the best solution. There are numerous disadvantages to using security guards
including cost and the ability to monitor and record high volume traffic. The use of guards also
Video and electronic surveillance supplement or in some cases, replace security guards. The benefit
of video and electronic surveillance is the ability to monitor areas even when no guards or personnel
are present, the ability to record and log surveillance videos and data for long periods, and the ability
Video and electronic surveillance can also be more accurate in capturing events even after they
occur. Another major advantage is that video and electronic surveillance provide points of view not
easily achieved with guards. It can also be far more economical to use cameras to monitor the entire
perimeter of a facility. In a highly secure environment, an organization should place video and
electronic surveillance at all entrances, exits, loading bays, stairwells and refuse collection areas. In
most cases, video and electronic surveillance supplement security guards.
Managing and locating important information system assets are a key challenge for most
organizations. Growth in the number of mobile devices and IoT devices has made this job even
more difficult. Time spent searching for critical equipment can lead to expensive delays or downtime.
The use of Radio Frequency Identification (RFID) asset tags can be of great value to the security
staff. An organization can place RFID readers in the door frames of secure areas so that they are
The benefit of RFID asset tags is that they can track any asset that physically leaves a secure area.
New RFID asset tag systems can read multiple tags simultaneously. RFID systems do not require
line-of-sight to scan tags. Another advantage of RFID is the ability to read tags that are not visible.
Unlike barcodes and human readable tags that must be physically located and viewable to read,
RFID tags do not need to be visible to scan. For example, tagging a PC up under a desk would
require personnel to crawl under the desk to physically locate and view the tag when using a manual
or barcode process. Using an RFID tag would allow personnel to scan the tag without even seeing it.
Many portable devices and expensive computer monitors have a special steel bracket security slot
The most common type of door lock is a standard keyed entry lock. It does not automatically lock
when the door closes. Additionally, an individual can wedge a thin plastic card such as a credit card
between the lock and the door casing to force the door open. Door locks in commercial buildings are
different from residential door locks. For additional security, a deadbolt lock provides extra security.
Any lock that requires a key, though, poses a vulnerability if the keys are lost, stolen, or duplicated.
A cipher lock, shown in Figure, uses buttons that a user presses in a given sequence to open the
door. It is possible to program a cipher lock. This means that a user’s code may only work during
certain days or certain times. For example, a cipher lock may only allow Bob access to the server
room between the hours of 7 a.m. and 6 p.m. Monday through Friday. Cipher locks can also keep a
record of when the door opened, and the code used to open it.
QUESTION 2
b. CIA
Cryptanalysis
For as long as there has been cryptography, there has been cryptanalysis. Cryptanalysis is the
practice and study of determining the meaning of encrypted information (cracking the code), without
• The Vigenère cipher had been absolutely secure until it was broken in the 19th century by
• Mary, Queen of Scots, was plotting to overthrow Queen Elizabeth I from the throne and sent
encrypted messages to her co-conspirators. The cracking of the code used in this plot led to
• The Enigma-encrypted communications were used by the Germans to navigate and direct
their U-boats in the Atlantic. The Polish and British cryptanalysts broke the German Enigma
code. Winston Churchill was of the opinion that it was a turning point in WWII.
The figure symbolizes that many keys must be tried before successfully breaking a code.
• Brute-force method - The attacker tries every possible key knowing that eventually one of
them will work.
• Ciphertext method - The attacker has the ciphertext of several encrypted messages but no
• Known-Plaintext method - The attacker has access to the ciphertext of several messages
• Chosen-Plaintext method - The attacker chooses which data the encryption device
• Meet-in-the-Middle method - The attacker knows a portion of the plaintext and the
corresponding ciphertext.
Cryptology
Cryptology is the science of making and breaking secret codes. As shown in the figure, cryptology
There is a symbiotic relationship between the two disciplines because each makes the other one
stronger. National security organizations employ practitioners of both disciplines and put them to
There have been times when one of the disciplines has been ahead of the other. For example,
during the Hundred Years War between France and England, the cryptanalysts were leading the
cryptographers. France mistakenly believed that the Vigenère cipher was unbreakable, and then the
British cracked it. Some historians believe that the successful cracking of encrypted codes and
messages had a major impact on the outcome of World War II. Currently, it is believed that
testing the strength of security procedures, and by malicious hackers in exploiting weaknesses in
websites.
Cryptanalysts are individuals who perform cryptanalysis to crack secret codes. A sample job
fact of cryptography that it is impossible to prove that any algorithm is secure. It can only be proven
that it is not vulnerable to known cryptanalytic attacks. Therefore, there is a need for
mathematicians, scholars, and security forensic experts to keep trying to break the encryption
methods.
In the world of communications and networking, authentication, integrity, and data confidentiality are
implemented in many ways using various protocols and algorithms. The choice of protocol and
algorithm varies based on the level of security required to meet the goals of the network security
policy.
As an example, for message integrity, message-digest 5 (MD5) is faster but less secure than Secure
Hash Algorithm 2 (SHA2). Confidentiality can be implemented using DES, 3DES, or the very secure
AES. Again, the choice varies depending on the security requirements specified in the network
security policy document. The table in the figure lists common cryptographic hashes, protocols, and
algorithms.
CIA
Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for
Integrity
Availability
Therefore, individuals agree to accept the word of a neutral third party. Presumably, the third
party does an in-depth investigation prior to the issuance of credentials. After this in-depth
investigation, the third party issues credentials that are difficult to forge. From that point
forward, all individuals who trust the third party simply accept the credentials that the third party
issues.
For example, in the figure Alice applies for a driver’s license. In this process, she submits
evidence of her identity, such as birth certificate, picture ID, and more to a government licensing
bureau. The bureau validates Alice’s identity and permits Alice to complete a driver’s
examination. Upon successful completion, the licensing bureau issues Alice a driver license.
Later, Alice needs to cash a check at the bank. Upon presenting the check to the bank teller, the
bank teller asks her for ID. The bank, because it trusts the government licensing bureau, verifies
The Public Key Infrastructure (PKI) is the framework used to securely exchange information
between parties. The foundation of a PKI identifies a certificate authority analogous to the
licensing bureau. The certificate authority issues digital certificates that authenticate the identity
of organizations and users. These certificates are also used to sign messages to ensure that the
PKI is needed to support large-scale distribution and identification of public encryption keys.
PKI enables users and computers to securely exchange data over the Internet and to verify the
identity of the other party. The PKI identifies the encryption algorithms, levels of security, and
Any form of sensitive data exchanged over the Internet is reliant on PKI for security. Without
PKI, confidentiality can still be provided but authentication is not guaranteed. For example, the
information could be encrypted and exchanged. However, there would be no assurance of the
The PKI framework consists of the hardware, software, people, policies, and procedures needed
to create, manage, store, distribute, and revoke digital certificates. Specifically, the main
2. PKI Certificate
4. Certificate Database
Not all PKI certificates are directly received from a CA. A registration authority (RA) is
QUESTION 3
owner and the owner can grant or deny access to any other subjects. For example, if you create a
file, you are the owner and can grant permissions to any other user to access the file. The New
Technology File System (NTFS), used on Microsoft Windows operating systems, uses the DAC
model.
Instead of assigning permissions directly to users, user accounts are placed in roles and
administrators assign privileges to the roles. These roles are typically identified by job functions. If a
user account is in a role, the user has all the privileges assigned to the role. Microsoft Windows
all subjects. As an example, a firewall uses rules that allow or block traffic to all users equally. Rules
within the rule-based access control model are sometimes referred to as restrictions or filters.
A key characteristic of the Attribute Based Access Control (ABAC) model is its use of rules that can
include multiple attributes. This allows it to be much more flexible than a rule-based access control
model that applies the rules to all subjects equally. Many software-defined networks use the ABAC
model. Additionally, ABAC allows administrators to create rules within a policy using plain language
statements such as “Allow Managers to access the WAN using a mobile device.”
both subjects and objects. For example, if a user has a label of top secret, the user can be granted
access to a top secret document. In this example, both the subject and the object have matching
labels. When documented in a table, the MAC model sometimes resembles a lattice (such as one
Question4
IDS
The security challenges that face today's network administrators cannot be successfully managed by
any single application. Although implementing device hardening, authentication, authorization, and
accounting (AAA) access control, and firewall features are all part of a properly secured network,
these features still cannot defend the network against fast-moving Internet worms and viruses. A
network must be able to instantly recognize and mitigate worm and virus threats.
It is no longer possible to contain intrusions at a few points in the network. Intrusion prevention is
required throughout the entire network to sucessfully detect and stop an attack at every inbound and
outbound point.
A networking architecture paradigm shift is required to defend against fast-moving and evolving
attacks. This must include cost-effective detection and prevention systems, such as intrusion
detection systems (IDS) or the more scalable intrusion prevention systems (IPS). The network
architecture integrates these solutions into the entry and exit points of the network.
One approach to prevent worms and viruses from entering a network is for an administrator to
continuously monitor the network and analyze the log files generated by the network devices. This
solution is not very scalable. Manually analyzing log file information is a time-consuming task and
provides a limited view of the attacks being launched against a network. By the time the logs are
Intrusion Detection Systems (IDSs) were implemented to passively monitor the traffic on a network.
The figure shows that an IDS-enabled device copies the traffic stream and analyzes the copied
traffic rather than the actual forwarded packets. Working offline, it compares the captured traffic
stream with known malicious signatures, similar to software that checks for viruses. Working offline
• IDS device is physically positioned in the network so that traffic must be mirrored in order to
reach it
• Network traffic does not pass through the IDS unless it is mirrored
Although the traffic is monitored and perhaps reported, no action is taken on packets by the IDS.
The advantage of operating with a copy of the traffic is that the IDS does not negatively affect the
packet flow of the forwarded traffic. The disadvantage of operating on a copy of the traffic is that the
IDS cannot stop malicious single-packet attacks from reaching the target before responding to the
attack. An IDS often requires assistance from other networking devices, such as routers and
A better solution is to use a device that can immediately detect and stop an attack. An Intrusion
means that all ingress and egress traffic must flow through it for processing. As shown in the figure,
an IPS does not allow packets to enter the trusted side of the network without first being analyzed. It
An IPS monitors Layer 3 and Layer 4 traffic. It analyzes the contents and the payload of the packets
for more sophisticated embedded attacks that might include malicious data at Layers 2 to 7. Some
IPS platforms use a blend of detection technologies, including signature-based, profile-based, and
protocol analysis-based intrusion detection. This deeper analysis enables the IPS to identify, stop,
and block attacks that would pass through a traditional firewall device. When a packet comes in
through an interface on an IPS, that packet is not sent to the outbound or trusted interface until the
The advantage of operating in inline mode is that the IPS can stop single-packet attacks from
reaching the target system. The disadvantage is that a poorly configured IPS, or a non-proportional
IPS solution, can negatively affect the packet flow of the forwarded traffic.
The biggest difference between IDS and IPS is that an IPS responds immediately and does not
allow any malicious traffic to pass, whereas an IDS allows malicious traffic to pass before it is
addressed.
IDS and IPS technologies share several characteristics. IPS technologies are both deployed as
sensors. An IDS or IPS sensor can be in the form of several different devices:
IDS and IPS technologies use signatures to detect patterns in network traffic. A signature is a set of
rules that an IDS or IPS uses to detect malicious activity. Signatures can be used to detect severe
breaches of security, to detect common network attacks, and to gather information. IDS and IPS
technologies can detect atomic signature patterns (single-packet) or composite signature patterns
(multi-packet).
A primary advantage of an IDS platform is that it is deployed in offline mode. Since the IDS sensor is
not inline, it has no impact on network performance. It does not introduce latency, jitter, or other
traffic flow issues. In addition, if a sensor fails it does not affect network functionality. It only affects
However, there are many disadvantages of deploying an IDS platform. An IDS sensor is primarily
focused on identifying possible incidents, logging information about the incidents, and reporting the
incidents. The IDS sensor cannot stop the trigger packet and is not guaranteed to stop a connection.
The trigger packet alerts the IDS to a potential threat. IDS sensors are also less helpful in stopping
Users deploying IDS sensor response actions must have a well-designed security policy and a good
operational understanding of their IDS deployments. Users must spend time tuning IDS sensors to
Finally, because IDS sensors are not inline, an IDS implementation is more vulnerable to network
associated with a connection, or packets from a source IP address. Additionally, because IPS
sensors are inline, they can use stream normalization. Stream normalization is a technique used to
reconstruct the data stream when the attack occurs over multiple data segments.
A disadvantage of IPS is that (because it is deployed inline) errors, failure, and overwhelming the
IPS sensor with too much traffic can have a negative effect on network performance. An IPS sensor
can affect network performance by introducing latency and jitter. An IPS sensor must be
appropriately sized and implemented so that time-sensitive applications, such as VoIP, are not
adversely affected.