Question 1.1

The OSI Security Architecture is an outline that gives a sorted-out
method for security and describing the techniques to filling those
requirements.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

 

Question 1.2

Active security threats include data transmitted being
modified to gain unauthorized access to computer systems.

Passive security threats are eavesdropping on Electronic
mail, client or server exchanges

 

Question 1.3

Active security attacks: masquerade modification of a messages.

Passive security attacks: release of message contents.

 

Question 1.4

Access control: prevention of unauthorized use of a resource
that is service controls who can have access to a resource.

Authentication: it is the assurance that the communicating
entity is the one that it claims to be.

Availability service: a system being accessible upon demand
by an authorized system entity

Data confidentiality: it the protection of data from unofficial
revelation.

Data integrity: the confirmation that information got are
precise as sent by an approved element.

 

Question 1.5

a.     Specific
security mechanism

May be combined into the suitable protocol layer in order to
offer some of the OSI security services.

Encipherment: the use of mathematical algorithms to change
data into a form that is not readily understandable.

Data Integrity: the variety of mechanisms used to assure the
integrity of a data unit or stream of data units.

Traffic Padding: inclusion of bits into gaps in an
information stream to disappoint traffic analysis attempts.

Routing Control: Enables determination of specific
physically secure routes for specific information.

Notarization: use of a trusted third party to data exchange.

b.     Pervasive
security mechanisms

Mechanisms that are not definite to any certain OSI security
service.

Trusted Functionality: That which is alleged to be correct
with respect to some criteria.

Security Label: The marking bound to a resource that names the
security attributes of that resource.

Security Audit Trail: Data collected and used to simplify a
security audit.

Security Recovery: Deals with demands from systems

 

Question 1.6

Economy of Mechanism: This
principle says that the design of security measures personified in both
hardware and software should be as basic and little as could be expected under
the circumstances.

Fail-safe defaults: This
principle says that access decisions should be based on permission rather than
exclusion.

Open design: This principle says that the design of a security mechanism
should be open rather than secret

Separation of privilege: This
principle says can be defined as a practice in which multiple privilege
attributes are required to achieve access to a restricted resource. 

 

Least privilege: This standard says that every procedure and each
client of the system should operate using the least set of freedoms necessary
to perform the duty

Least common mechanism:

This principle says that the design should to limit the
capacities shared by various clients, giving common security. This principle
helps reduce the number of unintended communication paths and reduces the
amount of hardware and software on which all users depend.

Encapsulation: concealing
traits in programming so that you can make changes in one place
without having to also make changes in the other parts of an application

least astonishment: applies to user
interface and software design, from
the ergonomics standpoint.

 

Question 1.7

Attack Surface: Comprises of the reachable vulnerabilities
in a system.

Attack Tree:  spreading progressive
information structure that speaks to an arrangement of potential strategies for
security vulnerabilities.

 

Author