The command office has asked for a presentation on security mechanisms including
ID: 3663262 • Letter: T
Question
The command office has asked for a presentation on security mechanisms including access control models, authentication, authorization and encryption. Describe differences between them and identify situations where appropriate. Discuss how encryption relates to storage, network traffic, secure Web access, and the e-mailing of documents. One topic of concern is symmetrical versus public key.
The presentation should include the following information:
Comparison of security mechanisms
An explanation of public key cryptography
Historical background of the development of encryption
Typical uses of public key cryptography
Symmetrical versus public key
Encryption and how it relates to storage, network traffic, secure Web access and e-mail
Explanation / Answer
Security mechanisms help us to protect ourselves from various attacks performed by the intruder. Confidentiality,integrity and availability are the main goals of any security mechanism.Encryption is used to provide the confidentality. Any data is encrypted using cryptographic techniques and then transmitted over the network. Integrity is achieved with help of hash functions (like md5,sha,sha1). Availability means the service is available to the users.Authentication is the security mechanism which provides access to the authorized users.There are various authentication techniques like biometric,one time pad,2 factor. These are all part of the security mechanism.
Encryption is the techniques where plain text is converted into cipher text.
Decryption is technique of converting cipher text back to the plain text.
For both encryption we use algorithms and key.
In Symmentric key cryptography same key is used for both encryption and decryption. Various examples of symmentric key cryptography are Affine cipher,AES,DES.
In Public key cryptography we use two diffeerent key public key and private key.Message is encrypted with the users public key and the recipient will decrypt with the private key.
Digital signatures uses the public key cryptography.
RSA,elliptical curves uses the public key cryptography.
Symmentric key cryptography is faster than pubic key cryptography but major draw back of symmentric key cryptography is key exchange since sender and reciever needs the same key to perform both encryption and decryption. In public key cryptography there is no need to share the private key between sender and reciever.Authentication and non-repudiation are possible in the case of public key cryptography. Public key cryptography is complex where symmentric cryptography is simple. Time consuming process in encryption and decryption for public key cryptography.
In storage we will encrypt the hard disk using EFS,true crypt softwares. Even DVD uses CSS,AACS techniques to encrypt the data in the blue -ray disks. We can use encryption to provide secure communication in the case of web traffice we uss HTTPS ( SSL is used) and in wireless communication uses 802.11i WPA2,WEP techniques.