Network Security Questions: I need answers of these questions in a very briefly
ID: 3874221 • Letter: N
Question
Network Security Questions:
I need answers of these questions in a very briefly
1- How is a digital signature created with public-key encryption?
2- What are the three basic methods for authenticating or verifying the identity of a user?
3- What four security concerns must a distributed operating system accommodate?
4-What is a certificate authority (CA)?
5-What is a certificate list?
6-How does a Secure Socket Layer (SSL) work?
7-What is the purpose of Kerberos?
8-What is KDBM?
9-Define principal in the context of access control lists.
10- How is a public key distributed to agents on a network?
11-What are the defining characteristics of cryptographic algorithms?
12- Explain the process of Kerberos authentication.
13- Explain the basic terms related to distributed security: encryption,
ciphertext, authentication, access control, decryption, and plaintext
14- describe general security concerns for the distributed application developer.
15- examine the various types of cryptography, including their application for digital signatures.
16- explain symmetric encryption and asymmetric encryption
17- discuss public and private keys and how they are created.
18- discuss the design and use of cryptographic security measures through the Java security API (generally), and the Core Security API (specifically).
19- examine the architecture of the java.security package.
20- explain how to add security to distributed applications, using the Java Security API.
21- introduce and discuss the use of keys in the Java Security API.
22- discuss the issues involved in choosing one cryptographic algorithm over another.
Explanation / Answer
If you have any problem with the answer just let me know in the comments and I'll try to solve it as soon as possible. We are required to do only 4 parts of a question so don't down vote me as I can only do these in given time.
1. Digital signatures are created using public key encryption also known as asymmetric cryptography, algorithm like Rsa is used in which two keys are generated one private and one public which are mathematically link to one another. For creating a digital signature, one way hash of electronic data is crafted using signing software after that the private key is used to encrypt the hash. This encrypted hash is known as the digital signature.
2. The three basic authentication methods also known as authentication factors are :-
- knowledge (something you know)
A password or any piece of information that that can be used to verify the identity of the user.
Possession (something you have)
A key card or some other thing provided by organizations for the authentication.
Inherence (something you are)
These are users biometric like fingerprint or eye scan.
4. Certificate Authority (CA) is a trusted third party entity which issues digital signature to digital entities by which their identity can be verified on the internet.
5. Only those hosts are considered as trusted which have a certificate signed by Certification Authority (CA). These certificates are stores in the list known as certificate list, each browser have their own certificate list.
6. The SSL protocol consists of two subprotocols namely record and handshake protocol :-
The handshake protocol creates SSL connection between client and server provides negotiation for which cryptographic system will be used.
The record protocol is about how data is interchanged using SSL, including specifications of data transmission and verification or decryption on reception.
7. Kerberos is a security protocol which authenticates service requests between two trusted parties over non secure network such as internet.