SlideShare a Scribd company logo

MTech - E-Commerce, M-Commerce & Network Security_Assignment

Vijayananda Mohire
Vijayananda Mohire

This document is a submission by Vijayananda D Mohire for their Master of Technology degree from Karnataka State Open University. It contains Mohire's responses to 10 assignment questions on the topics of e-commerce, m-commerce, and network security. The assignment aims to evaluate Mohire's understanding of these subjects in partial fulfillment of the requirements for their MTech degree.

Software
1 of 29
Download to read offline
E-Commerce, M-Commerce & Network Security (Assignment –I) Submitted in partial fulfilment of the requirements for the degree of Master of Technology in Information Technology by Vijayananda D Mohire (Enrolment No.921DMTE0113) Information Technology Department Karnataka State Open University Manasagangotri, Mysore – 570006 Karnataka, India (2010)
MT23C-I 2 E-Commerce, M-Commerce & Network Security
MT23C-I 3 CERTIFICATE This is to certify that the Assignment-I entitled E-Commerce, M-Commerce & Network Security, subject code: MT23C submitted by Vijayananda D Mohire having Roll Number 921DMTE0113 for the partial fulfilment of the requirements of Master of Technology in Information Technology degree of Karnataka State Open University, Mysore, embodies the bonafide work done by him under my supervision. Place: ________________ Signature of the Internal Supervisor Name Date: ________________ Designation
MT23C-I 4 For Evaluation Question Number Maximum Marks Marks awarded Comments, if any 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 1 9 1 10 1 TOTAL 10 Evaluator’s Name and Signature Date
MT23C-I 5 Preface This document has been prepared specially for the assignments of M.Tech – IT II Semester. This is mainly intended for evaluation of assignment of the academic M.Tech - IT, II semester. I have made a sincere attempt to gather and study the best answers to the assignment questions and have attempted the responses to the questions. I am confident that the evaluator’s will find this submission informative and evaluate based on the provide content. For clarity and ease of use there is a Table of contents and Evaluators section to make easier navigation and recording of the marks. Evaluator’s are welcome to provide the necessary comments against each response; suitable space has been provided at the end of each response. I am grateful to the Infysys academy, Koramangala, Bangalore in making this a big success. Many thanks for the timely help and attention in making this possible within specified timeframe. Special thanks to Mr. Vivek and Mr. Prakash for their timely help and guidance. Candidate’s Name and Signature Date
MT23C-I 6 Table of Contents For Evaluation................................................................................................................................4 Preface..........................................................................................................................................5 Question 1.....................................................................................................................................9 Answer 1.......................................................................................................................................9 Question 2................................................................................................................................... 10 Answer 2..................................................................................................................................... 10 Question 3................................................................................................................................... 12 Answer 3..................................................................................................................................... 12 Question 4................................................................................................................................... 14 Answer 4..................................................................................................................................... 14 Question 5................................................................................................................................... 16 Answer 5..................................................................................................................................... 17 Question 6................................................................................................................................... 19 Answer 6..................................................................................................................................... 19 Question 7................................................................................................................................... 20 Answer 7..................................................................................................................................... 20 Question 8................................................................................................................................... 21 Answer 8..................................................................................................................................... 21 Question 9................................................................................................................................... 23 Answer 9..................................................................................................................................... 23 Question 10................................................................................................................................. 28 Answer 10 ................................................................................................................................... 28
MT23C-I 7 Table of Figures Figure 1 The VPN connection ......................................................................................................... 14 Figure 2 VPN Model....................................................................................................................... 16 Figure 3 IP address spoofing......................................................................................................... 20 Figure 4 Verifying a Digital signature in Message Authentication .................................................... 23 Figure 5 Risk Management plan..................................................................................................... 24 Figure 6 Identify Risks ................................................................................................................... 25 Figure 7 Analyze risks.................................................................................................................... 26 Figure 8 Plan for management of risks .......................................................................................... 27 Figure 9 IP Sec elements................................................................................................................ 28
MT23C-I 8 E-COMMERCE, M-COMMERCE & NETWORK SECURITY RESPONSE TO ASSIGNMENT – I
MT23C-I 9 Question 1 What is the need of Securing? Answer 1 Few reasons for the need of security is to avoid:  Damage of computer systems  Damage of internal data  Loss of sensitive information to hostile parties  Damage to reputation of company  Monetary damages Security is a continuous process of protecting an object from unauthorized access. It is as state of being or feeling protected from harm. That object in that state may be a person, an organization such as a business, or property such as a computer system or a file. Security comes from secure which means, according to Webster Dictionary, a state of being free from care, anxiety, or fear. An object can be in a physical state of security or a theoretical state of security. In a physical state, a facility is secure if it is protected by a barrier like a fence, has secure areas both inside and outside, and can resist penetration by intruders. This state of security can be guaranteed if the following four protection mechanisms are in place: deterrence, prevention, detection, and response. • Deterrence is usually the first line of defense against intruders who may try to gain access. It works by creating an atmosphere intended to frighten intruders. Sometimes this may involve warnings of severe consequences if security is breached. • Prevention is the process of trying to stop intruders from gaining access to the resources of the system. Barriers include firewalls, demilitarized zones (DMZs), and use of access items like keys, access cards, biometrics, and others to allow only authorized users to use and access a facility. • Detection occurs when the intruder has succeeded or is in the process of gaining access to the system. Signals from the detection process include
MT23C-I 10 alerts to the existence of an intruder. Sometimes these alerts can be real time or stored for further analysis by the security personnel. • Response is an after effect mechanism that tries to respond to the failure of the first three mechanisms. It works by trying to stop and/or prevent future damage or access to a facility. Evaluator’s Comments if any: Question 2 What are the threats and vulnerabilities? Answer 2 Threats: A threat can be any person, object, or event that, if realized, could potentially cause damage to the LAN. Threats can be malicious, such as the intentional modification of sensitive information, or can be accidental, such as an error in a calculation, acts of nature. Security threats to the availability, confidentiality and integrity/non- repudiation state of computer and network assets may involve physical actions or cyber actions. Physical threats include natural threats (e.g., flood and lightning) and man-made threats (e.g., physical break-in to destroy or take away computers and network devices). Cyber security threats can be characterized by many factors such as motive, objective, origin, speed, means, skill, resource, and so on. For example, there may be a political motive for the massive destruction of computer and network assets at a national level, a financial motive for gathering and stealing information at the corporate level, and a personal motive for overcoming the technical challenge to vandalize or gain access to a computer and network system. Objectives can vary from gathering or
MT23C-I 11 stealing information to gaining access, disrupting or denying service, and modifying or deleting data. In general, a threat can come internally or externally. An internal threat or insider threat comes from a source which has access rights but abuses them. An external threat comes from a source which is not authorized to access a computer and network system. Some attacks are scripted and automatically executed with little human intervention, producing a machine speed of attack execution, whereas other attacks are performed through manual interactions with a computer and network system and thus proceed slowly. An attacker can have no sophisticated skills and little resources but simply execute a downloaded attack script. Nation- or organization-sponsored attacks can use sophisticated skills and knowledge about computers and networks with unlimited resources. Vulnerability: Vulnerabilities are weaknesses in a LAN that can be exploited by a threat. For example, unauthorized access to the LAN could occur by an outsider guessing an obvious password. The vulnerability exploited is the poor password choice of the user. Each computer or network asset has a limited service capacity, an inherent vulnerability which exposes them to denial of service attacks through flooding. Moreover, most system and application software, which enables users to operate computers and networks, is large in size and complex in nature. Large-scale, complex software presents considerable challenges in specification, design, implementation, testing, configuration, and operation management. As a result, system software and application software is often released without being fully tested and evaluated as free from errors, due to the complexity of large-scale software. Errors can also be made by system administrators when they configure software. Symantec Corporation has a software product, called Vulnerability Assessment (VA), which uses host-based audits to check the security settings of a host computer for vulnerabilities or uses a network scanner to check remote computers for vulnerabilities. The VA defines the following vulnerability classes to indicate the types of errors which produce the vulnerabilities: _ boundary condition error;
MT23C-I 12 _ access validation error; _origin validation error; _ input validation error; _ failure to handle exceptional conditions; _ race condition error; _ serialization error; _ atomicity error; _ environment error; _ configuration error; _ design error; _ unknown. Evaluator’s Comments if any: Question 3 What are the firewall Components? Answer 3 Firewalls can be composed of software, hardware or most commonly, both. A firewall is hardware, software, or a combination of both that monitors and filters traffic packets that attempt to either enter or leave the protected private network. It is a tool that separates a protected network or part of a network, and now increasingly a user PC, from an unprotected network – the “bad network” like the Internet. In many cases the “bad network” may even be part of the company network. By definition, a “firewall,” is a tool that provides a
MT23C-I 13 filter of both incoming and outgoing packets. The primary components of a firewall are: 1. Network policy 2. Advanced authentication mechanisms 3. Packet filtering, and Application gateways Network policy: There are two levels of network policy that directly influence the design, installation and use of a firewall system. The higher level policy (Services access policy) is an issue-specific, network access policy that defines those services that will be allowed or explicitly denied from the restricted network, how these services will be used, and the conditions for exception to this policy. The lower level policy (Firewall design policy) describes how the firewall will actually go about restricting the access and filtering the services what were defined in the higher level policy. Advanced authentication: Advanced authentication measures such as smartcards, authentication tokens, biometrics, and software based mechanism are designed to counter the weakness of traditional passwords. While the authentication techniques vary, they are similar in that the passwords generated by advanced authentication devices cannot be reused by an attacker who has monitored a connection. Ex.: One time passwords. Packet filtering, and Application gateways IP Packet filtering is done using a packet filtering router designed for filtering packets as they pass between the router’s interfaces. A packet filtering router usually can filter IP packets based on some or all of the following fields:  Source IP address  Destination IP address  TCP/UDP source and destination ports To counter some of the weakness associated with packet filtering routers, firewalls need to use software applications to forward and filter connections for services such as TELNET and FTP. Such an application is referred to as a proxy service, while the host running the proxy service is referred to as an application gateway.
MT23C-I 14 Evaluator’s Comments if any: Question 4 Explain VPN? Answer 4 A VPN is the extension of a private network that encompasses links across shared or public networks such as the Internet. A VPN enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point-to-point private link. In essence, it makes the remote computer virtually part of the private network by making an encrypted tunnel through the public Internet. The act of configuring and creating a VPN is known as virtual private networking. To emulate a point-to-point link, data is encapsulated, or wrapped, with a header that provides routing information, allowing the data to traverse the shared or public transit internetwork to reach its endpoint. To emulate a private link, the data being sent is encrypted for confidentiality. Packets that are intercepted on the shared or public network are indecipherable without the encryption keys. The portion of the connection in which the private data is encapsulated is known as the tunnel. The portion of the connection in which the private data is encrypted is known as the VPN connection. Figure 1 shows the VPN connection. Figure 1 The VPN connection VPN connections allow users working at home or on the road to connect in a secure fashion to an organization’s remote server by using the routing
MT23C-I 15 infrastructure provided by a public internetwork (such as the Internet). From the user’s perspective, the VPN connection is a point-to-point connection between the user’s computer and an organization’s server. The nature of the intermediate internetwork is irrelevant to the user because it appears as if the data is being sent over a dedicated private link. VPN technology also allows a corporation to connect to branch offices or to other companies over a public internetwork (such as the Internet) while maintaining secure communications. The VPN connection across the Internet logically operates as a wide area network (WAN) link between the sites. In both of these cases, the secure connection across the internetwork appears to the user as a private network communication—despite the fact that this communication occurs over a public internetwork—hence the name virtual private network. VPN technology is designed to address issues surrounding the current business trend toward increased telecommuting and widely distributed global operations, where workers must be able to connect to central resources and must be able to communicate with each other. To provide employees with the ability to connect to an organization’s computing resources, regardless of their location, a corporation must deploy a scalable remote access solution. Typically, corporations choose either a department solution, where an internal information systems department is charged with buying, installing, and maintaining an organization’s modem pools and a private network infrastructure; or they choose a value-added network (VAN) solution, where they pay an outsourced company to buy, install, and maintain modem pools and a telecommunication infrastructure. Neither of these solutions provides the necessary scalability, in terms of cost, flexible administration, and demand for connections. Therefore, it makes sense to replace the modem pools and private network infrastructure with a less expensive solution based on Internet technology so that the business can focus on its core competencies. With an Internet solution, a few Internet connections through Internet service providers (ISPs) and VPN server computers can serve the remote networking needs of hundreds or thousands of remote clients and branch offices. The security procedures that involve encryption are achieved through the use of a tunneling protocol. There are two types of VPNs:
MT23C-I 16 Remote access which lets single users connect to the protected company network and site-to-site which supports connections between two protected company networks. In either mode, VPN technology gives a company the facilities of expensive private leased lines at much lower cost by using the shared public infrastructure like the Internet. See Fig. 2. VPN technology is not new; phone companies have provided private shared resources for voice messages for over a decade. However, its extension to making Figure 2 VPN Model it possible to have the same protected sharing of public resources for data is new. Today, VPNs are being used for both extranets and wide-area intranets. Probably owing to cost savings, the popularity of VPNs by companies has been phenomenal. Evaluator’s Comments if any: Question 5 Explain various methods of attacks?
MT23C-I 17 Answer 5 Whatever their motives, hackers have a variety of techniques in their arsenal to carry out their goals. Let us look at some of them here. Social Engineering: This involves fooling the victim for fun and profit. Social engineering depends on trusting that employees will fall for cheap hacker “tricks” such as calling or e-mailing them masquerading as a system administrator, for example, and getting their passwords which eventually lets in the intruder. Social engineering is very hard to protect against. The only way to prevent it is through employee education and employee awareness. Impersonation is stealing access rights of authorized users. There are many ways an attacker such as a hacker can impersonate a legitimate user. For example, a hacker can capture a user telnet session using a network sniffer such as tcpdump or nitsniff. The hacker can then later login as a legitimate user with the stolen login access rights of the victim. Exploits: This involves exploiting a hole in software or operating systems. As is usually the case, many software products are brought on the market either through a rush to finish or lack of testing, with gaping loopholes. Badly written software is very common even in large software projects such as operating systems. Hackers quite often scan network hosts for exploits and use them to enter systems. Transitive Trust exploits host-to-host or network-to-network trust. Either through client-server three-way handshake or server-to-server next-hop relationships, there is always a trust relationship between two network hosts during any transmission. This trust relationship is quite often compromised by hackers in a variety of ways. For example, an attacker can easily do an IP-spoof or a sequence number attack between two transmitting elements and gets away with information that compromises the security of the two communicating elements. Data Attacks: Script programming has not only brought new dynamism into Web development, but it has also brought a danger of hostile code into systems through scripts. Current scripts can run on both the server, where they traditionally used to run, and also on the client. In doing so, scripts can
MT23C-I 18 allow an intruder to deposit hostile code into the system, including Trojans, worms, or viruses. Infrastructure Weaknesses: Some of the greatest network infrastructure weaknesses are found in the communication protocols. Many hackers, by virtue of their knowledge of the network infrastructure, take advantage of these loopholes and use them as gateways to attack systems. Many times, whenever a loophole is found in the protocols, patches are soon made available but not many system administrators follow through with patching the security holes. Hackers start by scanning systems to find those unpatched holes. In fact, most of the system attacks from hackers use known vulnerabilities that should have been patched. Denial of Service: This is a favourite attack technique for many hackers, especially hacktivists. It consists of preventing the system from being used as planned through overwhelming the servers with traffic. The victim server is selected and then bombarded with packets with spoofed IP addresses. Many times, innocent hosts are forced to take part in the bombardment of the victim to increase the traffic on the victim until the victim is overwhelmed and eventually fails. Active Wiretap: In an active wiretap, messages are intercepted during transmission. When the interception happens, two things may take place: First, the data in the intercepted package may be compromised by introduction of new data such as change of source or destination IP address or the change in the packet sequence numbers. Secondly, data may not be changed but copied to be used later such as in the scanning and sniffing of packets. In either case, the confidentiality of data is compromised and the security of the network is put at risk. Evaluator’s Comments if any:
MT23C-I 19 Question 6 State the anti-virus technologies? Answer 6 Five major Virus detection technologies: Integrity checking( aka checksum) Based on determining, by comparison, whether virus-attacked code modified a program’s file characteristics. As it is not dependent on virus signatures, this method does not require software updates at specific intervals. Interrupt monitoring: Attempts to locate and prevent a virus “interrupt calls”( function requests through the system’s interrupts) Memory detection: Depends on recognition of a known virus location and code while in memory. Signature scanning: Recognizes a virus unique “signature” a preidentified set of hexadecimal code, making it highly successful at virus identification. Heuristic/Rules based scanning: Faster than traditional scanners, method uses a set of rules to efficiently parse through files and quickly identify suspect code. All above mentioned five technologies can usually perform on-access or on-demand scans, for both network servers and work-stations. Today, all effective products leverage a combination of above to manage virus threats. Evaluator’s Comments if any:
MT23C-I 20 Question 7 What is IP address spoofing Answer 7 The term IP address spoofing refers to the creation of IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender. Figure 3 shows a scenario of spoofing. Figure 3 IP address spoofing How Spoofing works: The basic protocol for sending data over the Internet and many other computer networks is the IP. The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send response back to the forged source address, which means that this technique is mainly used when the attacker does not care about response or the attacker has some way of guessing the response. In certain cases, it might be possible for the attacker to see or redirect the response to his own machine. The most usual case is when the attacker is spoofing an address on the same LAN or WAN.
MT23C-I 21 Evaluator’s Comments if any: Question 8 Describe digital Signature? Answer 8 A digital signature or schema is a type of asymmetric cryptography used to simulate the security properties of a handwritten signature on the paper. Digital signature schemes normally provide two algorithms, one for signing which involves the user’s secret key or private key, and one for verifying signatures which involves the user’s public key. The output of the signature process is called the “Digital signature”. The idea of a digital signature is basically the same as that of a handwritten signature, to authenticate the signer. It is used to authenticate the fact that what has been promised by a signature can’t be taken back later. Like a paper signature, the digital signature creates a legal and psychological link between the signer of the message and the message. Digital signature-based authentication is yet another authentication technique that does not require passwords and user names. A digital signature is a cryptographic scheme used by the message recipient and any third party to verify the sender’s identity and/or message on authenticity. It consists of an electronic signature that uses public key infrastructure (PKI) to verify the identity of the sender of a message or of the signer of a document. The scheme may include a number of algorithms and functions including the Digital Signature Algorithm (DSA), Elliptic Curve Digital Signature and Algorithm (ECDSA), account authority digital signature, authentication function, and signing function. A digital signature is defined as an encrypted message digest, by the private key of the sender, appended to a document to analogously authenticate it, just like the handwritten signature appended on a written document
MT23C-I 22 authenticates it. Just like in the handwritten form, a digital signature is used to confirm the identity of the sender and the integrity of the document. It establishes the nonrepudiation of the sender. Digital signatures are formed using a combination of public key encryption and one-way secure hash function according to the following steps :  The sender of the message uses the message digest function to produce a message authentication code (MAC).  This MAC is then encrypted using the private key and the public key encryption algorithm. This encrypted MAC is attached to the message as the digital signature. The message is then sent to the receiver. Upon receipt of the message, the recipient then uses his or her public key to decrypt the digital signature. First, the recipient must verify that the message indeed came from the expected sender. This step verifies the sender’s signature. It is done via the following steps:  The recipient separates the received message into two: the original document and the digital signature.  Using the sender’s public key, the recipient then decrypts the digital signature which results in the original MAC.  The recipient then uses the original document and inputs it to the hash function to produce a new MAC.  The new MAC is compared with the MAC from the sender for a match. If these numbers compare, then the message was received unaltered, the data integrity is assured, and the authenticity of the sender is proven. See Fig. 4 for the working of digital signature verification. Because digital signatures are derived from the message as a digest which is then encrypted, they cannot be separated from the messages they are derived from and remain valid. Since digital signatures are used to authenticate the messages and identify the senders of those messages, they can be used in a variety of areas where such double confirmation is needed. Anything that can be digitized can be digitally signed. This means that digital signatures can be used with any kind of message, whether it is encrypted or not, to establish the authenticity of the sender and that the message arrived intact. However, digital signatures cannot be used to provide the confidentiality of the message content.
MT23C-I 23 Figure 4 Verifying a Digital signature in Message Authentication Among the most common digital signature algorithms in use today are the Digital Signature Standard (DSS) proposed by NIST and based on the El Gamal public key algorithm and RSA. DSS is faster than RSA. Evaluator’s Comments if any: Question 9 Explain the process of Risk Management? Answer 9 Risk management is a systematic approach to determine appropriate corporate security measures. How to address security, where to address security, and the type and strength of security controls requires considerable thought. Risk management is the act of examining the relative value of your assets and then allocating your security resources based on the likelihood of the risk
MT23C-I 24 occurring and the value of the asset. Risk management helps you prioritize your efforts and spending to secure your network Figure 5 Risk Management plan A risk is the possibility of suffering a loss, and the impact or extent of damage that would result if the loss occurs. Risk management is the process of identifying risks, analyzing the risks, and creating a plan to manage the risks. There are two types of risk analysis:  Qualitative. Ranks risks according to their relative impact on business operations. Qualitative analysis often requires you to estimate the probability of a threat and the impact of the threat occurring on a scale of 1 to 10. You then multiply the two numbers for the probability and impact and use the product to rank the risk relative to other risks.  Quantitative. Places actual values on the probability and impact of threats to determine how to allocate security resources. Although quantitative risk analysis uses advanced financial accounting skills, it remains an inexact science.
MT23C-I 25 Figure 6 Identify Risks To identify threats to assets, you perform threat modeling. For each threat that you identify, create a risk statement. Risk statements combine information about a threat with information about the impact of the threat occurring. Risk statements help you clearly state the risks that threaten your assets and the consequences of a threat occurring so that you can design appropriate security measures to reduce the risks. A single asset may have many risk statements associated with it. A risk statement contains three parts:  Condition. Generally an “if” clause about what happens if a threat occurs.  Operations consequence. Describes the effects on IT operations of a threat that occurs to an asset. The effects are also known as the mode of failure.  Financial and business impact. Describes the effects on the organization of a threat that occurs to an asset.
MT23C-I 26 Figure 7 Analyze risks After you create risk statements for each risk, you can analyze the impact of each risk in greater detail. Qualitative risk analysis uses a general ranking of probability and impact to determine a relative rank of a risk. The following table offers an example. In this example, the threat of information disclosure is medium, but with a high impact. By estimating probability and impact on a scale of 1 to 10 and multiplying the two numbers, a relative rank of 45 is obtained. This information can help security designers prioritize threats, although the value placed on probability and impact is subject to debate.
MT23C-I 27 Figure 8 Plan for management of risks To manage a risk, you can apply one of four general strategies:  Accept. You accept risk and do nothing proactive, with the exception of making contingency plans. Consider acceptance if the ALE for an asset is less than the value of the asset, and if the business impact is low.  Mitigate. You mitigate risk by proactively changing the asset’s exposure to the risk or your organization’s reliance on the asset. Consider a risk mitigation strategy if the ALE is less than the value of the asset, and you can take proactive actions in advance. Mitigation is the primary risk management strategy.  Transfer. You transfer risk by partially shifting the responsibility for the risk to another party, such as insurance or managed services company. Transfer is becoming an increasingly important strategy for security.  Avoid. You avoid risk by eliminating the source of the risk or the asset’s exposure to the risk. This is an extreme reaction to risk and should only be done when the severity of the impact of the risk outweighs the benefit that is gained from the asset. Evaluator’s Comments if any:
MT23C-I 28 Question 10 Explain IP Security and security structure? Answer 10 IPSec is a suite of protocols for securing Internet Protocol (IP) communications by authenticating and/or encrypting each IP packet in a data stream. IPSec also includes protocols for cryptographic key establishment. IPSec operates at network layer 3 of the OSI model. Applications using IP Sec have an advantage over using lower layer protocols that it doesn’t need to be designed to use IPSec, whereas for protocols like SSL the App needs to be designed to support it. Security Architecture: Figure 9 IP Sec elements IPSec is implemented by a set of cryptographic protocols for  Securing packet flows  Mutual authentication and  Establishing cryptographic parameters
MT23C-I 29 The IPSec architecture uses the concept of security association as the basis for building security functions into IP. A security association is simply the bundle of algorithms and parameters (such as keys) that is being used to encrypt and authenticate a particular flow in one direction. Therefore in a normal bi-directional traffic, the flows are secured by a pair of security associations. In order to decide what protection is to be provided for an outgoing packet, IPSec uses the Security Parameter Index( SPI), an index to the security association database(SADB), along with the destination address in a packet header, which together uniquely identify a security association for that packet. A similar procedure is performed for an incoming packet, where IPSec gathers decryption and verification keys from the security association database. For multicast, a security association is provided for the group, and is duplicated across all authorized receivers of the group. There may be more than one security association for a group, using different SPIs, thereby allowing multiple levels and sets of security within a group. Indeed, each sender can have multiple security associations, allowing authentication, since a receiver can only know what someone knowing the keys sent the data. There are two modes of IPSec operations, transport mode and tunnel mode.  In transport mode only the payload (the data you transfer) of the IP Packet is encrypted and/or authenticated.  In tunnel mode the entire packet (data plus the message headers) is encrypted and/or authenticated. Evaluator’s Comments if any:

Recommended

Vulnerabilities detection using attack recognition technique in multi-factor ...
Vulnerabilities detection using attack recognition technique in multi-factor ...Vulnerabilities detection using attack recognition technique in multi-factor ...
Vulnerabilities detection using attack recognition technique in multi-factor ...
TELKOMNIKA JOURNAL
 
Business communication complete note
Business communication complete note Business communication complete note
Business communication complete note
kabul university
 
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
AI Publications
 
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental ControlsPACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
Pace IT at Edmonds Community College
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Nihal Jani
 
PACE-IT, Security+ 2.5: Incident Response Concepts
PACE-IT, Security+ 2.5: Incident Response ConceptsPACE-IT, Security+ 2.5: Incident Response Concepts
PACE-IT, Security+ 2.5: Incident Response Concepts
Pace IT at Edmonds Community College
 
System and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration TestingSystem and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration Testing
Biagio Botticelli
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John Lado
Mark John Lado, MIT
 

Recommended

Vulnerabilities detection using attack recognition technique in multi-factor ...
Vulnerabilities detection using attack recognition technique in multi-factor ...Vulnerabilities detection using attack recognition technique in multi-factor ...
Vulnerabilities detection using attack recognition technique in multi-factor ...
TELKOMNIKA JOURNAL
 
Business communication complete note
Business communication complete note Business communication complete note
Business communication complete note
kabul university
 
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
AI Publications
 
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental ControlsPACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
Pace IT at Edmonds Community College
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Nihal Jani
 
PACE-IT, Security+ 2.5: Incident Response Concepts
PACE-IT, Security+ 2.5: Incident Response ConceptsPACE-IT, Security+ 2.5: Incident Response Concepts
PACE-IT, Security+ 2.5: Incident Response Concepts
Pace IT at Edmonds Community College
 
System and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration TestingSystem and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration Testing
Biagio Botticelli
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John Lado
Mark John Lado, MIT
 
Proposal for IT Security Team
Proposal for IT Security TeamProposal for IT Security Team
Proposal for IT Security Team
Rishabh Gupta
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET Journal
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdf
Dr. Shivashankar
 
information security management
information security managementinformation security management
information security management
Gurpreetkaur838
 
Ict security essay
Ict security essay Ict security essay
Ict security essay
rubtumproject.com
 
MTech - AI_NeuralNetworks_Assignment
MTech - AI_NeuralNetworks_AssignmentMTech - AI_NeuralNetworks_Assignment
MTech - AI_NeuralNetworks_Assignment
Vijayananda Mohire
 
cupdf.com_it-security-management-and-risk-assessment.pdf
cupdf.com_it-security-management-and-risk-assessment.pdfcupdf.com_it-security-management-and-risk-assessment.pdf
cupdf.com_it-security-management-and-risk-assessment.pdf
AgusNursidik
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
 
Computing security
Computing securityComputing security
Computing securityseung hyun Seo
 
11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx
moggdede
 
Class paper final
Class paper finalClass paper final
Class paper finalAnusha Manchala
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
VishwanathMahalle
 
Security in IT (data and cyber security)
Security in IT (data and cyber security)Security in IT (data and cyber security)
Security in IT (data and cyber security)
Rohana K Amarakoon
 
E sec chaptr-1
E sec chaptr-1E sec chaptr-1
E sec chaptr-1
123aleena
 
IRJET-Ethical Hacking
IRJET-Ethical HackingIRJET-Ethical Hacking
IRJET-Ethical Hacking
IRJET Journal
 
Cyber Security Engineer: How to Build a Rewarding Career
Cyber Security Engineer: How to Build a Rewarding CareerCyber Security Engineer: How to Build a Rewarding Career
Cyber Security Engineer: How to Build a Rewarding Career
FredReynolds2
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)
Rohana K Amarakoon
 
PACE-IT: Physical Network Security Control
PACE-IT: Physical Network Security ControlPACE-IT: Physical Network Security Control
PACE-IT: Physical Network Security Control
Pace IT at Edmonds Community College
 
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
International Journal of Technical Research & Application
 
Report on Information Security
Report on Information SecurityReport on Information Security
Report on Information SecurityUraz Pokharel
 
Quantum Algorithms for Electronics - IEEE Certificate
Quantum Algorithms for Electronics - IEEE CertificateQuantum Algorithms for Electronics - IEEE Certificate
Quantum Algorithms for Electronics - IEEE Certificate
Vijayananda Mohire
 
NexGen Solutions for cloud platforms, powered by GenQAI
NexGen Solutions for cloud platforms, powered by GenQAINexGen Solutions for cloud platforms, powered by GenQAI
NexGen Solutions for cloud platforms, powered by GenQAI
Vijayananda Mohire
 

More Related Content

Similar to MTech - E-Commerce, M-Commerce & Network Security_Assignment

Proposal for IT Security Team
Proposal for IT Security TeamProposal for IT Security Team
Proposal for IT Security Team
Rishabh Gupta
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET Journal
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdf
Dr. Shivashankar
 
information security management
information security managementinformation security management
information security management
Gurpreetkaur838
 
Ict security essay
Ict security essay Ict security essay
Ict security essay
rubtumproject.com
 
MTech - AI_NeuralNetworks_Assignment
MTech - AI_NeuralNetworks_AssignmentMTech - AI_NeuralNetworks_Assignment
MTech - AI_NeuralNetworks_Assignment
Vijayananda Mohire
 
cupdf.com_it-security-management-and-risk-assessment.pdf
cupdf.com_it-security-management-and-risk-assessment.pdfcupdf.com_it-security-management-and-risk-assessment.pdf
cupdf.com_it-security-management-and-risk-assessment.pdf
AgusNursidik
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
 
11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx
moggdede
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
VishwanathMahalle
 
Security in IT (data and cyber security)
Security in IT (data and cyber security)Security in IT (data and cyber security)
Security in IT (data and cyber security)
Rohana K Amarakoon
 
E sec chaptr-1
E sec chaptr-1E sec chaptr-1
E sec chaptr-1
123aleena
 
IRJET-Ethical Hacking
IRJET-Ethical HackingIRJET-Ethical Hacking
IRJET-Ethical Hacking
IRJET Journal
 
Cyber Security Engineer: How to Build a Rewarding Career
Cyber Security Engineer: How to Build a Rewarding CareerCyber Security Engineer: How to Build a Rewarding Career
Cyber Security Engineer: How to Build a Rewarding Career
FredReynolds2
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)
Rohana K Amarakoon
 
PACE-IT: Physical Network Security Control
PACE-IT: Physical Network Security ControlPACE-IT: Physical Network Security Control
PACE-IT: Physical Network Security Control
Pace IT at Edmonds Community College
 
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
International Journal of Technical Research & Application
 
Report on Information Security
Report on Information SecurityReport on Information Security
Report on Information SecurityUraz Pokharel
 

Similar to MTech - E-Commerce, M-Commerce & Network Security_Assignment (20)

Proposal for IT Security Team
Proposal for IT Security TeamProposal for IT Security Team
Proposal for IT Security Team
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdf
 
information security management
information security managementinformation security management
information security management
 
Ict security essay
Ict security essay Ict security essay
Ict security essay
 
MTech - AI_NeuralNetworks_Assignment
MTech - AI_NeuralNetworks_AssignmentMTech - AI_NeuralNetworks_Assignment
MTech - AI_NeuralNetworks_Assignment
 
cupdf.com_it-security-management-and-risk-assessment.pdf
cupdf.com_it-security-management-and-risk-assessment.pdfcupdf.com_it-security-management-and-risk-assessment.pdf
cupdf.com_it-security-management-and-risk-assessment.pdf
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
Computing security
Computing securityComputing security
Computing security
 
11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx
 
Class paper final
Class paper finalClass paper final
Class paper final
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
 
Security in IT (data and cyber security)
Security in IT (data and cyber security)Security in IT (data and cyber security)
Security in IT (data and cyber security)
 
E sec chaptr-1
E sec chaptr-1E sec chaptr-1
E sec chaptr-1
 
IRJET-Ethical Hacking
IRJET-Ethical HackingIRJET-Ethical Hacking
IRJET-Ethical Hacking
 
Cyber Security Engineer: How to Build a Rewarding Career
Cyber Security Engineer: How to Build a Rewarding CareerCyber Security Engineer: How to Build a Rewarding Career
Cyber Security Engineer: How to Build a Rewarding Career
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)
 
PACE-IT: Physical Network Security Control
PACE-IT: Physical Network Security ControlPACE-IT: Physical Network Security Control
PACE-IT: Physical Network Security Control
 
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
THE THREE DIMENSION-BASED PHYSICAL ACCESS CONTROL DETECTION SYSTEM, THE NATUR...
 
Report on Information Security
Report on Information SecurityReport on Information Security
Report on Information Security
 

More from Vijayananda Mohire

Quantum Algorithms for Electronics - IEEE Certificate
Quantum Algorithms for Electronics - IEEE CertificateQuantum Algorithms for Electronics - IEEE Certificate
Quantum Algorithms for Electronics - IEEE Certificate
Vijayananda Mohire
 
NexGen Solutions for cloud platforms, powered by GenQAI
NexGen Solutions for cloud platforms, powered by GenQAINexGen Solutions for cloud platforms, powered by GenQAI
NexGen Solutions for cloud platforms, powered by GenQAI
Vijayananda Mohire
 
Certificate- Peer Review of Book Chapter on ML
Certificate- Peer Review of Book Chapter on MLCertificate- Peer Review of Book Chapter on ML
Certificate- Peer Review of Book Chapter on ML
Vijayananda Mohire
 
Key projects Data Science and Engineering
Key projects Data Science and EngineeringKey projects Data Science and Engineering
Key projects Data Science and Engineering
Vijayananda Mohire
 
Key projects Data Science and Engineering
Key projects Data Science and EngineeringKey projects Data Science and Engineering
Key projects Data Science and Engineering
Vijayananda Mohire
 
Bhadale IT Hub-Multi Cloud and Multi QAI
Bhadale IT Hub-Multi Cloud and Multi QAIBhadale IT Hub-Multi Cloud and Multi QAI
Bhadale IT Hub-Multi Cloud and Multi QAI
Vijayananda Mohire
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAI
Vijayananda Mohire
 
Azure Quantum Workspace for developing Q# based quantum circuits
Azure Quantum Workspace for developing Q# based quantum circuitsAzure Quantum Workspace for developing Q# based quantum circuits
Azure Quantum Workspace for developing Q# based quantum circuits
Vijayananda Mohire
 
Key projects in AI, ML and Generative AI
Key projects in AI, ML and Generative AIKey projects in AI, ML and Generative AI
Key projects in AI, ML and Generative AI
Vijayananda Mohire
 
My Journey towards Artificial Intelligence
My Journey towards Artificial IntelligenceMy Journey towards Artificial Intelligence
My Journey towards Artificial Intelligence
Vijayananda Mohire
 
Bhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for AgricultureBhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for Agriculture
Vijayananda Mohire
 
Bhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for AgricultureBhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for Agriculture
Vijayananda Mohire
 
Bhadale IT Intel and Azure Cloud Offerings
Bhadale IT Intel and Azure Cloud OfferingsBhadale IT Intel and Azure Cloud Offerings
Bhadale IT Intel and Azure Cloud Offerings
Vijayananda Mohire
 
GitHub Copilot-vijaymohire
GitHub Copilot-vijaymohireGitHub Copilot-vijaymohire
GitHub Copilot-vijaymohire
Vijayananda Mohire
 
Practical ChatGPT From Use Cases to Prompt Engineering & Ethical Implications
Practical ChatGPT From Use Cases to Prompt Engineering & Ethical ImplicationsPractical ChatGPT From Use Cases to Prompt Engineering & Ethical Implications
Practical ChatGPT From Use Cases to Prompt Engineering & Ethical Implications
Vijayananda Mohire
 
Cloud Infrastructure - Partner Delivery Accelerator (APAC)
Cloud Infrastructure - Partner Delivery Accelerator (APAC)Cloud Infrastructure - Partner Delivery Accelerator (APAC)
Cloud Infrastructure - Partner Delivery Accelerator (APAC)
Vijayananda Mohire
 
Red Hat Sales Specialist - Red Hat Enterprise Linux
Red Hat Sales Specialist - Red Hat Enterprise LinuxRed Hat Sales Specialist - Red Hat Enterprise Linux
Red Hat Sales Specialist - Red Hat Enterprise Linux
Vijayananda Mohire
 
RedHat_Transcript_Jan_2024
RedHat_Transcript_Jan_2024RedHat_Transcript_Jan_2024
RedHat_Transcript_Jan_2024
Vijayananda Mohire
 
Generative AI Business Transformation
Generative AI Business TransformationGenerative AI Business Transformation
Generative AI Business Transformation
Vijayananda Mohire
 
Microsoft Learn Transcript Jan 2024- vijaymohire
Microsoft Learn Transcript Jan 2024- vijaymohireMicrosoft Learn Transcript Jan 2024- vijaymohire
Microsoft Learn Transcript Jan 2024- vijaymohire
Vijayananda Mohire
 

More from Vijayananda Mohire (20)

Quantum Algorithms for Electronics - IEEE Certificate
Quantum Algorithms for Electronics - IEEE CertificateQuantum Algorithms for Electronics - IEEE Certificate
Quantum Algorithms for Electronics - IEEE Certificate
 
NexGen Solutions for cloud platforms, powered by GenQAI
NexGen Solutions for cloud platforms, powered by GenQAINexGen Solutions for cloud platforms, powered by GenQAI
NexGen Solutions for cloud platforms, powered by GenQAI
 
Certificate- Peer Review of Book Chapter on ML
Certificate- Peer Review of Book Chapter on MLCertificate- Peer Review of Book Chapter on ML
Certificate- Peer Review of Book Chapter on ML
 
Key projects Data Science and Engineering
Key projects Data Science and EngineeringKey projects Data Science and Engineering
Key projects Data Science and Engineering
 
Key projects Data Science and Engineering
Key projects Data Science and EngineeringKey projects Data Science and Engineering
Key projects Data Science and Engineering
 
Bhadale IT Hub-Multi Cloud and Multi QAI
Bhadale IT Hub-Multi Cloud and Multi QAIBhadale IT Hub-Multi Cloud and Multi QAI
Bhadale IT Hub-Multi Cloud and Multi QAI
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAI
 
Azure Quantum Workspace for developing Q# based quantum circuits
Azure Quantum Workspace for developing Q# based quantum circuitsAzure Quantum Workspace for developing Q# based quantum circuits
Azure Quantum Workspace for developing Q# based quantum circuits
 
Key projects in AI, ML and Generative AI
Key projects in AI, ML and Generative AIKey projects in AI, ML and Generative AI
Key projects in AI, ML and Generative AI
 
My Journey towards Artificial Intelligence
My Journey towards Artificial IntelligenceMy Journey towards Artificial Intelligence
My Journey towards Artificial Intelligence
 
Bhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for AgricultureBhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for Agriculture
 
Bhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for AgricultureBhadale IT Cloud Solutions for Agriculture
Bhadale IT Cloud Solutions for Agriculture
 
Bhadale IT Intel and Azure Cloud Offerings
Bhadale IT Intel and Azure Cloud OfferingsBhadale IT Intel and Azure Cloud Offerings
Bhadale IT Intel and Azure Cloud Offerings
 
GitHub Copilot-vijaymohire
GitHub Copilot-vijaymohireGitHub Copilot-vijaymohire
GitHub Copilot-vijaymohire
 
Practical ChatGPT From Use Cases to Prompt Engineering & Ethical Implications
Practical ChatGPT From Use Cases to Prompt Engineering & Ethical ImplicationsPractical ChatGPT From Use Cases to Prompt Engineering & Ethical Implications
Practical ChatGPT From Use Cases to Prompt Engineering & Ethical Implications
 
Cloud Infrastructure - Partner Delivery Accelerator (APAC)
Cloud Infrastructure - Partner Delivery Accelerator (APAC)Cloud Infrastructure - Partner Delivery Accelerator (APAC)
Cloud Infrastructure - Partner Delivery Accelerator (APAC)
 
Red Hat Sales Specialist - Red Hat Enterprise Linux
Red Hat Sales Specialist - Red Hat Enterprise LinuxRed Hat Sales Specialist - Red Hat Enterprise Linux
Red Hat Sales Specialist - Red Hat Enterprise Linux
 
RedHat_Transcript_Jan_2024
RedHat_Transcript_Jan_2024RedHat_Transcript_Jan_2024
RedHat_Transcript_Jan_2024
 
Generative AI Business Transformation
Generative AI Business TransformationGenerative AI Business Transformation
Generative AI Business Transformation
 
Microsoft Learn Transcript Jan 2024- vijaymohire
Microsoft Learn Transcript Jan 2024- vijaymohireMicrosoft Learn Transcript Jan 2024- vijaymohire
Microsoft Learn Transcript Jan 2024- vijaymohire
 

Recently uploaded

openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
Donna Lenk
 
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi ArabiaTop 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Yara Milbes
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
ShamsuddeenMuhammadA
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
abdulrafaychaudhry
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Crescat
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 

Recently uploaded (20)

openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
 
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi ArabiaTop 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 

MTech - E-Commerce, M-Commerce & Network Security_Assignment

  • 1. E-Commerce, M-Commerce & Network Security (Assignment –I) Submitted in partial fulfilment of the requirements for the degree of Master of Technology in Information Technology by Vijayananda D Mohire (Enrolment No.921DMTE0113) Information Technology Department Karnataka State Open University Manasagangotri, Mysore – 570006 Karnataka, India (2010)
  • 3. MT23C-I 3 CERTIFICATE This is to certify that the Assignment-I entitled E-Commerce, M-Commerce & Network Security, subject code: MT23C submitted by Vijayananda D Mohire having Roll Number 921DMTE0113 for the partial fulfilment of the requirements of Master of Technology in Information Technology degree of Karnataka State Open University, Mysore, embodies the bonafide work done by him under my supervision. Place: ________________ Signature of the Internal Supervisor Name Date: ________________ Designation
  • 4. MT23C-I 4 For Evaluation Question Number Maximum Marks Marks awarded Comments, if any 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 1 9 1 10 1 TOTAL 10 Evaluator’s Name and Signature Date
  • 5. MT23C-I 5 Preface This document has been prepared specially for the assignments of M.Tech – IT II Semester. This is mainly intended for evaluation of assignment of the academic M.Tech - IT, II semester. I have made a sincere attempt to gather and study the best answers to the assignment questions and have attempted the responses to the questions. I am confident that the evaluator’s will find this submission informative and evaluate based on the provide content. For clarity and ease of use there is a Table of contents and Evaluators section to make easier navigation and recording of the marks. Evaluator’s are welcome to provide the necessary comments against each response; suitable space has been provided at the end of each response. I am grateful to the Infysys academy, Koramangala, Bangalore in making this a big success. Many thanks for the timely help and attention in making this possible within specified timeframe. Special thanks to Mr. Vivek and Mr. Prakash for their timely help and guidance. Candidate’s Name and Signature Date
  • 6. MT23C-I 6 Table of Contents For Evaluation................................................................................................................................4 Preface..........................................................................................................................................5 Question 1.....................................................................................................................................9 Answer 1.......................................................................................................................................9 Question 2................................................................................................................................... 10 Answer 2..................................................................................................................................... 10 Question 3................................................................................................................................... 12 Answer 3..................................................................................................................................... 12 Question 4................................................................................................................................... 14 Answer 4..................................................................................................................................... 14 Question 5................................................................................................................................... 16 Answer 5..................................................................................................................................... 17 Question 6................................................................................................................................... 19 Answer 6..................................................................................................................................... 19 Question 7................................................................................................................................... 20 Answer 7..................................................................................................................................... 20 Question 8................................................................................................................................... 21 Answer 8..................................................................................................................................... 21 Question 9................................................................................................................................... 23 Answer 9..................................................................................................................................... 23 Question 10................................................................................................................................. 28 Answer 10 ................................................................................................................................... 28
  • 7. MT23C-I 7 Table of Figures Figure 1 The VPN connection ......................................................................................................... 14 Figure 2 VPN Model....................................................................................................................... 16 Figure 3 IP address spoofing......................................................................................................... 20 Figure 4 Verifying a Digital signature in Message Authentication .................................................... 23 Figure 5 Risk Management plan..................................................................................................... 24 Figure 6 Identify Risks ................................................................................................................... 25 Figure 7 Analyze risks.................................................................................................................... 26 Figure 8 Plan for management of risks .......................................................................................... 27 Figure 9 IP Sec elements................................................................................................................ 28
  • 8. MT23C-I 8 E-COMMERCE, M-COMMERCE & NETWORK SECURITY RESPONSE TO ASSIGNMENT – I
  • 9. MT23C-I 9 Question 1 What is the need of Securing? Answer 1 Few reasons for the need of security is to avoid:  Damage of computer systems  Damage of internal data  Loss of sensitive information to hostile parties  Damage to reputation of company  Monetary damages Security is a continuous process of protecting an object from unauthorized access. It is as state of being or feeling protected from harm. That object in that state may be a person, an organization such as a business, or property such as a computer system or a file. Security comes from secure which means, according to Webster Dictionary, a state of being free from care, anxiety, or fear. An object can be in a physical state of security or a theoretical state of security. In a physical state, a facility is secure if it is protected by a barrier like a fence, has secure areas both inside and outside, and can resist penetration by intruders. This state of security can be guaranteed if the following four protection mechanisms are in place: deterrence, prevention, detection, and response. • Deterrence is usually the first line of defense against intruders who may try to gain access. It works by creating an atmosphere intended to frighten intruders. Sometimes this may involve warnings of severe consequences if security is breached. • Prevention is the process of trying to stop intruders from gaining access to the resources of the system. Barriers include firewalls, demilitarized zones (DMZs), and use of access items like keys, access cards, biometrics, and others to allow only authorized users to use and access a facility. • Detection occurs when the intruder has succeeded or is in the process of gaining access to the system. Signals from the detection process include
  • 10. MT23C-I 10 alerts to the existence of an intruder. Sometimes these alerts can be real time or stored for further analysis by the security personnel. • Response is an after effect mechanism that tries to respond to the failure of the first three mechanisms. It works by trying to stop and/or prevent future damage or access to a facility. Evaluator’s Comments if any: Question 2 What are the threats and vulnerabilities? Answer 2 Threats: A threat can be any person, object, or event that, if realized, could potentially cause damage to the LAN. Threats can be malicious, such as the intentional modification of sensitive information, or can be accidental, such as an error in a calculation, acts of nature. Security threats to the availability, confidentiality and integrity/non- repudiation state of computer and network assets may involve physical actions or cyber actions. Physical threats include natural threats (e.g., flood and lightning) and man-made threats (e.g., physical break-in to destroy or take away computers and network devices). Cyber security threats can be characterized by many factors such as motive, objective, origin, speed, means, skill, resource, and so on. For example, there may be a political motive for the massive destruction of computer and network assets at a national level, a financial motive for gathering and stealing information at the corporate level, and a personal motive for overcoming the technical challenge to vandalize or gain access to a computer and network system. Objectives can vary from gathering or
  • 11. MT23C-I 11 stealing information to gaining access, disrupting or denying service, and modifying or deleting data. In general, a threat can come internally or externally. An internal threat or insider threat comes from a source which has access rights but abuses them. An external threat comes from a source which is not authorized to access a computer and network system. Some attacks are scripted and automatically executed with little human intervention, producing a machine speed of attack execution, whereas other attacks are performed through manual interactions with a computer and network system and thus proceed slowly. An attacker can have no sophisticated skills and little resources but simply execute a downloaded attack script. Nation- or organization-sponsored attacks can use sophisticated skills and knowledge about computers and networks with unlimited resources. Vulnerability: Vulnerabilities are weaknesses in a LAN that can be exploited by a threat. For example, unauthorized access to the LAN could occur by an outsider guessing an obvious password. The vulnerability exploited is the poor password choice of the user. Each computer or network asset has a limited service capacity, an inherent vulnerability which exposes them to denial of service attacks through flooding. Moreover, most system and application software, which enables users to operate computers and networks, is large in size and complex in nature. Large-scale, complex software presents considerable challenges in specification, design, implementation, testing, configuration, and operation management. As a result, system software and application software is often released without being fully tested and evaluated as free from errors, due to the complexity of large-scale software. Errors can also be made by system administrators when they configure software. Symantec Corporation has a software product, called Vulnerability Assessment (VA), which uses host-based audits to check the security settings of a host computer for vulnerabilities or uses a network scanner to check remote computers for vulnerabilities. The VA defines the following vulnerability classes to indicate the types of errors which produce the vulnerabilities: _ boundary condition error;
  • 12. MT23C-I 12 _ access validation error; _origin validation error; _ input validation error; _ failure to handle exceptional conditions; _ race condition error; _ serialization error; _ atomicity error; _ environment error; _ configuration error; _ design error; _ unknown. Evaluator’s Comments if any: Question 3 What are the firewall Components? Answer 3 Firewalls can be composed of software, hardware or most commonly, both. A firewall is hardware, software, or a combination of both that monitors and filters traffic packets that attempt to either enter or leave the protected private network. It is a tool that separates a protected network or part of a network, and now increasingly a user PC, from an unprotected network – the “bad network” like the Internet. In many cases the “bad network” may even be part of the company network. By definition, a “firewall,” is a tool that provides a
  • 13. MT23C-I 13 filter of both incoming and outgoing packets. The primary components of a firewall are: 1. Network policy 2. Advanced authentication mechanisms 3. Packet filtering, and Application gateways Network policy: There are two levels of network policy that directly influence the design, installation and use of a firewall system. The higher level policy (Services access policy) is an issue-specific, network access policy that defines those services that will be allowed or explicitly denied from the restricted network, how these services will be used, and the conditions for exception to this policy. The lower level policy (Firewall design policy) describes how the firewall will actually go about restricting the access and filtering the services what were defined in the higher level policy. Advanced authentication: Advanced authentication measures such as smartcards, authentication tokens, biometrics, and software based mechanism are designed to counter the weakness of traditional passwords. While the authentication techniques vary, they are similar in that the passwords generated by advanced authentication devices cannot be reused by an attacker who has monitored a connection. Ex.: One time passwords. Packet filtering, and Application gateways IP Packet filtering is done using a packet filtering router designed for filtering packets as they pass between the router’s interfaces. A packet filtering router usually can filter IP packets based on some or all of the following fields:  Source IP address  Destination IP address  TCP/UDP source and destination ports To counter some of the weakness associated with packet filtering routers, firewalls need to use software applications to forward and filter connections for services such as TELNET and FTP. Such an application is referred to as a proxy service, while the host running the proxy service is referred to as an application gateway.
  • 14. MT23C-I 14 Evaluator’s Comments if any: Question 4 Explain VPN? Answer 4 A VPN is the extension of a private network that encompasses links across shared or public networks such as the Internet. A VPN enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point-to-point private link. In essence, it makes the remote computer virtually part of the private network by making an encrypted tunnel through the public Internet. The act of configuring and creating a VPN is known as virtual private networking. To emulate a point-to-point link, data is encapsulated, or wrapped, with a header that provides routing information, allowing the data to traverse the shared or public transit internetwork to reach its endpoint. To emulate a private link, the data being sent is encrypted for confidentiality. Packets that are intercepted on the shared or public network are indecipherable without the encryption keys. The portion of the connection in which the private data is encapsulated is known as the tunnel. The portion of the connection in which the private data is encrypted is known as the VPN connection. Figure 1 shows the VPN connection. Figure 1 The VPN connection VPN connections allow users working at home or on the road to connect in a secure fashion to an organization’s remote server by using the routing
  • 15. MT23C-I 15 infrastructure provided by a public internetwork (such as the Internet). From the user’s perspective, the VPN connection is a point-to-point connection between the user’s computer and an organization’s server. The nature of the intermediate internetwork is irrelevant to the user because it appears as if the data is being sent over a dedicated private link. VPN technology also allows a corporation to connect to branch offices or to other companies over a public internetwork (such as the Internet) while maintaining secure communications. The VPN connection across the Internet logically operates as a wide area network (WAN) link between the sites. In both of these cases, the secure connection across the internetwork appears to the user as a private network communication—despite the fact that this communication occurs over a public internetwork—hence the name virtual private network. VPN technology is designed to address issues surrounding the current business trend toward increased telecommuting and widely distributed global operations, where workers must be able to connect to central resources and must be able to communicate with each other. To provide employees with the ability to connect to an organization’s computing resources, regardless of their location, a corporation must deploy a scalable remote access solution. Typically, corporations choose either a department solution, where an internal information systems department is charged with buying, installing, and maintaining an organization’s modem pools and a private network infrastructure; or they choose a value-added network (VAN) solution, where they pay an outsourced company to buy, install, and maintain modem pools and a telecommunication infrastructure. Neither of these solutions provides the necessary scalability, in terms of cost, flexible administration, and demand for connections. Therefore, it makes sense to replace the modem pools and private network infrastructure with a less expensive solution based on Internet technology so that the business can focus on its core competencies. With an Internet solution, a few Internet connections through Internet service providers (ISPs) and VPN server computers can serve the remote networking needs of hundreds or thousands of remote clients and branch offices. The security procedures that involve encryption are achieved through the use of a tunneling protocol. There are two types of VPNs:
  • 16. MT23C-I 16 Remote access which lets single users connect to the protected company network and site-to-site which supports connections between two protected company networks. In either mode, VPN technology gives a company the facilities of expensive private leased lines at much lower cost by using the shared public infrastructure like the Internet. See Fig. 2. VPN technology is not new; phone companies have provided private shared resources for voice messages for over a decade. However, its extension to making Figure 2 VPN Model it possible to have the same protected sharing of public resources for data is new. Today, VPNs are being used for both extranets and wide-area intranets. Probably owing to cost savings, the popularity of VPNs by companies has been phenomenal. Evaluator’s Comments if any: Question 5 Explain various methods of attacks?
  • 17. MT23C-I 17 Answer 5 Whatever their motives, hackers have a variety of techniques in their arsenal to carry out their goals. Let us look at some of them here. Social Engineering: This involves fooling the victim for fun and profit. Social engineering depends on trusting that employees will fall for cheap hacker “tricks” such as calling or e-mailing them masquerading as a system administrator, for example, and getting their passwords which eventually lets in the intruder. Social engineering is very hard to protect against. The only way to prevent it is through employee education and employee awareness. Impersonation is stealing access rights of authorized users. There are many ways an attacker such as a hacker can impersonate a legitimate user. For example, a hacker can capture a user telnet session using a network sniffer such as tcpdump or nitsniff. The hacker can then later login as a legitimate user with the stolen login access rights of the victim. Exploits: This involves exploiting a hole in software or operating systems. As is usually the case, many software products are brought on the market either through a rush to finish or lack of testing, with gaping loopholes. Badly written software is very common even in large software projects such as operating systems. Hackers quite often scan network hosts for exploits and use them to enter systems. Transitive Trust exploits host-to-host or network-to-network trust. Either through client-server three-way handshake or server-to-server next-hop relationships, there is always a trust relationship between two network hosts during any transmission. This trust relationship is quite often compromised by hackers in a variety of ways. For example, an attacker can easily do an IP-spoof or a sequence number attack between two transmitting elements and gets away with information that compromises the security of the two communicating elements. Data Attacks: Script programming has not only brought new dynamism into Web development, but it has also brought a danger of hostile code into systems through scripts. Current scripts can run on both the server, where they traditionally used to run, and also on the client. In doing so, scripts can
  • 18. MT23C-I 18 allow an intruder to deposit hostile code into the system, including Trojans, worms, or viruses. Infrastructure Weaknesses: Some of the greatest network infrastructure weaknesses are found in the communication protocols. Many hackers, by virtue of their knowledge of the network infrastructure, take advantage of these loopholes and use them as gateways to attack systems. Many times, whenever a loophole is found in the protocols, patches are soon made available but not many system administrators follow through with patching the security holes. Hackers start by scanning systems to find those unpatched holes. In fact, most of the system attacks from hackers use known vulnerabilities that should have been patched. Denial of Service: This is a favourite attack technique for many hackers, especially hacktivists. It consists of preventing the system from being used as planned through overwhelming the servers with traffic. The victim server is selected and then bombarded with packets with spoofed IP addresses. Many times, innocent hosts are forced to take part in the bombardment of the victim to increase the traffic on the victim until the victim is overwhelmed and eventually fails. Active Wiretap: In an active wiretap, messages are intercepted during transmission. When the interception happens, two things may take place: First, the data in the intercepted package may be compromised by introduction of new data such as change of source or destination IP address or the change in the packet sequence numbers. Secondly, data may not be changed but copied to be used later such as in the scanning and sniffing of packets. In either case, the confidentiality of data is compromised and the security of the network is put at risk. Evaluator’s Comments if any:
  • 19. MT23C-I 19 Question 6 State the anti-virus technologies? Answer 6 Five major Virus detection technologies: Integrity checking( aka checksum) Based on determining, by comparison, whether virus-attacked code modified a program’s file characteristics. As it is not dependent on virus signatures, this method does not require software updates at specific intervals. Interrupt monitoring: Attempts to locate and prevent a virus “interrupt calls”( function requests through the system’s interrupts) Memory detection: Depends on recognition of a known virus location and code while in memory. Signature scanning: Recognizes a virus unique “signature” a preidentified set of hexadecimal code, making it highly successful at virus identification. Heuristic/Rules based scanning: Faster than traditional scanners, method uses a set of rules to efficiently parse through files and quickly identify suspect code. All above mentioned five technologies can usually perform on-access or on-demand scans, for both network servers and work-stations. Today, all effective products leverage a combination of above to manage virus threats. Evaluator’s Comments if any:
  • 20. MT23C-I 20 Question 7 What is IP address spoofing Answer 7 The term IP address spoofing refers to the creation of IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender. Figure 3 shows a scenario of spoofing. Figure 3 IP address spoofing How Spoofing works: The basic protocol for sending data over the Internet and many other computer networks is the IP. The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send response back to the forged source address, which means that this technique is mainly used when the attacker does not care about response or the attacker has some way of guessing the response. In certain cases, it might be possible for the attacker to see or redirect the response to his own machine. The most usual case is when the attacker is spoofing an address on the same LAN or WAN.
  • 21. MT23C-I 21 Evaluator’s Comments if any: Question 8 Describe digital Signature? Answer 8 A digital signature or schema is a type of asymmetric cryptography used to simulate the security properties of a handwritten signature on the paper. Digital signature schemes normally provide two algorithms, one for signing which involves the user’s secret key or private key, and one for verifying signatures which involves the user’s public key. The output of the signature process is called the “Digital signature”. The idea of a digital signature is basically the same as that of a handwritten signature, to authenticate the signer. It is used to authenticate the fact that what has been promised by a signature can’t be taken back later. Like a paper signature, the digital signature creates a legal and psychological link between the signer of the message and the message. Digital signature-based authentication is yet another authentication technique that does not require passwords and user names. A digital signature is a cryptographic scheme used by the message recipient and any third party to verify the sender’s identity and/or message on authenticity. It consists of an electronic signature that uses public key infrastructure (PKI) to verify the identity of the sender of a message or of the signer of a document. The scheme may include a number of algorithms and functions including the Digital Signature Algorithm (DSA), Elliptic Curve Digital Signature and Algorithm (ECDSA), account authority digital signature, authentication function, and signing function. A digital signature is defined as an encrypted message digest, by the private key of the sender, appended to a document to analogously authenticate it, just like the handwritten signature appended on a written document
  • 22. MT23C-I 22 authenticates it. Just like in the handwritten form, a digital signature is used to confirm the identity of the sender and the integrity of the document. It establishes the nonrepudiation of the sender. Digital signatures are formed using a combination of public key encryption and one-way secure hash function according to the following steps :  The sender of the message uses the message digest function to produce a message authentication code (MAC).  This MAC is then encrypted using the private key and the public key encryption algorithm. This encrypted MAC is attached to the message as the digital signature. The message is then sent to the receiver. Upon receipt of the message, the recipient then uses his or her public key to decrypt the digital signature. First, the recipient must verify that the message indeed came from the expected sender. This step verifies the sender’s signature. It is done via the following steps:  The recipient separates the received message into two: the original document and the digital signature.  Using the sender’s public key, the recipient then decrypts the digital signature which results in the original MAC.  The recipient then uses the original document and inputs it to the hash function to produce a new MAC.  The new MAC is compared with the MAC from the sender for a match. If these numbers compare, then the message was received unaltered, the data integrity is assured, and the authenticity of the sender is proven. See Fig. 4 for the working of digital signature verification. Because digital signatures are derived from the message as a digest which is then encrypted, they cannot be separated from the messages they are derived from and remain valid. Since digital signatures are used to authenticate the messages and identify the senders of those messages, they can be used in a variety of areas where such double confirmation is needed. Anything that can be digitized can be digitally signed. This means that digital signatures can be used with any kind of message, whether it is encrypted or not, to establish the authenticity of the sender and that the message arrived intact. However, digital signatures cannot be used to provide the confidentiality of the message content.
  • 23. MT23C-I 23 Figure 4 Verifying a Digital signature in Message Authentication Among the most common digital signature algorithms in use today are the Digital Signature Standard (DSS) proposed by NIST and based on the El Gamal public key algorithm and RSA. DSS is faster than RSA. Evaluator’s Comments if any: Question 9 Explain the process of Risk Management? Answer 9 Risk management is a systematic approach to determine appropriate corporate security measures. How to address security, where to address security, and the type and strength of security controls requires considerable thought. Risk management is the act of examining the relative value of your assets and then allocating your security resources based on the likelihood of the risk
  • 24. MT23C-I 24 occurring and the value of the asset. Risk management helps you prioritize your efforts and spending to secure your network Figure 5 Risk Management plan A risk is the possibility of suffering a loss, and the impact or extent of damage that would result if the loss occurs. Risk management is the process of identifying risks, analyzing the risks, and creating a plan to manage the risks. There are two types of risk analysis:  Qualitative. Ranks risks according to their relative impact on business operations. Qualitative analysis often requires you to estimate the probability of a threat and the impact of the threat occurring on a scale of 1 to 10. You then multiply the two numbers for the probability and impact and use the product to rank the risk relative to other risks.  Quantitative. Places actual values on the probability and impact of threats to determine how to allocate security resources. Although quantitative risk analysis uses advanced financial accounting skills, it remains an inexact science.
  • 25. MT23C-I 25 Figure 6 Identify Risks To identify threats to assets, you perform threat modeling. For each threat that you identify, create a risk statement. Risk statements combine information about a threat with information about the impact of the threat occurring. Risk statements help you clearly state the risks that threaten your assets and the consequences of a threat occurring so that you can design appropriate security measures to reduce the risks. A single asset may have many risk statements associated with it. A risk statement contains three parts:  Condition. Generally an “if” clause about what happens if a threat occurs.  Operations consequence. Describes the effects on IT operations of a threat that occurs to an asset. The effects are also known as the mode of failure.  Financial and business impact. Describes the effects on the organization of a threat that occurs to an asset.
  • 26. MT23C-I 26 Figure 7 Analyze risks After you create risk statements for each risk, you can analyze the impact of each risk in greater detail. Qualitative risk analysis uses a general ranking of probability and impact to determine a relative rank of a risk. The following table offers an example. In this example, the threat of information disclosure is medium, but with a high impact. By estimating probability and impact on a scale of 1 to 10 and multiplying the two numbers, a relative rank of 45 is obtained. This information can help security designers prioritize threats, although the value placed on probability and impact is subject to debate.
  • 27. MT23C-I 27 Figure 8 Plan for management of risks To manage a risk, you can apply one of four general strategies:  Accept. You accept risk and do nothing proactive, with the exception of making contingency plans. Consider acceptance if the ALE for an asset is less than the value of the asset, and if the business impact is low.  Mitigate. You mitigate risk by proactively changing the asset’s exposure to the risk or your organization’s reliance on the asset. Consider a risk mitigation strategy if the ALE is less than the value of the asset, and you can take proactive actions in advance. Mitigation is the primary risk management strategy.  Transfer. You transfer risk by partially shifting the responsibility for the risk to another party, such as insurance or managed services company. Transfer is becoming an increasingly important strategy for security.  Avoid. You avoid risk by eliminating the source of the risk or the asset’s exposure to the risk. This is an extreme reaction to risk and should only be done when the severity of the impact of the risk outweighs the benefit that is gained from the asset. Evaluator’s Comments if any:
  • 28. MT23C-I 28 Question 10 Explain IP Security and security structure? Answer 10 IPSec is a suite of protocols for securing Internet Protocol (IP) communications by authenticating and/or encrypting each IP packet in a data stream. IPSec also includes protocols for cryptographic key establishment. IPSec operates at network layer 3 of the OSI model. Applications using IP Sec have an advantage over using lower layer protocols that it doesn’t need to be designed to use IPSec, whereas for protocols like SSL the App needs to be designed to support it. Security Architecture: Figure 9 IP Sec elements IPSec is implemented by a set of cryptographic protocols for  Securing packet flows  Mutual authentication and  Establishing cryptographic parameters
  • 29. MT23C-I 29 The IPSec architecture uses the concept of security association as the basis for building security functions into IP. A security association is simply the bundle of algorithms and parameters (such as keys) that is being used to encrypt and authenticate a particular flow in one direction. Therefore in a normal bi-directional traffic, the flows are secured by a pair of security associations. In order to decide what protection is to be provided for an outgoing packet, IPSec uses the Security Parameter Index( SPI), an index to the security association database(SADB), along with the destination address in a packet header, which together uniquely identify a security association for that packet. A similar procedure is performed for an incoming packet, where IPSec gathers decryption and verification keys from the security association database. For multicast, a security association is provided for the group, and is duplicated across all authorized receivers of the group. There may be more than one security association for a group, using different SPIs, thereby allowing multiple levels and sets of security within a group. Indeed, each sender can have multiple security associations, allowing authentication, since a receiver can only know what someone knowing the keys sent the data. There are two modes of IPSec operations, transport mode and tunnel mode.  In transport mode only the payload (the data you transfer) of the IP Packet is encrypted and/or authenticated.  In tunnel mode the entire packet (data plus the message headers) is encrypted and/or authenticated. Evaluator’s Comments if any: