Information and network security 13 playfair cipherVaibhav Khanna
The Playfair cipher was the first practical digraph substitution cipher. The scheme was invented in 1854 by Charles Wheatstone but was named after Lord Playfair who promoted the use of the cipher. In playfair cipher unlike traditional cipher we encrypt a pair of alphabets(digraphs) instead of a single alphabet
Information and network security 13 playfair cipherVaibhav Khanna
The Playfair cipher was the first practical digraph substitution cipher. The scheme was invented in 1854 by Charles Wheatstone but was named after Lord Playfair who promoted the use of the cipher. In playfair cipher unlike traditional cipher we encrypt a pair of alphabets(digraphs) instead of a single alphabet
CS8792 - Cryptography and Network Securityvishnukp34
this is an engineering subject.this consist of
pgno: 5 - Information security in past & present
pgno: 7 - Aim of Course
pgno: 8 - OSI Security Architecture
pgno: 9 - Security Goals – CIA Triad
pgno: 13 - Aspects of Security
pgno: 17 - ATTACKS
pgno: 22 - Passive Versus Active Attacks
pgno: 23 - SERVICES AND MECHANISMS
USER AUTHENTICATION
MEANS OF USER AUTHENTICATION
PASSWORD AUTHENTICATION
PASSWORD VULNERABILITIES
USE OF HASHED PASSWORDS – IN UNIX
PASSWORD CRACKING TECHNIQUES
USING BETTER PASSWORDS
TOKEN AUTHENTICATION
BIO-METRIC AUTHENTICATION
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
Security Hash Algorithm (SHA) was developed in 1993 by the National Institute of Standards and Technology (NIST) and National Security Agency (NSA).
It was designed as the algorithm to be used for secure hashing in the US Digital Signature Standard.
• Hashing function is one of the most commonly used encryption methods. A hash is a special mathematical function that performs one-way encryption.
• SHA-l is a revised version of SHA designed by NIST and was published as a Federal Information Processing Standard (FIPS).
• Like MD5, SHA-l processes input data in 512-bit blocks.
• SHA-l generates a 160-bit message digest. Whereas MD5 generated message digest of 128 bits.
• The procedure is used to send a non secret but signed message from sender to receiver. In such a case following steps are followed:
1. Sender feeds a plaintext message into SHA-l algorithm and obtains a 160-bit SHA-l hash.
2. Sender then signs the hash with his RSA private key and sends both the plaintext message and the signed hash to the receiver.
3. After receiving the message, the receiver computes the SHA-l hash himself and also applies the sender's public key to the signed hash to obtain the original hash H.
Pretty Good Privacy,PGP Confidentiality and Authentication,Secure/Multipurpose Internet Mail Extension (S/MIME),Secure/Multipurpose Internet Mail Extension (S/MIME),Enhanced Security Services,E-mail Threats
An introduction to asymmetric cryptography with an in-depth look at RSA, Diffie-Hellman, the FREAK and LOGJAM attacks on TLS/SSL, and the "Mining your P's and Q's attack".
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards (.
CS8792 - Cryptography and Network Securityvishnukp34
this is an engineering subject.this consist of
pgno: 5 - Information security in past & present
pgno: 7 - Aim of Course
pgno: 8 - OSI Security Architecture
pgno: 9 - Security Goals – CIA Triad
pgno: 13 - Aspects of Security
pgno: 17 - ATTACKS
pgno: 22 - Passive Versus Active Attacks
pgno: 23 - SERVICES AND MECHANISMS
USER AUTHENTICATION
MEANS OF USER AUTHENTICATION
PASSWORD AUTHENTICATION
PASSWORD VULNERABILITIES
USE OF HASHED PASSWORDS – IN UNIX
PASSWORD CRACKING TECHNIQUES
USING BETTER PASSWORDS
TOKEN AUTHENTICATION
BIO-METRIC AUTHENTICATION
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
Security Hash Algorithm (SHA) was developed in 1993 by the National Institute of Standards and Technology (NIST) and National Security Agency (NSA).
It was designed as the algorithm to be used for secure hashing in the US Digital Signature Standard.
• Hashing function is one of the most commonly used encryption methods. A hash is a special mathematical function that performs one-way encryption.
• SHA-l is a revised version of SHA designed by NIST and was published as a Federal Information Processing Standard (FIPS).
• Like MD5, SHA-l processes input data in 512-bit blocks.
• SHA-l generates a 160-bit message digest. Whereas MD5 generated message digest of 128 bits.
• The procedure is used to send a non secret but signed message from sender to receiver. In such a case following steps are followed:
1. Sender feeds a plaintext message into SHA-l algorithm and obtains a 160-bit SHA-l hash.
2. Sender then signs the hash with his RSA private key and sends both the plaintext message and the signed hash to the receiver.
3. After receiving the message, the receiver computes the SHA-l hash himself and also applies the sender's public key to the signed hash to obtain the original hash H.
Pretty Good Privacy,PGP Confidentiality and Authentication,Secure/Multipurpose Internet Mail Extension (S/MIME),Secure/Multipurpose Internet Mail Extension (S/MIME),Enhanced Security Services,E-mail Threats
An introduction to asymmetric cryptography with an in-depth look at RSA, Diffie-Hellman, the FREAK and LOGJAM attacks on TLS/SSL, and the "Mining your P's and Q's attack".
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards (.
Security and Ethical Challenges Contributors Kim Wanders.docxfathwaitewalter
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards ( ...
Module 3 Lectures 6 hrs.
Infrastructure and Network Security: Introduction to System Security, Server Security,
OS Security, Physical Security, Introduction to Networks, Network packet Sniffing,
Network Design Simulation. DOS/DDOS attacks. Asset Management and Audits,
Vulnerabilities and Attacks. Intrusion detection and Prevention Techniques, Host based
Intrusion prevention Systems, Security Information Management, Network Session
Analysis, System Integrity Validation.
Open Source/ Free/ Trial Tools: DOS Attacks, DDOS attacks, Wireshark, Cain & abel,
iptables/
Windows Firewall, snort, suricata, fail2ban
Cyberoam offers next-generation firewall and UTM firewall that provide stateful and deep packet inspection for network, application and user identity-based security. Cyberoam firewall appliances provide ease of management and high security with flexibility.
Types of Networks Week7 Part4-IS RevisionSu2013 .docxwillcoxjanay
Types of Networks
Week7 Part4-IS
RevisionSu2013
Types of Networks
There are different types of networks. Each type has different characteristics and
therefore different security needs. Some of the fundamental differentiating attributes of
the various types of networks are:
the physical distance the network spans
the topology of the network nodes
the types of media used for communication between nodes in the network
the different devices supported on the network
the different applications supported on the network
the different groups of users permitted on the network
the different protocols supported on each network
Depending on the type of network there may be different information security
requirements requiring that various protocols, security services, security mechanisms are
used in a fashion to support that type of network.
While each network environment has some characteristics and security needs unique to
that environment, there are many security techniques that should be universally applied to
all environments. For example; sound policies and procedures, risk assessment of the
assets, user awareness training, encryption technology, authentication technology, sound
credential (password) selection and protection, malware protection, firewalls are a few
security techniques that need to be applied in all of the networks albeit in configurations
that best suits a particular environment.
Local Area Network (LAN)
A LAN network covers a small geographic area that takes advantage of high speed data
transfers usually implemented through Ethernet or fiber. A LAN could be a home, office,
group of building with local proximity (university, business). LANs typically share
resources such as file servers and printers.
Wide Area Network (WAN)
A WAN covers a large geographic area that may require connection through satellite,
high speed dedicated lines and other means. The internet is a WAN. WANs can connect
LANs together into a larger organizational structure that can be used to share resources
such as file, email, dns servers to name a few. Resources can be shared using slower
connections on geographically separated areas across the WAN.
Wireless Networks and Mobile Networks
The movement to laptop systems at home and workplaces accelerated the mobility of
computing.
As employees traveled between offices, client sites, home and various other remote
locations they could remain connected to company servers as long as the remote site had
connectivity to the companies’ intranet. Initially this connectivity was provided by
having Ethernet cabling available for remote users to physically plug their laptops into.
Eventually, companies started installing wireless hotspots that could be automatically
detected by systems that had wireless cards.
The proliferation of wireless connectivity and internet use spread from the workplace to
genera ...
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
DEFENSE MECHANISMS FOR COMPUTER-BASED INFORMATION SYSTEMSIJNSA Journal
Nowadays, corporations and a government agencies relay on computer-based information system to
manage their information, this information may be classified, so it will be dangerous if it is disclosed by
unauthorized persons. Therefore, there is urgent need for defense. In this research, defense has been
categorized into four mechanisms technical defense, operation defense, management defense, and physical
defense based on the logic of computer and network security. Also, each mechanism has been investigated
and explained in the term of computer based information systems.
In This PDF We discuss about how a firewall protects against the hackers. Techno Edge Systems LLC occupies a stateful services of Firewall solutions Dubai. For More Info Contact us: +971-54-4653108 Visit us: https://www.itamcsupport.ae/services/firewall-solutions-in-dubai/
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
We have compiled the most important slides from each speaker's presentation. This year’s compilation, available for free, captures the key insights and contributions shared during the DfMAy 2024 conference.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
1. Network security
Network security is the security provided to a network from
unauthorized access and risks.
It is the duty of network administrators to adopt preventive
measures to protect their networks from potential security
threats.
Computer networks that are involved in regular transactions
and communication within the government, individuals, or
business require security.
The most common and simple way of protecting a network
resource is by assigning it a unique name and a
corresponding password.
2. Types of Network Security Devices
Active Devices
These security devices block the surplus traffic. Firewalls, antivirus
scanning devices, and content filtering devices are the examples of
such devices.
Passive Devices
These devices identify and report on unwanted traffic, for example,
intrusion detection appliances.
Preventative Devices
These devices scan the networks and identify potential security
problems. For example, penetration testing devices and
vulnerability assessment appliances.
Unified Threat Management (UTM)
These devices serve as all-in-one security devices. Examples
include firewalls, content filtering, web caching, etc.
3. Firewalls
A firewall is a network security system that manages and regulates
the network traffic based on some protocols. A firewall establishes
a barrier between a trusted internal network and the internet.
Firewalls exist both as software that run on a hardware and as
hardware appliances. Firewalls that are hardware-based also
provide other functions like acting as a DHCP server for that
network.
Most personal computers use software-based firewalls to secure
data from threats from the internet. Many routers that pass data
between networks contain firewall components and conversely,
many firewalls can perform basic routing functions.
Firewalls are commonly used in private networks or intranets to
prevent unauthorized access from the internet. Every message
entering or leaving the intranet goes through the firewall to be
examined for security measures.
4. Antivirus
An antivirus is a tool that is used to detect and remove
malicious software. It was originally designed to detect and
remove viruses from computers.
Modern antivirus software provide protection not only from
virus, but also from worms, Trojan-horses, adwares,
spywares, keyloggers, etc. Some products also provide
protection from malicious URLs, spam, phishing attacks,
botnets, DDoS attacks, etc.
Hardware and Software Firewalls
Hardware firewalls are standalone products. These are also
found in broadband routers. Most hardware firewalls provide a
minimum of four network ports to connect other computers.
For larger networks − e.g., for business purpose − business
networking firewall solutions are available.
5. Content Filtering
Content filtering devices screen unpleasant and offensive
emails or webpages. These are used as a part of firewalls in
corporations as well as in personal computers.
These devices generate the message "Access Denied" when
someone tries to access any unauthorized web page or email.
Content is usually screened for pornographic content and also
for violence- or hate-oriented content. Organizations also
exclude shopping and job related contents.
Content filtering can be divided into the following categories −
Web filtering
Screening of Web sites or pages
E-mail filtering
Screening of e-mail for spam
Other objectionable content
6. Intrusion Detection Systems
Intrusion Detection Systems, also known as Intrusion
Detection and Prevention Systems, are the appliances that
monitor malicious activities in a network, log information about
such activities, take steps to stop them, and finally report
them.
Intrusion detection systems help in sending an alarm against
any malicious activity in the network, drop the packets, and
reset the connection to save the IP address from any
blockage.
Intrusion detection systems can also perform the following
actions
Correct Cyclic Redundancy Check (CRC) errors
Prevent TCP sequencing issues
Clean up unwanted transport and network layer options
7. A Model for Network Security
When we send our data from source side to destination side
we have to use some transfer method like the internet or any
other communication channel by which we are able to send
our message.
The two parties, who are the principals in this transaction,
must cooperate for the exchange to take place.
When the transfer of data happened from one source to
another source some logical information channel is
established between them by defining a route through the
internet from source to destination and by the cooperative use
of communication protocols (e.g., TCP/IP) by the two
principals.
8. When we use the protocol for this logical information channel
the main aspect security has come. who may present a threat
to confidentiality, authenticity, and so on. All the technique for
providing security have to components:
1.A security-related transformation on the information
to be sent.
2.Some secret information shared by the two
principals and, it is hoped, unknown to the opponent.
A trusted third party may be needed to achieve secure
transmission. For example, a third party may be responsible
for distributing the secret information to the two principals
while keeping it from any opponent. Or a third party may be
needed to arbitrate disputes between the two principals
concerning the authenticity of a message transmission
9. Four basic tasks in designing a particular security service
1.Design an algorithm for performing the security-related
transformation.
2.Generate the secret information to be used with the algorithm.
3.Develop methods for the distribution and sharing of secret
information.
4.Specify a protocol to be used by the two principals that make
use of the security algorithm and the secret information to
achieve a particular security service.
