Chat with us, powered by LiveChat Need to present a research report on ?Role Based Access Control with a word count of 70-110 words(not more than the count provided) and should provide a URL reference link too . Note : N - Wridemy Bestessaypapers

Need to present a research report on ?Role Based Access Control with a word count of 70-110 words(not more than the count provided) and should provide a URL reference link too . Note : N

Need to present a research report on  Role Based Access Control with a word count of 70-110 words(not more than the count provided) and should provide a URL reference link too .

Note : NO PLAGIARISM STRICTLY 

I need this research report in two  ways with different information on both.

And the content should be in a general words with no technical jargons.

This question is from a cyber security subject so that the matter should relate to cyber security for sure and should connect to readers.

Deadline January 21, 2023 1:00PM CST

Security in Computing, Fifth Edition

Chapter 2: Toolbox: Authentication, Access Control, and Cryptography

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

1

1

REFRESHER

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

2

REFRESHER

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

3

NIST = National Institute of Standards and Technology

Controls/Countermeasures – REMINDER

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

4

This representation shows the three dimensions by which a control can be categorized. Thinking about controls in this way enables you to easily map the controls against the threats they help address.

4

Objectives for Chapter 2

Survey authentication mechanisms

List available access control implementation options

Explain the problems encryption is designed to solve

Understand the various categories of encryption tools as well as the strengths, weaknesses, and applications of each

Learn about certificates and certificate authorities

5

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Authentication

The act of proving that a user is who she says she is

Methods:

Something the user knows (know)

Something the user is (are)

Something user has (have)

6

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Something You Know

Passwords

Security questions

Attacks on “something you know”:

Dictionary attacks

Inferring likely passwords/answers

Guessing

Defeating concealment (storage or kb)

Exhaustive or brute-force attack (example)

Rainbow tables

7

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Distribution of Password Types

8

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Although this data is from an old study, more recent studies have reaffirmed the results. The vast majority of passwords used on the Internet are extremely easy to crack.

8

Password Storage

Plaintext

Concealed

9

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Passwords should never be stored in plaintext but rather should always be concealed. We talk more about proper password storage later.

9

Biometrics: Something You Are

10

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Handprints and fingerprints are two among many examples of biometrics.

10

Problems with Biometrics

Intrusive

Expensive

Single point of failure (Sarah)

Sampling error

False readings

Speed

Forgery

Legal ramifications

11

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Recent advances in smartphones have begun to make biometrics cheaper and easier to use. Biometrics are still inadequate for extremely sensitive applications, but their convenience makes them a great alternative to weak passwords.

11

Tokens: Something You Have

12

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

An RSA SecurID with a code that changes every 60 seconds. Physical possession of the token should be necessary for successful authentication.

12

Federated Identity Management (Ch 8)

13

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

A federated identity management scheme is a union of separate identification and authentication systems. Authentication is performed in one place, and separate processes and systems determine that an already authenticated user is to be activated. Federated identity management is discussed in much greater detail in Chapter 8.

13

Single Sign-On

14

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Single sign-on lets a user log on once per session but access many different applications/systems. It often works in conjunction with federated identity management, with the federated identity provider acting as the source of authentication for all the applications.

14

Access Control

15

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

15

Access Policies (Authorization)

Goals:

Check every access

Enforce least privilege (SharePoint – configured, else no access)

Verify acceptable usage (need to know / separation of duties)

Approve users’ access

Enforce at appropriate granularity

Use audit logging to track accesses

16

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Implementing Access Control

Reference monitor

Access control directory

Access control matrix

Access control list (ACL)

Privilege list

Capability

Procedure-oriented access control

Role-based access control

17

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Many of these items are shown in more detail in the following slides. Access control directories, matrixes, and lists are shown in self-explanatory visual representations.

17

Reference Monitor (Ch 5)

18

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

A reference monitor is the primary access control enforcement mechanism of the operating system. It is discussed in more detail in Chapter 5. Subjects vs. Objects

18

Access Control Directory

19

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Read, Write, Delete, Execute, Owner

19

Access Control Matrix

20

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Access Control List

21

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Authentication & Access Summary

Authentication is?

22

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Authentication & Access Summary

Authentication is?

Proof of identity.

23

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Authentication & Access Summary

Authentication is?

Proof of identity.

Access Control (Authorization) is?

24

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Authentication & Access Summary

Authentication is?

Proof of identity.

Access Control (Authorization) is?

Constrains what a user can do.

25

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Authentication & Access Summary

Authentication is?

Proof of identity.

Access Control (Authorization) is?

Constrains what a user can do.

Both are to ensure C, I, or A?

26

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Authentication & Access Summary

Authentication is?

Proof of identity.

Access Control (Authorization) is?

Constrains what a user can do.

Both are to ensure C, I, or A?

Confidentiality (protects)

27

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Problems Addressed by Encryption

Suppose a sender wants to send a message to a recipient. An attacker may attempt to

Block the message

Intercept the message

Modify the message

Fabricate an authentic-looking alternate message

28

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Encryption Terminology

Sender

Recipient

Transmission medium

Interceptor/intruder

Encrypt, encode, or encipher

Decrypt, decode, or decipher

Cryptosystem

Plaintext

Ciphertext

29

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Encryption/Decryption Process

30

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The basic process of encrypting and then decrypting data.

30

Symmetric vs. Asymmetric

31

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The critical difference between symmetric and asymmetric is that symmetric uses a single key for both encryption and decryption, whereas asymmetric uses complementary keys.

31

Symmetric vs. Asymmetric

32

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Single Key

Complementary Keys

The critical difference between symmetric and asymmetric is that symmetric uses a single key for both encryption and decryption, whereas asymmetric uses complementary keys.

32

Stream Ciphers

33

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

In stream ciphers, each byte of the data stream is encrypted separately. This is as opposed to block ciphers, which are shown on the next slide.

33

Block Ciphers

34

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Unlike a stream cipher, a block cipher encrypts a group of plaintext symbols as a single block. The pros and cons of each model are discussed on the next slide.

34

Stream vs. Block

35

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

DES: The Data Encryption Standard

Symmetric block cipher

Developed in 1976 by IBM for the US National Institute of Standards and Technology (NIST)

36

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

AES: Advanced Encryption System

Symmetric block cipher

Developed in 1999 by independent Dutch cryptographers

Still in common use

37

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

37

DES vs. AES

38

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

AES has become the dominant symmetric encryption algorithm in use today. We discuss DES in this book both for historical purposes and because it is a relatively simple algorithm to use to explain how cryptographic primitives work.

38

Public Key (Asymmetric) Cryptography

Instead of two users sharing one secret key, each user has two keys: one public and one private

Messages encrypted using the user’s public key can only be decrypted using the user’s private key, and vice versa

39

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Secret Key vs. Public Key Encryption

40

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Symmetric and asymmetric algorithms have complementary strengths and weaknesses and are therefore used both for different purposes and in concert with each other.

40

Public Key to Exchange Secret Keys

41

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

This is a great example of asymmetric and symmetric encryption being used together. We need asymmetric to perform the initial exchange securely, but thereafter we can benefit from the speed of a symmetric algorithm.

41

Key Exchange Man in the Middle *

42

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

This exchange is the same as on the previous slide, but with an attacker in the middle. This attack can be defeated using the simple tweak described on pp. 107–108 of the textbook. This is an interesting problem to have students brainstorm or work on for homework.

42

Error Detecting Codes

Demonstrates that a block of data has been modified

Simple error detecting codes:

Parity checks – faster error checking

Cyclic redundancy checks (CRC) – polynomial division, accurate, good for preventing random errors

Cryptographic error detecting codes:

One-way hash functions

Cryptographic checksums

Digital signatures

43

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Parity Check

44

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

One-Way Hash Function

45

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

MD5 or SHA-1/SHA-2

Inverse function; MD4, MD5 or SHA/SHS Secure Hash Algorithm or Standard

45

Digital Signature

46

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Unforgeable and authentic + not alterable or reusable

46

Certificates: Trustable Identities and Public Keys

A certificate is a public key and an identity bound together and signed by a certificate authority.

A certificate authority is an authority that users trust to accurately verify identities before generating certificates that bind those identities to keys.

47

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Certificate Signing and Hierarchy

48

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Chain of trust

Diana’s certificate is made using Edward’s signature. Delwyn’s certificate includes Diana’s certificate so that it can effectively be tied back to Edward, creating a chain of trust.

48

Cryptographic Tool Summary

49

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Summary

Users can authenticate using something they know, something they are, or something they have

Systems may use a variety of mechanisms to implement access control

Encryption helps prevent attackers from revealing, modifying, or fabricating messages

Symmetric and asymmetric encryption have complementary strengths and weaknesses

Certificates bind identities to digital signatures

50

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

50

image2.png

image3.png

image4.emf

image5.emf

image6.png

image7.png

image8.tif

image9.emf

image10.emf

image11.emf

image12.png

image13.png

image14.emf

image15.png

image16.emf

image17.emf

image18.emf

image19.emf

image20.emf

image21.emf

Microsoft_Word_Document.docx

Stream

Block

Advantages

Speed of transformation.

Low error propagation.

High diffusion.

Immunity to insertion of symbol.

Disadvantages

Low diffusion.

Susceptibility to malicious insertions and modifications.

Slowness of encryption.

Padding.

Error propagation.

image22.png

Microsoft_Word_Document1.docx

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?



Form

Operation

Properties

Strength