Details of this Paper

Give a specific example of how inference control might be implemented in a database.

Description

solution


Question

1. Give a specific example of how inference control might be implemented in a database.;2.For a public-key encryption system (such as PGP), list some reasons for and against using the same key pair for both encryption and signature.;3.Compare and contrast PKI and Kerberos.;4. PKI has not been widely successful, partly because users don?t trust digital signatures. Give some reasons for that distrust.;5. Suggest some ways to address the ?crypto dilemma,? along with the pros and cons of each.;6. How might a hacker gain control of a victim?s PC, without having physical access?. Please be specific.;7. What can be done to prevent wayward system administrators from simply looking up user passwords in a host machine password file?;8. Give a specific example (and a reason) of data for which;a. Confidentiality is more important than integrity.;b. Integrity is more important than confidentiality.;c. Availability is more important than confidentiality.;9. Compare and contrast Pretty Good Privacy, as we used it in our class this semester, and PKI.;10. If a secure communications system is trying to minimize bandwidth requirements through data compression, does the order (encrypt then compress vs. compress then encrypt) matter? Why or why not?;11. What are some potential vulnerabilities of on-line shopping cart applications?;12. You?ve been tasked by your boss to design a computer program that can detect encrypted files. List some ways that you could accomplish this.;13. Given that each PEM message is encrypted with its own per-message key, why is an initialization vector (IV) also provided? What RFC specifies the use of an IV?;14. Substantiate or refute the following statement: If there is a revocation process, public-key infrastructure (PKI) certificates do not need to contain an expiration date.;15. Briefly describe a situation where cryptographic techniques can aid the battle against malware. Describe a second situation where cryptographic techniques can hinder the battle against malware.;16. How can a system for multi-level access control be implemented for government and military applications? What might access rules look like for such a system?;17. Please concur with, dispute, or qualify the following statement. Performing a frequency analysis would be a good starting point for cracking an RSA-encrypted message. (Please be sure to include your rationale.);18. What security features could be provided without changing the mail delivery infrastructure, i.e., by only running special software at the source and destination?;19. Computer system #1 requires logon passwords to be five upper-case letters. How many different passwords are there for system #1? Computer system #2 requires logon passwords to be five characters, which may be upper or lower-case letters, the numbers 0 through 9, and the characters $ and %. How many different passwords are there for system #2?;20. How does Kerberos help with the key management problem?;Part 2: Essay Question.;An enterprising group of entrepreneurs is starting a new cloud-like data storage and retrieval business, StoreItRite, Inc. For a fee, the new company will accept digitalized data (both text and images), and store it on hard drives until needed by the customer. Customer data will be transmitted to and from StoreItRite over the Internet. StoreItRite guarantees that the data?s confidentiality and integrity will be maintained.;StoreItRite also envisions some information assurance requirements for their internal operations. Company employees will need to exchange confidential email, and will need a mechanism for verifying the integrity and originator of some email messages. Also, StoreItRite intends a daily backup of all customer data to a remote facility via a leased line. They wish to do so as economically as possible, while ensuring the data?s confidentiality and integrity.;StoreItRite is interviewing candidates for the position of Chief Information Officer (CIO). They are asking candidates to describe briefly how they would satisfy StoreItRite?s requirements as stated above. How would a successful candidate respond?;Attachment Preview

 

Paper#18812 | Written in 18-Jul-2015

Price : $57
SiteLock