Computer Science 314: Operating Systems
Mo Khan - 3431709
Assignment 4
-
Why is it important to distinguish between mechanisms of protection and policies of protection?
Protection mechanisms are used to constrain the potential senders and/or receivers of a message and to make sure that data is transmitted securely. This includes things like cryptographic/digital signatures to ensure that a piece of data or message hasn’t been tampered with and/or to verify that data was produced by trusted parties. This is used in many different protocols such as security assertion markup language (SAML) transactions, transport layer security (TLS), OAuth 2.0 and more.
Protection policies are used to enforce constraints on what things can be done. Examples of this include absolute and relative session timeout policies and acceptable TLS cipher suites. Policies can change over time as modern cipher suites are released and vulnerabilites, and knowledge is improved.
Separating mechanisum from policy is more flexible because policies are likely to change over time. Policy changes might require changes in the underlying mechanism.
Protection mechanisms determine how to do something and protection policies determine what will be done.
-
What is an access matrix, and how can it be implemented?
A model of protection known as the access matrix represents which domains have access to which objects.
The follow table is an example of an access matrix for different users access to a specific resource.
user read write execute 1000 x x 2000 x x x 3000 x Access matrices makes it possible to define what types of operations different domains can perform against different types of objects. The access matrix can implement policy decisions related to protection.
-
How does a virus differ from a worm?
A worm is a process that duplicates itself to propagate across a network. They are designed to use up system resources in order to reproduce itself so that it can continue to infect other hosts.
A virus is a fragment of code embedded in a legitimate program. Viruses can also be self replicating but tend to target weaknesses in programs. They can wreak havoc in a system by modifying or destroying files and causing system crashes and program malfunctions.
-
What is the difference between symmetric encryption and asymmetric encryption?
Symmetric encryption relies on a single shared key for performing both the encryption an decryption operations.
Asymmetric encryption algorithms rely on each party having both a public and private key. Public keys are exchange so that plaintext can be encrypted into ciphertext using the other party’s public key. Only that party can decrypt the ciphertext back into plaintext using their private key.
Symmetric encryption and decryption operations tend to operate faster than their asymmetric encryption counterparts. So many protocol will use asymmetric encryption to perform the initial handshake to exchange a shared session key to perform the remaining operations using the shared session key.
-
What are the two main varieties of authentication algorithms?
Message-authentication code (MAC) is a form of an authentication algorithm that uses symmetric encryption. This algorithm generates a checksum using the message data and key as input. On the receiving end the checksum and key can be used to verify the authenticity of the data received.
The second type of authentication algorithm is a digital signature. Digital signatures utilize asymmetric encryption by encrypting a digest of the plaintext data using their own private key. This allows the receiving party to decrypt the digest using the senders public key to verify the authenticity of the data.