Upload
rajkamalturns19
View
13
Download
0
Embed Size (px)
DESCRIPTION
its presentation which contains about boundary conditions for is audit
Citation preview
ByC.KRISHNAPRASADII Year MBA-BT
BOUNDARY CONTROLS
Boundary subsystem establishes interface between the would-be user of a computer system and the computer system itself.
Three major purposes
To establish the identity and authenticity of would-be users of a computer system To establish the identity and authenticity of the resources that users wish to employ To restrict users who obtain computer resources to a set of authorised actions First boundary controls were not considered important
INTRODUCTION
Continued……
Two factors led to a marked increase in the use and strength of boundary controls
First is widespread deployment of distributed systems resulting in many users dispersed physically
eg: wide area network, local area network, client-server Computing Second, rapid growth of electronic commerce systems In boundary subsystem there are some major types of controls
exercised and we are going to discuss about cryptographic controls
Cryptographic controls are designed to protect the privacy of data and to prevent unauthorized modifications of data
It has become important to prevent unauthorised access of data
Used in several subsystems as there are important controls like passwords, PINs and digital signatures.
NATURE OF CRYPTOGRAPHY Cryptology is the science of secret codes and it incorporates
the study of cryptography and cryptanalysis Cryptography deals with transformation of data into codes and
cryptanalysis deals with recovering of data from cryptograms.
CRYPTOGRAPHIC CONTROLS
CRYPTOGRAPHIC TECHNIQUES Cryptographic technique encrypts cleartext data into
cryptograms known as cipher text Three types of encipherment techniques 1.Transposition ciphers 2.Substitution ciphers 3.Product ciphers
TRANSPOSITION CIPHERS Transposition ciphers use some rule to change the order of characters within a string of dataEg: Simple transposition rule is to swap the position of characters in consecutive pairs PEACE IS OUR OBJECTIVE would be coded as EPCA ESIO RUO JBCEITEV
SUBSTITUTION CIPHERS Substitution ciphers retain the position of characters within a
message and hide the identity of the characters by replacing them with other characters according to some rule
Eg: Caesar Cipher- In the word IDEOGRAPHY(key) Clear text : ABCDEFGHIJKLMNOPQRSTUVWXYZ Ciphertext: IDEOGRAPHYBCFJKLMNQSTUVWXZ PEACE IS OUR OBJECTIVE will be coded as LGIEG HQ KTN KDYGESHUG Many other complex substitution ciphers were widely used
before advent of computers but now it can be easily broken using a computer
PRODUCT CIPHERS Product ciphers use a combination of transposition and
substitution methods Research has shown that they are resistant to cryptanalysis, so
product ciphers are now the major methods of encryption used
CHOOSING A CIPHER SYSTEM A cipher system has two components 1.An encipherment method or algorithm that constitutes
basic cryptographic technique 2.A cryptographic key upon which the algorithm operates
in conjunction with clear text to produce ciphertext Shannon(1949) listed five properties of a cipher system
PROPERTIES High work factor- cipher should be difficult for the cryptanalyst to
break Small key- cryptographic key should be small so it can be changed
frequently and easily Simplicity- complex cipher systems can be costly Low error propagation- some ciphertext depends on previous
ciphertext generated for a message, so corruption to single bit will cause error for decryption
Little expansion of message- some cipher systems use noise in the message to protect from breaking of codes
Shanon shows that properties cannot be achieved simultaneously The systems use a simple algorithm and a long key are called long-
key systems
Continued…..
The cipher systems that rely on known algorithm for their strength are called strong-algorithm systems
IBM developed a standard algorithm for cryptographic system in 1977 accepted by National Bureau of Standards(NBS) in US known as Data Encryption Standards(DES)
DES uses 64 bit key in which algorithm uses 56 bits and 8 bits for parity
PUBLIC KEY CRYPTOSYSTEMS Diffie and Hellman(1976) proposed asymmetric key
cryptography Public key is a common key known in public while private key
is secured not to be distributed. By this we can send and receive message without any tampering Most widely used scheme is Rivest, Shamir and Adleman
(1978) called as RSA algorithm Major disadvantage is that public key cryptosystems is slow
compared to private key cryptosystems
KEY MANAGEMENT To maintain cryptographic key securely is important so key
management involves three functions, key generation, key distribution and key installation
KEY GENERATION Key generation is based on three questions First, what keys must be generated?
◦ For which multiple key must be generated because it is secure compared to single key but the only disadvantage is that it is complex for generation
Second, how should these keys must be generated?◦ The most critical keys must be generated via complete
random process while less critical keys must be generated via pseudorandom number generator
Third, how long must the keys be?◦ As computers become faster and more powerful, the keys
must be lengthened to protect them against brute force attacks
KEY DISTRIBUTION The keys must be distributed to different locations as the key
generated and key distributed place must not be same.Distribution can be done by two ways• The key might be carried physically but it must be broken into
fragments and distributed in order to enhance security.• It can also be distributed electronically using public key
cryptosystems.
KEY INSTALLATION The key is not generated internally it must be installed from
external source The cryptographic devices developed by organisations can be used
to generate and install keys in another device which is held in secure memory and can only be transferred physically
The key gets installed and handshaking procedure is done if the key is transferred electronically to ensure both has same key
THANK YOU