The Open University Computing and IT
Cyber Security
12 studiers today 3.9 (10 reviews)
Save
Students also studied
Flashcard sets Study guides
Cyber Security Cyber security Cyber Security Compt
Teacher 22 terms Teacher 56 terms 19 terms Teacher
ekahl5 Preview Janice_Knox Preview Mckenzi9th Preview Ale
Terms in this set (93) Hide definitions
Access Control controlling access to resources on a computer or network system.
MAC Mandatory Access Control (MAC) models, the administrator manages access
controls. The administrator defines a policy, which users cannot modify. For
highest confidentiality.
DAC Discretionary Access Control (DAC). A subject has complete control over the
objects that it owns and the programs that it executes. Programs executed by a
user will have the same permissions as the user who is executing it.
RBAC In Role Based Access Control models, an administrator defines a series of roles
and assigns them to subjects. Different roles can exist for system processes and
ordinary users. Objects are set to be a certain type, to which subjects with a
certain role have access.
RB-RBAC Rule-Based Access Control. Dynamically assigns roles to subjects based on their
attributes and a set of rules defined by a security policy.
Identification Telling the system who you are
, Authentication Process of proving to a system that you are who you say you are.
Something you know (i.e. a username and password).
Something you have (i.e. a smartcard)
Something you are (i.e. your finger print, hand writing, voice pattern)
Multi-factor authentication = two or more authentication methods used in
conjunction
Password guessing/Brute-force attacks Password checker tries the password until it succeeds.
Password aging As a password gets older there's an increased chance of it getting disclosed.
Cognitive passwords Your mother's last name, 'matrix' or 'qwerty'. When a person or password checker
tries to guess the password, it will typically start with common words.
CHAP The Challenge Handshake Authentication Protocol (CHAP) is an authentication
protocol that is primarily used for remote access PPP connections. Replaced the
Plain Authentication Protocol (PAP). CHAP uses a more secure method, when a
client wants to logon, the server sends a challenge request to the client, the client
replies with a challenge response which is a hashed (one-way encrypted) value
based on the username/password-combination and a random number. Vulnerable
to brute force and dictionary attacks.
Certificate An electronic document that typically contains a public key and personal user
information. Offer better security against brute-force or dictionary attacks and
password guessing than username/password-based authentication methods.
Certification Authority (CA) Issues certificates to entities such as users, organizations, web sites and other
CAs. As long as the CA can be considered a trustworthy authority, the certificates
(and the key and entity combination in it) issued by it can be trusted as well.
EAP-TLS (Enhanced Authentication Protocol - Transport A mutual authentication method, which means that both the client and the server
Layer Security) prove their identities to each other. During the EAP-TLS authentication process,
the remote access client sends its user certificate and the remote access server
sends its computer certificate.
Kerberos (Authentication) A fairly secure, but also complex and comprehensive, authentication system,
default in Windows, version 5.
There are three primary elements in a Kerberos system:
Client, which is the Kerberos client application representing a principal (computer
or user or software application).
Target server, provides the service the client wants to access.
Key Distribution Center (KDC), handles the distribution of keys and tickets.
Cyber Security
12 studiers today 3.9 (10 reviews)
Save
Students also studied
Flashcard sets Study guides
Cyber Security Cyber security Cyber Security Compt
Teacher 22 terms Teacher 56 terms 19 terms Teacher
ekahl5 Preview Janice_Knox Preview Mckenzi9th Preview Ale
Terms in this set (93) Hide definitions
Access Control controlling access to resources on a computer or network system.
MAC Mandatory Access Control (MAC) models, the administrator manages access
controls. The administrator defines a policy, which users cannot modify. For
highest confidentiality.
DAC Discretionary Access Control (DAC). A subject has complete control over the
objects that it owns and the programs that it executes. Programs executed by a
user will have the same permissions as the user who is executing it.
RBAC In Role Based Access Control models, an administrator defines a series of roles
and assigns them to subjects. Different roles can exist for system processes and
ordinary users. Objects are set to be a certain type, to which subjects with a
certain role have access.
RB-RBAC Rule-Based Access Control. Dynamically assigns roles to subjects based on their
attributes and a set of rules defined by a security policy.
Identification Telling the system who you are
, Authentication Process of proving to a system that you are who you say you are.
Something you know (i.e. a username and password).
Something you have (i.e. a smartcard)
Something you are (i.e. your finger print, hand writing, voice pattern)
Multi-factor authentication = two or more authentication methods used in
conjunction
Password guessing/Brute-force attacks Password checker tries the password until it succeeds.
Password aging As a password gets older there's an increased chance of it getting disclosed.
Cognitive passwords Your mother's last name, 'matrix' or 'qwerty'. When a person or password checker
tries to guess the password, it will typically start with common words.
CHAP The Challenge Handshake Authentication Protocol (CHAP) is an authentication
protocol that is primarily used for remote access PPP connections. Replaced the
Plain Authentication Protocol (PAP). CHAP uses a more secure method, when a
client wants to logon, the server sends a challenge request to the client, the client
replies with a challenge response which is a hashed (one-way encrypted) value
based on the username/password-combination and a random number. Vulnerable
to brute force and dictionary attacks.
Certificate An electronic document that typically contains a public key and personal user
information. Offer better security against brute-force or dictionary attacks and
password guessing than username/password-based authentication methods.
Certification Authority (CA) Issues certificates to entities such as users, organizations, web sites and other
CAs. As long as the CA can be considered a trustworthy authority, the certificates
(and the key and entity combination in it) issued by it can be trusted as well.
EAP-TLS (Enhanced Authentication Protocol - Transport A mutual authentication method, which means that both the client and the server
Layer Security) prove their identities to each other. During the EAP-TLS authentication process,
the remote access client sends its user certificate and the remote access server
sends its computer certificate.
Kerberos (Authentication) A fairly secure, but also complex and comprehensive, authentication system,
default in Windows, version 5.
There are three primary elements in a Kerberos system:
Client, which is the Kerberos client application representing a principal (computer
or user or software application).
Target server, provides the service the client wants to access.
Key Distribution Center (KDC), handles the distribution of keys and tickets.
