os211

Top 10 list Week 02

  1. Domain and Access Matrix
    Access Matrix is a security model of protection. It is represented as a matrix and looks like a table. The rows are the domains and the columns are the objects. Each cell (i, j) defines the set of operations.

  2. Access-control list
    ACL is a list with permissions for some objects. ACL gives information on the operations allowed on the objects. Every entry in an ACL has a subject and an operation.

  3. User Authentication: Biometrics
    User authentication can be achieved with biometrics, which relies on unique biological features of a person. One example is using fingerprints. This is in my top 10 because I need to be able to distinguish methods of user authentication to better understand the purpose.

  4. Symmetric Encryption
    Symmetric encryption is a type of encryption with only one key to encrypt and also decrypt electronic infos. To be used in the decryption process, the key will be exchanged between the parts that communicate with symmetric encryption.

  5. Asymmetric encryption
    In asymmetric encryption, a public key and private key are used. Public keys are used to encrypt the data while the private key that matches the public key are used to decrypt the data. Both asymmetric and symmetric are in my top 10 because I need to understand better how encryption works.

  6. Security concept
    A secure system means resources are accessed according to the right intentions at all times. Security violations can be accidental or intentional. Intentional violations happen when an intruder attempts to breach security.

  7. Security Violation Categories
    There are several categories of breaches. Breach of confidentiality, integrity, availability operate by doing unauthorized reading, modification and destruction of datas. Theft of service is the unauthorized use of resources. Denial of Services is the prevention of use.

  8. Security Violation Methods
    There are several methods to violate secuity. Few of them are masquerading, replay attack, man-in-the-middle, session hijacking.

  9. Some Program Threats
    Program threats are programs that are altered to do harmful intentions. Some two programs are trojan horse and trap door. Trap door or back door is used to skip the normal authentication system, while trojan horse does harm after being installed.

  10. Prevention and Detection
    Regular measures used include firewalls, antivirus and secure web gateways. However these methods do not always work efficiently. Five areas that should be monitored are identification, protections, detection, response and also recovery.