Contents

• N/A

Description

This paper answers the following 5 questions –
1. Explain the significance of the key characteristics of information, namely the CIA, to information security. Preserving confidentiality, integrity and availability of data is a restatement of the concern over interruption, interception, modification and fabrication. How do the first three concepts relate to the last four?
2. How do the NIST criteria for selection of DES and AES relate to Shannon’s original standards of a good cryptographic system? What are the significant differences? How do these standards reflect a changed environment many years after Shannon wrote his standards?
3. Security decision making should be based on rational thinking and sound judgment. In this context critique five security design principles.
4. A synchronous password token has to operate at the same pace as the receiver. That is, the token has to advance to the next random number at the same time the receiver advances. Because of clock imprecision, the two units will not always be perfectly together; for example, the token’s clock might run 1 second per day slower than the receiver’s. Over time the accumulated difference can be significant. Suggest a means by which the receiver can detect and compensate for clock drift on the part of the token.
5. Can link and end-to-end encryption both be used on the same communication? What would be the advantage of that? Cite a situation in which both forms of encryption might be desirable.