Computer security has three main goals; to ensure confidentiality, integrity and availability. Confidentiality is an aspect of security that ensures that access to data and other computer assets is limited to the authorized parties. To achieve confidentiality, access to computer resources should be controlled. Use of smart cards and passwords help control unauthorized access. Encryption of data during storage and transmission makes data readable only to intended users; those who have the decryption key.
Secondly any form of modification should only be done by authorized personnel in an allowable manner. This is known as integrity. By ensuring confidentiality, we also enforce Integrity since something that cannot be accessed cannot be changed. Therefore controlled access and encryption of data can be implemented to ensure integrity of computer resources. Availability is the last goal of computer security.
It means that resources are made available in usable conditions to legitimate users whenever they are needed. Controlling access to computer resources to avoid mishaps such as theft and deletion, and data backup are some of the controls that can be employed to make resources available at all times.
The operating system is a key component of any computer system and its security is therefore critical. Its worthiness in terms of security may not be quantifiable making it harder to evaluate. The process of evaluating the worthiness of an operating system should meet the following qualities.
First it should be cost effective in terms of methods used to specify security features. It should have assessment techniques based on the nature of the anticipated adversary as these will identify abnormal operation that may lead to vulnerability of the system. Realistic traffic model, working environment and model of adversary should be used for testing. Test cases, models and procedures should be developed in each phase of development and the process should provide a speedy means of re-evaluation after a change has been made.
One key advantage of using TCP is its reliability. When a packet is lost during data transmission, the next packet is withheld by the kernel until the lost packet has been resent. The major disadvantage is the extra overhead involved. It has 20 bytes of overhead in every header segment making it slower. For UDP speed is the major advantage. With only 8 bytes of overhead speed is guaranteed. However, it comes at a cost; lost packets are not resent and this reduces reliability when data transmission is concerned. This is its major disadvantage.
In asymmetric encryption also known as public key cryptography, the receiver in this case user B, runs a key generation algorithm which returns a set of 2 keys Pk the public key which he makes known to the sender, A and Sk the secret key which is only known to him. A sender, in this case user A, runs an encryption algorithm with the message M and B’s public key as inputs to obtain a ciphertext which is the encrypted message.
This is sent to B who on receipt decrypts it using his private key to get the original message, M. Using this scheme both parties A and B can agree on a common key and shift to symmetric key encryption scheme which is faster. The same key is used for both encryption and decryption hence must be kept private by the two communicating parties. To ensure authenticity and integrity, A generates a set of keys.
Sends the public key to B and keeps his private key. Before sending any message, he runs a hashing algorithm on the plaintext message, and encrypts the hash with his private key. He then attaches this to the ciphertext of the original message. B decrypts the message with the symmetric key and generates its hash with the same algorithm as A then decrypts the hash with A’s public key and compares it with the generated hash. If they match the message is original and is from A since only A would have encrypted the hash with his private key.