Page 201 - DCAP403_Operating System
P. 201
Operating System
Notes the data to plaintext. The longer the encryption key is, the more difficult it is to decode. For a
40-bit encryption key, over one trillion possible decryption keys exist.
There are two primary approaches to encryption: symmetric and public-key. Symmetric
encryption is the most common type of encryption and uses the same key for encoding and
decoding data. This key is known as a session key. Public-key encryption uses two different keys,
a public key and a private key. One key encodes the message and the other decodes it. The public
key is widely distributed while the private key is secret.
Aside from key length and encryption approach, other factors and variables impact the success
of a cryptographic system.
Example: Different cipher modes, in coordination with initialization vectors and salt
values, can be used to modify the encryption method. Cipher modes define the method in which
data is encrypted. The stream cipher mode encodes data one bit at a time. The block cipher
mode encodes data one block at a time. Although block cipher tends to execute more slowly than
stream cipher.
10.5.7 Token
A token is a handheld device that has a built-in challenge response scheme that authenticates with
an enterprise server. Today’s leading tokens typically use time-based challenge and response
algorithms that constantly change and expire after a certain length of time, e.g., one minute. Like
smart cards, tokens use two-factor authentication. However, unlike smart cards, the two-factor
authentication is constantly changing based on timed intervals – therefore, when a password is
entered, it cannot be reused, even if someone sniffing the wire detected it in transit.
10.5.8 Encrypted Keys
Encrypted keys are mathematical algorithms that are used to secure confi dential information
and verify the authenticity of the people sending and receiving the information. Standards for
encrypted keys have been created to make sure that security requirements are taken into account,
and to allow technologies made by different vendors to work together. The most widely used
standard for encrypted keys is called X.509 digital certificates. Using digital certifi cates allows
you to stipulate who can access and view the information you are encrypting with the key.
Task Explain various techniques of access controls.
10.6 Revocation of Access Rights
Revocation of access rights to objects in shared environment is possible.
Following parameter are consider for revocation of access rights.
1. Immediate and delayed
2. Selective and general
3. Partial and total
4. Temporary and permanent
Revocation is easy for access list and complex for capabilities list. The access list searched for
the access right to be revoked and they are detected from the list. Revocation may be immediate
general. It may be selective, total or partial.
194 LOVELY PROFESSIONAL UNIVERSITY
