Figure 17.15 UDP Header 12. Draw diagram for the following (assume a reliable sequenced network service) : a)Connection termination: Active/ Passive b)Connection termination: Active/ Active c)Connection rejection d)Connection Abortion: User issues an OPEN to a listen user, and then issues a CLOSE before any data are exchanged. (20 marks) Solution
has intentionally blurred sections.
Sign up to view the full version.
13.Describe Security requirements, passive attack and active attack.(20 marks) Solution Security Requirements and Attacks Computer and netwourk security address three requirements: Confidentiality : Requires that data only be accessible for reading by authorized parties. Integraty : Requires that data can be modified only by authorized parties. Availability : Requires that data are available to authorized parties. Passive Attacks Passive attacks are in the nature of eavesdropping on or monitoring of transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are released of message contents and traffic analysis. The release of message contentsis easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. To prevent the opponent from learning the contents of these transmissions. A second passive attack,traffic analysis, is more subtle. A way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking content is encryption. Passive attacks are very difficult to detect because they do not involve any alteration of the data. It is feasible to prevent the success of these attacks. The emphasis in dealing with passive attacks is on prevention rather than detection. Active Attacks A masqueradetakes place when one entity pretends to be a different entity. A masquerade attack includes one of the other forms of active attacks. Replyinvolves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. Modification of messagesmeans that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. A denial of service attack prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target. Active attack presents the opposite characteristics of passive attacks. It is difficult to prevent active attacks because require physical protection of all communications facilities and paths at all times. Figure 18.1 Security threats 14.Explain conventional Encryption with Figure. (20 marks) Solution The universal technique for providing confidentiality for transmitted data is conventional encryption. The two most popular conventional encryption technique: DES and triple DES.