User Account

All Pages

Cracking password management protocols

Assignment Help Computer Network Security
Reference no: EM13862584

Q1 - Context and environment Collapse

In a pervasive computing environment, context plays an important role. Services are provided in a smart way based on the surrounding conditions (i.e., contextual attributes). From a security perspective, security services such as access control have to reflect this fact and be context-aware. With that in mind, consider the following scenario:

Alice, a security researcher, thinks that the role-based access control (RBAC) model, along with all traditional access control models, is not suitable. Bob thinks the opposite. Bob thinks RBAC, for instance, could be used to grant/deny permissions in such an environment.

For this Discussion, you will consider the current access control models you have seen so far and align yourself with either Alice or Bob.

To complete this Discussion:

Post: Take a position in which you agree with either Alice or Bob as described in the example, or if you are somewhere in between. Evaluate the suitability of role-based access control (RBAC) for accommodating contextual information in the access control decision-making process. Identify and describe any obstacles, and explain your solutions for them. Given the access policy, evaluate whether or not Extensible Access Control Markup Language (XACML) could be used to express the contextual attributes.

Q2 - Cracking password management protocols Collapse

One of the best ways to evaluate the security of a password management protocol is to try to crack it yourself. Fortunately, you do not need to be an expert hacker to do this. A number of password cracking tools are available for free online.

For this Discussion, you will choose one example of a password management protocol (this includes password creation, storage, revocation, etc.) in any product suite you have used (e.g., Microsoft, Apple, Adobe, etc.) and discuss its security or insecurity with your colleagues. Then you will install one of the available cracking tools to see whether you can crack this system and share your experience with your colleagues.

To complete this Discussion:

Post: Name the product and the associated password management protocol you selected. Analyse the good and bad practices of this protocol. Install a password-cracking tool and try to crack that product. Then share your experience with your colleagues using screenshots. Recommend ways this protocol could be improved, if possible, and explain the results of the improvements you recommended.

Reference no: EM13862584

Questions Cloud

Moving and renaming files and folders are all function of : Copying, moving, and renaming files and folders are all functions of _
Why is marketing research at the core of any marketing plan : Why is marketing research at the core of any Marketing Plan? Assuming you have started to research/think about your team Marketing Plan for the Droneport in Country X; what kind of Marketing research are you planning to use? Have you started g..
Pros and cons of main types of business organizations : Discuss the pros and cons of three main types of business organizations (sole proprietorship, partnerships, and corporations) and determine which would be the best type for the Cardigans.
Calculate the load on each transformer : Two single-phase 33 kV/11 kV transformers rated at 400 kVA and 500 kVA are connected in parallel to supply 800 kVA at a pf of 0.85 lagging. The transformers have percent impedances of 5.38% and 6.1% respectively. Calculate the load on each transfo..
Cracking password management protocols : Identify and describe any obstacles, and explain your solutions for them. Given the access policy, evaluate whether or not Extensible Access Control Markup Language (XACML) could be used to express the contextual attributes.
Compare and contrast frameworks : Compare and contrast the 3 selected frameworks
Calculate the probability of zero patients in the system : Calculate the probability of zero patients in the system (PO), the probability of one patient (P I), and the probability of two or more patients simultaneously arriving during the night shift.
Compare and contrast public and in-house cas : Compare and contrast public and in-house CAs
Differences between a process and a function : Explain the differences between a process and a function. In your paper, persuade the reader on why this information is important to know

Reviews

Write a Review

Computer Network Security Questions & Answers

  What if ipsec provides security at the network layer

If IPSec provides security at the network layer, why is it that security mechanisms are still needed at layers above IP?

  Explain protocol for sending encrypted message

Consider following protocol for sending an encrypted message from Alice to Bob in presence of Key Distribution Center (KDC).

  Does the resulting scheme satisfy perfect secrecy

Consider the one time pad encryption scheme to encrypt a 1-bit message m with a 1-bit key k. Replace the XOR operation with another operation X. For which X(m,k) does the resulting scheme satisfy perfect secrecy?

  Dubbing was coined as a term of copying

Dubbing was coined as a term of copying media in the 1980's for all mediums. What term was a major issue during the process of continously dubbing media? Digitization cured this issue.

  Develop detailed plan to approach and secure incident scene

Discuss the initial steps you would take for the investigation, depending on whether or not the attack is still in progress. Include how your actions would differ based on the current status of the incident.

  Protocol stack for wap2

WAP protocol, cellular network infrastructure, SSL protect against eavesdropping, network datagrams (packets) be protected at the network layer, pin and fingerprint, Certificate Revocation, Public Key Infrastructure, modern symmetric algorithm bl..

  Processes on a system share no resources

Assume that processes on a system share no resources. Is it possible for one process to block another processes' access to a resource? Why or why not? From your answer, argue that denial of service attacks are possible or impossible.

  An information security changes required in the environment

A description of how you will provide disaster recovery in this infrastructure. A discussion of the information security changes required in this environment and the steps taken to monitor and control these changes

  Design an algorithm to achieve the byzantine agreement

Design an algorithm to achieve the Byzantine Agreement for the case that there are four processes, amongst which one is corrupted.

  Analyze the security of the system compriosing the size of

alice has a picture-based password system where she has each user pick a set of their 20 favorite pictures say of cats

  An isp has received a block

An ISP has received a block of addresses in which the prefix length (n = 24). The ISP needs to make 8 sub-nets (sub-blocks) of equal sizes from this block. What is the prefix of each sub-block?

  How can social engineering attacks be defended against

Describe what a social engineering attack is. Provide 3 examples of social engineering attacks and describe how they could be used to undermine the security of your IT infrastructure. How can social engineering attacks be defended against

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd