Evaluate the security of a password management protocol

Assignment Help Computer Network Security
Reference no: EM13862477

Q1: Cracking password management protocols

One of the best ways to evaluate the security of a password management protocol is to try to crack it yourself. Fortunately, you do not need to be an expert hacker to do this. A number of password cracking tools are available for free online.

For this Discussion, you will choose one example of a password management protocol (this includes password creation, storage, revocation, etc.) in any product suite you have used (e.g., Microsoft, Apple, Adobe, etc.) and discuss its security or insecurity with your colleagues. Then you will install one of the available cracking tools to see whether you can crack this system and share your experience with your colleagues.

To complete this Discussion:

Post: Name the product and the associated password management protocol you selected. Analyse the good and bad practices of this protocol. Install a password-cracking tool and try to crack that product. Then share your experience with your colleagues using screenshots. Recommend ways this protocol could be improved, if possible, and explain the results of the improvements you recommended.

Q2: Context and environment

In a pervasive computing environment, context plays an important role. Services are provided in a smart way based on the surrounding conditions (i.e., contextual attributes). From a security perspective, security services such as access control have to reflect this fact and be context-aware. With that in mind, consider the following scenario:

Alice, a security researcher, thinks that the role-based access control (RBAC) model, along with all traditional access control models, is not suitable. Bob thinks the opposite. Bob thinks RBAC, for instance, could be used to grant/deny permissions in such an environment.

For this Discussion, you will consider the current access control models you have seen so far and align yourself with either Alice or Bob.

To complete this Discussion:

Post: Take a position in which you agree with either Alice or Bob as described in the example, or if you are somewhere in between. Evaluate the suitability of role-based access control (RBAC) for accommodating contextual information in the access control decision-making process. Identify and describe any obstacles, and explain your solutions for them. Given the access policy, evaluate whether or not Extensible Access Control Markup Language (XACML) could be used to express the contextual attributes.

Encryption case study

ABC Company uses the cloud for its applications. It uses a password management application that stores passwords in a protected file encrypted by a single password. The password is five alphabetic characters and is changed on a monthly basis by the administrator, who delegates that to a colleague in case of the administrator's absence. When a subject seeks access to a certain protected object, the application decrypts the whole file in memory and matches the subject's password with the one in the store. The access control system does not accommodate contextual attributes in its access decision.

Verified Expert

Reference no: EM13862477

Compute value of shared secret key

You have secretly picked value SA = 17. You begin session by sending Bob your computed value of TA. Bob responds by sending you value TB = 291. What is the value of your shar

Design a network solution considering the topology of lan

America One Car (AOC) dealership is moving into a newly built facility in a suburb town of Washington, D.C. Design a network solution, considering the Type and topology of LAN

Assignment on data warehouses and network infrastructure

Imagine that you are an IT organizational leader in a mid-sized company. Comprise a justifiable argument for the use of data warehouses, data centers, and data marts in orde

Evaluate a current system network security

Assessment Criteria (Awarding body Specification)- Evaluate a current system's network security. Discuss the potential impact of a proposed network design. Discuss current and

Calculate m mod p in rsa cryptosystem

Assume that instead of using composite N = pq in RSA cryptosystem, we simply use prime modulus p. Calculate m mod p. Justify correctness and analyze running time of decryption

Development of a new information system

Willowbrook School is a small private school that has retained your services as a systems analyst to assist in the development of a new information system for the school's a

Cluster architecture for the servers and databases

What type of OS to use along with the file system and why is this architecture is better than others? Will you use the same OS for servers and Desktops? Will your file syste

Briefly describe the ict configuration of your company

Design suitable a security system for your company, clearly identifying the major security components of your design. Marks will be awarded on insight and elaboration.

Reviews

Write a Review

 
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd