User Account

All Pages

Evaluate the security of a password management protocol

Assignment Help Computer Network Security
Reference no: EM13862477

Q1: Cracking password management protocols

One of the best ways to evaluate the security of a password management protocol is to try to crack it yourself. Fortunately, you do not need to be an expert hacker to do this. A number of password cracking tools are available for free online.

For this Discussion, you will choose one example of a password management protocol (this includes password creation, storage, revocation, etc.) in any product suite you have used (e.g., Microsoft, Apple, Adobe, etc.) and discuss its security or insecurity with your colleagues. Then you will install one of the available cracking tools to see whether you can crack this system and share your experience with your colleagues.

To complete this Discussion:

Post: Name the product and the associated password management protocol you selected. Analyse the good and bad practices of this protocol. Install a password-cracking tool and try to crack that product. Then share your experience with your colleagues using screenshots. Recommend ways this protocol could be improved, if possible, and explain the results of the improvements you recommended.

Q2: Context and environment

In a pervasive computing environment, context plays an important role. Services are provided in a smart way based on the surrounding conditions (i.e., contextual attributes). From a security perspective, security services such as access control have to reflect this fact and be context-aware. With that in mind, consider the following scenario:

Alice, a security researcher, thinks that the role-based access control (RBAC) model, along with all traditional access control models, is not suitable. Bob thinks the opposite. Bob thinks RBAC, for instance, could be used to grant/deny permissions in such an environment.

For this Discussion, you will consider the current access control models you have seen so far and align yourself with either Alice or Bob.

To complete this Discussion:

Post: Take a position in which you agree with either Alice or Bob as described in the example, or if you are somewhere in between. Evaluate the suitability of role-based access control (RBAC) for accommodating contextual information in the access control decision-making process. Identify and describe any obstacles, and explain your solutions for them. Given the access policy, evaluate whether or not Extensible Access Control Markup Language (XACML) could be used to express the contextual attributes.

Encryption case study

ABC Company uses the cloud for its applications. It uses a password management application that stores passwords in a protected file encrypted by a single password. The password is five alphabetic characters and is changed on a monthly basis by the administrator, who delegates that to a colleague in case of the administrator's absence. When a subject seeks access to a certain protected object, the application decrypts the whole file in memory and matches the subject's password with the one in the store. The access control system does not accommodate contextual attributes in its access decision.

Verified Expert

Reference no: EM13862477

Questions Cloud

What is the basis of the truck for determining?depreciation : Carrie owns a truck costing $13,000 and used for personal activities. The truck has a $9,900 FMV when it is transferred to her?business, which is operated as a sole proprietorship. What is the basis of the truck for determining?depreciation? What is ..
What problem do you believe is the most pressing : What problem do you believe is the most pressing, and why would you address that problem first? What are the expectations that you would share with the inmates and the guards about your plan
Using the effective interest method : On 1/1/2014 the Jackson Co. has a $40,000 debt outstanding which matures on 12/31/16. Interest which is payable on Dec. 31 of each year, was last paid on 12/31/13. Using the effective interest method. how much interest expense is recognized on the de..
What is the basis of the house for depreciation : Tara owns a house that she has been living in for eight years. She purchased the house for $200,000 and the FMV today is $ 160,000. She is moving into her?friend’s house and has decided to convert her residence to rental property. Assume 20% of the?p..
Evaluate the security of a password management protocol : Evaluate the security of a password management protocol is to try to crack it yourself. Fortunately, you do not need to be an expert hacker to do this.
Journal entry to record the redemption of the bonds : Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 ..
Employees income tax rates to increase : Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 ..
What are some of the social emotional : What are some of the impacts of these disorders on the community?

Reviews

Write a Review

Computer Network Security Questions & Answers

  Why people participate in bug bounties

What are the core components of a PKI - Explain the problems with key management.

  Sarbanes-oxley act

Provide an overview that will be delivered to senior management of regulatory requirements the agency needs to be aware of, including: Sarbanes-Oxley Act

  What are the most significant threats to your data

What is cyber security, and what are some of its key concepts and what are the most significant threats to your data, and what are some of the root causes of those threats - are cyber criminals a real danger to your enterprise? Why or why not?

  Which of risks gci faces are most significant to company

What measures would you propose to senior management to try to prevent a breach of data held by GCI? Your response should include recommendations for mitigating vulnerabilities identified in part (a).

  Relationship between infrastructure and security

Justify and support the relationship between infrastructure and security as it relates to this data-collection and analysis company

  It infrastructure groups

Information Technology infrastructure groups are often responsible for direct customer interaction and associated customer service.

  Calculate the crc or fcs for the sender

The pattern or generator is P 1001. Calculate the CRC or FCS for the sender. You must give the details of this calculation.

  Question about communication

Communication is valuable; a main part of this is the ability to provide management the information they required, when they require it.

  Explain how outsourcing can be used for risk transference

Describe how outsourcing can be used for risk transference. Name and briefly describe two examples/cases of risk transference in Australia that you believe this type of risk management helps to protect organisations interest. How is an application ..

  Examine the information security and other technology

analyze the information security and other technology issues discussed in the article. develop a security strategy that

  Controls to detect or prevent salami attacks

List three controls that could be applied to detect or prevent salami attacks. Modularity can have a negative as well as a positive effect. A program that is overmodularized performs its operations in very small modules.

  Investigate and report on the current state of organisation

Investigate and report on the current state of organisation - Write a research paper and organise it in the way - adopt to improve security.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd