Information Security midterm summary
Lectures 1-9; book Computer Security and the Internet H1, H2, H3,
H5, H6, H7, H9; book Security in Computing H7
Glossary
Access control: controlling who access files / databases / access etc.
Access control directory: table per user, defines access rights per file
Access control matrix: sparse matrix containing right per user per object (efficiency!)
Accountability: identify principals that are responsible for actions.
Accuracy: (how many associations are correct): TP + TN / (N+P)
Active adversary: adversary alters data & injects
Active token: token does something himself, e.g. interact with sensor
Adversary model: consider objectives / methods / resources of adversary (attacker).
Anonymity: someone’s identity cannot be linked to their actions
Asset (CORAS): something the party values.
Asset diagram (CORAS): diagram with involved parties, (in)direct assets, harm relationships
Attack: deliberate execution, consisting of method + opportunity + motive
Attack surface: all vulnerabilities in total
Attribute-based credentials: certificate of certain attributes by trusted verifier, you keep your
privacy!
Auditability (DB requirement): it should be possible to track who did what in DB
Audit record (of DBs): log about subjects, who did what
Authentication: assure identity is approved (are you who you say you are?) (see L5)
Authentication: checking if the person is who he says he is
Authorization: asset is only accessible to authorized parties
Availability: asset remains accessible / can be used by authorized parties
Backdoors: bypass normal entry points.
Bijection: one-to-one function, each element is directly mapped to one another.
Block cipher: split up ciphertext in ‘blocks’ of fixed size
Breakable encryption scheme: 3rd party can systematically recover key in feasible timeframe
Brute force attack: trying any possible password. takes very long
Buffer overflow: data trespasses boundaries of data structures (can affect other data)
Caesar shift: directly map each letter to another (e.g. shift alphabet 13 times)
Canary value: random int, placed in between prog ctr and stack ptr.
Capabilities protection: access token used for entry regardless identity of token holder
Changelog (of DBs): log about how objects changes reverting back
Clickjacking: framing technique, user clicks on invisible superimposed button
Collaborative computation: secure multi-party computation, trust is necessary!
Commit (in two-phase update): step 2, actually make permanent change
Confidentiality: asset is viewed only by authorized parties
Consequence scale (CORAS): mapping impact of unwanted incidents in terms of harm
CORAS: stepwise, concrete model-driven risk assessment framework
Cryptography: mathematical techniques related to confidentiality, integrity, privacy, etc.
, CSRF (cross-site request forgery): attacker gets user to carry out a (bad) request created by
the attacker, without the attacker ever needing to possess / know the content of the
authentication cookies
Data anonymization: decouple identity from information
Defaced website: attacker modifies content on real site (mostly as activist)
Dictionary attacks: inferring likely passwords using password ‘dictionaries’
Differential privacy: (property of algorithm): maximize accuracy, minimize risk of identify
revealing.
Diffie-Hellman: exchange keys over a public channel
Discretionary access control: object owner decides permissions for subjects
Domain Name System (DNS): translate domain name (google.com) to IP address
Dot-dot-slash (../) : access private files on target server
dummy addition: add fake entries
Dynamic token: value changes over time. at interval / on button press
Email-based malware (Virus+Worm): spreads through email files/links, requires user action
Encryption: algorithm + cryptographic key → convert plaintext into ciphertext. Reversible.
Decryption key: use this + algorithm to convert ciphertext to plaintext
Error: human made mistake (in code)
Failure: system does not behave as required (users experience this in practice)
Fake code: user intentionally installs program, it turns out to do something different
Fake website: fake website pretending to be the real one (e.g. fake bank website)
False acceptance rate: (hacker can get in): FP / (N+P)
False rejection rate: (you can’t get in): FN / (N+P)
Fault: incorrect step in computer program, resulting from error (developers see faults)
Flaw: faults and failure are both called faults.
generalization: remove precision (instead of age 48, put 30-50)
H1, one-way property (pre-image resistance), hashing property: it should be infeasible to find
input back based on output
H2, second-preimage resistance, hashing property: with 1 given (!) input, it should be
infeasible to find another input with the same hash result
H3, collision resistance, hashing property: it should be infeasible to find to 2 arbitrary inputs
(which are not the same), which yield the same hash output
Handshake layer (TSL): key exchange, authentication. first step in TSL procedure
Hashing: function to convert string to other fixed length string, should be impossible to
convert back.
Heap: dynamic memory allocation (first in first out)
High-level risk analysis (CORAS): table with high-level risk descriptions
Homomorphic encryption: ciphertext can still be treated as original data
HTTP Secure (HTTPS): secure traffic via TSL (Transport Security Layer)
Hypertext transfer protocol (HTTP): data transfer between server & browser (TCP
(Transmission Control Protocol) connection)
ID-based protection: identify is verified, instead of just the fact you have a token
Impact: negative consequence of executed threat
Incomplete mediation: attacker can modify parameters that are not validated
Integer-based vulnerabilities: exploit bugs from integer representation in memory
Integer overflow/underflow: occurs when value is too high or too low for storage limit
Integrity: asset is modified only by authorized parties
Lectures 1-9; book Computer Security and the Internet H1, H2, H3,
H5, H6, H7, H9; book Security in Computing H7
Glossary
Access control: controlling who access files / databases / access etc.
Access control directory: table per user, defines access rights per file
Access control matrix: sparse matrix containing right per user per object (efficiency!)
Accountability: identify principals that are responsible for actions.
Accuracy: (how many associations are correct): TP + TN / (N+P)
Active adversary: adversary alters data & injects
Active token: token does something himself, e.g. interact with sensor
Adversary model: consider objectives / methods / resources of adversary (attacker).
Anonymity: someone’s identity cannot be linked to their actions
Asset (CORAS): something the party values.
Asset diagram (CORAS): diagram with involved parties, (in)direct assets, harm relationships
Attack: deliberate execution, consisting of method + opportunity + motive
Attack surface: all vulnerabilities in total
Attribute-based credentials: certificate of certain attributes by trusted verifier, you keep your
privacy!
Auditability (DB requirement): it should be possible to track who did what in DB
Audit record (of DBs): log about subjects, who did what
Authentication: assure identity is approved (are you who you say you are?) (see L5)
Authentication: checking if the person is who he says he is
Authorization: asset is only accessible to authorized parties
Availability: asset remains accessible / can be used by authorized parties
Backdoors: bypass normal entry points.
Bijection: one-to-one function, each element is directly mapped to one another.
Block cipher: split up ciphertext in ‘blocks’ of fixed size
Breakable encryption scheme: 3rd party can systematically recover key in feasible timeframe
Brute force attack: trying any possible password. takes very long
Buffer overflow: data trespasses boundaries of data structures (can affect other data)
Caesar shift: directly map each letter to another (e.g. shift alphabet 13 times)
Canary value: random int, placed in between prog ctr and stack ptr.
Capabilities protection: access token used for entry regardless identity of token holder
Changelog (of DBs): log about how objects changes reverting back
Clickjacking: framing technique, user clicks on invisible superimposed button
Collaborative computation: secure multi-party computation, trust is necessary!
Commit (in two-phase update): step 2, actually make permanent change
Confidentiality: asset is viewed only by authorized parties
Consequence scale (CORAS): mapping impact of unwanted incidents in terms of harm
CORAS: stepwise, concrete model-driven risk assessment framework
Cryptography: mathematical techniques related to confidentiality, integrity, privacy, etc.
, CSRF (cross-site request forgery): attacker gets user to carry out a (bad) request created by
the attacker, without the attacker ever needing to possess / know the content of the
authentication cookies
Data anonymization: decouple identity from information
Defaced website: attacker modifies content on real site (mostly as activist)
Dictionary attacks: inferring likely passwords using password ‘dictionaries’
Differential privacy: (property of algorithm): maximize accuracy, minimize risk of identify
revealing.
Diffie-Hellman: exchange keys over a public channel
Discretionary access control: object owner decides permissions for subjects
Domain Name System (DNS): translate domain name (google.com) to IP address
Dot-dot-slash (../) : access private files on target server
dummy addition: add fake entries
Dynamic token: value changes over time. at interval / on button press
Email-based malware (Virus+Worm): spreads through email files/links, requires user action
Encryption: algorithm + cryptographic key → convert plaintext into ciphertext. Reversible.
Decryption key: use this + algorithm to convert ciphertext to plaintext
Error: human made mistake (in code)
Failure: system does not behave as required (users experience this in practice)
Fake code: user intentionally installs program, it turns out to do something different
Fake website: fake website pretending to be the real one (e.g. fake bank website)
False acceptance rate: (hacker can get in): FP / (N+P)
False rejection rate: (you can’t get in): FN / (N+P)
Fault: incorrect step in computer program, resulting from error (developers see faults)
Flaw: faults and failure are both called faults.
generalization: remove precision (instead of age 48, put 30-50)
H1, one-way property (pre-image resistance), hashing property: it should be infeasible to find
input back based on output
H2, second-preimage resistance, hashing property: with 1 given (!) input, it should be
infeasible to find another input with the same hash result
H3, collision resistance, hashing property: it should be infeasible to find to 2 arbitrary inputs
(which are not the same), which yield the same hash output
Handshake layer (TSL): key exchange, authentication. first step in TSL procedure
Hashing: function to convert string to other fixed length string, should be impossible to
convert back.
Heap: dynamic memory allocation (first in first out)
High-level risk analysis (CORAS): table with high-level risk descriptions
Homomorphic encryption: ciphertext can still be treated as original data
HTTP Secure (HTTPS): secure traffic via TSL (Transport Security Layer)
Hypertext transfer protocol (HTTP): data transfer between server & browser (TCP
(Transmission Control Protocol) connection)
ID-based protection: identify is verified, instead of just the fact you have a token
Impact: negative consequence of executed threat
Incomplete mediation: attacker can modify parameters that are not validated
Integer-based vulnerabilities: exploit bugs from integer representation in memory
Integer overflow/underflow: occurs when value is too high or too low for storage limit
Integrity: asset is modified only by authorized parties
