Software security


Vandalism: Disturbing correct system operation. Denial



Download 121,59 Kb.
bet2/5
Sana12.07.2022
Hajmi121,59 Kb.
#782939
1   2   3   4   5
Bog'liq
softwaresec

Vandalism: Disturbing correct system operation.

  • Denial of Service: Disrupting legitimate system use.

    When we talk about the methods of attacks, it is categorized as eavesdropping, masquerading, message tampering, replaying, and flooding. Therefore to avoid these attacks and build Secure Softwares, we need to be aware of the remedies available for them;

    • Eavesdropping: Obtaining message copies without authority.

    • Masquerading (Spoofing): Using the identity of another person without authority.

    • Message tampering: Intercepting and altering messages.

    • Replaying: Storing messages and sending them later.

    • Flooding: Sending too many messages

    What is Secure Software Engineering?
    Reliable software does what it is supposed to do. Secure software does that and nothing else” (Ivan Arce)
    Cryptography
    Security of data at rest and data at transport is one of the basic security requirements to consider when developing software. Cryptography is the art/science of Secret writing. The goal is to keep information from those who aren’t supposed to see it by “scrambling” the original data. We use a well-known algorithm to scramble data. The cryptographic algorithms have two inputs as data & key. The key is known only to authorized usersEncryptions and Hashing are two main parts of cryptography. Encryption is a two-way function; what is encrypted can be decrypted with the proper key. That means when we encrypt (scramble) data using an encryption algorithm and a key, we can again decrypt(unscramble) data using the proper key. Hashing is a one-way function that scrambles plain text to produce a unique message digest or hash code. Therefore when we use hashing algorithms to hash(scramble) the data, it is not reversible.

    Download 121,59 Kb.

    Do'stlaringiz bilan baham:
    • 1   2   3   4   5



    Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
    ma'muriyatiga murojaat qiling
    kiriting | ro'yxatdan o'tish
        Bosh sahifa
    юртда тантана
    Боғда битган
    Бугун юртда
    Эшитганлар жилманглар
    Эшитмадим деманглар
    битган бодомлар
    Yangiariq tumani
    qitish marakazi
    Raqamli texnologiyalar
    ilishida muhokamadan
    tasdiqqa tavsiya
    tavsiya etilgan
    iqtisodiyot kafedrasi
    steiermarkischen landesregierung
    asarlaringizni yuboring
    o'zingizning asarlaringizni
    Iltimos faqat
    faqat o'zingizning
    steierm rkischen
    landesregierung fachabteilung
    rkischen landesregierung
    hamshira loyihasi
    loyihasi mavsum
    faolyatining oqibatlari
    asosiy adabiyotlar
    fakulteti ahborot
    ahborot havfsizligi
    havfsizligi kafedrasi
    fanidan bo’yicha
    fakulteti iqtisodiyot
    boshqaruv fakulteti
    chiqarishda boshqaruv
    ishlab chiqarishda
    iqtisodiyot fakultet
    multiservis tarmoqlari
    fanidan asosiy
    Uzbek fanidan
    mavzulari potok
    asosidagi multiservis
    'aliyyil a'ziym
    billahil 'aliyyil
    illaa billahil
    quvvata illaa
    falah' deganida
    Kompyuter savodxonligi
    bo’yicha mustaqil
    'alal falah'
    Hayya 'alal
    'alas soloh
    Hayya 'alas
    mavsum boyicha

    yuklab olish