Information Technology (IT) Security and Design Research Paper

Open, View, and/or
Download this Document

Total Length: 901 words ( 3 double-spaced pages)

Total Sources: 2

Page 1 of 3

Non-discretionary controls means than there is mandatory access control. In this type of system, security is enforced by a strict set of rules that creates a hierarchy of permissions that users cannot override. Essentially, this type of system is meant to hinder insider users from actually working against the system. Users cannot access crucial internal information as to become spies, thus they cannot see the internal designs of the system to stop leaks such as selling internal designs to competitors, implanting spyware or other malicious software, making critical errors that would injure the system, or access sensitive records that can be leaked to outside sources.

According to the research traditional UNIX is not non-discretionary, but rather a version of a discretionary ACL. In this, there are options as to what users have access to sensitive security information from within the system design. Unlike non-discretionary systems, typical UNIX systems categorize users into specified lists, which allow them different levels of access into the internal workings of the system. There are those who can read software components, write software, execute operations, and then the final tier is the special operations that are reserved only for the owner or original creator of the system. Thus, users are defined as user, owner, or other and their level of access is then defined based on what group category they fall into.

Still, there have been evolutions within UNIX systems designs that have begun to "incorporate a centrally-managed, non-discretionary access control mechanism that works in tandem with the usual UNIX access controls" (IBM, 2004).

Stuck Writing Your "Information Technology (IT) Security and Design" Research Paper?

View All Our Example Information Technology (IT) Security and Design Research Paper

Have A Custom Example Essay Written

These are more complicated features that have been built into major UNIX systems, like that seen in the case of IBM. But, UNIX operation systems themselves are typically discretionary, and need extra layers built in to make them non-discretionary.

Question 2

In this particular situation, there is clearly some sort of bad function within the scheme. When using an XOR, there is little chance of users getting the same hash from different keys. Essentially, the scheme itself is terminally weak, which could be extremely problematic for future security scenarios. In this scenario, an attacker can very easily XOR the random bit stream with the original random string and get access to the response. Additionally, if you use a random bit stream to XOR the message, your partner would not be able to receive or have access to the same material because then the hash would not be truly random. Ultimately, this also goes to show that there is a flaw within the scheme. To strengthen the scheme, one could use something like a cryptographic hash function, like the SHA-256, or other variants of the hash function.

Question 3

The addition of salt….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Information Technology IT Security And Design" (2014, October 03) Retrieved May 16, 2024, from
https://www.aceyourpaper.com/essays/information-technology-security-design-192351

Latest MLA Format (8th edition)

Copy Reference
"Information Technology IT Security And Design" 03 October 2014. Web.16 May. 2024. <
https://www.aceyourpaper.com/essays/information-technology-security-design-192351>

Latest Chicago Format (16th edition)

Copy Reference
"Information Technology IT Security And Design", 03 October 2014, Accessed.16 May. 2024,
https://www.aceyourpaper.com/essays/information-technology-security-design-192351
   

Open, View, and/or
Download this Document
order custom essay example