For graph-based authentication, the main challenge is how to design a Directed Acyclic Graph (DAG) with lowest overhead, highest verification probability and lowest sender and receiver delay. However, there are trade-offs between these performance criteria, which are summarized below.
- Computation complexity: The number of hash operations and signature operations required at the sender and receiver. Note that computing a signature is much more complex than computing a hash.
- Overhead size: The extra bytes introduced by stream authentication, including the hashes and signatures appended to the packets. The overhead size is determined by the number of edges in the authentication graph. Note that a signature is much bigger in size than a hash.
- Verification percentage (or verification probability): The percentage of verifiable packets among all the received packets. Intuitively, the more redundant paths a packet has to the signature packet, the higher the probability of being verified.
- Sender delay: The delay at the sender (in number of packets) from the time when the packet is produced by the encoder to the time that all authentication data appended to this packet is ready. Real-time communication scenario requires low sender delay. For non-real-time scenario, e.g., pre-encoded content for VOD applications, it is not important because the sender has prior knowledge of all packets.
- Receiver delay: The delay at the receiver (in number of packets) from the time a packet is received to the time that it can be verified. For authenticated video, each packet must be received and pass the verification before its play out deadline.
In most enterprises there are two types of passwords: local and domain. Domain passwords are centralized passwords that are authenticated at an authentication server (e.g., a Lightweight Directory Access Protocol server, an Active Directory server). Local passwords are passwords that are stored and authenticated on the local system (e.g., a workstation or server). Although most local passwords can be managed using centralized password management mechanisms, some can only be managed through third-party tools, scripts, or manual means. A common example is built-in administrator and root accounts. Having a common password shared among all local administrator or root accounts on all machines within a network simplifies system maintenance, but it is a widespread weakness. If a single machine is compromised, an attacker may be able to recover the password and use it to gain access to all other machines that use the shared password. Organizations should avoid using the same local administrator or root account password across many systems. Also, built-in accounts are often not affected by password policies and filters, so it may be easier to just disable the built-in accounts and use other administrator-level accounts instead.
A solution to this local password management problem is the use of randomly generated passwords, unique to each machine, and a central password database that is used to keep track of local passwords on client machines. Such a database should be strongly secured and access to it limited to only the minimum needed. Specific security controls to implement include only permitting authorized administrators from authorized hosts to access the data, requiring strong authentication to access the database (for example, multi-factor authentication), storing the passwords in the database in an encrypted form (e.g., cryptographic hash), and requiring administrators to verify the identity of the database server before providing authentication credentials to it.
Another solution to management of local account passwords is to generate passwords based on system characteristics such as machine name or media access control (MAC) address. For example, the local password could be based on a cryptographic hash of the MAC address and a standard password. A machine’s MAC address, “00:16:59:7F:2C:4D”, could be combined with the password “N1stSPsRul308” to form the string “00:16:59:7F:2C:4D N1stSPsRul308”. This string could be hashed using SHA and the first 20 characters of the hash used as the password for the machine. This would create a pseudo-salt that would prevent many attackers from discovering that there is a shared password. However, if an attacker recovers one local password, the attacker would be able to determine other local passwords relatively easily.
Each integrated T1/E1 transceiver contains a BERT. The BERT block can generate and detect pseudorandom and repeating bit patterns. It is used to test and stress data communication links, and it is capable of generating and detecting the following patterns:
- The pseudorandom patterns 2E7, 2E11, 2E15, and QRSS
- A repetitive pattern from 1 to 32 bits in length
- Alternating (16-bit) words that flip every 1 to 256 words
- Daly pattern
The BERT receiver has a 32-bit bit counter and a 24-bit error counter. The BERT receiver reports three events: a change in receive synchronizer status, a bit error being detected, and if either the bit counter or the error counter overflows. Each of these events can be masked within the BERT function through the BERT control register 1(TR.BC1). If the software detects that the BERT has reported an event, then the software must read the BERT information register (BIR) to determine which event(s) has occurred. To activate the BERT block, the host must configure the BERT mux through the TR.BIC register.
1. BERT Status
TR.SR9 contains the status information on the BERT function. The host can be alerted through this register when there is a BERT change-of-state. A major change-of-state is defined as either a change in the receive synchronization (i.e., the BERT has gone into or out of receive synchronization), a bit error has been detected, or an overflow has occurred in either the bit counter or the error counter. The host must read status register 9(TR.SR9) to determine the change-of-state.
2. BERT Mapping
The BERT function can be assigned to the network direction or backplane direction through the direction control bit in the BIC register (TR.BIC.1). See Figure 1 and Figure 2. The BERT also can be assigned on a per channel basis. The BERT transmit control selector (BTCS) and BERT receive control selector (BRCS) bits of the per-channel pointer register (TR.PCPR) are used to map the BERT function into time slots of the transmit and receive data streams. In T1 mode, the user can enable mapping into the F-bit position for the transmit and receive directions through the RFUS and TFUS bits in the BERT interface control (TR.BIC) register.
Figure 1. Simplified Diagram of BERT in Network Direction
Figure 2. Simplified Diagram of BERT in Backplane Direction
3. BERT Repetitive Pattern Set
These registers must be properly loaded for the BERT to generate and synchronize to a repetitive pattern, a pseudorandom pattern, alternating word pattern, or a Daly pattern. For a repetitive pattern that is fewer than 32 bits, the pattern should be repeated so that all 32 bits are used to describe the pattern. For example, if the pattern was the repeating 5-bit pattern …01101… (where the rightmost bit is the one sent first and received first), then TR.BRP1 should be loaded with ADh, TR.BRP2 with B5h, TR.BRP3 with D6h, and TR.BRP4 with 5Ah. For a pseudorandom pattern, all four registers should be loaded with all 1s (i.e., FFh). For an alternating word pattern,one word should be placed into TR.BRP1 and TR.BRP2 and the other word should be placed into TR.BRP3 and TR.BRP4. For example, if the DDS stress pattern “7E” is to be described, the user would place 00h in TR.BRP1,00h in TR.BRP2, 7Eh in TR.BRP3, and 7Eh in TR.BRP4 and the alternating word counter would be set to 50(decimal) to allow 100 bytes of 00h followed by 100 bytes of 7Eh to be sent and received.
4. BERT Bit Counter
The BERT Bit Counter is comprised of TR.BBC1, TR.BBC2, TR.BBC3, and TR.BBC4. Once BERT has achieved synchronization, this 32-bit counter increments for each data bit (i.e., clock) received. Toggling the LC control bit inTR.BC1 can clear this counter. This counter saturates when full and sets the BBCO status bit.
5. BERT Error Counter
The BERT Error Counter is comprised of TR.BEC1, TR.BEC2, and TR.BEC3. Once BERT has achieved synchronization, this 24-bit counter increments for each data bit received in error. Toggling the LC control bit inTR.BC1 can clear this counter. This counter saturates when full and sets the BECO status bit.
6. BERT Alternating Word-Count Rate
When the BERT is programmed in the alternating word mode, each word repeats for the count loaded intoTR.BAWC. One word should be placed into TR.BRP1 and TR.BRP2 and the other word should be placed intoTR.BRP3 and TR.BRP4.
One way a cybersleuth might try to identify a spammer is by building a honeypot drone for a bot-network. A honeypot drone is a computer on the Internet that pretends to be part of a bot-network, but is actually under the control of a cybersleuth. By allowing the honeypot to become a part of the bot-network,the cybersleuth could obtain a copy of the bot-network software and could then discover the mechanism by which the spammer issues new instructions to drones. Once the mechanism is known, one could potentially wait for the spammer to issue new instructions and then catch the spammer.
However, sophisticated spammers have already developed ways to evade honeypot detection.First, such spammers realize that they are putting themselves and their bot-networks at risk by connecting directly to a site that provides instructions to drones. To counter this risk, sophisticated spammers no longer connect directly to such sites. Instead, they now post new instructions to drones by using a path through multiple computers, often including computers located outside the United States. In such instances, the information obtained from the honeypot drone is of little use in identifying the spammers’ true network addresses.
A second, and more powerful, spammer technique to evade honeypot detection has arisen more recently. Spammers often now design bot-networks so that the sites with which individual drones communicate are not fixed. For example, drones in the Phatbot network receive instructions using a peer-to-peer network of drones. Because the honeypot drone in such a network only communicates with a few other drones, its view of the bot-network is local and limited, and it would not have access to the network address of the bot-network administrator. Thus, as these two spammer techniques to evade detection illustrate, we can expect this “cat and mouse” pattern to play out repeatedly as sophisticated spammers increasingly use and evolve new such methods to evade honeypot detection.
The powerful Crystal Reports designer included in Crystal Reports Server is built to address diverse data formatting and presentation requirements. For novice users, Crystal Reports includes an intuitive report design expert and object-oriented explorers to simplify common reporting tasks. For more advanced users, Crystal Reports includes fine grain control over most features, including formulas, conditional formatting, and object positioning, to address specific customization requirements. Plus, WYSIWYG design support allows report authors to simultaneously format a report while previewing it within the designer.
Crystal Reports Server also helps address the challenges associated with high volume report design and maintenance. For example, the dynamic cascading prompts feature helps minimize report volume by dynamically rendering parameter pick lists based on up-to-date database content.The key benefit of having predefined and scheduled value lists is that the report does not have to query the database to gather the prompts every time a user requests a specific view of a report.
The Crystal Reports Server repository provides a secure, central location to store common report elements including custom functions, SQL commands, dynamic cascading prompts, and bitmaps. You can share these components across multiple reports and update them from a single location. The repository explorer in the Crystal Reports designer allows report authors to log on to a repository server in the platform tier.Repository objects are managed in the platform tier for secure object sharing and updating.
Coding process in FDD is not as exciting and challenging as it is in XP (eXtreme Programming). This happens because by the coding time the features have been extensively discussed during Process One, iteration kick-off meeting, design review meeting. Classes and methods are defined by now, their purpose is described in code documentation. Coding often becomes a mechanical process.
Unlike XP FDD strongly discourages re-factoring. The main argument against re-factoring here is that it takes time and does not bring any value to the customer. The quality of code is addressed during code review meetings.
FDD encourages strong code ownership. The main idea is that every developer knows the owned code and better realizes the consequence of changes. FDD fights the problem of leaving team members from the different angle:
- Sufficient code documentation simplifies understanding somebody else’s code.
- Developers know what other people’s code does, since they reviewed the design.
- Developers will look at each other’s code during code review.
SS7 (Signaling System Number 7) is the network control signaling protocol utilized by the Integrated Services Digital Network (ISDN) services framework. ISDN control information for call handling and network management is carried by SS7. SS7 is a large and complex network designed to provide low latency and to have redundancy in many network elements. The SS7 control-signaling network consists of signaling points, signaling links and signaling transfer points. Signaling links or SS7 links interconnect signaling points. Signaling points (SSP) use signaling to transmit and receive control information. A signaling point that has the ability to transfer signaling messages from one link to another at level 3 (SS7 level 3 will be described in detail later) is a Single Transfer Point (STP). There is a fourth entity, the Service Control Point (SCP), which acts as a database for the SS7 network. The STP queries the SCP to locate the destination of the calls. The design of the SS7 protocol is such that it is independent of the underlying message transport network. The design of the signaling network is very important in that it will directly impact the availability of the overall system. In general, the network will be designed to provide redundancy for signaling links and for STPs. Figure 1 shows a basic SS7 network.
Figure 1: SS7 Signaling Endpoints in a Switched-Circuit Network
A typical call can be illustrated using Figure 1. User A goes off-hook in New York and begins dialing. User A is calling User C in San Francisco. The dialed digits are transmitted across the local loop connection to a local switch that has signal point functionality (SSP). The local switch translates the digits and determines the call is not local to itself. The local switch will use its signal point functionality to signal into the SS7 network to a Signal Transfer Point (STP). The STP queries a SCP to locate the destination local switch. The STP signals to the destination local switch to alert it of the incoming call. The destination local switch rings the phone of User C. User C answers and the two local switches signal across the SS7 network and determine the bearer path through the PSTN. Once the path is setup the call begins. When either user goes on hook, the network signals the other end to tear down the bearer path and the call is terminated. The worldwide SS7 network is divided into national and international levels.This allows the numbering plans and administration to be separated.
Over the past two years, several vulnerabilities in web browsers have provided phishers with the ability to obfuscate URLs and/or install malware on victim machines.
1. International Domain Names (IDN) Abuse
International Domain Names in Applications (IDNA) is a mechanism by which domain names with Unicode characters can be supported in the ASCII format used by the existing DNS infrastructure. IDNA uses an encoding syntax called puny code to represent Unicode characters in ASCII format. A web browser that supports IDNA would interpret this syntax to display the Unicode characters when appropriate. Users of web browsers that support IDNA could be susceptible to phishing via homograph attacks, where an attacker could register a domain that contains a Unicode character that appears identical to an ASCII character in a legitimate site (for example, a site containing the word “bank”that uses the Cyrillic character “a” instead of the ASCII “a”).
2. Web Browser Cross-Zone Vulnerabilities
Most web browsers implement the concept of security zones, where the security settings of a web browser can vary based on the location of the web page being viewed. We have observed phishing emails that attempt to lure users to a web site attempting to install spyware and/or malware onto the victim’s computer. These web sites usually rely on vulnerabilities in web browsers to install and execute programs on a victim’s computer, even when these sites are located in a security zone that is not trusted and normally would not allow those actions.
An organization is responsible for personal information under its control and should designate a person who will be accountable for the organization’s compliance with the following principles, and the necessary training of all employees. Organizations should use contractual and other means to provide a comparable level of protection if the information is disclosed to third parties.
Organizations that typically have the most direct contact and primary relationship with the individual should bear the strongest responsibility for ensuring privacy and security, regardless of where the RFID-tagged items originate or end up in the product life cycle.
2. Identifying Purposes
Organizations should clearly identify and communicate to the individual the purposes for collecting, linking to, or allowing linkage to personal information, in a timely and effective manner. Those purposes should be specific and limited, and the organizations and persons collecting personal information should be able to explain them to the individual.
Organizations must seek individual consent prior to collecting, using, or disclosing personal information linked to an RFID tag. To be valid, consent must be based upon an informed understanding of the existence, type, locations, purposes and actions of the RFID technologies and information used by the organization. Individual privacy choices should be exercised in a timely, easy and effective way, without any coercion. Consumers should be able to remove, disable or deactivate item-level RFID tags, without penalty.
Automatic deactivation of RFID tags, at the point of sale, with the capability to re-activate, should be the ultimate goal. Consumers should be able to choose to re-activate them at a later date, re-purpose them, or otherwise exercise control over the manner in which the tags behave and interact with RFID readers.
4. Limiting Collection
Organizations should not collect or link an RFID tag to personally identifiable information indiscriminately or covertly, or through deception or misleading purposes. The information collected should be limited to the minimum needed to fulfil the stated purposes, with emphasis on minimizing the identifiability of any personal data linked to the tag, minimizing observability of RFID tags by unauthorized readers or persons, and minimizing the linkability of collected data to any personally identifiable information.
5. Limiting Use, Disclosure and Retention
Organizations must obtain additional individual consent to use, disclose or link to personal information for any new purposes. Personal information should only be retained to fulfil the stated purposes, and then securely destroyed. Retailers should incorporate the data minimization principles outlined above, into and throughout their RFID information systems.
Organizations should keep personal and related RFID-linked information as accurate, complete, and up-to-date as is needed for the stated purposes, especially when used to make decisions affecting the individual.
Organizations should protect personal information linked to RFID tags, appropriate to its sensitivity, against loss or theft, and against unauthorized interception, access, disclosure, copying, use, modification, or linkage. Organizations should make their employees aware of the importance of maintaining the confidentiality of personal information through appropriate training. Although physical, organizational and technological measures may all be necessary, technological safeguards should be given special emphasis.
Organizations should make readily available to individuals specific information about their policies and practices relating to the operation of RFID technologies and information systems, and to the management of personal information. This information should be made available in a form that is understandable to the individual.
9. Individual Access
Organizations should, upon request, inform the individual of the existence, use, linkage and disclosure of his or her personal information, provide reasonable access to that information, and the ability to challenge its accuracy and completeness, and have it amended as appropriate.
10. Challenging Compliance
Organizations should have procedures in place to allow an individual to file a complaint concerning compliance with any of the above principles, with the designated person accountable for the organization’s compliance.
A cipher suite combines four kinds of security features, and is given a name in the SSL protocol specification. Before data flows over a SSL connection, both ends attempt to negotiate a cipher suite. This lets them establish an appropriate quality of protection for their communications, within the constraints of the particular mechanism combinations which are available. The features associated with a cipher suite are:
- The protocol, SSL or TLS.
- The type of key exchange algorithm used. SSL defines many; the ones that provide server authentication are the most important ones, but anonymous key exchange is supported. (Note that anonymous key exchange algorithms are subject to “man in the middle” attacks, and are not recommended in the SAML context.) The “RSA” authenticated key exchange algorithm is currently the most interoperable algorithm. Another important key exchange algorithm is the authenticated Diffie-Hellman “DHE_DSS” key exchange, which has no patent-related implementation constraints.
- Whether the key exchange algorithm is freely exportable from the United States of America. Exportable algorithms must use short (512-bit) public keys for key exchange and short (40-bit) symmetric keys for encryption. Keys of these lengths have been successfully attacked, and their use is not recommended.
- The encryption algorithm used. The fastest option is the RC4 stream cipher; DES and variants(DES40, 3DES-EDE) as well as AES are also supported in “cipher block chaining” (CBC) mode.Other modes are also supported, refer to the TLS documentation.
- Null encryption is also an option in some cipher suites. Note that null encryption performs no encryption; in such cases SSL/TLS is used only to authenticate and provide integrity protection. Cipher suites with null encryption do not provide confidentiality, and must not be used in cases where confidentiality is a requirement and is not obtained by means other than SSL/TLS.
- The digest algorithm used for the Message Authentication Code. The recommended choice is SHA1.
- For example, the cipher suite named SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA uses SSL, uses an authenticated Diffie-Hellman key exchange (DHE_DSS), is export grade(EXPORT), uses an exportable variant of the DES cipher (DES40_CBC), and uses the SHA1 digest algorithm in its MAC (SHA).
A given implementation of SSL will support a particular set of cipher suites, and some subset of those will be enabled by default. Applications have a limited degree of control over the cipher suites that are used on their connections; they can enable or disable any of the supported cipher suites, but cannot change the cipher suites that are available.