Information Technology Reference
In-Depth Information
These properties are all based on a distinction between authorized and
unauthorized persons. The distinction between them involves a process
that consists of three steps: identification (the user declares the identity),
authentication (the system checks the validity of the request) and authoriza-
tion (granting rights for the specific service). An authentication failure can
easily lead to violations of confidentiality, integrity and availability.
For example, protecting our secrets with encryption is not very effective
if the true identity of the recipient is different from what we expected. So it is
natural to pay attention especially to the authentication process.
The safety requirements that a network must accomplish are as follows:
•
Authentication
: the users confirm their identity through questions that only
they will be able to answer; two parties that want to communicate (exchange
information) must first of all identify each other (mutual authentication);
•
Data integrity
: ensuring that the message has not been changed during the
journey;
•
Secrecy
: encrypt data in a way that it is incomprehensible in case of their
detection;
•
Access control
: access to resources must be controlled by and for the
system and
•
Availability - confidentiality (privacy)
: a system must be available only to
authorized users, only those who are authorized have access to confi-
dential information.
The access to a computer always takes place through a channel of
communication, whether virtual (remote login) or physical (an operator who
sits in front of the console of a Mainframe has direct access to the machine).
To realize the aforementioned threats, someone should access to the
computer and then take control of one of the channels. In modern distributed
systems connecting to a network through fast and flexible communication
channels is a great way to access information, but at the same time it is an
easy target for different types of attack, which essentially aim to examine/
modify information which passes through them.
1.3
Transient secure association
Systems based on peer-to-peer today involve almost the entire world of
computing, but their network connectivity is structurally not stable and
therefore not guaranteed. Traditional approaches to authentication from
Kerberos to Public-Key Certificates are therefore not enforceable, since they
rely on online connectivity to an authentication server.
We need new solutions: these are of particular note in the transient secure
association [2]. In the world of UC it would be desirable not disseminating
