Access Control and Encryption Policies Quiz

Questions and Answers

What is the main purpose of an access control policy in a business?

• To define the cost of resources in the business
• To set rules for user access to information and resources (correct)
• To manage employee performance evaluations
• To outline marketing strategies for user engagement

What may happen if an access control policy does not conform to data protection rules?

• Access to all data will be revoked immediately
• The policy will be automatically updated
• Users may gain unauthorized access to resources
• There could be legal action in response to a data breach (correct)

How do access control lists (ACLs) function in resource management?

• They facilitate automatic backups of database files
• They generate reports on user activity levels
• They ensure all users have equal access to all resources
• They serve as tables linking users with their permissions for various resources (correct)

What issue can arise from having access control lists based on individual permissions?

They can become excessively large and complex (C)

What is a potential benefit of establishing an access control policy for new users in a system?

It helps ensure consistent access rights for new users (B)

What is a fundamental problem associated with symmetric encryption?

The risk of key interception during sharing (B)

In asymmetric encryption, which key is used to decrypt a message encrypted with the public key?

The corresponding private key (A)

Which of the following statements is true regarding public keys in asymmetric encryption?

They can be freely shared and published (B)

What must Alice and Bob each have to use symmetric encryption securely?

A copy of the same encryption key (C)

How does symmetric encryption handle the encryption key for communication?

It requires the key to be securely exchanged between parties (B)

Which of the following accurately describes asymmetric encryption?

It utilizes a pair of different keys for different processes (D)

What can be a consequence of an attacker compromising a symmetric encryption key?

All past and future messages can be read (A)

Which term is used to describe the key that remains private in an asymmetric encryption scheme?

Private key (A)

What must users be made aware of regarding their personal data?

What data is collected and its purpose (B)

Why is user consent critical before data disclosure?

It is a legal requirement to protect user rights (C)

What is a crucial principle regarding the lifetime of user data?

Data must be deleted if a user deletes their account (D)

Which principle addresses how personal data can be altered by users?

Discovery and error correction (A)

What must a company ensure regarding data storage location?

Data must only be stored in countries with strong data laws (A)

What type of policy should a company establish regarding user data?

A privacy policy for data management (A)

What aspect of data security is emphasized for companies handling personal data?

Maintaining secure storage to prevent unauthorized access (C)

What should not be a reason for extending the data lifetime?

The potential for future marketing (B)

What is the purpose of encrypting the long random numbers exchanged between the client and server?

To generate a common encryption key without direct exchange (C)

Which protocol should be used for transferring data over the Internet to ensure encryption?

HTTPS (C)

What does data 'at rest' refer to in the context of encryption?

Data stored without being accessed (B)

What is one of the challenges of encrypting data in use?

It slows down system response time. (B)

What is an expected outcome of data theft when data is encrypted?

Thieves find it very difficult and expensive to use the data. (A)

Which authentication method relies on the user providing secret personal information?

Knowledge-based authentication (A)

How do both the client and server create an encryption key for subsequent communication?

By using the long random numbers they generated (B)

What is an example of possession-based authentication?

Mobile device verification (C)

What is one significant limitation of encrypting data in use?

Implementing a general search mechanism is impossible. (B)

Which of the following is a common weakness of password-based authentication?

Password reuse across multiple sites (A)

What does the application do with the data it decides to encrypt?

Encrypts the data before it gets processed (D)

Which authentication method utilizes a unique biometric feature for user verification?

Attribute-based authentication (B)

What does multi-factor authentication require from users?

At least two different authentication methods (A)

What aspect of password security can make it easy for attackers to access accounts?

Using passwords that are easy to remember (B)

What can happen if a user forgets their password?

They often need a password recovery mechanism (A)

Which type of attack involves misleading users into providing their login details via fake sites?

Phishing attack (D)

What is the primary purpose of session cookies in the authentication process?

To keep users logged in during a session (A)

Which of the following methods can attackers use to obtain session cookies?

Cross-site scripting attacks and traffic monitoring (C)

What is a recommended action to reduce the risk of session hijacking?

Using multi-factor authentication for sensitive actions (D)

How can traffic encryption enhance security during the authentication process?

By protecting session cookies from being intercepted (C)

Which of the following is NOT an action recommended to mitigate session hijacking risks?

Using ineffective passwords for user accounts (D)

What characterizes a distributed denial of service (DDoS) attack?

It uses numerous hijacked computers to overwhelm a service (C)

Why is it important to implement short timeouts on user sessions?

To ensure users are logged out in case of inactivity (A)

What is a common outcome of a successful denial of service attack?

System unavailability for legitimate users (C)

Flashcards

Session Hijacking

A type of attack where an attacker obtains a user's session cookie and uses it to impersonate them.

Cross-Site Scripting (XSS) Attack

An attack that uses malware to steal session cookies from a user's device.

Traffic Monitoring

An attack that involves monitoring traffic between a user and a server to identify and capture session cookies.

Denial of Service (DoS) Attack

A type of attack that aims to make a system unavailable for normal use by overloading it with requests.

Distributed Denial of Service (DDoS) Attack

A type of DoS attack where many compromised computers (botnet) simultaneously target a server.

Traffic Encryption

Encrypting network traffic between a client and server to make it difficult for attackers to monitor.

Multi-Factor Authentication (MFA)

A security measure that requires users to provide multiple forms of identification (e.g., password and code from phone).

Short Timeouts

Setting a short time limit for a user session, automatically ending it if there's no activity.

Access Control Policy

A set of rules that outlines who has access to what information and what actions they are allowed to perform.

Access Control List (ACL)

A table that maps users to resources and specifies their permissions.

Explicit Access Control

The process of explicitly defining user access rights based on rules and policies.

Data Breach (Related to Access Control Policy)

A breach of security that can lead to legal consequences if the access control policy doesn't comply with data protection regulations.

Default Access Rights

Default access rights are automatically granted to new users based on their predefined role or group.

Knowledge-based Authentication

Authentication method that relies on the user remembering a secret piece of information, typically a password.

Possession-based Authentication

Authentication method that relies on the user possessing a physical device, like a phone, which can generate or display information known to the system.

Attribute-based Authentication

Authentication method that relies on a unique biometric attribute of the user, like a fingerprint, which is registered with the system.

Phishing Attack

A type of attack that aims to trick users into revealing their passwords by using fake websites or emails that appear legitimate.

Password Reuse

A situation where users use the same password for multiple accounts. If one account is compromised, it can lead to breaches in other accounts.

Forgotten Passwords

A common problem where users forget their passwords, requiring a reset mechanism.

Insecure Passwords

A situation where users choose passwords that are simple or easy to guess, making it easier for attackers to compromise their accounts.

Multi-factor Authentication

A security measure that combines two or more authentication methods, requiring users to provide more than one piece of evidence to prove their identity.

Symmetric Encryption

An encryption method where the same key is used to both encrypt and decrypt data.

Asymmetric Encryption

A type of encryption where different keys are used for encryption and decryption. One key is public, the other is private.

Encryption

The process of converting plain text into an unreadable format using an encryption key.

Decryption

The process of converting encrypted text back into its original readable form using a decryption key.

Encryption key

A secret code that is used to encrypt and decrypt data.

Key Sharing Problem

In symmetric encryption, both parties need to securely share the same secret key.

Public key

This is the key that can be shared publicly, allowing anyone to encrypt messages.

Private key

This is the key that must be kept secret, used to decrypt messages that were encrypted with its corresponding public key.

Data in Transit Encryption

The transmission of data between a client and a server is protected using cryptographic techniques. It's like putting a lock on your mail before sending it.

Data at Rest Encryption

Data that is stored on devices is encrypted, making it difficult for unauthorized individuals to access it. Imagine locking your important files in a safe.

Data in Use Encryption

The process of encrypting data that is being actively used by a computer system. Protecting data even when it's being actively used.

Diffie-Hellman Key Exchange

A secure method for establishing shared encryption keys between a client and a server without exchanging those keys directly. It's like exchanging secret codes without revealing them.

HTTPS (Hypertext Transfer Protocol Secure)

A secure protocol that ensures the confidentiality and integrity of data transmitted over the internet using HTTPS. It's like putting a secure lock on your web browser.

Data Encryption

A process that uses cryptography to transform data into an unintelligible form. It's like scrambling a message so only someone with the key can understand it.

What are data protection laws?

Data protection laws are regulations that govern how personal information is collected, stored, and used by organizations. They exist to protect individuals' privacy and ensure responsible data handling.

What are the rights of data subjects?

Data subjects have the right to access, correct, or delete their personal data held by organizations. They also have the right to restrict or object to the processing of their data.

Who is a data controller?

A data controller is an organization that is responsible for collecting and processing personal data. They are accountable for complying with data protection laws and ensuring the security of data.

What is a privacy policy?

A privacy policy is a document that outlines how an organization collects, uses, and protects users' personal information. It should be clear, concise, and easily accessible to users.

What are data protection principles?

Data protection principles ensure that personal information is processed fairly, lawfully, and transparently. These principles include awareness and control, purpose limitation, consent, data lifetime, secure storage, discovery and error correction, and location.

What is awareness and control?

Awareness and control means users should be informed about what data is collected and have the ability to manage their personal information.

What is purpose limitation?

Purpose limitation means data should only be collected and used for specific, legitimate purposes that are clearly communicated to users.

What is consent?

Consent means organizations must obtain explicit permission from individuals before using their personal data for any purpose other than the original one.

Study Notes

Introduction to System Analysis and Design

• Course code: BIS301
• Lecture notes partly based on Ian Sommerville's work.
• Year: 2023

Software Security

• High priority for developers and users.
• Malicious attacks lead to losses, potentially business closure.
• Unavailability or data breaches can cause user cancellations.
• Recovery takes time and effort, better spent on software.

Types of Security Threats

• Availability threats: Prevent authorized users from accessing the system (e.g., Distributed Denial of Service attacks).
• Integrity threats: Damage the system or its data (e.g., viruses, ransomware).
• Confidentiality threats: Gain access to private information (e.g., data theft).

System Infrastructure Stack

• Operational environment
• Application
• Frameworks and application libraries
• Browsers and messaging system libraries
• Database
• Operating system
• Software infrastructure
• Network

Security Management

• Authentication and authorization: Strong authentication standards and proper permissions minimize unauthorized access.
• System infrastructure management: Configure infrastructure software and apply security updates promptly.
• Attack monitoring: Regularly check for unauthorized access and implement resistance strategies.
• Backup: Implement policies to maintain undamaged copies of program and data files.

Operational Security

• Focuses on user security.
• User attacks trick users into revealing credentials or accessing malware (e.g., key-logging).
• Procedures include automatic logouts in shared spaces, user command logging and multi-factor authentication.

Injection Attacks

• Malicious users insert malicious code or commands through valid input fields.
• Execution of these instructions causes damage to the system (e.g., buffer overflow and SQL poisoning attacks).

SQL Poisoning Attacks

• Attacks on SQL database systems.
• Malicious users input SQL fragments into form fields.
• These fragments modify queries to access unauthorized data.

Cross-Site Scripting Attacks

• Another form of injection attack.
• Attacker injects malicious Javascript code into web pages.
• Code executes in user's browser, potentially stealing information or redirecting to malicious websites.
• Stolen cookies allow session hijacking.
• Input validation can prevent these attacks.

Session Hijacking Attacks

• Attackers gain session cookie to impersonate a legitimate user.
• Multiple methods exist (e.g., cross-site scripting, traffic monitoring).
• Malicious code can steal session cookies from victims.
• Traffic monitoring intercepts client-server communication.

Actions to Reduce Hacking

• Traffic encryption: Use HTTPS to encrypt data transmission.
• Multi-factor authentication: Require multiple authentication factors to reduce risk from stolen credentials.
• Short timeouts: Set short session timeouts to prevent prolonged unauthorized access.

Denial of Service Attacks

• Attacks to make a software system unavailable for normal use.
• Distributed Denial of Service (DDoS) attacks use multiple computers or systems to overwhelm the server.
• Other types target application users (e.g., user lockout attacks, brute-force attacks using email addresses).

Brute Force Attacks

• Attackers repeatedly try different passwords until one works.
• Some use password lists and generators.
• Using strong, unguessable passwords reduces this risk.

Authentication

• Process to verify a user's identity.
• Essential in software that stores user information.
• Enables personalization of user experiences.

Authentication Approaches

• Knowledge-based: User provides personal information.
• Possession-based: Physical device authentication.
• Attribute-based: Biometric attributes (e.g., fingerprints).
• Multi-factor: Combines multiple authentication methods.

Password-Based Authentication Weaknesses

• Insecure passwords: Easy-to-guess or -remember passwords are vulnerable.
• Phishing attacks: Users clicking on fake links to collect credentials.
• Password reuse: Using same password across different sites increases vulnerability.
• Forgotten passwords: Issues with recovery mechanisms for stolen credentials.

Federated Identity

• Authentication approach using external authentication services.
• Example: Login with Google/Facebook.
• Single set of credentials stored by trusted identity service.
• Reduced risk of security breaches due to fewer storage locations.

Authorization

• Complementary process to authentication; controls access to system resources.
• Access based on user identity and defined policy.
• Example: Shared folder access permissions.

Access Control Policies

• Define access rights to resources.
• Ensure compliance with data protection rules.
• Starting point for system access control scheme.
• Define access rights for new users (e.g., students in a system).

Access Control Lists (ACLs)

• Tables that link users to resources, defining permissions.
• Defined permissions on files or databases.
• Access can be granular, based on individual or group permissions.

Encryption

• Process of making data unreadable to unauthorized users.
• Uses transformations with a secret key.
• Modern techniques are effective but technology advancements can make apparent security vulnerable.

Symmetric Encryption

• Same key for encryption and decryption.
• Securely sharing the key is problematic.
• Potential for interception compromising all future communications.

Asymmetric Encryption

• Different Keys for encryption and decryption. (Public/Private).
• Public keys can be distributed freely. Private keys are used to decrypt received messages containing a Public Key.
• Asymmetric keys can also verify a user's identity.

Encryption and Authentication

• Asymmetric encryption to verify sender identity.
• Bob uses private key to encrypt message.
• Alice decrypts it with Bob's public key, verifying correct identification.

TLS and Digital Certificates

• Standard for secure web communication.
• Verifies server identity.
• Uses digital certificates, issued by Certificate Authorities (CAs).
• Digital certificates are signed using the CA's private key and include the CA's public key to verify.

Data Encryption

• Encryption helps protect data from unauthorized access (in-transit, at rest and in-use).
• Important in cloud products.
• Prevents theft or use of sensitive data.
• Encrypting data at rest.
• Using HTTPS protocol for encrypting data in-transit.

Key Management

• Ensures that encryption keys are securely generated, stored and accessed.
• Automation is needed for large numbers of keys.
• Key Management System (KMS): Specialized database for storing and managing keys.

Long-Term Key Storage

• Regulations require data retention for several years.
• Using archival data with a different key reduces risks.
• Key Management Systems provide timestamped keys for backups and archives.

Privacy

• Social concept relating to how personal information is collected, shared, and used.
• Importance varies across cultures and individuals.
• User preferences should be reflected in privacy policies.

Business Reasons for Privacy

• Compliance with data protection regulations is essential.
• Privacy safeguards reduce legal risks for business users.
• Reputational damage can result from privacy leaks/misuse.

Data Protection Laws

• Laws in many countries define acceptable data collection, use, and handling. (e.g., GDPR).
• Example of restrictions on information usage is given in the slide which specifies that use of health information is only allowed to the extent user gave permission for advertising).
• Rules for data storage, use and subject access.

Privacy Policy

• Defines how personal and sensitive user data is managed.
• Should be clear, consistent and user-friendly (terms and conditions are generally not user-friendly).