18889490
Description
Mind Map by DULCE LIZBETH FUENTES VILLA, updated more than 1 year ago
|
Created by DULCE LIZBETH FUENTES VILLA
almost 6 years ago
|
|
SecurityU5
- Security
implementation
- Encrypt /
Decrypt
- Encryption is the process with which we encrypt a
text and make it something unintelligible to some
other system / person.
- To decrypt consists in the process of taking an encrypted text
and we convert it into an understandable text by some other
system / person to achieve this the receiver must have a key
(something similar to the key to use to enter an email).
- Encryption is the process with which we encrypt a
text and make it something unintelligible to some
other system / person.
- AES algorithm y CryptoJS The AES (Advanced Encryption Standard)
algorithm is one of the most popular for encrypting information
because it was designed to be optimal in Hardware and Software, in
addition to supporting blocks of lengths of 128, 192, and 256 bits
which is a way to make it more difficult to decrypt without having
the key.
- Encrypt /
Decrypt
- Traditional security
measures
- A digital signature is a cryptographic
mechanism that allows the recipient of
a digitally signed message to identify
the originator of that message and
confirm that the message has not been
altered since it was signed by the
originator
- Safe siteIt is a web page
that assures us in
various ways that the
data should not be used
for illegitimate
purposes or to cause us
any harm.
- Firewalls, Wrappers and Proxies
They offer a line of defense for
Web server owners and system
administrators. Firewalls allow
only certain trusted domain
names to access the system. The
wrappers run as a software layer
around their other software. They
can act as firewalls and can
actually reject users based on
their user names as well as their
domain names. It also allows you
to create dead ends that allow you
to catch pirates. Proxy mode is a
method that allows you to hide
data by rerouting requests.
Requests can be filtered by server
software..
- Data Encryption is a
procedure whereby files, or
any type of document,
become completely illegible
thanks to an algorithm that
messes up its components.
- Symmetric encryption is
one that uses the same
key to encrypt and
decrypt.
- Asymmetric data encryption
different keys are used: a public
key to encrypt and a private key
to decrypt, so that it is impossible
to deduce the private password
through the public one
- Symmetric encryption is
one that uses the same
key to encrypt and
decrypt.
- A digital signature is a cryptographic
mechanism that allows the recipient of
a digitally signed message to identify
the originator of that message and
confirm that the message has not been
altered since it was signed by the
originator
- Security protocols
- WEP (Wired Equivalent
Privacy)
- WEP was the first security standard for Wi-Fi networks. It is the
encryption system included in the IEEE 802.11 standard as a protocol
for Wireless networks that allows encryption of the information
transmitted. It provides a level 2 encryption, based on the RC4
encryption algorithm that uses 64-bit keys (40 bits plus 24 bits of the
IV initiation vector) or 128 bits (104 bits plus 24 bits of the IV).
Broadcast messages from wireless networks are transmitted by radio
waves, which makes them more susceptible, compared to wired
networks, to be captured with relative ease.
- WEP was the first security standard for Wi-Fi networks. It is the
encryption system included in the IEEE 802.11 standard as a protocol
for Wireless networks that allows encryption of the information
transmitted. It provides a level 2 encryption, based on the RC4
encryption algorithm that uses 64-bit keys (40 bits plus 24 bits of the
IV initiation vector) or 128 bits (104 bits plus 24 bits of the IV).
Broadcast messages from wireless networks are transmitted by radio
waves, which makes them more susceptible, compared to wired
networks, to be captured with relative ease.
- WPA (Wi-Fi Protected
Access)
- It emerged to correct the limitations of the WEP. It
introduced security improvements such as the TKIP
(Temporal Key Integrity Protocol), which varies by
itself the Wi-Fi password from time to time. Its most
normal variant is the WPA-Personal. Use the PSK
system, or pre-shared key. In it, all users of the
wireless network have the same Wi-Fi password,
which the user defines. See below how to choose a
strong key.
- It emerged to correct the limitations of the WEP. It
introduced security improvements such as the TKIP
(Temporal Key Integrity Protocol), which varies by
itself the Wi-Fi password from time to time. Its most
normal variant is the WPA-Personal. Use the PSK
system, or pre-shared key. In it, all users of the
wireless network have the same Wi-Fi password,
which the user defines. See below how to choose a
strong key.
- WPA2
- It is the most modern
standard for
protecting wireless
networks and the one
recommended by the
Wi-Fi Alliance. There is
also a personal
(WPA2-Personal) and
business
(WPA2-Enterprise)
version. WPA2 is
compatible with WPA,
which means that in
your Wi-Fi network you
can use PCs or devices
(router, network
adapters ...) that
support one or the
other system
- It is the most modern
standard for
protecting wireless
networks and the one
recommended by the
Wi-Fi Alliance. There is
also a personal
(WPA2-Personal) and
business
(WPA2-Enterprise)
version. WPA2 is
compatible with WPA,
which means that in
your Wi-Fi network you
can use PCs or devices
(router, network
adapters ...) that
support one or the
other system
- WEP (Wired Equivalent
Privacy)
- Level security model
- Level 1:Operational
System
- Risks: virus and malicious code, attacks
of denial of service due to system
saturation (eg buffer overflow),
unauthorized access to system for theft
or loss of the device. Countermeasures:
use protection systems local as
antivirus software or personal firewalls,
enable the use of strong passwords to
restrict access to the system or use
third-party software to enable this
functionality, disable all automatic
system actions like the re- message
routing.
- Risks: virus and malicious code, attacks
of denial of service due to system
saturation (eg buffer overflow),
unauthorized access to system for theft
or loss of the device. Countermeasures:
use protection systems local as
antivirus software or personal firewalls,
enable the use of strong passwords to
restrict access to the system or use
third-party software to enable this
functionality, disable all automatic
system actions like the re- message
routing.
- Level
2:Communications
- Risks: denial of service attacks from packet
flooding, signal degradation introducing
interference, interception and traffic
monitoring (wireless sniffing), extraction
remote information, user impersonation valid
within a network using devices stolen,
introduction of virus and malicious code in
corporate networks, common attacks on
networks TCP / IP as: spoofing, session
hijacking, DDoS.
- Risks: denial of service attacks from packet
flooding, signal degradation introducing
interference, interception and traffic
monitoring (wireless sniffing), extraction
remote information, user impersonation valid
within a network using devices stolen,
introduction of virus and malicious code in
corporate networks, common attacks on
networks TCP / IP as: spoofing, session
hijacking, DDoS.
- Level 3:Data
Storage
- Risks: unauthorized access to
information confidential by a
third party, alteration of data
illegally, credential extraction
of access to sensitive corporate
resources or systems.
Countermeasures: protect
access to the device requesting
password to enter the system,
use third-party software that
allows encryption disk constant
or local memory.
- Risks: unauthorized access to
information confidential by a
third party, alteration of data
illegally, credential extraction
of access to sensitive corporate
resources or systems.
Countermeasures: protect
access to the device requesting
password to enter the system,
use third-party software that
allows encryption disk constant
or local memory.
- Level 4: Application
Environment
- Risks: denial of local service due to
undue invocation, denial of service
over remote servers (WAP or C / S
applications), downloading
applications that contain code
malicious. Countermeasures: protect
remote resources that support the
mobile application against possible
denial of service attacks (application e
infrastructure), download mobile
applications from third parties only
from reliable sites and preferably
digitally signed (MAS Project), use
practices of secure programming (eg
OWASP).
- Risks: denial of local service due to
undue invocation, denial of service
over remote servers (WAP or C / S
applications), downloading
applications that contain code
malicious. Countermeasures: protect
remote resources that support the
mobile application against possible
denial of service attacks (application e
infrastructure), download mobile
applications from third parties only
from reliable sites and preferably
digitally signed (MAS Project), use
practices of secure programming (eg
OWASP).
- Level 1:Operational
System
Media attachments
Want to create your own Mind Maps for free with GoConqr? Learn more.