Upgrade to remove ads
Only ₩37,125/year
- Science
- Computer Science
- Computer Security and Reliability
Review terms and definitions
Focus your studying with a path
Take a practice test
Get faster at matching termsHow do you want to study today?
Flashcards
Learn
Test
Match
Terms in this set (12)
What are the principal elements of a Kerberos system?
A Kerberos server, registered clients, and application servers that share keys with the Kerberos server
What is a Kerberos realm?
A ________ defines what a Kerberos manages in terms of who can access what. Everything that the Kerberos manages that you have access to will be included.
What are the differences between versions 4 and 5 of Kerberos?
Kerberos 4 is currently the most widely used, but version 5 tags the encrypted message with an encryption algorithm identifier which enables users to configure Kerberos to use algorithms other than DES. V5 also supports authentication forwarding which means a client can access a server and use that server's credentials to access another server. Finally it requires fewer key exchanges due to interrealm authentication.
What is X.509?
ITU-T standard for a PKI and privilege management infrastructure (PMI). It specifies the standard formats for PK certs, cert revocation lists, attribute certs, and cert path validation algorithms. It is the most widely accepted format for PK certs. It is used in IPsec, SSL, Secure electronic transactions (SET), S/MIME, eBusiness applications.
What key elements are included in X.509 certs?
The key owns the Subject's X.509 name and PK info, period of validity dates, CA's issuer name, signature.
What is the role of a CA in X.509?
A cert links a PK with the identity of the key's owner with the whole block signed by a trusted third party. This third party is typically a ____.
What different types of X.509 certs exist?
conventional (long-lived), short-lived, proxy, and attribute
What alternatives exist to check that an X.509 cert has not been revoked?
The Online Certificate Status Protocol (OCSP) can be used to query the CA as to whether a specific certificate is valid. The Authority Information Access extension in a cert can specify the address of the OCSP server to use.
What is a Public Key Infrastructure?
A _______ is an arrangement that binds public keys with respective user identities by means of a certificate authority.
How do most the most current X.509 implementations check the validity of signatures on a certificate?
Current ones come with a large list of CAs and their public keys, known as a "trust store". These CAs usually either directly sign "end user" certs or sign a small number of intermediate CAs that in turn sign "end user" certs.
What are some key problems with current PKI implementations?
Relying on the user to make an informed decision when there is a problem verifying a cert, assumption that all of the CAs in the "trust store" are equally trusted, equally well managed, and apply equivalent policies, different implementations on the different web browsers and OS use different trust stores and therefore present difficult security views.
List the key elements of the PKIX model?
End entity, certificate authority, registration authority, and CRL issuer and repository.
Recommended textbook solutionsIntroduction to the Theory of Computation
3rd EditionMichael Sipser
389 solutions
Introduction to Algorithms
3rd EditionCharles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen
720 solutions
Engineering Electromagnetics
8th EditionJohn Buck, William Hayt
483 solutions
Computer Organization and Design MIPS Edition: The Hardware/Software Interface
5th EditionDavid A. Patterson, John L. Hennessy
220 solutions
Sets with similar terms3.5
16 terms
stitch40us
IS 672: Chapter 04
14 terms
rachellinonis
Chapter 6
30 terms
andesava
Sets found in the same folder
PKI
69 terms
speedymarv
70-411 Lesson 15
10 terms
NoLocalAreaNetwork
P
28 terms
azaz1
Chapter 11 Computer Security Principles and Practi…
19 terms
taf4466
Other sets by this creatorControls
19 terms
leeamanda7
Exam 3 terms
58 terms
leeamanda7
IT Project
98 terms
leeamanda7
LIS 4774 ch 7
27 terms
leeamanda7
Verified questionsCOMPUTER SCIENCE
A hotel salesperson enters sales in a text file. Each line contains the following, separated by semicolons: The name of the client, the service sold (such as Dinner, Conference, Lodging, and so on), the amount of the sale, and the date of that event. Write a program that reads such a file and displays the total amount for each service category. Display an error if the file does not exist or the format is incorrect.
Verified answer
COMPUTER SCIENCE
Write down the result. (a) print("Hello, world!") (b) print("Hello", "world!") (c) print(3) (d) print(3.0) (e) print(2 + 3) (f) print(2.0 + 3.0) (g) print("2" + "3") (h) print("2 + 3 =", 2 + 3) (i) print(2 * 3) (j) print(2 ** 3) (k) print(2 / 3)
Verified answer
COMPUTER SCIENCE
Convert 5ED4 into a binary number. What makes base 16 (hexadecimal) an attractive numbering system for representing values in computers?
Verified answer
COMPUTER SCIENCE
Write the declaration of a union called Items with the following members: alpha a character num an integer bigNum a long integer real a float Next, write the definition of an Items union variable.
Verified answer
Other Quizlet setsChemistry-Periodic Table Trends
11 terms
KAYA_ROGERS1
Islam
190 terms
ashia_moore
History Final Review Tests
31 terms
jessicagranner
Fitness For Life Final
47 terms
ana_souffront8
Related questionsQUESTION
email digital signature (to maintain integrity)
3 answers
QUESTION
What is an auto scaling group?
15 answers
QUESTION
In addition to providing authentication, a message digest also provides data integrity and performs the same function as a frame check sequence.
5 answers
QUESTION
DNS resolves domain names. If were to be corrupted, users could be directed to spoofed websites. Disrupting DNS can also perform Denial of Service.
2 answers