 If you have been on Piazza, I posted a Maria's Point review. And so if you've filled that form out, thank you for doing so. And then we will go over the Maria's Points as the first review section of this. I can see that some people inquired if this will be recorded. Yes, it will be recorded. I will send the file to Adam and hopefully he can upload it to the server for everyone to view. And so the general schedule of everything is that we're going to first cover the Maria's Points. And then after that, we will go along general, generally throughout the lecture material. So starting with access control and the cryptography, and then the last one being authentication, right. And then after that, we will also go over, we will also go over the midterm review. So with that being said, I'm going to start screen sharing to then start the review, start video. Hopefully everyone can, oh, everyone sees my face. Okay, can everyone see the PowerPoint? Okay. Can everyone see the full screen PowerPoint? All right, sounds good. So again, like I said, the topics that will be in this Maria's Review based on your guys's response is as shown above. Personally, I'll be doing the access control models all the way down to the hash functions. And then Ian will take over from there and cover the index coincidences and so on and so forth until the end of the money is points. And so going along with that, let's start with the first topic. So within access control models. In a general standpoint, the access control models is used to restrict information to a certain level of authentication. So that's the user needs to provide an authentication method to be able to access the information that he or she wishes. And so within the access control model, it is usually split into three components. The three components are listed on the screen as subjects objects and rights subjects are things in the system that can act such as a person or user or in a typical case, it's a person acting on the system. For me, for example, it could be you trying to access your my as you that sort of thing. The objects are things within the system that can be manipulated upon so usually these are files within the system but they can be also other things such as passwords or other objects that are accessible. Once you authenticate yourself within a certain system. And then the rights are a category where what are you allowed to do within this system and so usually this is a subject to object relationship. And so in regards to a file, for example, can you write, can you write to this file, can you read to this file. And so these are the things that we need to explore in regards to that. And so moving on, within the lecture material Adam has talked about that usually this is represented as an access control matrix. And so you can see on the screen here that we have a matrix where P and Q are your subjects. FGP Q are your objects that can be acted upon. And then within the cross section within the innards of the matrix you have your rights. And so if this was a typical file system. You can say that subject P, for example, has rights are w o to object F, and then you can also read more examples down below on the bottom side of the screen. And so these can replicate rights that are typical in a file system so for example read and write or execute for example. And so this matrix model encompasses your entire system in that regard. And so moving on from there from the matrix. That's how we visually analyze or view the subject objects rights relationships between none another. However, when we try to implement such a matrix into hardware or software for example, typically two different ways we do that and then both ways are called access control list and computer capability list. So starting with access control lists or ACL for short term. Access control list implements a list based on permissions rolling on the object. And so usually this is a column structure where the header of the column is the object itself, and the object then lists who has access to the object. And so, typically, for example, if there's a sensitive file on your computer system, and your computer system has multitude of users in this style of the access control list the object has a list of all the users that can access the object. The capability list is the opposite in which case it implements a list based on the permissions revolve around the subject. And so, like it implies, the subject is then granted. And so it relates in relationship to the objects that it wants to access upon. And so a good way to visualize this is that when you log into my as you for example, you're granted a certain number of things to access. And so, and you're not allowed to access any other, you know, like another students information you're only able to access your own information in that regard. That's the only way that is abundantly clear. Moving on from the access control matrix, we also have different types of models to implement. And so we have the four primary models which is the mandatory mandatory access control discretionary access control role based and attribute based access control with each being its own separate entity and its own usefulness within the system. So the system like for example, mandatory access control, primarily is when the system controls access to an object. And so a good example of this is what we learned in the lecture of having clearance levels of for example, secret top secret confidential override, in which case this system labeling or system of clearance dictates whether or not user can access sensitive material or not discretionary access control is more sorry, discretionary access control is an access control method model that is up to the owner of whoever created the object to basically give access to other people an example of this is listed as an exterior system admin gives you access to restricted property database for example. Another example is that if let's say you make a file and then you give other users access to the file in that regard. Out of the access control methods role based and attribute based or perhaps some of the more complex access control models. The reason being is because it allows more specific specific titles. So role based to access an object, it is dictated by the role of the certain individual that wishes to access the object. And so an example, a very common example is job titles, for example. And so within job titles, you can be the administrator which accesses everything on the administrative side, you can be a system engineer, which access all the software code products and hardware. You can be a company potentially developed or you could be a customer which case the only access that you have is probably like your own bank account for example, you can't like transfer funds from someone else's bank account to your bank account because again, you don't have that access. So that's role based attribute based is perhaps a more complex. So compared to the others, in which case it allows for more specificity. And so things like age, maybe your salary amount, your membership type, or your department like is that is listed can then focus on how you access a particular system in that regard. So hopefully that is made abundantly clear. So moving on, one very confusing topic that was brought up was the Bella pool or pool Dula model. And so in my expressions. The best way to simplify the model is the model attempts to simplify the access control groupings of security labels through a symbolic expression. Within the lecture materials, you will come across the lecture slides that say the security level of L and C dominate the security levels, only if, and only if the security level of the target is less than the security level that you currently have and that the category of the target is within the limit of what you have as well, where L represents the security level and C represents the category they're trying to access. And so the best way to summarize L and C is that L is the nature of the security level of which the relationship must be lower than the security level. And so because of this, you must have a higher security level. If you potentially, for example, want to read a object that is of lower security clearance. An example of this is if you have top secret clearance right, you should be able to read a secret maybe unclassified piece of document, because you have the clearance to do so. And so therefore you dominate the object in terms of just security level. It categorizes the categories that a certain object may have. And so in order to access a object with a certain category or clearance level. The clearance level must be within the subset of the security level that that you are a category level that you have currently we're going to more details within the next slide. However, to fulfill access the document and to ultimately dominate the object. The objects category must be within the subset of the category that you possess. And so having both of these categories means you fully dominate an object and it can perform certain actions the object. And the reason why I say this should sound familiar is because it highlights the model that within the lecture where you can write up in terms of security level but can only read down in terms of your level as well. And so being able to understand this, I would say, or at least memorizing this depiction of the security levels is something that is very important to know and it's something that the model attempts to highlight in a symbolic nature. Okay. I want to more details about that with when we go through the lecture slides. And so the last thing that I will be presenting is the cryptographic hash functions, and which case, within the cryptographic hax functions, the goal of how she and something is to translate is of unique input. So it could be your password, for example, or a string that you don't want other people to know, and give it a fixed uniform output that is also just as unique and so that there's no way to possibly reverse engineer. And so this is actually one of the properties of a hash function, and that for a given input, it should be revered it should be difficult to reverse and figure out the original plain text. And this is called pre image resistance right if someone uses a one way hash function, you, the resulting hash function should not be reversible, and this is something that is very hard to do. And theoretically it should be impossible to do because every input has one unique output. Another property for hash functions is that for a given input it should be difficult to find another input that results the same hash output. So this is called the second pre image resistance. The reason why we do this is so that we prevent collate we prevent two inputs to the results the same output, but, and this can be a little bit confusing, but you should with the given hash output, you should not be able to find another string that results to another to the same hash output. And the reason why I say it's a little bit confusing is because for three, for example, for a given input it should be difficult to have two messages result the same hash output this is called collision resistance. So two and three, they touch on very similar topics, however, three focuses on if you have two known inputs, where two or second pre image resistance only focus on one given input, and potentially reverse engineering that hash output to find another input that results the same hash. And so it will be more explained on the next relationship on the next slide however theoretically with all these properties. The hash values are to have a one to one relationship theoretically so that each input provides a unique ID output. Like I said the reason for the properties is so that it's hard to distinguish. And so the pre image resistance defense against trying to decipher a hash output back to the original plain text, like I said before. The second pre image resistance defense against deciphering a hash output to another plain text that wasn't your original. And so the reason for this is that we want to potentially eliminate any possible relationship between the plain text in the original hash output and also potentially any other inputs that can result to the same hash. And collision resistance defense against repeated hash functions and repeated patterns that could occur in the hash output that can be resulted from different plain text. And with that, I'm going to turn it over to I believe Ian, so that he can present his slides. Everybody hear me. All right then. So what I'm going to be covering is index of coincidence. Let's see. We're going to be covering index of coincidence, cyber analysis, symmetric and asymmetric keys. Intention codes. Let's start off with the index of coincidence. The index of coincidence is just an indicator. It helps us determine how the distribution of letters in a cypher look like. So if you're just going to be focusing on the English language most of the time, we can see that English has an index of coincidence of 0.0667. And so on and so forth for the other different languages. So the fact about what an interesting thing about the index of coincidence. If you given a plain text in each of those respective languages down there. No matter how you encrypted with a Caesar cypher specifically the index of coincidence coincidence still remains the same. So if you're giving me a plain text in English saying my name is Ian. The index of coincidence of that is 0.0667, which it should be around no matter how I encrypted with a Caesar cypher using letters A through Z. That means the index of coincidence of the encrypted version of my name is Ian is still going to be around that same thing because of frequency or just shifted to different letters. But now we're going to see how the index of coincidence helps in terms of actual encryption when you're dealing with Caesar cypher and visionary cypher. So when given an encrypted text you needed to determine what type of cypher it is, and given on a seven three you've had to deal with the Caesar cypher and the visionary cypher and the Julius and Alan test and also the alpha beta test. So if I want to determine given an encryption what it is, I always want to first check the index of coincidence, because I'm going to first assume hey it's probably a Caesar cypher just off the top of my head. So if I do find it in the area of 0.067, I'm going to assume it's a Caesar cypher. Once again the index of coincidence is really just a bunch of statistics just put over the course of many years. So it's not always going to be accurate. So given an encryption, I'm always going to say hey, let me try a Caesar cypher first. And, you know, and the main way to deal with the Caesar cypher is of course I'm reinforcing. That's all you have to do. And if none of them returned to give me like an actual English worthy text. I can assume it's probably a visionary cypher where it's just not A through Z but it's actual keys, actual phrases like key, K, E, Y is like the key for the encryption or the transition cypher. So that's when the index of coincidence is greater than 0.07. So just know what a transposition cypher is. We haven't really applied it much in class. So we know that the Caesar cypher is an easy encryption to decrypt. But again, we know since we already reforced it, we know that a visionary cypher might possibly be the next encryption. So to find the length of the key. So given an assignment three for the Allen test, we knew like one, if you eventually got the Allen test, you know the key was around six, or was it five, one of the two. So in the case that you can estimate that the key is really small, you can brute force to the key and split the encryption into end parts and solve from there on. There's something called a CAS, CAS key method, where you find repetitions in the cypher text and where they occur when characters of the key appear over the same characters in the plain text. So, I'm going to see if I can, let's see, can I, I'm going to let's see. How do I, there we go. I need to share my new screen. Here we go. Given this, given this PowerPoint right here looking at this slide. Okay, one second please. There we go. I'm looking at this slide we see just looking at this encryption we have to try to find all the possible repetitions in this, like, we can see here. EQ, OOG and EQ, OOG are one of the repetitions. So the CAS key method asks us to look at where can we find all the repetitions here possible in the cypher text. And by looking at it, where does it start. Where does it end, and what's the distance between, let's say, the, the first though, that's over here, right there. And the next though, that should, in this case, there's a distance of 30, and we calculate all the factors for it. And by calculating the factors for it. We might, there's has to be a guess that it's obviously one of these. And so, and by guessing and checking and like seeing like what has a lot of twos in it or what has a threes in it, we can try to guess that our period is probably six. But also, we can, going back to my slide, we can also take the index of coincidence again. So the index of coincidence comes pre calculated for different key lengths, for example, one is around 0.066 which makes sense because then it would be a Caesar type, which can be easily brute force to if a lender key, the key lengths to it's about 0.052 threes around 0.047 and on and on. So then once we find the key length, but take the IOC with a grain of salt again. In this case, for the example I had, let's see, going back to the PowerPoint, if they calculate the IOC to be around 0.043 and going back here we knew that 0.043 is between five and 10. So this comes close to the period, so that it should be around six, but sometimes the IOC can be wrong, because it's just a statistical measure once again. So it's not always going to be right. So then, then you split the Cypher text into its end parts going up here. Yeah, you establish the period, let's say you finally figured out it's six, you break the message into six parts then, because then you know each of the six parts have their respective encryption, like they each, so each of the six parts are in Cypher by the same key. So then you can easily brute that brute force by using a Caesar cycle. So now I'm going back to my slides. We are going to cover symmetric and asymmetric keys. Symmetric encryption is the simplest type, as we saw it can be the Caesar, Visionary Cypher, because you use the same key you use to encrypt any encrypted information. But the main disadvantage of that is that the keys need to be known by the two parties. So if I need to encrypt something and send it over your way, you need to know the key. And just getting the key to you is just going to make you open to a text, because people can get the keys somehow and use it for malicious users. So that's why asymmetric keys were invented. So it's also known as public key cryptography. This is where everybody has a public key and a secret key, but the secret keys only known to you, and the secret key decrypts your public key. So looking in the bottom left, if Bob wants to send a message to Alice, he encrypts it with Alice's public key, which everybody knows. But the thing is, if they want to decrypt that, they want to see what message Bob sent to Alice, they can't because the only way you can read Alice's public key or Bob's message was if only if you have Alice's secret slash private key. So only Alice has that so she can decrypt Bob's encrypted message, which therefore returns hello Alice to Alice herself. So the good thing about asymmetric encryption is that it allows for confidentiality, as you saw in the bottom left, but it also shows non repudiation. And this means that one party can't successfully dispute its authorship of a document or public communication. An example below says if Alice encrypts, let's say a message C, saying like hello world, the key, her secret key. And now that turns into an encrypted message A. Now anyone and everyone can use a public key to decrypt that message A that she created right there, which returns C. The point of non repudiation is not about confidentiality. This actually is like Alice wants to like say to everybody in the world that she actually made this message she wants to prove that this is actually her. So message authentication codes, a message authentication code is an encrypted checksum generated on the underlying message that is sent along with the message to ensure message authentication. The checksum is just like a value, which is added up when sent, like in this transaction right here, if it's just a bunch of bits and if a bit change the checksum notices that and going on to the next thing it shows like if a message was altered or the origin was falsified. So Macs are used to create a signature for a message between two parties. So the idea is more about origin authentication, rather than confidentiality, like between a web server and you. So if the authentication codes don't match the message was either altered or the origin was falsified so if we look in the bottom right again the sender sends a message he encrypts it with a key K, and he sends you the message and the Mac. So that means you must also have the key and you put it into your own Mac algorithm, which is the same as over here, and it returns a message authentication code and you compare if they're equal. And if you know they're unequal. It's either you know the message was altered, and if the message was altered, you know that the encrypted the encryption with the message and the key is going to be altered, or you know that the origin was falsified. One of the most important questions once again is that establishment of a shared shared secret that means both the center and the receiver needs to know the key care. And also you can provide non repudiation. Once again because either the message was altered or the origin was falsified. The message authentication codes don't align. And that's the end of my section. Thank you. Can anyone hear me now. Okay, so Tony already went over some of these access control concepts, but we're going to go over a few more of them again is everything that's in this PowerPoint should be most of what you need to know for the exam. Okay. The story of access control is basically who should be able to access what information on a system is general sense. So, and then we have authorization, which is what you were allowed to do on a particular system. It's a common mistake to think the access control and authorization are the same thing. They're definitely related but they're not exactly the same thing. So access control is the mechanism for and to enforce an authorization policy so you can have a policy about what users should be able to access what information and that can only written out. You have a predefined set of rules and then access control is the actual mechanism that enforces those rules. And then access control while you need to manage the risk on your system. You don't want just any user be able to access any file on your system, because you can't trust all users the same. And then just a quick note is that authorization is not the same as authentication. We're going to go over a whole another lecture on. Access control in this class we have three sets that will let's do that so the first is the set of subjects, which are these are basically the things in the system that can perform actions so in most cases in any system is going to be the user. That's not always the case, but generally, for our purposes it's going to be a user. So if you have a set of objects, which can be manipulated by the users, you're going to want to think of these as files. And then, of course, you have a set of rights and these are like what permissions subjects has over these different files in the system so read write execute stuff like that. So we use all those the three points to make an access control matrix, which is just a basic subjects and objects that is used stored in the system, so that you can specify specific subjects rights in that system. Okay, so there are two types of access control matrix is the one of them. The first one we're going to go over is access control lists. So access control lists are organized on a per object basis and that means basically that every, every file or object in the system is going to have its own column in the access control matrix. And within each of these columns, all the subjects and users will be listed and with the rights that they have in that system so you can see that illustrated on these images I took from the lecture slides over here. So you have the file, file name, not the name but the file at the top, and then the subjects listed down columns and their rights. The second type of access control matrix so we're going to go over is the capabilities. So these are organized in contrast to access control lists. These are per subject basis. So instead of having a column for every file like you do an access control list you're going to have a row for every different object or every different subject in the system or every different user. So and then, similar to an access control list you're going to have in each row, the rights of the different that the users have for different objects in the system. And then another concept I want to go over was the concept of least privilege. So this is the security goal of providing subjects or users with access to only the information that they need to have to perform their task you don't want to give them any more access or privileges and the need leads you open to potential risks. And then so going along with that concept of least privilege, compared to access control lists capability lists will provide you with a finer grained least privilege control for subjects. And why will this is because capability lists are on a per subject basis to control the minimum permissions for a subject, all you have to do in a capability list is go through every, every subject that you want to target. In contrast, if you're going to do the do this with access control lists you would have to go through every single, every single object and then go through every single subject in each one of those objects. So that's why it's easier to manage least privilege and for with a capability list. Okay. So, here are the five different main types of access control. I'll just quickly go over them. You should definitely know all these and also give some, be able to give some examples of what kind of situation you would want to use one in, or given a situation what, what, what method you would use to that would fit that situation best. So, first we have discretionary access control which is where the owner of the file controls who can access the object. And then we have mandatory access control so this is where the system itself actually will control the users access to objects based on predefined rules and we saw this in the lecture slides with those different military security clearance levels and we're going to get in more into that in a second. So the next we have originator controlled access control. So this is where the originator or the subject user or I guess file system initially made the object is the one who has control over permissions for that object. And then we also have role based access control. So each in this with this type of access control users are assigned different roles based on what they need to do in the system. And so each role will have a set of predefined permissions that are attached to it that these users are automatically given in that system. And lastly, there's attribute based access control. So every user in with this type of access control every user in the system is going to have a certain going to have certain attributes attached to their user profile. So users will be assigned permissions based on the sum of all their attributes and to do this complex Boolean expressions are used. Okay, so mandatory access control as we saw in during the lecture is pretty good for managing different security levels. So going back to the military example with top secret secret confidential and unclassified security levels. So each each object or file in the system is going to have a different security level associated with it. So this can be any one of those top secret secret, all that. And then so model this by having elbow is a security classification for certain object. And then the same manner each subject is going to have a security level associated with it as well. For this example we said the security conditions as fall. So as is able to read file, oh, if and only if the security classification of that subject is greater than or equal classification of that file, and as can write to So if not only if the security classification of that user is lower than the security classification of that specific file they're trying to write to. So as we just said users are able to read any file at or below their clearance level so if you're at this top secret clearance level you can read any, any file in that system at that point because you're at the highest level, but if you're, if you didn't have any clearance at all you're unclassified you would not be able to read anything that was above classified. And users in this type of system will be able to write to any file above or at their clearance level. So users will be able to write to files that they can't read using this model. And that's one because we saw that you cannot read above your security clearance level, but you can write above it, and users are not allowed to write below their security clearance level because they wouldn't want classified information getting out to people who are not cleared to read it. And then with that we have this concept of read down right up so this is just a good way to remember what what type of files certain users will be able to access in the system like this. So, going along with that the bill of casual model introduces the idea of different security categories that are attached to both subjects and objects and system. So yeah each file and user assigned a set of categories. So instead of being defined as only the security clearance level. Now objects and subjects both have the set of categories see attached to attach them. Similarly the security level LC dominates L prime C prime if and only if the that L prime is less than or equal to the security level of the of L, and if C prime is a subset of C. So remember C is the set of categories. So in this model we say that a subject can read an object if and only if that subject dominates that objects according to this that rule we just find. And a subject can write to an object if and only if that object dominates that subject. So here, we're going to go over a few examples of this model. I took this directly from the lecture slides. So where should I answer go through these so you can see here, a has top secret clearance and it's clear to look at files as the ace. What's called set of categories so. And then we see that. So let's go over a first can a read a top secret document with no category classifications. Since that document is at the same level of a security clearance top secret, and it doesn't require any categories to be viewed a can read that file. So can a right to a secret document that has an ace security clearance category. No, because a cannot write down as we went over before. So, if this a could write to this document if it was top secret clearance, however, since it is below a is current security level, it is not going to be able to write that document. And then can a read a top secret document that had that needs NATO and ace categories. No, because we see up at the top that a does not have NATO clearance. And then finally can a right to a top secret document that requires ace NATO clearance. So this is also going to be. Oh actually yeah this is yes it can write for that document because it is at the same clearance level as a so there's no issue with that. And then, even though a is not cleared for NATO documents they can still write to them it just would not be able to read them. Okay and then for B so we know that B has top secret clearance and has been assigned NATO and ace categories. So can a be right grid file, and that has a NATO classification. They're both secret and they, and the file is a classification categories a subset of these classification categories. And then be will be able to or will not be able to read a top secret document because we cannot read up so this would be trying to read something that you're not cleared for. So B would not be able to read this secret document that has ace and nuclear clearance because, as we can see up at the top that B is only for to read ace and it's not clear to read nuclear. And then finally, can be right to classified document that does not have any security categories attached to it. No because be as a secret clearance so writing down to document allow users who do not have any security clearance to view potentially classified information. So that is all I have for that point. Were there any questions. Okay. So we're going to go on to the next presentation. Alright, so I'm going to go over authentication today. I'm going to switch my screen. So, what's authentication. This is a disclaimer. This is authentication, authentication is you are, you're proving you, you're, you're proving yourself. What you are claiming to be. And what is authorization. It is what you can do on a system. And they are, they both are not the same. What are some of the authentication mechanisms. There are four. One is what you know. Now, that includes passwords, pin codes, pattern locks, or answering security security questions. What you possess. It means your phone that you used to do you factor authentication. And what you are is your fingerprints, your face ID, and you're at Nascence, and where you are is it's based on location. So let's say you are trying to log into your company server, but the company has restricted logins from outside the company, company network. This is the, this is a template indication system. It is a five turbo a means is the authentication provide information that proves identity. In case of plain text passwords, this could be the password that you put in into your login screen. See is the complimentary information used to validate authentication informations. In case of password. In that case, it will be the hash that stored on the server side. F is the complementation function, which is basically an encryption function that the server uses to convert your A to C. So you can think of it as the login screen and when you put in the password, it either gives you true if you put in the right password and it gives you error message if you put in the wrong password. And S is a selection function to enable the entity to create or alter A or C. So it means if you have, so once you're logged in, if you have rights to change or alter your password. So what, how can you attack authentication on a high level. So the goal for the attacker is to find a your password in plain text. There are two different approaches you can take either the attacker has the C. So the hash that stored or a tagger does not have C. In case where attacker has the hash of the function function, you need to basically find a such that when it's put in the encryption algorithm, it maps to C. In case when the attacker does not have a C. The goal is also to find a but in this case, you need to basically brute force. Using the putting all the possible combinations of plain text into the encrypting algorithm and finding if it's true or not. So how can you prevent attacks. There's three ways you can either hide the a the plain text in case of password systems, you can either hide F the encrypting algorithm encryption algorithm that's used, or you can hide C. That's the hash that's stored on the server side. You hide L your ask so you could either restrict logins to only certain IP addresses so as I said in the case before you can not allow any connections that are outside of the company server. How can you attack the authentication system. You can use dictionary attacks you can try all the possible words in the dictionary and try to guess if that's the right password. And it's easier than brute forcing because it has got a smaller search space, then going through all the possible different combinations. You have the rainbow tables which you basically have a pre computed hashes for the size of some key space so let's say you took your key space as one through eight so you have all the possible strings that can be just of the size one through eight. And then there's the encryption function and then there's the C, which is the hashing so you have a three top of those in case of a password system salts. So salts are basically random values that are added to a password before it is into the encryption algorithm, so it is usually publicly known. When you put in when you add salt to plain text, and if it's truly random, every time you use the encrypting algorithm, it will generate see every time. And these are some of the topics you should memorize. Authentication means proving you are who you claim to be authorization describes what you can do on the system types of authentication mechanisms are what you know examples will be passwords. Pins, as I said, what you possess will be your phone which you used to do dual factor authentication or USB USB keys that you used to that you plug into your computer to log in what you are is that includes your fingerprints or your face IDs or your retina scans. There you are is usually location based and keep these in mind hash functions are not used to encrypt values and salts are not added to slow the hashing process. So some of the topics you recently studied and Adam when I'm today in the class so good luck. So the first question asks, are hash functions used to encrypt values hash functions are not used to encrypt they are used to encrypt values. The actual attacks of the common foot and should be considered that's true. Unix ACO is an instantiation of an access control matrix, which is false. In the bill of what the doula model and subject as to read that is true. When as dumb though as can read read out, but when what's the reverse. So, oh, as as can write fresh 1.5. It's authentic authentication describes what you can do on the system. That's all this would have to be authorization, in order to be correct with authentication being rather are asking who you are on the system, other than what you can do. So the public security is not achievable, just because that new threats can always come about and planning according you can't plan ahead for new threats to come about. So security will be perfect. It's not added to slow the hashing process filter added to provide additional say that we use to users information running by the system. The technical components of security are just as important as the human components of security. There is. They're not more important. So this question will be false. The question. Okay. So the question 1.9, it asks security is the most important component of the system, or part of the organization. This question is a little bit more debatable, but I will, what we collectively set calls. My reasoning is that organizations need to be focusing on keeping the organization up and running. Revenue is an important aspect to an organization's long term functionality while security at that point might not be beneficial to improving on yet, but only until there's a reasoning to improve security to improve funds. Question 1.10 and an effective security policy must counter every conceivable threat. We say that is false since it there. So just like question 1.6. Perfect security being achievable. An effective security policy policy must counter every conceivable threat, but a security policy can only consider current threats and not new threats. There's always new threats being created. So, so like in the slide before cryptographic hash functions should be resistant to pre image attacks. That is true. The output of a cryptographic hash function should all should not be reversible hash functions should only be one way, meaning that a message goes through the hash. And now you have a hash value or a hat. You have some slot where it's hash to, and this process can be reversed, because it's almost impossible to reverse. That's why it should always be one way across. This control makes matrix is used to model what a subject, but what subjects have which rights on objects in such a common system. This is true. As we can see from the slides that Adam, or Adam has that in the actions control matrix model, these users are these right here are used our subjects. And these are also subjects here and actually right here are going to be files or objects. We can see that subjects have possible at possible rights on different or on other on other subjects. You should always build your own cryptographic systems. It should be false. The reason behind it was because you would have to place rules for other clients out. So other clients would need to know the cryptographic system in order to communicate. How AS is AS is standard. And everything has methods for encrypting and decrypting AS worldwide while your system is just well only to yourself and you'd have to give information on how to decrypt and encrypt using your own cryptographic system which would be, it wouldn't be easy for the user and it would be widely adopted. When using DS, ECB mode is more secure than CBC. We say it's false or it's false. What are the three components of security? The first component is confidentiality. This is the act of full information and confidence. Integrity is the second preventing on preventing unauthorized access. So prevention and detection is part of that as well. Availability. The service needs to be able to be accessed by authorized parties when needed. So this could be a coffee shop. This could be at the headquarters. It needs at home. It needs access that needs to be available. The interaction between security policies and security mechanisms believe in administrative body with a bylaws guidelines and restrictions for the population. That is under the administrative body and employees countermeasures. The security policy is a statement of what is allowed and the security mechanism enforces what the security what the security policy is through a method or a tool. So the policy could be not or don't drive over 45 miles per hour. And then the mechanism would be cops or enforcers. Your security officer for an organization and your organization has two groups of people who have conflict of interest and they want to be completely restricted in the flow. Information between these two. So there are multiple ways you can look at this in order to define it. So the creator of the files so the organization. Let's let's do clients. One client. Two. They have their own files that they relegate their own access to that could be the one solution. This way they couldn't access each other. So the clients would define their own rules that they can only access their own files. The other clients can't access their own or they can't access each other. Another way is to have the system do itself so your security officer for the organization can do it our system. So they control the system or the organization controls what client one can access and then what client to can access. And the main idea is to get it so that the client one has access over their own information. And then for the clients have access over their own information. So we need to like encapsulate their own data for themselves only. You're given some type of text and describe how it was encrypted and then describe how you would do it. One method is to check the frequency of each character and comparing it to the average English English frequencies. So average English is usually has higher frequency of vowels. A vowel will tend to be higher higher in frequency. And then we would compare that against the frequent are made frequency of the cyber text we create that we have. And we should see that there's some displacement between the higher frequency in the vowels of our English and then the higher frequency peaks in the site protects itself. And then once we have the frequency for our cipher text we can display use the distance between the highest frequency, the highest frequent characters of the English text and then our cipher text and then try checking if that is the key for the cipher question 16 public key and have a public and you have your own publicly in your own private key. How would you send a message to Alice so that only Alice can read it. First off, first off Alice sent us her public key. The public key is able to only encrypt. So we encrypt our text. The message actually. The encrypted message using Alice's key, because Alice can decrypt it with her own public key later. And then we also have to make sure that Alice knows that it's from us so we should, we want to sign Alice's public key with with my private key or our private key. And then we just sign, we ship these two off to Alice, Alice verifies that we signed her key, and then also we've been able to decrypt her, the decrypt our message that we sent off Alice with her private key. This is seven right. Yes. So there's three authentication message or mechanisms. What is what you know, so that can be a pass phrase, or it can be like, like a password, what you possess so that can be like a badge. That just shows that you have access to, or that you're, that you can't, or just want to authenticate authentication mechanisms you own, or it can be like a physical key, what you are. So this would resolve around biometrics and other types of biometrics so like retinal fingerprint, etc. So far this will be geolocation. So you can have, you have to be in the, if the company sets it up to where that you can only access the information at the headquarters, then there would be some sort of, there would be some sort of geolocation service that you would have to have on you like your phone or some sort of tracker or some way of verifying that you're actually at the location in order for it to be able to work. What are two types of properties that we want from a cryptographically secure hash function and for each property explain why we want that property. We want it to be secure. We want it to be accessible. So we have some infeasible to generate a message with the same hash value and to find different messages that hash to the same value. So what that means is we have M1 and we hash it and we go to slot, let's say slot one, but if we have M2 and we hash it. If it goes to slot one, then this is not secure and, and this shouldn't be possible. This should have its own. It should be to instead but ends up being one so this breaks the security, the secure property that we want from our system so M1 with hash one should always go to slot one. And M2 using the same hash always go to slot two for accessibility we want this function to be quick and deterministic so back to this key example that the same hash or the same message will always result in the same hash so M1 using hash one should always go to slot one. Always. So I saw a hand raised. Did someone raise their hand. I think we answered Nick. Yeah, he wanted you to go back to 1.1 and I'm sorry. The, my screen is full screen so I can't look at the chat. So go to one point. You said 1.1. 1.1 to 1.5. Okay. Oh wait, I only shared. I can just leave it like that. Should be fine. Go to the next five seconds. Hello everyone we're just reading your chat and then going back to the questions that you said. In terms of the exam format that is up for debate depending on what Adam will post on it. The midterm review is merely just a template of what he might put on it however depending on what his mood is or what questions he puts on the exam. It will be a can be different in nature and so us UGTS we don't have access to that. We can't go over explicitly what's going to be on the exam format. But I would, my recommendation is that if you study the concepts and you understand the concepts. Then you'll do, you'll do just fine on the exam. In regards to everything that you've seen here everything will be posted on items website or at least Adam will upload it to either Piazza or his own website with the video potentially to YouTube. And all of the slides that you've seen here in this presentation. So that if you ever have a need to go back to the presentation slides for example some of you have been asking some of the 1.1 to 1.15 questions, you can go back and view those as it is. A reminder if you're still unsure about some of the topics you can always email any of the UGTS and will help you in addition to that tomorrow Wednesday. Gabe, who is another UGTA will be leading an in person exam review session and so look at Piazza to know when that date is so that you can ask your final questions that you need to before the exam on Thursday. So with that being said, is there any last questions to be asked about anything exam related other than what has been asked. Now give around 30 seconds for people to write their question. It seems like no one is asking any questions so again I think everyone who's joined the video hopefully this was helpful. And again as a reminder everything that will be on this recording will be available to you very shortly. Thank you for watching and well thank you for attending.