재안 IT 공부 일기장

[3] User AuthenticationThe process of verifying an identify claimed by or for a system entity 1. Identification 2. Verification Electronic User Authentication : confidence in user identity NIST SP 800-63-2 model credential binds an identidy to a token Registration 1. 사용자가 Registration Authority에게 요청 2. RA가 사용자를 인증 절차 진행 3. 성공하면, CSP에게 수락 메세지를 보냄 4. 수락 메세지를 받으면(crediential 포함), 사용자에게 토큰을 발급 5. CS..

[2] Cryptographic Tools Symmetric Encryption : single-key encryption - plaintext : original message - encryption algorithm - secret key - ciphertext : scrambled message - decryption algorithm 2 requirements - encryption algorithm : Block Ciphers- secret key shared by sender and recipient @Block Ciphers-  planetext, ciphertext, key size-  1) Data Encryption Standard (64, 64, 56)-  2) 3DES (64, 64..

[1] Computer Security Overview  Security Requirements (hardware, software, information) - confidentiality : not disclosed to unautorized 기밀성 - integrity : changed only by authorized 무결성 - availability : not denied to authorized 가용성 - authenticity : verify and trust one 확실성 - accountability : able to trace back uniquely 책임 누적성, 부인방지 Security Concepts and Relationships - adversary : 공격자 - attack :..