Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Question 3. Security (20 marks) (a) Kerberos involves three (bi-directional) exchanges, one between the client and the Key Distribution Center (KDC), one between the client
Question 3. Security (20 marks) (a) Kerberos involves three (bi-directional) exchanges, one between the client and the Key Distribution Center (KDC), one between the client and the Ticket Granting Service (TGS), and one between the client and the server (S) chosen by the client. Describe the main Kerberos components and explain the purpose of each of the three exchanges mentioned above. (b) Describe some of how conventional Web applications are vulnerable to eavesdropping, cross-site request forgery, injections, replay and denial of service attacks. Suggest methods by which Web applications could be protected against each of these forms of attack. (c) There is no authentication in the Diffie-Hellman key-exchange protocol. By exploiting this property, a malicious third party can easily break into the key exchange taking place between Alice and Bob, and subsequently, ruin the security. Explain how this would work. (d) Suppose that you were asked to develop a distributed application that would allow the PEO office to set up exams. Give at least three state- ments that would be part of the security policy for such an application
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started