December 1999
SC223 : COMPUTER SECURITY

QUESTION 5

Total Marks: 15 Marks

• Question 1
• Question 2
• Question 3
• Question 4
• Cover Page

SUGGESTED SOLUTIONS
Solutions and allocated marks are indicated in green.
Return to Question 5

Describe six varieties of network security service.
Network security services:

continuity of operations: ensure the network remains available; integrity: protect information from manipulation or modification in an unauthorized manner;
authentication: verify identity of data source or peer;
access control: protect resources from unauthorized access; confidentiality: protect protect information from unauthorized disclosure;
non-repudiation: prevent originators of message from denying responsibility.

(1 mark each; no description, no mark.)

Which is the lowest OSI layer to provide:
OSI security provisions (1 mark each):

(i) connection confidentiality?
(i) physical layer;

(ii) connectionless confidentiality?
(ii) data link layer;

(iii) authentication?
(iii) network layer;

(iv) connection integrity with recovery?
(iv) transport layer;

(v) non-repudiation?
(v) presentation layer.

Describe any four security services provided by the X400 electronic mail standard.
X400 security services:

• security labels, to classify types of mail;
• message origin authentication, for receiver to verify originator of mail;
• proof of submission, for submitter to verify submission;
• proof of delivery;
• secure access management, to provide authentication between peer entities;
• content integrity, to verify that message content has not been changed;
• content confidentiality, to prevent unauthorized disclosure;
• message sequence integrity;
• non-repudiation;
• double enveloping, enabling one message to be embedded within the body of another.

(1 mark each, up to 4 marks.)