1. What is framework of Electronic commerce?
2. Name the three major components of I-Way?
3. Define EDI and give the layered architecture for EDI
4. Message handling model in MIME
5. What is mean by Advertising?
6. What are the properties of Mobile Software Agents?
7. What are the challenges faced by a companies in handling data
8. What are the steps involved in document oriented processes
9. What are the types of Compression Technique? Grief brief notes on them
10. Define MBONE & SONET
Part – B (1 * 16=16)
1. Explain Internet as a network infrastructure
(OR)
Explain components of the I-Way
2. Explain Token-based electronic payment system
(OR)
Explain working of EDI and financial EDI
3. Write notes on digital copyrights and electronic commerce
(OR)
Write notes on On-Line Advertising Paradigms
4. Explain the types of digital documents
(OR)
Explain the elements in building data warehouse
5. Explain about digital video and electronic commerce?
(OR)
Describe the concept of Broadband background?
Wednesday, April 8, 2009
Cryptography Unit V
System Level Security
Unit - V
1.What is an intruder?
A person who accessing a network in unauthorized manner is called as intruder.
2.What is intrusion detection system?
Intrusion detection system is a system for detection of unauthorized access to the system.
3.What are audit reports? Give its two forms.
Audit report is a fundamental tool for intrusion detecting. Two forms of audit records are
1. Native audit records.
2. Detective specific audit records
4.Define password protection.
Password protection is the format line protection against intruder to the system. A password authenticates the ID and provides security to the system.
5.Define malicious program.
A program that is intentionally included or inserted in a system for harmful purpose is malicious program.
6.What is a Virus?
A virus is piece of program code that can infect other programs by modifying them.
7.What is a worm?
A worm is a program designed to copy itself and send copies from a computer to other computer across the network.
8.What is a Trojan horse?
A Trojan horse is a computer program that appears to be useful but that actually does damage.
9.What is logic bomb?
A logic bomb is software embedded in some legitimate programs and is set to explode under certain conditions.
10.Enlist types of Viruses.
1. Parasitic Virus.
2. Memory resident virus.
3. Boot sector virus
4. Stealth virus.
11.What are the steps in virus removal process?
1. Detection of virus
2. Identification of virus
3. Removal of traces of virus.
12.What is generic decryption technology?
A generic decryption technology can detect most complex polymorphic viruses with fast scanning speed.
13.What is denial of service?
A denial of service is an attempt to prevent a genuine user of service from using it.
14.What are the design goals of firewalls?
1. All the traffic must pass through it.
2. Only authorized traffic is allowed to pass.
3. Firewall itself is immune to penetration.
15.Enlist commonly used firewalls from threats of security.
1. Packet filtering router.
2. Application level gateway.
3. Circuit level gateway.
16.Mention the classes of Intruders.
1. Masquerader: An unauthorized user who prevents a system access control and exploit a user account.
2. Misfeasor: A user who misuses his privileges.
3. Clandestine user: A user who seizes supervisory control of system to suppress audit collection.
17.List out the generations of antivirus technique?
1. First generation- Simple scanners
2. Second generations – Heuristic scanners
3. Third Generations – Activity traps and
4. Fourth Generations – Full featured protection
18.List out the advanced antivirus techniques?
Techniques are:
1. Generic Decryption Technology
2. Digital immune system.
19. Mention the techniques to control access and enforce the security policy?
1. Service control
2. Direction control
3. User control and
4. Behavior control.
20.What do you mean by trusted system?
A trusted system is a computer and operating system that can be verified to implement a given security policy. Typically, the focus of a trusted system is data access control. A policy is implemented that dictates what objects may be accessed.
Part-B
Unit – V
1.Explain in detail about password management system.
2.Explain the various kinds of viruses and how they act on systems and files in detail.
3.Explain in detail, intrusion detection mechanisms and its types.
4.Explain in detail, the various antivirus software mechanism used against the virus threat.
Unit - V
1.What is an intruder?
A person who accessing a network in unauthorized manner is called as intruder.
2.What is intrusion detection system?
Intrusion detection system is a system for detection of unauthorized access to the system.
3.What are audit reports? Give its two forms.
Audit report is a fundamental tool for intrusion detecting. Two forms of audit records are
1. Native audit records.
2. Detective specific audit records
4.Define password protection.
Password protection is the format line protection against intruder to the system. A password authenticates the ID and provides security to the system.
5.Define malicious program.
A program that is intentionally included or inserted in a system for harmful purpose is malicious program.
6.What is a Virus?
A virus is piece of program code that can infect other programs by modifying them.
7.What is a worm?
A worm is a program designed to copy itself and send copies from a computer to other computer across the network.
8.What is a Trojan horse?
A Trojan horse is a computer program that appears to be useful but that actually does damage.
9.What is logic bomb?
A logic bomb is software embedded in some legitimate programs and is set to explode under certain conditions.
10.Enlist types of Viruses.
1. Parasitic Virus.
2. Memory resident virus.
3. Boot sector virus
4. Stealth virus.
11.What are the steps in virus removal process?
1. Detection of virus
2. Identification of virus
3. Removal of traces of virus.
12.What is generic decryption technology?
A generic decryption technology can detect most complex polymorphic viruses with fast scanning speed.
13.What is denial of service?
A denial of service is an attempt to prevent a genuine user of service from using it.
14.What are the design goals of firewalls?
1. All the traffic must pass through it.
2. Only authorized traffic is allowed to pass.
3. Firewall itself is immune to penetration.
15.Enlist commonly used firewalls from threats of security.
1. Packet filtering router.
2. Application level gateway.
3. Circuit level gateway.
16.Mention the classes of Intruders.
1. Masquerader: An unauthorized user who prevents a system access control and exploit a user account.
2. Misfeasor: A user who misuses his privileges.
3. Clandestine user: A user who seizes supervisory control of system to suppress audit collection.
17.List out the generations of antivirus technique?
1. First generation- Simple scanners
2. Second generations – Heuristic scanners
3. Third Generations – Activity traps and
4. Fourth Generations – Full featured protection
18.List out the advanced antivirus techniques?
Techniques are:
1. Generic Decryption Technology
2. Digital immune system.
19. Mention the techniques to control access and enforce the security policy?
1. Service control
2. Direction control
3. User control and
4. Behavior control.
20.What do you mean by trusted system?
A trusted system is a computer and operating system that can be verified to implement a given security policy. Typically, the focus of a trusted system is data access control. A policy is implemented that dictates what objects may be accessed.
Part-B
Unit – V
1.Explain in detail about password management system.
2.Explain the various kinds of viruses and how they act on systems and files in detail.
3.Explain in detail, intrusion detection mechanisms and its types.
4.Explain in detail, the various antivirus software mechanism used against the virus threat.
Cryptography Unit IV
Unit – IV
Network Security
1.Why does PGP generate a signature before applying compression?
The signature is generated before compression due to 2 reasons:
•It is preferable to sign an uncompressed message so that one can store only the uncompressed message together with the signature for future verification.
• Even if one were willing to generate dynamically a recompressed message for verification, PGP’s compression algorithm presents a difficult.
2.Why is R 64 conversion useful for email generation?
The Radix 64 conversion is performed before the segmentation of the messages take place. The use of radix 64 is that it converts he input stream to 33%. The radix 64 converts the input stream to radix 64 format.
3.What is MIME?
Multipurpose Internet Mail Extension (MIME) is an extension to the RFC 822 framework that is intended to address some of the problems and limitations of these uses of SMTP.
4.What is S/MIME?
Secure / Multipurpose Internet Mail Extension is a security enhancement to the MIME Internet e-mail format standard, based on technology from RSA Data Security. It is ability to sign and / or encrypt messages.
5.What services are provided by IPSec?
Services provided by IPSec.
• Access control
• Connectionless integrity
• Data origin authentication
• Rejection of replayed packets.
6.What is the difference between Transport mode and Tunnel mode?
Transport mode
1. It provides protection for upper layer protocols.
2.Used for end-to-end communication between two host.
3.Authenticates IP payload and selected portions of IP header and IPV6 extension header.
Tunnel mode
1.It provides protection to the entire IP packet.
2.It is used when one or both ends of an SA is a security gateway, such as firewall or router that implement IPSec
3.Authenticates entire inner IP packet plus selected portions of outer IP header and outer IPV6 extension header.
7.What is replay attack?
A replay attack is one which an attacker obtains a copy of an authenticated packet and the later transmits it to the intended destination.
8.What is the difference between an SSL connection and an SSL session?
A connection is a transport that provides a suitable type of service. For SSL,
Such connections are peer-to-peer relationships. The connections are transient. An SSL session is an association between a client and a server. Sessions are created by the Handshake Protocol. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections.
9.Why does ESP include a padding field?
Padding field is added to the ESP to provide partial traffic flow confidentiality by concealing the actual length of the payload.
10.What problem was Kerberos designed to address?
The problem that Kerberos addresses is this assumes an open distributed environment in which users at workstations wish to access services on servers distributed throughput the network. We would like for servers to be able to restrict access to authorized users and to be able to authenticate requests for service. In this environment a workstation cannot be trusted to identify its users correctly to network services.
11.What are the requirements of Kerberos?
Requirements for Kerberos are : Secure, Reliable, Transparent and Scalable.
12.What entities constitute a full-service Kerberos environment?
A full service environment consists of a Kerberos server, a number of clients and a number of application servers.
13.What is the need of segmentation and reassembly function in PGP?
E-mail facilities often are restricted to a maximum message length. To accommodate this restriction,PGP automatically subdivides a message that is too large into segments that are small enough to send via e-mail. This segmentation is done after all of the other processing, including the radix-64 conversion. Thus, the session key component and signature component appear only once, at the beginning of the first segment.
14.How does PGP use the concept of trust?
PGP provide a convenient means of using trust, associating trust with public keys, and exploiting trust information. Each entry in the pubic key ring is a public key certificate. Associated with each such entry is a key legitimate field that indicates the extent to which PGP will trust that this is a valid public key for this user; the higher level of trust, the stronger is the binding of this user ID to this key.
15.What are the technical deficiencies encountered in Kerberos version 4?
The technical deficiencies encountered in Kerberos version 4 are
• Double encryption
• PCBC encryption
• Session keys
• Password attacks
16.Write about X.509.
X.509 is based on the use of public key cryptography and digital signatures. It does not insist a specific algorithm but recommends RSA.
17.What is meant by Certificate policies?
Certificate may be used in environments where multiple policies apply. This extension lists policies that the certificate is recognized as supporting together with optional qualifier information.
18.Mention the elements of the Certificate.
Elements of the certificate are,
• Version
• Serial number
• Signature algorithm identifier
• Issuer name.
19.What are policy mappings?
Policy mappings are used only in certificates for CA’s issued by other CA’s. Policy mappings allow an issuing CA to indicate that one or more of that issuer’s policies can be considered equivalent to another policy used in the subject CA’s domain.
20.Describe about content type.
Content type explains the data contacted in the body with sufficient detail that the receiving user or otherwise deal with the data in an appropriate manner.
Part-B
1.Explain in detail, how the Kerberos version 5 is advantageous over Kerberos version 4.
2.Explain in detail, S/MIME & MIME.
3.Explain in detail, how electronic mail security is done.
4.Explain in detail about PGP?
5. Explain in detail, how web security is achieved?
Network Security
1.Why does PGP generate a signature before applying compression?
The signature is generated before compression due to 2 reasons:
•It is preferable to sign an uncompressed message so that one can store only the uncompressed message together with the signature for future verification.
• Even if one were willing to generate dynamically a recompressed message for verification, PGP’s compression algorithm presents a difficult.
2.Why is R 64 conversion useful for email generation?
The Radix 64 conversion is performed before the segmentation of the messages take place. The use of radix 64 is that it converts he input stream to 33%. The radix 64 converts the input stream to radix 64 format.
3.What is MIME?
Multipurpose Internet Mail Extension (MIME) is an extension to the RFC 822 framework that is intended to address some of the problems and limitations of these uses of SMTP.
4.What is S/MIME?
Secure / Multipurpose Internet Mail Extension is a security enhancement to the MIME Internet e-mail format standard, based on technology from RSA Data Security. It is ability to sign and / or encrypt messages.
5.What services are provided by IPSec?
Services provided by IPSec.
• Access control
• Connectionless integrity
• Data origin authentication
• Rejection of replayed packets.
6.What is the difference between Transport mode and Tunnel mode?
Transport mode
1. It provides protection for upper layer protocols.
2.Used for end-to-end communication between two host.
3.Authenticates IP payload and selected portions of IP header and IPV6 extension header.
Tunnel mode
1.It provides protection to the entire IP packet.
2.It is used when one or both ends of an SA is a security gateway, such as firewall or router that implement IPSec
3.Authenticates entire inner IP packet plus selected portions of outer IP header and outer IPV6 extension header.
7.What is replay attack?
A replay attack is one which an attacker obtains a copy of an authenticated packet and the later transmits it to the intended destination.
8.What is the difference between an SSL connection and an SSL session?
A connection is a transport that provides a suitable type of service. For SSL,
Such connections are peer-to-peer relationships. The connections are transient. An SSL session is an association between a client and a server. Sessions are created by the Handshake Protocol. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections.
9.Why does ESP include a padding field?
Padding field is added to the ESP to provide partial traffic flow confidentiality by concealing the actual length of the payload.
10.What problem was Kerberos designed to address?
The problem that Kerberos addresses is this assumes an open distributed environment in which users at workstations wish to access services on servers distributed throughput the network. We would like for servers to be able to restrict access to authorized users and to be able to authenticate requests for service. In this environment a workstation cannot be trusted to identify its users correctly to network services.
11.What are the requirements of Kerberos?
Requirements for Kerberos are : Secure, Reliable, Transparent and Scalable.
12.What entities constitute a full-service Kerberos environment?
A full service environment consists of a Kerberos server, a number of clients and a number of application servers.
13.What is the need of segmentation and reassembly function in PGP?
E-mail facilities often are restricted to a maximum message length. To accommodate this restriction,PGP automatically subdivides a message that is too large into segments that are small enough to send via e-mail. This segmentation is done after all of the other processing, including the radix-64 conversion. Thus, the session key component and signature component appear only once, at the beginning of the first segment.
14.How does PGP use the concept of trust?
PGP provide a convenient means of using trust, associating trust with public keys, and exploiting trust information. Each entry in the pubic key ring is a public key certificate. Associated with each such entry is a key legitimate field that indicates the extent to which PGP will trust that this is a valid public key for this user; the higher level of trust, the stronger is the binding of this user ID to this key.
15.What are the technical deficiencies encountered in Kerberos version 4?
The technical deficiencies encountered in Kerberos version 4 are
• Double encryption
• PCBC encryption
• Session keys
• Password attacks
16.Write about X.509.
X.509 is based on the use of public key cryptography and digital signatures. It does not insist a specific algorithm but recommends RSA.
17.What is meant by Certificate policies?
Certificate may be used in environments where multiple policies apply. This extension lists policies that the certificate is recognized as supporting together with optional qualifier information.
18.Mention the elements of the Certificate.
Elements of the certificate are,
• Version
• Serial number
• Signature algorithm identifier
• Issuer name.
19.What are policy mappings?
Policy mappings are used only in certificates for CA’s issued by other CA’s. Policy mappings allow an issuing CA to indicate that one or more of that issuer’s policies can be considered equivalent to another policy used in the subject CA’s domain.
20.Describe about content type.
Content type explains the data contacted in the body with sufficient detail that the receiving user or otherwise deal with the data in an appropriate manner.
Part-B
1.Explain in detail, how the Kerberos version 5 is advantageous over Kerberos version 4.
2.Explain in detail, S/MIME & MIME.
3.Explain in detail, how electronic mail security is done.
4.Explain in detail about PGP?
5. Explain in detail, how web security is achieved?
Cryptography Unit III
Unit – III
Authentication and Hash Function
1. What is Hash function?
A Hash function H is a transformation that takes a variable-size input m and return a fixed-size string, which is called the hash value h (that is, h = H(m)). Hash functions with just this property have a variety of general computational uses, but when employed in cryptography the hash functions are usually chosen to have some additional properties. The basic requirements for a cryptography hash functions are:
• The input can be of any length,
• The output has a fixed length,
• H(x) is relatively easy to compute for any given x,
• H(x) is one way,
• H(x) is collision-free.
2. What types of attacks are addressed by message authentication?
• Content modification: Changes to the contents of the message.
• Sequence modification: Any modification to a sequence of messages between parties, including insertion, deletion and recording.
• Timing modification: Delay or replay of messages.
3. What is the use of digital signature?
Data appended to, or a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.
4. What two levels of functionality comprise a message authentication or digital signature mechanism?
Two levels of functionality comprise a message authentication or digital signature mechanisms are Low level authentication and High level authentication. At the lower level there must be some sort of function that produces an authenticator: a value to be used to authenticate a message. This lower level function is then used as primitive in a higher-level authentication protocol that enables a receiver to verify the authenticity of message.
5. What is message authentication code?
An alternative authentication technique involves the use of a small fixed size block of data, known as a cryptographic checksum or MAC that is appended to the message.
6. What is the difference between a message authentication code and a one-way hash function?
The difference between a message authentication code and a one-way hash function is that Unlike a MAC, a hash code does not use a key but is a function only of the input message
7. Is it necessary to recover the secret key in order to attack a MAC algorithm?
A number of keys will produce the correct MAC and the opponent has no way of knowing which the correct key is. On an average 2(n-k) keys produce a match. Therefore attacks do not require the discovery of the key.
8. What is the difference between a strong and a weak collision resistance?
• For any given value h it is computationally infeasible to find y = x with H(y) = H(x). This is “weak collision resistance”. It is one way property. It is easy to generate a code given a message, but almost impossible to do the reverse.
• It is computationally infeasible to find any pair(x,y) such that an alternative message hashing to the same value as a given message cannot be found. This prevents forgery.
9. What is the function of a compression function in a hash function?
The hash function involves repeated use of compression function; The motivation is that if the compression function is collision resistant, then the hash function is also collision resistant function. So a secure hash function can be produced.
10. What is a birthday attack?
A birthday attack is a name used to refer to class of brute-force attacks. It gets its name from the surprising result that the probability that two or more people in a group of 23 share the same birthday as greater than ½ ; such a result is called a birthday paradox.
11. What is the utility of a detached signature?
A detached signature may be stored and transmitted separately from the message it signs. This is useful in several contexts. A user may wish to maintain a separate log of all messages sent or received. A detached signature of an executable program can detect subsequent virus infection. Finally detached signature can be used when more than one party must sign a document, such a legal contract.
12. What is the advantage of symmetric encryption?
Symmetric encryption provides both authentication and confidentiality.
13. Name any three contents in which MAC algorithm is used?
The three contents used in MAC algorithm are
a.Broadcasting
b. An exchange in which the number of incoming messages is more.
c. Authentication of a computer program in plain text is an attractive service.
14. What are the steps involved in MD5 logic?
The steps involved in MD5 logic are,
a. Append padding bits
b. Append length
c. Initialize MD buffer
d. Process message in 512 bit(16 word) blocks
e. Output.
15. Mention the differences between MD4 and MD5.
The differences between MD4 and MD5 logic are:
i. MD4 uses three rounds of 16 steps each whereas MD5 uses four rounds of 16 steps each.
ii. In MD4, no additive constant is used in the first round. The same additive constant is used for each of the steps of the second round. Another additive constant is used for each of the steps of the third round. In MD5, a different additive constant. T(i) is used for each of the 64 steps.
16. Expand SHA?
SHA- Secure Hash A1gorithm.
It was developed by the National Institute of Standards and Technology and published as a federal information processing standard in1993. A revised version was issued as FIPS 180.1 in 1995 and is generally referred to as SHA-1.
17. What are the required properties of digital signatures?
The required properties of digital signatures are,
• It must verify the author and the date and time of the signature.
• It must authenticate the contents at the time of the signature.
• It must be verifiable by third parties to resolve disputes.
18. How are replay attacks handled?
By attacking a sequence number to each message used in an authentication exchange. A new message is accepted only if the sequence number is in order.
19. What is the alternate for sequence numbers to avoid replay attacks?
The alternate for sequence number in solving replay attacks is,
• Time stamps
• Challenge response
20. What is meant by suppress-replay attacks?
An opponent can intercept a message from the sender and replay it later when the time stamp in the message becomes correct at the recipients site. This replay could cause unexpected results. Such attacks are called suppress-replay attacks.
Part-B
1. Explain in detail, the message authentication code.
2. Explain in detail, the MD5(Message Digestive Algorithm)
3. Explain in detail, protocols, functions and requirements for authentication.
4. Explain in detail, the secure hash algorithm
5. Explain in detail, the MAC based on DES.
Authentication and Hash Function
1. What is Hash function?
A Hash function H is a transformation that takes a variable-size input m and return a fixed-size string, which is called the hash value h (that is, h = H(m)). Hash functions with just this property have a variety of general computational uses, but when employed in cryptography the hash functions are usually chosen to have some additional properties. The basic requirements for a cryptography hash functions are:
• The input can be of any length,
• The output has a fixed length,
• H(x) is relatively easy to compute for any given x,
• H(x) is one way,
• H(x) is collision-free.
2. What types of attacks are addressed by message authentication?
• Content modification: Changes to the contents of the message.
• Sequence modification: Any modification to a sequence of messages between parties, including insertion, deletion and recording.
• Timing modification: Delay or replay of messages.
3. What is the use of digital signature?
Data appended to, or a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.
4. What two levels of functionality comprise a message authentication or digital signature mechanism?
Two levels of functionality comprise a message authentication or digital signature mechanisms are Low level authentication and High level authentication. At the lower level there must be some sort of function that produces an authenticator: a value to be used to authenticate a message. This lower level function is then used as primitive in a higher-level authentication protocol that enables a receiver to verify the authenticity of message.
5. What is message authentication code?
An alternative authentication technique involves the use of a small fixed size block of data, known as a cryptographic checksum or MAC that is appended to the message.
6. What is the difference between a message authentication code and a one-way hash function?
The difference between a message authentication code and a one-way hash function is that Unlike a MAC, a hash code does not use a key but is a function only of the input message
7. Is it necessary to recover the secret key in order to attack a MAC algorithm?
A number of keys will produce the correct MAC and the opponent has no way of knowing which the correct key is. On an average 2(n-k) keys produce a match. Therefore attacks do not require the discovery of the key.
8. What is the difference between a strong and a weak collision resistance?
• For any given value h it is computationally infeasible to find y = x with H(y) = H(x). This is “weak collision resistance”. It is one way property. It is easy to generate a code given a message, but almost impossible to do the reverse.
• It is computationally infeasible to find any pair(x,y) such that an alternative message hashing to the same value as a given message cannot be found. This prevents forgery.
9. What is the function of a compression function in a hash function?
The hash function involves repeated use of compression function; The motivation is that if the compression function is collision resistant, then the hash function is also collision resistant function. So a secure hash function can be produced.
10. What is a birthday attack?
A birthday attack is a name used to refer to class of brute-force attacks. It gets its name from the surprising result that the probability that two or more people in a group of 23 share the same birthday as greater than ½ ; such a result is called a birthday paradox.
11. What is the utility of a detached signature?
A detached signature may be stored and transmitted separately from the message it signs. This is useful in several contexts. A user may wish to maintain a separate log of all messages sent or received. A detached signature of an executable program can detect subsequent virus infection. Finally detached signature can be used when more than one party must sign a document, such a legal contract.
12. What is the advantage of symmetric encryption?
Symmetric encryption provides both authentication and confidentiality.
13. Name any three contents in which MAC algorithm is used?
The three contents used in MAC algorithm are
a.Broadcasting
b. An exchange in which the number of incoming messages is more.
c. Authentication of a computer program in plain text is an attractive service.
14. What are the steps involved in MD5 logic?
The steps involved in MD5 logic are,
a. Append padding bits
b. Append length
c. Initialize MD buffer
d. Process message in 512 bit(16 word) blocks
e. Output.
15. Mention the differences between MD4 and MD5.
The differences between MD4 and MD5 logic are:
i. MD4 uses three rounds of 16 steps each whereas MD5 uses four rounds of 16 steps each.
ii. In MD4, no additive constant is used in the first round. The same additive constant is used for each of the steps of the second round. Another additive constant is used for each of the steps of the third round. In MD5, a different additive constant. T(i) is used for each of the 64 steps.
16. Expand SHA?
SHA- Secure Hash A1gorithm.
It was developed by the National Institute of Standards and Technology and published as a federal information processing standard in1993. A revised version was issued as FIPS 180.1 in 1995 and is generally referred to as SHA-1.
17. What are the required properties of digital signatures?
The required properties of digital signatures are,
• It must verify the author and the date and time of the signature.
• It must authenticate the contents at the time of the signature.
• It must be verifiable by third parties to resolve disputes.
18. How are replay attacks handled?
By attacking a sequence number to each message used in an authentication exchange. A new message is accepted only if the sequence number is in order.
19. What is the alternate for sequence numbers to avoid replay attacks?
The alternate for sequence number in solving replay attacks is,
• Time stamps
• Challenge response
20. What is meant by suppress-replay attacks?
An opponent can intercept a message from the sender and replay it later when the time stamp in the message becomes correct at the recipients site. This replay could cause unexpected results. Such attacks are called suppress-replay attacks.
Part-B
1. Explain in detail, the message authentication code.
2. Explain in detail, the MD5(Message Digestive Algorithm)
3. Explain in detail, protocols, functions and requirements for authentication.
4. Explain in detail, the secure hash algorithm
5. Explain in detail, the MAC based on DES.
Cryptography Unit II
Unit- II
Public Key Cryptography
1. What is meant by Diffie-Hellman key exchange?
The purpose for this algorithm is to enable two users to exchange a key securely that can then be used for subsequent encryption of messages. It depends for its effectiveness on the difficulty of computing discrete logarithms.
2. Compare the Symmetric and Asymmetric key cryptography.
S.No Symmetric key cryptography Asymmetric key cryptography
1. Same key is used for encryption and decryption. One key is used for encryption and decryption.
2. Very fast. Slower.
3. Key exchange is big problem. Key exchange is not problem.
4. Key must be kept secret. One of the two keys must be kept secret.
3. Define Fermat’s theorem.
Fermat’s theorem states that, if p is prime number and a is a +ve integer not divisible
by p then a p-1= 1(mod p).
4. What is a trapdoor one-way function?
A Trapdoor One-Way Function is a one-way function for which the inverse direction is given a certain piece of information (the trapdoor), but difficult otherwise.
5. Are strong primes necessary in RSA?
In the literature pertaining to RSA, it has often been suggested that in choosing a key pair, one should use so-called “strong” primes p and q to generate the modules n. Strong primes are those with certain properties that make the product n hard to factor by specific factoring methods; such properties have included, for example, the existence of a large prime factor of p – 1 and a large prime factor of p+1. The reason for the concerns is that some factoring methods are especially suited to primes p such that p-1 or p+1 have only small factors; strong primes are resistant to these attacks.
6. What is meant by EIGamal cryptosystem?
The EIGamal system is a public-key cryptosystem based on the discrete logarithm problem. It consists of both encryption and signature algorithms. The encryption algorithm is similar in nature to the Diffie-Hellman key agreement protocol. The system parameters consist of a prime p and an integer g, whose powers modulo p generate a large number of elements, as in Diffie-Hellman. Alice has a private key and a public key y,
where y = gk (mod p). Suppose Bob wishes to send a message m to Alice. Bob first generates a random number k less than p. He then computes y1=gk (mod p) and y2=m XOR yk, where XOR denotes the bit-wise exclusive-or. Bob sends (y1, y2) to Alice.
7. What are Elliptic curve cryptosystems?
Elliptic curve cryptosystems are analogs of public-key cryptosystems such as RSA and EIGamal in which modular multiplication is replaced by the elliptic curve addition operation. The curves used in elliptic curve analogs of discrete logarithm cryptosystems are normally of the form y2=x3+ax+b (mod p), where p is prime. The problem tapped by the discrete logarithm analogs in elliptic curves is the elliptic curve logarithm problem, defined as follows: given a point G on an elliptic curve with order r (number of points on the curve) and another point Y on the curve, find a unique x(0 * r – 1) such that Y = xG, i.e., Y is the xth multiple of G.
8. What is differential cryptanalysis?
Differential cryptanalysis is a type of attack that can be mounted on iterative block ciphers. Differential cryptanalysis is basically a chosen plaintext attack and relies on an analysis of the evolution of the differences between two related plaintexts as they are encrypted under the same key. By careful analysis of the available data, probabilities can be assigned to each of the possible keys and eventually the most probable key is identified as the correct one.
12. What is Linear cryptanalysis?
Linear cryptanalysis is a known plaintext attack and uses a linear approximation to describe the behavior of the block cipher. Given sufficient pairs of plaintext and corresponding cipher text, bits of information about the key can be obtained and increased amounts of data will usually give a higher probability of success.
CBC mode is as secure as the underlying block cipher against standard attacks.
13. For long messages, RSA will be applied in blocks. If the block is very small, say it contains only one letter in each block, will the encryption be secure?
No. If the block contains only one letter, then each letter will be mapped to a fixed replacement. Thus it will become a substitution cipher and the cipher can be broken using frequency analysis.
14. What are the essential ingredients of a public-key directory?
• The authority maintains a directory with a entry for each participant.
• Each participant registers a public key with the directory authority.
• A participant may replace the existing key with a new one at any time.
• Participants could also access the directory electronically.
15. What is public-key certificate?
The public-key authority could be a bottleneck in the system, for a User must appeal to the authority for a public key for every other user that it wishes to contact, As before the directory of names and public keys maintained by the authority is vulnerable to tempering.
16. What are the requirements for the use of a public key certificate scheme?
• Any participant can read a certificate to determine the name and public key of the certificate’s owner.
• Any participant can verify that the certificate originated from the certificate authority and is not counterfeit
• Only the certificate authority can create and update certificates.
• Any participant can verify the currency of the certificate.
17. What is the life cycle of a key?
Keys have limited lifetimes for a number of reasons. The most important reason is protection against cryptanalysis. Each time the key is used, it generates a number of cipher texts. Ford describes the life cycle of a key as follows:
• Key generations and possibly registration for a public key.
• Key distribution
• Key activation/ deactivation
• Key replacement or key update
• Key revocation
• Key termination, involving destruction and possibly archival.
18. Define Fermat’s theorem.
Fermat’s theorem states the following.
If p is prime and a is positive integer not divisible by p, then
ap-1=1 mod p.
19. Define Euler’s theorem.
Euler’s theorem states that for every a and ‘n’ that are relatively prime.
aO (n)=1 mod n.
20. How can the timing attacks be remedied?
The timing attacks can be remedied by,
a. Constant exponentiation time.
b. Random delay
c. Blinding.
21. In RSA system, the public key of a given user is e = 31, n =3599, what is the private key of this user.
22. Explain the two ways for distributing secret keys using public key.
Part-B
1. Explain in detail, how key management is done in public key cryptography
2. Explain in detail, Diffie-Hellmann key exchange
3. Write about public key cryptography and RSA in detail
4. Define and prove Euler’s theorem and Fermat’s theorem.
5. Explain in detail, the elliptic curve architecture.
Public Key Cryptography
1. What is meant by Diffie-Hellman key exchange?
The purpose for this algorithm is to enable two users to exchange a key securely that can then be used for subsequent encryption of messages. It depends for its effectiveness on the difficulty of computing discrete logarithms.
2. Compare the Symmetric and Asymmetric key cryptography.
S.No Symmetric key cryptography Asymmetric key cryptography
1. Same key is used for encryption and decryption. One key is used for encryption and decryption.
2. Very fast. Slower.
3. Key exchange is big problem. Key exchange is not problem.
4. Key must be kept secret. One of the two keys must be kept secret.
3. Define Fermat’s theorem.
Fermat’s theorem states that, if p is prime number and a is a +ve integer not divisible
by p then a p-1= 1(mod p).
4. What is a trapdoor one-way function?
A Trapdoor One-Way Function is a one-way function for which the inverse direction is given a certain piece of information (the trapdoor), but difficult otherwise.
5. Are strong primes necessary in RSA?
In the literature pertaining to RSA, it has often been suggested that in choosing a key pair, one should use so-called “strong” primes p and q to generate the modules n. Strong primes are those with certain properties that make the product n hard to factor by specific factoring methods; such properties have included, for example, the existence of a large prime factor of p – 1 and a large prime factor of p+1. The reason for the concerns is that some factoring methods are especially suited to primes p such that p-1 or p+1 have only small factors; strong primes are resistant to these attacks.
6. What is meant by EIGamal cryptosystem?
The EIGamal system is a public-key cryptosystem based on the discrete logarithm problem. It consists of both encryption and signature algorithms. The encryption algorithm is similar in nature to the Diffie-Hellman key agreement protocol. The system parameters consist of a prime p and an integer g, whose powers modulo p generate a large number of elements, as in Diffie-Hellman. Alice has a private key and a public key y,
where y = gk (mod p). Suppose Bob wishes to send a message m to Alice. Bob first generates a random number k less than p. He then computes y1=gk (mod p) and y2=m XOR yk, where XOR denotes the bit-wise exclusive-or. Bob sends (y1, y2) to Alice.
7. What are Elliptic curve cryptosystems?
Elliptic curve cryptosystems are analogs of public-key cryptosystems such as RSA and EIGamal in which modular multiplication is replaced by the elliptic curve addition operation. The curves used in elliptic curve analogs of discrete logarithm cryptosystems are normally of the form y2=x3+ax+b (mod p), where p is prime. The problem tapped by the discrete logarithm analogs in elliptic curves is the elliptic curve logarithm problem, defined as follows: given a point G on an elliptic curve with order r (number of points on the curve) and another point Y on the curve, find a unique x(0 * r – 1) such that Y = xG, i.e., Y is the xth multiple of G.
8. What is differential cryptanalysis?
Differential cryptanalysis is a type of attack that can be mounted on iterative block ciphers. Differential cryptanalysis is basically a chosen plaintext attack and relies on an analysis of the evolution of the differences between two related plaintexts as they are encrypted under the same key. By careful analysis of the available data, probabilities can be assigned to each of the possible keys and eventually the most probable key is identified as the correct one.
12. What is Linear cryptanalysis?
Linear cryptanalysis is a known plaintext attack and uses a linear approximation to describe the behavior of the block cipher. Given sufficient pairs of plaintext and corresponding cipher text, bits of information about the key can be obtained and increased amounts of data will usually give a higher probability of success.
CBC mode is as secure as the underlying block cipher against standard attacks.
13. For long messages, RSA will be applied in blocks. If the block is very small, say it contains only one letter in each block, will the encryption be secure?
No. If the block contains only one letter, then each letter will be mapped to a fixed replacement. Thus it will become a substitution cipher and the cipher can be broken using frequency analysis.
14. What are the essential ingredients of a public-key directory?
• The authority maintains a directory with a entry for each participant.
• Each participant registers a public key with the directory authority.
• A participant may replace the existing key with a new one at any time.
• Participants could also access the directory electronically.
15. What is public-key certificate?
The public-key authority could be a bottleneck in the system, for a User must appeal to the authority for a public key for every other user that it wishes to contact, As before the directory of names and public keys maintained by the authority is vulnerable to tempering.
16. What are the requirements for the use of a public key certificate scheme?
• Any participant can read a certificate to determine the name and public key of the certificate’s owner.
• Any participant can verify that the certificate originated from the certificate authority and is not counterfeit
• Only the certificate authority can create and update certificates.
• Any participant can verify the currency of the certificate.
17. What is the life cycle of a key?
Keys have limited lifetimes for a number of reasons. The most important reason is protection against cryptanalysis. Each time the key is used, it generates a number of cipher texts. Ford describes the life cycle of a key as follows:
• Key generations and possibly registration for a public key.
• Key distribution
• Key activation/ deactivation
• Key replacement or key update
• Key revocation
• Key termination, involving destruction and possibly archival.
18. Define Fermat’s theorem.
Fermat’s theorem states the following.
If p is prime and a is positive integer not divisible by p, then
ap-1=1 mod p.
19. Define Euler’s theorem.
Euler’s theorem states that for every a and ‘n’ that are relatively prime.
aO (n)=1 mod n.
20. How can the timing attacks be remedied?
The timing attacks can be remedied by,
a. Constant exponentiation time.
b. Random delay
c. Blinding.
21. In RSA system, the public key of a given user is e = 31, n =3599, what is the private key of this user.
22. Explain the two ways for distributing secret keys using public key.
Part-B
1. Explain in detail, how key management is done in public key cryptography
2. Explain in detail, Diffie-Hellmann key exchange
3. Write about public key cryptography and RSA in detail
4. Define and prove Euler’s theorem and Fermat’s theorem.
5. Explain in detail, the elliptic curve architecture.
cryptography Unit I
Cryptography and Network Security
Unit – I
Introduction to Cryptography
- What is Security mechanism?
A security mechanism is any process that is designed to detect, prevent or recover from a security attack.
- What is meant by threat?
A potential for violation of security, which exists when there is a circumstances, capability, action or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability.
- What is Encipherment?
The use of mathematical algorithms to transform data into a form that is not really intelligible. The transformation and subsequent recovery of the data depend in an algorithm and zero or more encryption keys.
- What are the four basic tasks in designing a particular security service?
Four Basic tasks in designing a particular security service are:
1. Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop method for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principle that makes use of the security algorithm and the secret information to achieve a particular security.
5. What is passive attack?
Passive attacks are in the nature eavesdropping on, are monitoring of, and transmission. Two types of Passive attacks are release of message contents and traffic analysis.
6. What is Active attack?
An Active attack involves some modifications of data stream or the creation of false.
7. What are the aspects of information security?
There are three aspects of Information security i.e. security attacks, security mechanism and security services.
8. List some common information integrity functions ?
Identification, Authorization, Concurrence, liability, endorsement, validation, time of occurrence and registration.
9. Define a threat?
A Potential for violation of security, which exists when there is circumstances, capability, action or event that could breach security and cause harm. i.e. threat is possible danger that might exploit vulnerability.
10. Define an Attack?
An Attack on system security that derives from an intelligent threat; that is an intelligent act i.e. a deliberate attempt to evade security services and violate the security policy of a system.
11. List example of Security attacks?
· Gain unauthorized access to information.
· Disavow responsibility or liability for information the cheater did originate.
· Enlarge cheater legitimate license.
· Pervert the function of software, typically by adding a convert function.
· Cause others to violate a protocol by means of introducing incorrect information.
12. What are the essential ingredients of symmetric cipher?
The symmetric encryption scheme has five ingredients; Plain text , encryption algorithm, secret key , cipher text, decryption algorithm.
13. What are the two basic function used in encryption algorithm?
The entire encryption algorithms are based on two general principles;
- Substitution; in which each element in the plain text is mapped into another element.
- Transposition; in which each element in the plain text are rearranged. The fundamental requirement is that no information be lost.
14. How many keys are required to communicate via cipher?
If both sender and receiver use the same key the system is referred as symmetric ,single key , secret key of conventional encryption. If both sender and receiver use the different key, system is referred as asymmetric; two keys are public key encryption.
15. What are the two general approaches to attacking a cipher?
The general two approaches for attacking a cipher.
- Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plain text or even some samples plaintext-cipher text pairs.
- Brute-force attack: The attacker tries every possible key on a piece of cipher text until an intelligible translation into plain text is obtained.
16. Define the Caesar cipher?
The Caesar cipher involves replacing each letter of the alphabet with the letter down the alphabet. The alphabet is wrapped around, so that the letter following Z is A.
C = E (p) = (p + 3) mod (26).
The general Caesar cipher algorithm is
C = E (p) = (p + k) mod (26).
Where k takes the value in the range 1 to 25.
The decryption algorithm is
p = D (C) = (C – k) mod (26).
17. Define the monoalphabetic cipher.
A dramatic increase in the key space is achieved by allowing an arbitrary substitution. There are 26! possible keys. It is referred to as monoalphabetic substitution cipher, because a single cipher alphabet is used per message.
18. Define the playfair cipher.
The playfair cipher treats the diagrams in the plaintext as single units and translates these units into cipher text diagrams. This algorithm is based on the use of a 5 by 5 matrix of letters constructed using keyword.
19. What is the difference between diffusion and confusion?
In Diffusion the statistical structure of the plaintext is dissipated into long statistics of the cipher text. This is achieved by having each plaintext digit affect the value of many cipher text digits.
Confusion seeks to make a relationship between the statistics of the cipher text and the value of the encryption key as complex as possible. Thus even if the attacker can get some handle on the statistics of the cipher text, the way in which the key was used to produce that cipher text is so complex as to make it difficult to deduce the key.
20. Explain the avalanche effect.
A desirable property of any encryption algorithm is that a small change in either the plaintext or the key should produce a significant change in the cipher text. In particular, a change I one of the plaintext or one of the key should produce a change in many bits of the cipher text.
Part-B
- Explain the block cipher design principles and modes of operation?
- Explain in detail, the OSI security architecture.
- Explain in detail, Data Encryption Standard with suitable diagram
- Explain in detail, the various classical encryption techniques.
- Explain in detail, the evaluation criteria for AES and AES cipher.
Monday, April 6, 2009
E-Commerce Unit V
UNIT-5
1. What is the compression method used in Multimedia?
· Sector-oriented disk Compression
· Backup or archive-oriented compression
· Graphics and video-oriented Compression
· Compression of data being transmitted over low-speed networks
2. What is the goal of data compression in action?
The goal of data compression is to make the size of the 100 –bit message
as close as possible to the 100 bits of underlying information.
3. What is the disadvantage of data compression?
The most obvious problem is the time to transfer that much data from
storage to the display. Nearly 30 Mb per second is enough to choke almost
any I/O port or data bus. Other problems include both storage and
processing.
4. What are the types of Compression Technique? Grief brief notes on them
Compression techniques can be divided into two major categories,
· Lossless Compression
· Lossy Compression
Lossless compression:
It means that a given set of data will undergo a loss of accuracy or
resolution after a cycle of compression and decompression.
Lossy Compression:
It produces compressed output that is exactly the same as the input.
5. Define Multiprocessing?
Multiprocessing is defined as the ability to support the concurrent
execution of several tasks on multiple processors. This implies that ability
to use more than one CPU for executing programs. The processors can be
tightly or loosely coupled.
6. Define multitasking?
Multitasking means that the server operating systems can run multiple
programs and give the illusion that they are running simultaneously by
switching control between them.
Two types of multitasking are used:
· Preemptive
· No preemptive
7. Define Multithreading?
Multithreading is a sophisticated and refers to the ability to support paths
of execution within a single address space. Older operating systems
achieve multitasking by creating multiple processes, which creates a great
deal of overhead.
8. Give brief notes about the types of storage technology?
Storage technology can be divided in to two types:
· Network-based (disk arrays)
· Desktop-based (CD-ROM)
Disk arrays:
Disk arrays store enormous of information and are becoming an important
storage technology for firewall servers and other electronic commerce
servers.
CD-ROM:
The preemptive desktop storage technology for electronic commerce
applications is CD-ROM.
9. What are the types of Desktop video conferencing?
There are three types of desktop video conferencing they are
· Plain Old Telephone lines(POTS)
· ISDN
· Internet
10. What is MBONE?
The MBONE is a virtual network that has been in existence since early
1992. The MBONE shares the same physical media as the internet. It uses
a network of routers is not for the faint of heart and is time consuming
because a lot of learning and fixing are involved.
11. Define SONET?
SONET, or Synchronous Optical NETwork, is a set of standards that
govern synchronous fiber optic data transmission at rates ranging from
51.8Mbps to 2.5Gbps.
12. How fast packet switching differs from the traditional circuit switching?
The fast packet switching differs from the traditional circuit switching in
the following three aspects
· Call set-up
· Traffic management
· Switching
13. Describe the benefits of Frame relay?
Frame relay has two benefits:
Speed:
It is no longer necessary to carryout error controls and corrections between
each node due to the improvements in transmission media.
Sharing costly bandwidth:
Frame relay allows users to share costly, high throughput channels over a
single access line, and it uses a “hubbing” approach to distribute traffic
over a wide area.
14. Describe the three functional levels in physical layer?
The physical layer can be divided into three functional levels:
· Transmission path
· Digital section
· Regenerator section
15. What are the four dimensions in mobile computing?
The four dimensions in mobile computing are,
· Wireless delivery technology and switching methods
· Mobile information access devices
· Mobile data internetworking standards and equipment
· Mobile computing based business applications
16. What are the categories of Radio based systems?
Radio based services can be grouped into two main categories:
· Land based
· Satellite based
17. What is palmtop?
Palmtop computers attempt to provide higher functionality and more
closely resemble what’s available in desktop computers. Palmtops called
personal organizers. It offer the combined functionality of a personal
organizer and communications terminal to provide access an applicationspecific
personal computer and communications terminal to provide
access to e-mail.
18. Specify the advantage of circuit-Switched Cellular transmission?
The advantage of circuit switched cellular transmission is that users should
be able to use a cellular modem as they would any modem. Because the
charge call is by the minute and also for set-up, cellular modems can be
more cost-effective when used to send large messages.
19. What is licensed broadband?
Licensed bandwidth allocation of 120 MHz in the 1850 MHz to 1990
MHz band represents a considerable amount of spectrum-by comparison,
the current cellular phone system, known as advanced mobile phone
system occupies only 50 MHz.
20. What is the application of unlicensed broadband?
These applications today are relegated to the industrial/scientific/medical
bands should make better use of the radio spectrum and allow for more
simultaneous users and better signal quality.
16 Marks
1. Explain about digital video and electronic commerce?
· Characteristics of Digital video
· Digital video compression/Decompression
· Types of Codecs Hybrid Software-based
· Three Hybrid standards JPEG MPEG II
2. Describe Desktop Video Processing?
Video on the desktop is a key element in turning a computer into a true
multimedia platform. However digital video isn’t what one would call a
“natural fit’ when it comes to desktop computers due to their inability to
process the compression and decompression of video satisfactorily.
· Desktop Video Hardware for playback and capture
· Video playback
· Video capture and Editing
· Desktop Video Application Software
· Apple’s Quick Time
· Microsoft’s video for Windows
3. Explain Desktop video conferencing? What are the types of Desktop video
Conferencing?
Desktop video conferencing is gaining momentum as a communications
tool. For many business users, face-to-face videoconferences are already a
common practice allowing distant colleagues to communicate without the
expense and inconvenience of traveling.
TYPES OF DESKTOP VIDEO CONFRENCING:
· Using POTS for video conferencing
· Using ISDN for video conferencing
· Using the internet for video conferencing CU-SeeMe MBONE
4. Describe the concept of Broadband background?
· Narrowband Versus Broadband Networks
· Integrated services Digital Network (ISDN)
· SONET and SDH
· BISDN Versus ATM
· Connectionless versus connection oriented networks
· Switching techniques Call set-up Traffic management Switching
5. Explain about Asynchronous Transfer Mode (ATM)?
ATM is a high-speed, connection-oriented, cell based transmission scheme
that offers bandwidth on demand for voice, data and video telephony applications.
ATM networks are being created to switching technology voice, data and video
signals at multiples of 155 Mbps through multigigabit “hubbing devices”
Types of ATM traffic and switching:
· ATM Switching
· ATM cell structure
· ATM system Architecture
6. Give brief description about wireless delivery technology and switching methods?
· Radio-Based Systems
· Cellular Communications Increasing Capability and widespread coverage for cordless
telephones Decreasing cell size (micro cells) and power levels for
hand-held and vehicular cellular radio. Specialized wireless data systems
· Wireless packet data networks
· Satellite networks
· Very small aperture terminals (VSATs)
· Paging and satellite Networks
· Infrared or Light-Based Mobile computing
7. Explain Mobile information access devices?
· Portable computers
· Hybrid pen computers
· Personal Digital Assistants (PDAs)
· Digital Assistants
· Personal communicators
· Palmtops
· Cellular modems and PCMIA adapters
1. What is the compression method used in Multimedia?
· Sector-oriented disk Compression
· Backup or archive-oriented compression
· Graphics and video-oriented Compression
· Compression of data being transmitted over low-speed networks
2. What is the goal of data compression in action?
The goal of data compression is to make the size of the 100 –bit message
as close as possible to the 100 bits of underlying information.
3. What is the disadvantage of data compression?
The most obvious problem is the time to transfer that much data from
storage to the display. Nearly 30 Mb per second is enough to choke almost
any I/O port or data bus. Other problems include both storage and
processing.
4. What are the types of Compression Technique? Grief brief notes on them
Compression techniques can be divided into two major categories,
· Lossless Compression
· Lossy Compression
Lossless compression:
It means that a given set of data will undergo a loss of accuracy or
resolution after a cycle of compression and decompression.
Lossy Compression:
It produces compressed output that is exactly the same as the input.
5. Define Multiprocessing?
Multiprocessing is defined as the ability to support the concurrent
execution of several tasks on multiple processors. This implies that ability
to use more than one CPU for executing programs. The processors can be
tightly or loosely coupled.
6. Define multitasking?
Multitasking means that the server operating systems can run multiple
programs and give the illusion that they are running simultaneously by
switching control between them.
Two types of multitasking are used:
· Preemptive
· No preemptive
7. Define Multithreading?
Multithreading is a sophisticated and refers to the ability to support paths
of execution within a single address space. Older operating systems
achieve multitasking by creating multiple processes, which creates a great
deal of overhead.
8. Give brief notes about the types of storage technology?
Storage technology can be divided in to two types:
· Network-based (disk arrays)
· Desktop-based (CD-ROM)
Disk arrays:
Disk arrays store enormous of information and are becoming an important
storage technology for firewall servers and other electronic commerce
servers.
CD-ROM:
The preemptive desktop storage technology for electronic commerce
applications is CD-ROM.
9. What are the types of Desktop video conferencing?
There are three types of desktop video conferencing they are
· Plain Old Telephone lines(POTS)
· ISDN
· Internet
10. What is MBONE?
The MBONE is a virtual network that has been in existence since early
1992. The MBONE shares the same physical media as the internet. It uses
a network of routers is not for the faint of heart and is time consuming
because a lot of learning and fixing are involved.
11. Define SONET?
SONET, or Synchronous Optical NETwork, is a set of standards that
govern synchronous fiber optic data transmission at rates ranging from
51.8Mbps to 2.5Gbps.
12. How fast packet switching differs from the traditional circuit switching?
The fast packet switching differs from the traditional circuit switching in
the following three aspects
· Call set-up
· Traffic management
· Switching
13. Describe the benefits of Frame relay?
Frame relay has two benefits:
Speed:
It is no longer necessary to carryout error controls and corrections between
each node due to the improvements in transmission media.
Sharing costly bandwidth:
Frame relay allows users to share costly, high throughput channels over a
single access line, and it uses a “hubbing” approach to distribute traffic
over a wide area.
14. Describe the three functional levels in physical layer?
The physical layer can be divided into three functional levels:
· Transmission path
· Digital section
· Regenerator section
15. What are the four dimensions in mobile computing?
The four dimensions in mobile computing are,
· Wireless delivery technology and switching methods
· Mobile information access devices
· Mobile data internetworking standards and equipment
· Mobile computing based business applications
16. What are the categories of Radio based systems?
Radio based services can be grouped into two main categories:
· Land based
· Satellite based
17. What is palmtop?
Palmtop computers attempt to provide higher functionality and more
closely resemble what’s available in desktop computers. Palmtops called
personal organizers. It offer the combined functionality of a personal
organizer and communications terminal to provide access an applicationspecific
personal computer and communications terminal to provide
access to e-mail.
18. Specify the advantage of circuit-Switched Cellular transmission?
The advantage of circuit switched cellular transmission is that users should
be able to use a cellular modem as they would any modem. Because the
charge call is by the minute and also for set-up, cellular modems can be
more cost-effective when used to send large messages.
19. What is licensed broadband?
Licensed bandwidth allocation of 120 MHz in the 1850 MHz to 1990
MHz band represents a considerable amount of spectrum-by comparison,
the current cellular phone system, known as advanced mobile phone
system occupies only 50 MHz.
20. What is the application of unlicensed broadband?
These applications today are relegated to the industrial/scientific/medical
bands should make better use of the radio spectrum and allow for more
simultaneous users and better signal quality.
16 Marks
1. Explain about digital video and electronic commerce?
· Characteristics of Digital video
· Digital video compression/Decompression
· Types of Codecs Hybrid Software-based
· Three Hybrid standards JPEG MPEG II
2. Describe Desktop Video Processing?
Video on the desktop is a key element in turning a computer into a true
multimedia platform. However digital video isn’t what one would call a
“natural fit’ when it comes to desktop computers due to their inability to
process the compression and decompression of video satisfactorily.
· Desktop Video Hardware for playback and capture
· Video playback
· Video capture and Editing
· Desktop Video Application Software
· Apple’s Quick Time
· Microsoft’s video for Windows
3. Explain Desktop video conferencing? What are the types of Desktop video
Conferencing?
Desktop video conferencing is gaining momentum as a communications
tool. For many business users, face-to-face videoconferences are already a
common practice allowing distant colleagues to communicate without the
expense and inconvenience of traveling.
TYPES OF DESKTOP VIDEO CONFRENCING:
· Using POTS for video conferencing
· Using ISDN for video conferencing
· Using the internet for video conferencing CU-SeeMe MBONE
4. Describe the concept of Broadband background?
· Narrowband Versus Broadband Networks
· Integrated services Digital Network (ISDN)
· SONET and SDH
· BISDN Versus ATM
· Connectionless versus connection oriented networks
· Switching techniques Call set-up Traffic management Switching
5. Explain about Asynchronous Transfer Mode (ATM)?
ATM is a high-speed, connection-oriented, cell based transmission scheme
that offers bandwidth on demand for voice, data and video telephony applications.
ATM networks are being created to switching technology voice, data and video
signals at multiples of 155 Mbps through multigigabit “hubbing devices”
Types of ATM traffic and switching:
· ATM Switching
· ATM cell structure
· ATM system Architecture
6. Give brief description about wireless delivery technology and switching methods?
· Radio-Based Systems
· Cellular Communications Increasing Capability and widespread coverage for cordless
telephones Decreasing cell size (micro cells) and power levels for
hand-held and vehicular cellular radio. Specialized wireless data systems
· Wireless packet data networks
· Satellite networks
· Very small aperture terminals (VSATs)
· Paging and satellite Networks
· Infrared or Light-Based Mobile computing
7. Explain Mobile information access devices?
· Portable computers
· Hybrid pen computers
· Personal Digital Assistants (PDAs)
· Digital Assistants
· Personal communicators
· Palmtops
· Cellular modems and PCMIA adapters
Subscribe to:
Posts (Atom)
