Showing posts with label assignment. Show all posts
Showing posts with label assignment. Show all posts

July 01, 2019

Network Security Assignment - SEM 7


Question
Identify the security principle: When data must arrive at receiver exactly as it was sent
Nonrepudiation
Integrity
Confidentiality
Authentication

Question
Identify the security principle: When a sender cannot deny sending a sent message
Nonrepudiation
Integrity
Confidentiality
Authentication

Question
When an attacker performs a capture of a data unit and its subsequent retransmission, which attack he is performing?
Denial of service
Disruption
Spoofing
Replay

Question
What is the block cipher structure in DES?
RSA
Feistel
Shannon
Diffie-Hellman

Question
What does it mean that a hash function H is “collision resistant”?
It is easy to compute h = H(M) for any message M
Given h, it is infeasible to find x such that H(x) = h
Given x, it is infeasible to find y such that H(x) = H(y)
It is infeasible to find any x, y such that H(y) = H(x)

Question
Company XYZ wants to elect their new president by electronic voting. Which security principle will be applicable if only employees are allowed to vote.
Authentication
Integrity
Non-repudiation
Confidentiality

Question
Company XYZ wants to elect their new president by electronic voting. Which security principle will be applicable if No one should be able to see who the other voted for.
Authentication
Integrity
Non-repudiation
Confidentiality

Question
Company XYZ wants to elect their new president by electronic voting. Which security principle will be applicable if An employee should be able to verify that his vote was not changed.
Authentication
Integrity
Non-repudiation
Confidentiality

Question
Company XYZ wants to elect their new president by electronic voting. Which security principle will be applicable if The employee cannot deny having voted
Authentication
Integrity
Non-repudiation
Confidentiality

Question
Alice and Bob share a common secret password, P. Using this, they want to authenticate each other. Which of the following is the correct way to do so?
Alice sends P to Bob. Bob verifies P to authenticate Alice.
Alice sends the message encrypted with P. If Bob is able to decrypt it successfully, Alice is authenticated.
Alice sends a random number encrypted with P. Bob decrypts the number and authenticates Alice.
Bob sends Alice a random challenge. Alice returns the challenge encrypted with P.
Bob sends Alice a random challenge encrypted with P. Alice returns the challenge+1 encrypted with P.

Question
In which algorithmic mode does the corresponding cipher text block repeat if a plain text block repeats in the original message? Select all correct options
ECB
CBC
CFB
OFB

Question
In which algorithmic mode can the ciphering operation be performed in parallel? Select all correct options
ECB
CBC
CFB
OFB

Question
Consider the following scenario.A and B both share a secret key with a Key Distribution Center (KDC). We call these keys Ka-kdc and Kb-kdc respectively. A wants to establish a shared symmetric key with B using the following steps:A sends a message to the KDC encrypted by Ka-kdc. Encrypt Ka-kdc(B)KDC responds by sending Encrypt Ka-kdc(Kb-kdc)A now corresponds with B using Kb-kdc. Is this solution correct or incorrect. Justify.
The solution is correct. The KDC first verifies A since Ka-kdc is known only to A. Only the KDC and B know Kb-kdc.
The solution is incorrect. The KDC first verifies A since Ka-kdc is known only to A. Only the KDC and B know Kb-kdc.

Question
Consider the following scenario.Alice wants to send assignment grades from her home computer to Bob at work. She wants to prevent anyone from modifying the grades. So Alice sends a message M to Bob along with H = Hash(M). Bob receives M and H, and calculates H’ = Hash(M). Only if H = H', Bob accepts the message. Is this solution foolproof?
Yes because if the message is changed, the hash will also change and Bob will be able to detect the modified
No because the intruder may replace M with M' and H with Hash(M').

Question
A class has n students. How many symmetric secret keys are needed if each students wants to send secret messages to another?
1
n
n*n
n(n-1)/2

Question
A class has n students. If they all trust the classteacher, how many symmetric secret keys are needed?
1
n
n*n
n(n-1)/2

Question
If the class teacher distributes a temporary one-time session key for a communicating pair, how many keys are needed? The temporary key is encrypted and sent to both members.
1
n
n*n
n(n-1)/2

Question
If public key cryptography is used, how many keys are needed in all?
1
2
n
2n

Question
An attack on a cipher text message where the attacker attempts to use all possible permutations and combinations is called:
Brute force attack
Man-in-the-middle
Chosen plaintext
Chosen ciphertext

Question
Which of the following is most efficient to achieve confidentiality and digital signature for message M
Use public key cryptography to hide message M by applying Encrypt-with-Kreceiverpublic(M) and sign message M applying Encrypt-with-Ksenderprivate(M)
Use public key cryptography to hide message M by applying Encrypt-with-Kreceiverpublic(M) and sign message by applying Encrypt-with-Ksenderprivate(Hash(M))
Use public key cryptography to share key by applying Encrypt-with-Kreceiverpublic(Kshared), hide message by applying Encrypt-with-Kshared(M) and sign message by applying Encrypt-with-Ksenderprivate(Hash(M))
Use private key cryptography to hide message M by applying Encrypt-with-Kshared(M) and sign message by applying Encrypt-with-Kshared(Hash(M))

Question
Key distribution often involves the use of _________ which are generated and distributed for temporary use between two parties.
Session keys
Public keys
private keys
Certificates

August 01, 2018

Brief about Book Library Data Warehouse System

Topic: BOOK LIBRARY
Subject: DATA WAREHOUSE
Prepared by: Sumit

Q1) Identify the business processes of interest to senior management in the industry (domain) allocated to your group.
Answer)
Major libraries have large collections and circulation. Managing libraries electronically has resulted in the creation and management of large library databases, Library to the students and teachers who are cooperating in this e-learning environment.

Below are some of the business processes of interest to senior management:
  • Variety of Books: Need to better understand what books customers wanted and were willing to pay for. 
  • Fund the Books: Need to change its costs and cash flow so that the book library could continue to operate. 
  • Make Library Reliable: It has to be a library that has its customers to their wanted books on-time.
  • Book Borrowing
A crucial part of a library is the human intermediary the librarian. This intermediary connects the users to the information needed and can assist with advice about using the information retrieval systems and working with information.

Q2) List some questions that would be raised by senior management for improving the business process.
Answer)
There are many questions that can be asked by senior management for improving the above business process.
Some of the questions that will be asked are :
  • When the item was collected?
  • Which librarian registered it?
  • What is the item about?
  • Which branch library the item was registered at?
Q3) To address the above-mentioned questions; propose a DW design (schema diagram).
Answer)
In general for a DW Design basically four main characteristics are used:
Step 1: Identify the Business Process
Step 2: Declare the Grain
Step 3: Identify the Dimensions
Step 4: Identify the Facts

Our Book Library case, the following are steps:
  1. Business Process: Book borrowing is the business process.
  2. Declare the Grain: The second step is to declare the grain of the business process. In the book borrowing process, we declare a transaction issued in library automation system as the grain, which means an item is borrowed by a patron.
  3. Identify the Dimensions: The third step is to choose the dimensions. Dimensions represent how people describe and inspect the data from the process. Following are dimension table I will be using :
    • The Patron-Dimension describes the library patron’s characteristics. The attributes of Patron-Dimension include the name of the patron, gender, occupation, patron type, department, college, and so on.
    • The Item-Dimension describes every item belonging to the library, and its attributes indicating what relating to this item, including call number, title, author, subject, classification, language, location, MARC, collecting source, and so on. 
    • The Location-Dimension describes branch libraries supervised by the city library, and its attributes include the name of the branch library, named of the district it is located and the name of region library.
    • The Date-Dimension describes every hour of one day, and its attributes include hour, date, week, month and year. 
  4. Identify the Facts: The fourth step is to identify the facts. In the case of book borrowing, we identify the fact to measure the number of books borrowed. We declared a transaction that an item was borrowed by a patron as the grain in the prior step. Thus, the number of books borrowed here is equal to one.
  • The star schema is perhaps the simplest data warehouse schema.
  • It is called a star schema because the entity-relationship diagram of this schema resembles a star, with points radiating from a central table. 
  • The center of the star consists of a large fact table and the points of the star are the dimension tables.
Star Schema for Library Book Borrowing:


Q4) List aggregations to improve the DW performance. Justify.
Answer)
  • Aggregates provide improvements in performance because of the significantly smaller number of records.
  • Aggregates allow quick access to Book Dimension data during reporting. Similar to database indexes, they serve to improve performance.
  • Aggregates are particularly useful in the following cases:
    • Executing and navigating in query data leads to delays if you have a group of queries
    • You want to speed up the execution and navigation of a specific query
    • You often use attributes in queries
    • You want to speed up reporting with specific hierarchies by adding a level of a specific hierarchy.
  • Aggregates are particularly useful in the following cases:
  • If the aggregate contains data that is to be evaluated by a query, the query data is read automatically from the aggregate.
  • Query: Total sales for books during the first week of December 2000 for location Mumbai.

Q5) List and justify any 5 metadata items that will be of interest to various stakeholders.
Answer)
  • Metadata means "data about data". 
  • Data that provides information about one or more aspects of metadata data is defined as; It is used to summarize the basic information about the data that can be tracked and can work with specific data.
  • Below are metadata items of various interest to stakeholders:
    • Purpose of the book
    • Time and date of issuing the book
    • Creator or author of the book
    • Location on a computer network where the book was issued.
    • Book quantity
    • Book quality
  • Below are metadata items of various interest to stakeholders:
Types of Meta Data:
  • Descriptive metadata is usually used for search and identification, such as searching and finding an object, such as title, author, topic, keyword, and publisher.
  • Administrative metadata provides information to help manage the source. Administrative metadata refers to the technical information, including file type, or when and how the file was created.
  • Structural metadata describes how components of an object are organized. An example of structural metadata will be how the pages are ordered to make chapters of a book.
Following are some key points that to be included in MetaData:

Definition of data warehouse − It includes the description of the structure of data warehouse. The description is defined by schema, view, hierarchy, derivative data definitions, and data mart locations and materials.

Operational Metadata − It includes currency of data and data lineage. The currency of the data means that the data is active, stored or pure, or not. The genealogy of the data means the history of the migrated data and the changes applied to it.

Business metadata − It has the data ownership information, business definition, and changing policies

July 23, 2018

Brief about IRCTC Proposed System - OOAD

Topic: IRCTC
Subject: OOAD
Task: Assignment
Subject: Object Oriented Analysis and Design
Prepared by: Srinivas

REQUIREMENT ANALYSIS

Objective and scope of the Project:
   
The objective of the Project
In order to overcome the drawback of the current IRCTC website, we have tried to offer passenger a growing facility for booking tickets which is not provided by IRCTC.

The scope of the Project
  • To understand the current system and implement the software with the current system.
  • To execute the software without any problems or error without creating any complications.
  • Automating the set.
PROPOSED SYSTEM
  • The proposed system is fully computerized, making ticket booking easier and cheaper.
  • It provides the user with more options for traveling.
  • According to the user's trust, you can book tickets between the source and the destination by breaking the journey in two half.
  • The price is calculated on the basis of the end to end distance rather than calculating for two different transaction.
  • The second part of the journey should start within 48 hours of the first part of the journey. The ticket for the second part of the trip is invalid without the first part of the trip.
  • A senior citizen is provided with discount only if they have valid ID proof of their age. 
  • The ticket can be printed and downloaded in pdf format.
 UML DIAGRAM:

https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

USE CASE DIAGRAMS:

https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

CLASS DIAGRAMS:


SEQUENCE DIAGRAM:

For Registration:

https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

For the invalid user:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

For the Valid user:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

For Reservation:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

For Cancellation:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

ACTIVITY DIAGRAM

For Registration:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

For Login:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

For Reservation:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

For Cancellation:
https://www.waseian.com/2018/07/brief-about-irctc-proposed-system-ooad.html

GRASP PATTERN 
  • GRASP defines General Responsibility Assignment Software Patterns.
  • A collection of general objected‐oriented design patterns related to assigning defining objects.
  • There are nine GRASP patterns, maybe some are already recognizable and some not:
  1. Creator 
  2. Information Expert (or just Expert) 
  3. Low Coupling 
  4. Controller 
  5. High Cohesion 
  6. Polymorphism 
  7. Pure Fabrication
  8. Indirection 
  9. Protected Variations.
CREATOR
•    This pattern generally avoids adding the coupling to a design.
•    When creation is a complex process or varies depending upon an input, often you’ll want to create using a different class implementing the GoF pattern Concrete Factory or Abstract Factory.

INFORMATION EXPERT
•    This is a general principle and probably the most used of any GRASP pattern.
•    This generally is key to loose coupling and high cohesion, but not always so. – Imagine a case where it is better to do better handheld data to preserve a large functional segmentation and support consolidation.
•    We're fully talking about the information organized by software objects, but if there are no relevant software classes, try the domain model.

LOW COUPLING
•    The higher coupling can lead to:
– More difficulty in understanding
– Changes propagating excessively
– More obstacles to code reuse
•    Less coupling often goes into the hands with a high cohesion
•    Consider this principle with every design decision.
•   The more unbalanced the class joined to, the more concerning the connection – Example. consider a language’s ordinary library vs. a class a colleague just defined a couple days ago.

CONTROLLER
•   A controller tries to organize the work without doing too much of it itself
•   A simple example of this is that UI substances shouldn’t execute business logic; there are further classes for that.
•    The controller in the Model‐View‐Controller (MVC) architecture is effectively the same thing. – This, or its variation Model‐View‐Presenter, is frequently used in web applications
HIGH COHESION
•    Very similar to Low Coupling
– Often related (but not always)
– Should be considered in every design decision.
•    Lower cohesion almost always means:
•    Low cohesion suggests that more delegation should be used.

POLYMORPHISM
•    With respect to implementation, this usually means the use of a super (parent) class or interface – Coding to an interface is generally preferred and avoids committing to a particular class hierarchy.

PURE FABRICATION
•    In other words, getting class concepts from a good domain model or real‐life objects won’t always work out well!
•   An example of a possible pure construction class: Determined Storage – May very well not be in the domain model, May very well not map to an actual‐lifetime object – But it might be the answer to attain our goals of low coupling / high cohesion while still taking a clear accountability

INDIRECTION
•   Frequently an indirection intermediary is also a pure construction. – The Determined Storage example could very well be an indirection between a Sale class and the database
•    Goff Pattern Adapter, Bridge, Facade, Observer, and Arbitrator all accomplish it.
•    The main benefit is lower coupling.

PROTECTED VARIATIONS
•    The solution "interface" is in the general sense; But to implement the solution you often want to build an interface programming (in Java, for example)!
•    Benefits: – Easy to extend functionality at PV points – Lower coupling – Implementations can be updated without affecting clients – Reduces the impact of change
•   Similar to the concealment of open-ended theory or information (not to hide data)
•    “Novice developers tend to brittle designs, intermediate developers point to highly fancy and flexible, generalized (which is never used in any way). Expert designers choose with insights."”

Note: The above-proposed system/Assignment for OOAD has been prepared by Srinivas which I have posted here. Give your blessings to him whoever find helpful for them :)