dq

Cryptography and Network Security: Principles and Practice

Eighth Edition

Don't use plagiarized sources. Get Your Custom Essay on

This is a Snippet Preview, get a Complete Solution Here

Order Essay

Chapter 1

Information and Network Security Concepts

Lecture slides prepared for “Cryptography and Network Security”, 8/e, by William Stallings. Chapter 1, “Information and Network Security Concepts”.

This book focuses on two broad areas: cryptography and network security. This overview chapter first looks at some of the fundamental principles of security, encompassing both information security and network security. These include the concepts of security attacks, security services, and security mechanisms. Next, the chapter introduces the two areas of cryptography and network security. Finally, the concepts of trust and trustworthiness are examined.

Learning Objectives

Describe the key security requirements of confidentiality, integrity, and availability.

Discuss the types of security threats and attacks that must be dealt with and give examples of the types of threats and attacks that apply to different categories of computer and network assets.

Provide an overview of keyless, single-key, and two-key cryptographic algorithms.

Provide an overview of the main areas of network security.

Describe a trust model for information security.

List and briefly describe key organizations involved in cryptography standards.

Cybersecurity (1 of 3)

It would be useful to start this chapter with a definition of the terms cybersecurity, information security, and network security. A reasonably comprehensive definition of cybersecurity is found in ITU-T (International Telecommunication Union Telecommunication Standardization Sector) Recommendation X.1205 (Overview of Cybersecurity, 2014).

Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies that can be used to protect the cyberspace environment and organization and users’ assets. Organization and users’ assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyberspace environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and users’ assets against relevant security risks in the cyberspace environment. The general security objectives comprise the following: availability; integrity, which may include data authenticity and nonrepudiation; and confidentiality.

Cybersecurity (2 of 3)

Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and users’ assets against relevant security risks in the cyberspace environment. The general security objectives comprise the following: availability; integrity, which may include data authenticity and nonrepudiation; and confidentiality

Cybersecurity (3 of 3)

Information Security

This term refers to preservation of confidentiality, integrity, and availability of information. In addition, other properties, such as authenticity, accountability, nonrepudiation, and reliability can also be involved

Network Security

This term refers to protection of networks and their service from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side effects

As subsets of cybersecurity, we can define the following:

◆ Information security: This term refers to preservation of confidentiality, integrity, and availability of information. In addition, other properties, such as authenticity, accountability, nonrepudiation, and reliability can also be involved.

◆ Network security: This term refers to protection of networks and their service from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side effects.

Cybersecurity encompasses information security, with respect to electronic information, and network security. Information security also is concerned with physical (e.g., paper-based) information. However, in practice, the terms cybersecurity and information security are often used interchangeably.

Security Objectives (1 of 2)

The cybersecurity definition introduces three key objectives that are at the heart of information and network security:

Confidentiality: This term covers two related concepts:

Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals

Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed

The cybersecurity definition introduces three key objectives that are at the heart of information and network security:

◆ Confidentiality: This term covers two related concepts:

◆ Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals.

Security Objectives (2 of 2)

Integrity: This term covers two related concepts:

Data integrity: Assures that data and programs are changed only in a specified and authorized manner. This concept also encompasses data authenticity, which means that a digital object is indeed what it claims to be or what it is claimed to be, and nonrepudiation, which is assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information

System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system

Availability: Assures that systems work promptly and service is not denied to authorized users

◆ Integrity: This term covers two related concepts:

◆ Data integrity: Assures that data (both stored and in transmitted packets) and programs are changed only in a specified and authorized manner. This concept also encompasses data authenticity, which means that a digital object is indeed what it claims to be or what it is claimed to be, and nonrepudiation, which is assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information.

◆ System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.

Figure 1.1 Essential Information and Network Security Objectives

These three concepts form what is often referred to as the CIA triad. The three

concepts embody the fundamental security objectives for both data and for information

and computing services. For example, the NIST standard FIPS 199 (Standards

for Security Categorization of Federal Information and Information Systems ) lists

confidentiality, integrity, and availability as the three security objectives for information

and for information systems. FIPS 199 provides a useful characterization of

these three objectives in terms of requirements and the definition of a loss of security

in each category:

• Confidentiality: Preserving authorized restrictions on information access

and disclosure, including means for protecting personal privacy and proprietary

information. A loss of confidentiality is the unauthorized disclosure of

information.

• Integrity: Guarding against improper information modification or destruction,

including ensuring information nonrepudiation and authenticity. A loss

of integrity is the unauthorized modification or destruction of information.

• Availability: Ensuring timely and reliable access to and use of information.

A loss of availability is the disruption of access to or use of information or an

information system.

Although the use of the CIA triad to define security objectives is well established, some

in the security field feel that additional concepts are needed to present a complete picture (Figure 1.1).

Two of the most commonly mentioned are as follows:

• Authenticity: The property of being genuine and being able to be verified and

trusted; confidence in the validity of a transmission, a message, or message

originator. This means verifying that users are who they say they are and that

each input arriving at the system came from a trusted source.

• Accountability: The security goal that generates the requirement for actions

of an entity to be traced uniquely to that entity. This supports nonrepudiation,

deterrence, fault isolation, intrusion detection and prevention, and after action

recovery and legal action. Because truly secure systems are not yet an

achievable goal, we must be able to trace a security breach to a responsible

party. Systems must keep records of their activities to permit later forensic

analysis to trace security breaches or to aid in transaction disputes.

Computer Security Challenges

Security is not simple

Potential attacks on the security features need to be considered

Procedures used to provide particular services are often counter-intuitive

It is necessary to decide where to use the various security mechanisms

Requires constant monitoring

Is too often an afterthought

Security mechanisms typically involve more than a particular algorithm or protocol

Security is essentially a battle of wits between a perpetrator and the designer

Little benefit from security investment is perceived until a security failure occurs

Strong security is often viewed as an impediment to efficient and user-friendly operation

Computer and network security is both fascinating and complex. Some of the

reasons follow:

1. Security is not as simple as it might first appear to the novice. The requirements

seem to be straightforward; indeed, most of the major requirements

for security services can be given self-explanatory, one-word labels: confidentiality,

authentication, nonrepudiation, or integrity. But the mechanisms used

to meet those requirements can be quite complex, and understanding them

may involve rather subtle reasoning.

2. In developing a particular security mechanism or algorithm, one must always

consider potential attacks on those security features. In many cases, successful

attacks are designed by looking at the problem in a completely different way,

therefore exploiting an unexpected weakness in the mechanism.

3. Because of point 2, the procedures used to provide particular services are

often counterintuitive. Typically, a security mechanism is complex, and it is

not obvious from the statement of a particular requirement that such elaborate

measures are needed. It is only when the various aspects of the threat are

considered that elaborate security mechanisms make sense.

4. Having designed various security mechanisms, it is necessary to decide where

to use them. This is true both in terms of physical placement (e.g., at what points

in a network are certain security mechanisms needed) and in a logical sense

(e.g., at what layer or layers of an architecture such as TCP/IP [Transmission

Control Protocol/Internet Protocol] should mechanisms be placed).

5. Security mechanisms typically involve more than a particular algorithm or

protocol. They also require that participants be in possession of some secret

information (e.g., an encryption key), which raises questions about the creation,

distribution, and protection of that secret information. There also may

be a reliance on communications protocols whose behavior may complicate

the task of developing the security mechanism. For example, if the proper

functioning of the security mechanism requires setting time limits on the transit

time of a message from sender to receiver, then any protocol or network

that introduces variable, unpredictable delays may render such time limits

meaningless.

6. Computer and network security is essentially a battle of wits between a perpetrator

who tries to find holes and the designer or administrator who tries to

close them. The great advantage that the attacker has is that he or she need

only find a single weakness, while the designer must find and eliminate all

weaknesses to achieve perfect security.

7. There is a natural tendency on the part of users and system managers to perceive

little benefit from security investment until a security failure occurs.

8. Security requires regular, even constant, monitoring, and this is difficult in

today’s short-term, overloaded environment.

9. Security is still too often an afterthought to be incorporated into a system

after the design is complete rather than being an integral part of the design

process.

10. Many users and even security administrators view strong security as an impediment

to efficient and user-friendly operation of an information system or use of

information.

O S I Security Architecture

Security attack

Any action that compromises the security of information owned by an organization

Security mechanism

A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack

Security service

A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization

Intended to counter security attacks, and they make use of one or more security mechanisms to provide the service

To assess effectively the security needs of an organization and to evaluate and

choose various security products and policies, the manager responsible for security

needs some systematic way of defining the requirements for security and characterizing

the approaches to satisfying those requirements. This is difficult enough in a

centralized data processing environment; with the use of local and wide area networks,

the problems are compounded.

ITU-T Recommendation X.800, Security Architecture for OSI, defines such a

systematic approach. The OSI security architecture is useful to managers as a way

of organizing the task of providing security. Furthermore, because this architecture

was developed as an international standard, computer and communications vendors

have developed security features for their products and services that relate to this

structured definition of services and mechanisms.

For our purposes, the OSI security architecture provides a useful, if abstract,

overview of many of the concepts that this book deals with. The OSI security architecture

focuses on security attacks, mechanisms, and services. These can be defined

briefly as

• Security attack: Any action that compromises the security of information

owned by an organization.

• Security mechanism: A process (or a device incorporating such a process) that

is designed to detect, prevent, or recover from a security attack.

• Security service: A processing or communication service that enhances the

security of the data processing systems and the information transfers of an

organization. The services are intended to counter security attacks, and they

make use of one or more security mechanisms to provide the service.

Threats and Attacks

Threat

A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.

Attack

An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.

In the literature, the terms threat and attack are commonly used, with the following meanings:

■ Threat: Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.

■. Attack: Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

Figure 1.2 Key Concepts in Security (1 of 2)

The following three sections provide an overview of the concepts of attacks, services, and mechanisms. The key concepts that are covered are summarized in Figure 1.2.

Figure 1.2 Key Concepts in Security (2 of 2)

The following three sections provide an overview of the concepts of attacks, services, and mechanisms. The key concepts that are covered are summarized in Figure 1.2.

Security Attacks

A means of classifying security attacks, used both in X.800 and R F C 4949, is in terms of passive attacks and active attacks

A passive attack attempts to learn or make use of information from the system but does not affect system resources

An active attack attempts to alter system resources or affect their operation

A useful means of classifying security attacks, used both in X.800, is in terms of passive attacks and active attacks (Figure 1.2a). A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active attack attempts to alter system resources or affect their operation.

Passive Attacks

Are in the nature of eavesdropping on, or monitoring of, transmissions

Goal of the opponent is to obtain information that is being transmitted

Two types of passive attacks are:

The release of message contents

Traffic analysis

Passive attacks are in the nature of eavesdropping on, or monitoring

of, transmissions. The goal of the opponent is to obtain information that is being

transmitted. Two types of passive attacks are the release of message contents and

traffic analysis.

The release of message contents is easily understood. A telephone conversation,

an electronic mail message, and a transferred file may contain sensitive or

confidential information. We would like to prevent an opponent from learning the

contents of these transmissions.

A second type of passive attack, traffic analysis, is subtler. Suppose that we

had a way of masking the contents of messages or other information traffic so that

opponents, even if they captured the message, could not extract the information

from the message. The common technique for masking contents is encryption. If we

had encryption protection in place, an opponent might still be able to observe the

pattern of these messages. The opponent could determine the location and identity

of communicating hosts and could observe the frequency and length of messages

being exchanged. This information might be useful in guessing the nature of the

communication that was taking place.

Passive attacks are very difficult to detect, because they do not involve any

alteration of the data. Typically, the message traffic is sent and received in an apparently

normal fashion, and neither the sender nor receiver is aware that a third party

has read the messages or observed the traffic pattern. However, it is feasible to prevent

the success of these attacks, usually by means of encryption. Thus, the emphasis

in dealing with passive attacks is on prevention rather than detection.

Active Attacks

Involve some modification of the data stream or the creation of a false stream

Difficult to prevent because of the wide variety of potential physical, software, and network vulnerabilities

Goal is to detect attacks and to recover from any disruption or delays caused by them

Masquerade

Takes place when one entity pretends to be a different entity

Usually includes one of the other forms of active attack

Replay

Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect

Data Modification

Some portion of a legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect

Denial of service

Prevents or inhibits the normal use or management of communications facilities

Active attacks involve some modification of the data stream or the

creation of a false stream and can be subdivided into four categories: masquerade,

replay, modification of messages, and denial of service.

A masquerade takes place when one entity pretends to be a different entity.

A masquerade attack usually includes one of the

other forms of active attack. For example, authentication sequences can be captured

and replayed after a valid authentication sequence has taken place, thus enabling an

authorized entity with few privileges to obtain extra privileges by impersonating an

entity that has those privileges.

Replay involves the passive capture of a data unit and its subsequent retransmission

to produce an unauthorized effect.

Data modification simply means that some portion of a legitimate message is altered,

or that messages are delayed or reordered, to produce an unauthorized effect. For example,

a message stating, “Allow John Smith to read confidential file accounts” is modified to say,

“Allow Fred Brown to read confidential file accounts.”

The denial of service prevents or inhibits the normal use or management of

communications facilities. This attack may have a specific target; for

example, an entity may suppress all messages directed to a particular destination

(e.g., the security audit service). Another form of service denial is the disruption

of an entire network, either by disabling the network or by overloading it with

messages so as to degrade performance.

Active attacks present the opposite characteristics of passive attacks. Whereas

passive attacks are difficult to detect, measures are available to prevent their success.

On the other hand, it is quite difficult to prevent active attacks absolutely

because of the wide variety of potential physical, software, and network vulnerabilities.

Instead, the goal is to detect active attacks and to recover from any disruption

or delays caused by them. If the detection has a deterrent effect, it may also

contribute to prevention.

Figure 1.3 Security Attacks

Figure 1.3 illustrates the types of attacks in the context of a client/server interaction. A passive attack (Figure 1.3b)

does not disturb the information flow between the client and server, but is able to observe that flow.

A masquerade can take the form of a man-in-the-middle attack (Figure 1.3c). In this type of attack, the attacker intercepts masquerades as the client to the server and as the server to the client. We see specific applications of this attack in defeating key exchange and distribution protocols (Chapters 10 and 14) and in message authentication protocols (Chapter 11). More generally, it can be used to impersonate the two ends of a legitimate communication. Another form of masquerade is illustrated in Figure 1.3d. Here, an attacker is able to access server resources by masquerading as an authorized user.

Data modification may involve a man-in-the middle attack, in which the attacker selectively modifies communicated data between a client and server (Figure 1.3c). Another form of data modification attack is the modification of data residing on a serve or other system after an attacker gains unauthorized access (Figure 1.3d).

Figure 1.3e illustrates the replay attack. As in a passive attack, the attacker does not disturb the information flow between client and server, but does capture client message. The attacker can then subsequently replay any client message to the server.

Figure 1.3d also illustrates denial of service in the context of a client/server environment. The denial of service can take two forms: (1) flooding the server with an overwhelming amount of data; and (2) triggering some action on the server that consumes substantial computing resources.

Authentication (1 of 2)

Concerned with assuring that a communication is authentic

In the case of a single message, assures the recipient that the message is from the source that it claims to be from

In the case of ongoing interaction, assures the two entities are authentic and that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties

Two specific authentication services are defined in X.800:

Peer entity authentication

Data origin authentication

The authentication service is concerned with assuring that a communication is

authentic. In the case of a single message, such as a warning or alarm signal, the

function of the authentication service is to assure the recipient that the message

is from the source that it claims to be from. In the case of an ongoing interaction,

such as the connection of a terminal to a host, two aspects are involved. First,

at the time of connection initiation, the service assures that the two entities are

authentic, that is, that each is the entity that it claims to be. Second, the service

must assure that the connection is not interfered with in such a way that a third

party can masquerade as one of the two legitimate parties for the purposes of

unauthorized transmission or reception.

Two specific authentication services are defined in X.800:

• Peer entity authentication: Provides for the corroboration of the identity

of a peer entity in an association. Two entities are considered peers if they

implement to same protocol in different systems; for example two TCP modules

in two communicating systems. Peer entity authentication is provided for

use at the establishment of, or at times during the data transfer phase of, a

connection. It attempts to provide confidence that an entity is not performing

either a masquerade or an unauthorized replay of a previous connection.

• Data origin authentication: Provides for the corroboration of the source of a

data unit. It does not provide protection against the duplication or modification

of data units. This type of service supports applications like electronic mail,

where there are no prior interactions between the communicating entities.

Authentication (2 of 2)

Peer entity authentication

Provides for the corroboration of the identity of a peer entity in an association. Two entities are considered peers if they implement the same protocol in different systems. Peer entity authentication is provided for use at the establishment of, or at times during the data transfer phase of, a connection. It attempts to provide confidence that an entity is not performing either a masquerade or an unauthorized replay of a previous connection

Data origin authentication

Provides for the corroboration of the source of a data unit. It does not provide protection against the duplication or modification of data units. This type of service supports applications like electronic mail, where there are no ongoing interactions between the communicating entities

■. Peer entity authentication: Provides for the corroboration of the identity of a peer entity in an association. Two entities are considered peers if they implement the same protocol in different systems; for example, two TCP modules in two communicating systems. Peer entity authentication is provided for use at the establishment of, or at times during the data transfer phase of, a connection. It attempts to provide confidence that an entity is not performing either a masquerade or an unauthorized replay of a previous connection.

■ Data origin authentication: Provides for the corroboration of the source of a data unit. It does not provide protection against the duplication or modification of data units. This type of service supports applications like electronic mail, where there are no ongoing interactions between the communicating entities.

Access Control

The ability to limit and control the access to host systems and applications via communications links

To achieve this, each entity trying to gain access must first be identified, or authenticated, so that access rights can be tailored to the individual

In the context of network security, access control is the ability to limit and control

the access to host systems and applications via communications links. To achieve

this, each entity trying to gain access must first be identified, or authenticated, so

that access rights can be tailored to the individual.

Data Confidentiality

The protection of transmitted data from passive attacks

Broadest service protects all user data transmitted between two users over a period of time

Narrower forms of service includes the protection of a single message or even specific fields within a message

The protection of traffic flow from analysis

This requires that an attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic on a communications facility

Confidentiality is the protection of transmitted data from passive attacks. With

respect to the content of a data transmission, several levels of protection can be

identified. The broadest service protects all user data transmitted between two

users over a period of time. For example, when a TCP connection is set up between

two systems, this broad protection prevents the release of any user data transmitted

over the TCP connection. Narrower forms of this service can also be defined,

including the protection of a single message or even specific fields within a message.

These refinements are less useful than the broad approach and may even be more

complex and expensive to implement.

The other aspect of confidentiality is the protection of traffic flow from analysis.

This requires that an attacker not be able to observe the source and destination, frequency,

length, or other characteristics of the traffic on a communications facility.

Data Integrity

Can apply to a stream of messages, a single message, or selected fields within a message

Connection-oriented integrity service, one that deals with a stream of messages, assures that messages are received as sent with no duplication, insertion, modification, reordering, or replays

A connectionless integrity service, one that deals with individual messages without regard to any larger context, generally provides protection against message modification only

As with confidentiality, integrity can apply to a stream of messages, a single message,

or selected fields within a message. Again, the most useful and straightforward

approach is total stream protection.

A connection-oriented integrity service, one that deals with a stream of messages,

assures that messages are received as sent with no duplication, insertion,

modification, reordering, or replays. The destruction of data is also covered under

this service. Thus, the connection-oriented integrity service addresses both message

stream modification and denial of service. On the other hand, a connectionless integrity

service, one that deals with individual messages without regard to any larger

context, generally provides protection against message modification only.

We can make a distinction between service with and without recovery.

Because the integrity service relates to active attacks, we are concerned with detection

rather than prevention. If a violation of integrity is detected, then the service

may simply report this violation, and some other portion of software or human

intervention is required to recover from the violation. Alternatively, there are

mechanisms available to recover from the loss of integrity of data, as we will review

subsequently. The incorporation of automated recovery mechanisms is, in general,

the more attractive alternative.

Nonrepudiation

Prevents either sender or receiver from denying a transmitted message

When a message is sent, the receiver can prove that the alleged sender in fact sent the message

When a message is received, the sender can prove that the alleged receiver in fact received the message

Nonrepudiation prevents either sender or receiver from denying a transmitted message.

Thus, when a message is sent, the receiver can prove that the alleged sender in

fact sent the message. Similarly, when a message is received, the sender can prove

that the alleged receiver in fact received the message.

Availability Service

Protects a system to ensure its availability

This service addresses the security concerns raised by denial-of-service attacks

It depends on proper management and control of system resources and thus depends on access control service and other security services

Availability is the property of a system or a

system resource being accessible and usable upon demand by an authorized system

entity, according to performance specifications for the system (i.e., a system is available

if it provides services according to the system design whenever users request

them). A variety of attacks can result in the loss of or reduction in availability. Some

of these attacks are amenable to automated countermeasures, such as authentication

and encryption, whereas others require some sort of physical action to prevent

or recover from loss of availability of elements of a distributed system.

X.800 treats availability as a property to be associated with various security

services. However, it makes sense to call out specifically an availability service. An

availability service is one that protects a system to ensure its availability. This service

addresses the security concerns raised by denial-of-service attacks. It depends

on proper management and control of system resources and thus depends on access

control service and other security services.

Security Mechanisms (1 of 2)

Cryptographic algorithms: We can distinguish between reversible cryptographic mechanisms and irreversible cryptographic mechanisms. A reversible cryptographic mechanism is simply an encryption algorithm that allows data to be encrypted and subsequently decrypted. Irreversible cryptographic mechanisms include hash algorithms and message authentication codes, which are used in digital signature and message authentication applications.

Data integrity: This category covers a variety of mechanisms used to assure the integrity of a data unit or stream of data units.

Digital signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

Figure 1.2c lists the most important security mechanism discussed in this book. These mechanisms will be covered in the appropriate places in the book. So, we do not elaborate now, except to provide the following brief definitions.

■ Cryptographic algorithms: We can distinguish between reversible cryptographic mechanisms and irreversible cryptographic mechanisms. A reversible cryptographic mechanism is simply an encryption algorithm that allows data to be encrypted and subsequently decrypted. Irreversible cryptographic mechanisms include hash algorithms and message authentication codes, which are used in digital signature and message authentication applications.

■ Data integrity: This category covers a variety of mechanisms used to assure the integrity of a data unit or stream of data units.

■ Digital signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

■ Authentication exchange: A mechanism intended to ensure the identity of an entity by means of information exchange.

■ Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.

■ Routing control: Enables selection of particular physically or logically secure routes for certain data and allows routing changes, especially when a breach of security is suspected.

■ Notarization: The use of a trusted third party to assure certain properties of a data exchange

■ Access control: A variety of mechanisms that enforce access rights to resources.

Security Mechanisms (2 of 2)

Authentication exchange: A mechanism intended to ensure the identity of an entity by means of information exchange.

Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.

Routing control: Enables selection of particular physically or logically secure routes for certain data and allows routing changes, especially when a breach of security is suspected.

Notarization: The use of a trusted third party to assure certain properties of a data exchange

Access control: A variety of mechanisms that enforce access rights to resources.

■ Data integrity: This category covers a variety of mechanisms used to assure the integrity of a data unit or stream of data units.

■ Authentication exchange: A mechanism intended to ensure the identity of an entity by means of information exchange.

■ Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.

■ Routing control: Enables selection of particular physically or logically secure routes for certain data and allows routing changes, especially when a breach of security is suspected.

■ Notarization: The use of a trusted third party to assure certain properties of a data exchange

■ Access control: A variety of mechanisms that enforce access rights to resources.

Figure 1.4 Cryptographic Algorithms

Cryptographic algorithms can be divided into three categories (Figure 1.4):

Keyless: Do not use any keys during cryptographic transformations.

Single-key: The result of a transformation are a function of the input data and

a single key, known as a secret key.

Two-key: At various stages of the calculation, two different but related keys are used, referred to as private key and public key.

Keyless Algorithms

Deterministic functions that have certain properties useful for cryptography

One type of keyless algorithm is the cryptographic hash function

A hash function turns a variable amount of text into a small, fixed-length value called a hash value, hash code, or digest

A cryptographic hash function is one that has additional properties that make it useful as part of another cryptographic algorithm, such as a message authentication code or a digital signature

A pseudorandom number generator produces a deterministic sequence of numbers or bits that has the appearance of being a truly random sequence

Keyless algorithms are deterministic functions that have certain properties useful for cryptography.

One important type of keyless algorithm is the cryptographic hash function. A hash function turns a variable amount of text into a small, fixed-length value called a hash value, hash code, or digest. A cryptographic hash function is one that has additional properties that make it useful as part of another cryptographic algorithm, such as a message authentication code or a digital signature.

A pseudorandom number generator produces a deterministic sequence of numbers or bits that has the appearance of being a truly random sequence. Although the sequence appears to lack any definite pattern, it will repeat after a certain sequence length. Nevertheless, for some cryptographic purposes this apparently random sequence is sufficient.

Single-Key Algorithms (1 of 3)

Single-key cryptographic algorithms depend on the use of a secret key

Encryption algorithms that use a single key are referred to as symmetric encryption algorithms

With symmetric encryption, an encryption algorithm takes as input some data to be protected and a secret key and produces an unintelligible transformation on that data

A corresponding decryption algorithm takes the transformed data and the same secret key and recovers the original data

Single-key cryptographic algorithms depend on the use of a secret key. This key may be known to a single user; for example, this is the case for protecting stored data that is only going to be accessed by the data creator. Commonly, two parties share the

secret key so that communication between the two parties is protected. For certain applications, more than two users may share the same secret key. In this last case, the algorithm protects data from those outside the group who share the key.

Encryption algorithms that use a single key are referred to as symmetric encryption algorithms. With symmetric encryption, an encryption algorithm takes as input some data to be protected and a secret key and produces an unintelligible transformation on that data. A corresponding decryption algorithm takes the transformed data and the same secret key and recovers the original data. Symmetric encryption takes the following forms:

■ Block cipher: A block cipher operates on data as a sequence of blocks. A typical block size is 128 bits. In most versions of the block cipher, known as modes of operation, the transformation depends not only on the current data block and the secret key but also on the content of preceding blocks.

■ Stream cipher: A stream cipher operates on data as a sequence of bits. Typically, an exclusive-OR operation is used to produce a bit-by-bit transformation. As with the block cipher, the transformation depends on a secret key.

Single-Key Algorithms (2 of 3)

Symmetric encryption takes the following forms:

Block cipher

A block cipher operates on data as a sequence of blocks

In most versions of the block cipher, known as modes of operation, the transformation depends not only on the current data block and the secret key but also on the content of preceding blocks

Stream cipher

A stream cipher operates on data as a sequence of bits

As with the block cipher, the transformation depends on a secret key

Single-Key Algorithms (3 of 3)

Another form of single-key cryptographic algorithm is the message authentication code (M A C)

A M A C is a data element associated with a data block or message

The M A C is generated by a cryptographic transformation involving a secret key and, typically, a cryptographic hash function of the message

The M A C is designed so that someone in possession of the secret key can verify the integrity of the message

The recipient of the message plus the M A C can perform the same calculation on the message; if the calculated M A C matches the M A C accompanying the message, this provides assurance that the message has not been altered

Another form of single-key cryptographic algorithm is the message authentication code (MAC). A MAC is a data element associated with a data block or message. The MAC is generated by a cryptographic transformation involving a secret key and, typically, a cryptographic hash function of the message. The MAC is designed so that someone in possession of the secret key can verify the integrity of the message. Thus, the MAC algorithm takes as input a message and secret key and produces the MAC. The recipient of the message plus the MAC can perform the same calculation on the message; if the calculated MAC matches the MAC accompanying the message, this provides assurance that the message has not been altered.

Asymmetric Algorithms

Encryption algorithms that use a single key are referred to as asymmetric encryption algorithms

Digital signature algorithm

A digital signature is a value computed with a cryptographic algorithm and associated with a data object in such a way that any recipient of the data can use the signature to verify the data’s origin and integrity

Key exchange

The process of securely distributing a symmetric key to two or more parties

User authentication

The process of authenticating that a user attempting to access an application or service is genuine and, similarly, that the application or service is genuine

Two-key algorithms involve the use of two related keys. A private key is known only to a single user or entity, whereas the corresponding public key is made available to a number of users. Encryption algorithms that use a single key are referred to as asymmetric encryption algorithms. Asymmetric encryption can work in two ways:

An encryption algorithm takes as input some data to be protected and the private key and produces an unintelligible transformation on that data. A corresponding decryption algorithm takes the transformed data and the corresponding public key and recovers the original data. In this case, only the possessor of the private key can have performed the encryption and any possessor of the public key can perform the decryption.

An encryption algorithm takes as input some data to be protected and a public key and produces an unintelligible transformation on that data. A corresponding decryption algorithm takes the transformed data and the corresponding private key and recovers the original data. In this case, any possessor of the public key can have performed the encryption and only the possessor of the private key can perform the decryption.

Asymmetric encryption has a variety of applications. One of the most important is the digital signature algorithm. A digital signature is a value computed with a cryptographic algorithm and associated with a data object in such a way that any recipient of the data can use the signature to verify the data’s origin and integrity. Typically, the signer of a data object uses the signer’s private key to generate the signature, and anyone in possession of the corresponding public key can verify that validity of the signature.

Asymmetric algorithms can also be used in two other important applications. Key exchange is the process of securely distributing a symmetric key to two or more parties. User authentication is the process of authenticating that a user attempting to access an application or service is genuine and, similarly, that the application or service is genuine. These concepts are explained in detail in subsequent chapters.

Figure 1.5 Key Elements of Network Security

Network security is a broad term that encompasses security of the communications pathways of the network and the security of network devices and devices attached to the network (Figure 1.5).

Communications Security

Deals with the protection of communications through the network, including measures to protect against both passive and active attacks

Communications security is primarily implemented using network protocols

A network protocol consists of the format and procedures that governs the transmitting and receiving of data between points in a network

A protocol defines the structure of the individual data units and the control commands that manage the data transfer

With respect to network security, a security protocol may be an enhancement that is part of an existing protocol or a standalone protocol

In the context of network security, communications security deals with the protection of communications through the network, including measures to protect against both passive and active attacks (Figure 1.3).

Communications security is primarily implemented using network protocols. A network protocol consists of the format and procedures that governs the transmitting and receiving of data between points in a network. A protocol defines the structure of the individual data units (e.g., packets) and the control commands that manage the data transfer.

With respect to network security, a security protocol may be an enhancement that is part of an existing protocol or a standalone protocol. Examples of the former are IPsec, which is part of the Internet Protocol (IP) and IEEE 802.11i, which is part of the IEEE 802.11 Wi-Fi standard. Examples of the latter are Transport Layer Security (TLS) and Secure Shell (SSH). Part Six examines these and other secure network protocols.

One common characteristic of all of these protocols is that they use a number of cryptographic algorithms as part of the mechanism to provide security.

Device Security (1 of 2)

The other aspect of network security is the protection of network devices, such as routers and switches, and end systems connected to the network, such as client systems and servers

The primary security concerns are intruders that gain access to the system to perform unauthorized actions, insert malicious software (malware), or overwhelm system resources to diminish availability

The other aspect of network security is the protection of network devices, such as routers and switches, and end systems connected to the network, such as client systems and servers. The primary security concerns are intruders that gain access to the system to perform unauthorized actions, insert malicious software (malware), or overwhelm system resources to diminish availability. Three types of device security are noteworthy:

■ Firewall: A hardware and/or software capability that limits access between a network and device attached to the network, in accordance with a specific security policy. The firewall acts as a filter that permits or denies data traffic, both incoming and outgoing, based on a set of rules based on traffic content and/or traffic pattern.

■ Intrusion detection: Hardware or software products that gather and analyze information from various areas within a computer or a network for the purpose of finding, and providing real-time or near-real-time warning of, attempts to access system resources in an unauthorized manner.

■ Intrusion prevention: Hardware or software products designed to detect intrusive activity and attempt to stop the activity, ideally before it reaches its target.

These device security capabilities are more closely related to the field of computer security than network security. Accordingly, they are dealt with more briefly than communications security in Part Six. For a more detailed treatment, see [STAL18].

Device Security (2 of 2)

Three types of device security are:

Firewall

A hardware and/or software capability that limits access between a network and device attached to the network, in accordance with a specific security policy. The firewall acts as a filter that permits or denies data traffic, both incoming and outgoing, based on a set of rules based on traffic content and/or traffic pattern

Intrusion detection

Hardware or software products that gather and analyze information from various areas within a computer or a network for the purpose of finding, and providing real-time or near-real-time warning of, attempts to access system resources in an unauthorized manner

Intrusion prevention

Hardware or software products designed to detect intrusive activity and attempt to stop the activity, ideally before it reaches its target

■ Intrusion prevention: Hardware or software products designed to detect intrusive activity and attempt to stop the activity, ideally before it reaches its target.

Trust Model (1 of 2)

One of the most widely accepted and most cited definitions of trust is:

“the willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party”

One of the most widely accepted and most cited definitions of trust in the organizational science literature is from [MAYE95], which defines trust as follows: the willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party.

Three related concepts are relevant to a trust model:

■ Trustworthiness: A characteristic of an entity that reflects the degree to which that entity is deserving of trust.

■ Propensity to trust: A tendency to be willing to trust others across a broad spectrum of situations and trust targets. This suggests that every individual has some baseline level of trust that will influence the person’s willingness to rely on the words and actions of others.

■ Risk: A measure of the extent to which an entity is threatened by a potential circumstance or event, and typically a function of 1) the adverse impacts that would arise if the circumstance or event occurs; and 2) the likelihood of occurrence.

Trust Model (2 of 2)

Three related concepts are relevant to a trust model:

Trustworthiness: A characteristic of an entity that reflects the degree to which that entity is deserving of trust

Propensity to trust: A tendency to be willing to trust others across a broad spectrum of situations and trust targets. This suggests that every individual has some baseline level of trust that will influence the person’s willingness to rely on the words and actions of others

Risk: A measure of the extent to which an entity is threatened by a potential circumstance or event, and typically a function of 1) the adverse impacts that would arise if the circumstance or event occurs; and 2) the likelihood of occurrence

Three related concepts are relevant to a trust model:

■ Trustworthiness: A characteristic of an entity that reflects the degree to which that entity is deserving of trust.

Figure 1.6 Trust Model

Figure 1.6, adapted from [MAYE95], illustrates the relationship among these concepts. Propensity can also be expressed as the level of risk that an entity (individual or organization) is prepared to tolerate.

Typically, a trustor uses a number of factors to establish the trustworthiness of an entity. Three general factors are commonly cited:

■ Ability: Also referred to as competence, this relates to the potential ability of the evaluated entity to do a given task or be entrusted with given information.

■ Benevolence: This implies a disposition of goodwill towards the trusting party. That is, a trustworthy party does not intend to cause harm to the trusting party.

■ Integrity: This can be defined as the trustor’s perception that the trustee adheres to a set of principles that the trustor finds acceptable. Integrity implies that a benevolent party takes such measures are necessary to assure that it in fact does not cause harm to the trusting party.

The goal of trust, in the model of Figure 1.6, is to determine what course of action, if any, the trusting party is willing to take in relation to the trusted party. Based on the level of trust, and the perceived risk, the trusting party may decide to take some action the involves some degree of risk taking. The outcome of the risk taking could be a reliance on the trusted party to perform some action or the disclosure of information to the trusted party with the expectation that the information will be protected as agreed between the parties.

The Trust Model and Information Security

Trust is confidence that an entity will perform in a way that will not prejudice the security of the user of the system of which that entity is a part

Trust is always restricted to specific functions or ways of behavior and is meaningful only in the context of a security policy

Generally, an entity is said to trust a second entity when the first entity assumes that the second entity will behave exactly as the first entity expects

In this context, the term entity may refer to a single hardware component or software module, a piece of equipment identified by make and model, a site or location, or an organization

Trust is confidence that an entity will perform in a way that will not prejudice the security of the user of the system of which that entity is a part. Trust is always restricted to specific functions or ways of behavior and is meaningful only in the context of a security policy. Generally, an entity is said to trust a second entity when the first entity assumes that the second entity will behave exactly as the first entity expects. This trust may apply only for some specific function. In this context, the term entity may refer to a single hardware component or software module, a piece of equipment identified by make and model, a site or location, or an organization.

Trustworthiness of an Individual (1 of 2)

Organizations need to be concerned about both internal users (employees, on-site contractors) and external users (customers, suppliers) of their information systems

With respect to internal users, an organization develops a level of trust in individuals by policies in the following two areas:

Human resource security

Sound security practice dictates that information security requirements be embedded into each stage of the employment life cycle, specifying security-related actions required during the induction of each individual, their ongoing management, and termination of their employment. Human resource security also includes assigning ownership of information (including responsibility for its protection) to capable individuals and obtaining confirmation of their understanding and acceptance

Organizations need to be concerned about both internal users (employees, on-site contractors) and external users (customers, suppliers) of their information systems. With respect to internal users, an organization develops a level of trust in individuals by policies in the following two areas [STAL19]:

■ Human resource security: Sound security practice dictates that information security requirements be embedded into each stage of the employment life cycle, specifying security-related actions required during the induction of each individual, their ongoing management, and termination of their employment. Human resource security also includes assigning ownership of information (including responsibility for its protection) to capable individuals and obtaining confirmation of their understanding and acceptance.

■ Security awareness and training: This area refers to disseminating security information to all employees, including IT staff, IT security staff, and management, as well as IT users and other employees. A workforce that has a high level of security awareness and appropriate security training for each individual’s role is as important, if not more important, than any other security countermeasure or control.

For external users, trust will depend on the context. In general terms, the factors of perceived trustworthiness and the trustor’s propensity, as depicted in Figure 1.6, determine the level of trust. Further, the issue of trust is mutual. That is, not only must an organization determine a level of trust towards external users, but external users need to be concerned about the degree to which they can trust an information resource that they use. This mutual trust involves a number a practical consequences, including the use of a public-key infrastructure and user authentication protocols. These matters are explored in Part Five.

Trustworthiness of an Individual (2 of 2)

Security awareness and training

This area refers to disseminating security information to all employees, including I T staff, I T security staff, and management, as well as I T users and other employees. A workforce that has a high level of security awareness and appropriate security training for each individual’s role is as important, if not more important, than any other security countermeasure or control

Trustworthiness of an Organization

Most organizations rely on information system service and information provided by external organizations, as well as partnerships to accomplish missions and business functions (examples are cloud service providers and companies that form part of the supply chain for the organization)

To manage risk to the organization, it must establish trust relationships with these external organizations

N I S T S P 800-39 (Managing Information Security Risk, March 2011) indicates that such trust relationships can be:

Formally established, for example, by documenting the trust-related information in contracts, service-level agreements, statements of work, memoranda of agreement/understanding, or interconnection security agreements

Scalable and inter-organizational or intra-organizational in nature

Represented by simple (bilateral) relationships between two partners or more complex many-to-many relationships among many diverse partners

Most organizations rely, to a greater or lesser extent, on information system service and information provided by external organizations, as well as partnerships to accomplish missions and business functions. Examples are cloud service providers and companies that form part of the supply chain for the organization. To manage risk to the organization, it must establish trust relationships with these external organizations. NIST SP 800-39 (Managing Information Security Risk, March 2011) indicates that such trust relationships can be:

■ Formally established, for example, by documenting the trust-related information in contracts, service-level agreements, statements of work, memoranda of agreement/understanding, or interconnection security agreements;

■ Scalable and inter-organizational or intra-organizational in nature; and/or

■ Represented by simple (bilateral) relationships between two partners or more

complex many-to-many relationships among many diverse partners.

The requirements for establishing and maintaining trust depend on mission/business requirements, the participants involved in the trust relationship, the criticality/sensitivity of the information being shared or the types of services being rendered, the history between the organizations, and the overall risk to the organizations participating in the relationship.

As with individuals, trust related to organizations can involve the use of public-key infrastructure and user authentication, as well as the network security measures described in Part Six.

Trustworthiness of Information Systems

S P 800-39 defines trustworthiness for information systems as

“the degree to which information systems (including the information technology products from which the systems are built) can be expected to preserve the confidentiality, integrity, and availability of the information being processed, stored, or transmitted by the systems across the full range of threats”

Two factors affecting the trustworthiness of information systems are:

Security functionality: The security features/functions employed within the system. These include cryptographic and network security technologies

Security assurance: The grounds for confidence that the security functionality is effective in its application. This area is addressed by security management techniques, such as auditing and incorporating security considerations into the system development life cycle

SP 800-39 defines trustworthiness for information systems as the degree to which information systems (including the information technology products from which the systems are built) can be expected to preserve the confidentiality, integrity, and availability of the information being processed, stored, or transmitted by the systems across the full range of threats. Two factors affecting the trustworthiness of information systems are:

■ Security functionality: The security features/functions employed within the system. These include cryptographic and network security technologies discussed throughout this book.

■ Security assurance: The grounds for confidence that the security functionality is effective in its application. This area is addressed by security management techniques, such as auditing and incorporating security considerations into the system development life cycle [STAL19].

Establishing Trust Relationships

Validated trust:

Trust is based on evidence obtained by the trusting organization about the trusted organization or entity. The information may include information security policy, security measures, and level of oversight

Direct historical trust:

This type of trust is based on the security-related track record exhibited by an organization in the past, particularly in interactions with the organization seeking to establish trust

Mediated trust:

Mediated trust involves the use of a third party that is mutually trusted by two parties, with the third party providing assurance or guarantee of a given level of trust between the first two parties

Mandated trust:

An organization establishes a level of trust with another organization based on a specific mandate issued by a third party in a position of authority

The methods used by an organization to establish a trust relationship with various entities will depend on a variety of factors, such as laws and regulations, risk tolerance, and the criticality and sensitivity of the relationship. SP 800-39 describes the following methods:

■ Validated trust: Trust is based on evidence obtained by the trusting organization about the trusted organization or entity. The information may include information security policy, security measures, and level of oversight. An example for one organization to develop an application or information system and provides evidence (e.g., security plan, assessment results) to a second organization that supports the claims by the first organization that the application/system meets certain security requirements and/or addresses the appropriate security controls.

■ Direct historical trust: This type of trust is based on the security-related track record exhibited by an organization in the past, particularly in interactions with the organization seeking to establish trust.

■ Mediated trust: Mediated trust involves the use of a third party that is mutually trusted by two parties, with the third party providing assurance or guarantee of a given level of trust between the first two parties. An example of this form of trust establishment is the use of public-key certificate authorities, described in Chapter 14.

■ Mandated trust: An organization establishes a level of trust with another organization based on a specific mandate issued by a third party in a position of authority. For example, an organization may be given the responsibility and the authority to issue public key certificates for a group of organizations.

An organization is likely to use a combination of these methods to establish relationships with a number of other entities.

Standards (1 of 2)

National Institute of Standards and Technology:

N I S T is a U.S. federal agency that deals with measurement science, standards, and technology related to U.S. government use and to the promotion of U.S. private-sector innovation. Despite its national scope, N I S T Federal Information Processing Standards (F I P S) and Special Publications (S P) have a worldwide impact

Internet Society:

I S O C is a professional membership society with worldwide organizational and individual membership. It provides leadership in addressing issues that confront the future of the Internet and is the organization home for the groups responsible for Internet infrastructure standards, including the Internet Engineering Task Force (I E T F) and the Internet Architecture Board (I A B). These organizations develop Internet standards and related specifications, all of which are published as Requests for Comments (R F C s).

Many of the security techniques and applications described in this book have been specified as standards. Additionally, standards have been developed to cover management practices and the overall architecture of security mechanisms and services. Throughout this book, we describe the most important standards in use or being developed for various aspects of cryptography and network security. Various organizations have been involved in the development or promotion of these standards. The most important (in the current context) of these organizations are as follows:

■ National Institute of Standards and Technology: NIST is a U.S. federal agency that deals with measurement science, standards, and technology related to U.S. government use and to the promotion of U.S. private-sector innovation. Despite its national scope, NIST Federal Information Processing Standards (FIPS) and Special Publications (SP) have a worldwide impact.

■ Internet Society: ISOC is a professional membership society with worldwide organizational and individual membership. It provides leadership in addressing issues that confront the future of the Internet and is the organization home for the groups responsible for Internet infrastructure standards, including the Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB). These organizations develop Internet standards and related specifications, all of which are published as Requests for Comments (RFCs).

■ ITU-T: The International Telecommunication Union (ITU) is an international organization within the United Nations System in which governments and the private sector coordinate global telecom networks and services. The ITU Telecommunication Standardization Sector (ITU-T) is one of the three sectors of the ITU. ITU-T’s mission is the development of technical standards covering all fields of telecommunications. ITU-T standards are referred to as Recommendations.

■ ISO: The International Organization for Standardization (ISO) is a worldwide federation of national standards bodies from more than 140 countries, one from each country. ISO is a nongovernmental organization that promotes the development of standardization and related activities with a view to facilitating the international exchange of goods and services and to developing cooperation in the spheres of intellectual, scientific, technological, and economic activity. ISO’s work results in international agreements that are published as International Standards.

Standards (2 of 2)

I T U-T:

The International Telecommunication Union (I T U) is an international organization within the United Nations System in which governments and the private sector coordinate global telecom networks and services. The I T U Telecommunication Standardization Sector (I T U-T) is one of the three sectors of the I T U. I T U-T’s mission is the development of technical standards covering all fields of telecommunications. I T U-T standards are referred to as Recommendations

I S O:

The International Organization for Standardization (I S O) is a worldwide federation of national standards bodies from more than 140 countries, one from each country. I S O is a nongovernmental organization that promotes the development of standardization and related activities with a view to facilitating the international exchange of goods and services and to developing cooperation in the spheres of intellectual, scientific, technological, and economic activity. I S O’s work results in international agreements that are published as International Standards

Summary

Describe the key security requirements of confidentiality, integrity, and availability

List and briefly describe key organizations involved in cryptography standards

Provide an overview of keyless, single-key and two-key cryptographic algorithms

Provide an overview of the main areas of network security

Describe a trust model for information security

Discuss the types of security threats and attacks that must be dealt with and give examples of the types of threats and attacks that apply to different categories of computer and network assets

Chapter 1 summary.

This work is protected by United States copyright laws and is provided solely for the use of instructors in teaching their courses and assessing student learning. Dissemination or sale of any part of this work (including on the World Wide Web) will destroy the integrity of the work and is not permitted. The work and materials from it should never be made available to students except by instructors using the accompanying text in their classes. All recipients of this work are expected to abide by these restrictions and to honor the intended pedagogical purposes and the needs of other instructors who rely on these materials.

.MsftOfcThm_Text1_Fill { fill:#000000; } .MsftOfcThm_MainDark1_Stroke { stroke:#000000; }

dq

Calculate the price of your order

Essay Writing Service