Information Security

Security Kernels
Security kernels, also known as secure kernels or trusted kernels, area
fundamental component of secure operating systems. A security kernel is
responsible for enforcing the security policies and mechanisms of an operating
system, providing a trusted execution environment for critical operations and
protecting the system from unauthorized access and malicious activities.

Here are some key characteristics and functions of security kernels:

1- Isolation:

A security kernel is designed to isolate critical system functions and sensitive

resources from less trusted components of the OS.

• It ensures that different processes and components run in separate and

protected domains, preventing unauthorized access or interference.

2- Access Control:

Security kernels enforce access control policies, determining which processes or

users have permissions to access specific resources or perform certain operations.
Access control mechanisms, such as mandatory access control (MAC)or
discretionary access control (DAC), are implemented and enforced by the security
kernel.

3- Privilege Separation:
Information Security
Security kernels separate different levels of privileges within the operating
system. They define different privilege levels, such as user mode and kernel
mode, and restrict direct access to privileged operations and system resources.
This separation helps prevent unauthorized access and privilege escalation.

4- Trusted Computing Base (TCB):

The security kernel forms the core of the trusted computing base, which includes
all the components necessary to enforce security policies. The totality of
protection mechanisms within a computer system —including hardware,
firmware, and software — the combination of which is responsible for enforcing a
security policy.

A TCB consists of one or more components that together enforce a unified

security policy over a product or system. The ability of a trusted computing base
to correctly enforce a security policy depends solely on the mechanisms within
the TCB and on the correct input by system administrative personnel of
parameters (e.g.,a user’s clearance) related to the security policy.

5- Verification and Assurance:

Security kernels undergo rigorous testing, verification, and evaluation to ensure

their correctness, reliability, and resistance to attacks. They are subject to security
certifications and evaluations to provide assurance that they meet defined
security requirements.

6- Security Policy Enforcement:

Security Kernels implement and enforce security policies defined by the

operating system or the organization. These policies can include authentication
mechanisms, access control rules, audit logging, intrusion detection, and other
security-related configurations.

7- Tamper Resistance:

Security kernels employ various techniques to resist tampering and unauthorized

modifications. They employ cryptographic mechanisms, secure boot processes,
Information Security
integrity checks, and other security measures to ensure the integrity and
authenticity of the kernel and critical system components.

Security kernels play a critical role in providing a trusted execution environment

and enforcing security policies within an operating system. By isolating critical
functions, enforcing access control, and separating privileges, they contribute to
the overall security and integrity of the system.

Encryption
Encryption is a fundamental technique used in information security to protect the
confidentiality and integrity of data. It involves the process of converting plain
text or data into an encoded form called cipher text, which can only be accessed
and understood by authorized parties with the corresponding decryption key.

Key Terms

Cryptography comes from the Greek words krypton, meaning “hidden, “and
graphy, meaning “to write,” and involves making and using codes to secure
messages.

Cryptanalysis involves cracking or breaking encrypted messages back into their

unencrypted origins. Cryptography uses mathematical algorithms that are usually
known to all.

After all, cryptography is not the knowledge of the algorithm that protects the
encrypted message, it’s the knowledge of the key, a series of characters or bits
injected into the algorithm along with the original message to create the
encrypted message.

Cipher: When used as a verb, the transformation of the individual components

(characters, bytes, or bits) of an unencrypted

message into encrypted components or vice versa;

Cipher: When used as a noun, the process of encryption or the algorithm used in
encryption, and a term synonymous with cryptosystem.
Information Security
Encryption (Encipher): The process of converting an original message (plaintext)
into a form that cannot be used by unauthorized individuals (cipher text ). Also
referred to as enciphering. Encryption renders the data contents to unreadable
and inaccessible form, unless one have the decryption key.

Decryption (Decipher): The process of converting an encoded or enciphered

message (cipher text) back to its original readable form (plaintext). Also referred
to as deciphering. Decryption requires two elements: the correct password and
the corresponding decryption algorithm.

Plaintext or clear text: is an unencrypted , readable, plain message that anyone

can read.

Cipher text: is the result of the encryption process. The encrypted plaintext
appears as apparently random strings of characters.

Algorithm: The mathematical formula or method used to convert an unencrypted

message into an encrypted message. This sometimes refers to the programs that
enable the cryptographic processes.

Code: The process of converting components (words/ phrases) of an unencrypted

message into encrypted components.

Bit stream cipher: An encryption method that involves converting plaintext to

cipher text one bit at a time.

Block cipher: An encryption method that involves dividing the plaintext into
blocks or sets of bits and then converting the plaintext to cipher text one block at
a time.

Key or crypto variable: The information used in conjunction with the algorithm to
create the cipher text from the plaintext; it can be a series of bits used in a
mathematical algorithm or the knowledge of how to manipulate the
plaintext .Key tells the algorithm how to transform the plaintext into cipher text.
Information Security
Kerckhoffs's principle states that “only secrecy of the key provides security
”.Another law states that: “encrypted data is only as secure as its decryption key
”.These statements influence the role of encryption, and keys.

Keeping the details of an entire encryption algorithm secret is extremely difficult;

keeping a much smaller key secret is easier .The key locks and unlocks the
algorithm, allowing the encryption or decryption process to function.

Key space: The entire range of values that can be used to construct an individual
key .

Hash: When a website encrypts your password , it uses an encryption algorithm

to convert your plaintext password to a hash. A hash is different from encryption
in that once the data is hashed, it cannot be un hashed . Or rather, it is extremely
difficult. Hashing is really useful when you need to verify something’s
authenticity, but not have it read back.

Symmetric and Asymmetric Algorithms: two primary encryption algorithm types:

symmetric and asymmetric. They both encrypt data, but function in a slightly
different manner.

Symmetric algorithm: Also known as secret-key encryption, private Key

encryption or shared-key encryption. Uses the same key for both encryption and
decryption. Both parties must agree on the algorithm key before commencing
communication.

Advanced Encryption Standard (AES): A widely used symmetric encryption

algorithm known for its security and efficiency. It supports key sizes of 128, 192,
or 256 bits.

Data Encryption Standard (DES): An older symmetric encryption algorithm that

uses a 56-bit key. While DES is considered less secure by today's standards, it still
finds some limited use.

Triple Data Encryption Standard (3DES): It applies the DES algorithm three times
to each data block, providing a higher level of security than DES. 3DES supports
key sizes of 112 or 168 bits.
Information Security
Asymmetric algorithm: Also known as public-key encryption. Uses two different
keys: a public key and a private key. This enables secure encryption while
communicating without previously establishing a mutual algorithm. This is also
known as public key cryptology.

Rivest-Shamir-Adleman (RSA): One of the most widely used asymmetric

encryption algorithms. It uses the concept of public and private key pairs, with
encryption performed using the public key and decryption using the
corresponding private key.

Elliptic Curve Cryptography (ECC): An asymmetric encryption algorithm that is

gaining popularity due to its strong security with shorter key lengths compared to
RSA.ECC uses the mathematical properties of elliptic curves for encryption and
decryption.

Public and Private Keys: An asymmetric algorithm uses two keys: a public key and
a private key .The public key can be sent to other people, while the private key is
only known by the owner.

Well, anyone with the intended recipient's public key can encrypt a private
message for them, while the recipient can only read the contents of that message
provided they have access to the paired private key .

HTTPS: Hyper Text Transfer Protocol Secure (HTTPS) is a now widely implemented
security upgrade for the HTTP application protocol that is a foundation of the
internet as we know it. When using a HTTPS connection, your data is encrypted
using Transport Layer Security (TLS), protecting your data while in transit.

End-to-End Encryption: One of the biggest encryption buzzwords is that of end-

to-end encryption. Social messaging platform service WhatsApp began offering its
users end-to-end encryption (E2EE) in 2016, making sure their messages are
private at all times.

In the context of a messaging service, EE2E means that once you hit the send
button, the encryption remains in place until the recipient receives the messages.
Well, this means that the private key used for encoding and decoding your
Information Security
messages never leaves your device, in turn ensuring that no one but you can send
messages using your name (digital signature).