INSTITUTE OF TECHNOLOGY,.pdf Start answers to each question on a new page in your answer book Question 1 [25 marks] (i) Explain, using examples and illustrations, the meaning of the following terms:...

1 answer below »
2 hours online Security for Cloud & IOT exam


INSTITUTE OF TECHNOLOGY,.pdf Start answers to each question on a new page in your answer book Question 1 [25 marks] (i) Explain, using examples and illustrations, the meaning of the following terms: a) Fuzzing. b) Web Application Firewalls. c) Reverse proxies [12 Marks] (ii) Explain the basic MQTT topology and architecture. Ensure you outline the advantages of using MQTT over other protocols. [13 marks] Question 2 [25 marks] (i) Explain the various modes by which a LoRa device can be setup for secure communications with a server. [13 marks] (ii) Discuss the reasons behind Multi-factor authentication and describe how is it used to enhance access control. [12 marks] Question 3 [25 marks] (i) Discuss and compare the use of the STRIDE and ASF methodologies for ranking security threats. [13 marks] (ii) An IoT security system designer has recommended a design based on using TLS over UDP. Comment on whether you would recommend this solution or not, and if not, clearly explain what alternative design would you recommend instead, and why? [12 marks] Question 4 [25 marks] (i) Explain the steps required to attain a Public Key Certificate from a Certificate Authority, and describe the fields typically found in a standard X.509 Certificate? [13 marks] (ii) Discuss four Design Principles for Protection Mechanisms and how they can be used to enhance the security of applications in the cloud. [12 marks] Question 5 [25 marks] (i) Discuss the issues around data security in the public cloud including what aspects must be considered and draw comparisons with storage of data on local server. [12 marks] (ii) Discuss the reasons why a designer would choose symmetric versus asymmetric cryptography algorithms in a security protocol. Your answer should address at least five relevant discussion points. [13 marks] INSTITUTE OF TECHNOLOGY,.pdf Question 1 [25 marks] (i) Explain, using examples and illustrations, the meaning of the following terms: a) Single Sign On b) Mandatory and Discretionary Access Control [12 Marks] (ii) Compare 6LoWPAN and LPWAN topologies and clearly explain the reasons why we need both in order to create solutions that cover the different varieties of IoT sensors in the world. You should use topology diagrams in your answer. [13 marks] Question 2 [25 marks] (i) In terms of functionality, compare UDP and TCP, and clearly explain why UDP is very important for low powered cheap IoT sensor designs. [13 marks] (ii) Discuss the impact of cloud computing on the governance structure of its organisations [12 Marks] Question 3 [25 marks] (i) Explain why key distribution is a problem for symmetric key usage, and clearly describe how hybrid schemes using asymmetric and symmetric algorithms solve the problem of symmetric key distribution for HTTPS connections? [13 marks] (ii) Describe how a VM or container instance should be hardened for security before deployment to a public cloud? [12 marks] Question 4 [25 marks] (i) Explain how TLS can be compromised if one does not use perfect forward secrecy techniques using ephemeral keys [12 marks] (ii) Discuss Application Threat Modelling. Compare and give examples of two methodologies in your answer. [13 marks] Question 5 [25 marks] (i) Draw a typical SigFox topology and discuss security concerns of the system. Your answer should cover The SigFox Devices The SigFox Radio links The back end Server links. [13 marks] (ii) Discuss this statement detailing the problems and recommending solutions. [12 marks]
Answered 2 days AfterJan 05, 2021

Answer To: INSTITUTE OF TECHNOLOGY,.pdf Start answers to each question on a new page in your answer book...

Swapnil answered on Jan 08 2021
153 Votes
1)
1)
Cloud security is a problem as the cloud uses the unsecured medium Internet to deliver its services. Thus it has a moral and customer obligation to protect the subscriber data from attackers and hackers. For thus cloud requires:
· Correct administration and security of the data on the network.
·
Strong encryption and access control mechanisms in place.
· Alerts to customers and administration when something wrong occurs.
· Relying upon and making processes and security policies strong and robust.
· Making subscriber data anonymous to the normal eye or third person's eye.
The cloud information and contents can be encrypted using the data-at-rest and data-in-transit encryption. Data at rest data means that the data is not moving from device to device and thus is stored in the cloud stationary. Also, Data in transit means that the data is in motion and moving from one location to another using the Internet. Thus there will be specific techniques for the encryption of data in both of these cases.
2)
CoAP stands for Constrained Application Protocol. Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. CoAP is designed to enable simple, constrained devices to join the IoT even through constrained networks with low bandwidth and low availability.
MQTT stands for Message Queue Telemetry Transport. MQTT or Message Queuing Telemetry Transport is a lightweight data centric protocol used to transport messages between devices with limited bandwidth. It is standardized by OASIS and is open source. It is generally used for remote connection communication where small code is required. It is used for data exchange and messaging in IOT technologies.
MQTT provides TLS/SSL internet security for encrypted and secure transmission of data. It is a lightweight protocol which is 2 bytes header which is thousand times less than 8000 bytes header of TCP. Less processing overhead for clients due to presence of broken which acts as server reducing the packets usage. It is well suited for IOT devices where the demand of low memory and low processing power devices is fulfilled by this protocol. It also operates at lowest possible energy which saves lot of battery life.
2)
1)
The TLS uses the Symmetric-key encryption technique. This methodology requires both the sender and receiver to share a secret key to encrypt (at the sender side) and decrypt(at the receiver's side) the message(data/fragment).
· In the case of public-key cryptography, there is a public and private key-pair generated to decrypt/encrypt the data, which is, in general, a slower process than the symmetric key encryption.
· Also, public-key cryptography is in general not preferred for a huge amount of application-layer data travel to transport layer because of its slowness.
· TLS uses symmetric key encryption also because it's less resource-hungry than public-key technique as the latter uses a key pair and also generates a larger amount of data...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here