WEEK 5: Security Mechanisms and Applications - M199205zn/IAS-CS4 GitHub Wiki

Digital Signatures and Access Control

Digital Signatures

A digital signature is a cryptographic technique used to verify the authenticity and integrity of a message, document, or file. It acts like a fingerprint or a handwritten signature but is far more secure. Digital signatures are widely used in online transactions, software distribution, and secure communications.

How Digital Signatures Work

  1. Key Generation – A user generates a pair of cryptographic keys:
    • Private Key: Used to sign the data.
    • Public Key: Used to verify the signature.
  2. Signing Process – The sender uses their private key to create a signature based on the message content.
  3. Verification Process – The recipient uses the sender’s public key to validate the signature and confirm the message's authenticity.

Benefits of Digital Signatures

  • Authentication – Confirms that the message is from the sender.
  • Integrity – Ensures that the message has not been altered.
  • Non-repudiation – The sender cannot deny sending the message.

Access Control

Access control is a security mechanism that restricts unauthorized users from accessing certain resources, files, or data. It ensures that only authorized individuals can view or modify information.

Types of Access Control

  1. Discretionary Access Control (DAC) – The owner of the resource determines who can access it. Example: File permissions in Windows.
  2. Mandatory Access Control (MAC) – Access is based on security labels and classification levels. Example: Government and military systems.
  3. Role-Based Access Control (RBAC) – Access is assigned based on a user’s role in an organization. Example: Admins can edit files, while users can only view them.
  4. Attribute-Based Access Control (ABAC) – Access is based on attributes such as time, location, or device used. Example: Only allow access during working hours.

Conclusion

  • Digital Signatures provide authentication, integrity, and non-repudiation in communication.
  • Access Control ensures that only authorized users can access specific resources, preventing unauthorized data breaches.
  • Combining both techniques enhances security in online systems, such as banking, e-commerce, and healthcare platforms.