add notes for chapter 15

1 files changed, 95 insertions, 0 deletions

diff --git a/doc/15.md b/doc/15.md
new file mode 100644
index 0000000..7270405
--- /dev/null
+++ b/doc/15.md
@@ -0,0 +1,95 @@
+# Security
+
+Security requires a protection system but also consideration of the external environment.
+
+A system is `secure` if its resources are used and accessed as intended under all circumstances.
+Total security cannot be achieved.
+
+Security Violations:
+
+* breach of confidentiality: unauthorized reading of data.
+* breach of integrity: unauthorized modification of data.
+* breach of availability: unauthorized destruction of data.
+* theft of service: unauthorized use of resources.
+* denial of service: preventing legitimate use of the system.
+
+Protecting a system:
+
+* Physical: secure physical site and/or computer(s).
+* Human: authorization of users. phishing, password re-use.
+* Operating system: system must protect itself from security breaches.
+* Network: Interception of data, interruption of communication.
+
+Trojan Horse: A code segment that misuses its environment. (e.g. spyware)
+Trap door: a hole left in the system usable by the creator of a program.
+Logic bomb: code written to detect a certain condition and executes when it occurs.
+Buffer Overflow: pop a shell.
+Virus: a fragment of code embedded in a legitimate program.
+Worm: a process that uses the `spawn` mechanism to duplicate itself.
+Port Scanning: detects what ports are open on systems in a network.
+Denial of Service: disrupting legitimate use of a system.
+
+Protection mechanisms:
+
+Cryptography: used to constrain the potential senders and/or receivers of a message.
+Encryption: used to send messages securely across the network, protect data, files, disks etc.
+
+
+Encryption algorithm consists of the following components:
+
+* A set of `K` of keys.
+* A set of `M` of messages.
+* A set of `C` of ciphertexts.
+* An encrypting function `E : K -> (M -> C)`
+* A decrypting function `D : K -> (C -> M)`
+
+Symmetric Encryption: same key is used to encrypt and decrypt.
+Asymmetric Encryption: different encryption and decryption keys.
+
+RSA is the most widely used asymmetric encryption algorithm. (elliptic curves uses shorter keys with same cryptographic strength)
+
+```plaintext
+Ke: public_key
+Kd: private_key
+N: (p * q) # two large prime numbers.
+
+Eke,N(m) = m^ke mod N: encryption
+```
+
+Authentication: constraining set of potential senders of a message.
+
+A `hash function` produces a fixed-size block of data called a `message digest` or `hash value` from message `m`.
+
+Authentication algorithms:
+
+* message-authentication code MAC: a crypto checksum is generated from the message using a secret key. The key must be shared to authenticate.
+* digital-signature: enable anyone to verify authenticity of a message.
+
+
+## Key distribution
+
+* out of band: share key via paper or conversation.
+
+digital certificate: is a public key digitially signed by a trusted party.
+certificate authority: have their public keys included within web browsers.
+
+## implementation
+
+```plaintext
+   ----------------
+   | Application  |
+   ----------------
+   | Presentation |
+   ----------------
+   | Session      |
+   ----------------     -------------
+   | Transport    |     | SSL/TLS   |
+   ----------------     -------------
+   | Network      |     | IPSec/IKE |
+   ----------------     -------------
+   | Data link    |
+   ----------------
+   | Physical     |
+   ----------------
+```
+