Key Generator and AES Demo Tool

 

 

As cryptographic systems are often working behind the scene, we, as end users, don’t have to know how they work to complete tasks and transactions in our daily digital life.

KeyGenerator_v12 is a simple tool designed to help my InfoSec students to learn the basic concept of key generation, symmetric encryption, hash, and Base64 encoding.

PS. KeyGenerator_v12 is a simple demo tool. When testing the Base64 encoding function, please don’t load files larger than 20KB or it takes considerable time to finish the task. Please be reminded that KeyGenerator_v12 is provided as is; the author, Wentz Wu and the company, Amicliens, won’t be liable for any indirect, punitive, special, or consequential damages under any circumstances, even if it’s based on negligence or we’ve been advised of the possibility of those damages.

References

Software Development Security

 

  • As an information systems security professional, why should you know how software is developed?
  • Think twice about the waterfall model and its influence on modern software development approaches.
  • What’s the difference between (information) system development life cycle and software development life cycle?
  • What is an information system? How do you apply the concepts of security requirements, security controls, and security objectives (CIA) to the information system?

Bell-LaPadula Model

BellLaPadula

  • The Bell LaPadula Model, as a finite state machine model, controls information flow for confidentiality with two security properties:
    • Simple: no read up
    • * (star): no write down
  • The Simple Security Property states that a subject (Bob) may not read the information at a higher sensitivity level (no read up).
  • The * (star) Security Property states that a subject (Bob) may not write information to an object at a lower sensitivity level (no write down).

Security Architecture and Engineering

togaf-library