Monthly Archives: July 2022
CISSP考試心得 – 林娟娟 (Chuan Chuan)
CISSP Member Count as of July 2022
CISSP考試心得 – 黃星評 (Kuro Huang)
Luminous Intensity and Photometry
Side-Channel Attack and TEMPEST Certification Program (TCP)
In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorithm itself (e.g. flaws found in a cryptanalysis of a cryptographic algorithm) or minor, but potentially devastating, mistakes or oversights in the implementation. (Cryptanalysis also includes searching for side-channel attacks.) Timing information, power consumption, electromagnetic leaks, and sound are examples of extra information which could be exploited to facilitate side-channel attacks.Source: Wikipedia
TEMPEST Certification Program
TEMPEST is a U.S. National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations. TEMPEST covers both methods to spy upon others and how to shield equipment against such spying. The protection efforts are also known as emission security (EMSEC), which is a subset of communications security (COMSEC).Source: Wikipedia
The TEMPEST Certification Program (TCP) consists of three closely related NSA programs: the Certified TEMPEST Products Program, the Certified TEMPEST Test Services Program, and the Zoned Equipment Program. Each of these programs involves partnerships with industrial companies.Source: NSA
Signal, Data, and Modulation
Signal, as a waveform, is the carrier of data. By alternating amplitude, frequency, phase, or any combination of them, the modulation process synthesizes the signal (as the carrier wave) and the data (as an input wave) and generates the modulated result. Modulation can be analog or digital.
There are many types of digital modulation techniques, for example:
- ASK – Amplitude Shift Keying
- FSK – Frequency Shift Keying
- PSK – Phase Shift Keying
Tutorialspoint.com has more.
A Router’s Layered Architecture and Software-Defined Technologies
A router is a device that forwards packets across various networks based on the routing table, which informs the decision of path selection per the distance-vector, link-state, or other criteria. A router is typically designed based on a layered architecture that isolates operations, such as data forwarding, route control, and system management so that they won’t interfere with one another.
A layer that shares common design concerns is also known as a plane in the architecture of a Cisco router; that is, the data plane, control plane, and management plane. The planes can be centralized, decentralized, or hybrid. A legacy router typically centralizes the data, control, and management planes. A Software-Defined Network (SDN) decentralizes the control plane to one or more standalone hosts called controllers. A hybrid approach employs controllers and keeps the control plane on discrete routers for performance and availability.Continue reading