Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 5:  Operational/Organizational Security (Domain 5.0; 15%)
      9  5.2  Disaster Recovery

Previous Topic/Section
5.2.1.1  Off-Site Storage
Previous Page
Pages in Current Topic/Section
1
Next Page
5.2.2.1  Alternate Sites
Next Topic/Section

5.2.2  Secure Recovery

Integrity is required to have a security guarantee. Typically, this is not found as part of the design of a computer system’s architecture. The University of Pennsylvania has developed a system they call AEGIS or Automated Recovery in a Secure Bootstrap Process.424 In brief, AEGIS assumes:

  • The system board has not been compromised.

  • A certificate authority is being used.

  • A trusted host exists for recovery purposes.

With these assumptions, there are six goals for AEGIS. They are:

  • Allow the AEGIS client and the trusted repository to mutually authenticate their identities with limited or no prior contact.

  • Prevent man in the middle attacks.

  • Prevent replay attacks.

  • Mitigate certain classes of denial of service attacks.

  • Allow the participating parties to agree upon a shared secret and secure manner in order to optimize future message authentication.

  • Be as simple as possible: Complexity breeds design in an application.

Quick navigation to subsections and regular topics in this section



 __________________

424. http://www.cs.columbia.edu/~angelos/Papers/reco.pdf

Previous Topic/Section
5.2.1.1  Off-Site Storage
Previous Page
Pages in Current Topic/Section
1
Next Page
5.2.2.1  Alternate Sites
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.