The latest articles on DEV Community by Himanshu (@himanshu_raj55). https://dev.to/himanshu_raj55 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1707626%2Fabff4c80-5dbb-4c19-b398-5b456f910790.jpg https://dev.to/himanshu_raj55 en Himanshu Sun, 30 Jun 2024 19:29:56 +0000 https://dev.to/himanshu_raj55/access-control-models-in-cryptography-dme https://dev.to/himanshu_raj55/access-control-models-in-cryptography-dme <p>Access control models are used to only allows access to an authentic user or resource. These allows to create protocols as to who can use a particular resource in an organization.</p> <p>There are various access control models some of which are stated below:</p> <ol> <li><p>Discretionary access control: In discretionary access control the access control rules are create by the resource owner. Is considered less secure due to the possibility of the access protocols by the resource owner</p></li> <li><p>Mandatory access control: The access control is defined by a central authority based on predefined security rules. Access is based on classification of various users and resources. Used by military and goverment organization. Is more secure due to strict rules by the central authority</p></li> <li><p>Rule based access control: In rule based access control the access is defined based on rules defined by the system administrator. Is is similar to Mandatory access control but is more versatile. Can be used with other models as well</p></li> <li><p>Role based access control: The access control is based on roles. Can be used on corporate organizations. Is simple and straightforward. Flexible and simplifes the role as access basis</p></li> <li><p>Attribute based access control: The access granted is based on a variety of attributes , such as user attributes , resource attributes, environmental factors. Is very flexible model</p></li> <li><p>Context based access control: The access is based on context, such as user type, location ,timezone. Used in mobile and cloud communication</p></li> <li><p>Identitity based access control: The access is based on user identity. Can be user alongside DAC or other access control model</p></li> <li><p>Time based access control: The access is based on time intervals. Can be used by organizations with strict shift based policies</p></li> <li><p>Risk adaptive access control: The access is based of risk factors. Used by banks to decide whether to grant access considering mulitple risk factors</p></li> </ol> Himanshu Sun, 30 Jun 2024 16:36:16 +0000 https://dev.to/himanshu_raj55/confusion-vs-diffusion-in-cryptography-i0n https://dev.to/himanshu_raj55/confusion-vs-diffusion-in-cryptography-i0n <p>Confusion and Diffusion are essential concepts in cyrptography and network security. Both confusion and diffusion are cryptographic techniques that are used to stop the deduction of the secret writing key from the attacker.</p> <p>The major differences between confusion and diffusion are as follows:</p> <p>Confusion: Diffusion:</p> <ol> <li>In confusion the relationship between 1. In diffusion the the key and the ciphertext is obscured the relationship between the plaintext and ciphertext is obscured</li> <li>Confusion creates faint cipher text 2. Diffusion creates cryptic plain text</li> <li>Confusion uses substitution 3. Diffusion uses transposition</li> <li>Vagueness is increased in the 4. Redundancy is increased in resultant in the resultant</li> <li>Both stream and block cipher uses 5. Only block cipher uses confusion diffusion</li> </ol> cryptography cybersecurity cipher