February 2020

Scope of Variables

All variables in a program may not be accessible at all locations in that program. This depends on where you have declared a variable.
The scope of a variable determines the portion of the program where you can access a particular identifier. There are two basic scopes of variables in Python −
  • Global variables
  • Local variables


Global vs. Local variables

Variables that are defined inside a function body has a local scope, and those defined outside have a global scope.
This means that local variables can be accessed only inside the function in which they are declared, whereas global variables can be accessed throughout the program body by all functions. When you call a function, the variables declared inside it are brought into scope. Following is a simple example −

total = 0; # This is global variable.
# Function definition is here
def sum( arg1, arg2 ):
   # Add both the parameters and return them."
   total = arg1 + arg2; # Here total is local variable.
   print "Inside the function local total : ", total
   return total;

# Now you can call sum function
sum( 10, 20 );
print "Outside the function global total: ", total
When the above code is executed, it produces the following result −
Inside the function local total: 30
Outside the function global total :  0



The return statement

The return statement is used to exit a function and go back to the place from where it was called.The statement return [expression] exits a function, optionally passing back an expression to the caller. A return statement with no arguments is the same as return None.

Syntax of return
return [expression_list]
This statement can contain an expression which gets evaluated and the value is returned. If there is no expression in the statement or the return statement itself is not present inside a function, then the function will return the None object.
For example:-
All the above examples are not returning any value. You can return a value from a function as follows −
# Function definition is here
def sum( arg1, arg2 ):
   # Add both the parameters and return them."
   total = arg1 + arg2
   print "Inside the function : ", total
   return total;

# Now you can call sum function
total = sum( 10, 20 );
print "Outside the function : ", total
When the above code is executed, it produces the following result −
Inside the function: 30


Digital signatures

A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender such that they cannot deny sending it (authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.
A digital signature (NOT a digital certificate) is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.
A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real.

Digital certificate

An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply.
An individual wishing to send an encrypted message applies for a digital certificate from a Certificate Authority (CA). The CA issues an encrypted digital certificate containing the applicant's public key and a variety of other identification information. The CA makes its own public key readily available through print publicity or perhaps on the Internet.
The recipient of an encrypted message uses the CA's public key to decode the digital certificate attached to the message, verifies it as issued by the CA and then obtains the sender's public key and identification information held within the certificate. With this information, the recipient can send an encrypted reply. The most widely used standard for digital certificates is X.509.


NETWORK SECURITY

Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority.

Network security concerns:

Secrecy
Secrecy has to do with keeping information out of the hands of unauthorized users. This is what usually comes to mind when people think about network security.

Authentication
Authentication deals with determining whom you are talking to before revealing sensitive information or entering into a business deal.

Non-repudiation and Integrity Control
Non-repudiation deals related with signatures. Assurance that a message received was really the one sent and not something that a malicious adversary modified in transit or concocted.

Physical Security
It is the most fundamental of all security levels because it deals with securing your technology equipment from damage or theft, protecting it against accidental power surges, and the like.

Common Network security risks (attacks): -

wiretapping
Port scanner
Idle scan
Denial-of-service attack
Spoofing
Man in the middle
ARP poisoning
Smurf attack
Buffer overflow
Heap overflow
Format string attack
SQL injection
Cyber Attack

Network security management:

AAA (Tripple – A: Authentication, Authorization, Auditing)
Firewall & UTM (Unified Threat Management) system
Cryptography and encryption
VPN (Virtual Private Network)
Antivirus
Policies and guidelines
Physical security