Security in Computing, 4th Edition

2017-07-07 02:10:07

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

C1, TCSEC class

C2, TCSEC class 2nd

Cables, network

coaxial

eavesdropping

Ethernet

impedance

inductance

networking

UTP (unshielded twisted pair)

wiretapping

Caesar cipher

California Breach Act

CAN (campus area network)

CAN SPAM Act

Capability

Capability Maturity Model (CMM)

Capstone

Career computer criminals

CartManager International

CARVER (criticality, accessibility, recuperability, vulnerability, effect, and recognizability) method

Case studies

airport security

al Qaeda computer

analysis of Shakespeare's plays

attacker profile

"black hole" failure

business case

CartManager International

computerized text analysis

data mining

database integrity failure

database precision

deceptive practices

difficulties of securing code

e-mail theft

Hollywood

New Zealand Herald

Wilshire Associates, Inc.

Earl of Buckingham

ethical issues

accuracy of information

cracking

DoS (denial of service)

fraud

hacking

ownership of programs

privacy rights

proprietary resources

use of computer services

FAIS (Foreign Affairs Information System)

hacker sting operation

Hollywood e-mail theft

human fallibility

identity theft

JetBlue airlines

Kennedy, Edward

Key Online Banking

Lewis, John

Lloyd's Bank

mafia boss

microcontrollers in automobiles

MP3.com

Napster

online banking

PKI (public key infrastructure)

privacy

privacy, government intrusion

Icelandic DNA database

U.K. RIPA (Regulation of Investigatory Powers Act)

screening for terrorists

security, as add-on

silken codes

Stopford, Charlie

Torch Concepts

tracking Russian nuclear weapons

U.S Census Bureau

U.S. Government

audit data overload

security report card

V.A. (Veterans Administration)

Wilshire Associates, e-mail theft

wireless vulnerabilities

WW II

ASINTOER code

Enigma code machine

Japanese codes

poem codes

silken codes

Soviet Union codes

Catastrophe, recovering from [See Backing up data; Physical security; Recovery from backup.]

CCB (configuration and change control board)

CDs (compact disks)

copy protection 2nd

fair use

XCP (extended copy protection) rootkit

Census Bureau

Centralization

CERT (Computer Emergency Response Team)

Certificate authority 2nd

Certificates

authentication

encryption

encryption, uses for

trust

through common respected individual

without a single hierarchy

trust threshold

CGI (Common Gateway Interface)

Chain of custody

Chaining

Challenge, attack motive

Challenge-response systems 2nd 3rd

Change logs

Change management [See Configuration.]

Channels, covert [See Covert channels.]

Chats

Checksums, cryptographic

definition

multilevel databases

networks

Children's Online Privacy Protection Act (COPPA)

Chinese Wall security policy

Chosen ciphertext attack

Chosen plaintext attacks

Ciphers

block [See also AES (Advanced Encryption System); DES (Data Encryption Standard).]

book

Caesar

complexity

cryptanalysis

cryptographer's dilemma

keyless

keys

one-time pads

permutations

product 2nd

random number sequences

RC2

RC4

RC5

stream

substitution

book ciphers

Caesar cipher

complexity

cryptanalysis

cryptographer's dilemma

keys

one-time pads

permutations

random number sequences

Vernam cipher

Vignère tableau 2nd

Vernam

Vernam cipher

Vignère tableau 2nd

Ciphertext 2nd

Ciphertext only attacks

Civil law

Claims language

Clark-Wilson commercial security policy

Classical probability

Classification

Clear gif [See Web bugs.]

Clear-box testing

Cleartext [See also Plaintext.]

CLEFs (Commercial Licensed Evaluation Facilities)

Clients, network

Clipper [See also Keys (encryption), escrow.]

Clique problem

Closed versus open organizations

Clustering, key

CMM (Capability Maturity Model)

Coaxial cable

Code (program)

compatibility

debugging [See also Testing.]

error correcting

errors

inspection

malicious [See Malicious code.]

mobile

review

security [See Programs, security.]

signing 2nd

walk-through

Code Red worm 2nd

Codes (encoding systems) [See also Cryptography; Encryption.]

hash

Huffman

Japanese

poem

silken

Soviet Union

Codes (of conduct)

of best practice [See Best practices.]

of ethics [See Ethics.]

Cohesion

Cold site backups

Columnar transpositions

Combined Federal Criteria

Combined results control

Command insertion

Command structure

Commercial Licensed Evaluation Facilities (CLEFs)

Commercial security policies

Commit flag

Commit phase 2nd

Committing database updates

Common Criteria

Common Gateway Interface (CGI)

Common Intrusion Detection Framework

Communication mode, networks

Community string

Commutative filters

Commutative ring

Comparability, evaluating

Comparable data, data mining

Compartments

Compatibility of

code

evaluation

Complements, DES

Complete backups

Complete mediation 2nd [See also Incomplete mediation.]

Complex attacks

Component testing [See Unit testing.]

Components, software [See Modularity.]

Composites

Computational complexity, cryptography

Computer crime

definition

legal issues

California Breach Act

CAN SPAM Act

computer terminology and the law

confidentiality threats

Council of Europe Agreement on Cybercrime

cryptography 2nd

defining

E.U. Data Protection Act

GLBA (Graham-Leach-Bliley Act)

HIPAA (Health Insurance Portability and Accountability Act)

integrity threats

international dimensions

overview

prosecuting

restricted content

rules of evidence

rules of property

scope limitations

statutes, examples

U.S. Computer Fraud and Abuse Act

U.S. Economic Espionage Act

U.S. Electronic Communications Privacy Act

U.S. Electronic Funds Transfer Act

U.S. Freedom of Information Act

U.S. Privacy Act

USA Patriot Act

value of data

reporting

statistics

Computer criminals [See Attackers; Crackers; Hackers.]

Computer Emergency Response Team (CERT)

Computer Ethics Institute 2nd

Computer Fraud and Abuse Act

Computer objects [See Objects, digital.]

Computer screen emanations

Computer terminology and the law

Computerized text analysis

Computing systems

components of

definition

intrusion characteristics

Concealing control

Concurrency

Conditional compilation

Conditions, security models

Confidence level

Confidentiality [See also Privacy.]

data 2nd

databases

definition

e-mail

multilevel databases

overview

threats

Configuration

audit

databases

identification

management

Configuration and change control board (CCB)

Confinement

Confusion 2nd

Connection flooding

Connectivity [See Networks.]

Consequence-based ethics

Consistency, database 2nd

Constrained data items

Constraints

Consumer products, privacy

Content integrity

Contests, web privacy

Context switch

Contingency planning [See Physical security; Risk analysis; Security plan.]

Continuity plan

Contract law

Control, network

Controlled disclosure

Controls [See also Defense methods.]

data protection [See Encryption.]

database inference attacks

definition

effectiveness

export of cryptography

for networks [See Networks, controls.]

hardware

layered defense

mapping to vulnerabilities

overlapping

overview

physical

policies and procedures

security plan

selecting

criteria for

mapping controls to vulnerabilities 2nd

positive and negative effects

ratings

VAM (Vulnerability Assessment and Mitigation)

software

software development

acceptance testing

active fault detection

black-box testing

CCB (configuration and change control board)

clear-box testing

CMM (Capability Maturity Model)

components [See Modularity.]

conditional compilation

configuration audit

configuration identification

configuration management

confinement

coupling

delta files

design principles

developer characteristics

development standards 2nd

difference files

encapsulation

FMEA (failure modes and effects analysis)

formal methods

FTA (fault tree analysis)

genetic diversity

hazard analysis

HAZOP (hazard and operability studies)

independent testing

information hiding

installation testing

integration testing

lessons from mistakes

modularity

mutual suspicion

nature of software development

overview

passive fault detection

peer reviews

penetration testing 2nd

performance testing

problem response

process standards

program practice conclusions

program verification

proof of correctness

redundancy

regression testing

risk prediction

security audits

security requirements

static analysis

status accounting

testing

tiger team testing [See Penetration testing.]

unit testing

usage of cryptography

Convention 2nd

network threat

per-session

persistent

threats posed by

user authentication

viruses

web privacy

COPPA (Children's Online Privacy Protection Act)

Copy protection 2nd

case study

definition

DMCA (Digital Millennium Copyright Act) 2nd

fair use

first sale

for computer software

for digital objects

inappropriate references to

infringement

intellectual property

legal issues 2nd

Napster

originality of work

ownership

piracy

public domain

registering

Core [See Kernel.]

Correcting mistakes, data mining

Correction codes, database reliability

Correctness of data, data mining

Correlation of data

Cost of security [See Economics of cybersecurity.]

Cost/benefit risk analysis

Council of Europe

Council of Europe Agreement on Cybercrime

Count attacks

Coupling

Covert channels

creating

definition

file lock channel

identifying

information flow analysis

overview

shared resource matrix

signaling through images

steganography

storage channels

threat presented by

timing channels

Crackers [See also Attackers; Hackers.]

Cracking, ethical issues

Credibility

Credit card payments, web privacy

Crime [See Computer crime.]

Criminal law

Criteria development

Criticality, accessibility, recuperability, vulnerability, effect, and recognizability (CARVER) method

Cryptanalysis

AES (Advanced Encryption System)

breaking encryption

chosen plaintext attacks

ciphertext only attacks

full plaintext attacks

partial plaintext attacks

probable plaintext attacks

weaknesses

Caesar cipher

definition

differential 2nd

digram analysis

knapsack algorithm

overview

RSA (Rivest-Shamir-Adelman) encryption

substitution ciphers

Cryptanalysts

Cryptographer's dilemma

Cryptographers

Cryptographic challenges

RSA (Rivest-Shamir-Adelman) encryption

symmetric encryption

Cryptographic checksum

definition

multilevel databases

networks

Cryptographic hash functions

Cryptographic separation 2nd

Cryptography [See also Encryption.]

and free speech

asymmetric encryption

characteristics of

cryptanalysis of knapsack algorithm

general knapsacks

hard knapsacks

knapsack decryption algorithm

knapsacks, and modular arithmetic

knapsacks, as cryptographic algorithms

MerkleHellman knapsacks 2nd

relatively prime values

RSA (Rivest-Shamir-Adelman)

simple knapsacks 2nd

superincreasing knapsacks 2nd

Capstone

character representation

ciphertext

Clipper

computer crime 2nd

current policy

decryption

definition

DSA (Digital Signature Algorithm)

El Gamal algorithm

encrypted text

encryption

export controls

Fortezza

interceptors

intruders

key escrow

legal issues

mathematics of

arithmetic properties

commutative ring

composites

computational complexity

division

Euclidean algebra

Fermat's theorem

Galois fields

greatest common divisor

hierarchies of complexity

identity (mathematical)

inherently hard problems

instances

inverses, computing

inverses, definition

knapsack problem

modular arithmetic

nondeterminism

nondeterministic Turing machines

NP class

NP-complete problems

oracles

overview

P class

prime numbers

problems, definition

satisfiability

modular arithmetic

original text

perfect cipher [See One-time pads.]

permutations

columnar transpositions

combined approaches

definition

digram analysis

digrams

encipherment/decipherment complexity

patterns

product ciphers

substitution ciphers

trigrams

plaintext

quantum

cryptography with photons

implementation

overview

photon reception

polarizing filters

quantum physics

recipients

senders

substitution ciphers

book ciphers

Caesar cipher

complexity

cryptanalysis

cryptographer's dilemma

keys

one-time pads

permutations

random number sequences

Vernam cipher

Vignère tableau 2nd

substitutions

symmetric encryption [See also DES (Data Encryption Standard).]

AES (Advanced Encryption System)

confusion

cryptographic challenges

diffusion

permutation

problems with

RC2 cipher

RC4 cipher

RC5 cipher

substitution

transmission medium

transpositions [See Permutations.]

usage controls

with photons

Cryptology

Cryptosystems

CSI/FBI Computer Crime and Security Survey

Culp, Scott

Culture of organizations [See Organizational culture.]

Cyber attacks

CyberCop Scanner

Cyberterrorism

Cycle, DES

details

example

permutation

substitution

Index

Категории