Security in Computing, 4th Edition

2017-07-07 02:10:07

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

e-Government Act of 2000

E-mail

attachment viruses

government security policy example

network encryption

over networks [See Networks, secure e-mail.]

privacy

access control

anonymous

interception

mixmaster remailers

monitoring

overview

remailers

simple remailers

spamming

spoofing

transmitting

theft case studies

Hollywood

New Zealand Herald

Wilshire Associates, Inc.

E.U. Data Protection Act

Earl of Buckingham

Ease of use

Easiest penetration principle

Eavesdropping 2nd

Echo chargen attack

Echo protocol

Economic Espionage Act

Economics of cybersecurity

business case

adjusting future earnings

balanced scorecard

cost estimates

definition

determining economic value

discount rate

false positives

influences on investment strategy

IRR (internal rate of return)

net present value

opportunity cost

overview

ROI (return on investment)

web application, case study

current and future

externalities

free rides

integrity

policies

regulation

modeling

credibility

decision making

framing the issue

group behavior

overview

role of organizational culture

transferring models

trust as economic issue

organizational culture

cultural practices

cultural values

dimensions of

employee versus job

heroes

loose versus tight control

normative versus pragmatic

open versus closed

parochial versus professional

process versus results

rituals

role of organizational culture

security choices, examples

symbols

quantifying value

accurate data

attack sources

attack types

comparability of categories

consistent data

cost of U.K. security incidents

economic impact 2nd 3rd

ISBS (Information Security Breeches Survey) 2nd

justification data

overview

reliable data

representative data

respondent types

security practices 2nd

timelines

security surveys

Australian Computer Crime and Security

CSI/FBI Computer Crime and Security

Deloitte and Touche Tohmatsu Global Security

Ernst and Young Global Information Security

IC3 (Internet Crime Complaint Center)

Imation Data Protection

sources for

trust, as economic issue

Economics of security policies

Economy of mechanism

EEye Digital Security

Effectiveness

evaluating

of controls

Effectiveness principle

Egoism

El Gamal algorithm

Electrical power

Electronic commerce, laws

Electronic Communications Privacy Act

Electronic Funds Transfer Act

Electronic publishing, laws

Electronic voting

Elements, databases

Emanations from computer screens

Emerging technologies

consumer products

electronic voting

overview

privacy issues

RFID (radio frequency identification)

security issues

Skype

VoIP (Voice over IP)

Emphatic assertion

Employee contracts

Employee rights [See Rights of employees and employers.]

Employee versus job

Employer rights [See Rights of employees and employers.]

Encapsulated security payload (ESP)

Encapsulation

Enciphered text

Enciphering data [See Cryptography; Encryption.]

Encipherment/decipherment complexity

Encoding data [See Cryptography; Encryption.]

Encrypted password file attacks

Encrypted tunnels

Encryption [See also Asymmetric encryption; Cryptography; Symmetric encryption.]

algorithms [See also AES (Advanced Encryption System); DES (Data Encryption Standard); RSA (Rivest-Shamir-Adelman) encryption.]

block ciphers

confusion

definition

diffusion

secure, characteristics of

stream ciphers

trustworthy, properties of

breakable

breaking [See Cryptanalysis.]

ciphertext

cleartext

cryptosystems

definition 2nd

e-mail

enciphered text

factoring large numbers 2nd

key management

keyless ciphers

keys

link

multilevel databases

networks

AH (authentication header)

certificate authorities

comparison of methods

e-mail

encrypted tunnels

end-to-end

ESP (encapsulated security payload)

firewalls

IKE (ISAKMP key exchange)

ISAKMP (Internet Security Association Key Management Protocol)

issues

link

overview

PKI (public key infrastructure)

security associations

signed code

SPI (security parameter index)

SSH (secure shell)

SSL (Secure Sockets Layer)

TLS (transport layer security)

tunnels

VPNs (virtual private networks)

private key [See also AES (Advanced Encryption System); DES (Data Encryption Standard); Symmetric encryption.]

protocols

public key [See also Asymmetric encryption; RSA (Rivest-Shamir-Adelman) encryption.]

characteristics

definition

flow diagram

key proliferation

purpose of

text

uses for

certificates

chaining

checksums

cryptographic checksum

cryptographic hash functions

Diffie-Hellman key exchange protocol

digital signatures

key exchange

End-to-end encryption

Enforced sharing

England [See United Kingdom.]

Enigma code machine

Equivalent programs

Erasing deleted files

Ernst and Young Global Information Security Survey

Error checking, trapdoors

Error correcting codes

Error detection 2nd

Errors [See also Faults; Flaws.]

buffer overflow 2nd

definition

incomplete mediation [See Incomplete mediation.]

privilege escalation

time-of-check to time-of-use flaws

Escape-character attack

ESP (encapsulated security payload)

Espionage 2nd

Estimating security value [See Economics of cybersecurity.]

Ethernet cable

Ethical codes

Ethical hacking [See Penetration testing.]

Ethical issues [See also Legal issues.]

a case for

case studies

accuracy of information

cracking

DoS (denial of service)

fraud

hacking

ownership of programs

privacy rights

proprietary resources

use of computer services

overview

Ethical pluralism

Ethical principles

consequence-based

deontology

duties of people

egoism

examples of

intrinsic good

rule-based

rule-deontology

teleological theory

utilitarianism

Ethical reasoning

Ethical systems

Ethics

and religion

studying

universality

versus law

Euclidean algebra

Euler totient function

European Privacy Directive

Evaluating security value [See Economics of cybersecurity.]

Evaluation

action phrases

British criteria

claims language

CLEFs (Commercial Licensed Evaluation Facilities)

Combined Federal Criteria

Common Criteria

comparability

criteria development

effectiveness

emphatic assertion

Europe

German Green Book

ITSEC (Information Technology Security Evaluation Criteria) 2nd

marketability

overview

process description

protection profiles

security targets

security, as add-on

summary of criteria

target phrases

TCSEC (Trusted Computer System Evaluation Criteria) 2nd

TOE (target of evaluation)

transferability

United States 2nd

Even parity

Evidence

destroying

gathering

physical

preserving

rules of

Exact data disclosure

Examples of problems [See Case studies.]

Execution domain switching

Executives

Exhaustive password attacks

Existence disclosure

Expansion permutations 2nd

Exploitation examples

Export controls in cryptography

Exposing messages

Extended copy protection (XCP) rootkit

Externalities

Index

Категории