Security in Computing, 4th Edition
Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z] Tagged architecture TakeGrant security model Tapping wires 2nd Target of evaluation (TOE) Target phrases TCB (trusted computing base) 2nd TCP (Transmission Control Protocol) TCP/IP protocol TCSEC (Trusted Computer System Evaluation Criteria) 2nd Teardrop attacks Telang, Rahul Teleological theory Telnet 2nd 3rd Tempest program Temporal Key Integrity Program (TKIP) Temporal separation 2nd Temporary permissions Ten Commandments of Computer Ethics Terrorists computer criminals cyberterrorism screening airline passengers Testing code acceptance assuring trusted systems black-box clear-box debugging formal methods independent installation integration 2nd peer reviews penetration 2nd 3rd performance regression reviews 2nd tiger team 2nd 3rd unit 2nd walk-throughs Text analysis, computerized TFN (Tribal Flood Network) 2nd TFN2K 2nd TGS (ticket-granting server) The Internet Theft of service 2nd Theft prevention Theorem provers Theoretical limitations of systems Third-party ads Third-party cookies Thompson, Ken Threats definition fabrications interceptions interruptions modifications to networks [See Networks, threats.] types of versus vulnerabilities Ticket-granting server (TGS) Tickets, networks Tiger team testing 2nd 3rd Tight versus loose organizational control Time bombs Time-dependent value of information Time-of-check to time-of-use flaws Timelines, quantifying security value Timestamps Timetable for security planning Timing attacks Timing channels TKIP (Temporal Key Integrity Program) TLS (transport layer security) TOE (target of evaluation) Tokens, password Top-level domain Topography, networks Torch Concepts Tort law Totient function Tracker attacks Tracking Russian nuclear weapons Trade secrets 2nd 3rd Trademark Traffic flow analysis Traffic flow security Traffic redirection Training, privacy principles and policies Transferability, evaluating Transferring models Transformation procedures Transient viruses Transition constraints Transmission Control Protocol (TCP) Transmission failure Transmission medium Transmitting e-mail Transport layer security (TLS) Transposition [See Permutations.] Trapdoors causes of definition 2nd error checking examples integration testing undefined opcodes unit testing Tribal Flood Network (TFN) 2nd Triggering viruses Trigrams Trin00 Triple DES Tripwire Trojan horses 2nd Trust [See also Trusted systems.] as economic issue definition threshold through common respected individual without a single hierarchy Trusted authentication Trusted Computer System Evaluation Criteria (TCSEC) 2nd Trusted computing base (TCB) 2nd Trusted front-end Trusted path Trusted processes Trusted product Trusted software Trusted systems [See also Operating system security; Programs, security.] appropriate confidence level characteristics of definition design principles [See also Trust.] access control accountability allocation of general objects assurance audit audit log reduction complete mediation 2nd cryptographic separation DAC (discretionary access control) definition ease of use economy of mechanism enforced sharing execution domain switching guaranteed fair service hierarchical structuring I/O operation identification importance of intrusion detection isolation kernelized design layered trust least common mechanism least privilege logical separation MAC (mandatory access control) magnetic remanence memory protection 2nd multiple virtual memory spaces object reuse open design operating system data protection permission based physical separation process activation reference monitor security features separation separation of privilege synchronization system elements TCB (trusted computing base) temporal separation trusted path user authentication 2nd virtual machines virtual memory virtualization enforcement of integrity functional correctness limited privilege overview qualities of security models *-property (star property) BellLa Padula Biba integrity command structure conditions definition GrahamDenning HarrisonRuzzoUllman integrity *-property lattice model leaking access rights lower bound multilevel security partial ordering primitive operations protection system commands protection systems relational operators simple integrity property simple security property TakeGrant theoretical limitations of systems upper bound uses for write-down security policies access triples Chinese Wall Clark-Wilson commercial classification commercial compartments constrained data items definition 2nd dominance hierarchical kneed-to-know military nonhierarchical separation of duty transformation procedures well-formed transactions trust, definition underpinnings of versus secure Trusted systems, assurance evaluation action phrases British criteria claims language CLEFs (Commercial Licensed Evaluation Facilities) Combined Federal Criteria Common Criteria comparability criteria development effectiveness emphatic assertion Europe German Green Book ITSEC (Information Technology Security Evaluation Criteria) 2nd marketability overview process description protection profiles security targets security, as add-on summary of criteria target phrases TCSEC (Trusted Computer System Evaluation Criteria) 2nd TOE (target of evaluation) transferability United States 2nd flaws ambiguous access policies exploitation examples incomplete mediation known vulnerabilities time-of-check to time-of-use flaws typical flaws user interface vulnerability methods formal verification penetration testing requirements checking reviews, design and code system testing testing theorem provers validation open source overview Tunnels, network encryption Turing machines Two-factor authentication Two-phase update Twofish algorithm |
Категории