Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z] A1, TCSEC class 2nd Acceptance testing Access acceptability, databases Access control databases 2nd file protection all-none group individual permissions per-object per-user persistent permissions SUID (set userid) temporary acquired permissions memory and address protection base/bounds registers context switch fences page frames paging 2nd relocation relocation factor segment address table segmentation 2nd selective protection [See Tagged architecture.] tagged architecture principles of trusted systems privacy in computing privacy principles and policies protected objects access control matrix ACLs (access control lists) AS (authentication server) capability directories domains erasing deleted files KDC (key distribution center) Kerberos local name space procedure-oriented protection goals pseudonyms revocation of access role-based single sign-on TGS (ticket-granting server) types of wild cards Access control matrix Access decisions, databases Access policy ambiguity Access triples security policy Accountability principle Accuracy cost of security of information, ethical issues ACK (acknowledgment) ACLs (access control lists) 2nd ACM (Association for Computing Machinery), code of ethics 2nd Acquisti, Alessandro Acrobat PDF, deleting text Action phrases Active code, network threat 2nd Active fault detection Active server pages (ASP) Active wiretapping ActiveX controls Add subkey Addresses (IP) [See IP addresses.] Addresses (memory) [See Memory and address protection.] Adequate protection principle Adjusting future earnings Administering security [See Physical security; Risk analysis; Security plan; Security policies.] Advertising, web privacy Adware AES (Advanced Encryption System) [See also DES (Data Encryption Standard).] add subkey byte substitution cryptanalysis of definition design contest MARS algorithm mix column RC6 algorithm Rijndael algorithm 2nd Serpent algorithm shift row structure of symmetric encryption Twofish algorithm versus DES Affected subject Agents, malicious Aggregation of data 2nd AH (authentication header) Airport security, case study Al Qaeda computer case study Alarms 2nd [See also Alerts.] ALE (annualized loss expectation) Alerts [See also Alarms.] Algebra, Euclidean Algorithm design, DES Algorithms, encryption [See Encryption, algorithms.] Aliasing errors All-none file protection Allocation of general objects Amateur computer criminals Ambiguous access policies Amplifiers, network Analog network communication Analysis, risk [See Risk analysis.] Ancheta, Jeanson James Anderson, Ross 2nd 3rd 4th Angle of dispersion Annualized loss expectation (ALE) Anomaly-based intrusion detection Anonymity 2nd Anonymization 2nd Anonymous e-mail Antipiracy feature Antón, Annie Appended viruses Applets, hostile 2nd Application layer 2nd Application proxy gateways Applications code errors security [See Programs, security.] viruses Architecture, networks Arithmetic properties of cryptography Arora, Ashish ARPANET 2nd AS (authentication server) ASINTOER code ASP (active server pages) Asperger syndrome Assertions Assessment quality [See Evaluation.] risk [See Risk analysis.] Asset identification Association for Computing Machinery (ACM), code of ethics 2nd Associativity Assurance [See Trusted systems, assurance.] Assurance arguments Asymmetric encryption [See also Public key encryption; RSA (Rivest-Shamir-Adelman) encryption.] authentication characteristics of cryptanalysis of knapsack algorithm definition flow diagram general knapsacks hard knapsacks key distribution key management knapsack decryption algorithm knapsacks, and modular arithmetic knapsacks, as cryptographic algorithms MerkleHellman knapsacks 2nd overview relatively prime values RSA (Rivest-Shamir-Adelman) simple knapsacks 2nd superincreasing knapsacks 2nd AT&T Attachment viruses Attackers [See also Crackers; Hackers.] amateurs career criminals motives network threat psychological profile terrorists Attacks [See also Threats; Vulnerabilities.] attractive targets controls definition information leaks MOM (method, opportunity, motive) reprocessing used data items sources types universities, as prime targets vulnerabilities Attacks, methods 12-step password attacks brute force [See Brute force attack.] brute force password chosen plaintext ciphertext only cryptanalytic [See Cryptanalysis.] cyber database inference combined results control concealing control controls for count attacks direct attack indirect attack limited response suppression linear system vulnerability mean attacks median attacks problem summary query analysis random data perturbation random sample control statistical inference attacks sum attacks suppression control tracker attacks denial of service [See DDoS (distributed denial of service); DoS (denial of service).] encrypted password file exhaustive password full plaintext logic bombs man-in-the-middle partial plaintext password 12-step process brute force encrypted password file exhaustive indiscreet users plaintext password list probability salt extension trial and error weak passwords probable plaintext salami definition 2nd examples persistence of timing trapdoors Trojan horses viruses Attractive targets Attributes 2nd Audience for security policies Audit trails Auditability of databases Audits data overload, case study log reduction principles of trusted systems Australian Computer Crime and Security Survey Authentication asymmetric encryption algorithms certificates Digital distributed distributed flaws mutual network vulnerabilities avoidance eavesdropping guessing passwords man-in-the-middle attack masquerade nonexistent authentication phishing session hijacking spoofing trusted authentication well-known authentication wiretapping nonexistent privacy in computing anonymized records attributes identity 2nd individual 2nd meaning of overview privacy principles and policies strong, networks symmetric encryption algorithms trusted, network vulnerability users [See User authentication.] Authentication header (AH) Authentication server (AS) Authenticity, databases Automatic exec by file type Availability of data data and services data mining databases definition denial of service [See DDoS (distributed denial of service); DoS (denial of service).] Avoidance |