D



Index


[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

C1, TCSEC class
C2, TCSEC class 2nd
Cables, network
     coaxial
     eavesdropping
     Ethernet
     impedance
     inductance
     networking
     UTP (unshielded twisted pair)
     wiretapping
Caesar cipher
California Breach Act
CAN (campus area network)
CAN SPAM Act
Capability
Capability Maturity Model (CMM)
Capstone
Career computer criminals
CartManager International
CARVER (criticality, accessibility, recuperability, vulnerability, effect, and recognizability) method
Case studies
     airport security
     al Qaeda computer
     analysis of Shakespeare's plays
     attacker profile
     "black hole" failure
     business case
     CartManager International
     computerized text analysis
     copyright
     data mining
     database integrity failure
     database precision
     deceptive practices
     difficulties of securing code
     e-mail theft
         Hollywood
         New Zealand Herald
         Wilshire Associates, Inc.
     Earl of Buckingham
     ethical issues
         accuracy of information
         cracking
         DoS (denial of service)
         fraud
         hacking
         ownership of programs
         privacy rights
         proprietary resources
         use of computer services
     FAIS (Foreign Affairs Information System)
     hacker sting operation
     Hollywood e-mail theft
     human fallibility
     identity theft
     JetBlue airlines
     Kennedy, Edward
     Key Online Banking
     Lewis, John
     Lloyd's Bank
     mafia boss
     microcontrollers in automobiles
     MP3.com
     Napster
     online banking
     PKI (public key infrastructure)
     privacy
     privacy, government intrusion
         Icelandic DNA database
         U.K. RIPA (Regulation of Investigatory Powers Act)
     screening for terrorists
     security, as add-on
     silken codes
     Stopford, Charlie
     Torch Concepts
     tracking Russian nuclear weapons
     U.S Census Bureau
     U.S. Government
         audit data overload
         security report card
     V.A. (Veterans Administration)
     Wilshire Associates, e-mail theft
     wireless vulnerabilities
     WW II
         ASINTOER code
         Enigma code machine
         Japanese codes
         poem codes
         silken codes
         Soviet Union codes
Catastrophe, recovering from [See Backing up data; Physical security; Recovery from backup.]
CCB (configuration and change control board)
CDs (compact disks)
     copy protection 2nd
     fair use
     XCP (extended copy protection) rootkit
Census Bureau
Centralization
CERT (Computer Emergency Response Team)
Certificate authority 2nd
Certificates
     authentication
     encryption
     encryption, uses for
     trust
         through common respected individual
         without a single hierarchy
     trust threshold
CGI (Common Gateway Interface)
Chain of custody
Chaining
Challenge, attack motive
Challenge-response systems 2nd 3rd
Change logs
Change management [See Configuration.]
Channels, covert [See Covert channels.]
Chats
Checksums, cryptographic
     definition
     multilevel databases
     networks
Children's Online Privacy Protection Act (COPPA)
Chinese Wall security policy
Chosen ciphertext attack
Chosen plaintext attacks
Ciphers
     block [See also AES (Advanced Encryption System); DES (Data Encryption Standard).]
     book
     Caesar
     complexity
     cryptanalysis
     cryptographer's dilemma
     keyless
     keys
     one-time pads
     permutations
     product 2nd
     random number sequences
     RC2
     RC4
     RC5
     stream
     substitution
         book ciphers
         Caesar cipher
         complexity
         cryptanalysis
         cryptographer's dilemma
         keys
         one-time pads
         permutations
         random number sequences
         Vernam cipher
         Vignère tableau 2nd
     Vernam
     Vernam cipher
     Vignère tableau 2nd
Ciphertext 2nd
Ciphertext only attacks
Civil law
Claims language
Clark-Wilson commercial security policy
Classical probability
Classification
Clear gif [See Web bugs.]
Clear-box testing
Cleartext [See also Plaintext.]
CLEFs (Commercial Licensed Evaluation Facilities)
Clients, network
Clipper [See also Keys (encryption), escrow.]
Clique problem
Closed versus open organizations
Clustering, key
CMM (Capability Maturity Model)
Coaxial cable
Code (program)
     compatibility
     debugging [See also Testing.]
     error correcting
     errors
     inspection
    malicious [See Malicious code.]
     mobile
     review
    security [See Programs, security.]
     signing 2nd
     walk-through
Code Red worm 2nd
Codes (encoding systems) [See also Cryptography; Encryption.]
     hash
     Huffman
     Japanese
     poem
     silken
     Soviet Union
Codes (of conduct)
    of best practice [See Best practices.]
    of ethics [See Ethics.]
Cohesion
Cold site backups
Columnar transpositions
Combined Federal Criteria
Combined results control
Command insertion
Command structure
Commercial Licensed Evaluation Facilities (CLEFs)
Commercial security policies
Commit flag
Commit phase 2nd
Committing database updates
Common Criteria
Common Gateway Interface (CGI)
Common Intrusion Detection Framework
Communication mode, networks
Community string
Commutative filters
Commutative ring
Comparability, evaluating
Comparable data, data mining
Compartments
Compatibility of
     code
     evaluation
Complements, DES
Complete backups
Complete mediation 2nd [See also Incomplete mediation.]
Complex attacks
Component testing [See Unit testing.]
Components, software [See Modularity.]
Composites
Computational complexity, cryptography
Computer crime
     definition
     legal issues
         California Breach Act
         CAN SPAM Act
         computer terminology and the law
         confidentiality threats
         Council of Europe Agreement on Cybercrime
         cryptography 2nd
         defining
         E.U. Data Protection Act
         GLBA (Graham-Leach-Bliley Act)
         HIPAA (Health Insurance Portability and Accountability Act)
         integrity threats
         international dimensions
         overview
         prosecuting
         restricted content
         rules of evidence
         rules of property
         scope limitations
         statutes, examples
         U.S. Computer Fraud and Abuse Act
         U.S. Economic Espionage Act
         U.S. Electronic Communications Privacy Act
         U.S. Electronic Funds Transfer Act
         U.S. Freedom of Information Act
         U.S. Privacy Act
         USA Patriot Act
         value of data
     reporting
     statistics
Computer criminals [See Attackers; Crackers; Hackers.]
Computer Emergency Response Team (CERT)
Computer Ethics Institute 2nd
Computer Fraud and Abuse Act
Computer objects [See Objects, digital.]
Computer screen emanations
Computer terminology and the law
Computerized text analysis
Computing systems
     components of
     definition
     intrusion characteristics
Concealing control
Concurrency
Conditional compilation
Conditions, security models
Confidence level
Confidentiality [See also Privacy.]
     data 2nd
     databases
     definition
     e-mail
     multilevel databases
     overview
     threats
Configuration
     audit
     databases
     identification
     management
Configuration and change control board (CCB)
Confinement
Confusion 2nd
Connection flooding
Connectivity [See Networks.]
Consequence-based ethics
Consistency, database 2nd
Constrained data items
Constraints
Consumer products, privacy
Content integrity
Contests, web privacy
Context switch
Contingency planning [See Physical security; Risk analysis; Security plan.]
Continuity plan
Contract law
Control, network
Controlled disclosure
Controls [See also Defense methods.]
    data protection [See Encryption.]
     database inference attacks
     definition
     effectiveness
     export of cryptography
    for networks [See Networks, controls.]
     hardware
     layered defense
     mapping to vulnerabilities
     overlapping
     overview
     physical
     policies and procedures
     security plan
     selecting
         criteria for
         mapping controls to vulnerabilities 2nd
         positive and negative effects
         ratings
         VAM (Vulnerability Assessment and Mitigation)
     software
     software development
         acceptance testing
         active fault detection
         black-box testing
         CCB (configuration and change control board)
         clear-box testing
         CMM (Capability Maturity Model)
        components [See Modularity.]
         conditional compilation
         configuration audit
         configuration identification
         configuration management
         confinement
         coupling
         delta files
         design principles
         developer characteristics
         development standards 2nd
         difference files
         encapsulation
         FMEA (failure modes and effects analysis)
         formal methods
         FTA (fault tree analysis)
         genetic diversity
         hazard analysis
         HAZOP (hazard and operability studies)
         independent testing
         information hiding
         installation testing
         integration testing
         lessons from mistakes
         modularity
         mutual suspicion
         nature of software development
         overview
         passive fault detection
         peer reviews
         penetration testing 2nd
         performance testing
         problem response
         process standards
         program practice conclusions
         program verification
         proof of correctness
         redundancy
         regression testing
         risk prediction
         security audits
         security requirements
         static analysis
         status accounting
         testing
        tiger team testing [See Penetration testing.]
         unit testing
     usage of cryptography
Convention 2nd
Cookies
     network threat
     per-session
     persistent
     threats posed by
     user authentication
     viruses
     web privacy
COPPA (Children's Online Privacy Protection Act)
Copy protection 2nd
Copyright
     case study
     definition
     DMCA (Digital Millennium Copyright Act) 2nd
     fair use
     first sale
     for computer software
     for digital objects
     inappropriate references to
     infringement
     intellectual property
     legal issues 2nd
     Napster
     originality of work
     ownership
     piracy
     public domain
     registering
Core [See Kernel.]
Correcting mistakes, data mining
Correction codes, database reliability
Correctness of data, data mining
Correlation of data
Cost of security [See Economics of cybersecurity.]
Cost/benefit risk analysis
Council of Europe
Council of Europe Agreement on Cybercrime
Count attacks
Coupling
Covert channels
     creating
     definition
     file lock channel
     identifying
     information flow analysis
     overview
     shared resource matrix
     signaling through images
     steganography
     storage channels
     threat presented by
     timing channels
Crackers [See also Attackers; Hackers.]
Cracking, ethical issues
Credibility
Credit card payments, web privacy
Crime [See Computer crime.]
Criminal law
Criteria development
Criticality, accessibility, recuperability, vulnerability, effect, and recognizability (CARVER) method
Cryptanalysis
     AES (Advanced Encryption System)
     breaking encryption
         chosen plaintext attacks
         ciphertext only attacks
         full plaintext attacks
         partial plaintext attacks
         probable plaintext attacks
         weaknesses
     Caesar cipher
     definition
     differential 2nd
     digram analysis
     knapsack algorithm
     overview
     RSA (Rivest-Shamir-Adelman) encryption
     substitution ciphers
Cryptanalysts
Cryptographer's dilemma
Cryptographers
Cryptographic challenges
     RSA (Rivest-Shamir-Adelman) encryption
     symmetric encryption
Cryptographic checksum
     definition
     multilevel databases
     networks
Cryptographic hash functions
Cryptographic separation 2nd
Cryptography [See also Encryption.]
     and free speech
     asymmetric encryption
         characteristics of
         cryptanalysis of knapsack algorithm
         general knapsacks
         hard knapsacks
         knapsack decryption algorithm
         knapsacks, and modular arithmetic
         knapsacks, as cryptographic algorithms
         MerkleHellman knapsacks 2nd
         relatively prime values
         RSA (Rivest-Shamir-Adelman)
         simple knapsacks 2nd
         superincreasing knapsacks 2nd
     Capstone
     character representation
     ciphertext
     Clipper
     computer crime 2nd
     current policy
     decryption
     definition
     DSA (Digital Signature Algorithm)
     El Gamal algorithm
     encrypted text
     encryption
     export controls
     Fortezza
     interceptors
     intruders
     key escrow
     legal issues
     mathematics of
         arithmetic properties
         commutative ring
         composites
         computational complexity
         division
         Euclidean algebra
         Fermat's theorem
         Galois fields
         greatest common divisor
         hierarchies of complexity
         identity (mathematical)
         inherently hard problems
         instances
         inverses, computing
         inverses, definition
         knapsack problem
         modular arithmetic
         nondeterminism
         nondeterministic Turing machines
         NP class
         NP-complete problems
         oracles
         overview
         P class
         prime numbers
         problems, definition
         satisfiability
     modular arithmetic
     original text
    perfect cipher [See One-time pads.]
     permutations
         columnar transpositions
         combined approaches
         definition
         digram analysis
         digrams
         encipherment/decipherment complexity
         patterns
         product ciphers
         substitution ciphers
         trigrams
     plaintext
     quantum
         cryptography with photons
         implementation
         overview
         photon reception
         polarizing filters
         quantum physics
     recipients
     senders
     substitution ciphers
         book ciphers
         Caesar cipher
         complexity
         cryptanalysis
         cryptographer's dilemma
         keys
         one-time pads
         permutations
         random number sequences
         Vernam cipher
         Vignère tableau 2nd
     substitutions
     symmetric encryption [See also DES (Data Encryption Standard).]
         AES (Advanced Encryption System)
         confusion
         cryptographic challenges
         diffusion
         permutation
         problems with
         RC2 cipher
         RC4 cipher
         RC5 cipher
         substitution
     transmission medium
    transpositions [See Permutations.]
     usage controls
     with photons
Cryptology
Cryptosystems
CSI/FBI Computer Crime and Security Survey
Culp, Scott
Culture of organizations [See Organizational culture.]
Cyber attacks
CyberCop Scanner
Cyberterrorism
Cycle, DES
     details
     example
     permutation
     substitution




Security in Computing
Security in Computing, 4th Edition
ISBN: 0132390779
EAN: 2147483647
Year: 2006
Pages: 171

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net