Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z] S-boxes 2nd S/MIME (Secure MIME) Salami attack Salt extension Sandbox SAS Institute Satellite networks description eavesdropping wiretapping Satisfiability, cryptography Scanners port virus Schecter, Stuart Schell, Roger Schema, database Schneier, Bruce SCOMP 2nd Scrambling data [See Cryptography; Encryption.] Screening router 2nd Script kiddies Scripts Secrecy [See Confidentiality; Privacy.] Secret key encryption [See Symmetric encryption.] Secure encryption algorithms Secure Hash Algorithm (SHA) Secure Hash Standard (SHS) Secure MIME (S/MIME) Secure shell (SSH) Secure Sockets Layer (SSL) Security as add-on associations audits availability 2nd confidentiality [See also Privacy.] definition features goals integrity 2nd kernel money versus information physical [See Physical security.] software [See Operating system security; Programs, security.] targets value of [See Economics of cybersecurity.] versus precision, databases weaknesses [See Vulnerabilities.] Security models *-property (star property) BellLa Padula Biba integrity command structure conditions definition GrahamDenning HarrisonRuzzoUllman integrity *-property lattice model leaking access rights lower bound multilevel security partial ordering primitive operations protection system commands protection systems relational operators simple integrity property simple security property TakeGrant theoretical limitations of systems upper bound uses for write-down Security parameter index (SPI) Security plan [See also Risk analysis; Security policies.] business continuity plan commitment to constraints contents of continuing attention controls current status definition framework for history of incident response plans incident response teams OCTAVE methodology policy statement requirements responsibilities team members timetable Security policies [See also Policies; Principles; Security plan.] access triples audience beneficiaries characteristics of Chinese Wall Clark-Wilson commercial classification commercial compartments constrained data items contents definition 2nd 3rd dominance durability economics of examples data sensitivity DOE (Department of Energy) policy government e-mail Internet policy hierarchical issues kneed-to-know military nonhierarchical owners purpose realism separation of duty transformation procedures usefulness users well-formed transactions Segment address table Segment address translation Segmentation combined wit paging networks overview Selective backups Selective protection [See Tagged architecture.] Self-healing code Self-stabilizing code Selling correct software Semiweak keys Senders Sendmail flaw Sensitive data data mining databases access acceptability access decisions authenticity bounds disclosure characteristics of data availability definition disclosures, types of exact data disclosure existence disclosure negative result disclosure overview probable value disclosure security versus precision overview Sensitivity lock Separation multilevel databases of duty of privilege overview principles of trusted systems Serialization error Serpent algorithm Server-side includes Servers, network Service Set Identifier (SSID) Service, denial of [See DDoS (distributed denial of service); DoS (denial of service).] Session hijacking [See also Impersonation.] Sessions, network Set userid (SUID) SHA (Secure Hash Algorithm) Shadow fields Shadow values Shakespeare, authorship debate Shannon, Claude Shape, networks Shared resource matrix Sharing access enforced network threat session keys Shell backups Shift row Shneiderman, Ben Shopping online, privacy Shredding paper data SHS (Secure Hash Standard) Signaling through images [See Steganography.] Signature-based intrusion detection 2nd Signatures, viruses definition execution patterns polymorphism scanners storage patterns transmission patterns Signed code Silken codes case study Simple integrity property Simple knapsacks 2nd Simple remailers Simple security property Single point of failure, networks 2nd Single sign-on 2nd Size, networks Skype Smart cards SMTP (simple mail transport protocol) Smurf attack SNMP (simple network management protocol) Social engineering SOE (Special Operations Executive) Software [See also Applications; Code (program); Programs.] access control configuration management controls [See Controls.] failure, legal issues full disclosure overview quality demands quality software refunds reporting flaws selling correct software user interests vendor interests warranty of cyberworthiness malicious modification security [See Operating system security; Programs, security.] Sony XCP (extended copy protection) rootkit Source code, legal issues Source quench protocol Soviet Union codes Spafford, Eugene Spam 2nd Special Operations Executive (SOE) SPI (security parameter index) Spikes, electrical Spoofing [See also Impersonation.] cryptographic protection interface illusions network vulnerability trusted path "Spray paint" lock Spying 2nd Spyware SSH (secure shell) SSID (Service Set Identifier) SSL (Secure Sockets Layer) Stack pointer Standards [See also Policies; Principles.] IEEE Standard 2nd process software development 2nd Star property (*-property) State constraints State-based intrusion detection Stateful inspection firewalls Static code analysis Statistical analysis, intrusion detection Statistical inference attacks Statistics, computer crime Status accounting Statutes 2nd [See also Laws.] Stealth mode intrusion detection Steganography Stevens, Thomas Stoll, Cliff 2nd Stopford, Charlie Storage channels Stream ciphers Strong authentication Subjective probability Subschema, database Substitution ciphers book ciphers Caesar cipher complexity cryptanalysis cryptographer's dilemma keys one-time pads permutations random number sequences Vernam cipher Vignère tableau 2nd Substitution cycle, DES Substitution, symmetric encryption Substitutions SUID (set userid) Sum attacks Summer Study on Database Security Superincreasing knapsacks 2nd Suppression control Surge suppressors Surges, electrical Surrounding viruses Surveys of security Australian Computer Crime and Security CSI/FBI Computer Crime and Security Deloitte and Touche Tohmatsu Global Security Ernst and Young Global Information Security IC3 (Internet Crime Complaint Center) Imation Data Protection sources for Swallow, William Symantec 2nd Symbols, organizational Symmetric encryption [See also AES (Advanced Encryption System); DES (Data Encryption Standard); Private key encryption.] algorithms authentication confusion cryptographic challenges definition diffusion flow diagram key distribution key management overview permutation problems with RC2 cipher RC4 cipher RC5 cipher substitution SYN flood SYN_RECV connections Synchronization System complexity System security policy [See Security policies.] System testing [See also Testing.] |