T | Security in Computing, 4th Edition

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

S-boxes 2nd
S/MIME (Secure MIME)
Salami attack
Salt extension
Sandbox
SAS Institute
Satellite networks
     description
     eavesdropping
     wiretapping
Satisfiability, cryptography
Scanners
     port
     virus
Schecter, Stuart
Schell, Roger
Schema, database
Schneier, Bruce
SCOMP 2nd
Scrambling data [See Cryptography; Encryption.]
Screening router 2nd
Script kiddies
Scripts
Secrecy [See Confidentiality; Privacy.]
Secret key encryption [See Symmetric encryption.]
Secure encryption algorithms
Secure Hash Algorithm (SHA)
Secure Hash Standard (SHS)
Secure MIME (S/MIME)
Secure shell (SSH)
Secure Sockets Layer (SSL)
Security
     as add-on
     associations
     audits
     availability 2nd
     confidentiality [See also Privacy.]
     definition
     features
     goals
     integrity 2nd
     kernel
     money versus information
    physical [See Physical security.]
    software [See Operating system security; Programs, security.]
     targets
    value of [See Economics of cybersecurity.]
     versus precision, databases
    weaknesses [See Vulnerabilities.]
Security models
     *-property (star property)
     BellLa Padula
     Biba integrity
     command structure
     conditions
     definition
     GrahamDenning
     HarrisonRuzzoUllman
     integrity *-property
     lattice model
     leaking access rights
     lower bound
     multilevel security
     partial ordering
     primitive operations
     protection system commands
     protection systems
     relational operators
     simple integrity property
     simple security property
     TakeGrant
     theoretical limitations of systems
     upper bound
     uses for
     write-down
Security parameter index (SPI)
Security plan [See also Risk analysis; Security policies.]
     business continuity plan
     commitment to
     constraints
     contents of
     continuing attention
     controls
     current status
     definition
     framework for
     history of
     incident response plans
     incident response teams
     OCTAVE methodology
     policy statement
     requirements
     responsibilities
     team members
     timetable
Security policies [See also Policies; Principles; Security plan.]
     access triples
     audience
     beneficiaries
     characteristics of
     Chinese Wall
     Clark-Wilson commercial
     classification
     commercial
     compartments
     constrained data items
     contents
     definition 2nd 3rd
     dominance
     durability
     economics of
     examples
         data sensitivity
         DOE (Department of Energy) policy
         government e-mail
         Internet policy
     hierarchical
     issues
     kneed-to-know
     military
     nonhierarchical
     owners
     purpose
     realism
     separation of duty
     transformation procedures
     usefulness
     users
     well-formed transactions
Segment address table
Segment address translation
Segmentation
     combined wit paging
     networks
     overview
Selective backups
Selective protection [See Tagged architecture.]
Self-healing code
Self-stabilizing code
Selling correct software
Semiweak keys
Senders
Sendmail flaw
Sensitive data
     data mining
     databases
         access acceptability
         access decisions
         authenticity
         bounds disclosure
         characteristics of
         data availability
         definition
         disclosures, types of
         exact data disclosure
         existence disclosure
         negative result disclosure
         overview
         probable value disclosure
         security versus precision
     overview
Sensitivity lock
Separation
     multilevel databases
     of duty
     of privilege
     overview
     principles of trusted systems
Serialization error
Serpent algorithm
Server-side includes
Servers, network
Service Set Identifier (SSID)
Service, denial of [See DDoS (distributed denial of service); DoS (denial of service).]
Session hijacking [See also Impersonation.]
Sessions, network
Set userid (SUID)
SHA (Secure Hash Algorithm)
Shadow fields
Shadow values
Shakespeare, authorship debate
Shannon, Claude
Shape, networks
Shared resource matrix
Sharing
     access
     enforced
     network threat
     session keys
Shell backups
Shift row
Shneiderman, Ben
Shopping online, privacy
Shredding paper data
SHS (Secure Hash Standard)
Signaling through images [See Steganography.]
Signature-based intrusion detection 2nd
Signatures, viruses
     definition
     execution patterns
     polymorphism
     scanners
     storage patterns
     transmission patterns
Signed code
Silken codes case study
Simple integrity property
Simple knapsacks 2nd
Simple remailers
Simple security property
Single point of failure, networks 2nd
Single sign-on 2nd
Size, networks
Skype
Smart cards
SMTP (simple mail transport protocol)
Smurf attack
SNMP (simple network management protocol)
Social engineering
SOE (Special Operations Executive)
Software [See also Applications; Code (program); Programs.]
     access control
     configuration management
    controls [See Controls.]
     failure, legal issues
         full disclosure
         overview
         quality demands
         quality software
         refunds
         reporting flaws
         selling correct software
         user interests
         vendor interests
         warranty of cyberworthiness
     malicious modification
    security [See Operating system security; Programs, security.]
Sony XCP (extended copy protection) rootkit
Source code, legal issues
Source quench protocol
Soviet Union codes
Spafford, Eugene
Spam 2nd
Special Operations Executive (SOE)
SPI (security parameter index)
Spikes, electrical
Spoofing [See also Impersonation.]
     cryptographic protection
     e-mail
     interface illusions
     network vulnerability
     trusted path
"Spray paint" lock
Spying 2nd
Spyware
SSH (secure shell)
SSID (Service Set Identifier)
SSL (Secure Sockets Layer)
Stack pointer
Standards [See also Policies; Principles.]
     IEEE Standard 2nd
     process
     software development 2nd
Star property (*-property)
State constraints
State-based intrusion detection
Stateful inspection firewalls
Static code analysis
Statistical analysis, intrusion detection
Statistical inference attacks
Statistics, computer crime
Status accounting
Statutes 2nd [See also Laws.]
Stealth mode intrusion detection
Steganography
Stevens, Thomas
Stoll, Cliff 2nd
Stopford, Charlie
Storage channels
Stream ciphers
Strong authentication
Subjective probability
Subschema, database
Substitution ciphers
     book ciphers
     Caesar cipher
     complexity
     cryptanalysis
     cryptographer's dilemma
     keys
     one-time pads
     permutations
     random number sequences
     Vernam cipher
     Vignère tableau 2nd
Substitution cycle, DES
Substitution, symmetric encryption
Substitutions
SUID (set userid)
Sum attacks
Summer Study on Database Security
Superincreasing knapsacks 2nd
Suppression control
Surge suppressors
Surges, electrical
Surrounding viruses
Surveys of security
     Australian Computer Crime and Security
     CSI/FBI Computer Crime and Security
     Deloitte and Touche Tohmatsu Global Security
     Ernst and Young Global Information Security
     IC3 (Internet Crime Complaint Center)
     Imation Data Protection
     sources for
Swallow, William
Symantec 2nd
Symbols, organizational
Symmetric encryption [See also AES (Advanced Encryption System); DES (Data Encryption Standard); Private key encryption.]
     algorithms
     authentication
     confusion
     cryptographic challenges
     definition
     diffusion
     flow diagram
     key distribution
     key management
     overview
     permutation
     problems with
     RC2 cipher
     RC4 cipher
     RC5 cipher
     substitution
SYN flood
SYN_RECV connections
Synchronization
System complexity
System security policy [See Security policies.]
System testing [See also Testing.]