Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
17 Cards in this Set
- Front
- Back
Security engineering is about ... |
building systems to remain dependable in the face of malice, error, or mischance. |
|
Security Engineering Requires |
cross-disciplinary expertise, ranging from cryptography and computer security through hardware tamper-resistance and formal methods to a knowledge of economics, applied psychology, organizations and the law. |
|
Good security engineering requires four things to come together |
1) Policy 2) Mechanism 3) Assurance 4) Incentive |
|
Security Theatre |
than the measures designed to produce a feeling of security rather than the reality. |
|
Phishing |
The activity of defrauding an online account holder of financial information by posing as a legitimate company. |
|
System |
any or all of the above plus customers and other external users. |
|
subject |
a physical person (human, ET, ...), in any role including that of an operator, principal or victim |
|
Person |
a physical person or a legal person such as a company or government. |
|
Principal |
terminal.an entity that participates in a security system. This entity can be a subject, a person, a role, or a piece of equipment such as a PC, smartcard, or card reader |
|
Group |
a set of principals |
|
Role |
is a set of functions assumed by different persons in succession. |
|
Trusted |
one whose failure can break the security policy. |
|
Trustworthy |
one that won't fail |
|
Secrecy |
is a technical term which refers to the effect of the mechanisms used to limit the number of principals who can access information, such as cryptography or computer access controls |
|
Confidentiality |
involves an obligation to protect some other person's or organization's secrets if you know them. |
|
Privacy |
is the ability and/or right to protect your personal information and extends to the ability and/or right to prevent invasions of your personal space (the exact definition of which varies quite sharply from one country to another). Privacy can extend to families but not to legal persons such as corporations. |
|
Authenticity |
integrity plus freshnes |