CS 271 Final
Digital forensics approaches
1. Protect and forget 2. Apprehend and prosecute
Digital malfeasance
a crime against or using digital media, computer technology, or related components; a computer is the source of the crime or the object of it
Transposition cipher
a cryptographic operation that involves simply rearranging the values within a block based on an established pattern; aka permutation cipher
Vernam cipher
a cryptographic technique developed at AT&T and known as the "one-time pad," this cipher uses a set of characters for encryption operations only one time and then discards it
Request for proposal (RFP)
a document specifying the requirements of a project, provided to solicit bids from internal or external contractors
Pretty Good Privacy (PGP)
a hybrid cryptosystem that combines some of the best cryptographic algorithms; the open-source de facto standard for encryption
Restitution
a legal requirement to make compensation or payment resulting from loss or injury
Work breakdown structure (WBS)
a list of the tasks to be accomplished in the project, the skill sets or individual employees needed to perform the tasks, the start and end dates for tasks, the estimated resources required, and the dependencies among tasks
Mandatory access control (MAC)
a required, structured data classification scheme that rates each colletion of information as well as each other
Lattice-based access control (LBAC)
a variation on the MAC form of access control, which assigns users a matrix of authorizations for particular areas of access, incorporating the information assets of subjects such as users and objects
Discretionary access control (DAC)
access controls that are implemented at the discretion or option of the data user
Nondiscretionary access controls (NDACs)
access controls that are implemented by a central authority
Attribute-based access control (ABAC)
an access control approach whereby the organization specifies the use of objects based on some attribute of the user or system
Vigenere cipher
an advanced type of substitution cipher that uses a siple polyalphabetic code
Wired Equivalent Privacy (WEP)
an early attempt at securing wireless communications based on encryption using a 64- or 128-bit key that is not difficult for hackers to crack
Substitution cipher
an encryption method in which one value is substituted for another
Liability
an entity's legal obligation or responsibility
Task-based access control (TBAC)
an example of a nondiscretionary control where privileges are tied to a task a user performs in an organization adn are inherited when a user is assigned to that task; tasks are more temporary than roles
Role-based access control (RBAC)
an example of a nondiscretionary control where privileges are tied to the role a user performs in an organization, and are inherited when a user is assigned to that role; roles are more persistent than tasks
Static electricity
an imbalance of electrical charges in the atmosphere or on the surface of a material, caused by triboelectrification
Wi-Fi Protected Access (WPA)
created to resolve the issues with WEP and uses dynamic keys created and shared by an authentication server
Payment Card Industry (examples)
credit cards, debit cards, ATM cards, store-value cards, gift cards, etc
Nonrepudiation
customers or partners can be held accountable for transactions, such as online purchases, which they cannot dispute
Digital forensics
investigations that involve the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and root cause analysis; follows clear, well-defined methodologies but still tends to be as much an art as science
Due care
measures that an organization takes to ensure every employee knows what is acceptable and what is not
HIPAA (Health Insurance Portability and Accountability Act)
protects the confidentiality and security of healthcare data by establishing and enforcing standards and by standardizing electronic data interchange
Due diligence
reasonable steps taken by people or organizations to meet the obligations imposed by laws or regulations
Forensics
the coherent application of methodical investigatory techniques to present evidence of crimes in a court or similar setting; allows investigators to determine what happened by examining the results of an event - criminal, natural, intentional, or accidental
Computer Fraud and Abuse Act (CFA Act)
the cornerstone of many computer-related laws and enforcement efforts
Least privilege
the data access principle that ensures no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation needed; implies a need to know
Chain of evidence
the detailed documentation of the collection, storage, transfer, and ownership of evidence from the crime scene through its presentation in court
Triboelectrification
the exchange of electrons between two materials when they make contact, resulting in one object becoming more positively charged and the other more negatively charged
Rand Report R-609
the first widely recognized published document to identify the role of management and policy issues in computer security
Separation of duties
the information security principle that requires significant tasks to be split up so that more than on individual is required to complete them
Two-person control
the organization of a task or process so that at least two individuals must work together to complete it; aka dual control
Jurisdiction
the power to make legal decisions and judgments; typically an area within which an entity such as a court or law enforcement agency is empowered to make legal decision
Need to know
the principle of limiting users' access privileges to the specific information required to perform their assigned tasks
Task rotation
the requirement that all critical tasks can be performed by multiple individuals
Ciphertext/Cryptogram
the unintelligible encrypted or encoded message resulting from an encryption