Chapter 9 Flashcards
4 actions to preserve confidentiality
- id and classify information to be protected
- encryption of sensitive information
- controlling access to sensitive information
- training
Information rights management (IRM)
software that provides an additional layer of protection to specific information resources, offering the capability not only to limit access to specific files but also to specify the ACTIONS that individuals who are granted access to that resource can perform.
Data Loss Prevention Software
controls and monitors downloads of data and outbound transmissions - preventive control
Digital watermark
a detective control that enables an organization to identify confidential information that has been disclosed.
Encryption
a preventive control that can be used to protect both confidentiality and privacy. It is the process of transforming plaintext (normal content) into cipher text (unreadable gibberish).
Data Masking
programs that replace customer’s personal information with fake values before sending that data to the program development and testing system
Decryption
ciphertext into plaintext
3 important factors determine the strength of any encryption system:
- key length
- encryption algorithm
- policies for managing the cryptographic keys.
Key escrow
involve making copies of all encryption keys used by employees and storing those copies securely.
Symmetric Encryption
uses the same key to encrypt and decrypt
advantages of symmetric encryption
it is much faster than asymmetric encryption
disadvantages of symmetric encryption
- both parties need to know the secret key.
- Unique keys for each partner set.
100 customers = 100 keys. - Either party can change text: can’t sign responsibility
Asymmetric Encryption
uses two keys, public and private key. Either key can be used to encrypt, but the other key must be used to decrypt.
Advantages of Asymmetric Encryption
- solves problem of communication symmetric key.
- public key can be shared openly, web or email
- private key creates digital signature
Disadvantages of Asymmetric Encryption
much slower than symmetric and not useful for large documents/files
Hashing
takes plaintext of any length and transforms it into a short code, hash. It provides data integrity and support digital signature
Digital certificate
is an electronic document, created and digitally signed by trusted 3rd party. certifies the id of the owner of a particular public key and contains the party’s public key. Issued by certificate authorities. like a passport or license
nonrepudiation
how to create legally binding agreements that cannot be unilaterally repudiated by either party.
Digital signature
a has of a document that is encrypted using the document creator’s private key
Public Key Infrastructure
the system for issuing pairs of public and private keys and corresponding digital certificates.
Virtual Private Networks
Create encrypted tunnel between devices. SSL in the browser, IPSec connects between hosts and networks