IS 414 CH. 9 (VOCAB) Flashcards
Information rights management (IRM)
Software that offers the capability not only to limit access to specific files or documents, but also to specify the actions (read, copy, print, download, etc.) that individuals who are granted access to that resource can perform. Some IRM software even has the capability to limit access privileges to a specific period of time and to remotely erase protected files
Data loss prevention (DLP)
Software which works like antivirus programs in reverse, blocking outgoing messages (email, instant messages, etc.) that contain key words or phrases associated with intellectual property or other sensitive data the organization wants to protect
Digital watermark
Code embedded in documents that enables an organization to identify confidential information that has been disclosed
Data masking
A program that protects privacy by replacing personal information with fake values
Spam
Unsolicited email that contains either advertising or offensive content
Identity theft
Assuming someone’s identity, usually for economic gain
Cookie
A text file created by a website and stored on a visitor’s hard drive. Cookies store information about who the user is and hat the user has done on the site
Encryption
The process of transforming normal text, called plaintext, into unreadable gibberish, called ciphertext
Plaintext
Normal text that has not been encrypted
Ciphertext
Plaintext that was transformed into unreadable gibberish using encryption
Decryption
Transforming ciphertext back into plaintext
Symmetric encryption systems
Encryption systems that use the same key both to encrypt and to decrypt
Asymmetric encryption systems
Encryption systems that use two keys (one public, the other private); either key can encrypt, but only the other matching key can decrypt
Public key
One of the keys used in asymmetric encryption systems. It is widely distributed and available to everyone
Private key
One of the keys used in asymmetric encryption systems. It is kept secret and known only to the owner of that pair of public and private keys
Key escrow
The process of storing a copy of an encryption key in a secure location
Hashing
Transforming plaintext of any length into a short code called a hash
Hash
Plaintext that has been transformed into short code
Nonrepudiation
Creating legally binding agreements that cannot be unilaterally repudiated by either party
Digital signature
A hash encrypted with the hash creator’s private key
Digital certificate
An electronic document that certifies the identity of the owner of a particular public key and contains that party’s public key
Certificate authority
An organization that issues public and private keys and records the public key in the digital certificate
Public key infrastructure (PKI)
The system for issuing pairs of public and private keys and corresponding digital certificates
Virtual private network (VPN)
Using encryption and authentication to securely transfer information over the internet, thereby creating a “virtual” private network
