Appendix A Security
In cyberspace, fraud, unauthorized access, snooping, counterfeiting, alteration, disavowal, and other crimes are everywhere. The perpetrators may be seeking personal gain, malicious pleasures, or simply satisfaction of their curiosities. Security techniques are employed to keep them from being successful—to keep a message, an application, a file, or a system, safe from the incursion of a person intent on stealing, modifying, or destroying it. In a human environment such chores are accomplished by identification of the supplicant by quantities such as signature, facial recognition, finger prints, other biometric measures, and knowledge of the background, past behavior, and other details about the supplicant. However, in cyberspace, everyone’s data look the same, files can be duplicated easily, a file can be changed to mimic other files, attempts to corrupt a file or system can be automated and installed in anonymous places, and there are no character references to consult.
A.1 Security Techniques
The techniques used to bring integrity to the machine environment are generally enumerated as:
- Authentication: Assuring the identity of the supplicant seeking a service;
- Authorization: Ensuring that the supplicant is approved to utilize a particular service;
- Privacy: Ensuring data are not revealed to unauthorized persons;
- Integrity: Ensuring data are maintained in their original states and not altered; and
- Nonrepudiation: Ensuring the supplicant cannot deny originating ...