Chapter 25: Data Security for the Masses
Stewart S. Miller
CREDIT CARD NUMBERS ARE AN EXAMPLE OF INFORMATION THAT SHOULD BE PROTECTED WHILE USERS CONDUCT COMMERCIAL TRANSACTIONS OVER THE INTERNET. Because the Internet was originally designed to be an open system, implementing security has proven to be difficult for developers.
PASSIVE THREATS
Security threats can be passive or active (see Exhibit 25-1 and Exhibit 25-2). Passive threats include unauthorized:
- Monitoring or recording of data transmitted over a communications facility.
- Release of message contents.
- Analysis of traffic.
- Examination of packet headers to determine the location and identity of communicating hosts. From this information an intruder can also observe the length and frequency ...
Get Designing a Total Data Solution now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.