Chapter 25: Data Security for the Masses

Stewart S. Miller

CREDIT CARD NUMBERS ARE AN EXAMPLE OF INFORMATION THAT SHOULD BE PROTECTED WHILE USERS CONDUCT COMMERCIAL TRANSACTIONS OVER THE INTERNET. Because the Internet was originally designed to be an open system, implementing security has proven to be difficult for developers.

PASSIVE THREATS

Security threats can be passive or active (see Exhibit 25-1 and Exhibit 25-2). Passive threats include unauthorized:

  • Monitoring or recording of data transmitted over a communications facility.
  • Release of message contents.
  • Analysis of traffic.
  • Examination of packet headers to determine the location and identity of communicating hosts. From this information an intruder can also observe the length and frequency ...

Get Designing a Total Data Solution now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.