|
|
Authentication
|
|
The use of technologies such as smart cards, kerberos, and PKI to identify an entity such as a user, system, or application.
|
|
|
Digital certificate
|
|
Electronic files that uniquely identify people and resources over a network.
|
|
|
DoS
|
|
Denial of service. An attack that attempts to shut down a system or service by flooding it with more request than it can handle.
|
|
|
IDS
|
|
Intrusion detection system. Host- or network-based software of appliances that search for evidence of an intrusion and notify an administrator or take action to stop it.
|
|
|
Ipsec
|
|
Internet Protocol Security. A core technology for virtual private networks, Ipsec is a set of protocols that supports the secure exchange of packets at the Internet Protocol (IP) layer.
|
|
|
PKI
|
|
Public Key Infrastructure. Technology for managing digital certificates and encryption keys.
|
|
|
Spoofing
|
|
Pretending to be another system or individual.
|
|
|
TCPA
|
|
Trusted Computing Platform Alliance. An industry group established in 1999 by Compaq, HP, IBM, Intel, and Microsoft and now encompassing over 135 companies devoted to enhancing the integrity, authenticity and privacy of Internet-based communications and commerce.
|
|
|
|
1 CNN.com, Fraud Hits One in Ten Asian Internet Deals, March 20, 2002. http://www.cnn.com/2002/BUSINESS/asia/03/20/asia.net/index.html
2 CSI, Cyber Crime Bleeds US Corporations, Survey Shows; Financial Losses from Attacks Climb for Third Year in a Row. http://www.gocsi.com/press/20020407.html
3 http://www.cert.org/stats/cert_stats.html
4 Adapted with permission from CIO Magazine, How to Plan for the Inevitable, March 15, 2002. http://www.cio.com/archive/031502/plan_sidebar1_content.html
5 CIO Magazine, Finally, a Real Return on Security Spending, Feb. 15, 2002. http://www.cio.com/archive/021502/security_content.html
|
|
|
 |
