An example of a low-integrity requirement is an anonymous online poll. Many websites, such as news organizations, offer these polls to their users with very few safeguards. However, the inaccuracy and unscientific nature of such polls is well
Figure 4.3 Extended Access Control
Figure 4.4 An Organization of the Access Control
Table 4.3 Access Control System
The ability of one subject to create another subject and to have ‘owner’ access right to that subject can be used to define a hierarchy of subjects. For example, in Figure 4.3, owns and so and are subordinate to By the rules of Table 4.3, can grant and delete to access rights that already has. Thus, a subject can create another subject with a subset of its own access rights. This might be useful, for example, if a subject is invoking an application that is not fully trusted and does not want that application to be able to
Bell-LaPadula (BLP)
4.6
Table 5.2 Fixed Roles in
Table 16.1 Characteristics of Natural
Table 16.3 Saffir/Simpson Hurricane Scale................................................................873
Table 16.4 Temperature Thresholds for Damage to Computing Resources...............875
Figure 16.1 Standard Fire Temperature–Time Relations Used for Testing of Building
Table 16.6 Degrees of Security and Control for Protected Areas
Table 17.1 Comparative Framework ................................................................ ..........908
Table 17.3 Examples of Possible Information Flow to and from the Incident-Handling Service...................................................................... ...................................................935
Table 18.1 Security Audit Terminology (RFC 4949).................................................943
Figure 18.1 Security Audit and Alarms Model (X.816).............................................946
Figure 18.2 Distributed Audit Trail Model (X.816) ...................................................947
Figure 18.3 Common Criteria Security Audit Class Decomposition .........................949
Table 18.2 Auditable Items Suggested in X.816 ........................................................954
Page 30 of 1641
Monitoring Areas Suggested in ISO 27002 ................................................................955
Figure 18.4 Examples of Audit Trails......................................................................... 956
Table 18.4 Windows Event Schema
Elements ...........................................................961
Figure 18.5 Windows System Log Entry
Example ....................................................963
Figure 18.6 .......................................................................... ........................................967
Examples of Syslog Messages.................................................................. ..................967
Table 18.5 UNIX Syslog Facilities and Severity
Levels............................................968
Figure 18.9 Run-Time Environment for Application
Auditing ..................................976
Table 19.1 .......................................................................... .........................................996
Cybercrimes Cited in the Convention on Cybercrime ................................................996
Table 19.2 CERT 2007 E-Crime Watch Survey Results............................................999
Figure 19.2 DRM
Figure 19.4 Common Criteria Privacy Class
Figure 19.6 ACM Code of Ethics and Professional Conduct ...................................1030
Figure 19.8 AITP Standard of
Table 20.1 Types of Attacks on Encrypted
Figure 22.2 Function Modules and Standardized Protocols
Figure 22.3 Simple Example of DKIM
24.4 IEEE 802.11i Wireless LAN
Security .................................................................... .....1255
Figure 24.6 Elements of IEEE
802.11i ..................................................................... 1257
IEEE 802.11i Phases of Operation.................................................................. .................1259
Figure 24.7 IEEE 802.11i Phases of Operation ........................................................1261
Page 34 of 1641
Discovery
Phase ....................................................................... ........................................1263
Figure 24.8 IEEE 802.11i Phases of Operation:
Capability Discovery, Authentication,
A.3 Security Education (Seed)
B.3 Fermat’s and Euler’s
Figure D.1 Pseudorandom Number Generation from a Counter ..............................1360
Figure D.2 ANSI X9.17 Pseudorandom Number
Appendix E: Message Authentication Codes Based on Block Ciphers...............................1369
E.1 Cipher-Based Message Authentication Code (CMAC) ................................................1370