![]() ![]() Secure from whom? A site may be secure against outsiders, but not insiders. ![]() ![]() Secure to whom? A web site may be secure (to its owners) against unauthorized control, but may employ no encryption when collecting information from customers. Alternately, I could refer to access-control equivalence between two firewall implementations in this case, I am discussing objects which implement a security mechanism which helps us achieve the security goal, such as confidentiality of something. To be perverse, these last two examples could be combined if the information in the first example was actually the keys for the cryptosystem in the second example, then disclosure of the first could impact the confidentiality of the keys and thus the confidentiality of anything handled by the cryptosystems. Or I could say that two cryptosystems are confidentiality-equivalent, in which case the objects help achieve the security goal. In this case, I’m discussing objects which, if treated improperly, could lead to a compromise of the security goal of confidentiality. I consider two objects to be security equivalent if they are identical with respect to the security properties under discussion for precision, I may refer to confidentiality-equivalent pieces of information if the sets of parties to which they may be disclosed (without violating security) are exactly the same (and conversely, so are the sets of parties to which they may not be disclosed). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |