2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet197/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   193   194   195   196   197   198   199   200   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Goals of Cryptography
Security practitioners use cryptographic systems to meet four fundamental goals: confidenti-
ality, integrity, authentication, and nonrepudiation. Achieving each of these goals requires the 
satisfaction of a number of design requirements, and not all cryptosystems are intended to 
achieve all four goals. In the following sections, we’ll examine each goal in detail and give a 
brief description of the technical requirements necessary to achieve it.
Confidentiality
Confidentiality
ensures that data remains private in three different situations: when it is at 
rest, when it is in transit, and when it is in use.


Cryptographic Basics 
199
Confi dentiality is perhaps the most widely cited goal of cryptosystems—the preservation 
of secrecy for stored information or for communications between individuals and groups. 
Two main types of cryptosystems enforce confi dentiality. 

Symmetric cryptosystems
use a shared secret key available to all users of the 
cryptosystem. 

Asymmetric cryptosystems
use individual combinations of public and private keys for 
each user of the system. Both of these concepts are explored in the section “Modern 
Cryptography” later in this chapter.
The concept of protecting data at rest and data in transit is often covered 
on the CISSP exam. You should also know that data in transit is also com-
monly called data
on the wire
, referring to the network cables that carry 
data communications.
When developing a cryptographic system for the purpose of providing confi dentiality
you must think about three different types of data. 

Data at rest
, or stored data, is that which resides in a permanent location awaiting 
access. Examples of data at rest include data stored on hard drives, backup tapes, cloud 
storage services, USB devices, and other storage media. 

Data in motion
, or data on the wire, is data being transmitted across a network 
between two systems. Data in motion might be traveling on a corporate network, a 
wireless network, or the public internet. 

Data in use
is data that is stored in the active memory of a computer system where it 
may be accessed by a process running on that system.
Each of these situations poses different types of confi dentiality risks that cryptography 
can protect against. For example, data in motion may be susceptible to eavesdropping 
attacks, whereas data at rest is more susceptible to the theft of physical devices. Data in use 
may be accessed by unauthorized processes if the operating system does not properly imple-
ment process isolation.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   193   194   195   196   197   198   199   200   ...   881




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish