Keeping Secrets (11)[detail]

Authenticity

Is a person who they claim to be? using something you know/have/are

Accountability

Can it be proven you did or didn't do something

Confidentiality

Ensuring that private information is not disclosed to unauthorised individuals

Integrity

Ensuring information and programs are only changed in an authorised person

Availability

Ensuring systems work promptly and that authorised users are not denied service.

Threat

a possible danger that might exploit a vulnerability

Attack

a deliberate attempt to evade security services and violate the security polity of a system

Passive attacks

eavesdropping, traffic analysis (contents or properties)

Active attacks

Modification of data stream or creating false one

Authentication

assures communication is authentic, typically implemented by having secret information the other party can verify

Access control

limit and controls access to a host system and application, requires authentication