Yossi Sheffi
- Published in print:
- 2015
- Published Online:
- May 2016
- ISBN:
- 9780262029797
- eISBN:
- 9780262330626
- Item type:
- chapter
- Publisher:
- The MIT Press
- DOI:
- 10.7551/mitpress/9780262029797.003.0009
- Subject:
- Economics and Finance, Financial Economics
Internet technologies are now indispensable communications tools within and between companies. Yet the openness of these networks and the high potential value of corporate and personal information ...
More
Internet technologies are now indispensable communications tools within and between companies. Yet the openness of these networks and the high potential value of corporate and personal information make these systems a tempting target for criminals, terrorists, and state-sponsored espionage. Cyber-criminals can gain access to a company’s information through its supply chain partners’ information systems. Furthermore, the rise of the Internet-of-Things, with digital “smarts” being added to ever more consumer products and industrial systems, creates physical vulnerabilities rooted in digital vulnerabilities. This chapter describes these threats and offers potential solutions on how to secure the information supply chain.Less
Internet technologies are now indispensable communications tools within and between companies. Yet the openness of these networks and the high potential value of corporate and personal information make these systems a tempting target for criminals, terrorists, and state-sponsored espionage. Cyber-criminals can gain access to a company’s information through its supply chain partners’ information systems. Furthermore, the rise of the Internet-of-Things, with digital “smarts” being added to ever more consumer products and industrial systems, creates physical vulnerabilities rooted in digital vulnerabilities. This chapter describes these threats and offers potential solutions on how to secure the information supply chain.
Keith Martin
- Published in print:
- 2017
- Published Online:
- July 2017
- ISBN:
- 9780198788003
- eISBN:
- 9780191829956
- Item type:
- book
- Publisher:
- Oxford University Press
- DOI:
- 10.1093/oso/9780198788003.001.0001
- Subject:
- Mathematics, Computational Mathematics / Optimization, Logic / Computer Science / Mathematical Philosophy
Cryptography is a vital technology that underpins the security of information in computer networks. This book presents a comprehensive introduction to the role that cryptography plays in providing ...
More
Cryptography is a vital technology that underpins the security of information in computer networks. This book presents a comprehensive introduction to the role that cryptography plays in providing information security for technologies such as the Internet, mobile phones, payment cards, and wireless local area networks. Focusing on the fundamental principles that ground modern cryptography as they arise in modern applications, it avoids both an over-reliance on transient technologies and overwhelming theoretical research. The first part of the book provides essential background, identifying the core security services provided by cryptography. The next part introduces the main cryptographic mechanisms that deliver these security services such as encryption, hash functions, and digital signatures, discussing why they work and how to deploy them, without delving into any significant mathematical detail. In the third part, the important practical aspects of key management are introduced, which is essential for making cryptography work in real systems. The last part considers the application of cryptography. A range of application case studies is presented, alongside a discussion of the wider societal issues arising from use of cryptography to support contemporary cyber security.Less
Cryptography is a vital technology that underpins the security of information in computer networks. This book presents a comprehensive introduction to the role that cryptography plays in providing information security for technologies such as the Internet, mobile phones, payment cards, and wireless local area networks. Focusing on the fundamental principles that ground modern cryptography as they arise in modern applications, it avoids both an over-reliance on transient technologies and overwhelming theoretical research. The first part of the book provides essential background, identifying the core security services provided by cryptography. The next part introduces the main cryptographic mechanisms that deliver these security services such as encryption, hash functions, and digital signatures, discussing why they work and how to deploy them, without delving into any significant mathematical detail. In the third part, the important practical aspects of key management are introduced, which is essential for making cryptography work in real systems. The last part considers the application of cryptography. A range of application case studies is presented, alongside a discussion of the wider societal issues arising from use of cryptography to support contemporary cyber security.
Clement Guitton
- Published in print:
- 2017
- Published Online:
- August 2017
- ISBN:
- 9780190699994
- eISBN:
- 9780190848507
- Item type:
- chapter
- Publisher:
- Oxford University Press
- DOI:
- 10.1093/oso/9780190699994.003.0005
- Subject:
- Political Science, Security Studies
What specific constraints do private companies face? What is the role of private companies in outing state-sponsored attacks? States accused of cyber attacks use three commonly recurring arguments to ...
More
What specific constraints do private companies face? What is the role of private companies in outing state-sponsored attacks? States accused of cyber attacks use three commonly recurring arguments to try to undermine claims by private companies—but as with judgment inherent to attribution, these arguments are based on characteristics inherent to the functioning of cyber security companies. Accused states attempt to bring into question the companies’ independence, and so to undermine the validity of their claims. To do so, they point out that many former government officials work for the company in question; that the timing of reports being published can appear to be in support of a government’s policies; and that companies are not always keen on attributing any attacks at all, and are focused only on particular, official enemies of the state. This chapter will verify the strength of these arguments. It concludes that such critiques of private companies often lack an evidence base, exaggerate certain points, and can read at times closer to conspiracy theory than to serious counterarguments.Less
What specific constraints do private companies face? What is the role of private companies in outing state-sponsored attacks? States accused of cyber attacks use three commonly recurring arguments to try to undermine claims by private companies—but as with judgment inherent to attribution, these arguments are based on characteristics inherent to the functioning of cyber security companies. Accused states attempt to bring into question the companies’ independence, and so to undermine the validity of their claims. To do so, they point out that many former government officials work for the company in question; that the timing of reports being published can appear to be in support of a government’s policies; and that companies are not always keen on attributing any attacks at all, and are focused only on particular, official enemies of the state. This chapter will verify the strength of these arguments. It concludes that such critiques of private companies often lack an evidence base, exaggerate certain points, and can read at times closer to conspiracy theory than to serious counterarguments.
