Cryptography
Cryptography is an essential toolkit for today's CISSP. It applies across all three components of the CIA model:
- Confidentiality - Cryptology protects the confidentiality of data via encryption (both in transit and at rest)
- Integrity - Cryptology supports the integrity of data via hashes and message digests (MDs) that insure the accuracy of the data
- Availability- Cryptology is used heavily in the authentication arena via digital signatures, certificates and PKI used to verify the authenticity of the players.
Key concepts in Cryptology:
- Non-repudiation: Undeniably asserting who did something (sent an email, was logged in, accessed a dataset, etc.)
- Hashes are used for integrity checking not confidentiality protection
- Digital Signatures are not scanned images of real signatures (thank you playing, Fox News)
- Login to post comments