Citizendium Forums
November 24, 2009, 08:26:31 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: POSTING RULES FOR MAIN CZ BOARDS: (1) The CZ Forums are Citizens-only (a "Citizen" is a Citizendium member). Non-Citizens may use only the "Non-member discussion" and "General help" boards, but still must register before posting (it's easy!). Non-Citizen posts elsewhere will be summarily deleted. (2) All must now use their own real names. To edit your displayed name, click on Profile > Account Related Settings. (3) Citizens must now link to their CZ user pages. To edit your signature, click on Profile > Forum Profile Information.
Click here to return to the wiki
 
   Home   Help Search Login Register  
Citizendium Forums > Workgroup Boards > Computers > Best name for article, currently "communications security"
Pages: [1]
« previous next »
  Print  
Author Topic: Best name for article, currently "communications security"  (Read 1774 times)
Howard C. Berkowitz
Forum Regular
****
Posts: 1763
« on: August 09, 2008, 04:53:24 PM »
Actually, I started out thinking I was going to call it "secure communication", in the sense of "what makes a communication secure".  Communications security fell out from pure editing I was doing in cryptography.  It doesn't feel right.

Looking at this article, I'm wondering if "information security" is an even better title, perhaps reserving "communications security" for [[cipher#bulk encryption]], [[spread spectrum]]/[[frequency agility]], [[red-black engineering]], protection against things like [[Operation RAFTER]], etc.

Thoughts? Comments?
Logged
http://en.citizendium.org/wiki/User:Howard_C._Berkowitz

Prime Minister, you can't take the bull by the horns if you're grasping the nettle. I mean, if you grasped the nettle with one hand, you could take the bull by one horn with the other hand, but not by both horns because your hand wouldn't be big enough, and if you took a bull by only one horn it would be rather dangerous because...' (Yes Prime Minister II, pp. 221-2)
Derek Harkness
Forum Regular
****
Posts: 543
« Reply #1 on: August 09, 2008, 10:18:08 PM »
Wouldn't information security be about secure storage of data where as communications security or secure communication is about the security of data transfer.
Logged
http://pilot.citizendium.org/wiki/User:Derek_Harkness
Howard C. Berkowitz
Forum Regular
****
Posts: 1763
« Reply #2 on: August 09, 2008, 10:28:19 PM »
The challenge comes when defining access to the stored data. Access via a network to the computer is pretty clearly communications security. When the storage computer's fine-grained access control gets a request from the network, and itself goes to a authentication/credentials server (RADIUS, Kerberos) to see if the user has access to the data, it gets fairly blurred. To use your example, the data isn't in motion, but both access and the access authorization are.

I can live with communications security; does the article outline go too far into information security?
Logged
http://en.citizendium.org/wiki/User:Howard_C._Berkowitz

Prime Minister, you can't take the bull by the horns if you're grasping the nettle. I mean, if you grasped the nettle with one hand, you could take the bull by one horn with the other hand, but not by both horns because your hand wouldn't be big enough, and if you took a bull by only one horn it would be rather dangerous because...' (Yes Prime Minister II, pp. 221-2)
Derek Harkness
Forum Regular
****
Posts: 543
« Reply #3 on: August 10, 2008, 03:42:34 AM »
Quote
Access via a network to the computer is pretty clearly communications security. When the storage computer's fine-grained access control gets a request from the network, and itself goes to a authentication/credentials server (RADIUS, Kerberos) to see if the user has access to the data, it gets fairly blurred. To use your example, the data isn't in motion, but both access and the access authorization are.
Here you are describing access to the information, nothing is communicated. So that is just information security. Though if you are pedantic, the access keys must be transmitted so there is a communication of data in order to authenticate access rights.

But take the next step, after the system authorises the access, the data that was held security has to transmitted across the network without being intercepted or blocked. That part is communication security.

So we have two, maybe three distinct articles here. One on securing static data, one on authentication access to data, and a third on secure transmission or communication.
Logged
http://pilot.citizendium.org/wiki/User:Derek_Harkness
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC Valid XHTML 1.0! Valid CSS!