[...]... both cryptography and cryptanalysis is called eryptology 1.2 DATA SECURITY Classical cryptography provided secrecy for information sent over channels where eavesdropping and message interception was possible The sender selected a cipher and encryption key, and either gave it directly to the receiver or else sent it indirectly over a slow but secure channel (typically a trusted courier) Messages and. .. access to the system and to unauthorized regions of memory Access controls, described in Chapter 4, can prevent this Cryptography protects against browsing by making the information unintelligible It can supplement access controls and is especially useful for protecting data on tapes and discs which, if stolen, can no longer be protected by the system Cryptography cannot, however, protect data from disclosure... or processes; they are introduced in Section 1.3.3 Data security is the science and study of methods of protecting data in computer and communications systems It embodies the four kinds of controls studied in this book: cryptographic controls, access controls, information flow controis, and inference controls It also embodies procedures for backup and recovery 1.3 CRYPTOGRAPHIC SYSTEMS This section... Example: Let n = 3, and let the 3 messages be the letters A, B, and C, where p(A) = 1/2 and p(B) = p(C) = 1/4 Then logz( p(A) ) = 1 ° g 2 2 = 1 1 log2( p(B) ) = l ° g z 4 = 2 1 log2( p(C) ) = log2 4 = 2, 1 and H ( X ) = (½)log2 2 + 2[(¼)1og2 4] =0.5+ 1.0= 1.5 An optimal encoding assigns a 1-bit code to A and 2-bit codes to B and C For example, A can be encoded with the bit 0, while B and C can be encoded... enciphering key, and the set of parameters describing DK the deciphering key Figure 1.5 illustrates the enciphering and deciphering of data Cryptosystems must satisfy three general requirements: 1 2 3 The enciphering and deciphering transformations must be efficient for all keys The system must be easy to use The security of the system should depend only on the secrecy of the keys and not on the secrecy... Thus, all the requirements for both secrecy and authenticity must hold in one-key systems One-key systems provide an excellent way of enciphering users' private files Each user A has private transformations E n and D A for enciphering and deciphering files (see Figure 1.8) If other users cannot access E n and Dn, then both the secrecy and authenticity of A's data is assured One-key systems also provide... Secrecy and authenticity are provided by protecting the separate transformations D g for secrecy, E K for authenticity Figure 1.9 illustrates how this principle can be applied to databases, where some users have read-write authority to the database, while other users have read authority only Users with read-write authority are given both D K and E K, so they can decipher data stored in the database... authority) from destroying the data by overwriting the database with nonsense It only prevents that user from creating valid ciphertext To protect the data from such destruction, the system must be secured by access controls, so that no user can write into the database without the write-key E K The system need not, however, control read access to the data, because the data cannot be deciphered without... refers to the transmission of data to unauthorized users by processes with legitimate access to the data A compiler, for example, could leak a proprietary software program while it is being compiled An income tax program could leak confidential information about a user A file editor could leak classified military data to a user without a security clearance Cryptography and access controls must be supplemented... T R O L S 331 332 6.1 Statistical Database Model 6.1.1 Information State 332 334 6.1.2 Types of Statistics 6.1.3 Disclosure of Sensitive Statistics 6.1.4 Perfect Secrecy and Protection 339 6.1.5 Complexity of Disclosure 340 6.2 Inference Control Mechanisms 6.2.1 Security and Precision 340 336 339 282 CONTENTS 6.2.2 Methods of Release 341 Methods of Attack 344 Small and Large Query Set Attacks 344 6.3.1 . Publication Data Denning, Dorothy E., (Dorothy Elizabeth), 1945- Cryptography and data security. Includes bibliographical references and index. 1. Computers Access control. 2. Cryptography. 3. Data. for protecting data in statistical databases and new methods of attacking these databases. We have come to a better understanding of the theoretical and practical limitations to security. Because. mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks. The book is for students and professionals seek-