China 
Africa 
Explore chapters and articles related to this topic
Key Management and the Public-Key Revolution
Published in Jonathan Katz, Yehuda Lindell, Introduction to Modern Cryptography, 2020
Why study private-key cryptography? It should be apparent that public-key cryptography is strictly stronger than private-key cryptography; in particular, any public-key encryption scheme could be used as a private-key encryption scheme. (The communicating users can simply share both the public key and the private key. If secrecy for encrypted messages holds even when the eavesdropper knows the public key, then it clearly holds when the public key is kept secret!) So why did we bother studying private-key cryptography at all? The answer is simple: private-key cryptography is much more efficient than public-key cryptography, and should be used in settings where it is appropriate. That is, in cases where it is possible for communicating parties to share a key, private-key cryptography should be used. This includes small-scale, closed systems of users as well as applications like disk encryption. Moroever, as we will see in Sections 12.3 and 13.7, private-key encryption is used in the public-key setting to obtain better efficiency.
Computing System Elements
Published in Stephen Horan, Introduction to PCM Telemetering Systems, 2017
Modern hardware encryption devices are frequently developed around specific secure software algorithms such as the Advanced Encryption Standard (AES) (see below). Designers use these devices for message traffic encryption, disk encryption, and flash drive encryption. System designers may choose to use this network “appliance” to provide secure communications to devices on the network. As Figure 4.25 illustrates, the designer may attach a hardware encryption and/or decryption device to the host computer as an external device. A TIA-422 data interface transmits the clear and encrypted data as well as keys and control and status information. The encryption device has the AES, or comparable, algorithm in the device hardware. Some devices provide one-way encryption or decryption, while others provide both services in a single unit.
Security Challenges and Solutions in IoT Networks for the Smart Cities
Published in Mohammad Ayoub Khan, Internet of Things, 2022
While sophisticated and tailor-made solutions for all types of threats in IoT networks are recommended, more practical recommendations can prove exceptionally suitable for protecting them. Hence, the authors in [78] have focused on providing a set of effective practical recommendations for securing IoT devices based on their hardware-oriented procedures. The first recommendation consisted of performing full disk encryption to protect any data stored in the device. Due to resource constraints, IoT devices might have weak authentication mechanisms as demonstrated in Mirai. Therefore, IoT devices, which store confidential data, are easy to be compromised and cause information leakage.
A rough cut cybersecurity investment using portfolio of security controls with maximum cybersecurity value
Published in International Journal of Production Research, 2022
The research on cybersecurity investment suffers from a lack relevant data. In addition to limited data on cyberattacks, it is not easy to obtain data on the costs of losses and the effects of mitigation strategies. Romanosky (2016), examined a sample of over 12,000 cyber events that include data breaches, security incidents, privacy violations and phishing crimes. First, the characteristics of these breaches (such as causes and types of information compromised) were analyzed. Then, the breach and litigation rate, by industry were examined and the industries were identified that incur the greatest costs from cyber events. Finally, these costs were compared to bad debts and fraud within other industries. The findings suggest that public concerns regarding the increasing rates of breaches and legal actions may be excessive compared to the relatively modest financial impact to firms that suffer these events. In Bentley et al. (2020), a multivariate model was presented to quantify cybersecurity risks for different types of cyberattacks and the effect of mitigation strategies on those attacks. The authors perform a statistical analysis of 60,000 cyber security incidents spanning six years that occurred at a large US organisation (Kuypers, Maillart, and Pate-Cornell 2016; Pate-Cornell et al. 2018). They distinguished four major categories of threats: Data Spillage, Lost/Stolen, Malware and Other, and five controls taken from The Australian Signals Directorate (2017): Application Whitelisting, Patch Applications, Continuous Incident Detection, Antivirus Software and TLS Encryption. In addition, to address the lost or stolen devices (e.g. laptops), that may have dramatic consequences, depending on the type of information carried on the device, the organisation implemented a Full Disk Encryption policy. The methodology proposed in Bentley et al. (2020) can be used to quantify the cost of cyberattacks and support decision making on the choice of optimal mitigation strategies. The authors claim that their ‘model adds to the literature by improving the modelling of damages in Gordon and Loeb (2002) towards the sort of treatment in Sawik (2013), while being fitted to real world data’.