dido:public:ra:1.4_req:2_nonfunc:25_security:nonrepudiability
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
dido:public:ra:1.4_req:2_nonfunc:25_security:nonrepudiability [2021/07/26 15:45] murphy |
dido:public:ra:1.4_req:2_nonfunc:25_security:nonrepudiability [2021/07/30 12:23] (current) murphy [About] |
||
|---|---|---|---|
| Line 12: | Line 12: | ||
| Non-Repudiation is about providing [[dido:public:ra:xapend:xapend.a_glossary:a:assurance|assurance]] using [[dido:public:ra:xapend:xapend.a_glossary:e:evidence|evidence]] that an action has been done. For example, a data sender is provided evidence (i.e., proof) of delivery while the receiver is provided evidence (i.e., proof) of the sender's identity. As a consequence, neither the sender or the receiver can deny having processed the data. | Non-Repudiation is about providing [[dido:public:ra:xapend:xapend.a_glossary:a:assurance|assurance]] using [[dido:public:ra:xapend:xapend.a_glossary:e:evidence|evidence]] that an action has been done. For example, a data sender is provided evidence (i.e., proof) of delivery while the receiver is provided evidence (i.e., proof) of the sender's identity. As a consequence, neither the sender or the receiver can deny having processed the data. | ||
| - | Non-Repudiation applies to more than just sending data between two parties. It can be applied to any action or activity. For example, by digitally signing an email, the receiver has evidence (i.e., proof) that the email is from the [[dido:public:ra:xapend:xapend.a_glossary:e:entity|entity]] that signed the email. In other words, it is not possible to repudiate that the email came from the entity that digitally signed the email. Another example is the use of identities in configuration management systems. The change (i.e., transformation) was recorded in a log along with the identity of the individual that made the change. In this way, all changes made to the configuration have Non-Repudiation.(( | + | Non-Repudiation applies to more than just sending data between two parties. It can be applied to any action or activity. For example, by digitally signing an email, the receiver has evidence (i.e., proof) that the email is from the [[dido:public:ra:xapend:xapend.a_glossary:e:entity|entity]] that signed the email. In other words, it is not possible to repudiate that the email came from the entity that digitally signed the email. Another example is the use of identities in [[dido:public:ra:xapend:xapend.a_glossary:c:cm|configuration management]] systems. The change (i.e., transformation) was recorded in a log along with the identity of the individual that made the change. In this way, all changes made to the configuration have Non-Repudiation.(( |
| Evan Wheeler, | Evan Wheeler, | ||
| __Security Risk Management__, | __Security Risk Management__, | ||
dido/public/ra/1.4_req/2_nonfunc/25_security/nonrepudiability.1627328737.txt.gz ยท Last modified: 2021/07/26 15:45 by murphy
