Could you please help with the question below please and thank you I need it as detailed as possible: This is not a graded question just a practice question... Info: Honeytokens - Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource" -   Helps to track whether the information is being stolen or not. -   For example, hospital security will make fake accounts on the medical data of individuals for example, and if someone accesses that account, it means the system has been compromised. More info:  Honeytokens Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource” [5]. Honeytokens can be any digital data. They can consist of documents, images, or even data such as a phony login/password combination. A honeytoken may be any data on a system for which accesses can be logged, and whose access automatically implies unauthorized activity. While the term ‘honeytoken’ is new, the concept is not. The term ‘honeytoken’ was created by Augusto Paes de Barros on February 21, 2003. He used it in an e-mail that went to a list of security professionals.6 Spitzner further mentions that some map makers will insert phony roads or cities on their maps. They do this so that they can prove when competitors sell copies of their maps. Spitzner gives other hypothetical examples of honeytokens in use. One such example shows how a honeytoken could possibly help in database security. Hospitals could create a bogus medical record for John F. Kennedy and then track the access to that tuple of the database. Anyone who is viewing that record is violating the privacy of patient data. This is because stored procedures and other layers of database access can be designed to avoid accessing honeytokens. In this situation, access to a honeytoken implies that the database is not being accessed through approved means. Also, financial institutions can create bogus accounts. If one tries to access those accounts, then the institution's system has been compromised [5]. The key to using honeytokens is to give the token unique identifiable elements to guarantee that the only access to that token would be by unauthorized parties. If the token could be viewed in normal interaction with a system, the token's tracking ability is compromised. Honeytokens' greatest advantage lies in their flexibility and their minimal cost.   Question:  a) A Deeper Look at Honeytokens (How are they used? Who uses them? Examples, etc.) b)Honeytokens Benefits and Downfalls c)Honeytokens Case(s)

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
Question

Could you please help with the question below please and thank you I need it as detailed as possible: This is not a graded question just a practice question...

Info:

Honeytokens - Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource"

-   Helps to track whether the information is being stolen or not.

-   For example, hospital security will make fake accounts on the medical data of individuals for example, and if someone accesses that account, it means the system has been compromised.

More info: 

Honeytokens

Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource” [5]. Honeytokens can be any digital data. They can consist of documents, images, or even data such as a phony login/password combination. A honeytoken may be any data on a system for which accesses can be logged, and whose access automatically implies unauthorized activity.

While the term ‘honeytoken’ is new, the concept is not. The term ‘honeytoken’ was created by Augusto Paes de Barros on February 21, 2003. He used it in an e-mail that went to a list of security professionals.6 Spitzner further mentions that some map makers will insert phony roads or cities on their maps. They do this so that they can prove when competitors sell copies of their maps. Spitzner gives other hypothetical examples of honeytokens in use. One such example shows how a honeytoken could possibly help in database security. Hospitals could create a bogus medical record for John F. Kennedy and then track the access to that tuple of the database. Anyone who is viewing that record is violating the privacy of patient data. This is because stored procedures and other layers of database access can be designed to avoid accessing honeytokens. In this situation, access to a honeytoken implies that the database is not being accessed through approved means. Also, financial institutions can create bogus accounts. If one tries to access those accounts, then the institution's system has been compromised [5].

The key to using honeytokens is to give the token unique identifiable elements to guarantee that the only access to that token would be by unauthorized parties. If the token could be viewed in normal interaction with a system, the token's tracking ability is compromised. Honeytokens' greatest advantage lies in their flexibility and their minimal cost.

 

Question: 

a) A Deeper Look at Honeytokens (How are they used? Who uses them? Examples, etc.)

b)Honeytokens Benefits and Downfalls

c)Honeytokens Case(s)

Expert Solution
steps

Step by step

Solved in 3 steps

Blurred answer
Similar questions
  • SEE MORE QUESTIONS
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education