it as detailed as possible Info: Honeytokens - Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource" - Helps to track whether information is being stolen or not. - For example, hospital security will make fake accounts on the medical data of individuals for example, and if someone accesses

Computer Networking: A Top-Down Approach (7th Edition)
7th Edition
ISBN:9780133594140
Author:James Kurose, Keith Ross
Publisher:James Kurose, Keith Ross
Chapter1: Computer Networks And The Internet
Section: Chapter Questions
Problem R1RQ: What is the difference between a host and an end system? List several different types of end...
icon
Related questions
Question

Could you please help with the question below please and thank you i need it as detailed as possible

Info:

Honeytokens - Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource"

- Helps to track whether information is being stolen or not.

- For example, hospital security will make fake accounts on the medical data of individuals for example, and if someone accesses that account, it means the system has been compromised.

More info:

SECTION 3.

Honeytokens

Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource” [5]. Honeytokens can be any digital data. They can consist of documents, images, or even data such as a phony login/password combination. A honeytoken may be any data on a system for which accesses can be logged, and whose access automatically implies unauthorized activity.

While the term ‘honeytoken’ is new, the concept is not. The term ‘honeytoken’ was created by Augusto Paes de Barros on February 21, 2003. He used it in a e-mail that went to a list of security professionals.6 Spitzner further mentions that some map makers will insert phony roads or cities on their maps. They do this so that they can prove when competitors sell copies of their maps. Spitzner gives other hypothetical examples of honeytokens in use. One such example shows how a honeytoken could possibly help in database security. Hospitals could create a bogus medical record for John F. Kennedy and then track the access to that tuple of the database. Anyone who is viewing that record is violating the privacy of patient data. This is because stored procedures and other layers of database access can be designed to avoid accessing honeytokens. In this situation, access to a honeytoken implies that the database is not being accessed through approved means. Also, financial institutions can create bogus accounts. If one tries to access those accounts, then the institution's system has been compromised [5].

The key to using honeytokens is to give the token unique identifiable elements to guarantee that the only access to that token would be by unauthorized parties. If the token could be viewed in normal interaction with a system, the token's tracking ability is compromised. Honeytokens' greatest advantage lies in their flexibility and their minimal cost.

Question:

a) A Deeper Look at Honeytokens (How are they used? Who uses them? Examples, etc.)

b)Honeytokens Benefits and Downfalls

c)Honeytokens Case(s)

Expert Solution
Step 1

Here have to determine about Honeytokens problem statement.

steps

Step by step

Solved in 2 steps

Blurred answer
Recommended textbooks for you
Computer Networking: A Top-Down Approach (7th Edi…
Computer Networking: A Top-Down Approach (7th Edi…
Computer Engineering
ISBN:
9780133594140
Author:
James Kurose, Keith Ross
Publisher:
PEARSON
Computer Organization and Design MIPS Edition, Fi…
Computer Organization and Design MIPS Edition, Fi…
Computer Engineering
ISBN:
9780124077263
Author:
David A. Patterson, John L. Hennessy
Publisher:
Elsevier Science
Network+ Guide to Networks (MindTap Course List)
Network+ Guide to Networks (MindTap Course List)
Computer Engineering
ISBN:
9781337569330
Author:
Jill West, Tamara Dean, Jean Andrews
Publisher:
Cengage Learning
Concepts of Database Management
Concepts of Database Management
Computer Engineering
ISBN:
9781337093422
Author:
Joy L. Starks, Philip J. Pratt, Mary Z. Last
Publisher:
Cengage Learning
Prelude to Programming
Prelude to Programming
Computer Engineering
ISBN:
9780133750423
Author:
VENIT, Stewart
Publisher:
Pearson Education
Sc Business Data Communications and Networking, T…
Sc Business Data Communications and Networking, T…
Computer Engineering
ISBN:
9781119368830
Author:
FITZGERALD
Publisher:
WILEY