Glossary and references
1-Click1-Click, also called one-click or one-click buying, is the technique of allowing customers to make online purchases with a single click, with the payment information needed to complete the purchase having been entered by the user previously. More particularly, it allows an online shopper using an internet marketplace to purchase an item without having to use shopping cart software. Instead of manually inputting billing and shipping information for a purchase, a user can use one-click buying to use a predefined address and credit card number to purchase one or more items. (via Wikipedia)
Ad blockerAd blockers are software programs and browser extensions that prevent unwanted advertisements, advertisement tracking, popups and malware while browsing.
AuthenticationAuthentication is the process of ensuring that the identity claimed by an entity is the correct one (see identification for further details). This is typically done by asking the entity to provide something they know, like a password, something they have, like a smart card, or something they are, like a fingerprint.
Boiler room fraudCold calling people to pressure them into buying shares that promise high returns. In reality, the shares are either worthless or non-existent. (via http://www.actionfraud.police.uk/fraud-az-boiler-room-fraud)
CVVCard Verification Value is the 3 digit value on the back of many payment cards.
Want to keep
Newcastle University online course,
Cyber Security: Safety at Home, Online, in Life
Dark WebThe dark web is the World Wide Web content that exists on darknets, overlay networks which use the public Internet but which require specific software, configurations or authorization to access.The dark web forms a small part of the deep web, the part of the web not indexed by search engines. (via Wikipedia)
DoSA Denial of Service attack is where an attempt is made to make a computer or network resource unavailable to intended users. These are often targeted at high profile sites or services.
IdentificationIdentification is the process of associating an entity in the system, such as a resource or a user, to a proper identity, for instance an IP address or a name. Authorisation policies are usually defined based on the identity of the entities, rather than on the entities themselves, and two entities sharing the same identity will be indistinguishable.
Internet of ThingsEveryday objects which have network connectivity. The Internet of Things Global Standards Initiative agreed on this definition: a global infrastructure for the information society, enabling advanced services by interconnecting (physical and virtual) things based on existing and evolving interoperable information and communication technologies. In other words: The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.
PhishingObtaining personal details (passwords, financial details) through trick emails and websites which appear to be from reputable sources.
RansomwareA ransomware is a particular type of virus which, once installed on a computer, encrypts some particularly important files (e.g., Word or Powerpoint documents), and asks for a ransom to the owner, threatening to delete the encryption key unless the owner pays the ransom.
Secondary informationThis is information that you have not shared directly. It’s often related to your online activities such as browsing, purchasing, website visits and searches. It can be collected without you knowing, perhaps as a result of other people sharing information.
XACMLXACML stands for eXtensible Access Control Markup Language, a standard developed to define a declarative fine-grained, attribute-based access control policy language, an architecture, and a processing model describing how to evaluate access requests according to the rules defined in policies.
ReferencesThe following references are linked from various articles in the course and brought together here, for further reading if you’re interested in exploring the research in more detail.Egelman, S., Herley, C. and Van Oorschot, P.C. (2013). Markets for zero-day exploits: Ethics and implications. In Proceedings of the 2013 workshop on New security paradigms, pp. 41-46. ACM.Finifter, M., Akhawe, D. and Wagner, D. (2013). An empirical study of vulnerability rewards programs. Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13), pp 273-288.Kahneman, D. (2013), Thinking Fast and Slow, Farrar, Straus and GirouxLampson, B., (1971), Protection. Proc. 5th Princeton Conf. on Information Sciences and Systems, Princeton, 1971. Reprinted in ACM Operating Systems Rev. Vol. 8, No 1, pp. 18-24.Warren, S.D. and Brandeis, L.D. (1890). The Right to Privacy, Harvard Law Review, Vol. 4, No. 5, pp. 193-220.Westin, A.F. (1967). Privacy and Freedom, New York: Atheneum.
Cyber Security: Safety at Home, Online, in Life
Our purpose is to transform access to education.
We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.
We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.