Could you please help with the question below please and thank you I need it as detailed as possible: This is not a graded question just a practice question... Info: Honeytokens - Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource" - Helps to track whether the information is being stolen or not. - For example, hospital security will make fake accounts on the medical data of individuals for example, and if someone accesses that account, it means the system has been compromised. More info: Honeytokens Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource” [5]. Honeytokens can be any digital data. They can consist of documents, images, or even data such as a phony login/password combination. A honeytoken may be any data on a system for which accesses can be logged, and whose access automatically implies unauthorized activity. While the term ‘honeytoken’ is new, the concept is not. The term ‘honeytoken’ was created by Augusto Paes de Barros on February 21, 2003. He used it in an e-mail that went to a list of security professionals.6 Spitzner further mentions that some map makers will insert phony roads or cities on their maps. They do this so that they can prove when competitors sell copies of their maps. Spitzner gives other hypothetical examples of honeytokens in use. One such example shows how a honeytoken could possibly help in database security. Hospitals could create a bogus medical record for John F. Kennedy and then track the access to that tuple of the database. Anyone who is viewing that record is violating the privacy of patient data. This is because stored procedures and other layers of database access can be designed to avoid accessing honeytokens. In this situation, access to a honeytoken implies that the database is not being accessed through approved means. Also, financial institutions can create bogus accounts. If one tries to access those accounts, then the institution's system has been compromised [5]. The key to using honeytokens is to give the token unique identifiable elements to guarantee that the only access to that token would be by unauthorized parties. If the token could be viewed in normal interaction with a system, the token's tracking ability is compromised. Honeytokens' greatest advantage lies in their flexibility and their minimal cost. Question: a) A Deeper Look at Honeytokens (How are they used? Who uses them? Examples, etc.) b)Honeytokens Benefits and Downfalls c)Honeytokens Case(s)

Could you please help with the question below please and thank you I need it as detailed as possible: This is not a graded question just a practice question... Info: Honeytokens - Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource" - Helps to track whether the information is being stolen or not. - For example, hospital security will make fake accounts on the medical data of individuals for example, and if someone accesses that account, it means the system has been compromised. More info: Honeytokens Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource” [5]. Honeytokens can be any digital data. They can consist of documents, images, or even data such as a phony login/password combination. A honeytoken may be any data on a system for which accesses can be logged, and whose access automatically implies unauthorized activity. While the term ‘honeytoken’ is new, the concept is not. The term ‘honeytoken’ was created by Augusto Paes de Barros on February 21, 2003. He used it in an e-mail that went to a list of security professionals.6 Spitzner further mentions that some map makers will insert phony roads or cities on their maps. They do this so that they can prove when competitors sell copies of their maps. Spitzner gives other hypothetical examples of honeytokens in use. One such example shows how a honeytoken could possibly help in database security. Hospitals could create a bogus medical record for John F. Kennedy and then track the access to that tuple of the database. Anyone who is viewing that record is violating the privacy of patient data. This is because stored procedures and other layers of database access can be designed to avoid accessing honeytokens. In this situation, access to a honeytoken implies that the database is not being accessed through approved means. Also, financial institutions can create bogus accounts. If one tries to access those accounts, then the institution's system has been compromised [5]. The key to using honeytokens is to give the token unique identifiable elements to guarantee that the only access to that token would be by unauthorized parties. If the token could be viewed in normal interaction with a system, the token's tracking ability is compromised. Honeytokens' greatest advantage lies in their flexibility and their minimal cost. Question: a) A Deeper Look at Honeytokens (How are they used? Who uses them? Examples, etc.) b)Honeytokens Benefits and Downfalls c)Honeytokens Case(s)

Fundamentals of Information Systems

9th Edition

ISBN:9781337097536

Author:Ralph Stair, George Reynolds

Publisher:Ralph Stair, George Reynolds

Chapter9: Cybercrime And Information System Security

Section: Chapter Questions

Problem 2CE

See similar textbooks

Honeytokens

Lance Spitzner, the leader of the Honeynet Project, has defined the term honeytoken as “a digital or information system resource whose value lies in the unauthorized use of that resource” [5]. Honeytokens can be any digital data. They can consist of documents, images, or even data such as a phony login/password combination. A honeytoken may be any data on a system for which accesses can be logged, and whose access automatically implies unauthorized activity.

While the term ‘honeytoken’ is new, the concept is not. The term ‘honeytoken’ was created by Augusto Paes de Barros on February 21, 2003. He used it in an e-mail that went to a list of security professionals.⁶ Spitzner further mentions that some map makers will insert phony roads or cities on their maps. They do this so that they can prove when competitors sell copies of their maps. Spitzner gives other hypothetical examples of honeytokens in use. One such example shows how a honeytoken could possibly help in database security. Hospitals could create a bogus medical record for John F. Kennedy and then track the access to that tuple of the database. Anyone who is viewing that record is violating the privacy of patient data. This is because stored procedures and other layers of database access can be designed to avoid accessing honeytokens. In this situation, access to a honeytoken implies that the database is not being accessed through approved means. Also, financial institutions can create bogus accounts. If one tries to access those accounts, then the institution's system has been compromised [5].

The key to using honeytokens is to give the token unique identifiable elements to guarantee that the only access to that token would be by unauthorized parties. If the token could be viewed in normal interaction with a system, the token's tracking ability is compromised. Honeytokens' greatest advantage lies in their flexibility and their minimal cost.

Question:

a) A Deeper Look at Honeytokens (How are they used? Who uses them? Examples, etc.)

b)Honeytokens Benefits and Downfalls

c)Honeytokens Case(s)

Expert Solution

Step by step

Solved in 3 steps

SEE SOLUTION Check out a sample Q&A here