Domain 1 · 1.2 Fundamental Security Concepts
1.2.2 Non-repudiation
14 min
Non-repudiation → proof that a specific subject performed an action and cannot later deny it.
Critical for: - Electronic contracts - Banking & e-commerce - PKI and legal systems - Auditing
How it's achieved
- Digital signatures
- Public Key Infrastructure (PKI)
- Certificates
- Cryptographic keys
- Audit logs
- Timestamps
Example
A CEO signs a document with their private key. They later deny it → the digital signature proves they signed it.
Exam pitfall
- Authentication → proves *who you are* at login
- Non-repudiation → proves *you did this action* and can't deny it