I3P Digital Commons: Cyber Security Glossary

home > cyber_security_glossary > I3P Digital Commons: Cyber Security Glossary

Cyber Security Glossary

The I3P Cyber Security Glossary is a dictionary of terms useful for people doing cyber security research. Drawn from a variety of glossaries in the field, the I3P Glossary includes every relevant definition from its sources. To see the list of sources and read more about how the Glossary was constructed, see the About the Glossary page.

Using the Glossary

If a definition is greater than 50 words long, only the first 50 words of each definition are displayed. In order to see the remainder of the definition, click the [more] link. At the end of each definition is a link to the glossary it is drawn from.

If you would like to suggest a word or definition for the glossary, please send e-mail to glossary@thei3p.org

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

aads

use account authority digital

access

"(I) The ability and means to communicate with or otherwise interact with a system in order to use system resources to either handle information or gain knowledge of the information the system contains. (O) ""A specific type of interaction between a subject and an object that results in the flow of[more] information from one to the other."" [NCS04] (C) In this Glossary, ""access"" is intended to cover any ability to communicate with a system, including one-way communication in either direction. In actual practice, however, entities outside a security perimeter that can receive output from the system but cannot provide input or otherwise directly interact with the system, might be treated as not having ""access"" and, therefore, be exempt from security policy requirements, such as the need for a security clearance." (RFC 2828)

"(1) A specific type of interaction between a subject and an object that results in the flow of information from one to the other. (2) The ability and the means necessary to approach, to store or retrieve data, to communicate with, or to make use of any resource of an ADP[more] system. [TNI] (1) The ability and means to communicate with (i.e. input to or receive output from) or otherwise make use of any information, resource, or component in an information technology (IT) product. (2) A specific type of interaction between a subject and an object that results in the flow of information from one to the other. Note: An individual does not have 'access' if the proper authority or a physical, technical, or procedural measure prevents him or her from obtaining knowledge or having an opportunity to alter information, material, resources, or components. [AJP] (I) The ability and means to communicate with or otherwise interact with a system in order to use system resources to either handle information or gain knowledge of the information the system contains. (O) 'A specific type of interaction between a subject and an object that results in the flow of information from one to the other.' (C) In this Glossary, 'access' is intended to cover any ability to communicate with a system, including one-way communication in either direction. In actual practice, however, entities outside a security perimeter that can receive output from the system but cannot provide input or otherwise directly interact with the system, might be treated as not having 'access' and, therefore, be exempt from security policy requirements, such as the need for a security clearance. [RFC2828] 1) The right to enter or use a system and its resources; to read, write, modify, or delete data; or to use software processes or network bandwidth. 2) Opportunity to make use of an information system (IS) resource. [CIAO] A specific type of interaction between a subject and an object that results in the flow of information from one to the other. [NCSC/TG004][TCSEC] A specific type of interaction between a subject and an object that results in the flow of information from one to the other. A subject's right to use an object. [SRV] Ability and means to communicate with (i.e. input to or receive output from), or otherwise make use of any information, resource, or component in an Information Technology (IT) Product. Note: An individual does not have 'access' if the proper authority or a physical, technical, or procedural measure prevents them from obtaining knowledge or having an opportunity to alter information, material, resources, or components. [FCv1] Ability to make use of any information system (IS) resource. [800-32] Opportunity to make use of an information system (IS) resource. [CNSSI]" (Anne and Lynn Wheeler)

"1. The rights granted a user in a network. See authorization and authentication. 2. The ability to read, write, or update information (data) on some recording media such as disks; it can be a noun or a verb. 3. A Microsoft product that has become a standard for small database applications.[more] Part of the Microsoft Office suite of programs." (CGSNetwork.com)

"(v.) (1) To use. For example, programs can access memory , which means they read data from or write data to main memory. A user can access files, directories, computers, or peripheral devices. (2) More specifically, access often means to read data from or write data to a mass storage device.[more] The time it takes to locate a single byte of information on a mass-storage device is called the access time. (3) To visit a Web site. (n.) (1) The act of reading data from or writing data to a storage device. (2) A privilege to use computer information in some manner. For example, a user might be granted read access to a file, meaning that the user can read the file but cannot modify or delete it. Most operating systems have several different types of access privileges that can be granted or denied to specific users or groups of users. (3) When capitalized as Access, short for Microsoft Access." (Webopedia)

access control (use for: access controls, computer access control, permitted accesses)

"(I) Protection of system resources against unauthorized access; a process by which use of system resources is regulated according to a security policy and is permitted by only authorized entities (users, programs, processes, or other systems) according to that policy. (See: access, access control service.) (O) ""The prevention of unauthorized use[more] of a resource, including the prevention of use of a resource in an unauthorized manner."" [I7498 Part 2]" (RFC 2828 )

"(1) The limiting of rights or capabilities of a subject to communicate with other subjects, or to use functions or services in a system or network. (2) Restrictions controlling a subject's access to an object. [TNI] (1) The process of limiting access to the resources of an information technology (IT) product[more] only to authorized users, programs, processes, systems (in a network), or other IT products. (Synonymous with controlled access and limited access.) (2) The limiting of rights or capabilities of a subject to communicate with other subjects, or to use functions or services in a system or network. (3) Restrictions controlling a subject's access to an object. [AJP] (I) Protection of system resources against unauthorized access; a process by which use of system resources is regulated according to security policy and is permitted by only authorized entities (users, programs, processes, or other systems) according to that policy. (O) 'The prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner.' [RFC2828] 1) Limiting access to information system resources to authorized users, programs, processes, or other systems only. 2) Procedures and controls that limit or detect access to MEI Resource Elements (People, Technology, Applications, Data and/or Facilities) thereby protecting these resources against loss of Integrity, Confidentiality Accountability and/or Availability. [CIAO] A security service that prevents the unauthorized use of information system resources (hardware and software) only to authorized users and the unauthorized disclosure or modification of data (stored and communicated). [IATF] Enable authorized use of a resource while preventing unauthorized use or use in an unauthorized manner. [800-33] Limiting access to information system resources only to authorized users, programs, processes, or other systems. [CNSSI] Process of limiting access to the resources of an IT product only to authorized users, programs, processes, systems, or other IT products. [FCv1] The process of granting or denying specific requests: 1) for obtaining and using information and related information processing services; and 2) to enter specific physical facilities (e.g., Federal buildings, military establishments, and border crossing entrances). [FIPS201] The process of limiting access to the resources of a system only to authorized programs, processes, or other systems (in a network). [NCSC/TG004] The process of limiting access to the resources of a system only to authorized programs, processes, or other systems (in a network). Synonymous with controlled access and limited access. [SRV] " (Anne and Lynn Wheeler )

Refers to mechanisms and policies that restrict access to computer resources. (Webopedia)

Access Control ensures that resources are only granted to those users who are entitled to them. (SANS)

access control lists (use for: acl)

(I) A mechanism that implements access control for a system resource by enumerating the identities of the system entities that are permitted to access the resource. (See: capability.) (RFC 2828)

"(1) A list of subjects authorized for specific access to an object. (2) A list of entities, together with their access rights, which are authorized to have access to a resource. [TNI] (1) A mechanism implementing discretionary access control in an IT product that identifies the users who may access an[more] object and the type of access to the object that a user is permitted. (2) A list of subjects authorized for specific access to an object. (3) A list of entities, together with their access rights, which are authorized to have access to a resource. [AJP] (I) A mechanism that implements access control for a system resource by enumerating the identities of the computer system entities that are permitted to access the resource. [RFC2828] A list of the subjects that are permitted to access an object and the access rights of each subject. [SRV] A register of: 1) users (including groups, machines, processes) who have been given permission to use a particular system resource, and 2) the types of access they have been permitted. [800-12] Mechanism implementing discretionary access control in an IT product that identifies the users who may access an object and the type of access to the object that a user is permitted. [FCv1] Mechanism implementing discretionary and/or mandatory access control between subjects and objects. [CNSSI][IATF]" (Anne and Lynn Wheeler)

"Short for access control list, a set of data that informs a computer's operating system which permissions, or access rights, that each user or group has to a specific system object, such as a directory or file. Each object has a unique security attribute that identifies which users have access to[more] it, and the ACL is a list of each object and user access privileges such as read, write or execute." (Webopedia)

A mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted to access the resource. (SANS)

access controls

use access control

access points (use for: ap)

"Short for Access Point, a hardware device or a computer's software that acts as a communication hub for users of a wireless device to connect to a wired LAN. APs are important for providing heightened wireless security and for extending the physical range of service a wireless user has access to." (Webopedia)

account authority digital (use for: aads, account authority digital signature)

relying party obtains public key from its own account registery record for digital signature authentication [misc] (Anne and Lynn Wheeler)

account authority digital signature

use account authority digital

accuracy

"A qualitative assessment of correctness, or freedom from error. [SRV]" (Anne and Lynn Wheeler)

acl

use access control lists

active content

Active content refers to electronic documents that are able to automatically carry out or trigger actions on a computer platform without the intervention of a user. [800-46] WWW pages which contain references to programs which are downloaded and executed automatically by WWW browsers. [SRV] (Anne and Lynn Wheeler)

"Refers to content on a Web site that is either interactive, such as Internet polls or opt-in features, or dynamic, such as animated GIFs, stock tickers, weather maps, JavaScript applications, embedded objects, streaming video and audio or ActiveX applications. Streaming video and audio rely on browser plug-ins, such as RealPlayer, to[more] display active content." (Webopedia)

"Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS)" (SANS)

address resolution protocol

use arp

agent technology (use for: agents)

A program used in distributed denial of service (DDoS) attacks that sends malicious traffic to hosts based on the instructions of a handler. [800-61] (Anne and Lynn Wheeler )

"1. A software process empowered to transparently act for or represent a user by completing transactions, seeking information of specific interest, or communicating with other users and agents. The HotBot online service on the WWW is a good example of agent technology at work on the Internet, HTTP://WWW.HOTBOT.COM. 2. Another would[more] be the generic process of a server based tape backup program that allows individual station to be backed up or allows them access for control of the backup; both processes are agents. 3. A program that performs some information gathering or processing task in the background. Typically, an agent is a given a very small and well-defined task. Although the theory behind agents has been around for some time, agents have become more prominent with the recent growth of the Internet. Many companies now sell software that enables you to configure an agent to search the Internet for certain types of information. In computer science, there is a school of thought that believes that the human mind essentially consists of thousands or millions of agents all working in parallel. To produce real artificial intelligence, this school holds, we should build computer systems that also contain many agents and systems for arbitrating among the agents' competing results. The CSGNetwork Message Transmitter is an agent that is server bound. It connects to cellular and paging message services worldwide via the Internet." (CSGNetwork.com)

"(n.) A program that performs some information gathering or processing task in the background. Typically, an agent is given a very small and well-defined task. Although the theory behind agents has been around for some time, agents have become more prominent with the growth of the Internet. Many companies now sell[more] software that enables you to configure an agent to search the Internet for certain types of information. In computer science, there is a school of thought that believes that the human mind essentially consists of thousands or millions of agents all working in parallel. To produce real artificial intelligence, this school holds, we should build computer systems that also contain many agents and systems for arbitrating among the agents' competing results. " (Webopedia)

agents

use agent technology

aggregation

(I) A circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it. (RFC 2828)

(I) A circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it. [RFC2828] (Anne and Lynn Wheeler)

ai

use artificial intelligence

algorithms

"(I) A finite set of step-by-step instructions for a problem- solving or computation procedure, especially one that can be implemented by a computer." (RFC 2828)

"(I) A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer. [RFC2828] A mathematical procedure that can usually be explicitly encoded in a set of computer language instructions that manipulate data. Cryptographic algorithms are mathematical procedures used for such purposes[more] as encrypting and decrypting messages and signing documents digitally. [AJP]" (Anne and Lynn Wheeler)

"A programming and mathematical term, an algorithm is a procedure or formula for solving a problem. The word is derived from the name of the Persian mathematician, Al-Khowarizmi. A computer program can be viewed as an elaborate algorithm containing many smaller algorithms within. In mathematics and computer science, an algorithm usually[more] means a small programming procedure that solves a particular task or recurrent problem. They are most often found in subroutines." (CGSNetwork.com)

"(n.) A formula or set of steps for solving a particular problem. To be an algorithm, a set of rules must be unambiguous and have a clear stopping point. Algorithms can be expressed in any language, from natural languages like English or French to programming languages like FORTRAN. We use[more] algorithms every day. For example, a recipe for baking a cake is an algorithm. Most programs, with the exception of some artificial intelligence applications, consist of algorithms. Inventing elegant algorithms -- algorithms that are simple and require the fewest steps possible -- is one of the principal challenges in programming. " (Webopedia)

analysis

The examination of acquired data for its significance and probative value to the case. [800-72] (Anne and Lynn Wheeler)

anonymous

use anonymous computation

anonymous computation (use for: anonymous)

"(I) The condition of having a name that is unknown or concealed. (See: anonymous login.) (C) An application may require security services that maintain anonymity of users or other system entities, perhaps to preserve their privacy or hide them from attack. To hide an entity's real name, an alias may be[more] used. For example, a financial institution may assign an account number. Parties to a transaction can thus remain relatively anonymous, but can also accept the transaction as legitimate. Real names of the parties cannot be easily determined by observers of the transaction, but an authorized third party may be able to map an alias to a real name, such as by presenting the institution with a court order. In other applications, anonymous entities may be completely untraceable." (RFC 2828 )

"(I) The condition of having a name that is unknown or concealed. (C) An application may require security services that maintain anonymity of users or other system entities, perhaps to preserve their privacy or hide them from attack. To hide an entity's real name, an alias may be used. For example,[more] a financial institution may assign an account number. Parties to a transaction can thus remain relatively anonymous, but can also accept the transaction as legitimate. Real names of the parties cannot be easily determined by observers of the transaction, but an authorized third party may be able to map an alias to a real name, such as by presenting the institution with a court order. In other applications, anonymous entities may be completely untraceable. [RFC2828]" (Anne and Lynn Wheeler )

anti-virus

use anti-virus tools

anti-virus tools (use for: anti-virus, antivirus scanner, antivirus software)

A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents. [800-83] Computer programs that offer protection from viruses by making additional checks of the integrity of the operating system and electronic files. Also known as virus protection software [FFIEC] (Anne and Lynn Wheeler)

"Anti-Virus software scans a computer's memory and disk drives for viruses or for code suspected of being a virus. If it finds a match for the criteria that it feels is that of a virus or virus-like condition, the application informs the user and may clean, delete or quarantine any files,[more] directories or disks affected by the malicious code. Companies such as McAfee and Norton are leaders in the industry but we happen to like a smaller company that puts out an excellent product called AVG. You can get either a free version or a licensed business product from them at the Grisoft website. If you prefer, you can buy the licensed products from us as well." (CGSNetwork.com)

"A computer program designed to detect and respond to malicious software, such as viruses and worms. Responses may include blocking user access to infected files, cleaning infected files or systems, or informing the user that an infected program was detected." (Microsoft)

"Software that scans your computer for viruses, worms, and other malicious software, usually using pattern matching and heuristic algorithms. Pattern-matching involves comparing data in your files to a database of all known viruses. Heuristic algorithms attempt to find files on your computer containing code that does illicit operations, in order to[more] find undiscovered viruses. The latter form of virus scanning is still imperfect, so new viruses often go undetected until scanning software is updated." (Hideaway.net)

antivirus scanner

use anti-virus tools

antivirus software

use anti-virus tools

anycast

"Communication that takes place over a network between a single sender and the nearest of a group of receivers. Anycast is used in IPv6 as a method of updating routing tables. One host initiates an update of a router table for a group of hosts, sending the data to the nearest[more] host. That host then sends the message on to its nearest router until all the routing tables in that group are updated. " (Webopedia)

aosd

use aspect-oriented programming

ap

use access points

apache

"Often referred to as simply Apache, a public-domain open source Web server developed by a loosely-knit group of programmers. The first version of Apache, based on the NCSA httpd Web server, was developed in 1995. Core development of the Apache Web server is performed by a group of about 20 volunteer[more] programmers, called the Apache Group. However, because the source code is freely available, anyone can adapt the server for specific needs, and there is a large public library of Apache add-ons. In many respects, development of Apache is similar to development of the Linux operating system. The original version of Apache was written for UNIX, but there are now versions that run under OS/2, Windows and other platforms. The name is a tribute to the Native American Apache Indian tribe, a tribe well known for its endurance and skill in warfare. A common misunderstanding is that it was called Apache because it was developed from existing NCSA code plus various patches, hence the name a patchy server, or Apache server." (Webopedia)

Open-source web server software originally for Linux systems but now freely available for numerous platforms. See the Apache.Org website for more information. (Hideaway.net)

api (use for: application program interface)

"The interface between the application software and the application platform, across which all services are provided. The API is primarily in support of application portability, but system and application interoperability is also supported by a communication API. [SRV]" (Anne and Lynn Wheeler)

A document for programmers that provides the technical specifications for interfacing with an application from another program. (CGSNetwork.com)

"Abbreviation of application program interface, a set of routines, protocols, and tools for building software applications. A good API makes it easier to develop a program by providing all the building blocks. A programmer puts the blocks together. Most operating environments, such as MS-Windows, provide an API so that programmers can[more] write applications consistent with the operating environment. Although APIs are designed for programmers, they are ultimately good for users because they guarantee that all programs using a common API will have similar interfaces. This makes it easier for users to learn new programs. " (Webopedia)

System access point or library function that has a welldefined syntax and is accessible from application programs or user code to provide well-defined functionality.[FC v.1] (Center for Secure Information Systems)

apple

use macintosh

applet

use java applets

application program interface

use api

applications

"1) All application systems, internal and external, utilized in support of the core process. 2) A software package designed to perform a specific set of functions, such as word processing or communications. [CIAO] A computer program designed to perform specific functions, such as inventory control, scheduling, and payroll. [SRV] A program[more] that performs a function directly for a user, such as ftp and telnet. [misc] Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring, or administrative privileges. [CNSSI] The use of information resources (information and information technology) to satisfy a specific set of user requirements. [800-37]" (Anne and Lynn Wheeler)

An application is a program or group of programs (suites) that perform a given task. Word or WordPerfect are examples of applications; accounting is an application. A smaller form of an application is an applet. Some applications (often called utilities) make up part of the various operating systems but usually run[more] on the OS. (CGSNetwork.com)

"A program or group of programs designed for end users. Software can be divided into two general classes: systems software and applications software. Systems software consists of low-level programs that interact with the computer at a very basic level. This includes operating systems, compilers, and utilities for managing computer resources. In[more] contrast, applications software (also called end-user programs) includes database programs, word processors, and spreadsheets. Figuratively speaking, applications software sits on top of systems software because it is unable to run without the operating system and system utilities. " (Webopedia)

architecture

"A description of all functional activities to be performed to achieve the desired mission, the system elements needed to perform the functions, and the designation of performance levels of those system elements. An architecture also includes information on the technologies, interfaces, and location of functions and is considered an evolving description[more] of an approach to achieving a desired mission. [SRV]" (Anne and Lynn Wheeler)

"(n.) A design. The term architecture can refer to either hardware or software, or to a combination of hardware and software. The architecture of a system always defines its broad outlines, and may define precise mechanisms as well. An open architecture allows the system to be connected easily to devices and[more] programs made by other manufacturers. Open architectures use off-the-shelf components and conform to approved standards. A system with a closed architecture, on the other hand, is one whose design is proprietary, making it difficult to connect the system to other systems. " (Webopedia)

arp (use for: address resolution protocol)

"Short for Address Resolution Protocol, a network layer protocol used to convert an IP address into a physical address (called a DLC address), such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has[more] the IP address in the request then replies with its physical hardware address. There is also Reverse ARP (RARP) which can be used by a host to discover its IP address. In this case, the host broadcasts its physical address and a RARP server replies with the host's IP address. " (Webopedia)

artificial intelligence (use for: ai)

"A branch of computer science that studies how to endow computers with capabilities of human intelligence. For example, speech recognition is a problem being worked on by AI scientists. The branch of computer science concerned with making computers behave like humans. The term was coined in 1956 by John McCarthy at[more] the Massachusetts Institute of Technology. Artificial intelligence includes: 1. Games playing: programming computers to play games such as chess and checkers. 2. Expert systems: programming computers to make decisions in real-life situations (for example, some expert systems help doctors diagnose diseases based on symptoms). 3. Natural language: programming computers to understand natural human languages. 4. Neural networks: Systems that simulate intelligence by attempting to reproduce the types of physical connections that occur in animal brains. 5. Robotics: programming computers to see and hear and react to other sensory stimuli. Currently, no computers exhibit full artificial intelligence (that is, are able to simulate human behavior) to human standards. The greatest advances have occurred in the field of games playing. The best computer chess programs are now capable of beating humans. In May, 1997, an IBM super-computer called Deep Blue defeated world chess champion Gary Kasparov in a chess match. In the area of robotics, computers are now widely used in assembly plants, but they are capable only of very limited tasks. Robots have great difficulty identifying objects based on appearance or feel, and they still move and handle objects clumsily. Natural-language processing offers the greatest potential rewards because it would allow people to interact with computers without needing any specialized knowledge. You could simply walk up to a computer and talk to it. Unfortunately, programming computers to understand natural languages has proved to be more difficult than originally thought. Some rudimentary translation systems that translate from one human language to another are in existence, but they are not nearly as good as human translators. There are also voice recognition systems that can convert spoken sounds into written words, but they do not understand what they are writing; they simply take dictation. Even these systems are quite limited; you must speak slowly and distinctly. In the early 1980s, expert systems were believed to represent the future of artificial intelligence and of computers in general. To date, however, they have not lived up to expectations. Many expert systems help human experts in such fields as medicine and engineering, but they are very expensive to produce and are helpful only in special situations. Today, the hottest area of artificial intelligence is neural networks, which are proving successful in a number of disciplines such as voice recognition and natural-language processing. There are several programming languages that are known as AI languages because they are used almost exclusively for AI applications. The two most common are LISP and Prolog." (CGSNetwork.com)

"The branch of computer science concerned with making computers behave like humans. The term was coined in 1956 by John McCarthy at the Massachusetts Institute of Technology. Artificial intelligence includes # games playing: programming computers to play games such as chess and checkers; # expert systems : programming computers to make[more] decisions in real-life situations (for example, some expert systems help doctors diagnose diseases based on symptoms); # natural language : programming computers to understand natural human languages; # neural networks : Systems that simulate intelligence by attempting to reproduce the types of physical connections that occur in animal brains; # robotics : programming computers to see and hear and react to other sensory stimuli. Currently, no computers exhibit full artificial intelligence (that is, are able to simulate human behavior). The greatest advances have occurred in the field of games playing. The best computer chess programs are now capable of beating humans. In May, 1997, an IBM super-computer called Deep Blue defeated world chess champion Gary Kasparov in a chess match. In the area of robotics, computers are now widely used in assembly plants, but they are capable only of very limited tasks. Robots have great difficulty identifying objects based on appearance or feel, and they still move and handle objects clumsily. Natural-language processing offers the greatest potential rewards because it would allow people to interact with computers without needing any specialized knowledge. You could simply walk up to a computer and talk to it. Unfortunately, programming computers to understand natural languages has proved to be more difficult than originally thought. Some rudimentary translation systems that translate from one human language to another are in existence, but they are not nearly as good as human translators. There are also voice recognition systems that can convert spoken sounds into written words, but they do not understand what they are writing; they simply take dictation. Even these systems are quite limited -- you must speak slowly and distinctly. In the early 1980s, expert systems were believed to represent the future of artificial intelligence and of computers in general. To date, however, they have not lived up to expectations. Many expert systems help human experts in such fields as medicine and engineering, but they are very expensive to produce and are helpful only in special situations. Today, the hottest area of artificial intelligence is neural networks, which are proving successful in a number of disciplines such as voice recognition and natural-language processing. There are several programming languages that are known as AI languages because they are used almost exclusively for AI applications. The two most common are LISP and Prolog. " (Webopedia)

aspect oriented software development

use aspect-oriented programming

aspect-oriented programming (use for: aosd, aspect oriented software development)

"Aspect-oriented software development (AOSD) is a new approach to software development that addresses limitations inherent in other approaches, including object-oriented programming. AOSD aims to address crosscutting concerns by providing means for systematic identification, separation, representation and composition. Crosscutting concerns are encapsulated in separate modules, known as aspects, so that localization can[more] be promoted. This results in better support for modularization hence reducing development, maintenance and evolution costs.[Source: Early Aspects]" (Webopedia)

assembly

"(COMSEC) Group of parts, elements, subassemblies, or circuits that are removable items of COMSEC equipment. [CNSSI]" (Anne and Lynn Wheeler)

"All of the files that comprise an application, including the resource, security management, versioning, sharing and deployment information. An assembly may appear as a single DLL or EXE file, or as multiple files, and is roughly the equivalent of a COM module" (Webopedia)

assembly language (use for: assembly programming)

"A programming language that is once removed from a computer's machine language, often called assembler. The term assembler is often used as the slang to indicate the compiler used to reduce and compile the final code. Machine languages consist entirely of numbers and are almost impossible for humans to read and[more] write. Assembly languages have the same structure and set of commands as machine languages, but they enable a programmer to use names instead of numbers. Each type of CPU has its own machine language and assembly language, so an assembly language program written for one type of CPU won't run on another. In the early days of programming, all programs were written in assembly language. Now, most programs are written in a high-level language such as FORTRAN or C. Programmers still use assembly language when speed is essential or when they need to perform an operation that isn't possible in a high-level language." (CGSNetwork.com)

"A programming language that is once removed from a computer's machine language. Machine languages consist entirely of numbers and are almost impossible for humans to read and write. Assembly languages have the same structure and set of commands as machine languages, but they enable a programmer to use names instead of[more] numbers. Each type of CPU has its own machine language and assembly language, so an assembly language program written for one type of CPU won't run on another. In the early days of programming, all programs were written in assembly language. Now, most programs are written in a high-level language such as FORTRAN or C. Programmers still use assembly language when speed is essential or when they need to perform an operation that isn't possible in a high-level language. " (Webopedia)

assembly programming

use assembly language

assessment

Surveys and Inspections; an analysis of the vulnerabilities of an AIS. Information acquisition and review process designed to assist a customer to determine how best to use resources to protect information in systems. [NSAINT] Verification of a deliverable against a standard using the corresponding method to establish compliance and determine the[more] assurance. [SC27] (Anne and Lynn Wheeler)

assessment of threats

use threat assessment

assurance

(I) (1.) An attribute of an information system that provides grounds for having confidence that the system operates such that the system security policy is enforced. (2.) A procedure that ensures a system is developed and operated as intended by the system's security policy. (RFC 2828)

"(1) The degree of confidence that a TOE adequately fulfills the security requirements. (2) A measure of confidence that the security features and architecture of an AIS accurately mediate and enforce the security policy. Note: The two main aspects of assurance are effectiveness and correctness (ITSEC - European Information Technology Security[more] Evaluation Criteria) or development and evaluation assurance (Federal Criteria). [AJP] (I) (1.) An attribute of an information system that provides grounds for having confidence that the system operates such that the system security policy is enforced. (2.) A procedure that ensures a system is developed and operated as intended by the system's security policy. [RFC2828] A measure of confidence that a security feature and architecture of an automated information system mediates and enforces a security policy. [IATF] A measure of confidence that the security features and architecture of an AIS accurately mediate and enforce the security policy. [NCSC/TG004][NSAINT] Confidence that a computer system design meets its requirements, that its implementation meets its specification, or that some specific property is satisfied. [SRV] Grounds for confidence that a system design meets its requirements, or that its implemented satisfies specifications, or that some specific property is satisfied. [CIAO] Grounds for confidence that an entity meets its security objectives. [CC2][CC21][SC27] Grounds for confidence that an entity meets its security objectives. [ISO/IEC 15408-1: 1999] Performance of appropriate activities or processes to instill confidence that a deliverable meets its security objectives. [SC27] Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. 'Adequately met' includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or bypass. [800-30] Grounds for confidence that the other four security objectives (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. 'Adequately met' includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass. [800-33] Measure of confidence that the security features, practices, procedures, and architecture of an IS accurately mediates and enforces the security policy. [CNSSI] One of the five ���Security Goals.��_ It involves support for our confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. ���Adequately met��_ includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass. [800-27] Performance of appropriate activities or processes to instill confidence that a deliverable meets its security objectives. [SC27] The confidence that may be held in the security provided by a Target of Evaluation. [ITSEC] The degree of confidence that a TOE adequately fulfills the security requirements. Note: The two main aspects of assurance are effectiveness and correctness. [JTC1/SC27]" (Anne and Lynn Wheeler)

A measure of confidence that the security features and architecture of an AIS accurately mediate and enforce the security policy. (NIST)

Property of a TOE giving grounds for confidence that the TOE is secure. [CC 0.9] The degree of confidence that a TOE adequately fulfills the security requirements. Note: The two main aspects of assurance are effectiveness and correctness. (WG3 N102) The confidence that may be held in the security provided by[more] a Target of Evaluation. [ITSEC] A measure of confidence that the security features and architecture of an AIS accurately mediate and enforce the security policy. [NCSC TG-004] (1) The degree of confidence that a target of evaluation adequately fulfills the security requirements. (2) A measure of confidence that the security features and architecture of an AIS accurately mediate and enforce the security policy. Note: The two main aspects of assurance are effectiveness and correctness (ITSEC - Information Technology Security Evaluation Criteria) or development and evaluation assurance (Federal Criteria). [AJP] (Center for Secure Information Systems)

asymmetric cryptography (use for: asymmetric encryption, public key cryptography, public key encryption)

"(I) A modern branch of cryptography (popularly known as ""public- key cryptography"") in which the algorithms employ a pair of keys (a public key and a private key) and use a different component of the pair for different steps of the algorithm. (See: key pair.) (C) Asymmetric algorithms have key management[more] advantages over equivalently strong symmetric ones. First, one key of the pair does not need to be known by anyone but its owner; so it can more easily be kept secret. Second, although the other key of the pair is shared by all entities that use the algorithm, that key does not need to be kept secret from other, non-using entities; so the key distribution part of key management can be done more easily. (C) For encryption: In an asymmetric encryption algorithm (e.g., see: RSA), when Alice wants to ensure confidentiality for data she sends to Bob, she encrypts the data with a public key provided by Bob. Only Bob has the matching private key that is needed to decrypt the data. (C) For signature: In an asymmetric digital signature algorithm (e.g., see: DSA), when Alice wants to ensure data integrity or provide authentication for data she sends to Bob, she uses her private key to sign the data (i.e., create a digital signature based on the data). To verify the signature, Bob uses the matching public key that Alice has provided. (C) For key agreement: In an asymmetric key agreement algorithm (e.g., see: Diffie-Hellman), Alice and Bob each send their own public key to the other person. Then each uses their own private key and the other's public key to compute the new key value." (RFC 2828 )

Public-key cryptography; A modern branch of cryptography in which the algorithms employ a pair of keys (a public key and a private key) and use a different component of the pair for different steps of the algorithm. (SANS)

"public key cryptography: Cryptography using two matched keys (or asymmetric cryptography) in which a single private key is not shared by a pair of users. Instead, users have their own key pairs. Each key pair consists of a matched private and public key. Public key cryptography can perform (1) digital signature,[more] (2) secure transmission or exchange of secret keys, and/or (3) encryption and decryption. Examples of public key cryptography are DSS (Digital Signature Standard) and RSA (Rivest, Shamir, and Adleman)." (Center for Secure Information Systems )

asymmetric encryption

use asymmetric cryptography

asynchronous

"1. A type of transmission in which each character is transmitted independently without reference to a standard clock. The counterpart is synchronous transmission. 2. Data transmission one character at a time to the receiving device, with intervals of varying lengths between transmittals, and with start bits at the beginning and stop[more] bits at the end of each character, to control the transmission. In xDSL and in most dial-up modem communications, asynchronous communications are often found in Internet access and remote office applications." (CGSNetwork.com)

"Not synchronized; that is, not occurring at predetermined or regular intervals. The term asynchronous is usually used to describe communications in which data can be transmitted intermittently rather than in a steady stream. For example, a telephone conversation is asynchronous because both parties can talk whenever they like. If the communication[more] were synchronous, each party would be required to wait a specified interval before speaking. The difficulty with asynchronous communications is that the receiver must have a way to distinguish between valid data and noise. In computer communications, this is usually accomplished through a special start bit and stop bit at the beginning and end of each piece of data. For this reason, asynchronous communication is sometimes called start-stop transmission. Most communications between computers and devices are asynchronous. " (Webopedia)

asynchronous transfer mode

use atm

atm (use for: asynchronous transfer mode)

"A dedicated connection switching technology that organizes digital data into fixed byte cell units and transmits those units over a physical medium using digital signal technology. It is implemented by hardware, therefore, very fast processing and switching speeds are possible. [IATF] A fast-packet technology that was developed for use in area[more] networks using fixed-length cells. It appears to be the best alternative for multimedia applications where data are mixed with voice, images, or full-motion video. [SRV]" (Anne and Lynn Wheeler)

"1. Asynchronous Transfer Mode. The ITU standard for a cell-relay based communications system encompassing voice, data and video traffic. ATM provides standards for 25Mbps and 155Mbps transmission speeds. Because of the expense of the architecture, most networks do not handle this all the way to the workstation but larger networks will[more] use it as a backbone. The unique function of this over other backbones other than speed is the self handled ability to prioritize traffic and requests. 2. Asynchronous Transfer Mode is an emerging technology designed to facilitate the need for high-speed transmission of voice, video and data using the public telephone network, and therefore providing a solution for improper bandwidth allocation. 3. ATM is a connection oriented service that segments incoming data into a succession of small units called cells. Data transmitted from multiple sources is segmented into cells by the ATM network device, and the cells are then interleaved onto a single transmission media. See also TDM and packet switching. 4. An ATM cell is 53 bytes long containing a 5 byte header and a 48 byte payload packet. The header of an ATM cell contains all necessary information for data to reach the appropriate end point in whatever priority is specified. The payload portion of an ATM cell can contain any type of information, be it voice, video or data. 5. An ATM connection is actually one physical connection between two end points, that contains multiple virtual channels (VC). Furthermore, multiple VC�s can be grouped to traverse a Virtual Path (VP)." (CGSNetwork.com)

"Short for Asynchronous Transfer Mode, a network technology based on transferring data in cells or packets of a fixed size. The cell used with ATM is relatively small compared to units used with older technologies. The small, constant cell size allows ATM equipment to transmit video, audio, and computer data over[more] the same network, and assure that no single type of data hogs the line. Some people think that ATM holds the answer to the Internet bandwidth problem, but others are skeptical. ATM creates a fixed channel, or route, between two points whenever data transfer begins. This differs from TCP/IP, in which messages are divided into packets and each packet can take a different route from source to destination. This difference makes it easier to track and bill data usage across an ATM network, but it makes it less adaptable to sudden surges in network traffic. When purchasing ATM service, you generally have a choice of four different types of service: constant bit rate (CBR): specifies a fixed bit rate so that data is sent in a steady stream. This is analogous to a leased line. # variable bit rate (VBR): provides a specified throughput capacity but data is not sent evenly. This is a popular choice for voice and videoconferencing data. # available bit rate (ABR): provides a guaranteed minimum capacity but allows data to be bursted at higher capacities when the network is free. # unspecified bit rate (UBR): does not guarantee any throughput levels. This is used for applications, such as file transfer, that can tolerate delays. " (Webopedia)

attack

use cyber attacks

attack detection

"Detection, correlation, identification, (AS&W) and characterization of intentional unauthorized activity with notification to decision makers so that an appropriate response can be developed. [CNSSI]" (Anne and Lynn Wheeler)

attack signatures

"A specific sequence of events indicative of an unauthorized access attempt. [800-12] Activities or alterations to an IS indicating an attack or attempted attack, detectable by examination of audit trail logs. [CIAO]" (Anne and Lynn Wheeler)

audio

"The audible or sound function of your multimedia interface. There are many types of audio interfaces currently available and while the Microsoft Media Player and the RealAudio Player are currently among the standards, MP3 and others have made significant advancements and may well overtake the leaders as the new standard. Some[more] common terms and formats associated in the industry are 3-D audio, AC-3, AC97, AIFF, ASF, AU, audio scrubbing, digital audio, digitize, Dolby Digital (AC-3), fps, jitter buster, MIDI, MP3, MPEG (MPG), RealAudio, sampling, sound card, streaming, WAV, wave table, and synthesis." (CGSNetwork.com)

audit (use for: auditing)

"A family of security controls in the technical class dealing with ensuring activity involving access to and modification of sensitive or critical files is logged, monitored, and possible security violations investigated. [800-37] A service that keeps a detailed record of events. [IATF] An independent examination of a work product or set[more] of work products to assess compliance with specifications, standards, contractual agreements, or other criteria. [IEEE610] Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures. [CNSSI] Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established security policies and procedures, and/or to recommend necessary changes in controls, policies, or procedures to meet security objectives. [CIAO] Independent review and examination of records and activities to determine compliance with established usage policies and to detect possible inadequacies in product technical security policies of their enforcement. [AJP][FCv1] The independent examination of records and activities to ensure compliance with established controls, policy, and operational procedures, and to recommend any indicated changes in controls, policy, or procedures. [NSAINT] The independent examination of records to access their veracity and completeness. To record independently and examine documents or system activity (e.g. logins and logouts, file accesses, security violations). [AFSEC] The official review, examination, and verification of system records and activities to ensure the adequacy of established IT security controls and procedures; to identify any nonfunctional controls or new vulnerabilities [NASA]" (Anne and Lynn Wheeler)

Auditing is the information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities. (SANS)

Independent review and examination of records and activities to determine compliance with established usage policies and to detect possible inadequacies in product technical security policies of their enforcement. [FC v.1] (Center for Secure Information Systems)

audit data

use audit trail

audit trail (use for: audit data)

"(1) A set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports, and/or backward from records and reports to their component source transactions. (2) A chronological record of system activities that is sufficient to enable the reconstruction,[more] reviewing, and examination of the sequence of environments and activities surrounding or leading to an operation, a procedure, or an event in a transaction from its inception to final results. (3) Information collected or used to facilitate a security audit. Note: Audit trail may apply to information in an IT product or an AIS or to the transfer of COMSEC (communications security) material. [AJP] (1) A set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports, and/or backward from records and reports to their component source transactions. (2) Information collected or used to facilitate a Security Audit. [TNI] A chronological record of system activities that is sufficient to enable the reconstruction, reviewing, and examination of the sequence of environments and activities surrounding or leading to an operation, a procedure, or an event in a transaction from its inception to final results. [NCSC/TG004][SRV] A chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. Note: Audit trail may apply to information in an IT product or an AIS or to the transfer of COMSEC material. [FCv1] A chronological record of system activities which is sufficient to enable the reconstruction, review, and examination of the sequence of events and activities surrounding or leading to each event in the path of a transaction from its inception to the output of final results. The ability to trace data or transactions from origination to output and back. [SRV] A record showing who has accessed an Information Technology (IT) system and what operations the user has performed during a given period. [800-47] A set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports, and/or backward from records and reports to their component source transactions. [TCSEC] Chronological record of system activities or message routing that permits reconstruction and examination of a sequence of events. [CIAO] Chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. [CNSSI] In computer security systems, a chronological record of system resource usage. This includes user login, file access, other various activities, and whether any actual or attempted security violations occurred, legitimate and unauthorized. [NSAINT] In computer security systems, a chronological record of when users login, how long they are engaged in various activities, what they were doing, whether any actual or attempted security violations occurred. An automated or manual set of chronological records of system activities that may enable the reconstruction and examination of a sequence of events and/or changes in an event. [AFSEC] The chronological record of system activities sufficient to enable the reconstruction, review, or examination of the sequence of internal environments and activities surrounding or leading to each event in the path of a user transaction from its inception to output of final results. [NASA]" (Anne and Lynn Wheeler)

"A record showing who has accessed a computer system and what operations he or she has performed during a given period of time. Audit trails are useful both for maintaining security and for recovering lost transactions. Most accounting systems and database management systems include an audit trail component. In addition, there[more] are separate audit trail software products that enable network administrators to monitor use of network resources." (Webopedia)

"A chronological record of system activities that is sufficient to enable the reconstruction, reviewing, and examination of the sequence of environments and activities surrounding or leading to an operation, a procedure, or an event in a transaction from its inception to final results." (NIST)

"(1) A set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports, and/or backward from records and reports to their component source transactions. (2) A chronological record of system activities that is sufficient to enable the reconstruction,[more] reviewing, and examination of the sequence of environments and activities surrounding or leading to an operation, a procedure, or an event in a transaction from its inception to final results. (3) Information collected or used to facilitate a security audit. Note: Audit trail may apply to information in an IT product or an AIS or to the transfer of COMSEC (communications security) material. [AJP] (1) A set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports, and/or backward from records and reports to their component source transactions. (2) Information collected or used to facilitate a Security Audit. [TNI] A chronological record of system activities that is sufficient to enable the reconstruction, reviewing, and examination of the sequence of environments and activities surrounding or leading to an operation, a procedure, or an event in a transaction from its inception to final results. [NCSC/TG004][SRV] A chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. Note: Audit trail may apply to information in an IT product or an AIS or to the transfer of COMSEC material. [FCv1] A chronological record of system activities which is sufficient to enable the reconstruction, review, and examination of the sequence of events and activities surrounding or leading to each event in the path of a transaction from its inception to the output of final results. The ability to trace data or transactions from origination to output and back. [SRV] A record showing who has accessed an Information Technology (IT) system and what operations the user has performed during a given period. [800-47] A set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports, and/or backward from records and reports to their component source transactions. [TCSEC] Chronological record of system activities or message routing that permits reconstruction and examination of a sequence of events. [CIAO] Chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. [CNSSI] In computer security systems, a chronological record of system resource usage. This includes user login, file access, other various activities, and whether any actual or attempted security violations occurred, legitimate and unauthorized. [NSAINT] In computer security systems, a chronological record of when users login, how long they are engaged in various activities, what they were doing, whether any actual or attempted security violations occurred. An automated or manual set of chronological records of system activities that may enable the reconstruction and examination of a sequence of events and/or changes in an event. [AFSEC] The chronological record of system activities sufficient to enable the reconstruction, review, or examination of the sequence of internal environments and activities surrounding or leading to each event in the path of a user transaction from its inception to output of final results. [NASA]" (Anne and Lynn Wheeler)

auditing

use audit

authentication

"(I) The process of verifying an identity claimed by or for a system entity. (See: authenticate, authentication exchange, authentication information, credential, data origin authentication, peer entity authentication.) (C) An authentication process consists of two steps: 1. Identification step: Presenting an identifier to the security system. (Identifiers should be assigned carefully, because[more] authenticated identities are the basis for other security services, such as access control service.) 2. Verification step: Presenting or generating authentication information that corroborates the binding between the entity and the identifier. (See: verification.) (C) See: (""relationship between data integrity service and authentication services"" under) data integrity service." (RFC 2828 )

"(1) To establish the validity of a claimed identity. (2) To provide protection against fraudulent transactions by establishing the validity of a message, station, individual, or originator. [TNI] (1) To establish the validity of a claimed identity. (2) To provide protection against fraudulent transactions by establishing the validity of a message,[more] station, individual, or originator. (3) Means of verifying an entity's (e.g. individual user's, machine's, or software component's) eligibility to receive specific categories of information. [AJP] (I) The process of verifying an identity claimed by or for a system entity. (C) An authentication process consists of two steps: 1. Identification step: Presenting an identifier to the security system. (Identifiers should be assigned carefully, because authenticated identities are the basis for other security services, such as access control service.) 2. Verification step: Presenting or generating authentication information that corroborates the binding between the entity and the identifier. [RFC2828] A process that establishes the origin of information or determines an entityaO(TM)s identity. [800-21] Authentication refers to mechanisms which are used to verify the identity of a user. The process of authentication typically requires a name and a password to be supplied by the user as proof of his identity. [RFC2504] Means of verifying an entity's (e.g. individual user, machine, software component) eligibility to receive specific categories of information. [FCv1] Providing assurance regarding the identity of a subject or object, for example ensuring that a particular user is who he or she claims to be. [SRV] Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to access specific types of information. [CIAO] Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information. [800-37][CNSSI][IATF] The process of verifying that a user requesting a network resource is who he, she, or it claims to be, and vice versa. Trust is a critical concept in network security. Any network resource (such as a file server or printer) typically requires authentication before granting access. Authentication takes many forms, including but not limited to IP addresses; TCP or UDP port numbers; passwords; external token authentication cards; and biometric identification such as signature, speech, or retina recognition systems. The entity being authenticated might be the client machine (for example, by proving that a given IP source address really is that address, and not a rogue machine spoofing that address) or a user (by proving that the user really is who he, she, or it claims to be). Servers might also authenticate themselves to clients. Testers should be aware that in an increasingly mobile society, authentication based on machine-specific criteria such as an IP address or port number is not equivalent to verifying that a given individual is making an access request. At this writing systems that verify the identity of users are typically external to the firewall, and may introduce additional latency to the overall SUT. [RFC2647] The process of verifying the claimed identity of an individual user, machine, software component, or any other entity. [FFIEC] The provision of assurance of the claimed identity of an entity. [SC27] The validation and confirmation of an IT user's claim of identity, occasionally referred to as personal authentication The validation and identification of a computer network node, transmission, or message [NASA] To positively verify the identity of a user, device, or other entity in a system, often as a prerequisite to allowing access to resources in a system. [NSAINT] To positively verify the identity of a user, device, or other entity in a system, often as a prerequisite to allowing access to resources in a system. The verification of the integrity of data that have been stored, transmitted, or otherwise exposed to possible unauthorized modification. [AFSEC] Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in a system. [800-33] Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system. [800-53]" (Anne and Lynn Wheeler )

"1. The verification of the identity of a person or process. This process is most often associated with the login (username) and password verification process. Some ISPs verify that you are who you say you are during the login process, and that you are not already logged on under that name.[more] In certain cases, some specialized mail servers use a process called Authentication to verify mail processes. 2. The process of identifying an individual, usually based on a username and password combination, although the process can be many more steps. In security systems, authentication is distinct from authorization, which is the process of giving individuals access to system objects based on their identity. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual. Authentication in whatever form, is usually followed by authorization. See RADIUS. 3. See PAP and CHAP. 4. A telephony term for a feature that decreases fraud by creating a unique set of variables to identify the phone's identity." (CSGNetwork.com)

"The process of identifying an individual, usually based on a username and password. In security systems, authentication is distinct from authorization , which is the process of giving individuals access to system objects based on their identity. Authentication merely ensures that the individual is who he or she claims to be,[more] but says nothing about the access rights of the individual." (Webopedia)

authenticity

(I) The property of being genuine and able to be verified and be trusted. (RFC 2828)

"(I) The property of being genuine and able to be verified and be trusted. [RFC2828] The principle that ensures that a message is received in exactly the same form in which it was sent. [AFSEC] The property of being genuine and being able to be verified and trusted; confidence in the[more] validity of a transmission, a message, or message originator. [800-53] The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. See authentication. [800-53] The property that ensures that the identity of a subject or resource is the one claimed. Authenticity applies to entities such as users, processes, systems and information. [SC27]" (Anne and Lynn Wheeler)

Authenticity is the validity and conformance of the original information. (SANS)

authority

"(D) ""An entity, responsible for the issuance of certificates."" [FPDAM] (C) ISDs SHOULD NOT use this term as a synonym for AA, CA, RA, ORA, or similar terms, because it may cause confusion. Instead, use the full term at the first instance of usage and then, if it is necessary to[more] shorten text, use the style of abbreviation defined in this Glossary. (C) ISDs SHOULD NOT use this definition for any PKI entity, because the definition is ambiguous with regard to whether the entity actually issues certificates (e.g., attribute authority or certification authority) or just has accountability for processes that precede or follow signing (e.g., registration authority)." (RFC 2828)

"(D) 'An entity, responsible for the issuance of certificates.' (C) ISDs SHOULD NOT use this term as a synonym for AA, CA, RA, ORA, or similar terms, because it may cause confusion. Instead, use the full term at the first instance of usage and then, if it is necessary to shorten[more] text, use the style of abbreviation defined in this Glossary. (C) ISDs SHOULD NOT use this definition for any PKI entity, because the definition is ambiguous with regard to whether the entity actually issues certificates (e.g. attribute authority or certification authority) or just has accountability for processes that precede or follow signing (e.g. registration authority). [RFC2828]" (Anne and Lynn Wheeler)

authorization (use for: authorize, permissions, user permissions)

"(I) (1.) An ""authorization"" is a right or a permission that is granted to a system entity to access a system resource. (2.) An ""authorization process"" is a procedure for granting such rights. (3.) To ""authorize"" means to grant such a right or permission. (See: privilege.) (O) SET usage: ""The process[more] by which a properly appointed person or persons grants permission to perform some action on behalf of an organization. This process assesses transaction risk, confirms that a given transaction does not raise the account holder's debt above the account's credit limit, and reserves the specified amount of credit. (When a merchant obtains authorization, payment for the authorized amount is guaranteed--provided, of course, that the merchant followed the rules associated with the authorization process.)"" [SET2]" (RFC 2828 )

"Permissions: (I) A synonym for 'authorization', but 'authorization' is preferred in the PKI context. [RFC2828] A description of the type of authorized interactions a subject can have with an object. Examples include read, write, execute, add, modify, and delete. [AJP][NCSC/TG004] Another word for the access controls that are used to control[more] the access to files and other resources. [RFC2504] " (Anne and Lynn Wheeler )

"The process of granting or denying access to a network resource. Most computer security systems are based on a two-step process, sometimes more. The first stage is authentication, which ensures that a user is who he or she claims to be and in some cases, that the user is not already[more] on the system. The second stage is authorization, which allows the user access in varied degrees to various resources based on the preassigned privileges associated with the user's identity." (CSGNetwork.com)

"Authorization is the approval, permission, or empowerment for someone or something to do something." (SANS)

authorize

use authorization

automated security analysis (use for: automated security monitoring)

"All security features needed to provide an acceptable level of protection for hardware, software, and classified, sensitive, unclassified or critical data, material, or processes in the system. [NSAINT] The use of automated procedures to ensure that security controls are not circumvented. [AJP][NCSC/TG004][SRV] Use of automated procedures to ensure security controls are[more] not circumvented or the use of these tools to track actions taken by subjects suspected of misusing the IS. [CNSSI]" (Anne and Lynn Wheeler)

The use of automated procedures to ensure that security controls are not circumvented. (NIST)

The use of automated procedures to ensure that security controls are not circumvented. [NCSC TG-004] (Center for Secure Information Systems)

automated security monitoring

use automated security analysis

autonomic computing

"A type of computing model in which the system is self-healing, self-configured, self-protected and self-managed. Designed to mimic the human body's nervous system--in that the autonomic nervous system acts and reacts to stimuli independent of the individual's conscious input--an autonomic computing environment functions with a high level of artificial intelligence while[more] remaining invisible to the users. Just as the human body acts and responds without the individual controlling functions (e.g., internal temperature rises and falls, breathing rate fluctuates, glands secrete hormones in response to stimulus), the autonomic computing environment operates organically in response to the input it collects. A leader in autonomic computing design, IBM has set forth eight conditions that define an autonomic system: 1. The system must know itself in terms of what resources it has access to, what its capabilities and limitations are and how and why it is connected to other systems. 2. The system must be able to automatically configure and reconfigure itself depending on the changing computing environment. 3. The system must be able to optimize its performance to ensure the most efficient computing process. 4. The system must be able to work around encountered problems by either repairing itself or routing functions away from the trouble. 5. The system must detect, identify and protect itself against various types of attacks to maintain overall system security and integrity. 6. The system must be able to adapt to its environment as it changes, interacting with neighboring systems and establishing communication protocols. 7. The system must rely on open standards and cannot exist in a proprietary environment. 8. The system must anticipate the demand on its resources while keeping transparent to users." (Webopedia)

availability

"(I) The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system; i.e., a system is available if it provides services according to the system design whenever users request them. (O) ""The property of being[more] accessible and usable upon demand by an authorized entity."" [I7498 Part 2]" (RFC 2828)

"(1) The ability to access a specific resource within a specific time frame as defined within the IT product specification. (2) The ability to use or access objects and resources as required. The property relates to the concern that information objects and other system resources are accessible when needed and without[more] undue delay. (3) The prevention of the unauthorized withholding of information resources. [AJP] (I) The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system; i.e., a system is available if it provides services according to the system design whenever users request them. (O) 'The property of being accessible and usable upon demand by an authorized entity.' [RFC2828] 1) Timely, reliable access to data and information services for authorized users. 2) The ability to have access to MEI Resource Elements when required by the mission and core supporting process(es), both now and in the future. It also concerns the safeguarding of those resources and associated capabilities. [CIAO] Ability to access a specific resource within a specific time frame as defined within the IT product specification. [FCv1] Assurance that information, services, and IT system resources are accessible to authorized users and/or system-related processes on a timely and reliable basis and are protected from denial of service. [800-37] Assuring information and communications services will be ready for use when expected. [NSAINT][OVT] Computer hardware and software system working efficiently and the system is able to recover quickly and completely if a disaster occurs. The principle that ensures that computer systems and data are working and available to users. Denial of Service is an attack on availability. [AFSEC] Ensuring timely and reliable access to and use of information. [800-53] The ability to use or access objects and resources as required. The property relates to the concern that information objects and other system resources are accessible when needed and without undue delay. [JTC1/SC27] The prevention of the unauthorized withholding of information resources. [ITSEC][NIAP] The probability that a given resource will be usable during a given time period. [SRV] The property of being accessible and usable upon demand by an authorized entity. [IATF][SC27] The property that a given resource will be usable during a given time period. [SRV] The security objective that generates the requirement for protection against * Intentional or accidental attempts to (1) perform unauthorized deletion of data or (2) otherwise cause a denial of service or data * Unauthorized use of system resources. [800-30] The security objective that generates the requirement for protection against intentional or accidental attempts to (1) perform unauthorized deletion of data or (2) otherwise cause a denial of service or data. [800-33] The state wherein information and systems are in the place needed by the user, at the proper time, and in the form that the user requests [NASA] Timely, reliable access to data and information services for authorized users. [CNSSI]" (Anne and Lynn Wheeler)

Availability is the need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it. (SANS)

B

banking

use banking and finance

banking and finance (use for: banking)

"A critical infrastructure characterized by entities, such as retail and commercial organizations, investment institutions, exchange boards, trading houses, and reserve systems, and associated operational organizations. Also includes government operations, and support activities, that are involved in all manner of monetary transactions, including its storage for saving purposes, its investment for income[more] purposes, its exchange for payment purposes, and its disbursement in the form of loans and other financial instruments. [CIAO]" (Anne and Lynn Wheeler)

bayesian filter (use for: bayesian filtering)

"(b_� z_-en fil�t�r) (n.) A technique for identifying incoming e-mail spam. Unlike other filtering techniques that look for spam-identifying words in subject lines and headers, a Bayesian filter uses the entire context of an e-mail when it looks for words or character strings that will identify the e-mail as spam. Another[more] difference between a Bayesian filter and other content filters is that a Bayesian filter learns to identify new spam the more it analyzes incoming e-mails. Bayesian filtering is named for English mathematician Thomas Bayes, who developed a theory of probability inference. Bayesian filtering is predicated on the idea that spam can be filtered out based on the probability that certain words will correctly identify a piece of e-mail as spam while other words will correctly identify a piece of e-mail as legitimate and wanted. At its most basic level, a Bayesian filter examines a set of e-mails that are known to be spam and a set of e-mails that are known to be legitimate and compares the content in both e-mails in order to build a database of words that will, according to probability, identify, or predict, future e-mails as spam or not. Bayesian filters examine the words in a body of an e-mail, its header information and metadata, word pairs and phrases and even HTML code that can identify, for example, certain colors that can indicate a spam e-mail. Bayesian filters are adaptable in that the filter can train itself to identify new patterns of spam and can be adapted by the human user to adjust to the user�s specific parameters for identifying spam. Bayesian filters also are advantageous because they take the whole context of a message into consideration. For example, not every e-mail with the word �cash� in it is spam, so the filter identifies the probability of an e-mail with the word �cash� being spam based on what other content is in the e-mail. Proponents of Bayesian filters assert that the filters return less than one percent of false positives." (Webopedia)

bayesian filtering

use bayesian filter

behavior

A description of a response to postulated interactions. [CC 0.9] (Center for Secure Information Systems)

benchmarking

"A structured approach for identifying the best practices from industry and government, and comparing and adapting them to the organization's operations. Such as approach is aimed at identifying more efficient and effective processes for achieving intended results and at suggesting ambitious goals for productivity, product/service quality, and process improvement. [SRV]" (Anne and Lynn Wheeler)

best practices

"The processes, practices, and systems identified in public and private organizations that performed exceptionally well and are widely recognized as improving an organization's performance and efficiency in specific areas. Successfully identifying and applying best practices can reduce business expenses and improve organizational efficiency. Best practices can be applied to all functions[more] within an organization. Business practices that have been shown to improve an organization's IT function, as well as other business functions. [SRV]" (Anne and Lynn Wheeler)

bgp

use border gateway protocol

binary compatible

"Having the exact same data format, down to the binary level. That is, two files that are binary compatible will have the same pattern of zeroes and ones in the data portion of the file. The file header, however, may be different. The term is used most commonly to state that[more] data files produced by one application are exactly the same as data files produced by another application. For example, many software companies now produce applications for Windows and the Macintosh that are binary compatible, which means that a file produced in a Windows environment is interchangeable with a file produced on a Macintosh. This avoids many of the conversion problems caused by importing and exporting data. " (Webopedia)

bioinformatics

"The application of computer technology to the management of biological information. Specifically, it is the science of developing computer databases and algorithms to facilitate and expedite biological research. Bioinformatics is being used largely in the field of human genome research by the Human Genome Project that has been determining the sequence[more] of the entire human genome (about 3 billion base pairs) and is essential in using genomic information to understand diseases. It is also used largely for the identification of new molecular targets for drug discovery. Many universities have recognized the importance of this endeavor and have instituted academic and training programs in bioinformatics that combine backgrounds in molecular biology with a strong foundation in computer science. Specialists in the field are referred to as computational biologists or bioinformatics computer scientists. " (Webopedia)

biometric technologies

use biometrics

biometrics (use for: biometric technologies)

"A measurable, physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an applicant. Facial images, fingerprints, and handwriting samples are all examples of biometrics. [FIPS201] Automated methods of authenticating or verifying an individual based on a physical or behavioral characteristic. [IATF] Automated methods[more] of authenticating or verifying an individual based upon a physical or behavioral characteristic. [CNSSI] The method of verifying a person's identify by analyzing a unique physical attribute of the individual (e.g., fingerprint, retinal scanning). [FFIEC]" (Anne and Lynn Wheeler)

"The term biometric is the name given a technology that is the measurement of a living, human characteristic. This process include the ability to measure characteristics such as fingerprints, voice recordings, irises, heat patterns, keystroke rhythms, and facial images; comparing a person's unique characteristics against previously enrolled images for the purpose[more] of recognition. A leader in the industry is Identix. Please visit them at HTTP://WWW.IDENTIX.COM for a closer look at the technology and company." (CGSNetwork.com)

"(b_��_-met�riks) (n.) Generally, the study of measurable biological characteristics. In computer security, biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked. There are several types of biometric identification schemes: * face: the analysis of facial characteristics; * fingerprint: the analysis of an individual�s unique[more] fingerprints; * hand geometry: the analysis of the shape of the hand and the length of the fingers; * retina: the analysis of the capillary vessels located at the back of the eye; * iris: the analysis of the colored ring that surrounds the eye�s pupil; * signature: the analysis of the way a person signs his name.; * vein: the analysis of pattern of veins in the back if the hand and the wrist; * voice: the analysis of the tone, pitch, cadence and frequency of a person�s voice. Though the field is still in its infancy, many people believe that biometrics will play a critical role in future computers, and especially in electronic commerce. Personal computers of the future might include a fingerprint scanner where you could place your index finger. The computer would analyze your fingerprint to determine who you are and, based on your identity, authorize you different levels of access. Access levels could include the ability to use credit card information to make electronic purchases. " (Webopedia)

Biometrics use physical characteristics of the users to determine access. (SANS)

blackouts

The total loss of electrical power. (CGSNetwork.com)

bluetooth

"Bluetooth is a telecommunications industry specification describing how certain types of mobile phones, computers, and personal digital assistants (PDAs) can be interconnected using a short-range wireless connection technology. The technology is also used for wireless keyboards, mice and similar pointing and input devices. Bluetooth networks feature a dynamic topology called a[more] piconet or PAN. Piconets contain a minimum of two and a maximum of eight Bluetooth peer devices. Devices communicate using protocols that are part of the Bluetooth Specification. Version 1.1 of the specification is in widespread use today with versions 1.2 and 2.0 under development. It appears to us that the actual current driving force in the industry for Bluetooth is Microsoft who is providing most of the ability for interconnectivity. Using this technology, users of cellular phones, pagers, and personal digital assistants can buy a three-in-one phone that can double as a portable phone at home or in the office, get quickly synchronized with information in a desktop or notebook computer, initiate the sending or receiving of a FAX, initiate a print-out, and, in general, have all mobile and fixed computer devices be totally coordinated. Bluetooth requires that a very low-cost and low powered transceiver chip be designed into and included within each device. The transceiver transmits and receives in a previously unused frequency band of 2.45 GHz that is available globally. There are some minor variations of bandwidth in different countries, and optionally within a region. In addition to specific data information, there are up to three voice channels that are available. Each device has a unique 48-bit address from the IEEE 802 standard, somewhat similar to an Ethernet address. Connections can be point-to-point or multipoint. The maximum range is 10 meters; realistically, considerably less than that but not required as line of sight. Data can be exchanged at a rate of 1 megabit per second (up to 2 Mbps in the second generation of the technology); again realistically, much slower. Neither speed nor distance is close to WI-FI specifications, though this frequency falls within the WI-FI bandwidth. A frequency hop scheme allows devices to communicate even in areas with a great deal of electromagnetic interference. Built-in encryption and verification is provided as minimal security, but only minimal. As is true for WI-FI and other wireless technologies today, concerns with Bluetooth include security and interoperability with other networking standards. Practical adoption of the technology has not yet lived up to the initial industry speculation and red carpets; without Microsoft, it would not be here at all. When 2.0 is achieved, however, this will become a very viable technology. " (CGSNetwork.com)

"A short-range radio technology aimed at simplifying communications among Internet devices and between devices and the Internet. It also aims to simplify data synchronization between Internet devices and other computers. Products with Bluetooth technology must be qualified and pass interoperability testing by the Bluetooth Special Interest Group prior to release. Bluetooth's[more] founding members include Ericsson, IBM, Intel, Nokia and Toshiba. " (Webopedia)

boot

use bootstrap

bootstrap (use for: boot)

"1. Short and slang for the early computing term, bootstrap loader. To start up or reset a computer. When a computer is booted, a bootstrap routine is automatically executed that looks for and loads the operating system. A cold boot is when the computer is powered up from an off state.[more] A warm boot occurs when an already turned on computer is re-booted. 2. A process by which a short loader program loads itself into memory and then loads a longer program. The program brings itself into a desired state through its own action. This can be in a computer or other CPU controlled device, usually call an intelligent device. It is the startup process. 3. A term in slang to describe the action of terminating a connection to the Internet involuntarily. This process is usually done by an agent of an ISP if a flagrant violation of rules occurs. It can be initiated by a hacker to agitate or aggravate another user." (CGSNetwork.com)

"(v.) To load the first piece of software that starts a computer. Because the operating system is essential for running all other programs, it is usually the first piece of software loaded during the boot process. Boot is short for bootstrap, which in olden days was a strap attached to the[more] top of your boot that you could pull to help get your boot on. Hence, the expression ""pull oneself up by the bootstraps."" Similarly, bootstrap utilities help the computer get started. (n.) Short for bootstrap, the starting-up of a computer, which involves loading the operating system and other basic software. A cold boot is when you turn the computer on from an off position. A warm boot is when you reset a computer that is already on. " (Webopedia)

"The ROM routine used to load the OS is often known as the 'bootstrap', from the expression ""pull yourself up by your own bootstraps""." (CGSNetwork.com)

border gateway protocol (use for: bgp)

"Border Gateway Protocol, a standard routing protocol, used primarily for routing between large, heterogenous networks." (CSGNetwork.com)

"Short for Border Gateway Protocol, an exterior gateway routing protocol that enables groups of routers (called autonomous systems) to share routing information so that efficient, loop-free routes can be established. BGP is commonly used within and between Internet Service Providers (ISPs). The protocol is defined in RFC 1771." (Webopedia)

An inter-autonomous system routing protocol. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP). (SANS)

brand spoofing

use phishing

buffer

"1. A temporary memory location for data in transit from one device to another device; it is usually credited with making negotiations easier between devices of two different speeds. Your operating system or the application program decides which buffer to use. Most buffers are for disk I/O. In DOS, Windows and[more] similar operating environments, you have the ability to tell the system how many buffers to set aside in memory VIA settings in CONFIG.SYS or in the registry. See z-buffering. 2. A buffer is a data area shared by hardware devices or program processes that operate at different speeds or with different sets of priorities. The buffer allows each device or process to operate without being held up by the other. Like a cache, a buffer is a ""midpoint holding place"" but exists not so much to accelerate the speed of an activity as to support the coordination of separate activities." (CSGNetwork.com)

"(n.) A temporary storage area, usually in RAM. The purpose of most buffers is to act as a holding area, enabling the CPU to manipulate data before transferring it to a device. Because the processes of reading and writing data to a disk are relatively slow, many programs keep track of[more] data changes in a buffer and then copy the buffer to a disk. For example, word processors employ a buffer to keep track of changes to files. Then when you save the file, the word processor updates the disk file with the contents of the buffer. This is much more efficient than accessing the file on the disk each time you make a change to the file. Note that because your changes are initially stored in a buffer, not on the disk, all of them will be lost if the computer fails during an editing session. For this reason, it is a good idea to save your file periodically. Most word processors automatically save files at regular intervals. Buffers are commonly used when burning data onto a compact disc, where the data is transferred to the buffer before being written to the disc. Another common use of buffers is for printing documents. When you enter a PRINT command, the operating system copies your document to a print buffer (a free area in memory or on a disk) from which the printer can draw characters at its own pace. This frees the computer to perform other tasks while the printer is running in the background. Print buffering is called spooling. Most keyboard drivers also contain a buffer so that you can edit typing mistakes before sending your command to a program. Many operating systems, including DOS, also use a disk buffer to temporarily hold data that they have read from a disk. The disk buffer is really a cache. (v.) To move data into a temporary storage area. " (Webopedia)

A region of memory reserved for use as an intermediate repository in which data is temporarily held before it is transferred between two locations or devices. (Microsoft)

A segment of memory assigned by programs to store data. (Hideaway.net)

buffer overflow (use for: buffer overrun)

"A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system. [800-28][more] This happens when more data is put into a buffer or holding area than the buffer can handle. This is due to a mismatch in processing rates between the producing and consuming processes. This can result in system crashes or the creation of a back door leading to system access. [NSAINT] This happens when more data is put into a buffer or holding area, then the buffer can handle. This is due to a mismatch in processing rates between the producing and consuming processes. [AFSEC] This happens when more data is put into a buffer or holding area, then the buffer can handle. This is due to a mismatch in processing rates between the producing and consuming processes. This can result in system crashes or the creation of a back door leading to system access. [OVT] a technique for crashing or gaining control of a computer by sending too much data to the buffer in a computer's memory. [FJC]" (Anne and Lynn Wheeler )

"A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into[more] adjacent buffers, corrupting or overwriting the valid data held in them." (