R

See Trusted Network Interpretation.

A security control concept in which an abstract machine mediates accesses to objects by subjects. In principle, a reference monitor should be complete (in that it mediates every access), isolated from modification by system entities, and verifiable. A security kernel is an implementation of a reference monitor for a given hardware base.

Any program that acts to produce copies of itself; examples include a program, a worm, a fork bomb, or a virus. It is even claimed by some that UNIX and C are the symbiotic halves of an extremely successful replicator.

A retrovirus is a virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state.

This UNIX command is the Sun RPC server for remote program execution. This daemon is started by inetd whenever a remote execution request is made.

A study of vulnerabilities, threats, likelihood, loss or impact, and theoretical effectiveness of security measures. The process of evaluating threats and vulnerabilities, known and postulated, to determine expected loss and establish the degree of acceptability to system operations.

The total process in place to identify, control, and minimize the impact of uncertain events. The objective of the risk management program is to reduce risk and obtain and maintain Designated Approving Authority (DAA) approval.

A hacker security tool that captures passwords and message traffic to and from a computer. A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more. Rootkit is a classic example of Trojan Horse software. Rootkit is available for a wide range of operating systems.

An interconnection device that is similar to a bridge, but serves packets or frames containing certain protocols. Routers link LANs at the network layer.

The application of rules during the process of routing so as to choose or avoid specific networks, links, or relays.

Rivest-Shamir-Aldeman algorithm—a public-key cryptographic algorithm that hinges on the assumption that the factoring of the product of two large primes is difficult.

The intrusion detection system detects intrusions by looking for activity that corresponds to known intrusion techniques (signatures) or system vulnerabilities. Also known as misuse detection.