M

Access policy is determined by the system rather than by the owner. See also DAC.

A backdoor that allows a software developer or vendor to bypass access control mechanisms in order to perform maintenance. These backdoors are often well known and pose a significant security threat if not properly secured.

Malicious software that typically damages, takes control of, or collects information from, a computer. This classification of software broadly includes viruses, worms, Trojan horses, logic bombs, spyware, and (to a lesser extent) adware.

Metropolitan area network.

A system-determined access policy.

A type of attack in which an attacker intercepts messages between two parties and forwards a modified version of the original message.

A physical access control method consisting of a double set of locked doors or turnstiles.

Controls that must be performed manually by persons.

An extension of a Criticality Assessment that specifies the maximum period of time that a given business process can be inoperative before the organization’s survival is at risk. See also Criticality Assessment.

Controls that are used to manage information classification and physical media.

A type of attack in which an attacker encrypts known plaintext with each possible key on one end, decrypts the corresponding ciphertext with each possible key, and then compares the results in the middle.

The method used by the CPU to access the contents of memory.

The amount of memory available in a computer system.

A condensed representation of a message using a one-way hash function.

“Data about data” that may present a security risk by revealing private information about a document or its history.

Less serious crimes, normally resulting in fines or jail/prison terms of less than one year. See also Felony.

A statement that defines an organization’s reason for existence.

Activities that verify processes, procedures, and systems.

A cryptographic system that uses a single alphabet to encrypt and decrypt an entire message.

Provides confidentiality, integrity, identification and authentication, and non-repudiation by using MD2 or MD5, RSA asymmetric keys, and DES. See also RSA, DES.

An extremely fast method for forwarding packets through a network by using labels inserted between Layer 2 and Layer 3 headers in the packet.

A single computer system that handles multiple classification levels between subjects and objects.

A system that executes multiple programs on multiple processors simultaneously.

A system that alternates execution of multiple programs on a single processor.

A system that alternates execution of multiple subprograms or tasks on a single processor.