R

The part of the radio spectrum used by a device.

The byproduct of electrical processes, similar to Electro Magnetic Interference. The major difference is that RFI is usually projected across a radio spectrum.

See Redundant Array of Independent (or Inexpensive) Disks.

The different types of RAID, such as RAID 0, RAID 1, etc.

See Remote Authentication Dial-In User Service.

See Remote Access Server.

See Role-Based Access Control.

See Rivest Cipher 5.

A configuration of multiple hard disks used to provide fault tolerance should a disk fail. Different levels of RAID exist, depending on the amount and type of fault tolerance provided.

An organization that offloads some of the work from a CA. An RA system operates as a middleman in the process. The RA can distribute keys, accept registrations for the CA, and validate identities. The RA does not issue certificates; that responsibility remains with the CA.

The person receiving a certificate.

Any networking protocol that is used to gain access to a network over public communication links.

A computer that has one or more modems installed to enable remote connections to the network.

A mechanism that allows authentication of dial-in and other network connections.

The process of copying directory information to other servers to keep them all synchronized.

Any attack where the data is retransmitted repeatedly (often fraudulently or maliciously). In one such possibility, a user can replay a web session and visit sites intended only for the original user.

A database or database server where the certificates are stored.

An attack in which the intruder modifies information in your system.

A document creation process and a set of practices that originated in 1969.

Information that is not made available to all and to which access is granted based upon some criteria.

A virus that attacks or bypasses the antivirus software installed on a computer.

How you react to an event.

Using an IP address to find a domain name, rather than using a domain name to find an IP address (normal DNS). PTR records are used for the reverse lookup, and quite often this is used to authenticate incoming connections.

The process of re-creating the functionality of an item by first deciding what the result is and then creating something from scratch that serves the same purpose. For example, many versions of Windows include NWLink—an IPX/SPX- compatible protocol. Rather than simply include the proprietary IPX/SPX protocol (which would require a licensing deal with Novell), Microsoft reverse engineered the protocol to come up with a compatible substitute (NWLink) that required no licensing.

The process of canceling credentials that have been lost or stolen (or are no longer valid). With certificates, this is accomplished with a Certificate Revocation List (CRL).

See Router Information Protocol.

An evaluation of each risk that can be identified. Each of those risks should be outlined, described, and evaluated on the likelihood of it occurring.

An evaluation of how much risk you and your organization are willing to take. An assessment must be performed before any other actions—such as how much to spend toward security in terms of dollars and manpower—can be decided.

A cipher algorithm created by Ronald Rivest (for RSA) known for its speed. It works through blocks of variable sizes using three phases: key expansion, encryption, and decryption.

Profiles downloaded from a server at each logon. When a user logs out at the end of the session, changes are made and remembered for the next time the user logs on.

A type of control wherein the levels of security closely follow the structure of an organization. The role the person plays in the organization (accountant, salesman, etc.) corresponds closely to the level of security access they have to data.

The path to get to the destination from a source.

How many router hops there are between source and destination in an internetwork.

A device that connects two or more networks and allows packets to be transmitted and received between them. A router determines the best path for data packets from source to destination. See also hop.

A distance-vector route discovery protocol used by IPX and IP. IPX uses hops and ticks to determine the cost for a particular route. See also Internet Packet eXchange.

A function of the Network layer that involves moving data throughout a network. Data passes through several network subnetworks using routers that can select the path the data takes. See also router.

A table that contains information about the locations of other routers on the network and their distance from the current router.

One of the providers of cryptography systems to industry and government. RSA are the initials of the three founders of RSA Incorporated Rivest, Shamir, and Adelman. RSA has been very involved in Public Key Cryptography Standards, and it maintains a list of standards for PKCS.

A commercial company that produces encryption software. RSA stands for Rivest, Shamir, and Adleman, the founders of the company.

See Rule Set-Based Access Control.

An open-source access control framework for the Linux kernel that uses access control modules to implement MAC (Mandatory Access Control).