Glossary

A policy that describes the appropriate and inappropriate behavior of users on a system, spelling out the rights and responsibilities of all parties involved.

The method by which a user is able to utilize an information resource.

The physical or logical safeguards that prevent unauthorized access to information resources

A method of discretionary access that utilizes a list of users and permissions to determine access rights to a resource.

The ability to associate users with their actions.

The quality of information which is dependent on the quality of the source of the information and the quality of the handling of the information.

The process of managing and maintaining the information systems.

A protocol for translating between IP addresses and MAC-layer addresses in an Ethernet. It was defined in RFC 826.

A U.S. Department of Defense project designed as a redundant wide area network (WAN) capable of surviving a nuclear war. It was a precursor of the Internet.

A person who attempts to penetrate a computer system's security controls.

The process of correctly identifying a user as the person he presents himself to be.

A capability assigned to a user account by administrators that allows the user certain privileges. A privilege allows you to perform an action; an authorization gives you privileges.

The ability of a resource to be utilized..

The process of educating users on the use of information security features, their importance, and how to spot and report misuse.

An undocumented software feature that allows a user to gain access or privileges through its use. These features may be a software bug or something that was added by a programmer during development that was not removed when it was put into production. Generally back doors are put into the system by hackers to help facilitate their hacking.

The major UNIX variant created at the University of California at Berkeley.

An evaluation of the business ramifications to the organization caused by a security incident.

A plan designed to minimize the unavailability of business processes.

A small area of memory or disk holding recently accessed data, designed to speed up further access.

A method of identifying the source of incoming telephone communications.

The process of controlling and tracking the modifications made to a system.

A mathematical algorithm that creates a unique numerical value for a unique input, used to validate the contents of a file.

A process that uses the resources of a server.

A computing model that divides the processing requirements between both the user's computer (the client) and the host (the server system.)

The first comprehensive federal anti-hacking law, passed in 1986. It primarily protects the computers of the U.S. government.

The requirement to preserve the secrecy or privacy of information, so that only those authorized to have knowledge of it actually do so.

A process that removes evidence of a user's access to a system.

A process of connecting into and then out of a system so that the actual origin of the connection is unavailable from the target system.

False data entry, changing data before or during their input into a system.

A process running in the background performing some service for other programs.

A type of hacker attack which makes it difficult for valid users to access the computer.

A method by which a system is set up to call back the number from which an incoming call was placed.

A UNIX security feature which asks the user for two passwords: first, the user's password and second, a password based on the user's default shell. Although referred to as dial-up, it can be applied to any terminal or modem port on a port-by-port basis.

A cryptographic means of uniquely identifying the sender of a message that can be used by the recipient to confirm the authenticity of the message. It is often implemented as a variation of public key cryptography.

An access control in which an "owner" of a resource can define who else can access the resource. Usually, there are no restrictions on to whom the owner can grant access or the kind of access granted. The traditional UNIX mode bits and the access control lists are examples of discretionary access control.

A hierarchical naming system that allows each domain or subdomain to be divided into smaller subdomains, thereby requiring that a system name be unique only within its specific subdomain.

The assurance that all reasonable and prudent precautions have been taken in the handling of a company's resources.

The process of scavenging through materials that have been thrown away in order to find information.

A means of exchanging messages through a network. E-mail can include attachments which can contain images, sounds, and programs ” any electronic data.

The process of mathematically converting information into a form such that the original information cannot be restored without the use of a specific unique key.

A secondary system which will assume the roles of the primary system in the event of a failure.

A UNIX command that provides information about users, and can also be used to retrieve the .plan and .project files from a user's home directory.

A firewall is used on some networks to provide added security by blocking access to certain services in the private network from the public network.

A protocol used to transfer files between systems over a network.

The personal information field in the UNIX password file. Originally added to the password file to facilitate print spooling from some early UNIX systems at Bell Labs to Honeywell GCOS machines.

A collection of users to which common authorizations can be assigned.

People who exploit known vulnerabilities in security systems. Hackers can range from students hacking for fun and intellectual challenge to professionals paid to break into systems for a specific reason.

The process of presenting an identifier to an information system.

That which is used to uniquely represent a specific user.

The protocol engineering and development arm of the Internet.

The use of the same connection to manage a device as the connection that the device controls.

Any of the processes or systems that contain, process, or utilize information and the information itself.

An act of terrorism that is carried out through the use of computer systems.

The assurance of accuracy, completeness, and performance according to specifications.

A group of interconnected networks. These networks can be private or public networks and need not be connected to the Internet.

A loose confederation of networks around the world that grew out of the U.S. Government ARPAnet project, and is specifically designed to have no central governing authority. The networks that make up the Internet are connected through several backbone networks. The primary domains of the Internet are com, net, mil, edu, gov, and org (which refer to commercial, network, military, education, government, and organization) and all of the 2-character country identifiers.

The primary daemon that controls communication over the network.

An expression that reflects that time moves faster on the Internet. Due to the limited costs of entry, business can rapidly appear on the Internet and can rapidly change their tactics, so survival depends on the ability to react and change.

A network protocol that uses internet addressing to route packets.

A hierarchical methodology of assigning unique addresses to all the systems attached to an internet. The first part of the address is a network address, the last part is the system address.

The process of deciding where to send a message based on the IP address.

The process of falsifying address information in a network packet to cause it to be misrouted, e.g., a hacker sends messages to a computer with an IP address indicating that the message is coming from a trusted source.

A process of providing secure authentication by use of a trusted third party.

A network usually contained within one or more buildings , as opposed to a WAN.

The security philosophy of granting the minimum privileges for the minimum amount of time to allow the user to complete the required task.

Code hidden in an application that causes it to perform some destructive activity when specific criteria are met.

A program that pretends to be the login program so that it can capture login IDs and passwords.

The low-level address assigned to a device on an ethernet. MAC addresses are translated to IP addresses via ARP.

A piece of information passed between programs which serves as an identifier to allow the user to perform a given operation.

An access control in which access is based on criteria defined by system administrators, and not generally definable by the users of a data object.

One person uses the identity of another to gain access to a computer.

A protocol for sending sound, graphics, and other binary data as attachments to mail messages.

The complete replication of information onto multiple disks to increase availability in case of a hardware failure.

Shorthand for MODulator/DEModulator. A modem allows the transmission of digital information over an analog phone line.

A network protocol used to synchronize computer system clocks.

A message area in Usenet News. Each newsgroup can be either " moderated ," with only postings approved by a moderator publicly posted, or " unmoderated ," where all messages are distributed to the newsgroup immediately.

One method of sharing files across a LAN or through the Internet.

A system for reading and writing Usenet News articles across a network. This service is defined by RFC number 977.

A U.S. Department of Defense standard that has become the principal criterion for the design of highly secure computer operating systems. The TCSEC is not a software specification, but rather a criterion intended to guide a team of evaluators in affixing a "security grade" to a particular computer system. In the order of increasing complexity, these grades are: C1, C2, B1, B2, B3, and A1. It is often called the "Orange Book" because its cover is orange. The National Computer Security Center performs evaluations under TCSEC and issues companion books that apply to other security areas, such as networking.

The use of a communication path to configure a network device which is not the communication path that the network device controls.

Software that attaches itself to a program to utilize the resources of the host program.

The process of monitoring a network to obtain identification and authentication information.

Authorization attributes assigned to a resource that indicate what privileges are granted to which users.

A person who utilizes technology to illegally access the telephone system.

Following an authorized person through a locked door, either a physical one or a computer's security firewall.

A password that is used with a physical card, together producing stronger authentication.

A written definition of a security standard.

A specific performed activity that supports a security procedure.

The rights granted to a user that define what the user can do with the resource.

A specific activity that supports a security policy.

An cryptographic method that uses two keys so that whatever is encrypted with one key can be decrypted only with the other. It can be used for both security and digital signatures.

The condition where two or more processes require the same unique resource.

A method of distributing information across multiple disk drives to eliminate data loss from a single disk drive failure.

A group of government publications that detail processes and standards in computer security whose colorful covers have inspired this name.

The use of multiple systems to minimize unavailability.

A broad range of notes covering a variety of topics related to the Internet. RFCs are handled by the IETF and are archived at several sites.

The process of accumulating partial cents , which are the result of rounding to a whole cent, into an account.

The theory that if no one knows about a security flaw, then no one will abuse it, and if no one is told about the flaw, he will not find it on his own.

A border that defines what is, and what is not, controlled by a specific security policy.

A UNIX file permission that indicates that the program will run as if it were run by the defined user.

A UNIX file permission that indicates that the program will run with as if it were run by the defined group.

A process which provides information or other services to its clients . Most network protocols are client / server based.

One of several command line interfaces available on UNIX machines. Some common shells include Bourne shell, ksh, and tcsh.

A serial packet protocol used to connect a remote computer to the Internet using modems or direct serial lines. SLIP requires an Internet provider with special SLIP accounts.

A physical authentication device used in conjunction with a password to give greater assurance of authentication.

A terminal that has some local memory and processing that can be accessed programmatically.

A protocol which defines a common mechanism for exchanging mail across a network. This protocol is described in RFC number 821. Usually SMTP is incorporated in a mail transport agent.

A program that listens to a network to gather information.

The process of gathering information from people by use of deception and obfuscation. Someone manipulates others into revealing information that can be used to steal data, such as telling a help desk to reset the password of a stolen ID.

Duplicating computer programs in violation of copyright law.

Mass mailing of unsolicited e-mail messages.

A program that impersonates another program to gather information.

The UNIX permission bit set on a directory used to keep the program in memory after it completes, so that it will be ready for its next invocation. It is also used on directories to limit the ability to delete a file in the directory to the owner of the file.

The possibly mythical hacker whose skill allows him to move freely from system to system and network to network without detection.

A user who is granted all authorizations. On UNIX systems, this user is generally called "root."

A commercial version of UNIX from AT&T.

The networking protocol that controls packet synchronization.

The networking standard commonly used on the Internet.

A network protocol that allows unauthenticated transfer of files.

That which if unchecked will cause a loss to the organization.

A quick way into a program, bypassing security.

A program that appears to be a useful program, but in reality performs malicious acts.

A hacker who used his position and knowledge to his advantage by appearing to be trustworthy.

A process by which a group of hosts can share a single authentication, so that once a user is authenticated onto one host in the trusted group, he can access all the hosts without having to authenticate himself again.

A network of systems that exchange articles using the Internet, UUCP, and other methods to establish public message conferences on some or all of over 6,000 topics or "news groups."

Any entity that utilizes information resources. A user can be an individual, a software program, a computer system, a network, etc.

An acronym for UNIX to UNIX CoPy, UUCP is a protocol used for the store-and-forward exchange of mail, Usenet News, and other files, usually over a modem.

A program that replicates itself by embedding a copy of itself in other programs.

A weakness that can be utilized to gain an inappropriate level of access or privileges with an information resource.

Acronym for Wide Area Network, which is generally a network connecting several physically distant locations, as opposed to a LAN. The Internet is an example of a worldwide WAN.

A program that makes its way across a network, copying itself as it goes.

A program used to augment another program without requiring reconstruction of the original program.