B-C

A hidden mechanism in software or hardware that is used to circumvent security controls (a.k.a. trap door ).

Monitoring resources to determine typical utilization patterns so significant deviations can be detected .

A host system that is a "strong point" in the network's security perimeter. Bastion hosts should be configured to be particularly resistant to attack. In a host-based firewall, the bastion host is the platform on which the firewall software is run. Bastion hosts are also referred to as gateway hosts .

A method of generating unique, replicable authentication data by digitizing measurements of physical characteristics of a person, such as their fingerprint , hand size and shape, retinal pattern, voice print, or handwriting (a.k.a. biometric authentication).

Malicious code that uses multiple methods to spread.

A virus that plants itself in a system's boot sector and infects the master boot record.

Detected circumvention of established security controls that result in penetration of the system.

A condition that occurs when data are put into a buffer or holding area that exceeds the capacity the buffer can handle. This condition often results in system crashes or the creation of a backdoor, leading to system access.

A scheme in which a central, third-party authorization agent is consulted for access control. All access control rules are defined in the database of the central authorization agent.

A trusted agent that issues digital certificates to principals. Certification authorities may themselves have a certificate that is issued to them by other certification authorities. The highest certification authority is called the root CA.

CDMA refers to any of several protocols used in wireless communications. As the term implies, CDMA is a form of multiplexing, which allows numerous signals to occupy a single transmission channel, optimizing the use of available bandwidth. The technology is used in ultra -high-frequency (UHF) cellular telephone systems in the 800-MHz and 1.9-GHz bands.

The Common Criteria represents the outcome of a series of efforts to develop criteria for evaluation of IT security that are broadly useful within the international community. The Common Criteria is an international standard (IS 15408) and is a catalog of security functionality and assurance requirements.

A situation where secured information is disclosed to unauthorized persons in either an intentional or unintentional manner.

A list with the Key Material Identifier (KMID) of every user with compromised key material; key material is compromised when a card and its personal identification number (PIN) are uncontrolled or the user has become a threat to the security of the system.

A federally funded research and development center at Carnegie-Mellon University, Pittsburgh, Pennsylvania. They focus on Internet security vulnerabilities, provide incident response services to sites that have been the victims of attack, publish security alerts, research security and survivability in wide-area -networked computing, and develop site security information. They can be found at www.cert.org.

The practice of gathering and retaining computer- related data in a manner that makes the data admissible in a court of law.

An incident of unauthorized access to data or an Automated Information System.

A capability set up to assist in responding to computer-security-related incidents; also called a Computer Incident Response Team (CIRT), a Computer Incident Response Center, or Computer Incident Response Capability (CIRC).

An intentional action taken to reduce the vulnerability of an information system to compromise.

What one principal presents to another to authenticate itself. For mutual authentication, both parties exchange credentials. Credentials are issued by an authentication agent or a certification authority. Depending on the model for authentication, credentials may only be valid for a session or they may have longer validity periods. Digital certificates are credentials that typically last for a year or two. Tickets are credentials that are only good for a session, which typically does not last more than several hours.

Those physical and cyberbased systems are necessary for the continued maintenance of a minimum level of operations supporting the economy and government.

The Cryptographic Application Programming Interface (API) available from Microsoft Corporation.

A standardized interface to cryptographic functionality.

A set of mathematical procedures that provide various algorithms for key generation, random number generation, encryption, decryption, and message digesting .

A set of procedures that provide basic cryptographic functionality. The functionality includes using various algorithms for key generation, random number generation, encryption, decryption, and message digesting.

The party, or a designee, responsible for the security of designated information. The customer works closely with an ISSE. Also referred to as the user.

An attack conducted by replacing sections of ciphertext with other ciphertext , making the altered result appear to decrypt correctly, but in reality the message decrypts to plaintext that is used by the attacker for unauthorized purposes.

An individual, or group of individuals, engaged in malicious activities against targeted computing infrastructure and/or resources, usually in the name of or on behalf of an entity the participants have considered to be greater than or serving a purpose greater than the specific individual(s) that are actually performing the malicious acts.