| Glossary
Access Control System The system of preventing unauthorised access to the resources of an IT product, programs, processes, systems, or other IT products. Some suppliers consider preventing unauthorised users from logging on to the system to be access control. In reality, access control should also stop logged on users accessing objects (files, devices, etc) for which they have no authorisation. Accessibility The fast adoption of Information Technology has made access to information easier and cheaper especially through the Internet. As more and more information and services are delivered to the public through the Internet, we certainly do not want to exclude people with special needs from enjoying the services. Not only does an "accessible" web site improve service to people with disability, it also caters for readers with slow modems, and less sophisticated browsers. Address Spoofing Compromising the address to make the receiver to believe they originated from the actual sender. Administrative It refers to the aspects of policies, procedures, security awareness, etc. AES Advanced Encryption Standard (AES) will become a federal standard for the encryption of commercial and government data, and is intended to replace DES. National Institute of Standards and Technology (NIST), a division of US Department of Commerce, is currently taking nominations for the AES. Public was invited to propose suitable block ciphers as candidates of AES. Anti-virus Software A software that is designed to stop viruses, eliminate viruses, and/or recover data affected by viruses. Application Gateway A system used to restrict access to services or functions across a firewall boundary. Asymmetric Encryption Two different keys are used with one for encryption and the other for decryption. The decryption key cannot be derived from the encryption key. Audit Trail Audit trail is defined as a chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. Authentication A process or method to identify and to prove the identity of a user/party who attempts to send message or access data. Message authentication refers to a process used to prove the integrity of specific information. Authentication Token A portable device operates by using challenge/response, time sequence, or other techniques in order to authenticate a user. Authorisation A process to grant rights to a person for accessing data or using specific information resources. Availability A condition in which information or processes are reasonably accessible and used by an authorised party including timely and critical operations. Biometrics Use of measurable physiological characteristics to authenticate a user such as fingerprints or facial characteristics. CERT A CERT organization is a national or regional level organization that acts as a coordination centre readily available to respond to and tackle any emergency computer and network security incidents. Usually the organization handles computer security incidents and vulnerabilities, publish security alerts, and develop information and training on information security. Certificate An electronic document attesting to the binding of a public key to an individual or entity. It allows verification of the claim that a specific public key belongs to a specific individual. A certificate is issued and digitally signed by a trusted third party or Certification Authority. Certification Authority A trusted authority or party that digitally signs certificates in order to validate the identity of a person or party. Certificate Management A management mechanisms includes tasks of storage, dissemination, publication, revocation and suspension of certificates. Certificate Revocation Lists Certificate Revocation Lists (CRL) are periodically issued lists, digitally signed by the Certification Authority, of identified certificates that have been suspended or revoked prior to their expiration dates. It normally shows information such as the CRL issuer's name, date of issue, suspended or revoked certificate's serial numbers. Certificate Servers A server which performs the certification process of public keys. Challenge/Response An authentication technique used by a system/server to authenticate a user. A server usually sends an unpredictable challenge (a set of numbers or letters) to the user, and the client/user will then compute a response using some special form of authentication token. Chat Rooms A chat room is a Web site, part of a Web site, or part of an online service, that provides a venue for communities of users with a common interest to communicate in real time. Ciphertext A scrambled, unreadable contents of an encrypted, secretive message or data which is converted from plaintext using an encryption algorithm. Client Authentication It refers to the process in which a server verifies the identity of a client before allowing it to gain access. Compromise A violation of a security policy in which an unauthorised disclosure or lost of sensitive information may be resulted. Confidentiality The condition in which the sensitive data is protected and disclosed to authorised parties only, e.g. assurance of privacy using encryption or other methods. Cookie A piece of information or code sent by a Web Server to a Web Browser such that the Browser software is expected to save and send back to the Server whenever the Browser makes additional requests. Cookie may contain information such as login or registration information. Cracker An individual who attempts to gain unauthorised access to a computer system. These individuals are often malicious and have many means at their disposal for breaking into a system. Crackers often like to describe themselves as hackers. Cracking does not usually involve some mysterious leap of hackerly brilliance but rather persistence and repetition of a handful of fairly well-known tricks that exploit common weaknesses in the security of target systems. Cross-certification A condition in which two or more different certificate issuing authorities trust among themselves by issuing certificates having the other as the subject of the certificate. Cryptography Cryptography is the art of keeping messages secret by using different methods. It normally deals with all aspects of secure messaging, authentication, digital signatures, and electronic money. Cryptanalysis is the art of breaking these methods. Cryptology is the study of cryptography and cryptanalysis. Data Driven Attack A form of attack encoded in innocuous-seeming data which is then executed by a user or software to enforce the attack. Decryption The reverse process of encryption in which encoded messages or ciphertext is decoded from its protected, scrambled form into original plaintext so that they can be easily readable. Denial of Service A prevention of the use of information resources either intentionally or unintentionally, which affects the availability of the information resources. Examples of such attacks are SYN flood, Ping O death and Ping flooding. DES Data Encryption Standard (DES) is a federal standard adopted by the U.S. government for the encryption of commercial and government data. US government has started to use Triple-DES (input data is encrypted three times using DES) until Advanced Encryption Standard (AES) is ready for general use. Detective Detective controls are used to identify undesirable events that have occurred. Diffle Hellman A mechanism which is used for setting up a secret and unauthenticated connection between two parties. Digital Certificate A certificate in electronic format such that data stored in the certificate can be used to verify the identity of the owner of the certificate. The certificate usually contains information such as user's public key, name and email address. Digital Signature A block of data which is generated using some secret/private key, and only the corresponding public key can be used to verify that this block of data was really created by that private key. Digital signature is usually used to verify whether a message really comes from the claimed originator, and simultaneously guarantees the integrity of the message. DNS Domain Name System (DNS) is a distributed database system used to map IP addresses to host names. DNS Spoofing Pretend to be the DNS name of another system by compromising the domain name server for a valid domain. Domain Name A unique name which identifies an Internet site. Downloading Software and Other Files Downloading is the transmission of a file from one computer system to another, usually smaller computer system. From the Internet user's point-of-view, to download a file is to request it from another computer (or from a Web page on another computer) and to receive it. Electronic mail. A message sent or retrieved electronically. The term is also used as a verb: "to email someone" is to send that person a message by electronic means. The software used to send and receive email is called email client software. Encryption A process to encode the contents of message so as to hide it from outsiders. That is, it is a process of scrambling and transforming data from an easily readable and understandable format (plaintext) into an unintelligible format that seems to be useless and not readily understandable (ciphertext). Error Log The log which records all the errors encountered in a system. Extranet A collaborative network that uses Internet technology to link businesses with their suppliers, customers, or other trading partners. The information can be shared among these parties or open to public. Filtering Router A router or system used to check the source and destination network addresses of data packets, and either permits or denies the packet passing through. Firewall A firewall is a system or combination of systems that helps to prevent outsiders from obtaining unauthorised access to internal information resources. The firewall enforces the access control policy, i.e. permit or deny, between two networks. It provides a single point where access control and audit can be imposed. Hacker A person who illegally gains access to your computer system. Hacking Hacking means illegally accessing other people's computer systems for destroying, disrupting or carrying out illegal activities on the network or computer systems. Hash A one-way algorithm which maps or translates one set of bits into another (generally smaller) in such a way that the algorithm yields the same hash results every time for the same message, and it is computationally infeasible for a message to be reconstituted from the hash result. Also, two different messages cannot produce the same hash results. Hoax The most common hoax, however, is the hoax virus. This usually consists of an email message warning recipients about a new and terribly destructive virus. It ends by suggesting that the reader should warn his or her friends and colleagues, perhaps by simply forwarding the original message to everyone in their address book. The result is a rapidly growing proliferation of pointless emails that can increase to such an extent that they overload systems. Host Any computer on a network that is a repository for services available to other computers on the network. HTTP Hypertext Transfer Protocol (HTTP) is an application-layer protocol which allows the transfer of text, graphics, sound or movies over the World Wide Web via a hypertext interface of a web browser. ICQ ICQ ("I Seek You") is a program you can download that will let you know when friends and contacts are also online on the Internet. Impacts Results of an unwanted incident. Insider Attack An attack originating from the inside of an internal network. Integrity A condition in which the data has not been changed or destroyed in an unauthorised way, such that the current state is identical with the original state before transmission. Integrity Check A mechanism to verify that the present state of data has not been tampered or modified, often using digital signatures or hashing algorithms. Internet The world's largest collection of networks ranging from small organisations to large corporations, universities or governments. Intranet An internal use, private network inside an organisation that uses the same kind of software which would also be found on the Internet. Intrusion Detection A method or process to detect the break-ins or attempts to attack via the use of software systems which operate on the network. Intrusion detection systems often combine the network monitoring with real-time capture and analysis in order to identify for attacks. IP Internet Protocol (IP) is a fundamental protocol used in TCP/IP networking which is used to address and deliver datagrams across the Internet. IP Address A 32-bit address which shows a unique node on an IP network. IP Spoofing A specific type of address spoofing. An attack in which a system impersonates another system by using its IP network address. Kerberos A distributed authentication system which can identify the users, client and server applications to each other. Key Distribution System A security facility for the purpose of generating and distributing key in electrical form. Key Escrow A mechanism for providing storage of private keys in order to ensure that third party can access to the encrypted data. Key Exchange A mechanism for transferring secret keys securely across an untrusted channel. Key Generation A process of creating key pairs during certificate application process. Key Length Number of bits used to represent the key size. Key Management The process of storing, managing or distributing keys to authorised parties. Key Recovery A system that can recover the keys but requires a sophisticated management system, otherwise the security of all encrypted data may be collapsed if a compromise exists. Linux Linux is an example of Open Source Software designed to provide personal computer users a free or very low-cost operating system. Linux is publicly open and extendible by contributors. Mailbomb A mail bomb is the sending of a massive amount of email to a specific person or system. A huge amount of mail may simply fill up the recipient's disk space on the server or, in some cases, may be too much for a server to handle and may cause the server to stop functioning. Malicious Code Attack Malicious code refers to viruses, worms, Trojan horses and other undesirable software. Attack made by using such software is to cause disruption either by deleting files, sending emails, or rendering the host system inoperable. Message Digest A summary or compact representative of a message which changes with the original message. MIME Multipurpose Internet Mail Extensions (MIME) is a standard for attaching non-text files to the standard Internet mail messages. Name Resolution A process of mapping a host name to an IP address. Network Management System A generic term used to describe systems or actions that help maintain, characterize, or solve problems on a network. News Groups A newsgroup is a discussion about a particular subject consisting of notes written to a central Internet site and redistributed through Usenet, a worldwide network of news discussion groups. Non-repudiation Provide proof of the origin such that the sender cannot deny sending the message, and the recipient cannot deny the receipt of the message. One-time Passwords Passwords which are generated and only used once for authentication, and will not be reused for next time authentication. Packet A unit of protocol data. Packet Filtering A type of service filtering to permit or deny network traffic based on the data source, destination, service or protocol of the data packets. Packet Flooding A packet is the unit of data that is routed between an origin and a destination on the Internet or any other network. Packet flooding is the forwarding by a router of a packet from any node to every other node attached to the router except the node from which the packet arrived. Packet flooding is a way to distribute routing information updates quickly to every node in a large network. Packet Sniffing A technique which uses network monitoring tools to eavesdrop on packets passing through a network. This technique can be used as a form of attack. Password A private and unique series of numbers or letters which enable a user to gain access to a system or service. A passphrase is a longer password. PEM Privacy Enhanced Mail (PEM) is a standard for message encryption and authentication of senders. PGP Pretty Good Privacy (PGP) is an application protocol which is commonly used for encryption and authentication for email messages and data files. Physical It refers to physical access to a facility, specific work areas, or computer systems. Ping O Death A denial of service attack that sends a ping message of greater than 65,536 bytes so as to crash a system. PKI A Public Key Infrastructure (PKI) consists of protocols, services and standards supporting the public key cryptography applications. It often includes services and protocols for managing the public keys through the use of Certification Authority. Plaintext A message text or data that is freely readable and understandable by anyone. Port A 16-bit identifiers for TCP or UDP which serves to identify which process or application is sending or receiving data. Preventative Preventative controls aim to deter and avoid undesirable events from taking place. Private Key A data file storing a mathematical key which is assigned and known only to a single individual, used for creating digital signature and decrypting messages previously encrypted by the sender, using the individual's own public key. Protocol A set of rules for governing the transmission and receipt of data. Proxy A software that can accept or reject the connection of a user to
the target destination with some kind of rules or authentication
mechanisms.
Public Key A data file storing a mathematical key which is assigned to a single
individual but can be made publicly available. Others can use this
key to verify signatures created with its corresponding private
key, and to encrypt the messages or files which can then be
decrypted with the corresponding private key.
Public Key Cryptography
A technique that uses a pair of keys for encryption
and decryption. One key is used by the
sender to encrypt the message, namely the public
key. The other key, the private key
is used to decrypt the message received from the sender.
Reactive
Reactive controls are used to respond to undesirable events that
have occurred.
Registration Authority
An entity trusted to register other entities in applying for certificate
and revoking their certificates. The authority may assign each applicant
a relative distinguished value or name for the new certificate applied.
Repudiation
Denial by an entity involved in a communication.
RSA
Rivest-Shamir-Adleman is a popular public key cryptosystem which
offers encryption and digital signing
functions.
S/MIME
Secure Multi-purpose Internet Mail Extension (S/MIME) is a specification
for encrypting and authenticating MIME data.
Seals of Approval
Symbols of security granted by an independent audit organization
to reassure that proper security measures have been put into place.
Secure Channel
A communication path which can provide some means of protection
from security threats.
Security Incident
It is an adverse event that poses a threat
to your computer in respect of confidentiality,
integrity, availability,
non-repudiation and authentication.
Security Management System
One of five categories of network
management defined by ISO for the management of OSI networks.
Security management subsystems are responsible for controlling access
to network resources, such as functions that enable the changing
of passwords and alter the identifications
and security classes of communications channels including integrity
and resilience of the management capability.
Security Policy
A document which states the requirements and good practices regarding
the security protections and operational control.
Security Risk Assessment
It refers to the process of identifying and analyzing the risks,
vulnerabilities and threats
that may affect information assets.
Server Authentication
It allows a client to identify that it is communicating with the
target party, not a malicious third party.
Session Key
A session key is a symmetric key which encrypts a message or session,
in order to protect data during transmission. It is created at the
beginning of a communications session.
S-HTTP
Secure HyperText Transfer Protocol (S-HTTP) is an extension of
the HTTP with security enhancements for WWW-based
commerce.
SKIP
Simple Key Management Protocol (SKIP) is an authentication/encryption
system that secures the network at the IP packet
level.
Smart Card
A read-only card with a chip storing an encrypted password or the
private key which makes it difficult to
be sniffed or stolen by the intruder.
SNMP
Simple Network Management Protocol (SNMP) is a set of standards
for communication with devices connected to a TCP/IP network.
Social Engineering
To talk, lie or play acting or verbal wordings to trick legitimate
users for secrets of the systems such as the user lists, user passwords
and network architecture.
Spam
Unsolicited email, often of a commercial nature,
sent indiscriminately to multiple mailing lists, individuals, or
newsgroups.
SSL
Secure Sockets Layer (SSL) is a protocol
designed by Netscape Communications to enable encrypted, authenticated
communications across the Internet. It is a security layer between
the application and transport layers, which protects the application-layer
protocols such as HTTP and is transparent to
application developers or users. It provides privacy, authentication
and message integrity.
Static Passwords
Reusable passwords which are used repeatedly
for many times for authentication
purposes.
Technological
It refers to logical controls such as passwords, encryption,
protocols, anti-virus
software, firewall, etc.
Threat
A potential cause of an unwanted event which may result in harm
to an organization and its assets.
Timestamp
A time mark or notation that indicates the date and the time of
an action, and the identity of the person or device that sent or
received the time stamp.
Trojan Horse
A software which pretends to be normally run but actually with
attack programs on back ends.
Trust
Confidence in the reliability and validity of an identity.
Trusted Third Party
An independent third party that contributes to the trustworthiness
of computer-based information transfers.
Virus
A self replicating code or program segment which may contain attacks.
Virus Attacks
Attack of a computer or a computer system by virus
spread over the network or the Internet.
Vulnerabilities
A weakness in the software and/or hardware design that allows circumvention
of the system security.
Web Defacement
Change of the content (usually the main page) of a web site with
some messages by hacker or by virus.
Web Surfing
A weakness in the software and/or hardware design that allows circumvention
of the system security.
Website Intrusion
Attacks that invade a website. These intrusions can be attacks
from outside the organization and misuse from within the organization.
Wireless LAN
A wireless LAN allows a mobile user to connect to a local area
network (LAN) through a wireless (radio) connection.
|