mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-24 13:24:56 +08:00
11876 lines
478 KiB
Plaintext
11876 lines
478 KiB
Plaintext
|
||
|
||
|
||
|
||
|
||
|
||
Network Working Group R. Shirey
|
||
Request for Comments: 2828 GTE / BBN Technologies
|
||
FYI: 36 May 2000
|
||
Category: Informational
|
||
|
||
|
||
Internet Security Glossary
|
||
|
||
Status of this Memo
|
||
|
||
This memo provides information for the Internet community. It does
|
||
not specify an Internet standard of any kind. Distribution of this
|
||
memo is unlimited.
|
||
|
||
Copyright Notice
|
||
|
||
Copyright (C) The Internet Society (2000). All Rights Reserved.
|
||
|
||
Abstract
|
||
|
||
This Glossary (191 pages of definitions and 13 pages of references)
|
||
provides abbreviations, explanations, and recommendations for use of
|
||
information system security terminology. The intent is to improve the
|
||
comprehensibility of writing that deals with Internet security,
|
||
particularly Internet Standards documents (ISDs). To avoid confusion,
|
||
ISDs should use the same term or definition whenever the same concept
|
||
is mentioned. To improve international understanding, ISDs should use
|
||
terms in their plainest, dictionary sense. ISDs should use terms
|
||
established in standards documents and other well-founded
|
||
publications and should avoid substituting private or newly made-up
|
||
terms. ISDs should avoid terms that are proprietary or otherwise
|
||
favor a particular vendor, or that create a bias toward a particular
|
||
security technology or mechanism versus other, competing techniques
|
||
that already exist or might be developed in the future.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 1]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
Table of Contents
|
||
|
||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
|
||
2. Explanation of Paragraph Markings . . . . . . . . . . . . . . 4
|
||
2.1 Recommended Terms with an Internet Basis ("I") . . . . . . 4
|
||
2.2 Recommended Terms with a Non-Internet Basis ("N") . . . . 5
|
||
2.3 Other Definitions ("O") . . . . . . . . . . . . . . . . . 5
|
||
2.4 Deprecated Terms, Definitions, and Uses ("D") . . . . . . 6
|
||
2.5 Commentary and Additional Guidance ("C") . . . . . . . . . 6
|
||
3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6
|
||
4. References . . . . . . . . . . . . . . . . . . . . . . . . . . 197
|
||
5. Security Considerations . . . . . . . . . . . . . . . . . . . 211
|
||
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 211
|
||
7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 211
|
||
8. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 212
|
||
|
||
1. Introduction
|
||
|
||
This Glossary provides an internally consistent, complementary set of
|
||
abbreviations, definitions, explanations, and recommendations for use
|
||
of terminology related to information system security. The intent of
|
||
this Glossary is to improve the comprehensibility of Internet
|
||
Standards documents (ISDs)--i.e., RFCs, Internet-Drafts, and other
|
||
material produced as part of the Internet Standards Process [R2026]--
|
||
and of all other Internet material, too. Some non-security terms are
|
||
included to make the Glossary self-contained, but more complete lists
|
||
of networking terms are available elsewhere [R1208, R1983].
|
||
|
||
Some glossaries (e.g., [Raym]) list terms that are not listed here
|
||
but could be applied to Internet security. However, those terms have
|
||
not been included in this Glossary because they are not appropriate
|
||
for ISDs.
|
||
|
||
This Glossary marks terms and definitions as being either endorsed or
|
||
deprecated for use in ISDs, but this Glossary is not an Internet
|
||
standard. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
|
||
and "OPTIONAL" are intended to be interpreted the same way as in an
|
||
Internet Standard [R2119], but this guidance represents only the
|
||
recommendations of this author. However, this Glossary includes
|
||
reasons for the recommendations--particularly for the SHOULD NOTs--so
|
||
that readers can judge for themselves whether to follow the
|
||
recommendations.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 2]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
This Glossary supports the goals of the Internet Standards Process:
|
||
|
||
o Clear, Concise, and Easily Understood Documentation
|
||
|
||
This Glossary seeks to improve comprehensibility of security-
|
||
related content of ISDs. That requires wording to be clear and
|
||
understandable, and requires the set of security-related terms and
|
||
definitions to be consistent and self-supporting. Also, the
|
||
terminology needs to be uniform across all ISDs; i.e., the same
|
||
term or definition needs to be used whenever and wherever the same
|
||
concept is mentioned. Harmonization of existing ISDs need not be
|
||
done immediately, but it is desirable to correct and standardize
|
||
the terminology when new versions are issued in the normal course
|
||
of standards development and evolution.
|
||
|
||
o Technical Excellence
|
||
|
||
Just as Internet Standard (STD) protocols should operate
|
||
effectively, ISDs should use terminology accurately, precisely,
|
||
and unambiguously to enable Internet Standards to be implemented
|
||
correctly.
|
||
|
||
o Prior Implementation and Testing
|
||
|
||
Just as STD protocols require demonstrated experience and
|
||
stability before adoption, ISDs need to use well-established
|
||
language. Using terms in their plainest, dictionary sense (when
|
||
appropriate) helps to ensure international understanding. ISDs
|
||
need to avoid using private, made-up terms in place of generally-
|
||
accepted terms from standards and other publications. ISDs need to
|
||
avoid substituting new definitions that conflict with established
|
||
ones. ISDs need to avoid using "cute" synonyms (e.g., see: Green
|
||
Book); no matter how popular a nickname may be in one community,
|
||
it is likely to cause confusion in another.
|
||
|
||
o Openness, Fairness, and Timeliness
|
||
|
||
ISDs need to avoid terms that are proprietary or otherwise favor a
|
||
particular vendor, or that create a bias toward a particular
|
||
security technology or mechanism over other, competing techniques
|
||
that already exist or might be developed in the future. The set of
|
||
terminology used across the set of ISDs needs to be flexible and
|
||
adaptable as the state of Internet security art evolves.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 3]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
2. Explanation of Paragraph Markings
|
||
|
||
Section 3 marks terms and definitions as follows:
|
||
|
||
o Capitalization: Only terms that are proper nouns are capitalized.
|
||
|
||
o Paragraph Marking: Definitions and explanations are stated in
|
||
paragraphs that are marked as follows:
|
||
|
||
- "I" identifies a RECOMMENDED Internet definition.
|
||
- "N" identifies a RECOMMENDED non-Internet definition.
|
||
- "O" identifies a definition that is not recommended as the first
|
||
choice for Internet documents but is something that authors of
|
||
Internet documents need to know.
|
||
- "D" identifies a term or definition that SHOULD NOT be used in
|
||
Internet documents.
|
||
- "C" identifies commentary or additional usage guidance.
|
||
|
||
The rest of Section 2 further explains these five markings.
|
||
|
||
2.1 Recommended Terms with an Internet Basis ("I")
|
||
|
||
The paragraph marking "I" (as opposed to "O") indicates a definition
|
||
that SHOULD be the first choice for use in ISDs. Most terms and
|
||
definitions of this type MAY be used in ISDs; however, some "I"
|
||
definitions are accompanied by a "D" paragraph that recommends
|
||
against using the term. Also, some "I" definitions are preceded by an
|
||
indication of a contextual usage limitation (e.g., see:
|
||
certification), and ISDs should not the term and definition outside
|
||
that context
|
||
|
||
An "I" (as opposed to an "N") also indicates that the definition has
|
||
an Internet basis. That is, either the Internet Standards Process is
|
||
authoritative for the term, or the term is sufficiently generic that
|
||
this Glossary can freely state a definition without contradicting a
|
||
non-Internet authority (e.g., see: attack).
|
||
|
||
Many terms with "I" definitions are proper nouns (e.g., see:
|
||
Internet Protocol). For such terms, the "I" definition is intended
|
||
only to provide basic information; the authoritative definition is
|
||
found elsewhere.
|
||
|
||
For a proper noun identified as an "Internet protocol", please refer
|
||
to the current edition of "Internet Official Protocol Standards" (STD
|
||
1) for the standardization state and status of the protocol.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 4]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
2.2 Recommended Terms with a Non-Internet Basis ("N")
|
||
|
||
The paragraph marking "N" (as opposed to "O") indicates a definition
|
||
that SHOULD be the first choice for the term, if the term is used at
|
||
all in Internet documents. Terms and definitions of this type MAY be
|
||
used in Internet documents (e.g., see: X.509 public-key certificate).
|
||
|
||
However, an "N" (as opposed to an "I") also indicates a definition
|
||
that has a non-Internet basis or origin. Many such definitions are
|
||
preceded by an indication of a contextual usage limitation, and this
|
||
Glossary's endorsement does not apply outside that context. Also,
|
||
some contexts are rarely if ever expected to occur in a Internet
|
||
document (e.g., see: baggage). In those cases, the listing exists to
|
||
make Internet authors aware of the non-Internet usage so that they
|
||
can avoid conflicts with non-Internet documents.
|
||
|
||
Many terms with "N" definitions are proper nouns (e.g., see:
|
||
Computer Security Objects Register). For such terms, the "N"
|
||
definition is intended only to provide basic information; the
|
||
authoritative definition is found elsewhere.
|
||
|
||
2.3 Other Definitions ("O")
|
||
|
||
The paragraph marking "O" indicates a definition that has a non-
|
||
Internet basis, but indicates that the definition SHOULD NOT be used
|
||
in ISDs *except* in cases where the term is specifically identified
|
||
as non-Internet.
|
||
|
||
For example, an ISD might mention "BCA" (see: brand certification
|
||
authority) or "baggage" as an example to illustrate some concept; in
|
||
that case, the document should specifically say "SET(trademark) BCA"
|
||
or "SET(trademark) baggage" and include the definition of the term.
|
||
|
||
For some terms that have a definition published by a non-Internet
|
||
authority--government (see: object reuse), industry (see: Secure Data
|
||
Exchange), national (see: Data Encryption Standard), or international
|
||
(see: data confidentiality)--this Glossary marks the definition "N",
|
||
recommending its use in Internet documents. In other cases, the non-
|
||
Internet definition of a term is inadequate or inappropriate for
|
||
ISDs. For example, it may be narrow or outdated, or it may need
|
||
clarification by substituting more careful or more explanatory
|
||
wording using other terms that are defined in this Glossary. In those
|
||
cases, this Glossary marks the tern "O" and provides an "I"
|
||
definition (or sometimes a different "N" definition), which precedes
|
||
and supersedes the definition marked "O".
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 5]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
In most of the cases where this Glossary provides a definition to
|
||
supersede one from a non-Internet standard, the substitute is
|
||
intended to subsume the meaning of the superseded "O" definition and
|
||
not conflict with it. For the term "security service", for example,
|
||
the "O" definition deals narrowly with only communication services
|
||
provided by layers in the OSI model and is inadequate for the full
|
||
range of ISD usage; the "I" definition can be used in more situations
|
||
and for more kinds of service. However, the "O" definition is also
|
||
provided here so that ISD authors will be aware of the context in
|
||
which the term is used more narrowly.
|
||
|
||
When making substitutions, this Glossary attempts to use
|
||
understandable English that does not contradict any non-Internet
|
||
authority. Still, terminology differs between the standards of the
|
||
American Bar Association, OSI, SET, the U.S. Department of Defense,
|
||
and other authorities, and this Glossary probably is not exactly
|
||
aligned with all of them.
|
||
|
||
2.4 Deprecated Terms, Definitions, and Uses ("D")
|
||
|
||
If this Glossary recommends that a term or definition SHOULD NOT be
|
||
used in ISDs, then either the definition has the paragraph marking
|
||
"D", or the restriction is stated in a "D" paragraph that immediately
|
||
follows the term or definition.
|
||
|
||
2.5 Commentary and Additional Guidance ("C")
|
||
|
||
The paragraph marking "C" identifies text that is advisory or
|
||
tutorial. This text MAY be reused in other Internet documents. This
|
||
text is not intended to be authoritative, but is provided to clarify
|
||
the definitions and to enhance this Glossary so that Internet
|
||
security novices can use it as a tutorial.
|
||
|
||
3. Definitions
|
||
|
||
Note: Each acronym or other abbreviation (except items of common
|
||
English usage, such as "e.g.", "etc.", "i.e.", "vol.", "pp.", "U.S.")
|
||
that is used in this Glossary, either in a definition or as a subpart
|
||
of a defined term, is also defined in this Glossary.
|
||
|
||
$ 3DES
|
||
See: triple DES.
|
||
|
||
$ *-property
|
||
(N) (Pronounced "star property".) See: "confinement property"
|
||
under Bell-LaPadula Model.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 6]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ ABA Guidelines
|
||
(N) "American Bar Association (ABA) Digital Signature Guidelines"
|
||
[ABA], a framework of legal principles for using digital
|
||
signatures and digital certificates in electronic commerce.
|
||
|
||
$ Abstract Syntax Notation One (ASN.1)
|
||
(N) A standard for describing data objects. [X680]
|
||
|
||
(C) OSI standards use ASN.1 to specify data formats for protocols.
|
||
OSI defines functionality in layers. Information objects at higher
|
||
layers are abstractly defined to be implemented with objects at
|
||
lower layers. A higher layer may define transfers of abstract
|
||
objects between computers, and a lower layer may define transfers
|
||
concretely as strings of bits. Syntax is needed to define abstract
|
||
objects, and encoding rules are needed to transform between
|
||
abstract objects and bit strings. (See: Basic Encoding Rules.)
|
||
|
||
(C) In ASN.1, formal names are written without spaces, and
|
||
separate words in a name are indicated by capitalizing the first
|
||
letter of each word except the first word. For example, the name
|
||
of a CRL is "certificateRevocationList".
|
||
|
||
$ ACC
|
||
See: access control center.
|
||
|
||
$ access
|
||
(I) The ability and means to communicate with or otherwise
|
||
interact with a system in order to use system resources to either
|
||
handle information or gain knowledge of the information the system
|
||
contains.
|
||
|
||
(O) "A specific type of interaction between a subject and an
|
||
object that results in the flow of information from one to the
|
||
other." [NCS04]
|
||
|
||
(C) In this Glossary, "access" is intended to cover any ability to
|
||
communicate with a system, including one-way communication in
|
||
either direction. In actual practice, however, entities outside a
|
||
security perimeter that can receive output from the system but
|
||
cannot provide input or otherwise directly interact with the
|
||
system, might be treated as not having "access" and, therefore, be
|
||
exempt from security policy requirements, such as the need for a
|
||
security clearance.
|
||
|
||
$ access control
|
||
(I) Protection of system resources against unauthorized access; a
|
||
process by which use of system resources is regulated according to
|
||
a security policy and is permitted by only authorized entities
|
||
|
||
|
||
|
||
Shirey Informational [Page 7]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(users, programs, processes, or other systems) according to that
|
||
policy. (See: access, access control service.)
|
||
|
||
(O) "The prevention of unauthorized use of a resource, including
|
||
the prevention of use of a resource in an unauthorized manner."
|
||
[I7498 Part 2]
|
||
|
||
$ access control center (ACC)
|
||
(I) A computer containing a database with entries that define a
|
||
security policy for an access control service.
|
||
|
||
(C) An ACC is sometimes used in conjunction with a key center to
|
||
implement access control in a key distribution system for
|
||
symmetric cryptography.
|
||
|
||
$ access control list (ACL)
|
||
(I) A mechanism that implements access control for a system
|
||
resource by enumerating the identities of the system entities that
|
||
are permitted to access the resource. (See: capability.)
|
||
|
||
$ access control service
|
||
(I) A security service that protects against a system entity using
|
||
a system resource in a way not authorized by the system's security
|
||
policy; in short, protection of system resources against
|
||
unauthorized access. (See: access control, discretionary access
|
||
control, identity-based security policy, mandatory access control,
|
||
rule-based security policy.)
|
||
|
||
(C) This service includes protecting against use of a resource in
|
||
an unauthorized manner by an entity that is authorized to use the
|
||
resource in some other manner. The two basic mechanisms for
|
||
implementing this service are ACLs and tickets.
|
||
|
||
$ access mode
|
||
(I) A distinct type of data processing operation--e.g., read,
|
||
write, append, or execute--that a subject can potentially perform
|
||
on an object in a computer system.
|
||
|
||
$ accountability
|
||
(I) The property of a system (including all of its system
|
||
resources) that ensures that the actions of a system entity may be
|
||
traced uniquely to that entity, which can be held responsible for
|
||
its actions. (See: audit service.)
|
||
|
||
(C) Accountability permits detection and subsequent investigation
|
||
of security breaches.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 8]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ accredit
|
||
$ accreditation
|
||
(I) An administrative declaration by a designated authority that
|
||
an information system is approved to operate in a particular
|
||
security configuration with a prescribed set of safeguards.
|
||
[FP102] (See: certification.)
|
||
|
||
(C) An accreditation is usually based on a technical certification
|
||
of the system's security mechanisms. The terms "certification" and
|
||
"accreditation" are used more in the U.S. Department of Defense
|
||
and other government agencies than in commercial organizations.
|
||
However, the concepts apply any place where managers are required
|
||
to deal with and accept responsibility for security risks. The
|
||
American Bar Association is developing accreditation criteria for
|
||
CAs.
|
||
|
||
$ ACL
|
||
See: access control list.
|
||
|
||
$ acquirer
|
||
(N) SET usage: "The financial institution that establishes an
|
||
account with a merchant and processes payment card authorizations
|
||
and payments." [SET1]
|
||
|
||
(O) "The institution (or its agent) that acquires from the card
|
||
acceptor the financial data relating to the transaction and
|
||
initiates that data into an interchange system." [SET2]
|
||
|
||
$ active attack
|
||
See: (secondary definition under) attack.
|
||
|
||
$ active wiretapping
|
||
See: (secondary definition under) wiretapping.
|
||
|
||
$ add-on security
|
||
(I) "The retrofitting of protection mechanisms, implemented by
|
||
hardware or software, after the [automatic data processing] system
|
||
has become operational." [FP039]
|
||
|
||
$ administrative security
|
||
(I) Management procedures and constraints to prevent unauthorized
|
||
access to a system. (See: security architecture.)
|
||
|
||
(O) "The management constraints, operational procedures,
|
||
accountability procedures, and supplemental controls established
|
||
to provide an acceptable level of protection for sensitive data."
|
||
[FP039]
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 9]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) Examples include clear delineation and separation of duties,
|
||
and configuration control.
|
||
|
||
$ Advanced Encryption Standard (AES)
|
||
(N) A future FIPS publication being developed by NIST to succeed
|
||
DES. Intended to specify an unclassified, publicly-disclosed,
|
||
symmetric encryption algorithm, available royalty-free worldwide.
|
||
|
||
$ adversary
|
||
(I) An entity that attacks, or is a threat to, a system.
|
||
|
||
$ aggregation
|
||
(I) A circumstance in which a collection of information items is
|
||
required to be classified at a higher security level than any of
|
||
the individual items that comprise it.
|
||
|
||
$ AH
|
||
See: Authentication Header
|
||
|
||
$ algorithm
|
||
(I) A finite set of step-by-step instructions for a problem-
|
||
solving or computation procedure, especially one that can be
|
||
implemented by a computer. (See: cryptographic algorithm.)
|
||
|
||
$ alias
|
||
(I) A name that an entity uses in place of its real name, usually
|
||
for the purpose of either anonymity or deception.
|
||
|
||
$ American National Standards Institute (ANSI)
|
||
(N) A private, not-for-profit association of users, manufacturers,
|
||
and other organizations, that administers U.S. private sector
|
||
voluntary standards.
|
||
|
||
(C) ANSI is the sole U.S. representative to the two major non-
|
||
treaty international standards organizations, ISO and, via the
|
||
U.S. National Committee (USNC), the International Electrotechnical
|
||
Commission (IEC).
|
||
|
||
$ anonymous
|
||
(I) The condition of having a name that is unknown or concealed.
|
||
(See: anonymous login.)
|
||
|
||
(C) An application may require security services that maintain
|
||
anonymity of users or other system entities, perhaps to preserve
|
||
their privacy or hide them from attack. To hide an entity's real
|
||
name, an alias may be used. For example, a financial institution
|
||
may assign an account number. Parties to a transaction can thus
|
||
remain relatively anonymous, but can also accept the transaction
|
||
|
||
|
||
|
||
Shirey Informational [Page 10]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
as legitimate. Real names of the parties cannot be easily
|
||
determined by observers of the transaction, but an authorized
|
||
third party may be able to map an alias to a real name, such as by
|
||
presenting the institution with a court order. In other
|
||
applications, anonymous entities may be completely untraceable.
|
||
|
||
$ anonymous login
|
||
(I) An access control feature (or, rather, an access control
|
||
weakness) in many Internet hosts that enables users to gain access
|
||
to general-purpose or public services and resources on a host
|
||
(such as allowing any user to transfer data using File Transfer
|
||
Protocol) without having a pre-established, user-specific account
|
||
(i.e., user name and secret password).
|
||
|
||
(C) This feature exposes a system to more threats than when all
|
||
the users are known, pre-registered entities that are individually
|
||
accountable for their actions. A user logs in using a special,
|
||
publicly known user name (e.g., "anonymous", "guest", or "ftp").
|
||
To use the public login name, the user is not required to know a
|
||
secret password and may not be required to input anything at all
|
||
except the name. In other cases, to complete the normal sequence
|
||
of steps in a login protocol, the system may require the user to
|
||
input a matching, publicly known password (such as "anonymous") or
|
||
may ask the user for an e-mail address or some other arbitrary
|
||
character string.
|
||
|
||
$ APOP
|
||
See: POP3 APOP.
|
||
|
||
$ archive
|
||
(I) (1.) Noun: A collection of data that is stored for a
|
||
relatively long period of time for historical and other purposes,
|
||
such as to support audit service, availability service, or system
|
||
integrity service. (See: backup.) (2.) Verb: To store data in such
|
||
a way. (See: back up.)
|
||
|
||
(C) A digital signature may need to be verified many years after
|
||
the signing occurs. The CA--the one that issued the certificate
|
||
containing the public key needed to verify that signature--may not
|
||
stay in operation that long. So every CA needs to provide for
|
||
long-term storage of the information needed to verify the
|
||
signatures of those to whom it issues certificates.
|
||
|
||
$ ARPANET
|
||
(N) Advanced Research Projects Agency Network, a pioneer packet-
|
||
switched network that was built in the early 1970s under contract
|
||
to the U.S. Government, led to the development of today's
|
||
Internet, and was decommissioned in June 1990.
|
||
|
||
|
||
|
||
Shirey Informational [Page 11]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ ASN.1
|
||
See: Abstract Syntax Notation One.
|
||
|
||
$ association
|
||
(I) A cooperative relationship between system entities, usually
|
||
for the purpose of transferring information between them. (See:
|
||
security association.)
|
||
|
||
$ assurance
|
||
(I) (1.) An attribute of an information system that provides
|
||
grounds for having confidence that the system operates such that
|
||
the system security policy is enforced. (2.) A procedure that
|
||
ensures a system is developed and operated as intended by the
|
||
system's security policy.
|
||
|
||
$ assurance level
|
||
(I) Evaluation usage: A specific level on a hierarchical scale
|
||
representing successively increased confidence that a target of
|
||
evaluation adequately fulfills the requirements. (E.g., see:
|
||
TCSEC.)
|
||
|
||
$ asymmetric cryptography
|
||
(I) A modern branch of cryptography (popularly known as "public-
|
||
key cryptography") in which the algorithms employ a pair of keys
|
||
(a public key and a private key) and use a different component of
|
||
the pair for different steps of the algorithm. (See: key pair.)
|
||
|
||
(C) Asymmetric algorithms have key management advantages over
|
||
equivalently strong symmetric ones. First, one key of the pair
|
||
does not need to be known by anyone but its owner; so it can more
|
||
easily be kept secret. Second, although the other key of the pair
|
||
is shared by all entities that use the algorithm, that key does
|
||
not need to be kept secret from other, non-using entities; so the
|
||
key distribution part of key management can be done more easily.
|
||
|
||
(C) For encryption: In an asymmetric encryption algorithm (e.g.,
|
||
see: RSA), when Alice wants to ensure confidentiality for data she
|
||
sends to Bob, she encrypts the data with a public key provided by
|
||
Bob. Only Bob has the matching private key that is needed to
|
||
decrypt the data.
|
||
|
||
(C) For signature: In an asymmetric digital signature algorithm
|
||
(e.g., see: DSA), when Alice wants to ensure data integrity or
|
||
provide authentication for data she sends to Bob, she uses her
|
||
private key to sign the data (i.e., create a digital signature
|
||
based on the data). To verify the signature, Bob uses the matching
|
||
public key that Alice has provided.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 12]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) For key agreement: In an asymmetric key agreement algorithm
|
||
(e.g., see: Diffie-Hellman), Alice and Bob each send their own
|
||
public key to the other person. Then each uses their own private
|
||
key and the other's public key to compute the new key value.
|
||
|
||
$ attack
|
||
(I) An assault on system security that derives from an intelligent
|
||
threat, i.e., an intelligent act that is a deliberate attempt
|
||
(especially in the sense of a method or technique) to evade
|
||
security services and violate the security policy of a system.
|
||
(See: penetration, violation, vulnerability.)
|
||
|
||
- Active vs. passive: An "active attack" attempts to alter system
|
||
resources or affect their operation. A "passive attack"
|
||
attempts to learn or make use of information from the system
|
||
but does not affect system resources. (E.g., see: wiretapping.)
|
||
|
||
- Insider vs. outsider: An "inside attack" is an attack initiated
|
||
by an entity inside the security perimeter (an "insider"),
|
||
i.e., an entity that is authorized to access system resources
|
||
but uses them in a way not approved by those who granted the
|
||
authorization. An "outside attack" is initiated from outside
|
||
the perimeter, by an unauthorized or illegitimate user of the
|
||
system (an "outsider"). In the Internet, potential outside
|
||
attackers range from amateur pranksters to organized criminals,
|
||
international terrorists, and hostile governments.
|
||
|
||
(C) The term "attack" relates to some other basic security terms
|
||
as shown in the following diagram:
|
||
|
||
+ - - - - - - - - - - - - + + - - - - + + - - - - - - - - - - -+
|
||
| An Attack: | |Counter- | | A System Resource: |
|
||
| i.e., A Threat Action | | measure | | Target of the Attack |
|
||
| +----------+ | | | | +-----------------+ |
|
||
| | Attacker |<==================||<========= | |
|
||
| | i.e., | Passive | | | | | Vulnerability | |
|
||
| | A Threat |<=================>||<========> | |
|
||
| | Agent | or Active | | | | +-------|||-------+ |
|
||
| +----------+ Attack | | | | VVV |
|
||
| | | | | Threat Consequences |
|
||
+ - - - - - - - - - - - - + + - - - - + + - - - - - - - - - - -+
|
||
|
||
$ attribute authority
|
||
(I) A CA that issues attribute certificates.
|
||
|
||
(O) "An authority, trusted by the verifier to delegate privilege,
|
||
which issues attribute certificates." [FPDAM]
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 13]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ attribute certificate
|
||
(I) A digital certificate that binds a set of descriptive data
|
||
items, other than a public key, either directly to a subject name
|
||
or to the identifier of another certificate that is a public-key
|
||
certificate. [X509]
|
||
|
||
(O) "A set of attributes of a user together with some other
|
||
information, rendered unforgeable by the digital signature created
|
||
using the private key of the CA which issued it." [X509]
|
||
|
||
(O) "A data structure that includes some attribute values and
|
||
identification information about the owner of the attribute
|
||
certificate, all digitally signed by an Attribute Authority. This
|
||
authority's signature serves as the guarantee of the binding
|
||
between the attributes and their owner." [FPDAM]
|
||
|
||
(C) A public-key certificate binds a subject name to a public key
|
||
value, along with information needed to perform certain
|
||
cryptographic functions. Other attributes of a subject, such as a
|
||
security clearance, may be certified in a separate kind of digital
|
||
certificate, called an attribute certificate. A subject may have
|
||
multiple attribute certificates associated with its name or with
|
||
each of its public-key certificates.
|
||
|
||
(C) An attribute certificate might be issued to a subject in the
|
||
following situations:
|
||
|
||
- Different lifetimes: When the lifetime of an attribute binding
|
||
is shorter than that of the related public-key certificate, or
|
||
when it is desirable not to need to revoke a subject's public
|
||
key just to revoke an attribute.
|
||
|
||
- Different authorities: When the authority responsible for the
|
||
attributes is different than the one that issues the public-key
|
||
certificate for the subject. (There is no requirement that an
|
||
attribute certificate be issued by the same CA that issued the
|
||
associated public-key certificate.)
|
||
|
||
$ audit service
|
||
(I) A security service that records information needed to
|
||
establish accountability for system events and for the actions of
|
||
system entities that cause them. (See: security audit.)
|
||
|
||
$ audit trail
|
||
See: security audit trail.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 14]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ AUTH
|
||
See: POP3 AUTH.
|
||
|
||
$ authentic signature
|
||
(I) A signature (particularly a digital signature) that can be
|
||
trusted because it can be verified. (See: validate vs. verify.)
|
||
|
||
$ authenticate
|
||
(I) Verify (i.e., establish the truth of) an identity claimed by
|
||
or for a system entity. (See: authentication.)
|
||
|
||
(D) In general English usage, this term usually means "to prove
|
||
genuine" (e.g., an art expert authenticates a Michelangelo
|
||
painting). But the recommended definition carries a much narrower
|
||
meaning. For example, to be precise, an ISD SHOULD NOT say "the
|
||
host authenticates each received datagram". Instead, the ISD
|
||
SHOULD say "the host authenticates the origin of each received
|
||
datagram". In most cases, we also can say "and verifies the
|
||
datagram's integrity", because that is usually implied. (See:
|
||
("relationship between data integrity service and authentication
|
||
services" under) data integrity service.)
|
||
|
||
(D) ISDs SHOULD NOT talk about authenticating a digital signature
|
||
or digital certificate. Instead, we "sign" and then "verify"
|
||
digital signatures, and we "issue" and then "validate" digital
|
||
certificates. (See: validate vs. verify.)
|
||
|
||
$ authentication
|
||
(I) The process of verifying an identity claimed by or for a
|
||
system entity. (See: authenticate, authentication exchange,
|
||
authentication information, credential, data origin
|
||
authentication, peer entity authentication.)
|
||
|
||
(C) An authentication process consists of two steps:
|
||
|
||
1. Identification step: Presenting an identifier to the security
|
||
system. (Identifiers should be assigned carefully, because
|
||
authenticated identities are the basis for other security
|
||
services, such as access control service.)
|
||
|
||
2. Verification step: Presenting or generating authentication
|
||
information that corroborates the binding between the entity
|
||
and the identifier. (See: verification.)
|
||
|
||
(C) See: ("relationship between data integrity service and
|
||
authentication services" under) data integrity service.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 15]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ authentication code
|
||
(D) ISDs SHOULD NOT use this term as a synonym for any form of
|
||
checksum, whether cryptographic or not. The word "authentication"
|
||
is misleading because the mechanism involved usually serves a data
|
||
integrity function rather than an authentication function, and the
|
||
word "code" is misleading because it implies that either encoding
|
||
or encryption is involved or that the term refers to computer
|
||
software. (See: message authentication code.)
|
||
|
||
$ authentication exchange
|
||
(I) A mechanism to verify the identity of an entity by means of
|
||
information exchange.
|
||
|
||
(O) "A mechanism intended to ensure the identity of an entity by
|
||
means of information exchange." [I7498 Part 2]
|
||
|
||
$ Authentication Header (AH)
|
||
(I) An Internet IPsec protocol [R2402] designed to provide
|
||
connectionless data integrity service and data origin
|
||
authentication service for IP datagrams, and (optionally) to
|
||
provide protection against replay attacks.
|
||
|
||
(C) Replay protection may be selected by the receiver when a
|
||
security association is established. AH authenticates upper-layer
|
||
protocol data units and as much of the IP header as possible.
|
||
However, some IP header fields may change in transit, and the
|
||
value of these fields, when the packet arrives at the receiver,
|
||
may not be predictable by the sender. Thus, the values of such
|
||
fields cannot be protected end-to-end by AH; protection of the IP
|
||
header by AH is only partial when such fields are present.
|
||
|
||
(C) AH may be used alone, or in combination with the IPsec ESP
|
||
protocol, or in a nested fashion with tunneling. Security services
|
||
can be provided between a pair of communicating hosts, between a
|
||
pair of communicating security gateways, or between a host and a
|
||
gateway. ESP can provide the same security services as AH, and ESP
|
||
can also provide data confidentiality service. The main difference
|
||
between authentication services provided by ESP and AH is the
|
||
extent of the coverage; ESP does not protect IP header fields
|
||
unless they are encapsulated by AH.
|
||
|
||
$ authentication information
|
||
(I) Information used to verify an identity claimed by or for an
|
||
entity. (See: authentication, credential.)
|
||
|
||
(C) Authentication information may exist as, or be derived from,
|
||
one of the following:
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 16]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- Something the entity knows. (See: password).
|
||
- Something the entity possesses. (See: token.)
|
||
- Something the entity is. (See: biometric authentication.)
|
||
|
||
$ authentication service
|
||
(I) A security service that verifies an identity claimed by or for
|
||
an entity. (See: authentication.)
|
||
|
||
(C) In a network, there are two general forms of authentication
|
||
service: data origin authentication service and peer entity
|
||
authentication service.
|
||
|
||
$ authenticity
|
||
(I) The property of being genuine and able to be verified and be
|
||
trusted. (See: authenticate, authentication, validate vs. verify)
|
||
|
||
$ authority
|
||
(D) "An entity, responsible for the issuance of certificates."
|
||
[FPDAM]
|
||
|
||
(C) ISDs SHOULD NOT use this term as a synonym for AA, CA, RA,
|
||
ORA, or similar terms, because it may cause confusion. Instead,
|
||
use the full term at the first instance of usage and then, if it
|
||
is necessary to shorten text, use the style of abbreviation
|
||
defined in this Glossary.
|
||
|
||
(C) ISDs SHOULD NOT use this definition for any PKI entity,
|
||
because the definition is ambiguous with regard to whether the
|
||
entity actually issues certificates (e.g., attribute authority or
|
||
certification authority) or just has accountability for processes
|
||
that precede or follow signing (e.g., registration authority).
|
||
(See: issue.)
|
||
|
||
$ authority certificate
|
||
(D) "A certificate issued to an authority (e.g. either to a
|
||
certification authority or to an attribute authority)." [FPDAM]
|
||
(See: authority.)
|
||
|
||
(C) ISDs SHOULD NOT use this term or definition because they are
|
||
ambiguous with regard to which specific types of PKI entities they
|
||
address.
|
||
|
||
$ authority revocation list (ARL)
|
||
(I) A data structure that enumerates digital certificates that
|
||
were issued to CAs but have been invalidated by their issuer prior
|
||
to when they were scheduled to expire. (See: certificate
|
||
expiration, X.509 authority revocation list.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 17]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(O) "A revocation list containing a list of public-key
|
||
certificates issued to authorities, which are no longer considered
|
||
valid by the certificate issuer." [FPDAM]
|
||
|
||
$ authorization
|
||
$ authorize
|
||
(I) (1.) An "authorization" is a right or a permission that is
|
||
granted to a system entity to access a system resource. (2.) An
|
||
"authorization process" is a procedure for granting such rights.
|
||
(3.) To "authorize" means to grant such a right or permission.
|
||
(See: privilege.)
|
||
|
||
(O) SET usage: "The process by which a properly appointed person
|
||
or persons grants permission to perform some action on behalf of
|
||
an organization. This process assesses transaction risk, confirms
|
||
that a given transaction does not raise the account holder's debt
|
||
above the account's credit limit, and reserves the specified
|
||
amount of credit. (When a merchant obtains authorization, payment
|
||
for the authorized amount is guaranteed--provided, of course, that
|
||
the merchant followed the rules associated with the authorization
|
||
process.)" [SET2]
|
||
|
||
$ automated information system
|
||
(I) An organized assembly of resources and procedures--i.e.,
|
||
computing and communications equipment and services, with their
|
||
supporting facilities and personnel--that collect, record,
|
||
process, store, transport, retrieve, or display information to
|
||
accomplish a specified set of functions.
|
||
|
||
$ availability
|
||
(I) The property of a system or a system resource being accessible
|
||
and usable upon demand by an authorized system entity, according
|
||
to performance specifications for the system; i.e., a system is
|
||
available if it provides services according to the system design
|
||
whenever users request them. (See: critical, denial of service,
|
||
reliability, survivability.)
|
||
|
||
(O) "The property of being accessible and usable upon demand by an
|
||
authorized entity." [I7498 Part 2]
|
||
|
||
$ availability service
|
||
(I) A security service that protects a system to ensure its
|
||
availability.
|
||
|
||
(C) This service addresses the security concerns raised by denial-
|
||
of-service attacks. It depends on proper management and control of
|
||
system resources, and thus depends on access control service and
|
||
other security services.
|
||
|
||
|
||
|
||
Shirey Informational [Page 18]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ back door
|
||
(I) A hardware or software mechanism that (a) provides access to a
|
||
system and its resources by other than the usual procedure, (b)
|
||
was deliberately left in place by the system's designers or
|
||
maintainers, and (c) usually is not publicly known. (See: trap
|
||
door.)
|
||
|
||
(C) For example, a way to access a computer other than through a
|
||
normal login. Such access paths do not necessarily have malicious
|
||
intent; e.g., operating systems sometimes are shipped by the
|
||
manufacturer with privileged accounts intended for use by field
|
||
service technicians or the vendor's maintenance programmers. (See:
|
||
trap door.)
|
||
|
||
$ back up vs. backup
|
||
(I) Verb "back up": To store data for the purpose of creating a
|
||
backup copy. (See: archive.)
|
||
|
||
(I) Noun/adjective "backup": (1.) A reserve copy of data that is
|
||
stored separately from the original, for use if the original
|
||
becomes lost or damaged. (See: archive.) (2.) Alternate means to
|
||
permit performance of system functions despite a disaster to
|
||
system resources. (See: contingency plan.)
|
||
|
||
$ baggage
|
||
(D) ISDs SHOULD NOT use this term to describe a data element
|
||
except when stated as "SET(trademark) baggage" with the following
|
||
meaning:
|
||
|
||
(O) SET usage: An "opaque encrypted tuple, which is included in a
|
||
SET message but appended as external data to the PKCS encapsulated
|
||
data. This avoids superencryption of the previously encrypted
|
||
tuple, but guarantees linkage with the PKCS portion of the
|
||
message." [SET2]
|
||
|
||
$ bandwidth
|
||
(I) Commonly used to mean the capacity of a communication channel
|
||
to pass data through the channel in a given amount of time.
|
||
Usually expressed in bits per second.
|
||
|
||
$ bank identification number (BIN)
|
||
(N) The digits of a credit card number that identify the issuing
|
||
bank. (See: primary account number.)
|
||
|
||
(O) SET usage: The first six digits of a primary account number.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 19]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ Basic Encoding Rules (BER)
|
||
(I) A standard for representing ASN.1 data types as strings of
|
||
octets. [X690] (See: Distinguished Encoding Rules.)
|
||
|
||
$ bastion host
|
||
(I) A strongly protected computer that is in a network protected
|
||
by a firewall (or is part of a firewall) and is the only host (or
|
||
one of only a few hosts) in the network that can be directly
|
||
accessed from networks on the other side of the firewall.
|
||
|
||
(C) Filtering routers in a firewall typically restrict traffic
|
||
from the outside network to reaching just one host, the bastion
|
||
host, which usually is part of the firewall. Since only this one
|
||
host can be directly attacked, only this one host needs to be very
|
||
strongly protected, so security can be maintained more easily and
|
||
less expensively. However, to allow legitimate internal and
|
||
external users to access application resources through the
|
||
firewall, higher layer protocols and services need to be relayed
|
||
and forwarded by the bastion host. Some services (e.g., DNS and
|
||
SMTP) have forwarding built in; other services (e.g., TELNET and
|
||
FTP) require a proxy server on the bastion host.
|
||
|
||
$ BCA
|
||
See: brand certification authority.
|
||
|
||
$ BCI
|
||
See: brand CRL identifier.
|
||
|
||
$ Bell-LaPadula Model
|
||
(N) A formal, mathematical, state-transition model of security
|
||
policy for multilevel-secure computer systems. [Bell]
|
||
|
||
(C) The model separates computer system elements into a set of
|
||
subjects and a set of objects. To determine whether or not a
|
||
subject is authorized for a particular access mode on an object,
|
||
the clearance of the subject is compared to the classification of
|
||
the object. The model defines the notion of a "secure state", in
|
||
which the only permitted access modes of subjects to objects are
|
||
in accordance with a specified security policy. It is proven that
|
||
each state transition preserves security by moving from secure
|
||
state to secure state, thereby proving that the system is secure.
|
||
|
||
(C) In this model, a multilevel-secure system satisfies several
|
||
rules, including the following:
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 20]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- "Confinement property" (also called "*-property", pronounced
|
||
"star property"): A subject has write access to an object only
|
||
if classification of the object dominates the clearance of the
|
||
subject.
|
||
|
||
- "Simple security property": A subject has read access to an
|
||
object only if the clearance of the subject dominates the
|
||
classification of the object.
|
||
|
||
- "Tranquillity property": The classification of an object does
|
||
not change while the object is being processed by the system.
|
||
|
||
$ BER
|
||
See: Basic Encoding Rules.
|
||
|
||
$ beyond A1
|
||
(O) (1.) Formally, a level of security assurance that is beyond
|
||
the highest level of criteria specified by the TCSEC. (2.)
|
||
Informally, a level of trust so high that it cannot be provided or
|
||
verified by currently available assurance methods, and
|
||
particularly not by currently available formal methods.
|
||
|
||
$ BIN
|
||
See: bank identification number.
|
||
|
||
$ bind
|
||
(I) To inseparably associate by applying some mechanism, such as
|
||
when a CA uses a digital signature to bind together a subject and
|
||
a public key in a public-key certificate.
|
||
|
||
$ biometric authentication
|
||
(I) A method of generating authentication information for a person
|
||
by digitizing measurements of a physical characteristic, such as a
|
||
fingerprint, a hand shape, a retina pattern, a speech pattern
|
||
(voiceprint), or handwriting.
|
||
|
||
$ bit
|
||
(I) The smallest unit of information storage; a contraction of the
|
||
term "binary digit"; one of two symbols--"0" (zero) and "1" (one)
|
||
--that are used to represent binary numbers.
|
||
|
||
$ BLACK
|
||
(I) Designation for information system equipment or facilities
|
||
that handle (and for data that contains) only ciphertext (or,
|
||
depending on the context, only unclassified information), and for
|
||
such data itself. This term derives from U.S. Government COMSEC
|
||
terminology. (See: RED, RED/BLACK separation.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 21]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ block cipher
|
||
(I) An encryption algorithm that breaks plaintext into fixed-size
|
||
segments and uses the same key to transform each plaintext segment
|
||
into a fixed-size segment of ciphertext. (See: mode, stream
|
||
cipher.)
|
||
|
||
(C) For example, Blowfish, DEA, IDEA, RC2, and SKIPJACK. However,
|
||
a block cipher can be adapted to have a different external
|
||
interface, such as that of a stream cipher, by using a mode of
|
||
operation to "package" the basic algorithm.
|
||
|
||
$ Blowfish
|
||
(N) A symmetric block cipher with variable-length key (32 to 448
|
||
bits) designed in 1993 by Bruce Schneier as an unpatented,
|
||
license-free, royalty-free replacement for DES or IDEA. [Schn]
|
||
|
||
$ brand
|
||
(I) A distinctive mark or name that identifies a product or
|
||
business entity.
|
||
|
||
(O) SET usage: The name of a payment card. Financial institutions
|
||
and other companies have founded payment card brands, protect and
|
||
advertise the brands, establish and enforce rules for use and
|
||
acceptance of their payment cards, and provide networks to
|
||
interconnect the financial institutions. These brands combine the
|
||
roles of issuer and acquirer in interactions with cardholders and
|
||
merchants. [SET1]
|
||
|
||
$ brand certification authority (BCA)
|
||
(O) SET usage: A CA owned by a payment card brand, such as
|
||
MasterCard, Visa, or American Express. [SET2] (See: certification
|
||
hierarchy, SET.)
|
||
|
||
$ brand CRL identifier (BCI)
|
||
(O) SET usage: A digitally signed list, issued by a BCA, of the
|
||
names of CAs for which CRLs need to be processed when verifying
|
||
signatures in SET messages. [SET2]
|
||
|
||
$ break
|
||
(I) Cryptographic usage: To successfully perform cryptanalysis and
|
||
thus succeed in decrypting data or performing some other
|
||
cryptographic function, without initially having knowledge of the
|
||
key that the function requires. (This term applies to encrypted
|
||
data or, more generally, to a cryptographic algorithm or
|
||
cryptographic system.)
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 22]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ bridge
|
||
(I) A computer that is a gateway between two networks (usually two
|
||
LANs) at OSI layer 2. (See: router.)
|
||
|
||
$ British Standard 7799
|
||
(N) Part 1 is a standard code of practice and provides guidance on
|
||
how to secure an information system. Part 2 specifies the
|
||
management framework, objectives, and control requirements for
|
||
information security management systems [B7799]. The certification
|
||
scheme works like ISO 9000. It is in use in the UK, the
|
||
Netherlands, Australia, and New Zealand and might be proposed as
|
||
an ISO standard or adapted to be part of the Common Criteria.
|
||
|
||
$ browser
|
||
(I) An client computer program that can retrieve and display
|
||
information from servers on the World Wide Web.
|
||
|
||
(C) For example, Netscape's Navigator and Communicator, and
|
||
Microsoft's Explorer.
|
||
|
||
$ brute force
|
||
(I) A cryptanalysis technique or other kind of attack method
|
||
involving an exhaustive procedure that tries all possibilities,
|
||
one-by-one.
|
||
|
||
(C) For example, for ciphertext where the analyst already knows
|
||
the decryption algorithm, a brute force technique to finding the
|
||
original plaintext is to decrypt the message with every possible
|
||
key.
|
||
|
||
$ BS7799
|
||
See: British Standard 7799.
|
||
|
||
$ byte
|
||
(I) A fundamental unit of computer storage; the smallest
|
||
addressable unit in a computer's architecture. Usually holds one
|
||
character of information and, today, usually means eight bits.
|
||
(See: octet.)
|
||
|
||
(C) Larger than a "bit", but smaller than a "word". Although
|
||
"byte" almost always means "octet" today, bytes had other sizes
|
||
(e.g., six bits, nine bits) in earlier computer architectures.
|
||
|
||
$ CA
|
||
See: certification authority.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 23]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ CA certificate
|
||
(I) "A [digital] certificate for one CA issued by another CA."
|
||
[X509]
|
||
|
||
(C) That is, a digital certificate whose holder is able to issue
|
||
digital certificates. A v3 X.509 public-key certificate may have a
|
||
"basicConstraints" extension containing a "cA" value that
|
||
specifically "indicates whether or not the public key may be used
|
||
to verify certificate signatures."
|
||
|
||
$ call back
|
||
(I) An authentication technique for terminals that remotely access
|
||
a computer via telephone lines. The host system disconnects the
|
||
caller and then calls back on a telephone number that was
|
||
previously authorized for that terminal.
|
||
|
||
$ capability
|
||
(I) A token, usually an unforgeable data value (sometimes called a
|
||
"ticket") that gives the bearer or holder the right to access a
|
||
system resource. Possession of the token is accepted by a system
|
||
as proof that the holder has been authorized to access the
|
||
resource named or indicated by the token. (See: access control
|
||
list, credential, digital certificate.)
|
||
|
||
(C) This concept can be implemented as a digital certificate.
|
||
(See: attribute certificate.)
|
||
|
||
$ CAPI
|
||
See: cryptographic application programming interface.
|
||
|
||
$ CAPSTONE chip
|
||
(N) An integrated circuit (the Mykotronx, Inc. MYK-82) with a Type
|
||
II cryptographic processor that implements SKIPJACK, KEA, DSA,
|
||
SHA, and basic mathematical functions to support asymmetric
|
||
cryptography, and includes the key escrow feature of the CLIPPER
|
||
chip. (See: FORTEZZA card.)
|
||
|
||
$ card
|
||
See: cryptographic card, FORTEZZA card, payment card, PC card,
|
||
smart card, token.
|
||
|
||
$ card backup
|
||
See: token backup.
|
||
|
||
$ card copy
|
||
See: token copy.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 24]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ card restore
|
||
See: token restore.
|
||
|
||
$ cardholder
|
||
(I) An entity that has been issued a card.
|
||
|
||
(O) SET usage: "The holder of a valid payment card account and
|
||
user of software supporting electronic commerce." [SET2] A
|
||
cardholder is issued a payment card by an issuer. SET ensures that
|
||
in the cardholder's interactions with merchants, the payment card
|
||
account information remains confidential. [SET1]
|
||
|
||
$ cardholder certificate
|
||
(O) SET usage: A digital certificate that is issued to a
|
||
cardholder upon approval of the cardholder's issuing financial
|
||
institution and that is transmitted to merchants with purchase
|
||
requests and encrypted payment instructions, carrying assurance
|
||
that the account number has been validated by the issuing
|
||
financial institution and cannot be altered by a third party.
|
||
[SET1]
|
||
|
||
$ cardholder certification authority (CCA)
|
||
(O) SET usage: A CA responsible for issuing digital certificates
|
||
to cardholders and operated on behalf of a payment card brand, an
|
||
issuer, or another party according to brand rules. A CCA maintains
|
||
relationships with card issuers to allow for the verification of
|
||
cardholder accounts. A CCA does not issue a CRL but does
|
||
distribute CRLs issued by root CAs, brand CAs, geopolitical CAs,
|
||
and payment gateway CAs. [SET2]
|
||
|
||
$ CAST
|
||
(N) A design procedure for symmetric encryption algorithms, and a
|
||
resulting family of algorithms, invented by C.A. (Carlisle Adams)
|
||
and S.T. (Stafford Tavares). [R2144, R2612]
|
||
|
||
$ category
|
||
(I) A grouping of sensitive information items to which a non-
|
||
hierarchical restrictive security label is applied to increase
|
||
protection of the data. (See: compartment.)
|
||
|
||
$ CAW
|
||
See: certification authority workstation.
|
||
|
||
$ CBC
|
||
See: cipher block chaining.
|
||
|
||
$ CCA
|
||
See: cardholder certification authority.
|
||
|
||
|
||
|
||
Shirey Informational [Page 25]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ CCITT
|
||
(N) Acronym for French translation of International Telephone and
|
||
Telegraph Consultative Committee. Now renamed ITU-T.
|
||
|
||
$ CERT
|
||
See: computer emergency response team.
|
||
|
||
$ certificate
|
||
(I) General English usage: A document that attests to the truth of
|
||
something or the ownership of something.
|
||
|
||
(C) Security usage: See: capability, digital certificate.
|
||
|
||
(C) PKI usage: See: attribute certificate, public-key certificate.
|
||
|
||
$ certificate authority
|
||
(D) ISDs SHOULD NOT use this term because it looks like sloppy use
|
||
of "certification authority", which is the term standardized by
|
||
X.509.
|
||
|
||
$ certificate chain
|
||
(D) ISDs SHOULD NOT use this term because it duplicates the
|
||
meaning of a standardized term. Instead, use "certification path".
|
||
|
||
$ certificate chain validation
|
||
(D) ISDs SHOULD NOT use this term because it duplicates the
|
||
meaning of standardized terms and mixes concepts in a potentially
|
||
misleading way. Instead, use "certificate validation" or "path
|
||
validation", depending on what is meant. (See: validate vs.
|
||
verify.)
|
||
|
||
$ certificate creation
|
||
(I) The act or process by which a CA sets the values of a digital
|
||
certificate's data fields and signs it. (See: issue.)
|
||
|
||
$ certificate expiration
|
||
(I) The event that occurs when a certificate ceases to be valid
|
||
because its assigned lifetime has been exceeded. (See: certificate
|
||
revocation, validity period.)
|
||
|
||
$ certificate extension
|
||
See: extension.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 26]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ certificate holder
|
||
(D) ISDs SHOULD NOT use this term as a synonym for the subject of
|
||
a digital certificate because the term is potentially ambiguous.
|
||
For example, the term could also refer to a system entity, such as
|
||
a repository, that simply has possession of a copy of the
|
||
certificate. (See: certificate owner.)
|
||
|
||
$ certificate management
|
||
(I) The functions that a CA may perform during the life cycle of a
|
||
digital certificate, including the following:
|
||
|
||
- Acquire and verify data items to bind into the certificate.
|
||
- Encode and sign the certificate.
|
||
- Store the certificate in a directory or repository.
|
||
- Renew, rekey, and update the certificate.
|
||
- Revoke the certificate and issue a CRL.
|
||
|
||
(See: archive management, certificate management, key management,
|
||
security architecture, token management.)
|
||
|
||
$ certificate owner
|
||
(D) ISDs SHOULD NOT use this term as a synonym for the subject of
|
||
a digital certificate because the term is potentially ambiguous.
|
||
For example, the term could also refer to a system entity, such as
|
||
a corporation, that has acquired a certificate to operate some
|
||
other entity, such as a Web server. (See: certificate holder.)
|
||
|
||
$ certificate policy
|
||
(I) "A named set of rules that indicates the applicability of a
|
||
certificate to a particular community and/or class of application
|
||
with common security requirements." [X509] (See: certification
|
||
practice statement.)
|
||
|
||
(C) A certificate policy can help a certificate user decide
|
||
whether a certificate should be trusted in a particular
|
||
application. "For example, a particular certificate policy might
|
||
indicate applicability of a type of certificate for the
|
||
authentication of electronic data interchange transactions for the
|
||
trading goods within a given price range." [R2527]
|
||
|
||
(C) A v3 X.509 public-key certificate may have a
|
||
"certificatePolicies" extension that lists certificate policies,
|
||
recognized by the issuing CA, that apply to the certificate and
|
||
govern its use. Each policy is denoted by an object identifier and
|
||
may optionally have certificate policy qualifiers.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 27]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) SET usage: Every SET certificate specifies at least one
|
||
certificate policy, that of the SET root CA. SET uses certificate
|
||
policy qualifiers to point to the actual policy statement and to
|
||
add qualifying policies to the root policy. (See: SET qualifier.)
|
||
|
||
$ certificate policy qualifier
|
||
(I) Information that pertains to a certificate policy and is
|
||
included in a "certificatePolicies" extension in a v3 X.509
|
||
public-key certificate.
|
||
|
||
$ certificate reactivation
|
||
(I) The act or process by which a digital certificate, which a CA
|
||
has designated for revocation but not yet listed on a CRL, is
|
||
returned to the valid state.
|
||
|
||
$ certificate rekey
|
||
(I) The act or process by which an existing public-key certificate
|
||
has its public key value changed by issuing a new certificate with
|
||
a different (usually new) public key. (See: certificate renewal,
|
||
certificate update, rekey.)
|
||
|
||
(C) For an X.509 public-key certificate, the essence of rekey is
|
||
that the subject stays the same and a new public key is bound to
|
||
that subject. Other changes are made, and the old certificate is
|
||
revoked, only as required by the PKI and CPS in support of the
|
||
rekey. If changes go beyond that, the process is a "certificate
|
||
update".
|
||
|
||
(O) MISSI usage: To rekey a MISSI X.509 public-key certificate
|
||
means that the issuing authority creates a new certificate that is
|
||
identical to the old one, except the new one has a new, different
|
||
KEA key; or a new, different DSS key; or new, different KEA and
|
||
DSS keys. The new certificate also has a different serial number
|
||
and may have a different validity period. A new key creation date
|
||
and maximum key lifetime period are assigned to each newly
|
||
generated key. If a new KEA key is generated, that key is assigned
|
||
a new KMID. The old certificate remains valid until it expires,
|
||
but may not be further renewed, rekeyed, or updated.
|
||
|
||
$ certificate renewal
|
||
(I) The act or process by which the validity of the data binding
|
||
asserted by an existing public-key certificate is extended in time
|
||
by issuing a new certificate. (See: certificate rekey, certificate
|
||
update.)
|
||
|
||
(C) For an X.509 public-key certificate, this term means that the
|
||
validity period is extended (and, of course, a new serial number
|
||
is assigned) but the binding of the public key to the subject and
|
||
|
||
|
||
|
||
Shirey Informational [Page 28]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
to other data items stays the same. The other data items are
|
||
changed, and the old certificate is revoked, only as required by
|
||
the PKI and CPS to support the renewal. If changes go beyond that,
|
||
the process is a "certificate rekey" or "certificate update".
|
||
|
||
$ certificate request
|
||
(D) ISDs SHOULD NOT use this term because it looks like imprecise
|
||
use of a term standardized by PKCS #10 and used in PKIX. Instead,
|
||
use the standard term, "certification request".
|
||
|
||
$ certificate revocation
|
||
(I) The event that occurs when a CA declares that a previously
|
||
valid digital certificate issued by that CA has become invalid;
|
||
usually stated with a revocation date.
|
||
|
||
(C) In X.509, a revocation is announced to potential certificate
|
||
users by issuing a CRL that mentions the certificate. Revocation
|
||
and listing on a CRL is only necessary before certificate
|
||
expiration.
|
||
|
||
$ certificate revocation list (CRL)
|
||
(I) A data structure that enumerates digital certificates that
|
||
have been invalidated by their issuer prior to when they were
|
||
scheduled to expire. (See: certificate expiration, X.509
|
||
certificate revocation list.)
|
||
|
||
(O) "A signed list indicating a set of certificates that are no
|
||
longer considered valid by the certificate issuer. After a
|
||
certificate appears on a CRL, it is deleted from a subsequent CRL
|
||
after the certificate's expiry. CRLs may be used to identify
|
||
revoked public-key certificates or attribute certificates and may
|
||
represent revocation of certificates issued to authorities or to
|
||
users. The term CRL is also commonly used as a generic term
|
||
applying to all the different types of revocation lists, including
|
||
CRLs, ARLs, ACRLs, etc." [FPDAM]
|
||
|
||
$ certificate revocation tree
|
||
(I) A mechanism for distributing notice of certificate
|
||
revocations; uses a tree of hash results that is signed by the
|
||
tree's issuer. Offers an alternative to issuing a CRL, but is not
|
||
supported in X.509. (See: certificate status responder.)
|
||
|
||
$ certificate serial number
|
||
(I) An integer value that (a) is associated with, and may be
|
||
carried in, a digital certificate; (b) is assigned to the
|
||
certificate by the certificate's issuer; and (c) is unique among
|
||
all the certificates produced by that issuer.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 29]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(O) "An integer value, unique within the issuing CA, which is
|
||
unambiguously associated with a certificate issued by that CA."
|
||
[X509]
|
||
|
||
$ certificate status responder
|
||
(N) FPKI usage: A trusted on-line server that acts for a CA to
|
||
provide authenticated certificate status information to
|
||
certificate users. [FPKI] Offers an alternative to issuing a CRL,
|
||
but is not supported in X.509. (See: certificate revocation tree.)
|
||
|
||
$ certificate update
|
||
(I) The act or process by which non-key data items bound in an
|
||
existing public-key certificate, especially authorizations granted
|
||
to the subject, are changed by issuing a new certificate. (See:
|
||
certificate rekey, certificate renewal.)
|
||
|
||
(C) For an X.509 public-key certificate, the essence of this
|
||
process is that fundamental changes are made in the data that is
|
||
bound to the public key, such that it is necessary to revoke the
|
||
old certificate. (Otherwise, the process is only a "certificate
|
||
rekey" or "certificate renewal".)
|
||
|
||
$ certificate user
|
||
(I) A system entity that depends on the validity of information
|
||
(such as another entity's public key value) provided by a digital
|
||
certificate. (See: relying party.)
|
||
|
||
(O) "An entity that needs to know, with certainty, the public key
|
||
of another entity." [X509]
|
||
|
||
(C) The system entity may be a human being or an organization, or
|
||
a device or process under the control of a human or an
|
||
organization.
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for the "subject"
|
||
of a certificate.
|
||
|
||
$ certificate validation
|
||
(I) An act or process by which a certificate user establishes that
|
||
the assertions made by a digital certificate can be trusted. (See:
|
||
valid certificate, validate vs. verify.)
|
||
|
||
(O) "The process of ensuring that a certificate is valid including
|
||
possibly the construction and processing of a certification path,
|
||
and ensuring that all certificates in that path have not expired
|
||
or been revoked." [FPDAM]
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 30]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) To validate a certificate, a certificate user checks that the
|
||
certificate is properly formed and signed and currently in force:
|
||
|
||
- Checks the signature: Employs the issuer's public key to verify
|
||
the digital signature of the CA who issued the certificate in
|
||
question. If the verifier obtains the issuer's public key from
|
||
the issuer's own public-key certificate, that certificate
|
||
should be validated, too. That validation may lead to yet
|
||
another certificate to be validated, and so on. Thus, in
|
||
general, certificate validation involves discovering and
|
||
validating a certification path.
|
||
|
||
- Checks the syntax and semantics: Parses the certificate's
|
||
syntax and interprets its semantics, applying rules specified
|
||
for and by its data fields, such as for critical extensions in
|
||
an X.509 certificate.
|
||
|
||
- Checks currency and revocation: Verifies that the certificate
|
||
is currently in force by checking that the current date and
|
||
time are within the validity period (if that is specified in
|
||
the certificate) and that the certificate is not listed on a
|
||
CRL or otherwise announced as invalid. (CRLs themselves require
|
||
a similar validation process.)
|
||
|
||
$ certification
|
||
(I) Information system usage: Technical evaluation (usually made
|
||
in support of an accreditation action) of an information system's
|
||
security features and other safeguards to establish the extent to
|
||
which the system's design and implementation meet specified
|
||
security requirements. [FP102] (See: accreditation.)
|
||
|
||
(I) Digital certificate usage: The act or process of vouching for
|
||
the truth and accuracy of the binding between data items in a
|
||
certificate. (See: certify.)
|
||
|
||
(I) Public key usage: The act or process of vouching for the
|
||
ownership of a public key by issuing a public-key certificate that
|
||
binds the key to the name of the entity that possesses the
|
||
matching private key. In addition to binding a key to a name, a
|
||
public-key certificate may bind those items to other restrictive
|
||
or explanatory data items. (See: X.509 public-key certificate.)
|
||
|
||
(O) SET usage: "The process of ascertaining that a set of
|
||
requirements or criteria has been fulfilled and attesting to that
|
||
fact to others, usually with some written instrument. A system
|
||
that has been inspected and evaluated as fully compliant with the
|
||
SET protocol by duly authorized parties and process would be said
|
||
to have been certified compliant." [SET2]
|
||
|
||
|
||
|
||
Shirey Informational [Page 31]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ certification authority (CA)
|
||
(I) An entity that issues digital certificates (especially X.509
|
||
certificates) and vouches for the binding between the data items
|
||
in a certificate.
|
||
|
||
(O) "An authority trusted by one or more users to create and
|
||
assign certificates. Optionally, the certification authority may
|
||
create the user's keys." [X509]
|
||
|
||
(C) Certificate users depend on the validity of information
|
||
provided by a certificate. Thus, a CA should be someone that
|
||
certificate users trust, and usually holds an official position
|
||
created and granted power by a government, a corporation, or some
|
||
other organization. A CA is responsible for managing the life
|
||
cycle of certificates (see: certificate management) and, depending
|
||
on the type of certificate and the CPS that applies, may be
|
||
responsible for the life cycle of key pairs associated with the
|
||
certificates (see: key management).
|
||
|
||
$ certification authority workstation (CAW)
|
||
(I) A computer system that enables a CA to issue digital
|
||
certificates and supports other certificate management functions
|
||
as required.
|
||
|
||
$ certification hierarchy
|
||
(I) A tree-structured (loop-free) topology of relationships among
|
||
CAs and the entities to whom the CAs issue public-key
|
||
certificates. (See: hierarchical PKI.)
|
||
|
||
(C) In this structure, one CA is the top CA, the highest level of
|
||
the hierarchy. (See: root, top CA.) The top CA may issue public-
|
||
key certificates to one or more additional CAs that form the
|
||
second highest level. Each of these CAs may issue certificates to
|
||
more CAs at the third highest level, and so on. The CAs at the
|
||
second-lowest of the hierarchy issue certificates only to non-CA
|
||
entities, called "end entities" that form the lowest level. (See:
|
||
end entity.) Thus, all certification paths begin at the top CA and
|
||
descend through zero or more levels of other CAs. All certificate
|
||
users base path validations on the top CA's public key.
|
||
|
||
(O) MISSI usage: A MISSI certification hierarchy has three or four
|
||
levels of CAs:
|
||
|
||
- A CA at the highest level, the top CA, is a "policy approving
|
||
authority".
|
||
- A CA at the second-highest level is a "policy creation
|
||
authority".
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 32]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- A CA at the third-highest level is a local authority called a
|
||
"certification authority".
|
||
- A CA at the fourth-highest (optional) level is a "subordinate
|
||
certification authority".
|
||
|
||
(O) PEM usage: A PEM certification hierarchy has three levels of
|
||
CAs [R1422]:
|
||
|
||
- The highest level is the "Internet Policy Registration
|
||
Authority".
|
||
- A CA at the second-highest level is a "policy certification
|
||
authority".
|
||
- A CA at the third-highest level is a "certification authority".
|
||
|
||
(O) SET usage: A SET certification hierarchy has three or four
|
||
levels of CAs:
|
||
|
||
- The highest level is a "SET root CA".
|
||
- A CA at the second-highest level is a "brand certification
|
||
authority".
|
||
- A CA at the third-highest (optional) level is a "geopolitical
|
||
certification authority".
|
||
- A CA at the fourth-highest level is a "cardholder CA", a
|
||
"merchant CA", or a "payment gateway CA".
|
||
|
||
$ certification path
|
||
(I) An ordered sequence of public-key certificates (or a sequence
|
||
of public-key certificates followed by one attribute certificate)
|
||
that enables a certificate user to verify the signature on the
|
||
last certificate in the path, and thus enables the user to obtain
|
||
a certified public key (or certified attributes) of the entity
|
||
that is the subject of that last certificate. (See: certificate
|
||
validation, valid certificate.)
|
||
|
||
(O) "An ordered sequence of certificates of objects in the [X.500
|
||
Directory Information Tree] which, together with the public key of
|
||
the initial object in the path, can be processed to obtain that of
|
||
the final object in the path." [X509, R2527]
|
||
|
||
(C) The path is the "list of certificates needed to allow a
|
||
particular user to obtain the public key of another." [X509] The
|
||
list is "linked" in the sense that the digital signature of each
|
||
certificate (except the first) is verified by the public key
|
||
contained in the preceding certificate; i.e., the private key used
|
||
to sign a certificate and the public key contained in the
|
||
preceding certificate form a key pair owned by the entity that
|
||
signed.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 33]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) In the X.509 quotation in the previous "C" paragraph, the word
|
||
"particular" points out that a certification path that can be
|
||
validated by one certificate user might not be able to be
|
||
validated by another. That is because either the first certificate
|
||
should be a trusted certificate (it might be a root certificate)
|
||
or the signature on the first certificate should be verified by a
|
||
trusted key (it might be a root key), but such trust is defined
|
||
relative to each user, not absolutely for all users.
|
||
|
||
$ certification policy
|
||
(D) ISDs SHOULD NOT use this term. Instead, use either
|
||
"certificate policy" or "certification practice statement",
|
||
depending on what is meant.
|
||
|
||
$ certification practice statement (CPS)
|
||
(I) "A statement of the practices which a certification authority
|
||
employs in issuing certificates." [ABA96, R2527] (See: certificate
|
||
policy.)
|
||
|
||
(C) A CPS is a published security policy that can help a
|
||
certificate user to decide whether a certificate issued by a
|
||
particular CA can be trusted enough to use in a particular
|
||
application. A CPS may be (a) a declaration by a CA of the details
|
||
of the system and practices it employs in its certificate
|
||
management operations, (b) part of a contract between the CA and
|
||
an entity to whom a certificate is issued, (c) a statute or
|
||
regulation applicable to the CA, or (d) a combination of these
|
||
types involving multiple documents. [ABA]
|
||
|
||
(C) A CPS is usually more detailed and procedurally oriented than
|
||
a certificate policy. A CPS applies to a particular CA or CA
|
||
community, while a certificate policy applies across CAs or
|
||
communities. A CA with a single CPS may support multiple
|
||
certificate policies, which may be used for different application
|
||
purposes or by different user communities. Multiple CAs, each with
|
||
a different CPS, may support the same certificate policy. [R2527]
|
||
|
||
$ certification request
|
||
(I) A algorithm-independent transaction format, defined by PCKS
|
||
#10 and used in PKIX, that contains a DN, a public key, and
|
||
optionally a set of attributes, collectively signed by the entity
|
||
requesting certification, and sent to a CA, which transforms the
|
||
request to an X.509 public-key certificate or another type of
|
||
certificate.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 34]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ certify
|
||
1. (I) Issue a digital certificate and thus vouch for the truth,
|
||
accuracy, and binding between data items in the certificate (e.g.,
|
||
see: X.509 public key certificate), such as the identity of the
|
||
certificate's subject and the ownership of a public key. (See:
|
||
certification.)
|
||
|
||
(C) To "certify a public key" means to issue a public-key
|
||
certificate that vouches for the binding between the certificate's
|
||
subject and the key.
|
||
|
||
2. (I) The act by which a CA employs measures to verify the truth,
|
||
accuracy, and binding between data items in a digital certificate.
|
||
|
||
(C) A description of the measures used for verification should be
|
||
included in the CA's CPS.
|
||
|
||
$ CFB
|
||
See: cipher feedback.
|
||
|
||
$ Challenge Handshake Authentication Protocol (CHAP)
|
||
(I) A peer entity authentication method for PPP, using a randomly-
|
||
generated challenge and requiring a matching response that depends
|
||
on a cryptographic hash of the challenge and a secret key. [R1994]
|
||
(See: challenge-response, PAP.)
|
||
|
||
$ challenge-response
|
||
(I) An authentication process that verifies an identity by
|
||
requiring correct authentication information to be provided in
|
||
response to a challenge. In a computer system, the authentication
|
||
information is usually a value that is required to be computed in
|
||
response to an unpredictable challenge value.
|
||
|
||
$ Challenge-Response Authentication Mechanism (CRAM)
|
||
(I) IMAP4 usage: A mechanism [R2195], intended for use with IMAP4
|
||
AUTHENTICATE, by which an IMAP4 client uses a keyed hash [R2104]
|
||
to authenticate itself to an IMAP4 server. (See: POP3 APOP.)
|
||
|
||
(C) The server includes a unique timestamp in its ready response
|
||
to the client. The client replies with the client's name and the
|
||
hash result of applying MD5 to a string formed from concatenating
|
||
the timestamp with a shared secret that is known only to the
|
||
client and the server.
|
||
|
||
$ channel
|
||
(I) An information transfer path within a system. (See: covert
|
||
channel.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 35]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ CHAP
|
||
See: Challenge Handshake Authentication Protocol.
|
||
|
||
$ checksum
|
||
(I) A value that (a) is computed by a function that is dependent
|
||
on the contents of a data object and (b) is stored or transmitted
|
||
together with the object, for the purpose of detecting changes in
|
||
the data. (See: cyclic redundancy check, data integrity service,
|
||
error detection code, hash, keyed hash, protected checksum.)
|
||
|
||
(C) To gain confidence that a data object has not been changed, an
|
||
entity that later uses the data can compute a checksum and compare
|
||
it with the checksum that was stored or transmitted with the
|
||
object.
|
||
|
||
(C) Computer systems and networks employ checksums (and other
|
||
mechanisms) to detect accidental changes in data. However, active
|
||
wiretapping that changes data could also change an accompanying
|
||
checksum to match the changed data. Thus, some checksum functions
|
||
by themselves are not good countermeasures for active attacks. To
|
||
protect against active attacks, the checksum function needs to be
|
||
well-chosen (see: cryptographic hash), and the checksum result
|
||
needs to be cryptographically protected (see: digital signature,
|
||
keyed hash).
|
||
|
||
$ chosen-ciphertext attack
|
||
(I) A cryptanalysis technique in which the analyst tries to
|
||
determine the key from knowledge of plaintext that corresponds to
|
||
ciphertext selected (i.e., dictated) by the analyst.
|
||
|
||
$ chosen-plaintext attack
|
||
(I) A cryptanalysis technique in which the analyst tries to
|
||
determine the key from knowledge of ciphertext that corresponds to
|
||
plaintext selected (i.e., dictated) by the analyst.
|
||
|
||
$ CIAC
|
||
See: Computer Incident Advisory Capability.
|
||
|
||
$ CIK
|
||
See: cryptographic ignition key.
|
||
|
||
$ cipher
|
||
(I) A cryptographic algorithm for encryption and decryption.
|
||
|
||
$ cipher block chaining (CBC)
|
||
(I) An block cipher mode that enhances electronic codebook mode by
|
||
chaining together blocks of ciphertext it produces. [FP081] (See:
|
||
[R1829], [R2451].)
|
||
|
||
|
||
|
||
Shirey Informational [Page 36]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) This mode operates by combining (exclusive OR-ing) the
|
||
algorithm's ciphertext output block with the next plaintext block
|
||
to form the next input block for the algorithm.
|
||
|
||
$ cipher feedback (CFB)
|
||
(I) An block cipher mode that enhances electronic code book mode
|
||
by chaining together the blocks of ciphertext it produces and
|
||
operating on plaintext segments of variable length less than or
|
||
equal to the block length. [FP081]
|
||
|
||
(C) This mode operates by using the previously generated
|
||
ciphertext segment as the algorithm's input (i.e., by "feeding
|
||
back" the ciphertext) to generate an output block, and then
|
||
combining (exclusive OR-ing) that output block with the next
|
||
plaintext segment (block length or less) to form the next
|
||
ciphertext segment.
|
||
|
||
$ ciphertext
|
||
(I) Data that has been transformed by encryption so that its
|
||
semantic information content (i.e., its meaning) is no longer
|
||
intelligible or directly available. (See: cleartext, plaintext.)
|
||
|
||
(O) "Data produced through the use of encipherment. The semantic
|
||
content of the resulting data is not available." [I7498 Part 2]
|
||
|
||
$ ciphertext-only attack
|
||
(I) A cryptanalysis technique in which the analyst tries to
|
||
determine the key solely from knowledge of intercepted ciphertext
|
||
(although the analyst may also know other clues, such as the
|
||
cryptographic algorithm, the language in which the plaintext was
|
||
written, the subject matter of the plaintext, and some probable
|
||
plaintext words.)
|
||
|
||
$ CIPSO
|
||
See: Common IP Security Option.
|
||
|
||
$ CKL
|
||
See: compromised key list.
|
||
|
||
$ class 2, 3, 4, or 5
|
||
(O) U.S. Department of Defense usage: Levels of PKI assurance
|
||
based on risk and value of information to be protected [DOD3]:
|
||
|
||
- Class 2: For handling low-value information (unclassified, not
|
||
mission-critical, or low monetary value) or protection of
|
||
system-high information in low- to medium-risk environment.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 37]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- Class 3: For handling medium-value information in low- to
|
||
medium-risk environment. Typically requires identification of a
|
||
system entity as a legal person, rather than merely a member of
|
||
an organization.
|
||
|
||
- Class 4: For handling medium- to high-value information in any
|
||
environment. Typically requires identification of an entity as
|
||
a legal person, rather than merely a member of an organization,
|
||
and a cryptographic hardware token for protection of keying
|
||
material.
|
||
|
||
- Class 5: For handling high-value information in a high-risk
|
||
environment.
|
||
|
||
$ classification
|
||
$ classification level
|
||
(I) (1.) A grouping of classified information to which a
|
||
hierarchical, restrictive security label is applied to increase
|
||
protection of the data. (2.) The level of protection that is
|
||
required to be applied to that information. (See: security level.)
|
||
|
||
$ classified
|
||
(I) Refers to information (stored or conveyed, in any form) that
|
||
is formally required by a security policy to be given data
|
||
confidentiality service and to be marked with a security label
|
||
(which in some cases might be implicit) to indicate its protected
|
||
status. (See: unclassified.)
|
||
|
||
(C) The term is mainly used in government, especially in the
|
||
military, although the concept underlying the term also applies
|
||
outside government. In the U.S. Department of Defense, for
|
||
example, it means information that has been determined pursuant to
|
||
Executive Order 12958 ("Classified National Security Information",
|
||
20 April 1995) or any predecessor order to require protection
|
||
against unauthorized disclosure and is marked to indicate its
|
||
classified status when in documentary form.
|
||
|
||
$ clean system
|
||
(I) A computer system in which the operating system and
|
||
application system software and files have just been freshly
|
||
installed from trusted software distribution media.
|
||
|
||
(C) A clean system is not necessarily in a secure state.
|
||
|
||
$ clearance
|
||
See: security clearance.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 38]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ clearance level
|
||
(I) The security level of information to which a security
|
||
clearance authorizes a person to have access.
|
||
|
||
$ cleartext
|
||
(I) Data in which the semantic information content (i.e., the
|
||
meaning) is intelligible or is directly available. (See:
|
||
plaintext.)
|
||
|
||
(O) "Intelligible data, the semantic content of which is
|
||
available." [I7498 Part 2]
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "plaintext",
|
||
the input to an encryption operation, because the plaintext input
|
||
to encryption may itself be ciphertext that was output from
|
||
another operation. (See: superencryption.)
|
||
|
||
$ client
|
||
(I) A system entity that requests and uses a service provided by
|
||
another system entity, called a "server". (See: server.)
|
||
|
||
(C) Usually, the requesting entity is a computer process, and it
|
||
makes the request on behalf of a human user. In some cases, the
|
||
server may itself be a client of some other server.
|
||
|
||
$ CLIPPER chip
|
||
(N) The Mykotronx, Inc. MYK-82, an integrated microcircuit with a
|
||
cryptographic processor that implements the SKIPJACK encryption
|
||
algorithm and supports key escrow. (See: CAPSTONE, Escrowed
|
||
Encryption Standard.)
|
||
|
||
(C) The key escrow scheme for a chip involves a SKIPJACK key
|
||
common to all chips that protects the unique serial number of the
|
||
chip, and a second SKIPJACK key unique to the chip that protects
|
||
all data encrypted by the chip. The second key is escrowed as
|
||
split key components held by NIST and the U.S. Treasury
|
||
Department.
|
||
|
||
$ closed security environment
|
||
(O) U.S. Department of Defense usage: A system environment that
|
||
meets both of the following conditions: (a) Application developers
|
||
(including maintainers) have sufficient clearances and
|
||
authorizations to provide an acceptable presumption that they have
|
||
not introduced malicious logic. (b) Configuration control provides
|
||
sufficient assurance that system applications and the equipment
|
||
they run on are protected against the introduction of malicious
|
||
logic prior to and during the operation of applications. [NCS04]
|
||
(See: open security environment.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 39]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ code
|
||
(I) noun: A system of symbols used to represent information, which
|
||
might originally have some other representation. (See: encode.)
|
||
|
||
(D) ISDs SHOULD NOT use this term as synonym for the following:
|
||
(a) "cipher", "hash", or other words that mean "a cryptographic
|
||
algorithm"; (b) "ciphertext"; or (c) "encrypt", "hash", or other
|
||
words that refer to applying a cryptographic algorithm.
|
||
|
||
(D) ISDs SHOULD NOT this word as an abbreviation for the following
|
||
terms: country code, cyclic redundancy code, Data Authentication
|
||
Code, error detection code, Message Authentication Code, object
|
||
code, or source code. To avoid misunderstanding, use the fully
|
||
qualified term, at least at the point of first usage.
|
||
|
||
$ color change
|
||
(I) In a system that is being operated in periods processing mode,
|
||
the act of purging all information from one processing period and
|
||
then changing over to the next processing period.
|
||
|
||
$ Common Criteria
|
||
$ Common Criteria for Information Technology Security
|
||
(N) "The Common Criteria" is a standard for evaluating information
|
||
technology products and systems, such as operating systems,
|
||
computer networks, distributed systems, and applications. It
|
||
states requirements for security functions and for assurance
|
||
measures. [CCIB]
|
||
|
||
(C) Canada, France, Germany, the Netherlands, the United Kingdom,
|
||
and the United States (NIST and NSA) began developing this
|
||
standard in 1993, based on the European ITSEC, the Canadian
|
||
Trusted Computer Product Evaluation Criteria (CTCPEC), and the
|
||
U.S. "Federal Criteria for Information Technology Security" (FC)
|
||
and its precursor, the TCSEC. Work was done in cooperation with
|
||
ISO/IEC Joint Technical Committee 1 (Information Technology),
|
||
Subcommittee 27 (Security Techniques), Working Group 3 (Security
|
||
Criteria). Version 2.1 of the Criteria is equivalent to ISO's
|
||
International Standard 15408 [I15408]. The U.S. Government intends
|
||
that this standard eventually will supersede both the TCSEC and
|
||
FIPS PUB 140-1. (See: NIAP.)
|
||
|
||
(C) The standard addresses data confidentiality, data integrity,
|
||
and availability and may apply to other aspects of security. It
|
||
focuses on threats to information arising from human activities,
|
||
malicious or otherwise, but may apply to non-human threats. It
|
||
applies to security measures implemented in hardware, firmware, or
|
||
software. It does not apply to (a) administrative security not
|
||
related directly to technical security, (b) technical physical
|
||
|
||
|
||
|
||
Shirey Informational [Page 40]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
aspects of security such as electromagnetic emanation control, (c)
|
||
evaluation methodology or administrative and legal framework under
|
||
which the criteria may be applied, (d) procedures for use of
|
||
evaluation results, or (e) assessment of inherent qualities of
|
||
cryptographic algorithms.
|
||
|
||
$ Common IP Security Option (CIPSO)
|
||
See: (secondary definition under) Internet Protocol Security
|
||
Option.
|
||
|
||
$ common name
|
||
(I) A character string that (a) may be a part of the X.500 DN of a
|
||
Directory object ("commonName" attribute), (b) is a (possibly
|
||
ambiguous) name by which the object is commonly known in some
|
||
limited scope (such as an organization), and (c) conforms to the
|
||
naming conventions of the country or culture with which it is
|
||
associated. [X520] (See: ("subject" and "issuer" under) X.509
|
||
public-key certificate.)
|
||
|
||
(C) For example, "Dr. E. F. Moore", "The United Nations", or
|
||
"12-th Floor Laser Printer".
|
||
|
||
$ communication security (COMSEC)
|
||
(I) Measures that implement and assure security services in a
|
||
communication system, particularly those that provide data
|
||
confidentiality and data integrity and that authenticate
|
||
communicating entities.
|
||
|
||
(C) Usually understood to include cryptographic algorithms and key
|
||
management methods and processes, devices that implement them, and
|
||
the life cycle management of keying material and devices.
|
||
|
||
$ community string
|
||
(I) A community name in the form of an octet string that serves as
|
||
a cleartext password in SNMP version 1. [R1157]
|
||
|
||
$ compartment
|
||
(I) A grouping of sensitive information items that require special
|
||
access controls beyond those normally provided for the basic
|
||
classification level of the information. (See: category.)
|
||
|
||
(C) The term is usually understood to include the special handling
|
||
procedures to be used for the information.
|
||
|
||
$ compromise
|
||
See: data compromise, security compromise.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 41]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ compromised key list (CKL)
|
||
(O) MISSI usage: A list that identifies keys for which
|
||
unauthorized disclosure or alteration may have occurred. (See:
|
||
compromise.)
|
||
|
||
(C) A CKL is issued by an CA, like a CRL is issued. But a CKL
|
||
lists only KMIDs, not subjects that hold the keys, and not
|
||
certificates in which the keys are bound.
|
||
|
||
$ COMPUSEC
|
||
See: computer security.
|
||
|
||
$ computer emergency response team (CERT)
|
||
(I) An organization that studies computer and network INFOSEC in
|
||
order to provide incident response services to victims of attacks,
|
||
publish alerts concerning vulnerabilities and threats, and offer
|
||
other information to help improve computer and network security.
|
||
(See: CSIRT, security incident.)
|
||
|
||
(C) For example, the CERT Coordination Center at Carnegie-Mellon
|
||
University (sometimes called "the" CERT) and the Computer Incident
|
||
Advisory Capability.
|
||
|
||
$ Computer Incident Advisory Capability (CIAC)
|
||
(N) A computer emergency response team in the U.S. Department of
|
||
Energy.
|
||
|
||
$ computer network
|
||
(I) A collection of host computers together with the subnetwork or
|
||
internetwork through which they can exchange data.
|
||
|
||
(C) This definition is intended to cover systems of all sizes and
|
||
types, ranging from the complex Internet to a simple system
|
||
composed of a personal computer dialing in as a remote terminal of
|
||
another computer.
|
||
|
||
$ computer security (COMPUSEC)
|
||
(I) Measures that implement and assure security services in a
|
||
computer system, particularly those that assure access control
|
||
service.
|
||
|
||
(C) Usually understood to include functions, features, and
|
||
technical characteristics of computer hardware and software,
|
||
especially operating systems.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 42]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ computer security incident response team (CSIRT)
|
||
(I) An organization "that coordinates and supports the response to
|
||
security incidents that involve sites within a defined
|
||
constituency." [R2350] (See: CERT, FIRST, security incident.)
|
||
|
||
(C) To be considered a CSIRT, an organization must do as follows:
|
||
|
||
- Provide a (secure) channel for receiving reports about
|
||
suspected security incidents.
|
||
- Provide assistance to members of its constituency in handling
|
||
the incidents.
|
||
- Disseminate incident-related information to its constituency
|
||
and other involved parties.
|
||
|
||
$ computer security object
|
||
(I) The definition or representation of a resource, tool, or
|
||
mechanism used to maintain a condition of security in computerized
|
||
environments. Includes many elements referred to in standards that
|
||
are either selected or defined by separate user communities.
|
||
[CSOR] (See: object identifier, Computer Security Objects
|
||
Register.)
|
||
|
||
$ Computer Security Objects Register (CSOR)
|
||
(N) A service operated by NIST is establishing a catalog for
|
||
computer security objects to provide stable object definitions
|
||
identified by unique names. The use of this register will enable
|
||
the unambiguous specification of security parameters and
|
||
algorithms to be used in secure data exchanges.
|
||
|
||
(C) The CSOR follows registration guidelines established by the
|
||
international standards community and ANSI. Those guidelines
|
||
establish minimum responsibilities for registration authorities
|
||
and assign the top branches of an international registration
|
||
hierarchy. Under that international registration hierarchy the
|
||
CSOR is responsible for the allocation of unique identifiers under
|
||
the branch {joint-iso-ccitt(2) country(16) us(840) gov(101)
|
||
csor(3)}.
|
||
|
||
$ COMSEC
|
||
See: communication security.
|
||
|
||
$ confidentiality
|
||
See: data confidentiality.
|
||
|
||
$ configuration control
|
||
(I) The process of regulating changes to hardware, firmware,
|
||
software, and documentation throughout the development and
|
||
operational life of a system. (See: administrative security.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 43]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) Configuration control helps protect against unauthorized or
|
||
malicious alteration of a system and thus provides assurance of
|
||
system integrity. (See: malicious logic.)
|
||
|
||
$ confinement property
|
||
See: (secondary definition under) Bell-LaPadula Model.
|
||
|
||
$ connectionless data integrity service
|
||
(I) A security service that provides data integrity service for an
|
||
individual IP datagram, by detecting modification of the datagram,
|
||
without regard to the ordering of the datagram in a stream of
|
||
datagrams.
|
||
|
||
(C) A connection-oriented data integrity service would be able to
|
||
detect lost or reordered datagrams within a stream of datagrams.
|
||
|
||
$ contingency plan
|
||
(I) A plan for emergency response, backup operations, and post-
|
||
disaster recovery in a system as part of a security program to
|
||
ensure availability of critical system resources and facilitate
|
||
continuity of operations in a crisis. [NCS04] (See: availability.)
|
||
|
||
$ controlled security mode
|
||
(D) ISDs SHOULD NOT use this term. It was defined in an earlier
|
||
version of the U.S. Department of Defense policy that regulates
|
||
system accreditation, but was subsumed by "partitioned security
|
||
mode" in the current version. [DOD2]
|
||
|
||
(C) The term refers to a mode of operation of an information
|
||
system, wherein at least some users with access to the system have
|
||
neither a security clearance nor a need-to-know for all classified
|
||
material contained in the system. However, separation and control
|
||
of users and classified material on the basis, respectively, of
|
||
clearance and classification level are not essentially under
|
||
operating system control like they are in "multilevel security
|
||
mode".
|
||
|
||
(C) Controlled mode was intended to encourage ingenuity in meeting
|
||
the security requirements of Defense policy in ways less
|
||
restrictive than "dedicated security mode" and "system high
|
||
security mode", but at a level of risk lower than that generally
|
||
associated with the true "multilevel security mode". This was to
|
||
be accomplished by implementation of explicit augmenting measures
|
||
to reduce or remove a substantial measure of system software
|
||
vulnerability together with specific limitation of the security
|
||
clearance levels of users permitted concurrent access to the
|
||
system.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 44]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ cookie
|
||
(I) access control usage: A synonym for "capability" or "ticket"
|
||
in an access control system.
|
||
|
||
(I) IPsec usage: Data exchanged by ISAKMP to prevent certain
|
||
denial-of-service attacks during the establishment of a security
|
||
association.
|
||
|
||
(I) HTTP usage: Data exchanged between an HTTP server and a
|
||
browser (a client of the server) to store state information on the
|
||
client side and retrieve it later for server use.
|
||
|
||
(C) An HTTP server, when sending data to a client, may send along
|
||
a cookie, which the client retains after the HTTP connection
|
||
closes. A server can use this mechanism to maintain persistent
|
||
client-side state information for HTTP-based applications,
|
||
retrieving the state information in later connections. A cookie
|
||
may include a description of the range of URLs for which the state
|
||
is valid. Future requests made by the client in that range will
|
||
also send the current value of the cookie to the server. Cookies
|
||
can be used to generate profiles of web usage habits, and thus may
|
||
infringe on personal privacy.
|
||
|
||
$ Coordinated Universal Time (UTC)
|
||
(N) UTC is derived from International Atomic Time (TAI) by adding
|
||
a number of leap seconds. The International Bureau of Weights and
|
||
Measures computes TAI once each month by averaging data from many
|
||
laboratories. (See: GeneralizedTime, UTCTime.)
|
||
|
||
$ copy
|
||
See: card copy.
|
||
|
||
$ correctness integrity
|
||
(I) Accuracy and consistency of the information that data values
|
||
represent, rather than of the data itself. Closely related to
|
||
issues of accountability and error handling. (See: data integrity,
|
||
source integrity.)
|
||
|
||
$ correctness proof
|
||
(I) A mathematical proof of consistency between a specification
|
||
for system security and the implementation of that specification.
|
||
(See: formal specification.)
|
||
|
||
$ countermeasure
|
||
(I) An action, device, procedure, or technique that reduces a
|
||
threat, a vulnerability, or an attack by eliminating or preventing
|
||
it, by minimizing the harm it can cause, or by discovering and
|
||
reporting it so that corrective action can be taken.
|
||
|
||
|
||
|
||
Shirey Informational [Page 45]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) In an Internet protocol, a countermeasure may take the form of
|
||
a protocol feature, an element function, or a usage constraint.
|
||
|
||
$ country code
|
||
(I) An identifier that is defined for a nation by ISO. [I3166]
|
||
|
||
(C) For each nation, ISO Standard 3166 defines a unique two-
|
||
character alphabetic code, a unique three-character alphabetic
|
||
code, and a three-digit code. Among many uses of these codes, the
|
||
two-character codes are used as top-level domain names.
|
||
|
||
$ covert channel
|
||
(I) A intra-system channel that permits two cooperating entities,
|
||
without exceeding their access authorizations, to transfer
|
||
information in a way that violates the system's security policy.
|
||
(See: channel, out of band.)
|
||
|
||
(O) "A communications channel that allows two cooperating
|
||
processes to transfer information in a manner that violates the
|
||
system's security policy." [NCS04]
|
||
|
||
(C) The cooperating entities can be either two insiders or an
|
||
insider and an outsider. Of course, an outsider has no access
|
||
authorization at all. A covert channel is a system feature that
|
||
the system architects neither designed nor intended for
|
||
information transfer:
|
||
|
||
- "Timing channel": A system feature that enable one system
|
||
entity to signal information to another by modulating its own
|
||
use of a system resource in such a way as to affect system
|
||
response time observed by the second entity.
|
||
|
||
- "Storage channel": A system feature that enables one system
|
||
entity to signal information to another entity by directly or
|
||
indirectly writing a storage location that is later directly or
|
||
indirectly read by the second entity.
|
||
|
||
$ CPS
|
||
See: certification practice statement.
|
||
|
||
$ cracker
|
||
(I) Someone who tries to break the security of, and gain access
|
||
to, someone else's system without being invited to do so. (See:
|
||
hacker and intruder.)
|
||
|
||
$ CRAM
|
||
See: Challenge-Response Authentication Mechanism.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 46]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ CRC
|
||
See: cyclic redundancy check.
|
||
|
||
$ credential(s)
|
||
(I) Data that is transferred or presented to establish either a
|
||
claimed identity or the authorizations of a system entity. (See:
|
||
authentication information, capability, ticket.)
|
||
|
||
(O) "Data that is transferred to establish the claimed identity of
|
||
an entity." [I7498 Part 2]
|
||
|
||
$ critical
|
||
1. (I) "Critical" system resource: A condition of a service or
|
||
other system resource such that denial of access to (i.e., lack of
|
||
availability of) that resource would jeopardize a system user's
|
||
ability to perform a primary function or would result in other
|
||
serious consequences. (See: availability, sensitive.)
|
||
|
||
2. (N) "Critical" extension: Each extension of an X.509
|
||
certificate (or CRL) is marked as being either critical or non-
|
||
critical. If an extension is critical and a certificate user (or
|
||
CRL user) does not recognize the extension type or does not
|
||
implement its semantics, then the user is required to treat the
|
||
certificate (or CRL) as invalid. If an extension is non-critical,
|
||
a user that does not recognize or implement that extension type is
|
||
permitted to ignore the extension and process the rest of the
|
||
certificate (or CRL).
|
||
|
||
$ CRL
|
||
See: certificate revocation list.
|
||
|
||
$ CRL distribution point
|
||
See: distribution point.
|
||
|
||
$ CRL extension
|
||
See: extension.
|
||
|
||
$ cross-certificate
|
||
See: cross-certification.
|
||
|
||
$ cross-certification
|
||
(I) The act or process by which two CAs each certify a public key
|
||
of the other, issuing a public-key certificate to that other CA.
|
||
|
||
(C) Cross-certification enables users to validate each other's
|
||
certificate when the users are certified under different
|
||
certification hierarchies.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 47]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ cryptanalysis
|
||
(I) The mathematical science that deals with analysis of a
|
||
cryptographic system in order to gain knowledge needed to break or
|
||
circumvent the protection that the system is designed to provide.
|
||
(See: cryptology.)
|
||
|
||
(O) "The analysis of a cryptographic system and/or its inputs and
|
||
outputs to derive confidential variables and/or sensitive data
|
||
including cleartext." [I7498 Part 2]
|
||
|
||
(C) The "O" definition states the traditional goal of
|
||
cryptanalysis--convert the ciphertext to plaintext (which usually
|
||
is cleartext) without knowing the key--but that definition applies
|
||
only to encryption systems. Today, the term is used with reference
|
||
to all kinds of cryptographic algorithms and key management, and
|
||
the "I" definition reflects that. In all cases, however, a
|
||
cryptanalyst tries to uncover or reproduce someone else's
|
||
sensitive data, such as cleartext, a key, or an algorithm. The
|
||
basic cryptanalytic attacks on encryption systems are ciphertext-
|
||
only, known-plaintext, chosen-plaintext, and chosen-ciphertext;
|
||
and these generalize to the other kinds of cryptography.
|
||
|
||
$ crypto
|
||
(D) Except as part of certain long-established terms listed in
|
||
this Glossary, ISDs SHOULD NOT use this abbreviated term because
|
||
it may be misunderstood. Instead, use "cryptography" or
|
||
"cryptographic".
|
||
|
||
$ cryptographic algorithm
|
||
(I) An algorithm that employs the science of cryptography,
|
||
including encryption algorithms, cryptographic hash algorithms,
|
||
digital signature algorithms, and key agreement algorithms.
|
||
|
||
$ cryptographic application programming interface (CAPI)
|
||
(I) The source code formats and procedures through which an
|
||
application program accesses cryptographic services, which are
|
||
defined abstractly compared to their actual implementation. For
|
||
example, see: PKCS #11, [R2628].
|
||
|
||
$ cryptographic card
|
||
(I) A cryptographic token in the form of a smart card or a PC
|
||
card.
|
||
|
||
$ cryptographic component
|
||
(I) A generic term for any system component that involves
|
||
cryptography. (See: cryptographic module.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 48]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ cryptographic hash
|
||
See: (secondary definition under) hash function.
|
||
|
||
$ cryptographic ignition key (CIK)
|
||
(I) A physical (usually electronic) token used to store,
|
||
transport, and protect cryptographic keys. (Sometimes abbreviated
|
||
as "crypto ignition key".)
|
||
|
||
(C) A typical use is to divide a split key between a CIK and a
|
||
cryptographic module, so that it is necessary to combine the two
|
||
to regenerate a key-encrypting key and thus activate the module
|
||
and other keys it contains.
|
||
|
||
$ cryptographic key
|
||
(I) Usually shortened to just "key". An input parameter that
|
||
varies the transformation performed by a cryptographic algorithm.
|
||
|
||
(O) "A sequence of symbols that controls the operations of
|
||
encipherment and decipherment." [I7498 Part 2]
|
||
|
||
(C) If a key value needs to be kept secret, the sequence of
|
||
symbols (usually bits) that comprise it should be random, or at
|
||
least pseudo-random, because that makes the key hard for an
|
||
adversary to guess. (See: cryptanalysis, brute force attack.)
|
||
|
||
$ Cryptographic Message Syntax (CMS)
|
||
(I) A encapsulation syntax for digital signatures, hashes, and
|
||
encryption of arbitrary messages. [R2630]
|
||
|
||
(C) CMS was derived from PKCS #7. CMS values are specified with
|
||
ASN.1 and use BER encoding. The syntax permits multiple
|
||
encapsulation with nesting, permits arbitrary attributes to be
|
||
signed along with message content, and supports a variety of
|
||
architectures for digital certificate-based key management.
|
||
|
||
$ cryptographic module
|
||
(I) A set of hardware, software, firmware, or some combination
|
||
thereof that implements cryptographic logic or processes,
|
||
including cryptographic algorithms, and is contained within the
|
||
module's cryptographic boundary, which is an explicitly defined
|
||
contiguous perimeter that establishes the physical bounds of the
|
||
module. [FP140]
|
||
|
||
$ cryptographic system
|
||
(I) A set of cryptographic algorithms together with the key
|
||
management processes that support use of the algorithms in some
|
||
application context.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 49]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) This "I" definition covers a wider range of algorithms than
|
||
the following "O" definition:
|
||
|
||
(O) "A collection of transformations from plaintext into
|
||
ciphertext and vice versa [which would exclude digital signature,
|
||
cryptographic hash, and key agreement algorithms], the particular
|
||
transformation(s) to be used being selected by keys. The
|
||
transformations are normally defined by a mathematical algorithm."
|
||
[X509]
|
||
|
||
$ cryptographic token
|
||
(I) A portable, user-controlled, physical device used to store
|
||
cryptographic information and possibly perform cryptographic
|
||
functions. (See: cryptographic card, token.)
|
||
|
||
(C) A smart token may implement some set of cryptographic
|
||
algorithms and may implement related algorithms and key management
|
||
functions, such as a random number generator. A smart
|
||
cryptographic token may contain a cryptographic module or may not
|
||
be explicitly designed that way.
|
||
|
||
$ cryptography
|
||
(I) The mathematical science that deals with transforming data to
|
||
render its meaning unintelligible (i.e., to hide its semantic
|
||
content), prevent its undetected alteration, or prevent its
|
||
unauthorized use. If the transformation is reversible,
|
||
cryptography also deals with restoring encrypted data to
|
||
intelligible form. (See: cryptology, steganography.)
|
||
|
||
(O) "The discipline which embodies principles, means, and methods
|
||
for the transformation of data in order to hide its information
|
||
content, prevent its undetected modification and/or prevent its
|
||
unauthorized use. . . . Cryptography determines the methods used
|
||
in encipherment and decipherment." [I7498 Part 2]
|
||
|
||
$ Cryptoki
|
||
See: (secondary definition under) PKCS #11.
|
||
|
||
$ cryptology
|
||
(I) The science that includes both cryptography and cryptanalysis,
|
||
and sometimes is said to include steganography.
|
||
|
||
$ cryptonet
|
||
(I) A group of system entities that share a secret cryptographic
|
||
key for a symmetric algorithm.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 50]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ cryptoperiod
|
||
(I) The time span during which a particular key is authorized to
|
||
be used in a cryptographic system. (See: key management.)
|
||
|
||
(C) A cryptoperiod is usually stated in terms of calendar or clock
|
||
time, but sometimes is stated in terms of the maximum amount of
|
||
data permitted to be processed by a cryptographic algorithm using
|
||
the key. Specifying a cryptoperiod involves a tradeoff between the
|
||
cost of rekeying and the risk of successful cryptanalysis.
|
||
|
||
(C) Although we deprecate its prefix, this term is long-
|
||
established in COMPUSEC usage. (See: crypto) In the context of
|
||
certificates and public keys, "key lifetime" and "validity period"
|
||
are often used instead.
|
||
|
||
$ cryptosystem
|
||
(D) ISDs SHOULD NOT use this term as an abbreviation for
|
||
cryptographic system. (For rationale, see: crypto.)
|
||
|
||
$ CSIRT
|
||
See: computer security incident response team.
|
||
|
||
$ CSOR
|
||
See: Computer Security Objects Register.
|
||
|
||
$ cut-and-paste attack
|
||
(I) An active attack on the data integrity of ciphertext, effected
|
||
by replacing sections of ciphertext with other ciphertext, such
|
||
that the result appears to decrypt correctly but actually decrypts
|
||
to plaintext that is forged to the satisfaction of the attacker.
|
||
|
||
$ cyclic redundancy check (CRC)
|
||
(I) Sometimes called "cyclic redundancy code". A type of checksum
|
||
algorithm that is not a cryptographic hash but is used to
|
||
implement data integrity service where accidental changes to data
|
||
are expected.
|
||
|
||
$ DAC
|
||
See: Data Authentication Code, discretionary access control.
|
||
|
||
$ DASS
|
||
See: Distributed Authentication Security Service.
|
||
|
||
$ data
|
||
(I) Information in a specific physical representation, usually a
|
||
sequence of symbols that have meaning; especially a representation
|
||
of information that can be processed or produced by a computer.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 51]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ Data Authentication Algorithm
|
||
(N) A keyed hash function equivalent to DES cipher block chaining
|
||
with IV = 0. [A9009]
|
||
|
||
(D) ISDs SHOULD NOT use the uncapitalized form of this term as a
|
||
synonym for other kinds of checksums.
|
||
|
||
$ data authentication code vs. Data Authentication Code (DAC)
|
||
1. (N) Capitalized: "The Data Authentication Code" refers to a
|
||
U.S. Government standard [FP113] for a checksum that is computed
|
||
by the Data Authentication Algorithm. (Also known as the ANSI
|
||
standard Message Authentication Code [A9009].)
|
||
|
||
2. (D) Not capitalized: ISDs SHOULD NOT use "data authentication
|
||
code" as a synonym for another kind of checksum, because this term
|
||
mixes concepts in a potentially misleading way. (See:
|
||
authentication code.) Instead, use "checksum", "error detection
|
||
code", "hash", "keyed hash", "Message Authentication Code", or
|
||
"protected checksum", depending on what is meant.
|
||
|
||
$ data compromise
|
||
(I) A security incident in which information is exposed to
|
||
potential unauthorized access, such that unauthorized disclosure,
|
||
alteration, or use of the information may have occurred. (See:
|
||
compromise.)
|
||
|
||
$ data confidentiality
|
||
(I) "The property that information is not made available or
|
||
disclosed to unauthorized individuals, entities, or processes
|
||
[i.e., to any unauthorized system entity]." [I7498 Part 2]. (See:
|
||
data confidentiality service.)
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "privacy",
|
||
which is a different concept.
|
||
|
||
$ data confidentiality service
|
||
(I) A security service that protects data against unauthorized
|
||
disclosure. (See: data confidentiality.)
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "privacy",
|
||
which is a different concept.
|
||
|
||
$ Data Encryption Algorithm (DEA)
|
||
(N) A symmetric block cipher, defined as part of the U.S.
|
||
Government's Data Encryption Standard. DEA uses a 64-bit key, of
|
||
which 56 bits are independently chosen and 8 are parity bits, and
|
||
maps a 64-bit block into another 64-bit block. [FP046] (See: DES,
|
||
symmetric cryptography.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 52]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) This algorithm is usually referred to as "DES". The algorithm
|
||
has also been adopted in standards outside the Government (e.g.,
|
||
[A3092]).
|
||
|
||
$ data encryption key (DEK)
|
||
(I) A cryptographic key that is used to encipher application data.
|
||
(See: key-encrypting key.)
|
||
|
||
$ Data Encryption Standard (DES)
|
||
(N) A U.S. Government standard [FP046] that specifies the Data
|
||
Encryption Algorithm and states policy for using the algorithm to
|
||
protect unclassified, sensitive data. (See: AES, DEA.)
|
||
|
||
$ data integrity
|
||
(I) The property that data has not been changed, destroyed, or
|
||
lost in an unauthorized or accidental manner. (See: data integrity
|
||
service.)
|
||
|
||
(O) "The property that information has not been modified or
|
||
destroyed in an unauthorized manner." [I7498 Part 2]
|
||
|
||
(C) Deals with constancy of and confidence in data values, not
|
||
with the information that the values represent (see: correctness
|
||
integrity) or the trustworthiness of the source of the values
|
||
(see: source integrity).
|
||
|
||
$ data integrity service
|
||
(I) A security service that protects against unauthorized changes
|
||
to data, including both intentional change or destruction and
|
||
accidental change or loss, by ensuring that changes to data are
|
||
detectable. (See: data integrity.)
|
||
|
||
(C) A data integrity service can only detect a change and report
|
||
it to an appropriate system entity; changes cannot be prevented
|
||
unless the system is perfect (error-free) and no malicious user
|
||
has access. However, a system that offers data integrity service
|
||
might also attempt to correct and recover from changes.
|
||
|
||
(C) Relationship between data integrity service and authentication
|
||
services: Although data integrity service is defined separately
|
||
from data origin authentication service and peer entity
|
||
authentication service, it is closely related to them.
|
||
Authentication services depend, by definition, on companion data
|
||
integrity services. Data origin authentication service provides
|
||
verification that the identity of the original source of a
|
||
received data unit is as claimed; there can be no such
|
||
verification if the data unit has been altered. Peer entity
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 53]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
authentication service provides verification that the identity of
|
||
a peer entity in a current association is as claimed; there can be
|
||
no such verification if the claimed identity has been altered.
|
||
|
||
$ data origin authentication
|
||
(I) "The corroboration that the source of data received is as
|
||
claimed." [I7498 Part 2] (See: authentication.)
|
||
|
||
$ data origin authentication service
|
||
(I) A security service that verifies the identity of a system
|
||
entity that is claimed to be the original source of received data.
|
||
(See: authentication, authentication service.)
|
||
|
||
(C) This service is provided to any system entity that receives or
|
||
holds the data. Unlike peer entity authentication service, this
|
||
service is independent of any association between the originator
|
||
and the recipient, and the data in question may have originated at
|
||
any time in the past.
|
||
|
||
(C) A digital signature mechanism can be used to provide this
|
||
service, because someone who does not know the private key cannot
|
||
forge the correct signature. However, by using the signer's public
|
||
key, anyone can verify the origin of correctly signed data.
|
||
|
||
(C) This service is usually bundled with connectionless data
|
||
integrity service. (See: (relationship between data integrity
|
||
service and authentication services under) data integrity service.
|
||
|
||
$ data privacy
|
||
(D) ISDs SHOULD NOT use this term because it mix concepts in a
|
||
potentially misleading way. Instead, use either "data
|
||
confidentiality" or "privacy", depending on what is meant.
|
||
|
||
$ data security
|
||
(I) The protection of data from disclosure, alteration,
|
||
destruction, or loss that either is accidental or is intentional
|
||
but unauthorized.
|
||
|
||
(C) Both data confidentiality service and data integrity service
|
||
are needed to achieve data security.
|
||
|
||
$ datagram
|
||
(I) "A self-contained, independent entity of data carrying
|
||
sufficient information to be routed from the source to the
|
||
destination." [R1983]
|
||
|
||
$ DEA
|
||
See: Data Encryption Algorithm.
|
||
|
||
|
||
|
||
Shirey Informational [Page 54]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ deception
|
||
See: (secondary definition under) threat consequence.
|
||
|
||
$ decipher
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "decrypt",
|
||
except in special circumstances. (See: (usage discussion under)
|
||
encryption.)
|
||
|
||
$ decipherment
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "decryption",
|
||
except in special circumstances. (See: (usage discussion under)
|
||
encryption.)
|
||
|
||
$ decode
|
||
(I) Convert encoded data back to its original form of
|
||
representation. (See: decrypt.)
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "decrypt",
|
||
because that would mix concepts in a potentially misleading way.
|
||
|
||
$ decrypt
|
||
(I) Cryptographically restore ciphertext to the plaintext form it
|
||
had before encryption.
|
||
|
||
$ decryption
|
||
See: (secondary definition under) encryption.
|
||
|
||
$ dedicated security mode
|
||
(I) A mode of operation of an information system, wherein all
|
||
users have the clearance or authorization, and the need-to-know,
|
||
for all data handled by the system. In this mode, the system may
|
||
handle either a single classification level or category of
|
||
information or a range of levels and categories. [DOD2]
|
||
|
||
(C) This mode is defined formally in U.S. Department of Defense
|
||
policy regarding system accreditation, but the term is also used
|
||
outside the Defense Department and outside the Government.
|
||
|
||
$ default account
|
||
(I) A system login account (usually accessed with a user name and
|
||
password) that has been predefined in a manufactured system to
|
||
permit initial access when the system is first put into service.
|
||
|
||
(C) Sometimes, the default user name and password are the same in
|
||
each copy of the system. In any case, when the system is put into
|
||
service, the default password should immediately be changed or the
|
||
default account should be disabled.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 55]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ degauss
|
||
(N) Apply a magnetic field to permanently remove, erase, or clear
|
||
data from a magnetic storage medium, such as a tape or disk
|
||
[NCS25]. Reduce magnetic flux density to zero by applying a
|
||
reversing magnetic field.
|
||
|
||
$ degausser
|
||
(N) An electrical device that can degauss magnetic storage media.
|
||
|
||
$ DEK
|
||
See: data encryption key.
|
||
|
||
$ delta CRL
|
||
(I) A partial CRL that only contains entries for X.509
|
||
certificates that have been revoked since the issuance of a prior,
|
||
base CRL. This method can be used to partition CRLs that become
|
||
too large and unwieldy.
|
||
|
||
$ denial of service
|
||
(I) The prevention of authorized access to a system resource or
|
||
the delaying of system operations and functions. (See:
|
||
availability, critical (resource of a system), flooding.)
|
||
|
||
$ DES
|
||
See: Data Encryption Standard.
|
||
|
||
$ dictionary attack
|
||
(I) An attack that uses a brute-force technique of successively
|
||
trying all the words in some large, exhaustive list.
|
||
|
||
(C) For example, an attack on an authentication service by trying
|
||
all possible passwords; or an attack on encryption by encrypting
|
||
some known plaintext phrase with all possible keys so that the key
|
||
for any given encrypted message containing that phrase may be
|
||
obtained by lookup.
|
||
|
||
$ Diffie-Hellman
|
||
(N) A key agreement algorithm published in 1976 by Whitfield
|
||
Diffie and Martin Hellman [DH76, R2631].
|
||
|
||
(C) Diffie-Hellman does key establishment, not encryption.
|
||
However, the key that it produces may be used for encryption, for
|
||
further key management operations, or for any other cryptography.
|
||
|
||
(C) The difficulty of breaking Diffie-Hellman is considered to be
|
||
equal to the difficulty of computing discrete logarithms modulo a
|
||
large prime. The algorithm is described in [R2631] and [Schn]. In
|
||
brief, Alice and Bob together pick large integers that satisfy
|
||
|
||
|
||
|
||
Shirey Informational [Page 56]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
certain mathematical conditions, and then use the integers to each
|
||
separately compute a public-private key pair. They send each other
|
||
their public key. Each person uses their own private key and the
|
||
other person's public key to compute a key, k, that, because of
|
||
the mathematics of the algorithm, is the same for each of them.
|
||
Passive wiretapping cannot learn the shared k, because k is not
|
||
transmitted, and neither are the private keys needed to compute k.
|
||
However, without additional mechanisms to authenticate each party
|
||
to the other, a protocol based on the algorithm may be vulnerable
|
||
to a man-in-the-middle attack.
|
||
|
||
$ digest
|
||
See: message digest.
|
||
|
||
$ digital certificate
|
||
(I) A certificate document in the form of a digital data object (a
|
||
data object used by a computer) to which is appended a computed
|
||
digital signature value that depends on the data object. (See:
|
||
attribute certificate, capability, public-key certificate.)
|
||
|
||
(D) ISDs SHOULD NOT use this term to refer to a signed CRL or CKL.
|
||
Although the recommended definition can be interpreted to include
|
||
those items, the security community does not use the term with
|
||
those meanings.
|
||
|
||
$ digital certification
|
||
(D) ISDs SHOULD NOT use this term as a synonym for
|
||
"certification", unless the context is not sufficient to
|
||
distinguish between digital certification and another kind of
|
||
certification, in which case it would be better to use "public-key
|
||
certification" or another phrase that indicates what is being
|
||
certified.
|
||
|
||
$ digital document
|
||
(I) An electronic data object that represents information
|
||
originally written in a non-electronic, non-magnetic medium
|
||
(usually ink on paper) or is an analogue of a document of that
|
||
type.
|
||
|
||
$ digital envelope
|
||
(I) A digital envelope for a recipient is a combination of (a)
|
||
encrypted content data (of any kind) and (b) the content
|
||
encryption key in an encrypted form that has been prepared for the
|
||
use of the recipient.
|
||
|
||
(C) In ISDs, this term should be defined at the point of first use
|
||
because, although the term is defined in PKCS #7 and used in
|
||
S/MIME, it is not yet widely established.
|
||
|
||
|
||
|
||
Shirey Informational [Page 57]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) Digital enveloping is not simply a synonym for implementing
|
||
data confidentiality with encryption; digital enveloping is a
|
||
hybrid encryption scheme to "seal" a message or other data, by
|
||
encrypting the data and sending both it and a protected form of
|
||
the key to the intended recipient, so that no one other than the
|
||
intended recipient can "open" the message. In PCKS #7, it means
|
||
first encrypting the data using a symmetric encryption algorithm
|
||
and a secret key, and then encrypting the secret key using an
|
||
asymmetric encryption algorithm and the public key of the intended
|
||
recipient. In S/MIME, additional methods are defined for
|
||
conveying the content encryption key.
|
||
|
||
$ Digital ID(service mark)
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "digital
|
||
certificate" because (a) it is the service mark of a commercial
|
||
firm, (b) it unnecessarily duplicates the meaning of other, well-
|
||
established terms, and (c) a certificate is not always used as
|
||
authentication information. In some contexts, however, it may be
|
||
useful to explain that the key conveyed in a public-key
|
||
certificate can be used to verify an identity and, therefore, that
|
||
the certificate can be thought of as digital identification
|
||
information. (See: identification information.)
|
||
|
||
$ digital key
|
||
(C) The adjective "digital" need not be used with "key" or
|
||
"cryptographic key", unless the context is insufficient to
|
||
distinguish the digital key from another kind of key, such as a
|
||
metal key for a door lock.
|
||
|
||
$ digital notary
|
||
(I) Analogous to a notary public. Provides a trusted date-and-time
|
||
stamp for a document, so that someone can later prove that the
|
||
document existed at a point in time. May also verify the
|
||
signature(s) on a signed document before applying the stamp. (See:
|
||
notarization.)
|
||
|
||
$ digital signature
|
||
(I) A value computed with a cryptographic algorithm and appended
|
||
to a data object in such a way that any recipient of the data can
|
||
use the signature to verify the data's origin and integrity. (See:
|
||
data origin authentication service, data integrity service,
|
||
digitized signature, electronic signature, signer.)
|
||
|
||
(I) "Data appended to, or a cryptographic transformation of, a
|
||
data unit that allows a recipient of the data unit to prove the
|
||
source and integrity of the data unit and protect against forgery,
|
||
e.g. by the recipient." [I7498 Part 2]
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 58]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) Typically, the data object is first input to a hash function,
|
||
and then the hash result is cryptographically transformed using a
|
||
private key of the signer. The final resulting value is called the
|
||
digital signature of the data object. The signature value is a
|
||
protected checksum, because the properties of a cryptographic hash
|
||
ensure that if the data object is changed, the digital signature
|
||
will no longer match it. The digital signature is unforgeable
|
||
because one cannot be certain of correctly creating or changing
|
||
the signature without knowing the private key of the supposed
|
||
signer.
|
||
|
||
(C) Some digital signature schemes use a asymmetric encryption
|
||
algorithm (e.g., see: RSA) to transform the hash result. Thus,
|
||
when Alice needs to sign a message to send to Bob, she can use her
|
||
private key to encrypt the hash result. Bob receives both the
|
||
message and the digital signature. Bob can use Alice's public key
|
||
to decrypt the signature, and then compare the plaintext result to
|
||
the hash result that he computes by hashing the message himself.
|
||
If the values are equal, Bob accepts the message because he is
|
||
certain that it is from Alice and has arrived unchanged. If the
|
||
values are not equal, Bob rejects the message because either the
|
||
message or the signature was altered in transit.
|
||
|
||
(C) Other digital signature schemes (e.g., see: DSS) transform the
|
||
hash result with an algorithm (e.g., see: DSA, El Gamal) that
|
||
cannot be directly used to encrypt data. Such a scheme creates a
|
||
signature value from the hash and provides a way to verify the
|
||
signature value, but does not provide a way to recover the hash
|
||
result from the signature value. In some countries, such a scheme
|
||
may improve exportability and avoid other legal constraints on
|
||
usage.
|
||
|
||
$ Digital Signature Algorithm (DSA)
|
||
(N) An asymmetric cryptographic algorithm that produces a digital
|
||
signature in the form of a pair of large numbers. The signature is
|
||
computed using rules and parameters such that the identity of the
|
||
signer and the integrity of the signed data can be verified. (See:
|
||
Digital Signature Standard.)
|
||
|
||
$ Digital Signature Standard (DSS)
|
||
(N) The U.S. Government standard [FP186] that specifies the
|
||
Digital Signature Algorithm (DSA), which involves asymmetric
|
||
cryptography.
|
||
|
||
$ digital watermarking
|
||
(I) Computing techniques for inseparably embedding unobtrusive
|
||
marks or labels as bits in digital data--text, graphics, images,
|
||
video, or audio--and for detecting or extracting the marks later.
|
||
|
||
|
||
|
||
Shirey Informational [Page 59]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) The set of embedded bits (the digital watermark) is sometimes
|
||
hidden, usually imperceptible, and always intended to be
|
||
unobtrusive. Depending on the particular technique that is used,
|
||
digital watermarking can assist in proving ownership, controlling
|
||
duplication, tracing distribution, ensuring data integrity, and
|
||
performing other functions to protect intellectual property
|
||
rights. [ACM]
|
||
|
||
$ digitized signature
|
||
(D) ISDs SHOULD NOT use this term because there is no current
|
||
consensus on its definition. Although it appears to be used mainly
|
||
to refer to various forms of digitized images of handwritten
|
||
signatures, the term should be avoided because it might be
|
||
confused with "digital signature".
|
||
|
||
$ directory
|
||
$ Directory
|
||
See: directory vs. Directory.
|
||
|
||
$ Directory Access Protocol (DAP)
|
||
(N) An OSI protocol [X519] for communication between a Directory
|
||
User Agent (a client) and a Directory System Agent (a server).
|
||
(See: Lightweight Directory Access Protocol.)
|
||
|
||
$ directory vs. Directory
|
||
1. (I) Not capitalized: The term "directory" refers generically to
|
||
a database server or other system that provides information--such
|
||
as a digital certificate or CRL--about an entity whose name is
|
||
known.
|
||
|
||
2. (I) Capitalized: "Directory" refers specifically to the X.500
|
||
Directory. (See: repository.)
|
||
|
||
$ disaster plan
|
||
(D) A synonym for "contingency plan". In the interest of
|
||
consistency, ISDs SHOULD use "contingency plan" instead of
|
||
"disaster plan".
|
||
|
||
$ disclosure (i.e., unauthorized disclosure)
|
||
See: (secondary definition under) threat consequence.
|
||
|
||
$ discretionary access control (DAC)
|
||
(I) An access control service that enforces a security policy
|
||
based on the identity of system entities and their authorizations
|
||
to access system resources. (See: access control list, identity-
|
||
based security policy, mandatory access control.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 60]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) This service is termed "discretionary" because an entity might
|
||
have access rights that permit the entity, by its own volition, to
|
||
enable another entity to access some resource.
|
||
|
||
(O) "A means of restricting access to objects based on the
|
||
identity of subjects and/or groups to which they belong. The
|
||
controls are discretionary in the sense that a subject with a
|
||
certain access permission is capable of passing that permission
|
||
(perhaps indirectly) on to any other subject." [DOD1]
|
||
|
||
$ disruption
|
||
See: (secondary definition under) threat consequence.
|
||
|
||
$ Distinguished Encoding Rules (DER)
|
||
(N) A subset of the Basic Encoding Rules, which gives exactly one
|
||
way to represent any ASN.1 value as an octet string [X690].
|
||
|
||
(C) Since there is more than one way to encode ASN.1 in BER, DER
|
||
is used in applications in which a unique encoding is needed, such
|
||
as when a digital signature is computed on an ASN.1 value.
|
||
|
||
$ distinguished name (DN)
|
||
(I) An identifier that uniquely represents an object in the X.500
|
||
Directory Information Tree (DIT) [X501]. (See: domain name.)
|
||
|
||
(C) A DN is a set of attribute values that identify the path
|
||
leading from the base of the DIT to the object that is named. An
|
||
X.509 public-key certificate or CRL contains a DN that identifies
|
||
its issuer, and an X.509 attribute certificate contains a DN or
|
||
other form of name that identifies its subject.
|
||
|
||
$ Distributed Authentication Security Service (DASS)
|
||
(I) An experimental Internet protocol [R1507] that uses
|
||
cryptographic mechanisms to provide strong, mutual authentication
|
||
services in a distributed environment.
|
||
|
||
$ distribution point
|
||
(I) An X.500 Directory entry or other information source that is
|
||
named in a v3 X.509 public-key certificate extension as a location
|
||
from which to obtain a CRL that might list the certificate.
|
||
|
||
(C) A v3 X.509 public-key certificate may have a
|
||
"cRLDistributionPoints" extension that names places to get CRLs on
|
||
which the certificate might be listed. A CRL obtained from a
|
||
distribution point may (a) cover either all reasons for which a
|
||
certificate might be revoked or only some of the reasons, (b) be
|
||
issued by either the authority that signed the certificate or some
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 61]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
other authority, and (c) contain revocation entries for only a
|
||
subset of the full set of certificates issued by one CA or (c')
|
||
contain revocation entries for multiple CAs.
|
||
|
||
$ DN
|
||
See: distinguished name.
|
||
|
||
$ DNS
|
||
See: Domain Name System.
|
||
|
||
$ DOI
|
||
See: Domain of Interpretation.
|
||
|
||
$ domain
|
||
(I) Security usage: An environment or context that is defined by a
|
||
security policy, security model, or security architecture to
|
||
include a set of system resources and the set of system entities
|
||
that have the right to access the resources. (See: domain of
|
||
interpretation, security perimeter.)
|
||
|
||
(I) Internet usage: That part of the Internet domain name space
|
||
tree [R1034] that is at or below the name the specifies the
|
||
domain. A domain is a subdomain of another domain if it is
|
||
contained within that domain. For example, D.C.B.A is a subdomain
|
||
of C.B.A. (See: Domain Name System.)
|
||
|
||
(O) MISSI usage: The domain of a MISSI CA is the set of MISSI
|
||
users whose certificates are signed by the CA.
|
||
|
||
(O) OSI usage: An administrative partition of a complex
|
||
distributed OSI system.
|
||
|
||
$ domain name
|
||
(I) The style of identifier--a sequence of case-insensitive ASCII
|
||
labels separated by dots ("bbn.com.")--defined for subtrees in the
|
||
Internet Domain Name System [R1034] and used in other Internet
|
||
identifiers, such as host names (e.g., "rosslyn.bbn.com."),
|
||
mailbox names (e.g., "rshirey@bbn.com."), and URLs (e.g.,
|
||
"http://www.rosslyn.bbn.com/foo"). (See: distinguished name,
|
||
domain.)
|
||
|
||
(C) The domain name space of the DNS is a tree structure in which
|
||
each node and leaf holds records describing a resource. Each node
|
||
has a label. The domain name of a node is the list of labels on
|
||
the path from the node to the root of the tree. The labels in a
|
||
domain name are printed or read left to right, from the most
|
||
specific (lowest, farthest from the root) to the least specific
|
||
(highest, closest to the root). The root's label is the null
|
||
|
||
|
||
|
||
Shirey Informational [Page 62]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
string, so a complete domain name properly ends in a dot. The top-
|
||
level domains, those immediately below the root, include COM, EDU,
|
||
GOV, INT, MIL, NET, ORG, and two-letter country codes (such as US)
|
||
from ISO-3166. [R1591] (See: country code.)
|
||
|
||
$ Domain Name System (DNS)
|
||
(I) The main Internet operations database, which is distributed
|
||
over a collection of servers and used by client software for
|
||
purposes such as translating a domain name-style host name into an
|
||
IP address (e.g., "rosslyn.bbn.com" is "192.1.7.10") and locating
|
||
a host that accepts mail for some mailbox address. [R1034]
|
||
|
||
(C) The DNS has three major components:
|
||
|
||
- Domain name space and resource records: Specifications for the
|
||
tree-structured domain name space, and data associated with the
|
||
names.
|
||
|
||
- Name servers: Programs that hold information about a subset of
|
||
the tree's structure and data holdings, and also hold pointers
|
||
to other name servers that can provide information from any
|
||
part of the tree.
|
||
|
||
- Resolvers: Programs that extract information from name servers
|
||
in response to client requests; typically, system routines
|
||
directly accessible to user programs.
|
||
|
||
(C) Extensions to the DNS [R2065, R2137, R2536] support (a) key
|
||
distribution for public keys needed for the DNS and for other
|
||
protocols, (b) data origin authentication service and data
|
||
integrity service for resource records, (c) data origin
|
||
authentication service for transactions between resolvers and
|
||
servers, and (d) access control of records.
|
||
|
||
$ domain of interpretation (DOI)
|
||
(I) IPsec usage: An ISAKMP/IKE DOI defines payload formats,
|
||
exchange types, and conventions for naming security-relevant
|
||
information such as security policies or cryptographic algorithms
|
||
and modes.
|
||
|
||
(C) For example, see [R2407]. The DOI concept is based on work by
|
||
the TSIG's CIPSO Working Group.
|
||
|
||
$ dominate
|
||
(I) Security level A is said to "dominate" security level B if the
|
||
hierarchical classification level of A is greater (higher) than or
|
||
equal to that of B and the nonhierarchical categories of A include
|
||
all of those of B.
|
||
|
||
|
||
|
||
Shirey Informational [Page 63]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ dongle
|
||
(I) A portable, physical, electronic device that is required to be
|
||
attached to a computer to enable a particular software program to
|
||
run. (See: token.)
|
||
|
||
(C) A dongle is essentially a physical key used for copy
|
||
protection of software, because the program will not run unless
|
||
the matching dongle is attached. When the software runs, it
|
||
periodically queries the dongle and quits if the dongle does not
|
||
reply with the proper authentication information. Dongles were
|
||
originally constructed as an EPROM (erasable programmable read-
|
||
only memory) to be connected to a serial input-output port of a
|
||
personal computer.
|
||
|
||
$ downgrade
|
||
(I) Reduce the classification level of information in an
|
||
authorized manner.
|
||
|
||
$ draft RFC
|
||
(D) ISDs SHOULD NOT use this term, because the Request for Comment
|
||
series is archival in nature and does not have a "draft" category.
|
||
(Instead, see: Internet Draft, Draft Standard (in Internet
|
||
Standard).)
|
||
|
||
$ DSA
|
||
See: Digital Signature Algorithm.
|
||
|
||
$ DSS
|
||
See: Digital Signature Standard.
|
||
|
||
$ dual control
|
||
(I) A procedure that uses two or more entities (usually persons)
|
||
operating in concert to protect a system resource, such that no
|
||
single entity acting alone can access that resource. (See: no-lone
|
||
zone, separation of duties, split knowledge.)
|
||
|
||
$ dual signature
|
||
(D) ISDs SHOULD NOT use this term except when stated as
|
||
"SET(trademark) dual signature" with the following meaning:
|
||
|
||
(O) SET usage: A single digital signature that protects two
|
||
separate messages by including the hash results for both sets in a
|
||
single encrypted value. [SET2]
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 64]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) Generated by hashing each message separately, concatenating
|
||
the two hash results, and then hashing that value and encrypting
|
||
the result with the signer's private key. Done to reduce the
|
||
number of encryption operations and to enable verification of data
|
||
integrity without complete disclosure of the data.
|
||
|
||
$ EAP
|
||
See: Extensible Authentication Protocol
|
||
|
||
$ eavesdropping
|
||
(I) Passive wiretapping done secretly, i.e., without the knowledge
|
||
of the originator or the intended recipients of the communication.
|
||
|
||
$ ECB
|
||
See: electronic codebook.
|
||
|
||
$ ECDSA
|
||
See: Elliptic Curve Digital Signature Algorithm.
|
||
|
||
$ economy of mechanism
|
||
(I) The principle that each security mechanism should be designed
|
||
to be as simple as possible, so that the mechanism can be
|
||
correctly implemented and so that it can be verified that the
|
||
operation of the mechanism enforces the containing system's
|
||
security policy. (See: least privilege.)
|
||
|
||
$ EDI
|
||
See: electronic data interchange.
|
||
|
||
$ EDIFACT
|
||
See: (secondary definition under) electronic data interchange.
|
||
|
||
$ EE
|
||
(D) ISDs SHOULD NOT use this abbreviation because of possible
|
||
confusion among "end entity", "end-to-end encryption", "escrowed
|
||
encryption standard", and other terms.
|
||
|
||
$ EES
|
||
See: Escrowed Encryption Standard.
|
||
|
||
$ El Gamal algorithm
|
||
(N) An algorithm for asymmetric cryptography, invented in 1985 by
|
||
Taher El Gamal, that is based on the difficulty of calculating
|
||
discrete logarithms and can be used for both encryption and
|
||
digital signatures. [ElGa, Schn]
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 65]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ electronic codebook (ECB)
|
||
(I) An block cipher mode in which a plaintext block is used
|
||
directly as input to the encryption algorithm and the resultant
|
||
output block is used directly as ciphertext [FP081].
|
||
|
||
$ electronic commerce
|
||
(I) General usage: Business conducted through paperless exchanges
|
||
of information, using electronic data interchange, electronic
|
||
funds transfer (EFT), electronic mail, computer bulletin boards,
|
||
facsimile, and other paperless technologies.
|
||
|
||
(O) SET usage: "The exchange of goods and services for payment
|
||
between the cardholder and merchant when some or all of the
|
||
transaction is performed via electronic communication." [SET2]
|
||
|
||
$ electronic data interchange (EDI)
|
||
(I) Computer-to-computer exchange, between trading partners, of
|
||
business data in standardized document formats.
|
||
|
||
(C) EDI formats have been standardized primarily by ANSI X12 and
|
||
by EDIFACT (EDI for Administration, Commerce, and Transportation),
|
||
which is an international, UN-sponsored standard primarily used in
|
||
Europe and Asia. X12 and EDIFACT are aligning to create a single,
|
||
global EDI standard.
|
||
|
||
$ electronic signature
|
||
(D) ISDs SHOULD NOT use this term because there is no current
|
||
consensus on its definition. (Instead, see: digital signature.)
|
||
|
||
$ elliptic curve cryptography (ECC)
|
||
(I) A type of asymmetric cryptography based on mathematics of
|
||
groups that are defined by the points on a curve.
|
||
|
||
(C) The most efficient implementation of ECC is claimed to be
|
||
stronger per bit of key (against cryptanalysis that uses a brute
|
||
force attack) than any other known form of asymmetric
|
||
cryptography. ECC is based on mathematics different than the kinds
|
||
originally used to define the Diffie-Hellman algorithm and the
|
||
Digital Signature Algorithm. ECC is based on the mathematics of
|
||
groups defined by the points on a curve, where the curve is
|
||
defined by a quadratic equation in a finite field. ECC can be used
|
||
to define both an algorithm for key agreement that is an analog of
|
||
Diffie-Hellman and an algorithm for digital signature that is an
|
||
analog of DSA. (See: ECDSA.)
|
||
|
||
$ Elliptic Curve Digital Signature Algorithm (ECDSA)
|
||
(N) A standard [A9062] that is the elliptic curve cryptography
|
||
analog of the Digital Signature Algorithm.
|
||
|
||
|
||
|
||
Shirey Informational [Page 66]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ emanation
|
||
(I) An signal (electromagnetic, acoustic, or other medium) that is
|
||
emitted by a system (through radiation or conductance) as a
|
||
consequence (i.e., byproduct) of its operation, and that may
|
||
contain information. (See: TEMPEST.)
|
||
|
||
$ emanations security (EMSEC)
|
||
(I) Physical constraints to prevent information compromise through
|
||
signals emanated by a system, particular the application of
|
||
TEMPEST technology to block electromagnetic radiation.
|
||
|
||
$ emergency plan
|
||
(D) A synonym for "contingency plan". In the interest of
|
||
consistency, ISDs SHOULD use "contingency plan" instead of
|
||
"emergency plan".
|
||
|
||
$ EMSEC
|
||
See: emanations security.
|
||
|
||
$ EMV
|
||
(I) An abbreviation of "Europay, MasterCard, Visa". Refers to a
|
||
specification for smart cards that are used as payment cards, and
|
||
for related terminals and applications. [EMV1, EMV2, EMV3]
|
||
|
||
$ Encapsulating Security Payload (ESP)
|
||
(I) An Internet IPsec protocol [R2406] designed to provide a mix
|
||
of security services--especially data confidentiality service--in
|
||
the Internet Protocol. (See: Authentication Header.)
|
||
|
||
(C) ESP may be used alone, or in combination with the IPsec AH
|
||
protocol, or in a nested fashion with tunneling. Security services
|
||
can be provided between a pair of communicating hosts, between a
|
||
pair of communicating security gateways, or between a host and a
|
||
gateway. The ESP header is encapsulated by the IP header, and the
|
||
ESP header encapsulates either the upper layer protocol header
|
||
(transport mode) or an IP header (tunnel mode). ESP can provide
|
||
data confidentiality service, data origin authentication service,
|
||
connectionless data integrity service, an anti-replay service, and
|
||
limited traffic flow confidentiality. The set of services depends
|
||
on the placement of the implementation and on options selected
|
||
when the security association is established.
|
||
|
||
$ encipher
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "encrypt".
|
||
However, see the usage note under "encryption".
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 67]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ encipherment
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "encryption",
|
||
except in special circumstances that are explained in the usage
|
||
discussion under "encryption".
|
||
|
||
$ encode
|
||
(I) Use a system of symbols to represent information, which might
|
||
originally have some other representation. (See: decode.)
|
||
|
||
(C) Examples include Morse code, ASCII, and BER.
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "encrypt",
|
||
because encoding is not usually intended to conceal meaning.
|
||
|
||
$ encrypt
|
||
(I) Cryptographically transform data to produce ciphertext. (See:
|
||
encryption.)
|
||
|
||
$ encryption
|
||
(I) Cryptographic transformation of data (called "plaintext") into
|
||
a form (called "ciphertext") that conceals the data's original
|
||
meaning to prevent it from being known or used. If the
|
||
transformation is reversible, the corresponding reversal process
|
||
is called "decryption", which is a transformation that restores
|
||
encrypted data to its original state. (See: cryptography.)
|
||
|
||
(C) Usage note: For this concept, ISDs should use the verb "to
|
||
encrypt" (and related variations: encryption, decrypt, and
|
||
decryption). However, because of cultural biases, some
|
||
international usage, particularly ISO and CCITT standards, avoids
|
||
"to encrypt" and instead uses the verb "to encipher" (and related
|
||
variations: encipherment, decipher, decipherment).
|
||
|
||
(O) "The cryptographic transformation of data (see: cryptography)
|
||
to produce ciphertext." [I7498 Part 2]
|
||
|
||
(C) Usually, the plaintext input to an encryption operation is
|
||
cleartext. But in some cases, the plaintext may be ciphertext that
|
||
was output from another encryption operation. (See:
|
||
superencryption.)
|
||
|
||
(C) Encryption and decryption involve a mathematical algorithm for
|
||
transforming data. In addition to the data to be transformed, the
|
||
algorithm has one or more inputs that are control parameters: (a)
|
||
a key value that varies the transformation and, in some cases, (b)
|
||
an initialization value that establishes the starting state of the
|
||
algorithm.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 68]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ encryption certificate
|
||
(I) A public-key certificate that contains a public key that is
|
||
intended to be used for encrypting data, rather than for verifying
|
||
digital signatures or performing other cryptographic functions.
|
||
|
||
C) A v3 X.509 public-key certificate may have a "keyUsage"
|
||
extension that indicates the purpose for which the certified
|
||
public key is intended.
|
||
|
||
$ end entity
|
||
(I) A system entity that is the subject of a public-key
|
||
certificate and that is using, or is permitted and able to use,
|
||
the matching private key only for a purpose or purposes other than
|
||
signing a digital certificate; i.e., an entity that is not a CA.
|
||
|
||
(D) "A certificate subject which uses its public [sic] key for
|
||
purposes other than signing certificates." [X509]
|
||
|
||
(C) ISDs SHOULD NOT use the X.509 definition, because it is
|
||
misleading and incomplete. First, the X.509 definition should say
|
||
"private key" rather than "public key" because certificates are
|
||
not usefully signed with a public key. Second, the X.509
|
||
definition is weak regarding whether an end entity may or may not
|
||
use the private key to sign a certificate, i.e., whether the
|
||
subject may be a CA. The intent of X.509's authors was that an end
|
||
entity certificate is not valid for use in verifying a signature
|
||
on an X.509 certificate or X.509 CRL. Thus, it would have been
|
||
better for the X.509 definition to have said "only for purposes
|
||
other than signing certificates".
|
||
|
||
(C) Despite the problems in the X.509 definition, the term itself
|
||
is useful in describing applications of asymmetric cryptography.
|
||
The way the term is used in X.509 implies that it was meant to be
|
||
defined, as we have done here, relative to roles that an entity
|
||
(which is associated with an OSI end system) is playing or is
|
||
permitted to play in applications of asymmetric cryptography other
|
||
than the PKI that supports applications.
|
||
|
||
(C) Whether a subject can play both CA and non-CA roles, with
|
||
either the same or different certificates, is a matter of policy.
|
||
(See: certification practice statement.) A v3 X.509 public-key
|
||
certificate may have a "basicConstraints" extension containing a
|
||
"cA" value that specifically "indicates whether or not the public
|
||
key may be used to verify certificate signatures".
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 69]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ end system
|
||
(I) An OSI term for a computer that implements all seven layers of
|
||
the OSIRM and may attach to a subnetwork. (In the context of the
|
||
Internet Protocol Suite, usually called a "host".)
|
||
|
||
$ end-to-end encryption
|
||
(I) Continuous protection of data that flows between two points in
|
||
a network, provided by encrypting data when it leaves its source,
|
||
leaving it encrypted while it passes through any intermediate
|
||
computers (such as routers), and decrypting only when the data
|
||
arrives at the intended destination. (See: link encryption,
|
||
wiretapping.)
|
||
|
||
(C) When two points are separated by multiple communication links
|
||
that are connected by one or more intermediate relays, end-to-end
|
||
encryption enables the source and destination systems to protect
|
||
their communications without depending on the intermediate systems
|
||
to provide the protection.
|
||
|
||
$ end user
|
||
(I) General usage: A system entity, usually a human individual,
|
||
that makes use of system resources, primarily for application
|
||
purposes as opposed to system management purposes.
|
||
|
||
(I) PKI usage: A synonym for "end entity"; but the term "end
|
||
entity" is preferred.
|
||
|
||
$ entity
|
||
See: system entity.
|
||
|
||
$ entrapment
|
||
(I) "The deliberate planting of apparent flaws in a system for the
|
||
purpose of detecting attempted penetrations or confusing an
|
||
intruder about which flaws to exploit." [FP039] (See: honey pot.)
|
||
|
||
$ ephemeral key
|
||
(I) A public key or a private key that is relatively short-lived.
|
||
(See: session key.)
|
||
|
||
$ error detection code
|
||
(I) A checksum designed to detect, but not correct, accidental
|
||
(i.e., unintentional) changes in data.
|
||
|
||
$ Escrowed Encryption Standard (EES)
|
||
(N) A U.S. Government standard [FP185] that specifies use of a
|
||
symmetric encryption algorithm (SKIPJACK) and a Law Enforcement
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 70]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
Access Field (LEAF) creation method to implement part of a key
|
||
escrow system that provides for decryption of encrypted
|
||
telecommunications when interception is lawfully authorized.
|
||
|
||
(C) Both SKIPJACK and the LEAF are to be implemented in equipment
|
||
used to encrypt and decrypt unclassified, sensitive
|
||
telecommunications data.
|
||
|
||
$ ESP
|
||
See: Encapsulating Security Payload.
|
||
|
||
$ Estelle
|
||
(N) A language (ISO 9074-1989) for formal specification of
|
||
computer network protocols.
|
||
|
||
$ evaluated products list
|
||
(O) General usage: A list of information system equipment items
|
||
that have been evaluated against, and found to be compliant with,
|
||
a particular set of criteria.
|
||
|
||
(O) U.S. Department of Defense usage: The Evaluated Products List
|
||
(http://www.radium.ncsc.mil/tpep/epl/) contains items that have
|
||
been evaluated against the TCSEC by the NCSC, or against the
|
||
Common Criteria by the NCSC or one of its partner agencies in
|
||
another county. The List forms Chapter 4 of NSA's "Information
|
||
Systems Security Products and Services Catalogue".
|
||
|
||
$ evaluated system
|
||
(I) Refers to a system that has been evaluated against security
|
||
criteria such as the TCSEC or the Common Criteria.
|
||
|
||
$ expire
|
||
See: certificate expiration.
|
||
|
||
$ exposure
|
||
See: (secondary definition under) threat consequence.
|
||
|
||
$ Extensible Authentication Protocol
|
||
(I) A framework that supports multiple, optional authentication
|
||
mechanisms for PPP, including cleartext passwords, challenge-
|
||
response, and arbitrary dialog sequences. [R2284]
|
||
|
||
(C) This protocol is intended for use primarily by a host or
|
||
router that connects to a PPP network server via switched circuits
|
||
or dial-up lines.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 71]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ extension
|
||
(I) A data item defined for optional inclusion in a v3 X.509
|
||
public-key certificate or a v2 X.509 CRL.
|
||
|
||
(C) The formats defined in X.509 can be extended to provide
|
||
methods for associating additional attributes with subjects and
|
||
public keys and for managing a certification hierarchy:
|
||
|
||
- "Certificate extension": X.509 defines standard extensions that
|
||
may be included in v3 certificates to provide additional key
|
||
and security policy information, subject and issuer attributes,
|
||
and certification path constraints.
|
||
|
||
- "CRL extension": X.509 defines extensions that may be included
|
||
in v2 CRLs to provide additional issuer key and name
|
||
information, revocation reasons and constraints, and
|
||
information about distribution points and delta CRLs.
|
||
|
||
- "Private extension": Additional extensions, each named by an
|
||
OID, can be locally defined as needed by applications or
|
||
communities. (See: PKIX private extension, SET private
|
||
extensions.)
|
||
|
||
$ extranet
|
||
(I) A computer network that an organization uses to carry
|
||
application data traffic between the organization and its business
|
||
partners. (See: intranet.)
|
||
|
||
(C) An extranet can be implemented securely, either on the
|
||
Internet or using Internet technology, by constructing the
|
||
extranet as a VPN.
|
||
|
||
$ fail safe
|
||
(I) A mode of system termination that automatically leaves system
|
||
processes and components in a secure state when a failure occurs
|
||
or is detected in the system.
|
||
|
||
$ fail soft
|
||
(I) Selective termination of affected non-essential system
|
||
functions and processes when a failure occurs or is detected in
|
||
the system.
|
||
|
||
$ failure control
|
||
(I) A methodology used to provide fail-safe or fail-soft
|
||
termination and recovery of functions and processes when failures
|
||
are detected or occur in a system. [FP039]
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 72]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ Federal Information Processing Standards (FIPS)
|
||
(N) The Federal Information Processing Standards Publication (FIPS
|
||
PUB) series issued by the U.S. National Institute of Standards and
|
||
Technology as technical guidelines for U.S. Government
|
||
procurements of information processing system equipment and
|
||
services. [FP031, FP039, FP046, FP081, FP102, FP113, FP140, FP151,
|
||
FP180, FP185, FP186, FP188]
|
||
|
||
(C) Issued under the provisions of section 111(d) of the Federal
|
||
Property and Administrative Services Act of 1949 as amended by the
|
||
Computer Security Act of 1987, Public Law 100-235.
|
||
|
||
$ Federal Public-key Infrastructure (FPKI)
|
||
(N) A PKI being planned to establish facilities, specifications,
|
||
and policies needed by the U.S. Federal Government to use public-
|
||
key certificates for INFOSEC, COMSEC, and electronic commerce
|
||
involving unclassified but sensitive applications and interactions
|
||
between Federal agencies as well as with entities of other
|
||
branches of the Federal Government, state, and local governments,
|
||
business, and the public. [FPKI]
|
||
|
||
$ Federal Standard 1027
|
||
(N) An U.S. Government document defining emanation, anti-tamper,
|
||
security fault analysis, and manual key management criteria for
|
||
DES encryption devices, primary for OSI layer 2. Was renamed "FIPS
|
||
PUB 140" when responsibility for protecting unclassified,
|
||
sensitive information was transferred from NSA to NIST, and then
|
||
was superseded by FIPS PUB 140-1.
|
||
|
||
$ File Transfer Protocol (FTP)
|
||
(I) A TCP-based, application-layer, Internet Standard protocol
|
||
[R0959] for moving data files from one computer to another.
|
||
|
||
$ filtering router
|
||
(I) An internetwork router that selectively prevents the passage
|
||
of data packets according to a security policy.
|
||
|
||
(C) A filtering router may be used as a firewall or part of a
|
||
firewall. A router usually receives a packet from a network and
|
||
decides where to forward it on a second network. A filtering
|
||
router does the same, but first decides whether the packet should
|
||
be forwarded at all, according to some security policy. The policy
|
||
is implemented by rules (packet filters) loaded into the router.
|
||
The rules mostly involve values of data packet control fields
|
||
(especially IP source and destination addresses and TCP port
|
||
numbers). [R2179]
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 73]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ financial institution
|
||
(N) "An establishment responsible for facilitating customer-
|
||
initiated transactions or transmission of funds for the extension
|
||
of credit or the custody, loan, exchange, or issuance of money."
|
||
[SET2]
|
||
|
||
$ fingerprint
|
||
(I) A pattern of curves formed by the ridges on a fingertip. (See:
|
||
biometric authentication, thumbprint.)
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "hash result"
|
||
because it mixes concepts in a potentially misleading way.
|
||
|
||
(D) ISDs SHOULD NOT use this term with the following PGP
|
||
definition, because the term and definition mix concepts in a
|
||
potentially misleading way and duplicate the meaning of "hash
|
||
result":
|
||
|
||
(O) PGP usage: A hash result used to authenticate a public key
|
||
(key fingerprint) or other data. [PGP]
|
||
|
||
$ FIPS
|
||
See: Federal Information Processing Standards.
|
||
|
||
$ FIPS PUB 140-1
|
||
(N) The U.S. Government standard [FP140] for security requirements
|
||
to be met by a cryptographic module used to protect unclassified
|
||
information in computer and communication systems. (See: Common
|
||
Criteria, FIPS, Federal Standard 1027.)
|
||
|
||
(C) The standard specifies four increasing levels (from "Level 1"
|
||
to "Level 4") of requirements to cover a wide range of potential
|
||
applications and environments. The requirements address basic
|
||
design and documentation, module interfaces, authorized roles and
|
||
services, physical security, software security, operating system
|
||
security, key management, cryptographic algorithms,
|
||
electromagnetic interference and electromagnetic compatibility
|
||
(EMI/EMC), and self-testing. NIST and the Canadian Communication
|
||
Security Establishment jointly certify modules.
|
||
|
||
$ firewall
|
||
(I) An internetwork gateway that restricts data communication
|
||
traffic to and from one of the connected networks (the one said to
|
||
be "inside" the firewall) and thus protects that network's system
|
||
resources against threats from the other network (the one that is
|
||
said to be "outside" the firewall). (See: guard, security
|
||
gateway.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 74]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) A firewall typically protects a smaller, secure network (such
|
||
as a corporate LAN, or even just one host) from a larger network
|
||
(such as the Internet). The firewall is installed at the point
|
||
where the networks connect, and the firewall applies security
|
||
policy rules to control traffic that flows in and out of the
|
||
protected network.
|
||
|
||
(C) A firewall is not always a single computer. For example, a
|
||
firewall may consist of a pair of filtering routers and one or
|
||
more proxy servers running on one or more bastion hosts, all
|
||
connected to a small, dedicated LAN between the two routers. The
|
||
external router blocks attacks that use IP to break security (IP
|
||
address spoofing, source routing, packet fragments), while proxy
|
||
servers block attacks that would exploit a vulnerability in a
|
||
higher layer protocol or service. The internal router blocks
|
||
traffic from leaving the protected network except through the
|
||
proxy servers. The difficult part is defining criteria by which
|
||
packets are denied passage through the firewall, because a
|
||
firewall not only needs to keep intruders out, but usually also
|
||
needs to let authorized users in and out.
|
||
|
||
$ firmware
|
||
(I) Computer programs and data stored in hardware--typically in
|
||
read-only memory (ROM) or programmable read-only memory (PROM)--
|
||
such that the programs and data cannot be dynamically written or
|
||
modified during execution of the programs. (See: hardware,
|
||
software.)
|
||
|
||
$ FIRST
|
||
See: Forum of Incident Response and Security Teams.
|
||
|
||
$ flaw hypothesis methodology
|
||
(I) An evaluation or attack technique in which specifications and
|
||
documentation for a system are analyzed to hypothesize flaws in
|
||
the system. The list of hypothetical flaws is prioritized on the
|
||
basis of the estimated probability that a flaw exists and,
|
||
assuming it does, on the ease of exploiting it and the extent of
|
||
control or compromise it would provide. The prioritized list is
|
||
used to direct a penetration test or attack against the system.
|
||
[NCS04]
|
||
|
||
$ flooding
|
||
(I) An attack that attempts to cause a failure in (especially, in
|
||
the security of) a computer system or other data processing entity
|
||
by providing more input than the entity can process properly.
|
||
(See: denial of service.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 75]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ flow analysis
|
||
(I) An analysis performed on a nonprocedural formal system
|
||
specification that locates potential flows of information between
|
||
system variables. By assigning security levels to the variables,
|
||
the analysis can find some types of covert channels.
|
||
|
||
$ flow control
|
||
(I) A procedure or technique to ensure that information transfers
|
||
within a system are not made from one security level to another
|
||
security level, and especially not from a higher level to a lower
|
||
level. (See: covert channel, simple security property, confinement
|
||
property.)
|
||
|
||
$ formal specification
|
||
(I) A specification of hardware or software functionality in a
|
||
computer-readable language; usually a precise mathematical
|
||
description of the behavior of the system with the aim of
|
||
providing a correctness proof.
|
||
|
||
$ formulary
|
||
(I) A technique for enabling a decision to grant or deny access to
|
||
be made dynamically at the time the access is attempted, rather
|
||
than earlier when an access control list or ticket is created.
|
||
|
||
$ FORTEZZA(trademark)
|
||
(N) A registered trademark of NSA, used for a family of
|
||
interoperable security products that implement a NIST/NSA-approved
|
||
suite of cryptographic algorithms for digital signature, hash,
|
||
encryption, and key exchange. The products include a PC card that
|
||
contains a CAPSTONE chip, serial port modems, server boards, smart
|
||
cards, and software implementations.
|
||
|
||
$ Forum of Incident Response and Security Teams (FIRST)
|
||
(N) An international consortium of CSIRTs that work together to
|
||
handle computer security incidents and promote preventive
|
||
activities. (See: CSIRT, security incident.)
|
||
|
||
(C) FIRST was founded in 1990 and, as of September 1999, had
|
||
nearly 70 members spanning the globe. Its mission includes:
|
||
|
||
- Provide members with technical information, tools, methods,
|
||
assistance, and guidance.
|
||
- Coordinate proactive liaison activities and analytical support.
|
||
- Encourage development of quality products and services.
|
||
- Improve national and international information security for
|
||
government, private industry, academia, and the individual.
|
||
- Enhance the image and status of the CSIRT community.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 76]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ forward secrecy
|
||
See: public-key forward secrecy.
|
||
|
||
$ FPKI
|
||
See: Federal Public-Key Infrastructure.
|
||
|
||
$ FTP
|
||
See: File Transfer Protocol.
|
||
|
||
$ gateway
|
||
(I) A relay mechanism that attaches to two (or more) computer
|
||
networks that have similar functions but dissimilar
|
||
implementations and that enables host computers on one network to
|
||
communicate with hosts on the other; an intermediate system that
|
||
is the interface between two computer networks. (See: bridge,
|
||
firewall, guard, internetwork, proxy server, router, and
|
||
subnetwork.)
|
||
|
||
(C) In theory, gateways are conceivable at any OSI layer. In
|
||
practice, they operate at OSI layer 3 (see: bridge, router) or
|
||
layer 7 (see: proxy server). When the two networks differ in the
|
||
protocol by which they offer service to hosts, the gateway may
|
||
translate one protocol into another or otherwise facilitate
|
||
interoperation of hosts (see: Internet Protocol).
|
||
|
||
$ GCA
|
||
See: geopolitical certificate authority.
|
||
|
||
$ GeneralizedTime
|
||
(N) The ASN.1 data type "GeneralizedTime" (specified in ISO 8601)
|
||
contains a calendar date (YYYYMMDD) and a time of day, which is
|
||
either (a) the local time, (b) the Coordinated Universal Time, or
|
||
(c) both the local time and an offset allowing Coordinated
|
||
Universal Time to be calculated. (See: Coordinated Universal Time,
|
||
UTCTime.)
|
||
|
||
$ Generic Security Service Application Program Interface (GSS-API)
|
||
(I) An Internet Standard protocol [R2078] that specifies calling
|
||
conventions by which an application (typically another
|
||
communication protocol) can obtain authentication, integrity, and
|
||
confidentiality security services independently of the underlying
|
||
security mechanisms and technologies, thus allowing the
|
||
application source code to be ported to different environments.
|
||
|
||
(C) "A GSS-API caller accepts tokens provided to it by its local
|
||
GSS-API implementation and transfers the tokens to a peer on a
|
||
remote system; that peer passes the received tokens to its local
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 77]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
GSS-API implementation for processing. The security services
|
||
available through GSS-API in this fashion are implementable (and
|
||
have been implemented) over a range of underlying mechanisms based
|
||
on [symmetric] and [asymmetric cryptography]." [R2078]
|
||
|
||
$ geopolitical certificate authority (GCA)
|
||
(O) SET usage: In a SET certification hierarchy, an optional level
|
||
that is certified by a BCA and that may certify cardholder CAs,
|
||
merchant CAs, and payment gateway CAs. Using GCAs enables a brand
|
||
to distribute responsibility for managing certificates to
|
||
geographic or political regions, so that brand policies can vary
|
||
between regions as needed.
|
||
|
||
$ Green Book
|
||
(D) Except as an explanatory appositive, ISDs SHOULD NOT use this
|
||
term as a synonym for "Defense Password Management Guideline"
|
||
[CSC2]. Instead, use the full proper name of the document or, in
|
||
subsequent references, a conventional abbreviation. (See: Rainbow
|
||
Series.)
|
||
|
||
(D) Usage note: To improve international comprehensibility of
|
||
Internet Standards and the Internet Standards Process, ISDs SHOULD
|
||
NOT use "cute" synonyms for document titles. No matter how popular
|
||
and clearly understood a nickname may be in one community, it is
|
||
likely to cause confusion in others. For example, several other
|
||
information system standards also are called "the Green Book". The
|
||
following are some examples:
|
||
|
||
- Each volume of 1992 ITU-T (at that time, CCITT) standards.
|
||
- "PostScript Language Program Design", Adobe Systems, Addison-
|
||
Wesley, 1988.
|
||
- IEEE 1003.1 POSIX Operating Systems Interface.
|
||
- "Smalltalk-80: Bits of History, Words of Advice", Glenn
|
||
Krasner, Addison-Wesley, 1983.
|
||
- "X/Open Compatibility Guide".
|
||
- A particular CD-ROM format developed by Phillips.
|
||
|
||
$ GRIP
|
||
(I) A contraction of "Guidelines and Recommendations for Security
|
||
Incident Processing", the name of the IETF working group that
|
||
seeks to facilitate consistent handling of security incidents in
|
||
the Internet community. (See: security incident.)
|
||
|
||
(C) Guidelines to be produced by the WG will address technology
|
||
vendors, network service providers, and response teams in their
|
||
roles assisting organizations in resolving security incidents.
|
||
These relationships are functional and can exist within and across
|
||
organizational boundaries.
|
||
|
||
|
||
|
||
Shirey Informational [Page 78]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ GSS-API
|
||
See: Generic Security Service Application Program Interface.
|
||
|
||
$ guard
|
||
(I) A gateway that is interposed between two networks (or
|
||
computers, or other information systems) operating at different
|
||
security levels (one level is usually higher than the other) and
|
||
is trusted to mediate all information transfers between the two
|
||
levels, either to ensure that no sensitive information from the
|
||
first (higher) level is disclosed to the second (lower) level, or
|
||
to protect the integrity of data on the first (higher) level.
|
||
(See: firewall.)
|
||
|
||
$ guest login
|
||
See: anonymous login.
|
||
|
||
$ GULS
|
||
(I) Generic Upper Layer Security service element (ISO 11586), a
|
||
five-part standard for the exchange of security information and
|
||
security-transformation functions that protect confidentiality and
|
||
integrity of application data.
|
||
|
||
$ hacker
|
||
(I) Someone with a strong interest in computers, who enjoys
|
||
learning about them and experimenting with them. (See: cracker.)
|
||
|
||
(C) The recommended definition is the original meaning of the term
|
||
(circa 1960), which then had a neutral or positive connotation of
|
||
"someone who figures things out and makes something cool
|
||
happen". Today, the term is frequently misused, especially by
|
||
journalists, to have the pejorative meaning of cracker.
|
||
|
||
$ handle
|
||
(I) (1.) Verb: Perform processing operations on data, such as
|
||
receive and transmit, collect and disseminate, create and delete,
|
||
store and retrieve, read and write, and compare. (2.) Noun: An on-
|
||
line pseudonym, particularly one used by a cracker; derived from
|
||
citizens band radio culture.
|
||
|
||
$ hardware
|
||
(I) The material physical components of a computer system. (See:
|
||
firmware, software.)
|
||
|
||
$ hardware token
|
||
See: token.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 79]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ hash code
|
||
(D) ISDs SHOULD NOT use this term (especially not as a synonym for
|
||
"hash result") because it mixes concepts in a potentially
|
||
misleading way. A hash result is not a "code" in any sense defined
|
||
by this glossary. (See: code, hash result, hash value, message
|
||
digest.)
|
||
|
||
$ hash function
|
||
(I) An algorithm that computes a value based on a data object
|
||
(such as a message or file; usually variable-length; possibly very
|
||
large), thereby mapping the data object to a smaller data object
|
||
(the "hash result") which is usually a fixed-size value. (See:
|
||
checksum, keyed hash.)
|
||
|
||
(O) "A (mathematical) function which maps values from a large
|
||
(possibly very large) domain into a smaller range. A 'good' hash
|
||
function is such that the results of applying the function to a
|
||
(large) set of values in the domain will be evenly distributed
|
||
(and apparently at random) over the range." [X509]
|
||
|
||
(C) The kind of hash function needed for security applications is
|
||
called a "cryptographic hash function", an algorithm for which it
|
||
is computationally infeasible (because no attack is significantly
|
||
more efficient than brute force) to find either (a) a data object
|
||
that maps to a pre-specified hash result (the "one-way" property)
|
||
or (b) two data objects that map to the same hash result (the
|
||
"collision-free" property). (See: MD2, MD4, MD5, SHA-1.)
|
||
|
||
(C) A cryptographic hash is "good" in the sense stated in the "O"
|
||
definition for hash function. Any change to an input data object
|
||
will, with high probability, result in a different hash result, so
|
||
that the result of a cryptographic hash makes a good checksum for
|
||
a data object.
|
||
|
||
$ hash result
|
||
(I) The output of a hash function. (See: hash code, hash value.)
|
||
|
||
(O) "The output produced by a hash function upon processing a
|
||
message" (where "message" is broadly defined as "a digital
|
||
representation of data"). [ABA] (The recommended definition is
|
||
compatible with this ABA definition, but we avoid the unusual
|
||
definition of "message".)
|
||
|
||
$ hash value
|
||
(D) ISDs SHOULD NOT use this term (especially not as a synonym for
|
||
"hash result", the output of a hash function) because it might be
|
||
confused with "hashed value" (the input to a hash function). (See:
|
||
hash code, hash result, message digest.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 80]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ hierarchical PKI
|
||
(I) A PKI architecture based on a certification hierarchy. (See:
|
||
mesh PKI, trust-file PKI.)
|
||
|
||
$ hierarchy management
|
||
(I) The process of generating configuration data and issuing
|
||
public-key certificates to build and operate a certification
|
||
hierarchy.
|
||
|
||
$ hierarchy of trust
|
||
(D) ISDs SHOULD NOT use this term with regard to PKI, especially
|
||
not as a synonym for "certification hierarchy", because this term
|
||
mixes concepts in a potentially misleading way. (See:
|
||
certification hierarchy, trust, web of trust.)
|
||
|
||
$ hijack attack
|
||
(I) A form of active wiretapping in which the attacker seizes
|
||
control of a previously established communication association.
|
||
(See: man-in-the-middle attack, pagejacking, piggyback attack.)
|
||
|
||
$ HMAC
|
||
(I) A keyed hash [R2104] that can be based on any iterated
|
||
cryptographic hash (e.g., MD5 or SHA-1), so that the cryptographic
|
||
strength of HMAC depends on the properties of the selected
|
||
cryptographic hash. (See: [R2202, R2403, R2404].)
|
||
|
||
(C) Assume that H is a generic cryptographic hash in which a
|
||
function is iterated on data blocks of length B bytes. L is the
|
||
length of the of hash result of H. K is a secret key of length L
|
||
<= K <= B. The values IPAD and OPAD are fixed strings used as
|
||
inner and outer padding and defined as follows: IPAD = the byte
|
||
0x36 repeated B times, OPAD = the byte 0x5C repeated B times. HMAC
|
||
is computed by H(K XOR OPAD, H(K XOR IPAD, inputdata)).
|
||
|
||
(C) The goals of HMAC are as follows:
|
||
|
||
- To use available cryptographic hash functions without
|
||
modification, particularly functions that perform well in
|
||
software and for which software is freely and widely available.
|
||
- To preserve the original performance of the selected hash
|
||
without significant degradation.
|
||
- To use and handle keys in a simple way.
|
||
- To have a well-understood cryptographic analysis of the
|
||
strength of the mechanism based on reasonable assumptions about
|
||
the underlying hash function.
|
||
- To enable easy replacement of the hash function in case a
|
||
faster or stronger hash is found or required.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 81]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ honey pot
|
||
(I) A system (e.g., a web server) or a system resource (e.g., a
|
||
file on a server), that is designed to be attractive to potential
|
||
crackers and intruders, like honey is attractive to bears. (See:
|
||
entrapment.)
|
||
|
||
(D) It is likely that other cultures have different metaphors for
|
||
this concept. To ensure international understanding, ISDs should
|
||
not use this term unless they also provide an explanation like
|
||
this one. (See: (usage note under) Green Book.)
|
||
|
||
$ host
|
||
(I) General computer network usage: A computer that is attached to
|
||
a communication subnetwork or internetwork and can use services
|
||
provided by the network to exchange data with other attached
|
||
systems. (See: end system.)
|
||
|
||
(I) Specific Internet Protocol Suite usage: A networked computer
|
||
that does not forward Internet Protocol packets that are not
|
||
addressed to the computer itself. (See: router.)
|
||
|
||
(C) Derivation: As viewed by its users, a host "entertains"
|
||
guests, providing application layer services or access to other
|
||
computers attached to the network. However, even though some
|
||
traditional peripheral service devices, such as printers, can now
|
||
be independently connected to networks, they are not usually
|
||
called hosts.
|
||
|
||
$ HTML
|
||
See: Hypertext Markup Language.
|
||
|
||
$ HTTP
|
||
See: Hypertext Transfer Protocol.
|
||
|
||
$ https
|
||
(I) When used in the first part of a URL (the part that precedes
|
||
the colon and specifies an access scheme or protocol), this term
|
||
specifies the use of HTTP enhanced by a security mechanism, which
|
||
is usually SSL. (See: S-HTTP.)
|
||
|
||
$ hybrid encryption
|
||
(I) An application of cryptography that combines two or more
|
||
encryption algorithms, particularly a combination of symmetric and
|
||
asymmetric encryption. (E.g., see: digital envelope.)
|
||
|
||
(C) Asymmetric algorithms require more computation than
|
||
equivalently strong symmetric ones. Thus, asymmetric encryption is
|
||
not normally used for data confidentiality except in distributing
|
||
|
||
|
||
|
||
Shirey Informational [Page 82]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
symmetric keys in applications where the key data is usually short
|
||
(in terms of bits) compared to the data it protects. (E.g., see:
|
||
MSP, PEM, PGP.)
|
||
|
||
$ hyperlink
|
||
(I) In hypertext or hypermedia, an information object (such as a
|
||
word, a phrase, or an image; usually highlighted by color or
|
||
underscoring) that points (indicates how to connect) to related
|
||
information that is located elsewhere and can be retrieved by
|
||
activating the link (e.g., by selecting the object with a mouse
|
||
pointer and then clicking).
|
||
|
||
$ hypermedia
|
||
(I) A generalization of hypertext; any media that contain
|
||
hyperlinks that point to material in the same or another data
|
||
object.
|
||
|
||
$ hypertext
|
||
(I) A computer document, or part of a document, that contains
|
||
hyperlinks to other documents; i.e., text that contains active
|
||
pointers to other text. Usually written in Hypertext Markup
|
||
Language and accessed using a web browser. (See: hypermedia.)
|
||
|
||
$ Hypertext Markup Language (HTML)
|
||
(I) A platform-independent system of syntax and semantics for
|
||
adding characters to data files (particularly text files) to
|
||
represent the data's structure and to point to related data, thus
|
||
creating hypertext for use in the World Wide Web and other
|
||
applications. [R1866]
|
||
|
||
$ Hypertext Transfer Protocol (HTTP)
|
||
(I) A TCP-based, application-layer, client-server, Internet
|
||
protocol [R2616] used to carry data requests and responses in the
|
||
World Wide Web. (See: hypertext.)
|
||
|
||
$ IAB
|
||
See: Internet Architecture Board.
|
||
|
||
$ IANA
|
||
See: Internet Assigned Numbers Authority.
|
||
|
||
$ ICANN
|
||
See: Internet Corporation for Assigned Names and Numbers.
|
||
|
||
$ ICMP
|
||
See: Internet Control Message Protocol.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 83]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ ICMP flood
|
||
(I) A denial of service attack that sends a host more ICMP echo
|
||
request ("ping") packets than the protocol implementation can
|
||
handle. (See: flooding, smurf.)
|
||
|
||
$ ICRL
|
||
See: indirect certificate revocation list.
|
||
|
||
$ IDEA
|
||
See: International Data Encryption Algorithm.
|
||
|
||
$ identification
|
||
(I) An act or process that presents an identifier to a system so
|
||
that the system can recognize a system entity and distinguish it
|
||
from other entities. (See: authentication.)
|
||
|
||
$ Identification Protocol
|
||
(I) An client-server Internet protocol [R1413] for learning the
|
||
identity of a user of a particular TCP connection.
|
||
|
||
(C) Given a TCP port number pair, the server returns a character
|
||
string that identifies the owner of that connection on the
|
||
server's system. The protocol is not intended for authorization or
|
||
access control. At best, it provides additional auditing
|
||
information with respect to TCP.
|
||
|
||
$ identity-based security policy
|
||
(I) "A security policy based on the identities and/or attributes
|
||
of users, a group of users, or entities acting on behalf of the
|
||
users and the resources/objects being accessed." [I7498 Part 2]
|
||
(See: rule-based security policy.)
|
||
|
||
$ IEEE
|
||
See: Institute of Electrical and Electronics Engineers, Inc.
|
||
|
||
$ IEEE 802.10
|
||
(N) An IEEE committee developing security standards for local area
|
||
networks. (See: SILS.)
|
||
|
||
$ IEEE P1363
|
||
(N) An IEEE working group, Standard for Public-Key Cryptography,
|
||
developing a comprehensive reference standard for asymmetric
|
||
cryptography. Covers discrete logarithm (e.g., DSA), elliptic
|
||
curve, and integer factorization (e.g., RSA); and covers key
|
||
agreement, digital signature, and encryption.
|
||
|
||
$ IESG
|
||
See: Internet Engineering Steering Group.
|
||
|
||
|
||
|
||
Shirey Informational [Page 84]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ IETF
|
||
See: Internet Engineering Task Force.
|
||
|
||
$ IKE
|
||
See: IPsec Key Exchange.
|
||
|
||
$ IMAP4
|
||
See: Internet Message Access Protocol, version 4.
|
||
|
||
$ IMAP4 AUTHENTICATE
|
||
(I) A IMAP4 "command" (better described as a transaction type, or
|
||
a protocol-within-a-protocol) by which an IMAP4 client optionally
|
||
proposes a mechanism to an IMAP4 server to authenticate the client
|
||
to the server and provide other security services. (See: POP3.)
|
||
|
||
(C) If the server accepts the proposal, the command is followed by
|
||
performing a challenge-response authentication protocol and,
|
||
optionally, negotiating a protection mechanism for subsequent POP3
|
||
interactions. The security mechanisms that are used by IMAP4
|
||
AUTHENTICATE--including Kerberos, GSSAPI, and S/Key--are described
|
||
in [R1731].
|
||
|
||
$ in the clear
|
||
(I) Not encrypted. (See: cleartext.)
|
||
|
||
$ indirect certificate revocation list (ICRL)
|
||
(I) In X.509, a CRL that may contain certificate revocation
|
||
notifications for certificates issued by CAs other than the issuer
|
||
of the ICRL.
|
||
|
||
$ indistinguishability
|
||
(I) An attribute of an encryption algorithm that is a
|
||
formalization of the notion that the encryption of some string is
|
||
indistinguishable from the encryption of an equal-length string of
|
||
nonsense.
|
||
|
||
(C) Under certain conditions, this notion is equivalent to
|
||
"semantic security".
|
||
|
||
$ information
|
||
(I) Facts and ideas, which can be represented (encoded) as various
|
||
forms of data.
|
||
|
||
$ Information Technology Security Evaluation Criteria (ITSEC)
|
||
(N) Standard developed for use in the European Union; accommodates
|
||
a wider range of security assurance and functionality combinations
|
||
than the TCSEC. Superseded by the Common Criteria. [ITSEC]
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 85]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ INFOSEC
|
||
(I) Abbreviation for "information security", referring to security
|
||
measures that implement and assure security services in computer
|
||
systems (i.e., COMPUSEC) and communication systems (i.e., COMSEC).
|
||
|
||
$ initialization value (IV)
|
||
(I) An input parameter that sets the starting state of a
|
||
cryptographic algorithm or mode. (Sometimes called "initialization
|
||
vector" or "message indicator".)
|
||
|
||
(C) An IV can be used to introduce cryptographic variance in
|
||
addition to that provided by a key (see: salt), and to synchronize
|
||
one cryptographic process with another. For an example of the
|
||
latter, cipher block chaining mode requires an IV. [R2405]
|
||
|
||
$ initialization vector
|
||
(D) For consistency, ISDs SHOULD NOT use this term as a synonym
|
||
for "initialization value".
|
||
|
||
$ insider attack
|
||
See: (secondary definition under) attack.
|
||
|
||
$ Institute of Electrical and Electronics Engineers, Inc. (IEEE)
|
||
(N) The IEEE is a not-for-profit association of more than 330,000
|
||
individual members in 150 countries. The IEEE produces 30 percent
|
||
of the world's published literature in electrical engineering,
|
||
computers, and control technology; holds annually more than 300
|
||
major conferences; and has more than 800 active standards with 700
|
||
under development. (See: Standards for Interoperable LAN/MAN
|
||
Security.)
|
||
|
||
$ integrity
|
||
See: data integrity, correctness integrity, source integrity,
|
||
system integrity.
|
||
|
||
$ integrity check
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "cryptographic
|
||
hash" or "protected checksum", because this term unnecessarily
|
||
duplicates the meaning of other, well-established terms.
|
||
|
||
$ intelligent threat
|
||
(I) A circumstance in which an adversary has the technical and
|
||
operational capability to detect and exploit a vulnerability and
|
||
also has the demonstrated, presumed, or inferred intent to do so.
|
||
(See: threat.)
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 86]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ International Data Encryption Algorithm (IDEA)
|
||
(N) A patented, symmetric block cipher that uses a 128-bit key and
|
||
operates on 64-bit blocks. [Schn] (See: symmetric cryptography.)
|
||
|
||
$ International Standard
|
||
See: (secondary definition under) ISO.
|
||
|
||
$ International Traffic in Arms Regulations (ITAR)
|
||
(N) Rules issued by the U.S. State Department, by authority of the
|
||
Arms Export Control Act (22 U.S.C. 2778), to control export and
|
||
import of defense articles and defense services, including
|
||
information security systems, such as cryptographic systems, and
|
||
TEMPEST suppression technology. (See: Wassenaar Arrangement.)
|
||
|
||
$ internet
|
||
$ Internet
|
||
See: internet vs. Internet.
|
||
|
||
$ Internet Architecture Board (IAB)
|
||
(I) A technical advisory group of the ISOC, chartered by the ISOC
|
||
Trustees to provide oversight of Internet architecture and
|
||
protocols and, in the context of Internet Standards, a body to
|
||
which decisions of the IESG may be appealed. Responsible for
|
||
approving appointments to the IESG from among nominees submitted
|
||
by the IETF nominating committee. [R2026]
|
||
|
||
$ Internet Assigned Numbers Authority (IANA)
|
||
(I) From the early days of the Internet, the IANA was chartered by
|
||
the ISOC and the U.S. Government's Federal Network Council to be
|
||
the central coordination, allocation, and registration body for
|
||
parameters for Internet protocols. Superseded by ICANN.
|
||
|
||
$ Internet Control Message Protocol (ICMP)
|
||
(I) An Internet Standard protocol [R0792] that is used to report
|
||
error conditions during IP datagram processing and to exchange
|
||
other information concerning the state of the IP network.
|
||
|
||
$ Internet Corporation for Assigned Names and Numbers (ICANN)
|
||
(I) The non-profit, private corporation that has assumed
|
||
responsibility for the IP address space allocation, protocol
|
||
parameter assignment, domain name system management, and root
|
||
server system management functions formerly performed under U.S.
|
||
Government contract by IANA and other entities.
|
||
|
||
(C) The Internet Protocol Suite, as defined by the IETF and the
|
||
IESG, contains numerous parameters, such as internet addresses,
|
||
domain names, autonomous system numbers, protocol numbers, port
|
||
numbers, management information base object identifiers, including
|
||
|
||
|
||
|
||
Shirey Informational [Page 87]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
private enterprise numbers, and many others. The Internet
|
||
community requires that the values used in these parameter fields
|
||
be assigned uniquely. ICANN makes those assignments as requested
|
||
and maintains a registry of the current values.
|
||
|
||
(C) ICANN was formed in October 1998, by a coalition of the
|
||
Internet's business, technical, and academic communities. The U.S.
|
||
Government designated ICANN to serve as the global consensus
|
||
entity with responsibility for coordinating four key functions for
|
||
the Internet: the allocation of IP address space, the assignment
|
||
of protocol parameters, the management of the DNS, and the
|
||
management of the DNS root server system.
|
||
|
||
$ Internet Draft
|
||
(I) A working document of the IETF, its areas, and its working
|
||
groups. (Other groups may also distribute working documents as
|
||
Internet Drafts.) An Internet Draft is not an archival document
|
||
like an RFC is. Instead, an Internet Draft is a preliminary or
|
||
working document that is valid for a maximum of six months and may
|
||
be updated, replaced, or made obsolete by other documents at any
|
||
time. It is inappropriate to use an Internet Draft as reference
|
||
material or to cite it other than as "work in progress."
|
||
|
||
$ Internet Engineering Steering Group (IESG)
|
||
(I) The part of the ISOC responsible for technical management of
|
||
IETF activities and administration of the Internet Standards
|
||
Process according to procedures approved by the ISOC Trustees.
|
||
Directly responsible for actions along the "standards track",
|
||
including final approval of specifications as Internet Standards.
|
||
Composed of IETF Area Directors and the IETF chairperson, who also
|
||
chairs the IESG. [R2026]
|
||
|
||
$ Internet Engineering Task Force (IETF)
|
||
(I) A self-organized group of people who make contributions to the
|
||
development of Internet technology. The principal body engaged in
|
||
developing Internet Standards, although not itself a part of the
|
||
ISOC. Composed of Working Groups, which are arranged into Areas
|
||
(such as the Security Area), each coordinated by one or more Area
|
||
Directors. Nominations to the IAB and the IESG are made by a
|
||
committee selected at random from regular IETF meeting attendees
|
||
who have volunteered. [R2026, R2323]
|
||
|
||
$ Internet Message Access Protocol, version 4 (IMAP4)
|
||
(I) An Internet protocol [R2060] by which a client workstation can
|
||
dynamically access a mailbox on a server host to manipulate and
|
||
retrieve mail messages that the server has received and is holding
|
||
for the client. (See: POP3.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 88]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) IMAP4 has mechanisms for optionally authenticating a client to
|
||
a server and providing other security services. (See: IMAP4
|
||
AUTHENTICATE.)
|
||
|
||
$ Internet Policy Registration Authority (IPRA)
|
||
(I) An X.509-compliant CA that is the top CA of the Internet
|
||
certification hierarchy operated under the auspices of the ISOC
|
||
[R1422]. (See: (PEM usage under) certification hierarchy.)
|
||
|
||
$ Internet Protocol (IP)
|
||
(I) A Internet Standard protocol (version 4 [R0791] and version 6
|
||
[R2460]) that moves datagrams (discrete sets of bits) from one
|
||
computer to another across an internetwork but does not provide
|
||
reliable delivery, flow control, sequencing, or other end-to-end
|
||
services that TCP provides. (See: IP address, TCP/IP.)
|
||
|
||
(C) In the OSIRM, IP would be located at the top of layer 3.
|
||
|
||
$ Internet Protocol security (IPsec)
|
||
(I) (1.) The name of the IETF working group that is specifying a
|
||
security architecture [R2401] and protocols to provide security
|
||
services for Internet Protocol traffic. (2.) A collective name for
|
||
that architecture and set of protocols. (Implementation of IPsec
|
||
protocols is optional for IP version 4, but mandatory for IP
|
||
version 6.) (See: Internet Protocol Security Option.)
|
||
|
||
(C) Note that the letters "sec" are lower-case.
|
||
|
||
(C) The IPsec architecture specifies (a) security protocols (AH
|
||
and ESP), (b) security associations (what they are, how they work,
|
||
how they are managed, and associated processing), (c) key
|
||
management (IKE), and (d) algorithms for authentication and
|
||
encryption. The set of security services include access control
|
||
service, connectionless data integrity service, data origin
|
||
authentication service, protection against replays (detection of
|
||
the arrival of duplicate datagrams, within a constrained window),
|
||
data confidentiality service, and limited traffic flow
|
||
confidentiality.
|
||
|
||
$ Internet Protocol Security Option (IPSO)
|
||
(I) Refers to one of three types of IP security options, which are
|
||
fields that may be added to an IP datagram for the purpose of
|
||
carrying security information about the datagram. (See: IPsec.)
|
||
|
||
(D) ISDs SHOULD NOT use this term without a modifier to indicate
|
||
which of the three types is meant.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 89]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
1. "DoD Basic Security Option" (IP option type 130): Defined for
|
||
use on U.S. Department of Defense common user data networks.
|
||
Identifies the Defense classification level at which the
|
||
datagram is to be protected and the protection authorities
|
||
whose rules apply to the datagram. [R1108]
|
||
|
||
A "protection authority" is a National Access Program (e.g.,
|
||
GENSER, SIOP-ESI, SCI, NSA, Department of Energy) or Special
|
||
Access Program that specifies protection rules for transmission
|
||
and processing of the information contained in the datagram.
|
||
[R1108]
|
||
|
||
2. "DoD Extended Security Option" (IP option type 133): Permits
|
||
additional security labeling information, beyond that present
|
||
in the Basic Security Option, to be supplied in the datagram to
|
||
meet the needs of registered authorities. [R1108]
|
||
|
||
3. "Common IP Security Option" (CIPSO) (IP option type 134):
|
||
Designed by TSIG to carry hierarchic and non-hierarchic
|
||
security labels. (Formerly called "Commercial IP Security
|
||
Option".) Was published as Internet-Draft [CIPSO]; not advanced
|
||
to RFC.
|
||
|
||
$ Internet Protocol Suite
|
||
See: (secondary definition under) Internet.
|
||
|
||
$ Internet Security Association and Key Management Protocol (ISAKMP)
|
||
(I) An Internet IPsec protocol [R2408] to negotiate, establish,
|
||
modify, and delete security associations, and to exchange key
|
||
generation and authentication data, independent of the details of
|
||
any specific key generation technique, key establishment protocol,
|
||
encryption algorithm, or authentication mechanism.
|
||
|
||
(C) ISAKMP supports negotiation of security associations for
|
||
protocols at all TCP/IP layers. By centralizing management of
|
||
security associations, ISAKMP reduces duplicated functionality
|
||
within each protocol. ISAKMP can also reduce connection setup
|
||
time, by negotiating a whole stack of services at once. Strong
|
||
authentication is required on ISAKMP exchanges, and a digital
|
||
signature algorithm based on asymmetric cryptography is used
|
||
within ISAKMP's authentication component.
|
||
|
||
$ Internet Society (ISOC)
|
||
(I) A professional society concerned with Internet development
|
||
(including technical Internet Standards); with how the Internet is
|
||
and can be used; and with social, political, and technical issues
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 90]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
that result. The ISOC Board of Trustees approves appointments to
|
||
the IAB from among nominees submitted by the IETF nominating
|
||
committee. [R2026]
|
||
|
||
$ Internet Standard
|
||
(I) A specification, approved by the IESG and published as an RFC,
|
||
that is stable and well-understood, is technically competent, has
|
||
multiple, independent, and interoperable implementations with
|
||
substantial operational experience, enjoys significant public
|
||
support, and is recognizably useful in some or all parts of the
|
||
Internet. [R2026] (See: RFC.)
|
||
|
||
(C) The Internet Standards Process is an activity of the ISOC and
|
||
is organized and managed by the IAB and the IESG. The process is
|
||
concerned with all protocols, procedures, and conventions used in
|
||
or by the Internet, whether or not they are part of the Internet
|
||
Protocol Suite. The "Internet Standards Track" has three levels of
|
||
increasing maturity: Proposed Standard, Draft Standard, and
|
||
Standard. (See: (standards levels under) ISO.)
|
||
|
||
$ Internet Standards document (ISD)
|
||
(C) In this Glossary, this term refers to an RFC, Internet-Draft,
|
||
or other item that is produced as part of the Internet Standards
|
||
Process [R2026]. However, neither the term nor the abbreviation is
|
||
widely accepted and, therefore, SHOULD NOT be used in an ISD
|
||
unless it is accompanied by an explanation like this. (See:
|
||
Internet Standard.)
|
||
|
||
$ internet vs. Internet
|
||
1. (I) Not capitalized: A popular abbreviation for "internetwork".
|
||
|
||
2. (I) Capitalized: "The Internet" is the single, interconnected,
|
||
worldwide system of commercial, government, educational, and other
|
||
computer networks that share the set of protocols specified by the
|
||
IAB [R2026] and the name and address spaces managed by the ICANN.
|
||
|
||
(C) The protocol set is named the "Internet Protocol Suite". It
|
||
also is popularly known as "TCP/IP", because TCP and IP are two of
|
||
its fundamental components. These protocols enable a user of any
|
||
one of the networks in the Internet to communicate with, or use
|
||
services located on, any of the other networks.
|
||
|
||
(C) Although the Internet does have architectural principles
|
||
[R1958], no Internet Standard formally defines a layered reference
|
||
model for the IPS that is similar to the OSIRM. However, Internet
|
||
community documents do refer (inconsistently) to layers:
|
||
application, socket, transport, internetwork, network, data link,
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 91]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
and physical. In this Glossary, Internet layers are referred to by
|
||
name to avoid confusing them with OSIRM layers, which are referred
|
||
to by number.
|
||
|
||
$ internetwork
|
||
(I) A system of interconnected networks; a network of networks.
|
||
Usually shortened to "internet". (See: internet vs. Internet.)
|
||
|
||
(C) An internet is usually built using OSI layer 3 gateways to
|
||
connect a set of subnetworks. When the subnetworks differ in the
|
||
OSI layer 3 protocol service they provide, the gateways sometimes
|
||
implement a uniform internetwork protocol (e.g., IP) that operates
|
||
at the top of layer 3 and hides the underlying heterogeneity from
|
||
hosts that use communication services provided by the internet.
|
||
(See: router.)
|
||
|
||
$ intranet
|
||
(I) A computer network, especially one based on Internet
|
||
technology, that an organization uses for its own internal, and
|
||
usually private, purposes and that is closed to outsiders. (See:
|
||
extranet, virtual private network.)
|
||
|
||
$ intruder
|
||
(I) An entity that gains or attempts to gain access to a system or
|
||
system resource without having authorization to do so. (See:
|
||
cracker.)
|
||
|
||
$ intrusion
|
||
See: security intrusion.
|
||
|
||
$ intrusion detection
|
||
(I) A security service that monitors and analyzes system events
|
||
for the purpose of finding, and providing real-time or near real-
|
||
time warning of, attempts to access system resources in an
|
||
unauthorized manner.
|
||
|
||
$ invalidity date
|
||
(N) An X.509 CRL entry extension that "indicates the date at which
|
||
it is known or suspected that the [revoked certificate's private
|
||
key] was compromised or that the certificate should otherwise be
|
||
considered invalid" [X509].
|
||
|
||
(C) This date may be earlier than the revocation date in the CRL
|
||
entry, and may even be earlier than the date of issue of earlier
|
||
CRLs. However, the invalidity date is not, by itself, sufficient
|
||
for purposes of non-repudiation service. For example, to
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 92]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
fraudulently repudiate a validly-generated signature, a private
|
||
key holder may falsely claim that the key was compromised at some
|
||
time in the past.
|
||
|
||
$ IP
|
||
See: Internet Protocol.
|
||
|
||
$ IP address
|
||
(I) A computer's internetwork address that is assigned for use by
|
||
the Internet Protocol and other protocols.
|
||
|
||
(C) An IP version 4 [R0791] address is written as a series of four
|
||
8-bit numbers separated by periods. For example, the address of
|
||
the host named "rosslyn.bbn.com" is 192.1.7.10.
|
||
|
||
(C) An IP version 6 [R2373] address is written as x:x:x:x:x:x:x:x,
|
||
where each "x" is the hexadecimal value of one of the eight 16-bit
|
||
parts of the address. For example, 1080:0:0:0:8:800:200C:417A and
|
||
FEDC:BA98:7654:3210:FEDC:BA98:7654:3210.
|
||
|
||
$ IP Security Option
|
||
See: Internet Protocol Security Option.
|
||
|
||
$ IPRA
|
||
See: Internet Policy Registration Authority.
|
||
|
||
$ IPsec
|
||
See: Internet Protocol security.
|
||
|
||
$ IPsec Key Exchange (IKE)
|
||
(I) An Internet, IPsec, key-establishment protocol [R2409] (partly
|
||
based on OAKLEY) that is intended for putting in place
|
||
authenticated keying material for use with ISAKMP and for other
|
||
security associations, such as in AH and ESP.
|
||
|
||
$ IPSO
|
||
See: Internet Protocol Security Option.
|
||
|
||
$ ISAKMP
|
||
See: Internet Security Association and Key Management Protocol.
|
||
|
||
$ ISD
|
||
See: Internet Standards document.
|
||
|
||
$ ISO
|
||
(I) International Organization for Standardization, a voluntary,
|
||
non-treaty, non-government organization, established in 1947, with
|
||
voting members that are designated standards bodies of
|
||
|
||
|
||
|
||
Shirey Informational [Page 93]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
participating nations and non-voting observer organizations. (See:
|
||
ANSI, ITU-T.)
|
||
|
||
(C) Legally, ISO is a Swiss, non-profit, private organization. ISO
|
||
and the IEC (the International Electrotechnical Commission) form
|
||
the specialized system for worldwide standardization. National
|
||
bodies that are members of ISO or IEC participate in developing
|
||
international standards through ISO and IEC technical committees
|
||
that deal with particular fields of activity. Other international
|
||
governmental and non-governmental organizations, in liaison with
|
||
ISO and IEC, also take part. (ANSI is the U.S. voting member of
|
||
ISO. ISO is a class D member of ITU-T.)
|
||
|
||
(C) The ISO standards development process has four levels of
|
||
increasing maturity: Working Draft (WD), Committee Draft (CD),
|
||
Draft International Standard (DIS), and International Standard
|
||
(IS). (See: (standards track levels under) Internet Standard.) In
|
||
information technology, ISO and IEC have a joint technical
|
||
committee, ISO/IEC JTC 1. DISs adopted by JTC 1 are circulated to
|
||
national bodies for voting, and publication as an IS requires
|
||
approval by at least 75% of the national bodies casting a vote.
|
||
|
||
$ ISOC
|
||
See: Internet Society.
|
||
|
||
$ issue (a digital certificate or CRL)
|
||
(I) Generate and sign a digital certificate (or CRL) and, usually,
|
||
distribute it and make it available to potential certificate users
|
||
(or CRL users). (See: certificate creation.)
|
||
|
||
(C) The ABA Guidelines [ABA] explicitly limit this term to
|
||
certificate creation, and exclude the act of publishing. In
|
||
general usage, however, "issuing" a digital certificate (or CRL)
|
||
includes not only certificate creation but also making it
|
||
available to potential users, such as by storing it in a
|
||
repository or other directory or otherwise publishing it.
|
||
|
||
$ issuer
|
||
1. (I) "Issuer" of a certificate or CRL: The CA that signs the
|
||
digital certificate or CRL.
|
||
|
||
(C) An X.509 certificate always includes the issuer's name. The
|
||
name may include a common name value.
|
||
|
||
2. (N) "Issuer" of a payment card: SET usage: "The financial
|
||
institution or its agent that issues the unique primary account
|
||
number to the cardholder for the payment card brand." [SET2]
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 94]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) The institution that establishes the account for a cardholder
|
||
and issues the payment card also guarantees payment for authorized
|
||
transactions that use the card in accordance with card brand
|
||
regulations and local legislation. [SET1]
|
||
|
||
$ ITAR
|
||
See: International Traffic in Arms Regulations.
|
||
|
||
$ ITSEC
|
||
See: Information Technology System Evaluation Criteria.
|
||
|
||
$ ITU-T
|
||
(N) International Telecommunications Union, Telecommunication
|
||
Standardization Sector (formerly "CCITT"), a United Nations treaty
|
||
organization that is composed mainly of postal, telephone, and
|
||
telegraph authorities of the member countries and that publishes
|
||
standards called "Recommendations". (See: X.400, X.500.)
|
||
|
||
(C) The Department of State represents the United States. ITU-T
|
||
works on many kinds of communication systems. ITU-T cooperates
|
||
with ISO on communication protocol standards, and many
|
||
Recommendations in that area are also published as an ISO standard
|
||
with an ISO name and number.
|
||
|
||
$ IV
|
||
See: initialization value.
|
||
|
||
$ KDC
|
||
See: Key Distribution Center.
|
||
|
||
$ KEA
|
||
See: Key Exchange Algorithm.
|
||
|
||
$ KEK
|
||
See: key-encrypting key.
|
||
|
||
$ Kerberos
|
||
(N) A system developed at the Massachusetts Institute of
|
||
Technology that depends on passwords and symmetric cryptography
|
||
(DES) to implement ticket-based, peer entity authentication
|
||
service and access control service distributed in a client-server
|
||
network environment. [R1510, Stei]
|
||
|
||
(C) Kerberos was developed by Project Athena and is named for the
|
||
three-headed dog guarding Hades.
|
||
|
||
$ key
|
||
See: cryptographic key.
|
||
|
||
|
||
|
||
Shirey Informational [Page 95]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ key agreement (algorithm or protocol)
|
||
(I) A key establishment method (especially one involving
|
||
asymmetric cryptography) by which two or more entities, without
|
||
prior arrangement except a public exchange of data (such as public
|
||
keys), each computes the same key value. I.e., each can
|
||
independently generate the same key value, but that key cannot be
|
||
computed by other entities. (See: Diffie-Hellman, key
|
||
establishment, Key Exchange Algorithm, key transport.)
|
||
|
||
(O) "A method for negotiating a key value on line without
|
||
transferring the key, even in an encrypted form, e.g., the Diffie-
|
||
Hellman technique." [X509]
|
||
|
||
(O) "The procedure whereby two different parties generate shared
|
||
symmetric keys such that any of the shared symmetric keys is a
|
||
function of the information contributed by all legitimate
|
||
participants, so that no party [alone] can predetermine the value
|
||
of the key." [A9042]
|
||
|
||
(C) For example, a message originator and the intended recipient
|
||
can each use their own private key and the other's public key with
|
||
the Diffie-Hellman algorithm to first compute a shared secret
|
||
value and, from that value, derive a session key to encrypt the
|
||
message.
|
||
|
||
$ key authentication
|
||
(N) "The assurance of the legitimate participants in a key
|
||
agreement that no non-legitimate party possesses the shared
|
||
symmetric key." [A9042]
|
||
|
||
$ key center
|
||
(I) A centralized key distribution process (used in symmetric
|
||
cryptography), usually a separate computer system, that uses key-
|
||
encrypting keys (master keys) to encrypt and distribute session
|
||
keys needed in a community of users.
|
||
|
||
(C) An ANSI standard [A9017] defines two types of key center: key
|
||
distribution center and key translation center.
|
||
|
||
$ key confirmation
|
||
(N) "The assurance of the legitimate participants in a key
|
||
establishment protocol that the intended parties sharing the
|
||
symmetric key actually possess the shared symmetric key." [A9042]
|
||
|
||
$ key distribution
|
||
(I) A process that delivers a cryptographic key from the location
|
||
where it is generated to the locations where it is used in a
|
||
cryptographic algorithm. (See: key management.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 96]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ key distribution center (KDC)
|
||
(I) A type of key center (used in symmetric cryptography) that
|
||
implements a key distribution protocol to provide keys (usually,
|
||
session keys) to two (or more) entities that wish to communicate
|
||
securely. (See: key translation center.)
|
||
|
||
(C) A KDC distributes keys to Alice and Bob, who (a) wish to
|
||
communicate with each other but do not currently share keys, (b)
|
||
each share a KEK with the KDC, and (c) may not be able to generate
|
||
or acquire keys by themselves. Alice requests the keys from the
|
||
KDC. The KDC generates or acquires the keys and makes two
|
||
identical sets. The KDC encrypts one set in the KEK it shares with
|
||
Alice, and sends that encrypted set to Alice. The KDC encrypts the
|
||
second set in the KEK it shares with Bob, and either sends that
|
||
encrypted set to Alice for her to forward to Bob, or sends it
|
||
directly to Bob (although the latter option is not supported in
|
||
the ANSI standard [A9017]).
|
||
|
||
$ key encapsulation
|
||
See: (secondary definition under) key recovery.
|
||
|
||
$ key-encrypting key (KEK)
|
||
(I) A cryptographic key that is used to encrypt other keys, either
|
||
DEKs or other KEKs, but usually is not used to encrypt application
|
||
data.
|
||
|
||
$ key escrow
|
||
See: (secondary definition under) key recovery.
|
||
|
||
$ key establishment (algorithm or protocol)
|
||
(I) A process that combines the key generation and key
|
||
distribution steps needed to set up or install a secure
|
||
communication association. (See: key agreement, key transport.)
|
||
|
||
(O) "The procedure to share a symmetric key among different
|
||
parties by either key agreement or key transport." [A9042]
|
||
|
||
(C) Key establishment involves either key agreement or key
|
||
transport:
|
||
|
||
- Key transport: One entity generates a secret key and securely
|
||
sends it to the other entity. (Or each entity generates a
|
||
secret value and securely sends it to the other entity, where
|
||
the two values are combined to form a secret key.)
|
||
|
||
- Key agreement: No secret is sent from one entity to another.
|
||
Instead, both entities, without prior arrangement except a
|
||
public exchange of data, compute the same secret value. I.e.,
|
||
|
||
|
||
|
||
Shirey Informational [Page 97]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
each can independently generate the same value, but that value
|
||
cannot be computed by other entities.
|
||
|
||
$ Key Exchange Algorithm (KEA)
|
||
(N) A key agreement algorithm [NIST] that is similar to the
|
||
Diffie-Hellman algorithm, uses 1024-bit asymmetric keys, and was
|
||
developed and formerly classified at the "Secret" level by NSA.
|
||
(See: CAPSTONE, CLIPPER, FORTEZZA, SKIPJACK.)
|
||
|
||
(C) On 23 June 1998, the NSA announced that KEA had been
|
||
declassified.
|
||
|
||
$ key generation
|
||
(I) A process that creates the sequence of symbols that comprise a
|
||
cryptographic key. (See: key management.)
|
||
|
||
$ key generator
|
||
1. (I) An algorithm that uses mathematical rules to
|
||
deterministically produce a pseudo-random sequence of
|
||
cryptographic key values.
|
||
|
||
2. (I) An encryption device that incorporates a key generation
|
||
mechanism and applies the key to plaintext (e.g., by exclusive OR-
|
||
ing the key bit string with the plaintext bit string) to produce
|
||
ciphertext.
|
||
|
||
$ key length
|
||
(I) The number of symbols (usually bits) needed to be able to
|
||
represent any of the possible values of a cryptographic key. (See:
|
||
key space.)
|
||
|
||
$ key lifetime
|
||
(N) MISSI usage: An attribute of a MISSI key pair that specifies a
|
||
time span that bounds the validity period of any MISSI X.509
|
||
public-key certificate that contains the public component of the
|
||
pair. (See: cryptoperiod.)
|
||
|
||
$ key management
|
||
(I) The process of handling and controlling cryptographic keys and
|
||
related material (such as initialization values) during their life
|
||
cycle in a cryptographic system, including ordering, generating,
|
||
distributing, storing, loading, escrowing, archiving, auditing,
|
||
and destroying the material. (See: key distribution, key escrow,
|
||
keying material, public-key infrastructure.)
|
||
|
||
(O) "The generation, storage, distribution, deletion, archiving
|
||
and application of keys in accordance with a security policy."
|
||
[I7498 Part 2]
|
||
|
||
|
||
|
||
Shirey Informational [Page 98]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(O) "The activities involving the handling of cryptographic keys
|
||
and other related security parameters (e.g., IVs, counters) during
|
||
the entire life cycle of the keys, including their generation,
|
||
storage, distribution, entry and use, deletion or destruction, and
|
||
archiving." [FP140]
|
||
|
||
$ Key Management Protocol (KMP)
|
||
(N) A protocol to establish a shared symmetric key between a pair
|
||
(or a group) of users. (One version of KMP was developed by SDNS,
|
||
and another by SILS.)
|
||
|
||
$ key material identifier (KMID)
|
||
(N) MISSI usage: A 64-bit identifier that is assigned to a key
|
||
pair when the public key is bound in a MISSI X.509 public-key
|
||
certificate.
|
||
|
||
$ key pair
|
||
(I) A set of mathematically related keys--a public key and a
|
||
private key--that are used for asymmetric cryptography and are
|
||
generated in a way that makes it computationally infeasible to
|
||
derive the private key from knowledge of the public key (e.g.,
|
||
see: Diffie-Hellman, Rivest-Shamir-Adleman).
|
||
|
||
(C) A key pair's owner discloses the public key to other system
|
||
entities so they can use the key to encrypt data, verify a digital
|
||
signature, compute a protected checksum, or generate a key in a
|
||
key agreement algorithm. The matching private key is kept secret
|
||
by the owner, who uses it to decrypt data, generate a digital
|
||
signature, verify a protected checksum, or generate a key in a key
|
||
agreement algorithm.
|
||
|
||
$ key recovery
|
||
1. (I) A process for learning the value of a cryptographic key
|
||
that was previously used to perform some cryptographic operation.
|
||
(See: cryptanalysis.)
|
||
|
||
2. (I) Techniques that provide an intentional, alternate (i.e.,
|
||
secondary) means to access the key used for data confidentiality
|
||
service in an encrypted association. [DOD4]
|
||
|
||
(C) We assume that the encryption mechanism has a primary means of
|
||
obtaining the key through a key establishment algorithm or
|
||
protocol. For the secondary means, there are two classes of key
|
||
recovery techniques--key escrow and key encapsulation:
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 99]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- "Key escrow": A key recovery technique for storing knowledge of
|
||
a cryptographic key or parts thereof in the custody of one or
|
||
more third parties called "escrow agents", so that the key can
|
||
be recovered and used in specified circumstances.
|
||
|
||
Key escrow is typically implemented with split knowledge
|
||
techniques. For example, the Escrowed Encryption Standard
|
||
[FP185] entrusts two components of a device-unique split key to
|
||
separate escrow agents. The agents provide the components only
|
||
to someone legally authorized to conduct electronic
|
||
surveillance of telecommunications encrypted by that specific
|
||
device. The components are used to reconstruct the device-
|
||
unique key, and it is used to obtain the session key needed to
|
||
decrypt communications.
|
||
|
||
- "Key encapsulation": A key recovery technique for storing
|
||
knowledge of a cryptographic key by encrypting it with another
|
||
key and ensuring that that only certain third parties called
|
||
"recovery agents" can perform the decryption operation to
|
||
retrieve the stored key.
|
||
|
||
Key encapsulation typically allows direct retrieval of the
|
||
secret key used to provide data confidentiality.
|
||
|
||
$ key space
|
||
(I) The range of possible values of a cryptographic key; or the
|
||
number of distinct transformations supported by a particular
|
||
cryptographic algorithm. (See: key length.)
|
||
|
||
$ key translation center
|
||
(I) A type of key center (used in a symmetric cryptography) that
|
||
implements a key distribution protocol to convey keys between two
|
||
(or more) parties who wish to communicate securely. (See: key
|
||
distribution center.)
|
||
|
||
(C) A key translation center translates keys for future
|
||
communication between Bob and Alice, who (a) wish to communicate
|
||
with each other but do not currently share keys, (b) each share a
|
||
KEK with the center, and (c) have the ability to generate or
|
||
acquire keys by themselves. Alice generates or acquires a set of
|
||
keys for communication with Bob. Alice encrypts the set in the KEK
|
||
she shares with the center and sends the encrypted set to the
|
||
center. The center decrypts the set, reencrypts the set in the KEK
|
||
it shares with Bob, and either sends that encrypted set to Alice
|
||
for her to forward to Bob, or sends it directly to Bob (although
|
||
direct distribution is not supported in the ANSI standard
|
||
[A9017]).
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 100]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ key transport (algorithm or protocol)
|
||
(I) A key establishment method by which a secret key is generated
|
||
by one entity in a communication association and securely sent to
|
||
another entity in the association. (See: key agreement.)
|
||
|
||
(O) "The procedure to send a symmetric key from one party to other
|
||
parties. As a result, all legitimate participants share a common
|
||
symmetric key in such a way that the symmetric key is determined
|
||
entirely by one party." [A9042]
|
||
|
||
(C) For example, a message originator can generate a random
|
||
session key and then use the Rivest-Shamir-Adleman algorithm to
|
||
encrypt that key with the public key of the intended recipient.
|
||
|
||
$ key update
|
||
(I) Derive a new key from an existing key. (See: certificate
|
||
rekey.)
|
||
|
||
$ key validation
|
||
(N) "The procedure for the receiver of a public key to check that
|
||
the key conforms to the arithmetic requirements for such a key in
|
||
order to thwart certain types of attacks." [A9042]
|
||
|
||
$ keyed hash
|
||
(I) A cryptographic hash (e.g., [R1828]) in which the mapping to a
|
||
hash result is varied by a second input parameter that is a
|
||
cryptographic key. (See: checksum.)
|
||
|
||
(C) If the input data object is changed, a new hash result cannot
|
||
be correctly computed without knowledge of the secret key. Thus,
|
||
the secret key protects the hash result so it can be used as a
|
||
checksum even when there is a threat of an active attack on the
|
||
data. There are least two forms of keyed hash:
|
||
|
||
- A function based on a keyed encryption algorithm. (E.g., see:
|
||
Data Authentication Code.)
|
||
|
||
- A function based on a keyless hash that is enhanced by
|
||
combining (e.g., by concatenating) the input data object
|
||
parameter with a key parameter before mapping to the hash
|
||
result. (E.g., see: HMAC.)
|
||
|
||
$ keying material
|
||
(I) Data (such as keys, key pairs, and initialization values)
|
||
needed to establish and maintain a cryptographic security
|
||
association.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 101]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ KMID
|
||
See: key material identifier.
|
||
|
||
$ known-plaintext attack
|
||
(I) A cryptanalysis technique in which the analyst tries to
|
||
determine the key from knowledge of some plaintext-ciphertext
|
||
pairs (although the analyst may also have other clues, such as the
|
||
knowing the cryptographic algorithm).
|
||
|
||
$ L2F
|
||
See: Layer 2 Forwarding Protocol.
|
||
|
||
$ L2TP
|
||
See: Layer 2 Tunneling Protocol.
|
||
|
||
$ label
|
||
See: security label.
|
||
|
||
$ Language of Temporal Ordering Specification (LOTOS)
|
||
(N) A language (ISO 8807-1990) for formal specification of
|
||
computer network protocols; describes the order in which events
|
||
occur.
|
||
|
||
$ lattice model
|
||
(I) A security model for flow control in a system, based on the
|
||
lattice that is formed by the finite security levels in a system
|
||
and their partial ordering. [Denn] (See: flow control, security
|
||
level, security model.)
|
||
|
||
(C) The model describes the semantic structure formed by a finite
|
||
set of security levels, such as those used in military
|
||
organizations.
|
||
|
||
(C) A lattice is a finite set together with a partial ordering on
|
||
its elements such that for every pair of elements there is a least
|
||
upper bound and a greatest lower bound. For example, a lattice is
|
||
formed by a finite set S of security levels -- i.e., a set S of all
|
||
ordered pairs (x, c), where x is one of a finite set X of
|
||
hierarchically ordered classification levels (X1, ..., Xm), and c
|
||
is a (possibly empty) subset of a finite set C of non-hierarchical
|
||
categories (C1, ..., Cn) -- together with the "dominate" relation.
|
||
(See: dominate.)
|
||
|
||
$ Law Enforcement Access Field (LEAF)
|
||
(N) A data item that is automatically embedded in data encrypted
|
||
by devices (e.g., see: CLIPPER chip) that implement the Escrowed
|
||
Encryption Standard.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 102]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ Layer 2 Forwarding Protocol (L2F)
|
||
(N) An Internet protocol (originally developed by Cisco
|
||
Corporation) that uses tunneling of PPP over IP to create a
|
||
virtual extension of a dial-up link across a network, initiated by
|
||
the dial-up server and transparent to the dial-up user. (See:
|
||
L2TP.)
|
||
|
||
$ Layer 2 Tunneling Protocol (L2TP)
|
||
(N) An Internet client-server protocol that combines aspects of
|
||
PPTP and L2F and supports tunneling of PPP over an IP network or
|
||
over frame relay or other switched network. (See: virtual private
|
||
network.)
|
||
|
||
(C) PPP can in turn encapsulate any OSI layer 3 protocol. Thus,
|
||
L2TP does not specify security services; it depends on protocols
|
||
layered above and below it to provide any needed security.
|
||
|
||
$ LDAP
|
||
See: Lightweight Directory Access Protocol.
|
||
|
||
$ least privilege
|
||
(I) The principle that a security architecture should be designed
|
||
so that each system entity is granted the minimum system resources
|
||
and authorizations that the entity needs to do its work. (See:
|
||
economy of mechanism.)
|
||
|
||
(C) This principle tends to limit damage that can be caused by an
|
||
accident, error, or unauthorized act.
|
||
|
||
$ Lightweight Directory Access Protocol (LDAP)
|
||
(N) A client-server protocol that supports basic use of the X.500
|
||
Directory (or other directory servers) without incurring the
|
||
resource requirements of the full Directory Access Protocol (DAP).
|
||
[R1777]
|
||
|
||
(C) Designed for simple management and browser applications that
|
||
provide simple read/write interactive directory service. Supports
|
||
both simple authentication and strong authentication of the client
|
||
to the directory server.
|
||
|
||
$ link
|
||
(I) World Wide Web usage: See: hyperlink.
|
||
|
||
(I) Subnetwork usage: A point-to-point communication channel
|
||
connecting two subnetwork relays (especially one between two
|
||
packet switches) that is implemented at OSI layer 2. (See: link
|
||
encryption.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 103]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) The relay computers assume that links are logically passive.
|
||
If a computer at one end of a link sends a sequence of bits, the
|
||
sequence simply arrives at the other end after a finite time,
|
||
although some bits may have been changed either accidentally
|
||
(errors) or by active wiretapping.
|
||
|
||
$ link-by-link encryption
|
||
$ link encryption
|
||
(I) Stepwise protection of data that flows between two points in a
|
||
network, provided by encrypting data separately on each network
|
||
link, i.e., by encrypting data when it leaves a host or subnetwork
|
||
relay and decrypting when it arrives at the next host or relay.
|
||
Each link may use a different key or even a different algorithm.
|
||
[R1455] (See: end-to-end encryption.)
|
||
|
||
$ logic bomb
|
||
(I) Malicious logic that activates when specified conditions are
|
||
met. Usually intended to cause denial of service or otherwise
|
||
damage system resources. (See: Trojan horse, virus, worm.)
|
||
|
||
$ login
|
||
(I) The act of a system entity gaining access to a session in
|
||
which the entity can use system resources; usually accomplished by
|
||
providing a user name and password to an access control system
|
||
that authenticates the user.
|
||
|
||
(C) Derives from "log" file", a security audit trail that records
|
||
security events, such as the beginning of sessions, and who
|
||
initiates them.
|
||
|
||
$ LOTOS
|
||
See: Language of Temporal Ordering Specification.
|
||
|
||
$ MAC
|
||
See: mandatory access control, Message Authentication Code.
|
||
|
||
$ malicious logic
|
||
(I) Hardware, software, or firmware that is intentionally included
|
||
or inserted in a system for a harmful purpose. (See: logic bomb,
|
||
Trojan horse, virus, worm.)
|
||
|
||
$ malware
|
||
(I) A contraction of "malicious software". (See: malicious logic.)
|
||
|
||
(D) ISDs SHOULD NOT use this term because it is not listed in most
|
||
dictionaries and could confuse international readers.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 104]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ man-in-the-middle
|
||
(I) A form of active wiretapping attack in which the attacker
|
||
intercepts and selectively modifies communicated data in order to
|
||
masquerade as one or more of the entities involved in a
|
||
communication association. (See: hijack attack, piggyback attack.)
|
||
|
||
(C) For example, suppose Alice and Bob try to establish a session
|
||
key by using the Diffie-Hellman algorithm without data origin
|
||
authentication service. A "man in the middle" could (a) block
|
||
direct communication between Alice and Bob and then (b) masquerade
|
||
as Alice sending data to Bob, (c) masquerade as Bob sending data
|
||
to Alice, (d) establish separate session keys with each of them,
|
||
and (e) function as a clandestine proxy server between them in
|
||
order to capture or modify sensitive information that Alice and
|
||
Bob think they are sending only to each other.
|
||
|
||
$ mandatory access control (MAC)
|
||
(I) An access control service that enforces a security policy
|
||
based on comparing (a) security labels (which indicate how
|
||
sensitive or critical system resources are) with (b) security
|
||
clearances (which indicate system entities are eligible to access
|
||
certain resources). (See: discretionary access control, rule-based
|
||
security policy.)
|
||
|
||
(C) This kind of access control is called "mandatory" because an
|
||
entity that has clearance to access a resource may not, just by
|
||
its own volition, enable another entity to access that resource.
|
||
|
||
(O) "A means of restricting access to objects based on the
|
||
sensitivity (as represented by a label) of the information
|
||
contained in the objects and the formal authorization (i.e.,
|
||
clearance) of subjects to access information of such sensitivity."
|
||
[DOD1]
|
||
|
||
$ manipulation detection code
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "checksum"
|
||
because the word "manipulation" implies protection against active
|
||
attacks, which an ordinary checksum might not provide. Instead, if
|
||
such protection is intended, use "protected checksum" or some
|
||
particular type thereof, depending on which is meant. If such
|
||
protection is not intended, use "error detection code" or some
|
||
specific type of checksum that is not protected.
|
||
|
||
$ masquerade attack
|
||
(I) A type of attack in which one system entity illegitimately
|
||
poses as (assumes the identity of) another entity. (See: spoofing
|
||
attack.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 105]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ MCA
|
||
See: merchant certificate authority.
|
||
|
||
$ MD2
|
||
(N) A cryptographic hash [R1319] that produces a 128-bit hash
|
||
result, was designed by Ron Rivest, and is similar to MD4 and MD5
|
||
but slower. (See: message digest.)
|
||
|
||
$ MD4
|
||
(N) A cryptographic hash [R1320] that produces a 128-bit hash
|
||
result and was designed by Ron Rivest. (See: message digest and
|
||
SHA-1.)
|
||
|
||
$ MD5
|
||
(N) A cryptographic hash [R1321] that produces a 128-bit hash
|
||
result and was designed by Ron Rivest to be an improved version of
|
||
MD4.
|
||
|
||
$ merchant
|
||
(O) SET usage: "A seller of goods, services, and/or other
|
||
information who accepts payment for these items electronically."
|
||
[SET2] A merchant may also provide electronic selling services
|
||
and/or electronic delivery of items for sale. With SET, the
|
||
merchant can offer its cardholders secure electronic interactions,
|
||
but a merchant that accepts payment cards is required to have a
|
||
relationship with an acquirer. [SET1, SET2]
|
||
|
||
$ merchant certificate
|
||
(O) SET usage: A public-key certificate issued to a merchant.
|
||
Sometimes used to refer to a pair of such certificates where one
|
||
is for digital signature use and the other is for encryption.
|
||
|
||
$ merchant certification authority (MCA)
|
||
(O) SET usage: A CA that issues digital certificates to merchants
|
||
and is operated on behalf of a payment card brand, an acquirer, or
|
||
another party according to brand rules. Acquirers verify and
|
||
approve requests for merchant certificates prior to issuance by
|
||
the MCA. An MCA does not issue a CRL, but does distribute CRLs
|
||
issued by root CAs, brand CAs, geopolitical CAs, and payment
|
||
gateway CAs. [SET2]
|
||
|
||
$ mesh PKI
|
||
(I) A non-hierarchical PKI architecture in which there are several
|
||
trusted CAs rather than a single root. Each certificate user bases
|
||
path validations on the public key of one of the trusted CAs,
|
||
usually the one that issued that user's own public-key
|
||
certificate. Rather than having superior-to-subordinate
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 106]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
relationships between CAs, the relationships are peer-to-peer, and
|
||
CAs issue cross-certificates to each other. (See: hierarchical
|
||
PKI, trust-file PKI.)
|
||
|
||
$ message authentication code vs. Message Authentication Code (MAC)
|
||
1. (N) Capitalized: "(The) Message Authentication Code" refers to
|
||
an ANSI standard for a checksum that is computed with a keyed hash
|
||
that is based on DES. [A9009] (Also known as the U.S. Government
|
||
standard Data Authentication Code. [FP113])
|
||
|
||
(C) The ANSI standard MAC algorithm is equivalent to cipher block
|
||
chaining with IV = 0.
|
||
|
||
2. (D) Not capitalized: ISDs SHOULD NOT use the uncapitalized form
|
||
"message authentication code", because this term mixes concepts in
|
||
a potentially misleading way. Instead, use "checksum", "error
|
||
detection code", "hash", "keyed hash", "Message Authentication
|
||
Code", or "protected checksum", depending on what is meant. (See:
|
||
authentication code.)
|
||
|
||
(C) In the uncapitalized form, the word "message" is misleading
|
||
because it implies that the mechanism is particularly suitable for
|
||
or limited to electronic mail (see: Message Handling Systems), the
|
||
word "authentication" is misleading because the mechanism
|
||
primarily serves a data integrity function rather than an
|
||
authentication function, and the word "code" is misleading because
|
||
it implies that either encoding or encryption is involved or that
|
||
the term refers to computer software.
|
||
|
||
$ message digest
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "hash result"
|
||
because it unnecessarily duplicates the meaning of the other, more
|
||
general term and mixes concepts in a potentially misleading way.
|
||
(See: cryptographic hash, Message Handling System.)
|
||
|
||
$ Message Handling Systems
|
||
(I) A ITU-T/ISO system concept, which encompasses the notion of
|
||
electronic mail but defines more comprehensive OSI systems and
|
||
services that enable users to exchange messages on a store-and-
|
||
forward basis. (The ISO equivalent is "Message Oriented Text
|
||
Interchange System".) (See: X.400.)
|
||
|
||
$ message indicator
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "initialization
|
||
value" because it mixes concepts in a potentially misleading way.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 107]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ message integrity check
|
||
$ message integrity code
|
||
(D) ISDs SHOULD NOT use these terms because they mix concepts in a
|
||
potentially misleading way. (The word "message" is misleading
|
||
because it suggests that the mechanism is particularly suitable
|
||
for or limited to electronic mail. The word "code" is misleading
|
||
because it suggests that either encoding or encryption is
|
||
involved, or that the term refers to computer software.) Instead,
|
||
use "checksum", "error detection code", "hash", "keyed hash",
|
||
"Message Authentication Code", or "protected checksum", depending
|
||
on what is meant.
|
||
|
||
$ Message Security Protocol (MSP)
|
||
(N) A secure message handling protocol [SDNS7] for use with X.400
|
||
and Internet mail protocols. Developed by NSA's SDNS program and
|
||
used in the U.S. Defense Message System.
|
||
|
||
$ MHS
|
||
See: message handling system.
|
||
|
||
$ MIME
|
||
See: Multipurpose Internet Mail Extensions.
|
||
|
||
$ MIME Object Security Services (MOSS)
|
||
(I) An Internet protocol [R1848] that applies end-to-end
|
||
encryption and digital signature to MIME message content, using
|
||
symmetric cryptography for encryption and asymmetric cryptography
|
||
for key distribution and signature. MOSS is based on features and
|
||
specifications of PEM. (See: S/MIME.)
|
||
|
||
$ Minimum Interoperability Specification for PKI Components (MISPC)
|
||
(N) A technical description to provide a basis for interoperation
|
||
between PKI components from different vendors; consists primarily
|
||
of a profile of certificate and CRL extensions and a set of
|
||
transactions for PKI operation. [MISPC]
|
||
|
||
$ MISPC
|
||
See: Minimum Interoperability Specification for PKI Components.
|
||
|
||
$ MISSI
|
||
(N) Multilevel Information System Security Initiative, an NSA
|
||
program to encourage development of interoperable, modular
|
||
products for constructing secure network information systems in
|
||
support of a wide variety of Government missions. (See: MSP.)
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 108]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ MISSI user
|
||
(O) MISSI usage: A system entity that is the subject of one or
|
||
more MISSI X.509 public-key certificates issued under a MISSI
|
||
certification hierarchy. (See: personality.)
|
||
|
||
(C) MISSI users include both end users and the authorities that
|
||
issue certificates. A MISSI user is usually a person but may be a
|
||
machine or other automated process. Some machines are required to
|
||
operate non-stop. To avoid downtime needed to exchange the
|
||
FORTEZZA cards of machine operators at shift changes, the machines
|
||
may be issued their own cards, as if they were persons.
|
||
|
||
$ mode
|
||
$ mode of operation
|
||
(I) Encryption usage: A technique for enhancing the effect of a
|
||
cryptographic algorithm or adapting the algorithm for an
|
||
application, such as applying a block cipher to a sequence of data
|
||
blocks or a data stream. (See: electronic codebook, cipher block
|
||
chaining, cipher feedback, output feedback.)
|
||
|
||
(I) System operation usage: A type of security policy that states
|
||
the range of classification levels of information that a system is
|
||
permitted to handle and the range of clearances and authorizations
|
||
of users who are permitted to access the system. (See: dedicated
|
||
security mode, multilevel security mode, partitioned security
|
||
mode, system high security mode.)
|
||
|
||
$ modulus
|
||
(I) The defining constant in modular arithmetic, and usually a
|
||
part of the public key in asymmetric cryptography that is based on
|
||
modular arithmetic. (See: Diffie-Hellman, Rivest-Shamir-Adleman.)
|
||
|
||
$ Morris Worm
|
||
(I) A worm program written by Robert T. Morris, Jr. that flooded
|
||
the ARPANET in November, 1988, causing problems for thousands of
|
||
hosts. (See: worm.)
|
||
|
||
$ MOSS
|
||
See: MIME Object Security Services.
|
||
|
||
$ MSP
|
||
See: Message Security Protocol.
|
||
|
||
$ multilevel secure (MLS)
|
||
(I) A class of system that has system resources (particularly
|
||
stored information) at more than one security level (i.e., has
|
||
different types of sensitive resources) and that permits
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 109]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
concurrent access by users who differ in security clearance and
|
||
need-to-know, but is able to prevent each user from accessing
|
||
resources for which the user lacks authorization.
|
||
|
||
$ multilevel security mode
|
||
(I) A mode of operation of an information system, that allows two
|
||
or more classification levels of information to be processed
|
||
concurrently within the same system when not all users have a
|
||
clearance or formal access authorization for all data handled by
|
||
the system.
|
||
|
||
(C) This mode is defined formally in U.S. Department of Defense
|
||
policy regarding system accreditation [DOD2], but the term is also
|
||
used outside the Defense Department and outside the Government.
|
||
|
||
$ Multipurpose Internet Mail Extensions (MIME)
|
||
(I) An Internet protocol [R2045] that enhances the basic format of
|
||
Internet electronic mail messages [R0822] to be able to use
|
||
character sets other than US-ASCII for textual headers and text
|
||
content, and to carry non-textual and multi-part content. (See:
|
||
S/MIME.)
|
||
|
||
$ mutual suspicion
|
||
(I) The state that exists between two interacting system entities
|
||
in which neither entity can trust the other to function correctly
|
||
with regard to some security requirement.
|
||
|
||
$ National Computer Security Center (NCSC)
|
||
(N) A U.S. Department of Defense organization, housed in NSA, that
|
||
has responsibility for encouraging widespread availability of
|
||
trusted computer systems throughout the Federal Government. It has
|
||
established criteria for, and performs evaluations of, computer
|
||
and network systems that have a trusted computing base. (See:
|
||
Evaluated Products List, Rainbow Series, TCSEC.)
|
||
|
||
$ National Information Assurance Partnership (NIAP)
|
||
(N) An organization created by NIST and NSA to enhance the quality
|
||
of commercial products for information security and increase
|
||
consumer confidence in those products through objective evaluation
|
||
and testing methods.
|
||
|
||
(C) NIAP is registered, through the U.S. Department of Defense, as
|
||
a National Performance Review Reinvention Laboratory. NIAP
|
||
functions include the following:
|
||
|
||
- Developing tests, test methods, and other tools that developers
|
||
and testing laboratories may use to improve and evaluate
|
||
security products.
|
||
|
||
|
||
|
||
Shirey Informational [Page 110]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- Collaborating with industry and others on research and testing
|
||
programs.
|
||
- Using the Common Criteria to develop protection profiles and
|
||
associated test sets for security products and systems.
|
||
- Cooperating with the NIST National Voluntary Laboratory
|
||
Accreditation Program to develop a program to accredit private-
|
||
sector laboratories for the testing of information security
|
||
products using the Common Criteria.
|
||
- Working to establish a formal, international mutual recognition
|
||
scheme for a Common Criteria-based evaluation.
|
||
|
||
$ National Institute of Standards and Technology (NIST)
|
||
(N) A U.S. Department of Commerce agency that promotes U.S.
|
||
economic growth by working with industry to develop and apply
|
||
technology, measurements, and standards. Has primary Government
|
||
responsibility for INFOSEC standards for unclassified but
|
||
sensitive information. (See: ANSI, DES, DSA, DSS, FIPS, NIAP,
|
||
NSA.)
|
||
|
||
$ National Security Agency (NSA)
|
||
(N) A U.S. Department of Defense intelligence agency that has
|
||
primary Government responsibility for INFOSEC for classified
|
||
information and for unclassified but sensitive information handled
|
||
by national security systems. (See: FORTEZZA, KEA, MISSI, NIAP,
|
||
NIST, SKIPJACK.)
|
||
|
||
$ need-to-know
|
||
(I) The necessity for access to, knowledge of, or possession of
|
||
specific information required to carry out official duties.
|
||
|
||
(C) This criterion is used in security procedures that require a
|
||
custodian of sensitive information, prior to disclosing the
|
||
information to someone else, to establish that the intended
|
||
recipient has proper authorization to access the information.
|
||
|
||
$ network
|
||
See: computer network.
|
||
|
||
$ NIAP
|
||
See: National Information Assurance Partnership.
|
||
|
||
$ NIST
|
||
See: National Institute of Standards and Technology.
|
||
|
||
$ NLSP
|
||
Network Layer Security Protocol. An OSI protocol (IS0 11577) for
|
||
end-to-end encryption services at the top of OSI layer 3. NLSP is
|
||
derived from an SDNS protocol, SP3, but is much more complex.
|
||
|
||
|
||
|
||
Shirey Informational [Page 111]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ no-lone zone
|
||
(I) A room or other space to which no person may have
|
||
unaccompanied access and that, when occupied, is required to be
|
||
occupied by two or more appropriately authorized persons. (See:
|
||
dual control.)
|
||
|
||
$ nonce
|
||
(I) A random or non-repeating value that is included in data
|
||
exchanged by a protocol, usually for the purpose of guaranteeing
|
||
liveness and thus detecting and protecting against replay attacks.
|
||
|
||
$ non-critical
|
||
See: critical (extension of certificate).
|
||
|
||
$ non-repudiation service
|
||
(I) A security service that provide protection against false
|
||
denial of involvement in a communication. (See: repudiation.)
|
||
|
||
(C) Non-repudiation service does not and cannot prevent an entity
|
||
from repudiating a communication. Instead, the service provides
|
||
evidence that can be stored and later presented to a third party
|
||
to resolve disputes that arise if and when a communication is
|
||
repudiated by one of the entities involved. There are two basic
|
||
kinds of non-repudiation service:
|
||
|
||
- "Non-repudiation with proof of origin" provides the recipient
|
||
of data with evidence that proves the origin of the data, and
|
||
thus protects the recipient against an attempt by the
|
||
originator to falsely deny sending the data. This service can
|
||
be viewed as a stronger version of an data origin
|
||
authentication service, in that it proves authenticity to a
|
||
third party.
|
||
|
||
- "Non-repudiation with proof of receipt" provides the originator
|
||
of data with evidence that proves the data was received as
|
||
addressed, and thus protects the originator against an attempt
|
||
by the recipient to falsely deny receiving the data.
|
||
|
||
(C) Phases of a Non-Repudiation Service: Ford [For94, For97] uses
|
||
the term "critical action" to refer to the act of communication
|
||
that is the subject of the service:
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 112]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
-------- -------- -------- -------- -------- . --------
|
||
Phase 1: Phase 2: Phase 3: Phase 4: Phase 5: . Phase 6:
|
||
Request Generate Transfer Verify Retain . Resolve
|
||
Service Evidence Evidence Evidence Evidence . Dispute
|
||
-------- -------- -------- -------- -------- . --------
|
||
|
||
Service Critical Evidence Evidence Archive . Evidence
|
||
Request => Action => Stored => Is => Evidence . Is
|
||
Is Made Occurs For Later Tested In Case . Verified
|
||
and Use | ^ Critical . ^
|
||
Evidence v | Action Is . |
|
||
Is +-------------------+ Repudiated . |
|
||
Generated |Verifiable Evidence|------> ... . ----+
|
||
+-------------------+
|
||
|
||
Phase / Explanation
|
||
-------------------
|
||
1. Before the critical action, the service requester asks, either
|
||
implicitly or explicitly, to have evidence of the action be
|
||
generated.
|
||
2. When the critical action occurs, evidence is generated by a
|
||
process involving the potential repudiator and possibly also a
|
||
trusted third party.
|
||
3. The evidence is transferred to the requester, or stored by a
|
||
third party, for later use if needed.
|
||
4. The entity that holds the evidence tests to be sure that it
|
||
will suffice if a dispute arises.
|
||
5. The evidence is retained for possible future retrieval and use.
|
||
6. In this phase, which occurs only if the critical action is
|
||
repudiated, the evidence is retrieved from storage, presented,
|
||
and verified to resolve the dispute.
|
||
|
||
$ no-PIN ORA (NORA)
|
||
(O) MISSI usage: An organizational RA that operates in a mode in
|
||
which the ORA performs no card management functions and,
|
||
therefore, does not require knowledge of either the SSO PIN or
|
||
user PIN for an end user's FORTEZZA PC card.
|
||
|
||
$ NORA
|
||
See: no-PIN ORA.
|
||
|
||
$ notarization
|
||
(I) Registration of data under the authority or in the care of a
|
||
trusted third party, thus making it possible to provide subsequent
|
||
assurance of the accuracy of characteristics claimed for the data,
|
||
such as content, origin, time, and delivery. [I7498 Part 2] (See:
|
||
digital notary.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 113]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ NULL encryption algorithm
|
||
(I) An algorithm [R2410] that does nothing to transform plaintext
|
||
data; i.e., a no-op. It originated because of IPsec ESP, which
|
||
always specifies the use of an encryption algorithm to provide
|
||
confidentiality. The NULL encryption algorithm is a convenient way
|
||
to represent the option of not applying encryption in ESP (or in
|
||
any other context where this is needed).
|
||
|
||
$ OAKLEY
|
||
(I) A key establishment protocol (proposed for IPsec but
|
||
superseded by IKE) based on the Diffie-Hellman algorithm and
|
||
designed to be a compatible component of ISAKMP. [R2412]
|
||
|
||
(C) OAKLEY establishes a shared key with an assigned identifier
|
||
and associated authenticated identities for parties. I.e., OAKLEY
|
||
provides authentication service to ensure the entities of each
|
||
other's identity, even if the Diffie-Hellman exchange is
|
||
threatened by active wiretapping. Also, provides public-key
|
||
forward secrecy for the shared key and supports key updates,
|
||
incorporation of keys distributed by out-of-band mechanisms, and
|
||
user-defined abstract group structures for use with Diffie-
|
||
Hellman.
|
||
|
||
$ object
|
||
(I) Trusted computer system modeling usage: A system element that
|
||
contains or receives information. (See: Bell-LaPadula Model,
|
||
trusted computer system.)
|
||
|
||
$ object identifier (OID)
|
||
(I) An official, globally unique name for a thing, written as a
|
||
sequence of integers (which are formed and assigned as defined in
|
||
the ASN.1 standard) and used to reference the thing in abstract
|
||
specifications and during negotiation of security services in a
|
||
protocol.
|
||
|
||
(O) "A value (distinguishable from all other such values) which is
|
||
associated with an object." [X680]
|
||
|
||
(C) Objects named by OIDs are leaves of the object identifier tree
|
||
(which is similar to but different from the X.500 Directory
|
||
Information Tree). Each arc (i.e., each branch of the tree) is
|
||
labeled with a non-negative integer. An OID is the sequence of
|
||
integers on the path leading from the root of the tree to a named
|
||
object.
|
||
|
||
(C) The OID tree has three arcs immediately below the root: {0}
|
||
for use by ITU-T, {1} for use by ISO, and {2} for use by both
|
||
jointly. Below ITU-T are four arcs, where {0 0} is for ITU-T
|
||
|
||
|
||
|
||
Shirey Informational [Page 114]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
recommendations. Below {0 0} are 26 arcs, one for each series of
|
||
recommendations starting with the letters A to Z, and below these
|
||
are arcs for each recommendation. Thus, the OID for ITU-T
|
||
Recommendation X.509 is {0 0 24 509}. Below ISO are four arcs,
|
||
where {1 0 }is for ISO standards, and below these are arcs for
|
||
each ISO standard. Thus, the OID for ISO/IEC 9594-8 (the ISO
|
||
number for X.509) is {1 0 9594 8}.
|
||
|
||
(C) The following are additional examples: ANSI registers
|
||
organization names below the branch {joint-iso-ccitt(2)
|
||
country(16) US(840) organization(1)}. The NIST CSOR records PKI
|
||
objects below the branch {joint-iso-ccitt(2) country(16) us(840)
|
||
gov(101) csor(3) pki(4)}. The U.S. Department of Defense registers
|
||
INFOSEC objects below the branch {joint-iso-ccitt(2) country(16)
|
||
us(840) organization(1) gov(101) dod(2) infosec(1)}. The OID for
|
||
the PKIX private extension is defined in an arc below the arc for
|
||
the PKIX name space, as {iso(1) identified-organization(3) dod(6)
|
||
internet(1) security(5) mechanisms(5) pkix(7) 1 1}.
|
||
|
||
$ object reuse
|
||
(N) "The reassignment and reuse of a storage medium (e.g., page
|
||
frame, disk sector, magnetic tape) that once contained one or more
|
||
[information] objects. To be securely reused and assigned to a new
|
||
subject, storage media must contain no residual data (magnetic
|
||
remanence) from the object(s) previously contained in the media."
|
||
[NCS04]
|
||
|
||
$ OCSP
|
||
See: On-line Certificate Status Protocol.
|
||
|
||
$ octet
|
||
(I) A data unit of eight bits. (See: byte.)
|
||
|
||
(c) This term is used in networking (especially in OSI standards)
|
||
in preference to "byte", because some systems use "byte" for data
|
||
storage units of a size other than eight.
|
||
|
||
$ OFB
|
||
See: output feedback.
|
||
|
||
$ ohnosecond
|
||
(C) That minuscule fraction of time in which you realize that your
|
||
private key has been compromised.
|
||
|
||
$ OID
|
||
See: object identifier.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 115]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ On-line Certificate Status Protocol (OCSP)
|
||
(I) An Internet protocol used by a client to obtain from a server
|
||
the validity status and other information concerning a digital
|
||
certificate.
|
||
|
||
(C) In some applications, such as those involving high-value
|
||
commercial transactions, it may be necessary to obtain certificate
|
||
revocation status that is more timely than is possible with CRLs
|
||
or to obtain other kinds of status information. OCSP may be used
|
||
to determine the current revocation status of a digital
|
||
certificate, in lieu of or as a supplement to checking against a
|
||
periodic CRL. An OCSP client issues a status request to an OCSP
|
||
server and suspends acceptance of the certificate in question
|
||
until the server provides a response.
|
||
|
||
$ one-time pad
|
||
(I) An encryption algorithm in which the key is a random sequence
|
||
of symbols and each symbol is used for encryption only one time--
|
||
to encrypt only one plaintext symbol to produce only one
|
||
ciphertext symbol--and a copy of the key is used similarly for
|
||
decryption.
|
||
|
||
(C) To ensure one-time use, the copy of the key used for
|
||
encryption is destroyed after use, as is the copy used for
|
||
decryption. This is the only encryption algorithm that is truly
|
||
unbreakable, even given unlimited resources for cryptanalysis
|
||
[Schn], but key management costs and synchronization problems make
|
||
it impractical except in special situations.
|
||
|
||
$ one-time password
|
||
$ One-Time Password (OTP)
|
||
1. Not capitalized: A "one-time password" is a simple
|
||
authentication technique in which each password is used only once
|
||
as authentication information that verifies an identity. This
|
||
technique counters the threat of a replay attack that uses
|
||
passwords captured by wiretapping.
|
||
|
||
2. Capitalized: "One-Time Password" is an Internet protocol
|
||
[R1938] that is based on S/KEY and uses a cryptographic hash
|
||
function to generate one-time passwords for use as authentication
|
||
information in system login and in other processes that need
|
||
protection against replay attacks.
|
||
|
||
$ one-way encryption
|
||
(I) Irreversible transformation of plaintext to ciphertext, such
|
||
that the plaintext cannot be recovered from the ciphertext by
|
||
other than exhaustive procedures even if the cryptographic key is
|
||
known. (See: encryption.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 116]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ one-way function
|
||
(I) "A (mathematical) function, f, which is easy to compute, but
|
||
which for a general value y in the range, it is computationally
|
||
difficult to find a value x in the domain such that f(x) = y.
|
||
There may be a few values of y for which finding x is not
|
||
computationally difficult." [X509]
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "cryptographic
|
||
hash".
|
||
|
||
$ open security environment
|
||
(O) U.S. Department of Defense usage: A system environment that
|
||
meets at least one of the following conditions: (a) Application
|
||
developers (including maintainers) do not have sufficient
|
||
clearance or authorization to provide an acceptable presumption
|
||
that they have not introduced malicious logic. (b) Configuration
|
||
control does not provide sufficient assurance that applications
|
||
and the equipment are protected against the introduction of
|
||
malicious logic prior to and during the operation of system
|
||
applications. [NCS04] (See: closed security environment.)
|
||
|
||
$ Open Systems Interconnection (OSI) Reference Model (OSIRM)
|
||
(N) A joint ISO/ITU-T standard [I7498 Part 1] for a seven-layer,
|
||
architectural communication framework for interconnection of
|
||
computers in networks.
|
||
|
||
(C) OSI-based standards include communication protocols that are
|
||
mostly incompatible with the Internet Protocol Suite, but also
|
||
include security models, such as X.509, that are used in the
|
||
Internet.
|
||
|
||
(C) The OSIRM layers, from highest to lowest, are (7) Application,
|
||
(6) Presentation, (5) Session, (4) Transport, (3) Network, (2)
|
||
Data Link, and (1) Physical. In this Glossary, these layers are
|
||
referred to by number to avoid confusing them with Internet
|
||
Protocol Suite layers, which are referred to by name.
|
||
|
||
(C) Some unknown person described how the OSI layers correspond to
|
||
the seven deadly sins:
|
||
|
||
7. Wrath: Application is always angry at the mess it sees below
|
||
itself. (Hey! Who is it to be pointing fingers?)
|
||
6. Sloth: Presentation is too lazy to do anything productive by
|
||
itself.
|
||
5. Lust: Session is always craving and demanding what truly
|
||
belongs to Application's functionality.
|
||
4. Avarice: Transport wants all of the end-to-end functionality.
|
||
(Of course, it deserves it, but life isn't fair.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 117]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
3. Gluttony: (Connection-Oriented) Network is overweight and
|
||
overbearing after trying too often to eat Transport's lunch.
|
||
2. Envy: Poor Data Link is always starved for attention. (With
|
||
Asynchronous Transfer Mode, maybe now it is feeling less
|
||
neglected.)
|
||
1. Pride: Physical has managed to avoid much of the controversy,
|
||
and nearly all of the embarrassment, suffered by the others.
|
||
|
||
(C) John G. Fletcher described how the OSI layers also correspond
|
||
to Snow White's dwarf friends:
|
||
|
||
7. Doc: Application acts as if it is in charge, but sometimes
|
||
muddles its syntax.
|
||
6. Sleepy: Presentation is indolent, being guilty of the sin of
|
||
Sloth.
|
||
5. Dopey: Session is confused because its charter is not very
|
||
clear.
|
||
4. Grumpy: Transport is irritated because Network has encroached
|
||
on Transport's turf.
|
||
3. Happy: Network smiles for the same reason that Transport is
|
||
irritated.
|
||
2. Sneezy: Data Link makes loud noises in the hope of attracting
|
||
attention.
|
||
1. Bashful: Physical quietly does its work, unnoticed by the
|
||
others.
|
||
|
||
$ operational integrity
|
||
(I) A synonym for "system integrity"; emphasizes the actual
|
||
performance of system functions rather than just the ability to
|
||
perform them.
|
||
|
||
$ operations security (OPSEC)
|
||
(I) A process to identify, control, and protect evidence of the
|
||
planning and execution of sensitive activities and operations, and
|
||
thereby prevent potential adversaries from gaining knowledge of
|
||
capabilities and intentions.
|
||
|
||
$ OPSEC
|
||
See: operations security.
|
||
|
||
$ ORA
|
||
See: organizational registration authority.
|
||
|
||
$ Orange Book
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "Trusted
|
||
Computer System Evaluation Criteria" [CSC001, DOD1]. Instead, use
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 118]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
the full, proper name of the document or, in subsequent
|
||
references, the abbreviation "TCSEC". (See: (usage note under)
|
||
Green Book.)
|
||
|
||
$ organizational certificate
|
||
(O) MISSI usage: A type of MISSI X.509 public-key certificate that
|
||
is issued to support organizational message handling for the U.S.
|
||
Government's Defense Message System.
|
||
|
||
$ organizational registration authority (ORA)
|
||
(I) General usage: An RA for an organization.
|
||
|
||
(O) MISSI usage: The MISSI implementation of RA. A MISSI end
|
||
entity that (a) assists a PCA, CA, or SCA to register other end
|
||
entities, by gathering, verifying, and entering data and
|
||
forwarding it to the signing authority and (b) may also assist
|
||
with card management functions. An ORA is a local administrative
|
||
authority, and the term refers both to the office or role, and to
|
||
the person who fills that office. An ORA does not sign
|
||
certificates, CRLs, or CKLs. (See: no-PIN ORA, SSO-PIN ORA, user-
|
||
PIN ORA.)
|
||
|
||
$ origin authentication
|
||
$ origin authenticity
|
||
(D) ISDs SHOULD NOT use these terms because they look like
|
||
careless use of an internationally standardized term. Instead, use
|
||
"data origin authentication" or "peer entity authentication",
|
||
depending which is meant.
|
||
|
||
$ OSI
|
||
$ OSIRM
|
||
See: Open Systems Interconnection Reference Model.
|
||
|
||
$ OTP
|
||
See: One-Time Password.
|
||
|
||
$ out of band
|
||
(I) Transfer of information using a channel that is outside (i.e.,
|
||
separate from) the channel that is normally used. (See: covert
|
||
channel.)
|
||
|
||
(C) Out-of-band mechanisms are often used to distribute shared
|
||
secrets (e.g., a symmetric key) or other sensitive information
|
||
items (e.g., a root key) that are needed to initialize or
|
||
otherwise enable the operation of cryptography or other security
|
||
mechanisms. (See: key distribution.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 119]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ output feedback (OFB)
|
||
(N) A block cipher mode [FP081] that modifies electronic codebook
|
||
mode to operate on plaintext segments of variable length less than
|
||
or equal to the block length.
|
||
|
||
(C) This mode operates by directly using the algorithm's
|
||
previously generated output block as the algorithm's next input
|
||
block (i.e., by "feeding back" the output block) and combining
|
||
(exclusive OR-ing) the output block with the next plaintext
|
||
segment (of block length or less) to form the next ciphertext
|
||
segment.
|
||
|
||
$ outside attack
|
||
$ outsider attack
|
||
See: (secondary definition under) attack.
|
||
|
||
$ P1363
|
||
See: IEEE P1363.
|
||
|
||
$ PAA
|
||
See: policy approving authority.
|
||
|
||
$ packet filter
|
||
See: (secondary definition under) filtering router.
|
||
|
||
$ pagejacking
|
||
(I) A contraction of "Web page hijacking". A masquerade attack in
|
||
which the attacker copies (steals) a home page or other material
|
||
from the target server, rehosts the page on a server the attacker
|
||
controls, and causes the rehosted page to be indexed by the major
|
||
Web search services, thereby diverting browsers from the target
|
||
server to the attacker's server.
|
||
|
||
(D) ISDs SHOULD NOT use this term without including a definition,
|
||
because the term is not listed in most dictionaries and could
|
||
confuse international readers. (See: (usage note under) Green
|
||
Book.)
|
||
|
||
$ PAN
|
||
See: primary account number.
|
||
|
||
$ PAP
|
||
See: Password Authentication Protocol.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 120]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ partitioned security mode
|
||
(N) A mode of operation of an information system, wherein all
|
||
users have the clearance, but not necessarily formal access
|
||
authorization and need-to-know, for all information handled by the
|
||
system. This mode is defined in U.S. Department of Defense policy
|
||
regarding system accreditation. [DoD2]
|
||
|
||
$ passive attack
|
||
See: (secondary definition under) attack.
|
||
|
||
$ passive wiretapping
|
||
See: (secondary definition under) wiretapping.
|
||
|
||
$ password
|
||
(I) A secret data value, usually a character string, that is used
|
||
as authentication information. (See: challenge-response.)
|
||
|
||
(C) A password is usually matched with a user identifier that is
|
||
explicitly presented in the authentication process, but in some
|
||
cases the identity may be implicit.
|
||
|
||
(C) Using a password as authentication information assumes that
|
||
the password is known only by the system entity whose identity is
|
||
being authenticated. Therefore, in a network environment where
|
||
wiretapping is possible, simple authentication that relies on
|
||
transmission of static (i.e., repetitively used) passwords as
|
||
cleartext is inadequate. (See: one-time password, strong
|
||
authentication.)
|
||
|
||
$ Password Authentication Protocol (PAP)
|
||
(I) A simple authentication mechanism in PPP. In PAP, a user
|
||
identifier and password are transmitted in cleartext. [R1334]
|
||
(See: CHAP.)
|
||
|
||
$ password sniffing
|
||
(I) Passive wiretapping, usually on a local area network, to gain
|
||
knowledge of passwords. (See: (usage note under) sniffing.)
|
||
|
||
$ path discovery
|
||
(I) For a digital certificate, the process of finding a set of
|
||
public-key certificates that comprise a certification path from a
|
||
trusted key to that specific certificate.
|
||
|
||
$ path validation
|
||
(I) The process of validating (a) all of the digital certificates
|
||
in a certification path and (b) the required relationships between
|
||
those certificates, thus validating the contents of the last
|
||
certificate on the path. (See: certificate validation.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 121]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ payment card
|
||
(N) SET usage: Collectively refers "to credit cards, debit cards,
|
||
charge cards, and bank cards issued by a financial institution and
|
||
which reflects a relationship between the cardholder and the
|
||
financial institution." [SET2]
|
||
|
||
$ payment gateway
|
||
(O) SET usage: A system operated by an acquirer, or a third party
|
||
designated by an acquirer, for the purpose of providing electronic
|
||
commerce services to the merchants in support of the acquirer, and
|
||
which interfaces to the acquirer to support the authorization,
|
||
capture, and processing of merchant payment messages, including
|
||
payment instructions from cardholders. [SET1, SET2]
|
||
|
||
$ payment gateway certification authority (SET PCA)
|
||
(O) SET usage: A CA that issues digital certificates to payment
|
||
gateways and is operated on behalf of a payment card brand, an
|
||
acquirer, or another party according to brand rules. A SET PCA
|
||
issues a CRL for compromised payment gateway certificates. [SET2]
|
||
(See: PCA.)
|
||
|
||
$ PC card
|
||
(N) A type of credit card-sized, plug-in peripheral device that
|
||
was originally developed to provide memory expansion for portable
|
||
computers, but is also used for other kinds of functional
|
||
expansion. (See: FORTEZZA, PCMCIA.)
|
||
|
||
(C) The international PC Card Standard defines a non-proprietary
|
||
form factor in three standard sizes--Types I, II and III--each of
|
||
which have a 68-pin interface between the card and the socket into
|
||
which it plugs. All three types have the same length and width,
|
||
roughly the size of a credit card, but differ in their thickness
|
||
from 3.3 to 10.5 mm. Examples include storage modules, modems,
|
||
device interface adapters, and cryptographic modules.
|
||
|
||
$ PCA
|
||
(D) ISDs SHOULD NOT use this acronym without a qualifying
|
||
adjective because that would be ambiguous. (See: Internet policy
|
||
certification authority, (MISSI) policy creation authority, (SET)
|
||
payment gateway certification authority.)
|
||
|
||
$ PCMCIA
|
||
(N) Personal Computer Memory Card International Association, a
|
||
group of manufacturers, developers, and vendors, founded in 1989
|
||
to standardize plug-in peripheral memory cards for personal
|
||
computers and now extended to deal with any technology that works
|
||
in the PC card form factor. (See: PC card.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 122]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ peer entity authentication
|
||
(I) "The corroboration that a peer entity in an association is the
|
||
one claimed." [I7498 Part 2] (See: authentication.)
|
||
|
||
$ peer entity authentication service
|
||
(I) A security service that verifies an identity claimed by or for
|
||
a system entity in an association. (See: authentication,
|
||
authentication service.)
|
||
|
||
(C) This service is used at the establishment of, or at times
|
||
during, an association to confirm the identity of one entity to
|
||
another, thus protecting against a masquerade by the first entity.
|
||
However, unlike data origin authentication service, this service
|
||
requires an association to exist between the two entities, and the
|
||
corroboration provided by the service is valid only at the current
|
||
time that the service is provided.
|
||
|
||
(C) See: "relationship between data integrity service and
|
||
authentication services" under data integrity service.
|
||
|
||
$ PEM
|
||
See: Privacy Enhanced Mail.
|
||
|
||
$ penetration
|
||
(I) Successful, repeatable, unauthorized access to a protected
|
||
system resource. (See: attack, violation.)
|
||
|
||
$ penetration test
|
||
(I) A system test, often part of system certification, in which
|
||
evaluators attempt to circumvent the security features of the
|
||
system. [NCS04]
|
||
|
||
(C) Penetration testing may be performed under various constraints
|
||
and conditions. However, for a TCSEC evaluation, testers are
|
||
assumed to have all system design and implementation
|
||
documentation, including source code, manuals, and circuit
|
||
diagrams, and to work under no greater constraints than those
|
||
applied to ordinary users.
|
||
|
||
$ perfect forward secrecy
|
||
See: (discussion under) public-key forward secrecy.
|
||
|
||
$ perimeter
|
||
See: security perimeter.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 123]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ periods processing
|
||
(I) A mode of system operation in which information of different
|
||
sensitivities is processed at distinctly different times by the
|
||
same system, with the system being properly purged or sanitized
|
||
between periods. (See: color change.)
|
||
|
||
$ permission
|
||
(I) A synonym for "authorization", but "authorization" is
|
||
preferred in the PKI context. (See: privilege.)
|
||
|
||
$ personal identification number (PIN)
|
||
(I) A character string used as a password to gain access to a
|
||
system resource. (See: authentication information.)
|
||
|
||
(C) Despite the words "identification" and "number", a PIN seldom
|
||
serves as a user identifier, and a PIN's characters are not
|
||
necessarily all numeric. A better name for this concept would have
|
||
been "personal authentication system string (PASS)".
|
||
|
||
(C) Retail banking applications commonly use 4-digit PINs.
|
||
FORTEZZA PC card's use up to 12 characters for user or SSO PINs.
|
||
|
||
$ personality
|
||
$ personality label
|
||
(O) MISSI usage: A set of MISSI X.509 public-key certificates that
|
||
have the same subject DN, together with their associated private
|
||
keys and usage specifications, that is stored on a FORTEZZA PC
|
||
card to support a role played by the card's user.
|
||
|
||
(C) When a card's user selects a personality to use in a FORTEZZA-
|
||
aware application, the data determines behavior traits (the
|
||
personality) of the application. A card's user may have multiple
|
||
personalities on the card. Each has a "personality label", a user-
|
||
friendly character string that applications can display to the
|
||
user for selecting or changing the personality to be used. For
|
||
example, a military user's card might contain three personalities:
|
||
GENERAL HALFTRACK, COMMANDER FORT SWAMPY, and NEW YEAR'S EVE PARTY
|
||
CHAIRMAN. Each personality includes one or more certificates of
|
||
different types (such as DSA versus RSA), for different purposes
|
||
(such as digital signature versus encryption), or with different
|
||
authorizations.
|
||
|
||
$ personnel security
|
||
(I) Procedures to ensure that persons who access a system have
|
||
proper clearance, authorization, and need-to-know as required by
|
||
the system's security policy.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 124]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ PGP(trademark)
|
||
See: Pretty Good Privacy.
|
||
|
||
$ Photuris
|
||
(I) A UDP-based, key establishment protocol for session keys,
|
||
designed for use with the IPsec protocols AH and ESP. Superseded
|
||
by IKE.
|
||
|
||
$ phreaking
|
||
(I) A contraction of "telephone breaking". An attack on or
|
||
penetration of a telephone system or, by extension, any other
|
||
communication or information system. [Raym]
|
||
|
||
(D) ISDs SHOULD NOT use this term because it is not listed in most
|
||
dictionaries and could confuse international readers.
|
||
|
||
$ physical security
|
||
(I) Tangible means of preventing unauthorized physical access to a
|
||
system. E.g., fences, walls, and other barriers; locks, safes, and
|
||
vaults; dogs and armed guards; sensors and alarm bells. [FP031,
|
||
R1455]
|
||
|
||
$ piggyback attack
|
||
(I) A form of active wiretapping in which the attacker gains
|
||
access to a system via intervals of inactivity in another user's
|
||
legitimate communication connection. Sometimes called a "between-
|
||
the-lines" attack. (See: hijack attack, man-in-the-middle attack.)
|
||
|
||
$ PIN
|
||
See: personal identification number.
|
||
|
||
$ ping of death
|
||
(I) An attack that sends an improperly large ICMP [R0792] echo
|
||
request packet (a "ping") with the intent of overflowing the input
|
||
buffers of the destination machine and causing it to crash.
|
||
|
||
$ ping sweep
|
||
(I) An attack that sends ICMP [R0792] echo requests ("pings") to a
|
||
range of IP addresses, with the goal of finding hosts that can be
|
||
probed for vulnerabilities.
|
||
|
||
$ PKCS
|
||
See: Public-Key Cryptography Standards.
|
||
|
||
$ PKCS #7
|
||
(N) A standard [PKC07, R2315] from the PKCS series; defines a
|
||
syntax for data that may have cryptography applied to it, such as
|
||
for digital signatures and digital envelopes.
|
||
|
||
|
||
|
||
Shirey Informational [Page 125]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ PKCS #10
|
||
(N) A standard [PKC10] from the PKCS series; defines a syntax for
|
||
requests for public-key certificates. (See: certification
|
||
request.)
|
||
|
||
(C) A PKCS #10 request contains a DN and a public key, and may
|
||
contain other attributes, and is signed by the entity making the
|
||
request. The request is sent to a CA, who converts it to an X.509
|
||
public-key certificate (or some other form) and returns it,
|
||
possibly in PKCS #7 format.
|
||
|
||
$ PKCS #11
|
||
(N) A standard [PKC11] from the PKCS series; defines a software
|
||
CAPI called Cryptoki (pronounced "crypto-key"; short for
|
||
"cryptographic token interface") for devices that hold
|
||
cryptographic information and perform cryptographic functions.
|
||
|
||
$ PKI
|
||
See: public-key infrastructure.
|
||
|
||
$ PKIX
|
||
(I) (1.) A contraction of "Public-Key Infrastructure (X.509)", the
|
||
name of the IETF working group that is specifying an architecture
|
||
and set of protocols needed to support an X.509-based PKI for the
|
||
Internet. (2.) A collective name for that architecture and set of
|
||
protocols.
|
||
|
||
(C) The goal of PKIX is to facilitate the use of X.509 public-key
|
||
certificates in multiple Internet applications and to promote
|
||
interoperability between different implementations that use those
|
||
certificates. The resulting PKI is intended to provide a framework
|
||
that supports a range of trust and hierarchy environments and a
|
||
range of usage environments. PKIX specifies (a) profiles of the v3
|
||
X.509 public-key certificate standards and the v2 X.509 CRL
|
||
standards for the Internet; (b) operational protocols used by
|
||
relying parties to obtain information such as certificates or
|
||
certificate status; (c) management protocols used by system
|
||
entities to exchange information needed for proper management of
|
||
the PKI; and (d) information about certificate policies and CPSs,
|
||
covering the areas of PKI security not directly addressed in the
|
||
rest of PKIX.
|
||
|
||
$ PKIX private extension
|
||
(I) PKIX defines a private extension to identify an on-line
|
||
verification service supporting the issuing CA.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 126]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ plaintext
|
||
(I) Data that is input to and transformed by an encryption
|
||
process, or that is output by a decryption process.
|
||
|
||
(C) Usually, the plaintext input to an encryption operation is
|
||
cleartext. But in some cases, the input is ciphertext that was
|
||
output from another encryption operation. (See: superencryption.)
|
||
|
||
$ Point-to-Point Protocol (PPP)
|
||
(I) An Internet Standard protocol [R1661] for encapsulation and
|
||
full-duplex transportation of network layer (mainly OSI layer 3)
|
||
protocol data packets over a link between two peers, and for
|
||
multiplexing different network layer protocols over the same link.
|
||
Includes optional negotiation to select and use a peer entity
|
||
authentication protocol to authenticate the peers to each other
|
||
before they exchange network layer data. (See: CHAP, EAP, PAP.)
|
||
|
||
$ Point-to-Point Tunneling Protocol (PPTP)
|
||
(I) An Internet client-server protocol (originally developed by
|
||
Ascend and Microsoft) that enables a dial-up user to create a
|
||
virtual extension of the dial-up link across a network by
|
||
tunneling PPP over IP. (See: L2TP.)
|
||
|
||
(C) PPP can encapsulate any Internet Protocol Suite network layer
|
||
protocol (or OSI layer 3 protocol). Therefore, PPTP does not
|
||
specify security services; it depends on protocols above and below
|
||
it to provide any needed security. PPTP makes it possible to
|
||
divorce the location of the initial dial-up server (i.e., the PPTP
|
||
Access Concentrator, the client, which runs on a special-purpose
|
||
host) from the location at which the dial-up protocol (PPP)
|
||
connection is terminated and access to the network is provided
|
||
(i.e., the PPTP Network Server, which runs on a general-purpose
|
||
host).
|
||
|
||
$ policy
|
||
(D) ISDs SHOULD NOT use this word as an abbreviation for either
|
||
"security policy" or "certificate policy". Instead, to avoid
|
||
misunderstanding, use the fully qualified term, at least at the
|
||
point of first usage.
|
||
|
||
$ policy approving authority (PAA)
|
||
(O) MISSI usage: The top-level signing authority of a MISSI
|
||
certification hierarchy. The term refers both to that
|
||
authoritative office or role and to the person who plays that
|
||
role. (See: root registry.)
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 127]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) A PAA registers MISSI PCAs and signs their X.509 public-key
|
||
certificates. A PAA issues CRLs but does not issue a CKL. A PAA
|
||
may issue cross-certificates to other PAAs.
|
||
|
||
$ policy certification authority (Internet PCA)
|
||
(I) An X.509-compliant CA at the second level of the Internet
|
||
certification hierarchy, under the Internet Policy Registration
|
||
Authority (IPRA). Each PCA operates in accordance with its
|
||
published security policy (see: certification practice statement)
|
||
and within constraints established by the IPRA for all PCAs.
|
||
[R1422]. (See: policy creation authority.)
|
||
|
||
$ policy creation authority (MISSI PCA)
|
||
(O) MISSI usage: The second level of a MISSI certification
|
||
hierarchy; the administrative root of a security policy domain of
|
||
MISSI users and other, subsidiary authorities. The term refers
|
||
both to that authoritative office or role and to the person who
|
||
fills that office. (See: policy certification authority.)
|
||
|
||
(C) A MISSI PCA's certificate is issued by a policy approving
|
||
authority. The PCA registers the CAs in its domain, defines their
|
||
configurations, and issues their X.509 public-key certificates.
|
||
(The PCA may also issue certificates for SCAs, ORAs, and other end
|
||
entities, but a PCA does not usually do this.) The PCA
|
||
periodically issues CRLs and CKLs for its domain.
|
||
|
||
$ Policy Management Authority
|
||
(N) Canadian usage: An organization responsible for PKI oversight
|
||
and policy management in the Government of Canada.
|
||
|
||
$ policy mapping
|
||
(I) "Recognizing that, when a CA in one domain certifies a CA in
|
||
another domain, a particular certificate policy in the second
|
||
domain may be considered by the authority of the first domain to
|
||
be equivalent (but not necessarily identical in all respects) to a
|
||
particular certificate policy in the first domain." [X509]
|
||
|
||
$ POP3
|
||
See: Post Office Protocol, version 3.
|
||
|
||
$ POP3 APOP
|
||
(I) A POP3 "command" (better described as a transaction type, or a
|
||
protocol-within-a-protocol) by which a POP3 client optionally uses
|
||
a keyed hash (based on MD5) to authenticate itself to a POP3
|
||
server and, depending on the server implementation, to protect
|
||
against replay attacks. (See: CRAM, POP3 AUTH, IMAP4
|
||
AUTHENTICATE.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 128]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) The server includes a unique timestamp in its greeting to the
|
||
client. The subsequent APOP command sent by the client to the
|
||
server contains the client's name and the hash result of applying
|
||
MD5 to a string formed from both the timestamp and a shared secret
|
||
that is known only to the client and the server. APOP was designed
|
||
to provide as an alternative to using POP3's USER and PASS (i.e.,
|
||
password) command pair, in which the client sends a cleartext
|
||
password to the server.
|
||
|
||
$ POP3 AUTH
|
||
(I) A "command" [R1734] (better described as a transaction type,
|
||
or a protocol-within-a-protocol) in POP3, by which a POP3 client
|
||
optionally proposes a mechanism to a POP3 server to authenticate
|
||
the client to the server and provide other security services.
|
||
(See: POP3 APOP, IMAP4 AUTHENTICATE.)
|
||
|
||
(C) If the server accepts the proposal, the command is followed by
|
||
performing a challenge-response authentication protocol and,
|
||
optionally, negotiating a protection mechanism for subsequent POP3
|
||
interactions. The security mechanisms used by POP3 AUTH are those
|
||
used by IMAP4.
|
||
|
||
$ port scan
|
||
(I) An attack that sends client requests to a range of server port
|
||
addresses on a host, with the goal of finding an active port and
|
||
exploiting a known vulnerability of that service.
|
||
|
||
$ POSIX
|
||
(N) Portable Operating System Interface for Computer Environments,
|
||
a standard [FP151, IS9945-1] (originally IEEE Standard P1003.1)
|
||
that defines an operating system interface and environment to
|
||
support application portability at the source code level. It is
|
||
intended to be used by both application developers and system
|
||
implementers.
|
||
|
||
(C) P1003.1 supports security functionality like those on most
|
||
UNIX systems, including discretionary access control and
|
||
privilege. IEEE Draft Standard P1003.6.1 specifies additional
|
||
functionality not provided in the base standard, including (a)
|
||
discretionary access control, (b) audit trail mechanisms, (c)
|
||
privilege mechanisms, (d) mandatory access control, and (e)
|
||
information label mechanisms.
|
||
|
||
$ Post Office Protocol, version 3 (POP3)
|
||
(I) An Internet Standard protocol [R1939] by which a client
|
||
workstation can dynamically access a mailbox on a server host to
|
||
retrieve mail messages that the server has received and is holding
|
||
for the client. (See: IMAP4.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 129]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) POP3 has mechanisms for optionally authenticating a client to
|
||
a server and providing other security services. (See: POP3 APOP,
|
||
POP3 AUTH.)
|
||
|
||
$ PPP
|
||
See: Point-to-Point Protocol.
|
||
|
||
$ PPTP
|
||
See: Point-to-Point Tunneling Protocol.
|
||
|
||
$ pre-authorization
|
||
(I) A capability of a CAW that enables certification requests to
|
||
be automatically validated against data provided in advance to the
|
||
CA by an authorizing entity.
|
||
|
||
$ Pretty Good Privacy(trademark) (PGP(trademark))
|
||
(O) Trademarks of Network Associates, Inc., referring to a
|
||
computer program (and related protocols) that uses cryptography to
|
||
provide data security for electronic mail and other applications
|
||
on the Internet. (See: MOSS, PEM, S/MIME.)
|
||
|
||
(C) PGP encrypts messages with IDEA in CFB mode, distributes the
|
||
IDEA keys by encrypting them with RSA, and creates digital
|
||
signatures on messages with MD5 and RSA. To establish ownership of
|
||
public keys, PGP depends on the web of trust. (See: Privacy
|
||
Enhanced Mail.)
|
||
|
||
$ primary account number (PAN)
|
||
(O) SET usage: "The assigned number that identifies the card
|
||
issuer and cardholder. This account number is composed of an
|
||
issuer identification number, an individual account number
|
||
identification, and an accompanying check digit as defined by ISO
|
||
7812-1985." [SET2, IS7812] (See: bank identification number.)
|
||
|
||
(C) The PAN is embossed, encoded, or both on a magnetic-strip-
|
||
based credit card. The PAN identifies the issuer to which a
|
||
transaction is to be routed and the account to which it is to be
|
||
applied unless specific instructions indicate otherwise. The
|
||
authority that assigns the bank identification number part of the
|
||
PAN is the American Bankers Association.
|
||
|
||
$ privacy
|
||
(I) The right of an entity (normally a person), acting in its own
|
||
behalf, to determine the degree to which it will interact with its
|
||
environment, including the degree to which the entity is willing
|
||
to share information about itself with others. (See: anonymity.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 130]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(O) "The right of individuals to control or influence what
|
||
information related to them may be collected and stored and by
|
||
whom and to whom that information may be disclosed." [I7498 Part
|
||
2]
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "data
|
||
confidentiality" or "data confidentiality service", which are
|
||
different concepts. Privacy is a reason for security rather than a
|
||
kind of security. For example, a system that stores personal data
|
||
needs to protect the data to prevent harm, embarrassment,
|
||
inconvenience, or unfairness to any person about whom data is
|
||
maintained, and to protect the person's privacy. For that reason,
|
||
the system may need to provide data confidentiality service.
|
||
|
||
$ Privacy Enhanced Mail (PEM)
|
||
(I) An Internet protocol to provide data confidentiality, data
|
||
integrity, and data origin authentication for electronic mail.
|
||
[R1421, R1422]. (See: MOSS, MSP, PGP, S/MIME.)
|
||
|
||
(C) PEM encrypts messages with DES in CBC mode, provides key
|
||
distribution of DES keys by encrypting them with RSA, and signs
|
||
messages with RSA over either MD2 or MD5. To establish ownership
|
||
of public keys, PEM uses a certification hierarchy, with X.509
|
||
public-key certificates and X.509 CRLs that are signed with RSA
|
||
and MD2. (See: Pretty Good Privacy.)
|
||
|
||
(C) PEM is designed to be compatible with a wide range of key
|
||
management methods, but is limited to specifying security services
|
||
only for text messages and, like MOSS, has not been widely
|
||
implemented in the Internet.
|
||
|
||
$ private component
|
||
(I) A synonym for "private key".
|
||
|
||
(D) In most cases, ISDs SHOULD NOT use this term; to avoid
|
||
confusing readers, use "private key" instead. However, the term
|
||
MAY be used when specifically discussing a key pair; e.g., "A key
|
||
pair has a public component and a private component."
|
||
|
||
$ private extension
|
||
See: (secondary definition under) extension.
|
||
|
||
$ private key
|
||
(I) The secret component of a pair of cryptographic keys used for
|
||
asymmetric cryptography. (See: key pair, public key.)
|
||
|
||
(O) "(In a public key cryptosystem) that key of a user's key pair
|
||
which is known only by that user." [X509]
|
||
|
||
|
||
|
||
Shirey Informational [Page 131]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ privilege
|
||
(I) An authorization or set of authorizations to perform security-
|
||
relevant functions, especially in the context of a computer
|
||
operating system.
|
||
|
||
$ privilege management infrastructure
|
||
(N) "The complete set of processes required to provide an
|
||
authorization service", i.e., processes concerned with attribute
|
||
certificates. [FPDAM] (See: PKI.)
|
||
|
||
(D) ISDs SHOULD NOT use this term and its definition because the
|
||
definition is vague, and there is no consensus on an alternate
|
||
definition.
|
||
|
||
$ privileged process
|
||
(I) An computer process that is authorized (and, therefore,
|
||
trusted) to perform some security-relevant functions that ordinary
|
||
processes are not. (See: privilege, trusted process.)
|
||
|
||
$ procedural security
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "administrative
|
||
security". Any type of security may involve procedures; therefore,
|
||
the term may be misleading. Instead, use "administrative
|
||
security", "communication security", "computer security",
|
||
"emanations security", "personnel security", "physical security",
|
||
or whatever specific type is meant. (See: security architecture.)
|
||
|
||
$ proprietary
|
||
(I) Refers to information (or other property) that is owned by an
|
||
individual or organization and for which the use is restricted by
|
||
that entity.
|
||
|
||
$ protected checksum
|
||
(I) A checksum that is computed for a data object by means that
|
||
protect against active attacks that would attempt to change the
|
||
checksum to make it match changes made to the data object. (See:
|
||
digital signature, keyed hash, (discussion under) checksum.
|
||
|
||
$ protected distribution system
|
||
(I) A wireline or fiber-optic system that includes sufficient
|
||
safeguards (acoustic, electric, electromagnetic, and physical) to
|
||
permit its use for unencrypted transmission of (cleartext) data.
|
||
|
||
$ protection authority
|
||
See: (secondary definition under) Internet Protocol Security
|
||
Option.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 132]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ protection ring
|
||
(I) One of a hierarchy of privileged operation modes of a system
|
||
that gives certain access rights to processes authorized to
|
||
operate in that mode.
|
||
|
||
$ protocol
|
||
(I) A set of rules (i.e., formats and procedures) to implement and
|
||
control some type of association (e.g., communication) between
|
||
systems. (E.g., see: Internet Protocol.)
|
||
|
||
(C) In particular, a series of ordered steps involving computing
|
||
and communication that are performed by two or more system
|
||
entities to achieve a joint objective. [A9042]
|
||
|
||
$ protocol suite
|
||
(I) A complementary collection of communication protocols used in
|
||
a computer network. (See: Internet, OSI.)
|
||
|
||
$ proxy server
|
||
(I) A computer process--often used as, or as part of, a firewall--
|
||
that relays a protocol between client and server computer systems,
|
||
by appearing to the client to be the server and appearing to the
|
||
server to be the client. (See: SOCKS.)
|
||
|
||
(C) In a firewall, a proxy server usually runs on a bastion host,
|
||
which may support proxies for several protocols (e.g., FTP, HTTP,
|
||
and TELNET). Instead of a client in the protected enclave
|
||
connecting directly to an external server, the internal client
|
||
connects to the proxy server which in turn connects to the
|
||
external server. The proxy server waits for a request from inside
|
||
the firewall, forwards the request to the remote server outside
|
||
the firewall, gets the response, then sends the response back to
|
||
the client. The proxy may be transparent to the clients, or they
|
||
may need to connect first to the proxy server, and then use that
|
||
association to also initiate a connection to the real server.
|
||
|
||
(C) Proxies are generally preferred over SOCKS for their ability
|
||
to perform caching, high-level logging, and access control. A
|
||
proxy can provide security service beyond that which is normally
|
||
part of the relayed protocol, such as access control based on peer
|
||
entity authentication of clients, or peer entity authentication of
|
||
servers when clients do not have that capability. A proxy at OSI
|
||
layer 7 can also provide finer-grained security service than can a
|
||
filtering router at OSI layer 3. For example, an FTP proxy could
|
||
permit transfers out of, but not into, a protected network.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 133]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ pseudo-random
|
||
(I) A sequence of values that appears to be random (i.e.,
|
||
unpredictable) but is actually generated by a deterministic
|
||
algorithm. (See: random.)
|
||
|
||
$ pseudo-random number generator
|
||
(I) A process used to deterministically generate a series of
|
||
numbers (usually integers) that appear to be random according to
|
||
certain statistical tests, but actually are pseudo-random.
|
||
|
||
(C) Pseudo-random number generators are usually implemented in
|
||
software.
|
||
|
||
$ public component
|
||
(I) A synonym for "public key".
|
||
|
||
(D) In most cases, ISDs SHOULD NOT use this term; to avoid
|
||
confusing readers, use "private key" instead. However, the term
|
||
MAY be used when specifically discussing a key pair; e.g., "A key
|
||
pair has a public component and a private component."
|
||
|
||
$ public key
|
||
(I) The publicly-disclosable component of a pair of cryptographic
|
||
keys used for asymmetric cryptography. (See: key pair, private
|
||
key.)
|
||
|
||
(O) "(In a public key cryptosystem) that key of a user's key pair
|
||
which is publicly known." [X509]
|
||
|
||
$ public-key certificate
|
||
(I) A digital certificate that binds a system entity's identity to
|
||
a public key value, and possibly to additional data items; a
|
||
digitally-signed data structure that attests to the ownership of a
|
||
public key. (See: X.509 public-key certificate.)
|
||
|
||
(C) The digital signature on a public-key certificate is
|
||
unforgeable. Thus, the certificate can be published, such as by
|
||
posting it in a directory, without the directory having to protect
|
||
the certificate's data integrity.
|
||
|
||
(O) "The public key of a user, together with some other
|
||
information, rendered unforgeable by encipherment with the private
|
||
key of the certification authority which issued it." [X509]
|
||
|
||
$ public-key cryptography
|
||
(I) The popular synonym for "asymmetric cryptography".
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 134]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ Public-Key Cryptography Standards (PKCS)
|
||
(I) A series of specifications published by RSA Laboratories for
|
||
data structures and algorithm usage for basic applications of
|
||
asymmetric cryptography. (See: PKCS #7, PKCS #10, PKCS #11.)
|
||
|
||
(C) The PKCS were begun in 1991 in cooperation with industry and
|
||
academia, originally including Apple, Digital, Lotus, Microsoft,
|
||
Northern Telecom, Sun, and MIT. Today, the specifications are
|
||
widely used, but they are not sanctioned by an official standards
|
||
organization, such as ANSI, ITU-T, or IETF. RSA Laboratories
|
||
retains sole decision-making authority over the PKCS.
|
||
|
||
$ public-key forward secrecy (PFS)
|
||
(I) For a key agreement protocol based on asymmetric cryptography,
|
||
the property that ensures that a session key derived from a set of
|
||
long-term public and private keys will not be compromised if one
|
||
of the private keys is compromised in the future.
|
||
|
||
(C) Some existing RFCs use the term "perfect forward secrecy" but
|
||
either do not define it or do not define it precisely. While
|
||
preparing this Glossary, we tried to find a good definition for
|
||
that term, but found this to be a muddled area. Experts did not
|
||
agree. For all practical purposes, the literature defines "perfect
|
||
forward secrecy" by stating the Diffie-Hellman algorithm. The term
|
||
"public-key forward secrecy" (suggested by Hilarie Orman) and the
|
||
"I" definition stated for it here were crafted to be compatible
|
||
with current Internet documents, yet be narrow and leave room for
|
||
improved terminology.
|
||
|
||
(C) Challenge to the Internet security community: We need a
|
||
taxonomy--a family of mutually exclusive and collectively
|
||
exhaustive terms and definitions to cover the basic properties
|
||
discussed here--for the full range of cryptographic algorithms and
|
||
protocols used in Internet Standards:
|
||
|
||
(C) Involvement of session keys vs. long-term keys: Experts
|
||
disagree about the basic ideas involved.
|
||
|
||
- One concept of "forward secrecy" is that, given observations of
|
||
the operation of a key establishment protocol up to time t, and
|
||
given some of the session keys derived from those protocol runs,
|
||
you cannot derive unknown past session keys or future session
|
||
keys.
|
||
|
||
- A related property is that, given observations of the protocol
|
||
and knowledge of the derived session keys, you cannot derive one
|
||
or more of the long-term private keys.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 135]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- The "I" definition presented above involves a third concept of
|
||
"forward secrecy" that refers to the effect of the compromise of
|
||
long-term keys.
|
||
|
||
- All three concepts involve the idea that a compromise of "this"
|
||
encryption key is not supposed to compromise the "next" one. There
|
||
also is the idea that compromise of a single key will compromise
|
||
only the data protected by the single key. In Internet literature,
|
||
the focus has been on protection against decryption of back
|
||
traffic in the event of a compromise of secret key material held
|
||
by one or both parties to a communication.
|
||
|
||
(C) Forward vs. backward: Experts are unhappy with the word
|
||
"forward", because compromise of "this" encryption key also is not
|
||
supposed to compromise the "previous" one, which is "backward"
|
||
rather than forward. In S/KEY, if the key used at time t is
|
||
compromised, then all keys used prior to that are compromised. If
|
||
the "long-term" key (i.e., the base of the hashing scheme) is
|
||
compromised, then all keys past and future are compromised; thus,
|
||
you could say that S/KEY has neither forward nor backward secrecy.
|
||
|
||
(C) Asymmetric cryptography vs. symmetric: Experts disagree about
|
||
forward secrecy in the context of symmetric cryptographic systems.
|
||
In the absence of asymmetric cryptography, compromise of any long-
|
||
term key seems to compromise any session key derived from the
|
||
long-term key. For example, Kerberos isn't forward secret, because
|
||
compromising a client's password (thus compromising the key shared
|
||
by the client and the authentication server) compromises future
|
||
session keys shared by the client and the ticket-granting server.
|
||
|
||
(C) Ordinary forward secrecy vs. "perfect" forward secret: Experts
|
||
disagree about the difference between these two. Some say there is
|
||
no difference, and some say that the initial naming was
|
||
unfortunate and suggest dropping the word "perfect". Some suggest
|
||
using "forward secrecy" for the case where one long-term private
|
||
key is compromised, and adding "perfect" for when both private
|
||
keys (or, when the protocol is multi-party, all private keys) are
|
||
compromised.
|
||
|
||
(C) Acknowledgements: Bill Burr, Burt Kaliski, Steve Kent, Paul
|
||
Van Oorschot, Michael Wiener, and, especially, Hilarie Orman
|
||
contributed ideas to this discussion.
|
||
|
||
$ public-key infrastructure (PKI)
|
||
(I) A system of CAs (and, optionally, RAs and other supporting
|
||
servers and agents) that perform some set of certificate
|
||
management, archive management, key management, and token
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 136]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
management functions for a community of users in an application of
|
||
asymmetric cryptography. (See: hierarchical PKI, mesh PKI,
|
||
security management infrastructure, trust-file PKI.)
|
||
|
||
(O) PKIX usage: The set of hardware, software, people, policies,
|
||
and procedures needed to create, manage, store, distribute, and
|
||
revoke digital certificates based on asymmetric cryptography.
|
||
|
||
(C) The core PKI functions are (a) to register users and issue
|
||
their public-key certificates, (b) to revoke certificates when
|
||
required, and (c) to archive data needed to validate certificates
|
||
at a much later time. Key pairs for data confidentiality may be
|
||
generated (and perhaps escrowed) by CAs or RAs, but requiring a
|
||
PKI client to generate its own digital signature key pair helps
|
||
maintain system integrity of the cryptographic system, because
|
||
then only the client ever possesses the private key it uses. Also,
|
||
an authority may be established to approve or coordinate CPSs,
|
||
which are security policies under which components of a PKI
|
||
operate.
|
||
|
||
(C) A number of other servers and agents may support the core PKI,
|
||
and PKI clients may obtain services from them. The full range of
|
||
such services is not yet fully understood and is evolving, but
|
||
supporting roles may include archive agent, certified delivery
|
||
agent, confirmation agent, digital notary, directory, key escrow
|
||
agent, key generation agent, naming agent who ensures that issuers
|
||
and subjects have unique identifiers within the PKI, repository,
|
||
ticket-granting agent, and time stamp agent.
|
||
|
||
$ RA
|
||
See: registration authority.
|
||
|
||
$ RA domains
|
||
(I) A capability of a CAW that allows a CA to divide the
|
||
responsibility for certification requests among multiple RAs.
|
||
|
||
(C) This capability might be used to restrict access to private
|
||
authorization data that is provided with a certification request,
|
||
and to distribute the responsibility to review and approve
|
||
certification requests in high volume environments. RA domains
|
||
might segregate certification requests according to an attribute
|
||
of the certificate subject, such as an organizational unit.
|
||
|
||
$ RADIUS
|
||
See: Remote Authentication Dial-In User Service.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 137]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ Rainbow Series
|
||
(O) A set of more than 30 technical and policy documents with
|
||
colored covers, issued by the NCSC, that discuss in detail the
|
||
TCSEC and provide guidance for meeting and applying the criteria.
|
||
(See: Green Book, Orange Book, Red Book, Yellow Book.)
|
||
|
||
$ random
|
||
(I) General usage: In mathematics, random means "unpredictable". A
|
||
sequence of values is called random if each successive value is
|
||
obtained merely by chance and does not depend on the preceding
|
||
values of the sequence, and a selected individual value is called
|
||
random if each of the values in the total population of
|
||
possibilities has equal probability of being selected. [Knuth]
|
||
(See: cryptographic key, pseudo-random, random number generator.)
|
||
|
||
(I) Security usage: In cryptography and other security
|
||
applications, random means not only unpredictable, but also
|
||
"unguessable". When selecting data values to use for cryptographic
|
||
keys, "the requirement is for data that an adversary has a very
|
||
low probability of guessing or determining." It is not sufficient
|
||
to use data that "only meets traditional statistical tests for
|
||
randomness or which is based on limited range sources, such as
|
||
clocks. Frequently such random quantities are determinable [i.e.,
|
||
guessable] by an adversary searching through an embarrassingly
|
||
small space of possibilities." [R1750]
|
||
|
||
$ random number generator
|
||
(I) A process used to generate an unpredictable, uniformly
|
||
distributed series of numbers (usually integers). (See: pseudo-
|
||
random, random.)
|
||
|
||
(C) True random number generators are hardware-based devices that
|
||
depend on the output of a "noisy diode" or other physical
|
||
phenomena. [R1750]
|
||
|
||
$ RBAC
|
||
See: Role-Based Access Control.
|
||
|
||
$ RC2
|
||
$ RC4
|
||
See: Rivest Cipher #2, Rivest Cipher #4.
|
||
|
||
$ realm
|
||
(O) Kerberos usage: The domain of authority of a Kerberos server
|
||
(consisting of an authentication server and a ticket-granting
|
||
server), including the Kerberized clients and the Kerberized
|
||
application servers
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 138]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ RED
|
||
(I) Designation for information system equipment or facilities
|
||
that handle (and for data that contains) only plaintext (or,
|
||
depending on the context, classified information), and for such
|
||
data itself. This term derives from U.S. Government COMSEC
|
||
terminology. (See: BLACK, RED/BLACK separation.)
|
||
|
||
$ Red Book
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "Trusted
|
||
Network Interpretation of the Trusted Computer System Evaluation
|
||
Criteria" [NCS05]. Instead, use the full proper name of the
|
||
document or, in subsequent references, a more conventional
|
||
abbreviation. (See: TCSEC, Rainbow Series, (usage note under)
|
||
Green Book.)
|
||
|
||
$ RED/BLACK separation
|
||
(I) An architectural concept for cryptographic systems that
|
||
strictly separates the parts of a system that handle plaintext
|
||
(i.e., RED information) from the parts that handle ciphertext
|
||
(i.e., BLACK information). This term derives from U.S. Government
|
||
COMSEC terminology. (See: BLACK, RED.)
|
||
|
||
$ reference monitor
|
||
(I) "An access control concept that refers to an abstract machine
|
||
that mediates all accesses to objects by subjects." [NCS04] (See:
|
||
security kernel.)
|
||
|
||
(C) A reference monitor should be (a) complete (i.e., it mediates
|
||
every access), (b) isolated (i.e., it cannot be modified by other
|
||
system entities), and (c) verifiable (i.e., small enough to be
|
||
subjected to analysis and tests to ensure that it is correct).
|
||
|
||
$ reflection attack
|
||
(I) A type of replay attack in which transmitted data is sent back
|
||
to its originator.
|
||
|
||
$ register
|
||
$ registration
|
||
(I) An administrative act or process whereby an entity's name and
|
||
other attributes are established for the first time at a CA, prior
|
||
to the CA issuing a digital certificate that has the entity's name
|
||
as the subject. (See: registration authority.)
|
||
|
||
(C) Registration may be accomplished either directly, by the CA,
|
||
or indirectly, by a separate RA. An entity is presented to the CA
|
||
or RA, and the authority either records the name(s) claimed for
|
||
the entity or assigns the entity's name(s). The authority also
|
||
determines and records other attributes of the entity that are to
|
||
|
||
|
||
|
||
Shirey Informational [Page 139]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
be bound in a certificate (such as a public key or authorizations)
|
||
or maintained in the authority's database (such as street address
|
||
and telephone number). The authority is responsible, possibly
|
||
assisted by an RA, for authenticating the entity's identity and
|
||
verifying the correctness of the other attributes, in accordance
|
||
with the CA's CPS.
|
||
|
||
(C) Among the registration issues that a CPS may address are the
|
||
following [R2527]:
|
||
|
||
- How a claimed identity and other attributes are verified.
|
||
- How organization affiliation or representation is verified.
|
||
- What forms of names are permitted, such as X.500 DN, domain
|
||
name, or IP address.
|
||
- Whether names are required to be meaningful or unique, and
|
||
within what domain.
|
||
- How naming disputes are resolved, including the role of
|
||
trademarks.
|
||
- Whether certificates are issued to entities that are not
|
||
persons.
|
||
- Whether a person is required to appear before the CA or RA, or
|
||
can instead be represented by an agent.
|
||
- Whether and how an entity proves possession of the private key
|
||
matching a public key.
|
||
|
||
$ registration authority (RA)
|
||
(I) An optional PKI entity (separate from the CAs) that does not
|
||
sign either digital certificates or CRLs but has responsibility
|
||
for recording or verifying some or all of the information
|
||
(particularly the identities of subjects) needed by a CA to issue
|
||
certificates and CRLs and to perform other certificate management
|
||
functions. (See: organizational registration authority,
|
||
registration.)
|
||
|
||
(C) Sometimes, a CA may perform all certificate management
|
||
functions for all end users for which the CA signs certificates.
|
||
Other times, such as in a large or geographically dispersed
|
||
community, it may be necessary or desirable to offload secondary
|
||
CA functions and delegate them to an assistant, while the CA
|
||
retains the primary functions (signing certificates and CRLs). The
|
||
tasks that are delegated to an RA by a CA may include personal
|
||
authentication, name assignment, token distribution, revocation
|
||
reporting, key generation, and archiving. An RA is an optional PKI
|
||
component, separate from the CA, that is assigned secondary
|
||
functions. The duties assigned to RAs vary from case to case but
|
||
may include the following:
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 140]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- Verifying a subject's identity, i.e., performing personal
|
||
authentication functions.
|
||
- Assigning a name to a subject. (See: distinguished name.)
|
||
- Verifying that a subject is entitled to have the attributes
|
||
requested for a certificate.
|
||
- Verifying that a subject possesses the private key that matches
|
||
the public key requested for a certificate.
|
||
- Performing functions beyond mere registration, such as
|
||
generating key pairs, distributing tokens, and handling
|
||
revocation reports. (Such functions may be assigned to a PKI
|
||
element that is separate from both the CA and the RA.)
|
||
|
||
(I) PKIX usage: An optional PKI component, separate from the
|
||
CA(s). The functions that the RA performs will vary from case to
|
||
case but may include identity authentication and name assignment,
|
||
key generation and archiving of key pairs, token distribution, and
|
||
revocation reporting. [R2510]
|
||
|
||
(O) SET usage: "An independent third-party organization that
|
||
processes payment card applications for multiple payment card
|
||
brands and forwards applications to the appropriate financial
|
||
institutions." [SET2]
|
||
|
||
$ regrade
|
||
(I) Deliberately change the classification level of information in
|
||
an authorized manner.
|
||
|
||
$ rekey
|
||
(I) Change the value of a cryptographic key that is being used in
|
||
an application of a cryptographic system. (See: certificate
|
||
rekey.)
|
||
|
||
(C) For example, rekey is required at the end of a cryptoperiod or
|
||
key lifetime.
|
||
|
||
$ reliability
|
||
(I) The ability of a system to perform a required function under
|
||
stated conditions for a specified period of time. (See:
|
||
availability, survivability.)
|
||
|
||
$ relying party
|
||
(N) A synonym for "certificate user". Used in a legal context to
|
||
mean a recipient of a certificate who acts in reliance on that
|
||
certificate. (See: ABA Guidelines.)
|
||
|
||
$ Remote Authentication Dial-In User Service (RADIUS)
|
||
(I) An Internet protocol [R2138] for carrying dial-in users'
|
||
authentication information and configuration information between a
|
||
|
||
|
||
|
||
Shirey Informational [Page 141]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
shared, centralized authentication server (the RADIUS server) and
|
||
a network access server (the RADIUS client) that needs to
|
||
authenticate the users of its network access ports. (See: TACACS.)
|
||
|
||
(C) A user of the RADIUS client presents authentication
|
||
information to the client, and the client passes that information
|
||
to the RADIUS server. The server authenticates the client using a
|
||
shared secret value, then checks the user's authentication
|
||
information, and finally returns to the client all authorization
|
||
and configuration information needed by the client to deliver
|
||
service to the user.
|
||
|
||
$ renew
|
||
See: certificate renewal.
|
||
|
||
$ replay attack
|
||
(I) An attack in which a valid data transmission is maliciously or
|
||
fraudulently repeated, either by the originator or by an adversary
|
||
who intercepts the data and retransmits it, possibly as part of a
|
||
masquerade attack. (See: active wiretapping.)
|
||
|
||
$ repository
|
||
(I) A system for storing and distributing digital certificates and
|
||
related information (including CRLs, CPSs, and certificate
|
||
policies) to certificate users. (See: directory.)
|
||
|
||
(O) "A trustworthy system for storing and retrieving certificates
|
||
or other information relevant to certificates." [ABA]
|
||
|
||
(C) A certificate is published to those who might need it by
|
||
putting it in a repository. The repository usually is a publicly
|
||
accessible, on-line server. In the Federal Public-key
|
||
Infrastructure, for example, the expected repository is a
|
||
directory that uses LDAP, but also may be the X.500 Directory that
|
||
uses DAP, or an HTTP server, or an FTP server that permits
|
||
anonymous login.
|
||
|
||
$ repudiation
|
||
(I) Denial by a system entity that was involved in an association
|
||
(especially an association that transfers information) of having
|
||
participated in the relationship. (See: accountability, non-
|
||
repudiation service.)
|
||
|
||
(O) "Denial by one of the entities involved in a communication of
|
||
having participated in all or part of the communication." [I7498
|
||
Part 2]
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 142]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ Request for Comment (RFC)
|
||
(I) One of the documents in the archival series that is the
|
||
official channel for ISDs and other publications of the Internet
|
||
Engineering Steering Group, the Internet Architecture Board, and
|
||
the Internet community in general. [R2026, R2223] (See: Internet
|
||
Standard.)
|
||
|
||
(C) This term is *not* a synonym for "Internet Standard".
|
||
|
||
$ residual risk
|
||
(I) The risk that remains after countermeasures have been applied.
|
||
|
||
$ restore
|
||
See: card restore.
|
||
|
||
$ revocation
|
||
See: certificate revocation.
|
||
|
||
$ revocation date
|
||
(N) In an X.509 CRL entry, a date-time field that states when the
|
||
certificate revocation occurred, i.e., when the CA declared the
|
||
digital certificate to be invalid. (See: invalidity date.)
|
||
|
||
(C) The revocation date may not resolve some disputes because, in
|
||
the worst case, all signatures made during the validity period of
|
||
the certificate may have to be considered invalid. However, it may
|
||
be desirable to treat a digital signature as valid even though the
|
||
private key used to sign was compromised after the signing. If
|
||
more is known about when the compromise actually occurred, a
|
||
second date-time, an "invalidity date", can be included in an
|
||
extension of the CRL entry.
|
||
|
||
$ revocation list
|
||
See: certificate revocation list.
|
||
|
||
$ revoke
|
||
See: certificate revocation.
|
||
|
||
$ RFC
|
||
See: Request for Comment.
|
||
|
||
$ risk
|
||
(I) An expectation of loss expressed as the probability that a
|
||
particular threat will exploit a particular vulnerability with a
|
||
particular harmful result.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 143]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(O) SET usage: "The possibility of loss because of one or more
|
||
threats to information (not to be confused with financial or
|
||
business risk)." [SET2]
|
||
|
||
$ risk analysis
|
||
$ risk assessment
|
||
(I) A process that systematically identifies valuable system
|
||
resources and threats to those resources, quantifies loss
|
||
exposures (i.e., loss potential) based on estimated frequencies
|
||
and costs of occurrence, and (optionally) recommends how to
|
||
allocate resources to countermeasures so as to minimize total
|
||
exposure.
|
||
|
||
(C) The analysis lists risks in order of cost and criticality,
|
||
thereby determining where countermeasures should be applied first.
|
||
It is usually financially and technically infeasible to counteract
|
||
all aspects of risk, and so some residual risk will remain, even
|
||
after all available countermeasures have been deployed. [FP031,
|
||
R2196]
|
||
|
||
$ risk management
|
||
(I) The process of identifying, controlling, and eliminating or
|
||
minimizing uncertain events that may affect system resources.
|
||
(See: risk analysis.)
|
||
|
||
$ Rivest Cipher #2 (RC2)
|
||
(N) A proprietary, variable-key-length block cipher invented by
|
||
Ron Rivest for RSA Data Security, Inc. (now a wholly-owned
|
||
subsidiary of Security Dynamics, Inc.).
|
||
|
||
$ Rivest Cipher #4 (RC4)
|
||
(N) A proprietary, variable-key-length stream cipher invented by
|
||
Ron Rivest for RSA Data Security, Inc. (now a wholly-owned
|
||
subsidiary of Security Dynamics, Inc.).
|
||
|
||
$ Rivest-Shamir-Adleman (RSA)
|
||
(N) An algorithm for asymmetric cryptography, invented in 1977 by
|
||
Ron Rivest, Adi Shamir, and Leonard Adleman [RSA78, Schn].
|
||
|
||
(C) RSA uses exponentiation modulo the product of two large prime
|
||
numbers. The difficulty of breaking RSA is believed to be
|
||
equivalent to the difficulty of factoring integers that are the
|
||
product of two large prime numbers of approximately equal size.
|
||
|
||
(C) To create an RSA key pair, randomly choose two large prime
|
||
numbers, p and q, and compute the modulus, n = pq. Randomly choose
|
||
a number e, the public exponent, that is less than n and
|
||
relatively prime to (p-1)(q-1). Choose another number d, the
|
||
|
||
|
||
|
||
Shirey Informational [Page 144]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
private exponent, such that ed-1 evenly divides (p-1)(q-1). The
|
||
public key is the set of numbers (n,e), and the private key is the
|
||
set (n,d).
|
||
|
||
(C) It is assumed to be difficult to compute the private key (n,d)
|
||
from the public key (n,e). However, if n can be factored into p
|
||
and q, then the private key d can be computed easily. Thus, RSA
|
||
security depends on the assumption that it is computationally
|
||
difficult to factor a number that is the product of two large
|
||
prime numbers. (Of course, p and q are treated as part of the
|
||
private key, or else destroyed after computing n.)
|
||
|
||
(C) For encryption of a message, m, to be sent to Bob, Alice uses
|
||
Bob's public key (n,e) to compute m**e (mod n) = c. She sends c to
|
||
Bob. Bob computes c**d (mod n) = m. Only Bob knows d, so only Bob
|
||
can compute c**d (mod n) = m to recover m.
|
||
|
||
(C) To provide data origin authentication of a message, m, to be
|
||
sent to Bob, Alice computes m**d (mod n) = s, where (d,n) is
|
||
Alice's private key. She sends m and s to Bob. To recover the
|
||
message that only Alice could have sent, Bob computes s**e (mod n)
|
||
= m, where (e,n) is Alice's public key.
|
||
|
||
(C) To ensure data integrity in addition to data origin
|
||
authentication requires extra computation steps in which Alice and
|
||
Bob use a cryptographic hash function h (as explained for digital
|
||
signature). Alice computes the hash value h(m) = v, and then
|
||
encrypts v with her private key to get s. She sends m and s. Bob
|
||
receives m' and s', either of which might have been changed from
|
||
the m and s that Alice sent. To test this, he decrypts s' with
|
||
Alice's public key to get v'. He then computes h(m') = v". If v'
|
||
equals v", Bob is assured that m' is the same m that Alice sent.
|
||
|
||
$ role-based access control (RBAC)
|
||
(I) A form of identity-based access control where the system
|
||
entities that are identified and controlled are functional
|
||
positions in an organization or process.
|
||
|
||
$ root
|
||
(I) A CA that is directly trusted by an end entity. Acquiring the
|
||
value of a root CA's public key involves an out-of-band procedure.
|
||
|
||
(I) Hierarchical PKI usage: The CA that is the highest level (most
|
||
trusted) CA in a certification hierarchy; i.e., the authority upon
|
||
whose public key all certificate users base their trust. (See: top
|
||
CA.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 145]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) In a hierarchical PKI, a root issues public-key certificates
|
||
to one or more additional CAs that form the second highest level.
|
||
Each of these CAs may issue certificates to more CAs at the third
|
||
highest level, and so on. To initialize operation of a
|
||
hierarchical PKI, the root's initial public key is securely
|
||
distributed to all certificate users in a way that does not depend
|
||
on the PKI's certification relationships. The root's public key
|
||
may be distributed simply as a numerical value, but typically is
|
||
distributed in a self-signed certificate in which the root is the
|
||
subject. The root's certificate is signed by the root itself
|
||
because there is no higher authority in a certification hierarchy.
|
||
The root's certificate is then the first certificate in every
|
||
certification path.
|
||
|
||
(O) MISSI usage: A name previously used for a MISSI policy
|
||
creation authority, which is not a root as defined above for
|
||
general usage, but is a CA at the second level of the MISSI
|
||
hierarchy, immediately subordinate to a MISSI policy approving
|
||
authority.
|
||
|
||
(O) UNIX usage: A user account (also called "superuser") that has
|
||
all privileges (including all security-related privileges) and
|
||
thus can manage the system and its other user accounts.
|
||
|
||
$ root certificate
|
||
(I) A certificate for which the subject is a root.
|
||
|
||
(I) Hierarchical PKI usage: The self-signed public-key certificate
|
||
at the top of a certification hierarchy.
|
||
|
||
$ root key
|
||
(I) A public key for which the matching private key is held by a
|
||
root.
|
||
|
||
$ root registry
|
||
(O) MISSI usage: A name previously used for a MISSI policy
|
||
approving authority.
|
||
|
||
$ router
|
||
(I) A computer that is a gateway between two networks at OSI layer
|
||
3 and that relays and directs data packets through that
|
||
internetwork. The most common form of router operates on IP
|
||
packets. (See: bridge.)
|
||
|
||
(I) Internet usage: In the context of the Internet protocol suite,
|
||
a networked computer that forwards Internet Protocol packets that
|
||
are not addressed to the computer itself. (See: host.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 146]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ RSA
|
||
See: Rivest-Shamir-Adleman.
|
||
|
||
$ rule-based security policy
|
||
(I) "A security policy based on global rules imposed for all
|
||
users. These rules usually rely on comparison of the sensitivity
|
||
of the resource being accessed and the possession of corresponding
|
||
attributes of users, a group of users, or entities acting on
|
||
behalf of users." [I7498 Part 2] (See: identity-based security
|
||
policy.)
|
||
|
||
$ safety
|
||
(I) The property of a system being free from risk of causing harm
|
||
to system entities and outside entities.
|
||
|
||
$ SAID
|
||
See: security association identifier.
|
||
|
||
$ salt
|
||
(I) A random value that is concatenated with a password before
|
||
applying the one-way encryption function used to protect passwords
|
||
that are stored in the database of an access control system. (See:
|
||
initialization value.)
|
||
|
||
(C) Salt protects a password-based access control system against a
|
||
dictionary attack.
|
||
|
||
$ sanitize
|
||
(I) Delete sensitive data from a file, a device, or a system; or
|
||
modify data so as to be able to downgrade its classification
|
||
level.
|
||
|
||
$ SASL
|
||
See: Simple Authentication and Security Layer.
|
||
|
||
$ SCA
|
||
See: subordinate certification authority.
|
||
|
||
$ scavenging
|
||
See: (secondary definition under) threat consequence.
|
||
|
||
$ screening router
|
||
(I) A synonym for "filtering router".
|
||
|
||
$ SDE
|
||
See: Secure Data Exchange.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 147]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ SDNS
|
||
See: Secure Data Network System.
|
||
|
||
$ seal
|
||
(O) To use cryptography to provide data integrity service for a
|
||
data object. (See: sign, wrap.)
|
||
|
||
(D) ISDs SHOULD NOT use this definition; instead, use language
|
||
that is more specific with regard to the mechanism(s) used, such
|
||
as "sign" when the mechanism is digital signature.
|
||
|
||
$ secret
|
||
(I) (1.) Adjective: The condition of information being protected
|
||
from being known by any system entities except those who are
|
||
intended to know it. (2.) Noun: An item of information that is
|
||
protected thusly.
|
||
|
||
(C) This term applies to symmetric keys, private keys, and
|
||
passwords.
|
||
|
||
$ secret-key cryptography
|
||
(I) A synonym for "symmetric cryptography".
|
||
|
||
$ Secure Data Exchange (SDE)
|
||
(N) A local area network security protocol defined by the IEEE
|
||
802.10 standard.
|
||
|
||
$ Secure Data Network System (SDNS)
|
||
(N) An NSA program that developed security protocols for
|
||
electronic mail (Message Security Protocol), OSI layer 3 (SP3),
|
||
OSI layer 4 (SP4), and key management (KMP).
|
||
|
||
$ Secure Hash Standard (SHS)
|
||
(N) The U.S. Government standard [FP180] that specifies the Secure
|
||
Hash Algorithm (SHA-1), a cryptographic hash function that
|
||
produces a 160-bit output (hash result) for input data of any
|
||
length < 2**64 bits.
|
||
|
||
$ Secure Hypertext Transfer Protocol (Secure-HTTP, S-HTTP)
|
||
(I) A Internet protocol for providing client-server security
|
||
services for HTTP communications. (See: https.)
|
||
|
||
(C) S-HTTP was originally specified by CommerceNet, a coalition of
|
||
businesses interested in developing the Internet for commercial
|
||
uses. Several message formats may be incorporated into S-HTTP
|
||
clients and servers, particularly CMS and MOSS. S-HTTP supports
|
||
choice of security policies, key management mechanisms, and
|
||
cryptographic algorithms through option negotiation between
|
||
|
||
|
||
|
||
Shirey Informational [Page 148]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
parties for each transaction. S-HTTP supports both asymmetric and
|
||
symmetric key operation modes. S-HTTP attempts to avoid presuming
|
||
a particular trust model, but it attempts to facilitate multiply-
|
||
rooted hierarchical trust and anticipates that principals may have
|
||
many public key certificates.
|
||
|
||
$ Secure/MIME (S/MIME)
|
||
(I) Secure/Multipurpose Internet Mail Extensions, an Internet
|
||
protocol [R2633] to provide encryption and digital signatures for
|
||
Internet mail messages.
|
||
|
||
$ Secure Sockets Layer (SSL)
|
||
(N) An Internet protocol (originally developed by Netscape
|
||
Communications, Inc.) that uses connection-oriented end-to-end
|
||
encryption to provide data confidentiality service and data
|
||
integrity service for traffic between a client (often a web
|
||
browser) and a server, and that can optionally provide peer entity
|
||
authentication between the client and the server. (See: Transport
|
||
Layer Security.)
|
||
|
||
(C) SSL is layered below HTTP and above a reliable transport
|
||
protocol (TCP). SSL is independent of the application it
|
||
encapsulates, and any higher level protocol can layer on top of
|
||
SSL transparently. However, many Internet applications might be
|
||
better served by IPsec.
|
||
|
||
(C) SSL has two layers: (a) SSL's lower layer, the SSL Record
|
||
Protocol, is layered on top of the transport protocol and
|
||
encapsulates higher level protocols. One such encapsulated
|
||
protocol is SSL Handshake Protocol. (b) SSL's upper layer provides
|
||
asymmetric cryptography for server authentication (verifying the
|
||
server's identity to the client) and optional client
|
||
authentication (verifying the client's identity to the server),
|
||
and also enables them to negotiate a symmetric encryption
|
||
algorithm and secret session key (to use for data confidentiality)
|
||
before the application protocol transmits or receives data. A
|
||
keyed hash provides data integrity service for encapsulated data.
|
||
|
||
$ secure state
|
||
(I) A system condition in which no subject can access any object
|
||
in an unauthorized manner. (See: (secondary definition under)
|
||
Bell-LaPadula Model, clean system.)
|
||
|
||
$ security
|
||
(I) (1.) Measures taken to protect a system. (2.) The condition of
|
||
a system that results from the establishment and maintenance of
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 149]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
measures to protect the system. (3.) The condition of system
|
||
resources being free from unauthorized access and from
|
||
unauthorized or accidental change, destruction, or loss.
|
||
|
||
$ security architecture
|
||
(I) A plan and set of principles that describe (a) the security
|
||
services that a system is required to provide to meet the needs of
|
||
its users, (b) the system elements required to implement the
|
||
services, and (c) the performance levels required in the elements
|
||
to deal with the threat environment. (See: (discussion under)
|
||
security policy.)
|
||
|
||
(C) A security architecture is the result of applying the system
|
||
engineering process. A complete system security architecture
|
||
includes administrative security, communication security, computer
|
||
security, emanations security, personnel security, and physical
|
||
security (e.g., see: [R2179]). A complete security architecture
|
||
needs to deal with both intentional, intelligent threats and
|
||
accidental kinds of threats.
|
||
|
||
$ security association
|
||
(I) A relationship established between two or more entities to
|
||
enable them to protect data they exchange. The relationship is
|
||
used to negotiate characteristics of protection mechanisms, but
|
||
does not include the mechanisms themselves. (See: association.)
|
||
|
||
(C) A security association describes how entities will use
|
||
security services. The relationship is represented by a set of
|
||
information that is shared between the entities and is agreed upon
|
||
and considered a contract between them.
|
||
|
||
(O) IPsec usage: A simplex (uni-directional) logical connection
|
||
created for security purposes and implemented with either AH or
|
||
ESP (but not both). The security services offered by a security
|
||
association depend on the protocol selected, the IPsec mode
|
||
(transport or tunnel), the endpoints, and the election of optional
|
||
services within the protocol. A security association is identified
|
||
by a triple consisting of (a) a destination IP address, (b) a
|
||
protocol (AH or ESP) identifier, and (c) a Security Parameter
|
||
Index.
|
||
|
||
$ security association identifier (SAID)
|
||
(I) A data field in a security protocol (such as NLSP or SDE),
|
||
used to identify the security association to which a protocol data
|
||
unit is bound. The SAID value is usually used to select a key for
|
||
decryption or authentication at the destination. (See: Security
|
||
Parameter Index.)
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 150]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ security audit
|
||
(I) An independent review and examination of a system's records
|
||
and activities to determine the adequacy of system controls,
|
||
ensure compliance with established security policy and procedures,
|
||
detect breaches in security services, and recommend any changes
|
||
that are indicated for countermeasures. [I7498 Part 2, NCS01]
|
||
|
||
(C) The basic audit objective is to establish accountability for
|
||
system entities that initiate or participate in security-relevant
|
||
events and actions. Thus, means are needed to generate and record
|
||
a security audit trail and to review and analyze the audit trail
|
||
to discover and investigate attacks and security compromises.
|
||
|
||
$ security audit trail
|
||
(I) A chronological record of system activities that is sufficient
|
||
to enable the reconstruction and examination of the sequence of
|
||
environments and activities surrounding or leading to an
|
||
operation, procedure, or event in a security-relevant transaction
|
||
from inception to final results. [NCS04] (See: security audit.)
|
||
|
||
$ security class
|
||
(D) A synonym for "security level". For consistency, ISDs SHOULD
|
||
use "security level" instead of "security class".
|
||
|
||
$ security clearance
|
||
(I) A determination that a person is eligible, under the standards
|
||
of a specific security policy, for authorization to access
|
||
sensitive information or other system resources. (See: clearance
|
||
level.)
|
||
|
||
$ security compromise
|
||
(I) A security violation in which a system resource is exposed, or
|
||
is potentially exposed, to unauthorized access. (See: data
|
||
compromise, violation.)
|
||
|
||
$ security domain
|
||
See: domain.
|
||
|
||
$ security environment
|
||
(I) The set of external entities, procedures, and conditions that
|
||
affect secure development, operation, and maintenance of a system.
|
||
|
||
$ security event
|
||
(I) A occurrence in a system that is relevant to the security of
|
||
the system. (See: security incident.)
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 151]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) The term includes both events that are security incidents and
|
||
those that are not. In a CA workstation, for example, a list of
|
||
security events might include the following:
|
||
|
||
- Performing a cryptographic operation, e.g., signing a digital
|
||
certificate or CRL.
|
||
- Performing a cryptographic card operation: creation, insertion,
|
||
removal, or backup.
|
||
- Performing a digital certificate lifecycle operation: rekey,
|
||
renewal, revocation, or update.
|
||
- Posting information to an X.500 Directory.
|
||
- Receiving a key compromise notification.
|
||
- Receiving an improper certification request.
|
||
- Detecting an alarm condition reported by a cryptographic
|
||
module.
|
||
- Logging the operator in or out.
|
||
- Failing a built-in hardware self-test or a software system
|
||
integrity check.
|
||
|
||
$ security fault analysis
|
||
(I) A security analysis, usually performed on hardware at a logic
|
||
gate level, gate-by-gate, to determine the security properties of
|
||
a device when a hardware fault is encountered.
|
||
|
||
$ security gateway
|
||
(I) A gateway that separates trusted (or relatively more trusted)
|
||
hosts on the internal network side from untrusted (or less
|
||
trusted) hosts on the external network side. (See: firewall and
|
||
guard.)
|
||
|
||
(O) IPsec usage: "An intermediate system that implements IPsec
|
||
protocols." [R2401] Normally, AH or ESP is implemented to serve a
|
||
set of internal hosts, providing security services for the hosts
|
||
when they communicate with other, external hosts or gateways that
|
||
also implement IPsec.
|
||
|
||
$ security incident
|
||
(I) A security event that involves a security violation. (See:
|
||
CERT, GRIP, security event, security intrusion, security
|
||
violation.)
|
||
|
||
(C) In other words, a security-relevant system event in which the
|
||
system's security policy is disobeyed or otherwise breached.
|
||
|
||
(O) "Any adverse event which compromises some aspect of computer
|
||
or network security." [R2350]
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 152]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(D) ISDs SHOULD NOT use this "O" definition because (a) a security
|
||
incident may occur without actually being harmful (i.e., adverse)
|
||
and (b) this Glossary defines "compromise" more narrowly in
|
||
relation to unauthorized access.
|
||
|
||
$ security intrusion
|
||
(I) A security event, or a combination of multiple security
|
||
events, that constitutes a security incident in which an intruder
|
||
gains, or attempts to gain, access to a system (or system
|
||
resource) without having authorization to do so.
|
||
|
||
$ security kernel
|
||
(I) "The hardware, firmware, and software elements of a trusted
|
||
computing base that implement the reference monitor concept. It
|
||
must mediate all accesses, be protected from modification, and be
|
||
verifiable as correct." [NCS04] (See: reference monitor.)
|
||
|
||
(C) That is, a security kernel is an implementation of a reference
|
||
monitor for a given hardware base.
|
||
|
||
$ security label
|
||
(I) A marking that is bound to a system resource and that names or
|
||
designates the security-relevant attributes of that resource.
|
||
[I7498 Part 2, R1457]
|
||
|
||
(C) The recommended definition is usefully broad, but usually the
|
||
term is understood more narrowly as a marking that represents the
|
||
security level of an information object, i.e., a marking that
|
||
indicates how sensitive an information object is. [NCS04]
|
||
|
||
(C) System security mechanisms interpret security labels according
|
||
to applicable security policy to determine how to control access
|
||
to the associated information, otherwise constrain its handling,
|
||
and affix appropriate security markings to visible (printed and
|
||
displayed) images thereof. [FP188]
|
||
|
||
$ security level
|
||
(I) The combination of a hierarchical classification level and a
|
||
set of non-hierarchical category designations that represents how
|
||
sensitive information is. (See: (usage note under) classification
|
||
level, dominate, lattice model.)
|
||
|
||
$ security management infrastructure (SMI)
|
||
(I) System elements and activities that support security policy by
|
||
monitoring and controlling security services and mechanisms,
|
||
distributing security information, and reporting security events.
|
||
The associated functions are as follows [I7498-4]:
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 153]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- Controlling (granting or restricting) access to system
|
||
resources: This includes verifying authorizations and
|
||
identities, controlling access to sensitive security data, and
|
||
modifying access priorities and procedures in the event of
|
||
attacks.
|
||
|
||
- Retrieving (gathering) and archiving (storing) security
|
||
information: This includes logging security events and
|
||
analyzing the log, monitoring and profiling usage, and
|
||
reporting security violations.
|
||
|
||
- Managing and controlling the encryption process: This includes
|
||
performing the functions of key management and reporting on key
|
||
management problems. (See: public-key infrastructure.)
|
||
|
||
$ security mechanism
|
||
(I) A process (or a device incorporating such a process) that can
|
||
be used in a system to implement a security service that is
|
||
provided by or within the system. (See: (discussion under)
|
||
security policy.)
|
||
|
||
(C) Some examples of security mechanisms are authentication
|
||
exchange, checksum, digital signature, encryption, and traffic
|
||
padding.
|
||
|
||
$ security model
|
||
(I) A schematic description of a set of entities and relationships
|
||
by which a specified set of security services are provided by or
|
||
within a system. (See: (discussion under) security policy.)
|
||
|
||
(C) An example is the Bell-LaPadula Model.
|
||
|
||
$ security parameters index (SPI)
|
||
(I) IPsec usage: The type of security association identifier used
|
||
in IPsec protocols. A 32-bit value used to distinguish among
|
||
different security associations terminating at the same
|
||
destination (IP address) and using the same IPsec security
|
||
protocol (AH or ESP). Carried in AH and ESP to enable the
|
||
receiving system to determine under which security association to
|
||
process a received packet.
|
||
|
||
$ security perimeter
|
||
(I) The boundary of the domain in which a security policy or
|
||
security architecture applies; i.e., the boundary of the space in
|
||
which security services protect system resources.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 154]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ security policy
|
||
(I) A set of rules and practices that specify or regulate how a
|
||
system or organization provides security services to protect
|
||
sensitive and critical system resources. (See: identity-based
|
||
security policy, rule-based security policy, security
|
||
architecture, security mechanism, security model.)
|
||
|
||
(O) "The set of rules laid down by the security authority
|
||
governing the use and provision of security services and
|
||
facilities." [X509]
|
||
|
||
(C) Ravi Sandhu notes that security policy is one of four layers
|
||
of the security engineering process (as shown in the following
|
||
diagram). Each layer provides a different view of security,
|
||
ranging from what services are needed to how services are
|
||
implemented.
|
||
|
||
What Security Services Should Be Provided?
|
||
^
|
||
| + - - - - - - - - - - - +
|
||
| | Security Policy |
|
||
| + - - - - - - - - - - - + + - - - - - - - - - - - - - - +
|
||
| | Security Model | | A "top-level specification" |
|
||
| + - - - - - - - - - - - + <- | is at a level below "model" |
|
||
| | Security Architecture | | but above "architecture". |
|
||
| + - - - - - - - - - - - + + - - - - - - - - - - - - - - +
|
||
| | Security Mechanism |
|
||
| + - - - - - - - - - - - +
|
||
v
|
||
How Are Security Services Implemented?
|
||
|
||
$ Security Protocol 3 (SP3)
|
||
(O) A protocol [SDNS3] developed by SDNS to provide connectionless
|
||
data security at the top of OSI layer 3. (See: NLSP.)
|
||
|
||
$ Security Protocol 4 (SP4)
|
||
(O) A protocol [SDNS4] developed by SDNS to provide either
|
||
connectionless or end-to-end connection-oriented data security at
|
||
the bottom of OSI layer 4. (See: TLSP.)
|
||
|
||
$ security-relevant event
|
||
See: security event.
|
||
|
||
$ security service
|
||
(I) A processing or communication service that is provided by a
|
||
system to give a specific kind of protection to system resources.
|
||
(See: access control service, audit service, availability service,
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 155]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
data confidentiality service, data integrity service, data origin
|
||
authentication service, non-repudiation service, peer entity
|
||
authentication service, system integrity service.)
|
||
|
||
(O) "A service, provided by a layer of communicating open systems,
|
||
which ensures adequate security of the systems or the data
|
||
transfers." [I7498 Part 2]
|
||
|
||
(C) Security services implement security policies, and are
|
||
implemented by security mechanisms.
|
||
|
||
$ security situation
|
||
(I) ISAKMP usage: The set of all security-relevant information--
|
||
e.g., network addresses, security classifications, manner of
|
||
operation (normal or emergency)--that is needed to decide the
|
||
security services that are required to protect the association
|
||
that is being negotiated.
|
||
|
||
$ security token
|
||
See: token.
|
||
|
||
$ security violation
|
||
(I) An act or event that disobeys or otherwise breaches security
|
||
policy. (See: compromise, penetration, security incident.)
|
||
|
||
$ self-signed certificate
|
||
(I) A public-key certificate for which the public key bound by the
|
||
certificate and the private key used to sign the certificate are
|
||
components of the same key pair, which belongs to the signer.
|
||
(See: root certificate.)
|
||
|
||
(C) In a self-signed X.509 public-key certificate, the issuer's DN
|
||
is the same as the subject's DN.
|
||
|
||
$ semantic security
|
||
(I) An attribute of a encryption algorithm that is a formalization
|
||
of the notion that the algorithm not only hides the plaintext but
|
||
also reveals no partial information about the plaintext. Whatever
|
||
is efficiently computable about the plaintext when given the
|
||
ciphertext, is also efficiently computable without the ciphertext.
|
||
(See: indistinguishability.)
|
||
|
||
$ sensitive (information)
|
||
(I) Information is sensitive if disclosure, alteration,
|
||
destruction, or loss of the information would adversely affect the
|
||
interests or business of its owner or user. (See: critical.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 156]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ separation of duties
|
||
(I) The practice of dividing the steps in a system function among
|
||
different individuals, so as to keep a single individual from
|
||
subverting the process. (See: dual control, administrative
|
||
security.)
|
||
|
||
$ serial number
|
||
See: certificate serial number.
|
||
|
||
$ server
|
||
(I) A system entity that provides a service in response to
|
||
requests from other system entities called clients.
|
||
|
||
$ session key
|
||
(I) In the context of symmetric encryption, a key that is
|
||
temporary or is used for a relatively short period of time. (See:
|
||
ephemeral key, key distribution center, master key.)
|
||
|
||
(C) Usually, a session key is used for a defined period of
|
||
communication between two computers, such as for the duration of a
|
||
single connection or transaction set, or the key is used in an
|
||
application that protects relatively large amounts of data and,
|
||
therefore, needs to be rekeyed frequently.
|
||
|
||
$ SET
|
||
See: SET Secure Electronic Transaction(trademark).
|
||
|
||
$ SET private extension
|
||
(O) One of the private extensions defined by SET for X.509
|
||
certificates. Carries information about hashed root key,
|
||
certificate type, merchant data, cardholder certificate
|
||
requirements, encryption support for tunneling, or message support
|
||
for payment instructions.
|
||
|
||
$ SET qualifier
|
||
(O) A certificate policy qualifier that provides information about
|
||
the location and content of a SET certificate policy.
|
||
|
||
(C) In addition to the policies and qualifiers inherited from its
|
||
own certificate, each CA in the SET certification hierarchy may
|
||
add one qualifying statement to the root policy when the CA issues
|
||
a certificate. The additional qualifier is a certificate policy
|
||
for that CA. Each policy in a SET certificate may have these
|
||
qualifiers:
|
||
|
||
- A URL where a copy of the policy statement may be found.
|
||
- An electronic mail address where a copy of the policy statement
|
||
may be found.
|
||
|
||
|
||
|
||
Shirey Informational [Page 157]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- A hash result of the policy statement, computed using the
|
||
indicated algorithm.
|
||
- A statement declaring any disclaimers associated with the
|
||
issuing of the certificate.
|
||
|
||
$ SET Secure Electronic Transaction(trademark) or SET(trademark)
|
||
(N) A protocol developed jointly by MasterCard International and
|
||
Visa International and published as an open standard to provide
|
||
confidentiality of transaction information, payment integrity, and
|
||
authentication of transaction participants for payment card
|
||
transactions over unsecured networks, such as the Internet. [SET1]
|
||
(See: acquirer, brand, cardholder, dual signature, electronic
|
||
commerce, issuer, merchant, payment gateway, third party.)
|
||
|
||
(C) This term and acronym are trademarks of SETCo. MasterCard and
|
||
Visa announced the SET standard on 1 February 1996. On 19 December
|
||
1997, MasterCard and Visa formed SET Secure Electronic Transaction
|
||
LLC (commonly referred to as "SETCo") to implement the SET 1.0
|
||
specification. A memorandum of understanding adds American Express
|
||
and JCB Credit Card Company as co-owners of SETCo.
|
||
|
||
$ SETCo
|
||
See: (secondary definition under) SET Secure Electronic
|
||
Transaction.
|
||
|
||
$ SHA-1
|
||
See: Secure Hash Standard.
|
||
|
||
$ shared secret
|
||
(I) A synonym for "keying material" or "cryptographic key".
|
||
|
||
$ S-HTTP
|
||
See: Secure HTTP.
|
||
|
||
$ sign
|
||
(I) Create a digital signature for a data object.
|
||
|
||
$ signature
|
||
See: digital signature, electronic signature.
|
||
|
||
$ signature certificate
|
||
(I) A public-key certificate that contains a public key that is
|
||
intended to be used for verifying digital signatures, rather than
|
||
for encrypting data or performing other cryptographic functions.
|
||
|
||
(C) A v3 X.509 public-key certificate may have a "keyUsage"
|
||
extension which indicates the purpose for which the certified
|
||
public key is intended.
|
||
|
||
|
||
|
||
Shirey Informational [Page 158]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ signer
|
||
(N) A human being or an organization entity that uses its private
|
||
key to create a digital signature for a data object. [ABA]
|
||
|
||
$ SILS
|
||
See: Standards for Interoperable LAN/MAN Security.
|
||
|
||
$ simple authentication
|
||
(I) An authentication process that uses a password as the
|
||
information needed to verify an identity claimed for an entity.
|
||
(See: strong authentication.)
|
||
|
||
(O) "Authentication by means of simple password arrangements."
|
||
[X509]
|
||
|
||
$ Simple Authentication and Security Layer (SASL)
|
||
(I) An Internet specification [R2222] for adding authentication
|
||
service to connection-based protocols. To use SASL, a protocol
|
||
includes a command for authenticating a user to a server and for
|
||
optionally negotiating protection of subsequent protocol
|
||
interactions. The command names a registered security mechanism.
|
||
SASL mechanisms include Kerberos, GSSAPI, S/KEY, and others. Some
|
||
protocols that use SASL are IMAP4 and POP3.
|
||
|
||
$ Simple Key-management for Internet Protocols (SKIP)
|
||
(I) A key distribution protocol that uses hybrid encryption to
|
||
convey session keys that are used to encrypt data in IP packets.
|
||
[R2356] (See: IKE, IPsec.)
|
||
|
||
(C) SKIP uses the Diffie-Hellman algorithm (or could use another
|
||
key agreement algorithm) to generate a key-encrypting key for use
|
||
between two entities. A session key is used with a symmetric
|
||
algorithm to encrypt data in one or more IP packets that are to be
|
||
sent from one of the entities to the other. The KEK is used with a
|
||
symmetric algorithm to encrypt the session key, and the encrypted
|
||
session key is placed in a SKIP header that is added to each IP
|
||
packet that is encrypted with that session key.
|
||
|
||
$ Simple Mail Transfer Protocol (SMTP)
|
||
(I) A TCP-based, application-layer, Internet Standard protocol
|
||
[R0821] for moving electronic mail messages from one computer to
|
||
another.
|
||
|
||
$ Simple Network Management Protocol (SNMP)
|
||
(I) A UDP-based, application-layer, Internet Standard protocol
|
||
[R2570, R2574] for conveying management information between
|
||
managers and agents.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 159]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) SNMP version 1 uses cleartext passwords for authentication and
|
||
access control. (See: community string.) Version 2 adds
|
||
cryptographic mechanisms based on DES and MD5. Version 3 provides
|
||
enhanced, integrated support for security services, including data
|
||
confidentiality, data integrity, data origin authentication, and
|
||
message timeliness and limited replay protection.
|
||
|
||
$ simple security property
|
||
See: (secondary definition under) Bell-LaPadula Model.
|
||
|
||
$ single sign-on
|
||
(I) A system that enables a user to access multiple computer
|
||
platforms (usually a set of hosts on the same network) or
|
||
application systems after being authenticated just one time. (See:
|
||
Kerberos.)
|
||
|
||
(C) Typically, a user logs in just once, and then is transparently
|
||
granted access to a variety of permitted resources with no further
|
||
login being required until after the user logs out. Such a system
|
||
has the advantages of being user friendly and enabling
|
||
authentication to be managed consistently across an entire
|
||
enterprise, and has the disadvantage of requiring all hosts and
|
||
applications to trust the same authentication mechanism.
|
||
|
||
$ situation
|
||
See: security situation.
|
||
|
||
$ S/Key
|
||
(I) A security mechanism that uses a cryptographic hash function
|
||
to generate a sequence of 64-bit, one-time passwords for remote
|
||
user login. [R1760]
|
||
|
||
(C) The client generates a one-time password by applying the MD4
|
||
cryptographic hash function multiple times to the user's secret
|
||
key. For each successive authentication of the user, the number of
|
||
hash applications is reduced by one. (Thus, an intruder using
|
||
wiretapping cannot compute a valid password from knowledge of one
|
||
previously used.) The server verifies a password by hashing the
|
||
currently presented password (or initialization value) one time
|
||
and comparing the hash result with the previously presented
|
||
password.
|
||
|
||
$ SKIP
|
||
See: Simple Key-management for IP.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 160]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ SKIPJACK
|
||
(N) A Type II block cipher [NIST] with a block size of 64 bits and
|
||
a key size of 80 bits, that was developed by NSA and formerly
|
||
classified at the U.S. Department of Defense "Secret" level. (See:
|
||
CAPSTONE, CLIPPER, FORTEZZA, Key Exchange Algorithm.)
|
||
|
||
(C) On 23 June 1998, NSA announced that SKIPJACK had been
|
||
declassified.
|
||
|
||
$ slot
|
||
(O) MISSI usage: One of the FORTEZZA PC card storage areas that
|
||
are each able to hold an X.509 certificate and additional data
|
||
that is associated with the certificate, such as the matching
|
||
private key.
|
||
|
||
$ smart card
|
||
(I) A credit-card sized device containing one or more integrated
|
||
circuit chips, which perform the functions of a computer's central
|
||
processor, memory, and input/output interface. (See: PC card.)
|
||
|
||
(C) Sometimes this term is used rather strictly to mean a card
|
||
that closely conforms to the dimensions and appearance of the kind
|
||
of plastic credit card issued by banks and merchants. At other
|
||
times, the term is used loosely to include cards that are larger
|
||
than credit cards, especially cards that are thicker, such as PC
|
||
cards.
|
||
|
||
(C) A "smart token" is a device that conforms to the definition of
|
||
smart card except that rather than having standard credit card
|
||
dimensions, the token is packaged in some other form, such as a
|
||
dog tag or door key shape.
|
||
|
||
$ smart token
|
||
See: (secondary definition under) smart card.
|
||
|
||
$ SMI
|
||
See: security management infrastructure.
|
||
|
||
$ S/MIME
|
||
See: Secure/MIME.
|
||
|
||
$ SMTP
|
||
See: Simple Mail Transfer Protocol.
|
||
|
||
$ smurf
|
||
(I) Software that mounts a denial-of-service attack ("smurfing")
|
||
by exploiting IP broadcast addressing and ICMP ping packets to
|
||
cause flooding. (See: flood, ICMP flood.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 161]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(D) ISDs SHOULD NOT use this term because it is not listed in most
|
||
dictionaries and could confuse international readers.
|
||
|
||
(C) A smurf program builds a network packet that appears to
|
||
originate from another address, that of the "victim", either a
|
||
host or an IP router. The packet contains an ICMP ping message
|
||
that is addressed to an IP broadcast address, i.e., to all IP
|
||
addresses in a given network. The echo responses to the ping
|
||
message return to the victim's address. The goal of smurfing may
|
||
be either to deny service at a particular host or to flood all or
|
||
part of an IP network.
|
||
|
||
$ sniffing
|
||
(C) A synonym for "passive wiretapping". (See: password sniffing.)
|
||
|
||
(D) ISDs SHOULD NOT use this term because it unnecessarily
|
||
duplicates the meaning of a term that is better established. (See:
|
||
(usage note under) Green Book.
|
||
|
||
$ SNMP
|
||
See: Simple Network Management Protocol.
|
||
|
||
$ social engineering
|
||
(I) A euphemism for non-technical or low-technology means--such as
|
||
lies, impersonation, tricks, bribes, blackmail, and threats--used
|
||
to attack information systems. (See: masquerade attack.)
|
||
|
||
(D) ISDs SHOULD NOT use this term because it is vague; instead,
|
||
use a term that is specific with regard to the means of attack.
|
||
|
||
$ SOCKS
|
||
(I) An Internet protocol [R1928] that provides a generalized proxy
|
||
server that enables client-server applications--such as TELNET,
|
||
FTP, and HTTP; running over either TCP or UDP--to use the services
|
||
of a firewall.
|
||
|
||
(C) SOCKS is layered under the application layer and above the
|
||
transport layer. When a client inside a firewall wishes to
|
||
establish a connection to an object that is reachable only through
|
||
the firewall, it uses TCP to connect to the SOCKS server,
|
||
negotiates with the server for the authentication method to be
|
||
used, authenticates with the chosen method, and then sends a relay
|
||
request. The SOCKS server evaluates the request, typically based
|
||
on source and destination addresses, and either establishes the
|
||
appropriate connection or denies it.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 162]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ soft TEMPEST
|
||
(O) The use of software techniques to reduce the radio frequency
|
||
information leakage from computer displays and keyboards. [Kuhn]
|
||
(See: TEMPEST.)
|
||
|
||
$ software
|
||
(I) Computer programs (which are stored in and executed by
|
||
computer hardware) and associated data (which also is stored in
|
||
the hardware) that may be dynamically written or modified during
|
||
execution. (See: firmware, hardware.)
|
||
|
||
$ SORA
|
||
See: SSO-PIN ORA.
|
||
|
||
$ source authentication
|
||
(D) ISDs SHOULD NOT use this term because it is ambiguous. If the
|
||
intent is to authenticate the original creator or packager of data
|
||
received, then say "data origin authentication". If the intent is
|
||
to authenticate the identity of the sender of data, then say "peer
|
||
entity authentication". (See: data origin authentication, peer
|
||
entity authentication).
|
||
|
||
$ source integrity
|
||
(I) The degree of confidence that can be placed in information
|
||
based on the trustworthiness of its sources. (See: integrity.)
|
||
|
||
$ SP3
|
||
See: Security Protocol 3.
|
||
|
||
$ SP4
|
||
See: Security Protocol 4.
|
||
|
||
$ spam
|
||
(I) (1.) Verb: To indiscriminately send unsolicited, unwanted,
|
||
irrelevant, or inappropriate messages, especially commercial
|
||
advertising in mass quantities. (2.) Noun: electronic "junk mail".
|
||
[R2635]
|
||
|
||
(D) This term SHOULD NOT be written in upper-case letters, because
|
||
SPAM(trademark) is a trademark of Hormel Foods Corporation. Hormel
|
||
says, "We do not object to use of this slang term [spam] to
|
||
describe [unsolicited commercial email (UCE)], although we do
|
||
object to the use of our product image in association with that
|
||
term. Also, if the term is to be used, it should be used in all
|
||
lower-case letters to distinguish it from our trademark SPAM,
|
||
which should be used with all uppercase letters."
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 163]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) In sufficient volume, spam can cause denial of service. (See:
|
||
flooding.) According to the SPAM Web site, the term was adopted as
|
||
a result of the Monty Python skit in which a group of Vikings sang
|
||
a chorus of 'SPAM, SPAM, SPAM . . .' in an increasing crescendo,
|
||
drowning out other conversation. Hence, the analogy applied
|
||
because UCE was drowning out normal discourse on the Internet.
|
||
|
||
$ SPC
|
||
See: software publisher certificate.
|
||
|
||
$ SPI
|
||
See: Security Parameters Index.
|
||
|
||
$ split key
|
||
(I) A cryptographic key that is divided into two or more separate
|
||
data items that individually convey no knowledge of the whole key
|
||
that results from combining the items. (See: dual control, split
|
||
knowledge.)
|
||
|
||
$ split knowledge
|
||
(I) A security technique in which two or more entities separately
|
||
hold data items that individually convey no knowledge of the
|
||
information that results from combining the items. (See: dual
|
||
control, split key.)
|
||
|
||
(O) "A condition under which two or more entities separately have
|
||
key components which individually convey no knowledge of the
|
||
plaintext key which will be produced when the key components are
|
||
combined in the cryptographic module." [FP140]
|
||
|
||
$ spoofing attack
|
||
(I) A synonym for "masquerade attack".
|
||
|
||
$ SSH
|
||
(I) A protocol for secure remote login and other secure network
|
||
services over an insecure network.
|
||
|
||
(C) Consists of three major components:
|
||
|
||
- Transport layer protocol: Provides server authentication,
|
||
confidentiality, and integrity. It may optionally also provide
|
||
compression. The transport layer will typically be run over a
|
||
TCP/IP connection, but might also be used on top of any other
|
||
reliable data stream.
|
||
|
||
- User authentication protocol: Authenticates the client-side
|
||
user to the server. It runs over the transport layer protocol.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 164]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- Connection protocol: Multiplexes the encrypted tunnel into
|
||
several logical channels. It runs over the user authentication
|
||
protocol.
|
||
|
||
$ SSL
|
||
See: Secure Sockets Layer, Standard Security Label.
|
||
|
||
$ SSO
|
||
See: system security officer.
|
||
|
||
$ SSO PIN
|
||
(O) MISSI usage: One of two personal identification numbers that
|
||
control access to the functions and stored data of a FORTEZZA PC
|
||
card. Knowledge of the SSO PIN enables the card user to perform
|
||
the FORTEZZA functions intended for use by an end user and also
|
||
the functions intended for use by a MISSI certification authority.
|
||
(See: user PIN.)
|
||
|
||
$ SSO-PIN ORA (SORA)
|
||
(O) MISSI usage: A MISSI organizational RA that operates in a mode
|
||
in which the ORA performs all card management functions and,
|
||
therefore, requires knowledge of the SSO PIN for an end user's
|
||
FORTEZZA PC card.
|
||
|
||
$ Standards for Interoperable LAN/MAN Security (SILS)
|
||
(N) (1.) The IEEE 802.10 standards committee. (2.) A developing
|
||
set of IEEE standards, which has eight parts: (a) Model, including
|
||
security management, (b) Secure Data Exchange protocol, (c) Key
|
||
Management, (d) [has been incorporated in (a)], (e) SDE Over
|
||
Ethernet 2.0, (f) SDE Sublayer Management, (g) SDE Security
|
||
Labels, and (h) SDE PICS Conformance. Parts b, e, f, g, and h are
|
||
incorporated in IEEE Standard 802.10-1998.
|
||
|
||
$ star property
|
||
(I) (Written "*-property".) See: "confinement property" under
|
||
Bell-LaPadula Model.
|
||
|
||
$ Star Trek attack
|
||
(C) An attack that penetrates your system where no attack has ever
|
||
gone before.
|
||
|
||
$ steganography
|
||
(I) Methods of hiding the existence of a message or other data.
|
||
This is different than cryptography, which hides the meaning of a
|
||
message but does not hide the message itself. (See: cryptology.)
|
||
|
||
(C) An example of a steganographic method is "invisible" ink.
|
||
(See: digital watermark.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 165]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ storage channel
|
||
See: (secondary definition under) covert channel.
|
||
|
||
$ stream cipher
|
||
(I) An encryption algorithm that breaks plaintext into a stream of
|
||
successive bits (or characters) and encrypts the n-th plaintext
|
||
bit with the n-th element of a parallel key stream, thus
|
||
converting the plaintext bit stream into a ciphertext bit stream.
|
||
[Schn] (See: block cipher.)
|
||
|
||
$ strong authentication
|
||
(I) An authentication process that uses cryptography--particularly
|
||
public-key certificates--to verify the identity claimed for an
|
||
entity. (See: X.509.)
|
||
|
||
(O) "Authentication by means of cryptographically derived
|
||
credentials." [X509]
|
||
|
||
$ subject
|
||
1. (I) In a computer system: A system entity that causes
|
||
information to flow among objects or changes the system state;
|
||
technically, a process-domain pair. (See: Bell-LaPadula Model.)
|
||
|
||
2. (I) Of a certificate: The entity name that is bound to the data
|
||
items in a digital certificate, and particularly a name that is
|
||
bound to a key value in a public-key certificate.
|
||
|
||
$ subnetwork
|
||
(N) An OSI term for a system of packet relays and connecting links
|
||
that implement the lower three protocol layers of the OSIRM to
|
||
provide a communication service that interconnects attached end
|
||
systems. Usually the relays operate at OSI layer 3 and are all of
|
||
the same type (e.g., all X.25 packet switches, or all interface
|
||
units in an IEEE 802.3 LAN). (See: gateway, internet, router.)
|
||
|
||
$ subordinate certification authority (SCA)
|
||
(I) A CA whose public-key certificate is issued by another
|
||
(superior) CA. (See: certification hierarchy.)
|
||
|
||
(O) MISSI usage: The fourth-highest (bottom) level of a MISSI
|
||
certification hierarchy; a MISSI CA whose public-key certificate
|
||
is signed by a MISSI CA rather than by a MISSI PCA. A MISSI SCA is
|
||
the administrative authority for a subunit of an organization,
|
||
established when it is desirable to organizationally distribute or
|
||
decentralize the CA service. The term refers both to that
|
||
authoritative office or role, and to the person who fills that
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 166]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
office. A MISSI SCA registers end users and issues their
|
||
certificates and may also register ORAs, but may not register
|
||
other CAs. An SCA periodically issues a CRL.
|
||
|
||
$ subordinate distinguished name
|
||
(I) An X.500 DN is subordinate to another X.500 DN if it begins
|
||
with a set of attributes that is the same as the entire second DN
|
||
except for the terminal attribute of the second DN (which is
|
||
usually the name of a CA). For example, the DN <C=FooLand, O=Gov,
|
||
OU=Treasurer, CN=DukePinchpenny> is subordinate to the DN
|
||
<C=FooLand, O=Gov, CN=KingFooCA>.
|
||
|
||
$ superencryption
|
||
(I) An encryption operation for which the plaintext input to be
|
||
transformed is the ciphertext output of a previous encryption
|
||
operation.
|
||
|
||
$ survivability
|
||
(I) The ability of a system to remain in operation or existence
|
||
despite adverse conditions, including both natural occurrences,
|
||
accidental actions, and attacks on the system. (See: availability,
|
||
reliability.)
|
||
|
||
$ symmetric cryptography
|
||
(I) A branch of cryptography involving algorithms that use the
|
||
same key for two different steps of the algorithm (such as
|
||
encryption and decryption, or signature creation and signature
|
||
verification). (See: asymmetric cryptography.)
|
||
|
||
(C) Symmetric cryptography has been used for thousands of years
|
||
[Kahn]. A modern example of a symmetric encryption algorithm is
|
||
the U.S. Government's Data Encryption Algorithm. (See: DEA, DES.)
|
||
|
||
(C) Symmetric cryptography is sometimes called "secret-key
|
||
cryptography" (versus public-key cryptography) because the
|
||
entities that share the key, such as the originator and the
|
||
recipient of a message, need to keep the key secret. For example,
|
||
when Alice wants to ensure confidentiality for data she sends to
|
||
Bob, she encrypts the data with a secret key, and Bob uses the
|
||
same key to decrypt. Keeping the shared key secret entails both
|
||
cost and risk when the key is distributed to both Alice and Bob.
|
||
Thus, symmetric cryptography has a key management disadvantage
|
||
compared to asymmetric cryptography.
|
||
|
||
$ symmetric key
|
||
(I) A cryptographic key that is used in a symmetric cryptographic
|
||
algorithm.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 167]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ SYN flood
|
||
(I) A denial of service attack that sends a host more TCP SYN
|
||
packets (request to synchronize sequence numbers, used when
|
||
opening a connection) than the protocol implementation can handle.
|
||
(See: flooding.)
|
||
|
||
$ system
|
||
(C) In this Glossary, the term is mainly used as an abbreviation
|
||
for "automated information system".
|
||
|
||
$ system entity
|
||
(I) An active element of a system--e.g., an automated process, a
|
||
subsystem, a person or group of persons--that incorporates a
|
||
specific set of capabilities.
|
||
|
||
$ system high
|
||
(I) The highest security level supported by a system at a
|
||
particular time or in a particular environment. (See: system high
|
||
security mode.)
|
||
|
||
$ system high security mode
|
||
(I) A mode of operation of an information system, wherein all
|
||
users having access to the system possess a security clearance or
|
||
authorization, but not necessarily a need-to-know, for all data
|
||
handled by the system. (See: mode of operation.)
|
||
|
||
(C) This mode is defined formally in U.S. Department of Defense
|
||
policy regarding system accreditation [DOD2], but the term is
|
||
widely used outside the Defense Department and outside the
|
||
Government.
|
||
|
||
$ system integrity
|
||
(I) "The quality that a system has when it can perform its
|
||
intended function in a unimpaired manner, free from deliberate or
|
||
inadvertent unauthorized manipulation." [NCS04] (See: system
|
||
integrity service.)
|
||
|
||
$ system integrity service
|
||
(I) A security service that protects system resources in a
|
||
verifiable manner against unauthorized or accidental change, loss,
|
||
or destruction. (See: system integrity.)
|
||
|
||
$ system low
|
||
(I) The lowest security level supported by a system at a
|
||
particular time or in a particular environment. (See: system
|
||
high.)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 168]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ system resource
|
||
(I) Data contained in an information system; or a service provided
|
||
by a system; or a system capability, such as processing power or
|
||
communication bandwidth; or an item of system equipment (i.e., a
|
||
system component--hardware, firmware, software, or documentation);
|
||
or a facility that houses system operations and equipment.
|
||
|
||
$ system security officer (SSO)
|
||
(I) A person responsible for enforcement or administration of the
|
||
security policy that applies to the system.
|
||
|
||
$ system verification
|
||
See: (secondary definition under) verification.
|
||
|
||
$ TACACS
|
||
$ TACACS+
|
||
See: Terminal Access Controller (TAC) Access Control System.
|
||
|
||
$ tamper
|
||
(I) Make an unauthorized modification in a system that alters the
|
||
system's functioning in a way that degrades the security services
|
||
that the system was intended to provide.
|
||
|
||
$ TCB
|
||
See: trusted computing base.
|
||
|
||
$ TCP
|
||
See: Transmission Control Protocol.
|
||
|
||
$ TCP/IP
|
||
(I) A synonym for "Internet Protocol Suite", in which the
|
||
Transmission Control Protocol (TCP) and the Internet Protocol (IP)
|
||
are important parts.
|
||
|
||
$ TCSEC
|
||
See: Trusted Computer System Evaluation Criteria.
|
||
|
||
$ TELNET
|
||
(I) A TCP-based, application-layer, Internet Standard protocol
|
||
[R0854] for remote login from one host to another.
|
||
|
||
$ TEMPEST
|
||
(O) A nickname for specifications and standards for limiting the
|
||
strength of electromagnetic emanations from electrical and
|
||
electronic equipment and thus reducing vulnerability to
|
||
eavesdropping. This term originated in the U.S. Department of
|
||
Defense. [Army, Kuhn, Russ] (See: emanation security, soft
|
||
tempest.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 169]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for
|
||
"electromagnetic emanations security".
|
||
|
||
$ Terminal Access Controller (TAC) Access Control System (TACACS)
|
||
(I) A UDP-based authentication and access control protocol [R1492]
|
||
in which a network access server receives an identifier and
|
||
password from a remote terminal and passes them to a separate
|
||
authentication server for verification.
|
||
|
||
(C) TACACS was developed for ARPANET and has evolved for use in
|
||
commercial equipment. TACs were a type of network access server
|
||
computer used to connect terminals to the early Internet, usually
|
||
using dial-up modem connections. TACACS used centralized
|
||
authentication servers and served not only network access servers
|
||
like TACs but also routers and other networked computing devices.
|
||
TACs are no longer in use, but TACACS+ is. [R1983]
|
||
|
||
- "XTACACS": The name of Cisco Corporation's implementation,
|
||
which enhances and extends the original TACACS.
|
||
|
||
- "TACACS+": A TCP-based protocol that improves on TACACS and
|
||
XTACACS by separating the functions of authentication,
|
||
authorization, and accounting and by encrypting all traffic
|
||
between the network access server and authentication server. It
|
||
is extensible to allow any authentication mechanism to be used
|
||
with TACACS+ clients.
|
||
|
||
$ TESS
|
||
See: The Exponential Encryption System.
|
||
|
||
$ The Exponential Encryption System (TESS)
|
||
(I) A system of separate but cooperating cryptographic mechanisms
|
||
and functions for the secure authenticated exchange of
|
||
cryptographic keys, the generation of digital signatures, and the
|
||
distribution of public keys. TESS employs asymmetric cryptography,
|
||
based on discrete exponentiation, and a structure of self-
|
||
certified public keys. [R1824]
|
||
|
||
$ threat
|
||
(I) A potential for violation of security, which exists when there
|
||
is a circumstance, capability, action, or event that could breach
|
||
security and cause harm. (See: attack, threat action, threat
|
||
consequence.)
|
||
|
||
(C) That is, a threat is a possible danger that might exploit a
|
||
vulnerability. A threat can be either "intentional" (i.e.,
|
||
intelligent; e.g., an individual cracker or a criminal
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 170]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
organization) or "accidental" (e.g., the possibility of a computer
|
||
malfunctioning, or the possibility of an "act of God" such as an
|
||
earthquake, a fire, or a tornado).
|
||
|
||
(C) In some contexts, such as the following, the term is used
|
||
narrowly to refer only to intelligent threats:
|
||
|
||
(N) U. S. Government usage: The technical and operational
|
||
capability of a hostile entity to detect, exploit, or subvert
|
||
friendly information systems and the demonstrated, presumed, or
|
||
inferred intent of that entity to conduct such activity.
|
||
|
||
$ threat action
|
||
(I) An assault on system security. (See: attack, threat, threat
|
||
consequence.)
|
||
|
||
(C) A complete security architecture deals with both intentional
|
||
acts (i.e. attacks) and accidental events [FIPS31]. Various kinds
|
||
of threat actions are defined as subentries under "threat
|
||
consequence".
|
||
|
||
$ threat analysis
|
||
(I) An analysis of the probability of occurrences and consequences
|
||
of damaging actions to a system.
|
||
|
||
$ threat consequence
|
||
(I) A security violation that results from a threat action.
|
||
Includes disclosure, deception, disruption, and usurpation. (See:
|
||
attack, threat, threat action.)
|
||
|
||
(C) The following subentries describe four kinds of threat
|
||
consequences, and also list and describe the kinds of threat
|
||
actions that cause each consequence. Threat actions that are
|
||
accidental events are marked by "*".
|
||
|
||
1. "(Unauthorized) Disclosure" (a threat consequence): A
|
||
circumstance or event whereby an entity gains access to data
|
||
for which the entity is not authorized. (See: data
|
||
confidentiality.) The following threat actions can cause
|
||
unauthorized disclosure:
|
||
|
||
A. "Exposure": A threat action whereby sensitive data is
|
||
directly released to an unauthorized entity. This includes:
|
||
|
||
a. "Deliberate Exposure": Intentional release of sensitive
|
||
data to an unauthorized entity.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 171]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
b. "Scavenging": Searching through data residue in a system
|
||
to gain unauthorized knowledge of sensitive data.
|
||
|
||
c* "Human error": Human action or inaction that
|
||
unintentionally results in an entity gaining unauthorized
|
||
knowledge of sensitive data.
|
||
|
||
d* "Hardware/software error". System failure that results in
|
||
an entity gaining unauthorized knowledge of sensitive
|
||
data.
|
||
|
||
B. "Interception": A threat action whereby an unauthorized
|
||
entity directly accesses sensitive data traveling between
|
||
authorized sources and destinations. This includes:
|
||
|
||
a. "Theft": Gaining access to sensitive data by stealing a
|
||
shipment of a physical medium, such as a magnetic tape or
|
||
disk, that holds the data.
|
||
|
||
b. "Wiretapping (passive)": Monitoring and recording data
|
||
that is flowing between two points in a communication
|
||
system. (See: wiretapping.)
|
||
|
||
c. "Emanations analysis": Gaining direct knowledge of
|
||
communicated data by monitoring and resolving a signal
|
||
that is emitted by a system and that contains the data
|
||
but is not intended to communicate the data. (See:
|
||
emanation.)
|
||
|
||
C. "Inference": A threat action whereby an unauthorized entity
|
||
indirectly accesses sensitive data (but not necessarily the
|
||
data contained in the communication) by reasoning from
|
||
characteristics or byproducts of communications. This
|
||
includes:
|
||
|
||
a. Traffic analysis: Gaining knowledge of data by observing
|
||
the characteristics of communications that carry the
|
||
data. (See: (main Glossary entry for) traffic analysis.)
|
||
|
||
b. "Signals analysis": Gaining indirect knowledge of
|
||
communicated data by monitoring and analyzing a signal
|
||
that is emitted by a system and that contains the data
|
||
but is not intended to communicate the data. (See:
|
||
emanation.)
|
||
|
||
D. "Intrusion": A threat action whereby an unauthorized entity
|
||
gains access to sensitive data by circumventing a system's
|
||
security protections. This includes:
|
||
|
||
|
||
|
||
Shirey Informational [Page 172]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
a. "Trespass": Gaining unauthorized physical access to
|
||
sensitive data by circumventing a system's protections.
|
||
|
||
b. "Penetration": Gaining unauthorized logical access to
|
||
sensitive data by circumventing a system's protections.
|
||
|
||
c. "Reverse engineering": Acquiring sensitive data by
|
||
disassembling and analyzing the design of a system
|
||
component.
|
||
|
||
d. Cryptanalysis: Transforming encrypted data into plaintext
|
||
without having prior knowledge of encryption parameters
|
||
or processes. (See: (main Glossary entry for)
|
||
cryptanalysis.)
|
||
|
||
2. "Deception" (a threat consequence): A circumstance or event
|
||
that may result in an authorized entity receiving false data
|
||
and believing it to be true. The following threat actions can
|
||
cause deception:
|
||
|
||
A. "Masquerade": A threat action whereby an unauthorized entity
|
||
gains access to a system or performs a malicious act by
|
||
posing as an authorized entity. (See: (main Glossary entry
|
||
for) masquerade attack.)
|
||
|
||
a. "Spoof": Attempt by an unauthorized entity to gain access
|
||
to a system by posing as an authorized user.
|
||
|
||
b. "Malicious logic": In context of masquerade, any
|
||
hardware, firmware, or software (e.g., Trojan horse) that
|
||
appears to perform a useful or desirable function, but
|
||
actually gains unauthorized access to system resources or
|
||
tricks a user into executing other malicious logic. (See:
|
||
(main Glossary entry for) malicious logic.)
|
||
|
||
B. "Falsification": A threat action whereby false data deceives
|
||
an authorized entity. (See: active wiretapping.)
|
||
|
||
a. "Substitution": Altering or replacing valid data with
|
||
false data that serves to deceive an authorized entity.
|
||
|
||
b. "Insertion": Introducing false data that serves to
|
||
deceive an authorized entity.
|
||
|
||
C. "Repudiation": A threat action whereby an entity deceives
|
||
another by falsely denying responsibility for an act. (See:
|
||
non-repudiation service, (main Glossary entry for)
|
||
repudiation.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 173]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
a. "False denial of origin": Action whereby the originator
|
||
of data denies responsibility for its generation.
|
||
|
||
b. "False denial of receipt": Action whereby the recipient
|
||
of data denies receiving and possessing the data.
|
||
|
||
3. "Disruption" (a threat consequence): A circumstance or event
|
||
that interrupts or prevents the correct operation of system
|
||
services and functions. (See: denial of service.) The following
|
||
threat actions can cause disruption:
|
||
|
||
A. "Incapacitation": A threat action that prevents or
|
||
interrupts system operation by disabling a system component.
|
||
|
||
a. "Malicious logic": In context of incapacitation, any
|
||
hardware, firmware, or software (e.g., logic bomb)
|
||
intentionally introduced into a system to destroy system
|
||
functions or resources. (See: (main Glossary entry for)
|
||
malicious logic.)
|
||
|
||
b. "Physical destruction": Deliberate destruction of a
|
||
system component to interrupt or prevent system
|
||
operation.
|
||
|
||
c* "Human error": Action or inaction that unintentionally
|
||
disables a system component.
|
||
|
||
d* "Hardware or software error": Error that causes failure
|
||
of a system component and leads to disruption of system
|
||
operation.
|
||
|
||
e* "Natural disaster": Any "act of God" (e.g., fire, flood,
|
||
earthquake, lightning, or wind) that disables a system
|
||
component. [FP031 section 2]
|
||
|
||
B. "Corruption": A threat action that undesirably alters system
|
||
operation by adversely modifying system functions or data.
|
||
|
||
a. "Tamper": In context of corruption, deliberate alteration
|
||
of a system's logic, data, or control information to
|
||
interrupt or prevent correct operation of system
|
||
functions.
|
||
|
||
b. "Malicious logic": In context of corruption, any
|
||
hardware, firmware, or software (e.g., a computer virus)
|
||
intentionally introduced into a system to modify system
|
||
functions or data. (See: (main Glossary entry for)
|
||
malicious logic.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 174]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
c* "Human error": Human action or inaction that
|
||
unintentionally results in the alteration of system
|
||
functions or data.
|
||
|
||
d* "Hardware or software error": Error that results in the
|
||
alteration of system functions or data.
|
||
|
||
e* "Natural disaster": Any "act of God" (e.g., power surge
|
||
caused by lightning) that alters system functions or
|
||
data. [FP031 section 2]
|
||
|
||
C. "Obstruction": A threat action that interrupts delivery of
|
||
system services by hindering system operations.
|
||
|
||
a. "Interference": Disruption of system operations by
|
||
blocking communications or user data or control
|
||
information.
|
||
|
||
b. "Overload": Hindrance of system operation by placing
|
||
excess burden on the performance capabilities of a system
|
||
component. (See: flooding.)
|
||
|
||
4. "Usurpation" (a threat consequence): A circumstance or event
|
||
that results in control of system services or functions by an
|
||
unauthorized entity. The following threat actions can cause
|
||
usurpation:
|
||
|
||
A. "Misappropriation": A threat action whereby an entity
|
||
assumes unauthorized logical or physical control of a system
|
||
resource.
|
||
|
||
a. "Theft of service": Unauthorized use of service by an
|
||
entity.
|
||
|
||
b. "Theft of functionality": Unauthorized acquisition of
|
||
actual hardware, software, or firmware of a system
|
||
component.
|
||
|
||
c. "Theft of data": Unauthorized acquisition and use of
|
||
data.
|
||
|
||
B. "Misuse": A threat action that causes a system component to
|
||
perform a function or service that is detrimental to system
|
||
security.
|
||
|
||
a. "Tamper": In context of misuse, deliberate alteration of
|
||
a system's logic, data, or control information to cause
|
||
the system to perform unauthorized functions or services.
|
||
|
||
|
||
|
||
Shirey Informational [Page 175]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
b. "Malicious logic": In context of misuse, any hardware,
|
||
software, or firmware intentionally introduced into a
|
||
system to perform or control execution of an unauthorized
|
||
function or service.
|
||
|
||
c. "Violation of permissions": Action by an entity that
|
||
exceeds the entity's system privileges by executing an
|
||
unauthorized function.
|
||
|
||
$ thumbprint
|
||
(I) A pattern of curves formed by the ridges on the tip of a
|
||
thumb. (See: biometric authentication, fingerprint.)
|
||
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "hash result"
|
||
because that meaning mixes concepts in a potentially misleading
|
||
way.
|
||
|
||
$ ticket
|
||
(I) A synonym for "capability". (See: Kerberos.)
|
||
|
||
(C) A ticket is usually granted by a centralized access control
|
||
server (ticket-granting agent) to authorize access to a system
|
||
resource for a limited time. Tickets have been implemented with
|
||
symmetric cryptography, but can also be implemented as attribute
|
||
certificates using asymmetric cryptography.
|
||
|
||
$ timing channel
|
||
See: (secondary definition under) covert channel.
|
||
|
||
$ TLS
|
||
See: Transport Layer Security. (See: TLSP.)
|
||
|
||
$ TLSP
|
||
See: Transport Layer Security Protocol. (See: TLS.)
|
||
|
||
$ token
|
||
1. (I) General usage: An object that is used to control access and
|
||
is passed between cooperating entities in a protocol that
|
||
synchronizes use of a shared resource. Usually, the entity that
|
||
currently holds the token has exclusive access to the resource.
|
||
|
||
2. (I) Authentication usage: A data object or a portable, user-
|
||
controlled, physical device used to verify an identity in an
|
||
authentication process. (See: authentication information, dongle.)
|
||
|
||
3. (I) Cryptographic usage: See: cryptographic token.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 176]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
4. (O) SET usage: "A portable device [e.g., smart card or PCMCIA
|
||
card] specifically designed to store cryptographic information and
|
||
possibly perform cryptographic functions in a secure manner."
|
||
[SET2]
|
||
|
||
$ token backup
|
||
(I) A token management operation that stores sufficient
|
||
information in a database (e.g., in a CAW) to recreate or restore
|
||
a security token (e.g., a smart card) if it is lost or damaged.
|
||
|
||
$ token copy
|
||
(I) A token management operation that copies all the personality
|
||
information from one security token to another. However, unlike in
|
||
a token restore operation, the second token is initialized with
|
||
its own, different local security values such as PINs and storage
|
||
keys.
|
||
|
||
$ token management
|
||
(I) The process of initializing security tokens (e.g., see: smart
|
||
card), loading data into the tokens, and controlling the tokens
|
||
during their life cycle. May include performing key management and
|
||
certificate management functions; generating and installing PINs;
|
||
loading user personality data; performing card backup, card copy,
|
||
and card restore operations; and updating firmware.
|
||
|
||
$ token restore
|
||
(I) A token management operation that loads a security token with
|
||
data for the purpose of recreating (duplicating) the contents
|
||
previously held by that or another token.
|
||
|
||
$ token storage key
|
||
(I) A cryptography key used to protect data that is stored on a
|
||
security token.
|
||
|
||
$ top CA
|
||
(I) A CA that is the highest level (i.e., is the most trusted CA)
|
||
in a certification hierarchy. (See: root.)
|
||
|
||
$ top-level specification
|
||
(I) "A non-procedural description of system behavior at the most
|
||
abstract level; typically a functional specification that omits
|
||
all implementation details." [NCS04] (See: (discussion under)
|
||
security policy.)
|
||
|
||
(C) A top-level specification may be descriptive or formal:
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 177]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
- "Descriptive top-level specification": One that is written in a
|
||
natural language like English or an informal design notation.
|
||
|
||
- "Formal top-level specification": One that is written in a
|
||
formal mathematical language to enable theorems to be proven that
|
||
show that the specification correctly implements a set of formal
|
||
requirements or a formal security model. (See: correctness proof.)
|
||
|
||
$ traffic analysis
|
||
(I) Inference of information from observable characteristics of
|
||
data flow(s), even when the data is encrypted or otherwise not
|
||
directly available. Such characteristics include the identities
|
||
and locations of the source(s) and destination(s), and the
|
||
presence, amount, frequency, and duration of occurrence. (See:
|
||
wiretapping.)
|
||
|
||
(O) "The inference of information from observation of traffic
|
||
flows (presence, absence, amount, direction, and frequency)."
|
||
[I7498 Part 2]
|
||
|
||
$ traffic flow confidentiality
|
||
(I) A data confidentiality service to protect against traffic
|
||
analysis.
|
||
|
||
(O) "A confidentiality service to protect against traffic
|
||
analysis." [I7498 Part 2]
|
||
|
||
$ traffic padding
|
||
(I) "The generation of spurious instances of communication,
|
||
spurious data units, and/or spurious data within data units."
|
||
[I7498 Part 2]
|
||
|
||
$ tranquillity property
|
||
See: (secondary definition under) Bell-LaPadula Model.
|
||
|
||
$ Transmission Control Protocol (TCP)
|
||
(I) An Internet Standard protocol [R0793] that reliably delivers a
|
||
sequence of datagrams (discrete sets of bits) from one computer to
|
||
another in a computer network. (See: TCP/IP.)
|
||
|
||
(C) TCP is designed to fit into a layered hierarchy of protocols
|
||
that support internetwork applications. TCP assumes it can obtain
|
||
a simple, potentially unreliable datagram service (such as the
|
||
Internet Protocol) from the lower-layer protocols.
|
||
|
||
$ Transport Layer Security (TLS)
|
||
(I) TLS Version 1.0 is an Internet protocol [R2246] based-on and
|
||
very similar to SSL Version 3.0. (See: TLSP.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 178]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) The TLS protocol is misnamed, because it operates well above
|
||
the transport layer (OSI layer 4).
|
||
|
||
$ Transport Layer Security Protocol (TLSP)
|
||
(I) An end-to-end encryption protocol(ISO Standard 10736) that
|
||
provides security services at the bottom of OSI layer 4, i.e.,
|
||
directly above layer 3. (See: TLS.)
|
||
|
||
(C) TLSP evolved directly from the SP4 protocol of SDNS.
|
||
|
||
$ transport mode vs. tunnel mode
|
||
(I) IPsec usage: Two ways to apply IPsec protocols (AH and ESP) to
|
||
protect communications:
|
||
|
||
- "Transport mode": The protection applies to (i.e., the IPsec
|
||
protocol encapsulates) the packets of upper-layer protocols,
|
||
the ones that are carried above IP.
|
||
|
||
- "Tunnel mode": The protection applies to (i.e., the IPsec
|
||
protocol encapsulates) IP packets.
|
||
|
||
(C) A transport mode security association is always between two
|
||
hosts. In a tunnel mode security association, each end may be
|
||
either a host or a gateway. Whenever either end of an IPsec
|
||
security association is a security gateway, the association is
|
||
required to be in tunnel mode.
|
||
|
||
$ trap door
|
||
(I) A hidden computer flaw known to an intruder, or a hidden
|
||
computer mechanism (usually software) installed by an intruder,
|
||
who can activate the trap door to gain access to the computer
|
||
without being blocked by security services or mechanisms. (See:
|
||
back door, Trojan horse.)
|
||
|
||
$ triple DES
|
||
(I) A block cipher, based on DES, that transforms each 64-bit
|
||
plaintext block by applying the Data Encryption Algorithm three
|
||
successive times, using either two or three different keys, for an
|
||
effective key length of 112 or 168 bits. [A9052] (See: DES.)
|
||
|
||
(C) IPsec usage: The algorithm variation proposed for ESP uses a
|
||
168-bit key, consisting of three independent 56-bit quantities
|
||
used by the Data Encryption Algorithm, and a 64-bit initialization
|
||
value. Each datagram contains an IV to ensure that each received
|
||
datagram can be decrypted even when other datagrams are dropped or
|
||
a sequence of datagrams is reordered in transit. [R1851]
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 179]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ triple-wrapped
|
||
(I) S/MIME usage: Data that has been signed with a digital
|
||
signature, and then encrypted, and then signed again. [R2634]
|
||
|
||
$ Trojan horse
|
||
(I) A computer program that appears to have a useful function, but
|
||
also has a hidden and potentially malicious function that evades
|
||
security mechanisms, sometimes by exploiting legitimate
|
||
authorizations of a system entity that invokes the program.
|
||
|
||
$ trust
|
||
1. (I) Information system usage: The extent to which someone who
|
||
relies on a system can have confidence that the system meets its
|
||
specifications, i.e., that the system does what it claims to do
|
||
and does not perform unwanted functions. (See: trust level.)
|
||
|
||
(C) "trusted vs. trustworthy": In discussing a system or system
|
||
process or object, this Glossary (and industry usage) prefers the
|
||
term "trusted" to describe a system that operates as expected,
|
||
according to design and policy. When the trust can also be
|
||
guaranteed in some convincing way, such as through formal analysis
|
||
or code review, the system is termed "trustworthy"; this differs
|
||
from the ABA Guidelines definition (see: trustworthy system).
|
||
|
||
2. (I) PKI usage: A relationship between a certificate user and a
|
||
CA in which the user acts according to the assumption that the CA
|
||
creates only valid digital certificates.
|
||
|
||
(O) "Generally, an entity can be said to 'trust' a second entity
|
||
when it (the first entity) makes the assumption that the second
|
||
entity will behave exactly as the first entity expects. This trust
|
||
may apply only for some specific function. The key role of trust
|
||
in [X.509] is to describe the relationship between an entity and a
|
||
[certification] authority; an entity shall be certain that it can
|
||
trust the certification authority to create only valid and
|
||
reliable certificates." [X509]
|
||
|
||
$ trust chain
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "certification
|
||
path" because it mixes concepts in a potentially misleading way.
|
||
(See: trust.)
|
||
|
||
$ trust-file PKI
|
||
(I) A non-hierarchical PKI in which each certificate user has a
|
||
local file (which is used by application software) of public-key
|
||
certificates that the user trusts as starting points (i.e., roots)
|
||
for certification paths. (See: hierarchical PKI, mesh PKI, root,
|
||
web of trust.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 180]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) For example, popular browsers are distributed with an initial
|
||
file of trusted certificates, which often are self-signed
|
||
certificates. Users can add certificates to the file or delete
|
||
from it. The file may be directly managed by the user, or the
|
||
user's organization may manage it from a centralized server.
|
||
|
||
$ trust hierarchy
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "certification
|
||
hierarchy" because this term mixes concepts (see: trust) in a
|
||
potentially misleading way and duplicates the meaning of another,
|
||
standardized term. (See: trust, web of trust.)
|
||
|
||
$ trust level
|
||
(I) A characterization of a standard of security protection to be
|
||
met by a computer system.
|
||
|
||
(C) The TCSEC defines eight trust levels. From the lowest to the
|
||
highest, they are D, C1, C2, B1, B2, B3, and A1. A trust level is
|
||
based not only on the presence of security mechanisms but also on
|
||
the use of systems engineering discipline to properly structure
|
||
the system and implementation analysis to ensure that the system
|
||
provides an appropriate degree of trust.
|
||
|
||
$ trusted
|
||
See: (discussion under) trust.
|
||
|
||
$ trusted certificate
|
||
(I) A certificate upon which a certificate user relies as being
|
||
valid without the need for validation testing; especially a
|
||
public-key certificate that is used to provide the first public
|
||
key in a certification path. (See: certification path, root
|
||
certificate, validation.)
|
||
|
||
(C) A trusted public-key certificate might be (a) the root
|
||
certificate in a hierarchical PKI, (b) the certificate of the CA
|
||
that issued the user's own certificate in a mesh PKI, or (c)
|
||
any certificate accepted by the user in a trust-file PKI.
|
||
|
||
$ trusted computer system
|
||
(I) Multilevel security usage: "A system that employs sufficient
|
||
hardware and software assurance measures to allow its use for
|
||
simultaneous processing of a range of sensitive or classified
|
||
information." [NCS04] (See: (discussion under) trust.)
|
||
|
||
$ Trusted Computer System Evaluation Criteria (TCSEC)
|
||
(N) A standard for evaluating the security provided by operating
|
||
systems [CSC001, DOD1]. Informally called the "Orange Book"
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 181]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
because of the color of its cover; first document in the Rainbow
|
||
Series. (See: Common Criteria, (usage note under) Green Book,
|
||
Orange Book, trust level.)
|
||
|
||
$ trusted computing base (TCB)
|
||
(I) "The totality of protection mechanisms within a computer
|
||
system, including hardware, firmware, and software, the
|
||
combination of which is responsible for enforcing a security
|
||
policy." [NCS04] (See: (discussion of "trusted" under) trust.)
|
||
|
||
$ trusted distribution
|
||
(I) "A trusted method for distributing the TCB hardware, software,
|
||
and firmware components, both originals and updates, that provides
|
||
methods for protecting the TCB from modification during
|
||
distribution and for detection of any changes to the TCB that may
|
||
occur." [NCS04]
|
||
|
||
$ trusted key
|
||
(I) A public key upon which a user relies; especially a public key
|
||
that can be used as the first public key in a certification path.
|
||
(See: certification path, root key, validation.)
|
||
|
||
(C) A trusted public key might be (a) the root key in a
|
||
hierarchical PKI, (b) the key of the CA that issued the user's own
|
||
certificate in a mesh PKI, or (c) any key accepted by the user in
|
||
a trust-file PKI.
|
||
|
||
$ trusted path
|
||
(I) COMPUSEC usage: A mechanism by which a computer system user
|
||
can communicate directly and reliably with the trusted computing
|
||
base (TCB) and that can only be activated by the user or the TCB
|
||
and cannot be imitated by untrusted software within the computer.
|
||
[NCS04]
|
||
|
||
(I) COMSEC usage: A mechanism by which a person or process can
|
||
communicate directly with a cryptographic module and that can only
|
||
be activated by the person, process, or module, and cannot be
|
||
imitated by untrusted software within the module. [FP140]
|
||
|
||
$ trusted process
|
||
(I) A system process that has privileges that enable it to affect
|
||
the state of system security and that can, therefore, through
|
||
incorrect or malicious execution, violate the system's security
|
||
policy. (See: privileged process, (discussion of "trusted" under)
|
||
trust.)
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 182]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ trusted subnetwork
|
||
(I) A subnetwork containing hosts and routers that trust each
|
||
other not to engage in active or passive attacks. (There also is
|
||
an assumption that the underlying communication channels--e.g.,
|
||
telephone lines, or a LAN--are protected from attack by some
|
||
means.)
|
||
|
||
$ trusted system
|
||
See: (discussion under) trust, trusted computer system,
|
||
trustworthy system.
|
||
|
||
$ Trusted Systems Interoperability Group (TSIG)
|
||
(N) A forum of computer vendors, system integrators, and users
|
||
devoted to promoting interoperability of trusted computer systems.
|
||
TSIG meetings are open to all persons who are working in the
|
||
INFOSEC area.
|
||
|
||
$ trustworthy system
|
||
(O) ABA usage: "Computer hardware, software, and procedures that:
|
||
(a) are reasonably secure from intrusion and misuse; (b) provide a
|
||
reasonably reliable level of availability, reliability, and
|
||
correct operation; (c) are reasonably suited to performing their
|
||
intended functions; and (d) adhere to generally accepted security
|
||
principles." [ABA] This differs somewhat from other industry
|
||
usage. (See: (discussion of "trusted vs. trustworthy" under)
|
||
trust.)
|
||
|
||
$ TSIG
|
||
See: Trusted System Interoperability Group.
|
||
|
||
$ tunnel
|
||
(I) A communication channel created in a computer network by
|
||
encapsulating (carrying, layering) a communication protocol's data
|
||
packets in (on top of) a second protocol that normally would be
|
||
carried above, or at the same layer as, the first one. (See: L2TP,
|
||
VPN.)
|
||
|
||
(C) Tunneling can involve almost any OSI or TCP/IP protocol
|
||
layers; for example, a TCP connection between two hosts could
|
||
conceivably be tunneled through email messages across the
|
||
Internet. Most often, a tunnel is a logical point-to-point link--
|
||
i.e., an OSI layer 2 connection--created by encapsulating the
|
||
layer 2 protocol in a transport protocol (such as TCP), in a
|
||
network or internetwork layer protocol (such as IP), or in another
|
||
link layer protocol. Often, encapsulation is accomplished with an
|
||
extra, intermediate protocol, i.e., a tunneling protocol (such as
|
||
L2TP) that is layered between the tunneled layer 2 protocol and
|
||
the encapsulating protocol.
|
||
|
||
|
||
|
||
Shirey Informational [Page 183]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) Tunneling can move data between computers that use a protocol
|
||
not supported by the network connecting them. Tunneling also can
|
||
enable a computer network to use the services of a second network
|
||
as though the second network were a set of point-to-point links
|
||
between the first network's nodes. (See: virtual private network.)
|
||
|
||
(O) SET usage: The name of a SET private extension that indicates
|
||
whether the CA or the payment gateway supports passing encrypted
|
||
messages to the cardholder through the merchant. If so, the
|
||
extension lists OIDs of symmetric encryption algorithms that are
|
||
supported.
|
||
|
||
$ tunnel mode
|
||
(I) IPsec usage: See: transport mode vs. tunnel mode.
|
||
|
||
$ two-person control
|
||
(I) The close surveillance and control of a system, process, or
|
||
materials (especially with regard to cryptography) at all times by
|
||
a minimum of two appropriately authorized persons, each capable of
|
||
detecting incorrect and unauthorized procedures with respect to
|
||
the tasks to be performed and each familiar with established
|
||
security requirements. (See: dual control, no-lone zone.)
|
||
|
||
$ Type I cryptography
|
||
(O) A cryptographic algorithm or device approved by NSA for
|
||
protecting classified information.
|
||
|
||
$ Type II cryptography
|
||
(O) A cryptographic algorithm or device approved by NSA for
|
||
protecting sensitive unclassified information (as specified in
|
||
section 2315 of Title 10 United States Code, or section 3502(2) of
|
||
Title 44, United States Code.)
|
||
|
||
$ Type III cryptography
|
||
(O) A cryptographic algorithm or device approved as a Federal
|
||
Information Processing Standard.
|
||
|
||
$ UDP
|
||
See: User Datagram Protocol.
|
||
|
||
$ unclassified
|
||
(I) Not classified.
|
||
|
||
$ unencrypted
|
||
(I) Not encrypted.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 184]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ unforgeable
|
||
(I) Cryptographic usage: The property of a cryptographic data
|
||
structure (i.e., a data structure that is defined using one or
|
||
more cryptographic functions) that makes it computationally
|
||
infeasible to construct (i.e., compute) an unauthorized but
|
||
correct value of the structure without having knowledge of one of
|
||
more keys. (E.g., see: digital certificate.)
|
||
|
||
(C) This definition is narrower than general English usage, where
|
||
"unforgeable" means unable to be fraudulently created or
|
||
duplicated. In that broader sense, anyone can forge a digital
|
||
certificate containing any set of data items whatsoever by
|
||
generating the to-be-signed certificate and signing it with any
|
||
private key whatsoever. But for PKI purposes, the forged data
|
||
structure is invalid if it is not signed with the true private key
|
||
of the claimed issuer; thus, the forgery will be detected when a
|
||
certificate user uses the true public key of the claimed issuer to
|
||
verify the signature.
|
||
|
||
$ uniform resource identifier (URI)
|
||
(I) A type of formatted identifier that encapsulates the name of
|
||
an Internet object, and labels it with an identification of the
|
||
name space, thus producing a member of the universal set of names
|
||
in registered name spaces and of addresses referring to registered
|
||
protocols or name spaces. [R1630]
|
||
|
||
(C) URIs are used in HTML to identify the target of hyperlinks. In
|
||
common practice, URIs include uniform resource locators [R2368]
|
||
and relative URLs, and may be URNs. [R1808]
|
||
|
||
$ uniform resource locator (URL)
|
||
(I) A type of formatted identifier that describes the access
|
||
method and location of an information resource object on the
|
||
Internet. [R1738]
|
||
|
||
(C) A URL is a URI that provides explicit instructions on how to
|
||
access the named object. For example,
|
||
"ftp://bbnarchive.bbn.com/foo/bar/picture/cambridge.zip" is a URL.
|
||
The part before the colon specifies the access scheme or protocol,
|
||
and the part after the colon is interpreted according to that
|
||
access method. Usually, two slashes after the colon indicate the
|
||
host name of a server (written as a domain name). In an FTP or
|
||
HTTP URL, the host name is followed by the path name of a file on
|
||
the server. The last (optional) part of a URL may be either a
|
||
fragment identifier that indicates a position in the file, or a
|
||
query string.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 185]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ uniform resource name (URN)
|
||
(I) A URI that has an institutional commitment to persistence and
|
||
availability.
|
||
|
||
$ untrusted process
|
||
(I) A system process that is not able to affect the state of
|
||
system security through incorrect or malicious operation, usually
|
||
because its operation is confined by a security kernel. (See:
|
||
trusted process.)
|
||
|
||
$ UORA
|
||
See: user-PIN ORA.
|
||
|
||
$ update
|
||
See: certificate update and key update.
|
||
|
||
$ URI
|
||
See: uniform resource identifier.
|
||
|
||
$ URL
|
||
See: uniform resource locator.
|
||
|
||
$ URN
|
||
See: uniform resource name.
|
||
|
||
$ user
|
||
(I) A person, organization entity, or automated process that
|
||
accesses a system, whether authorized to do so or not. (See:
|
||
[R2504].)
|
||
|
||
(C) Any ISD that uses this term SHOULD provide an explicit
|
||
definition, because this term is used in many ways and can easily
|
||
be misunderstood.
|
||
|
||
$ User Datagram Protocol (UDP)
|
||
(I) An Internet Standard protocol [R0768] that provides a datagram
|
||
mode of packet-switched computer communication in an internetwork.
|
||
|
||
(C) UDP is a transport layer protocol, and it assumes that IP is
|
||
the underlying protocol. UDP enables application programs to send
|
||
transaction-oriented data to other programs with minimal protocol
|
||
mechanism. UDP does not provide reliable delivery, flow control,
|
||
sequencing, or other end-to-end services that TCP provides.
|
||
|
||
$ user identifier
|
||
(I) A character string or symbol that is used in a system to
|
||
uniquely name a specific user or group of users.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 186]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) Often verified by a password in an authentication process.
|
||
|
||
$ user PIN
|
||
(O) MISSI usage: One of two personal identification numbers that
|
||
control access to the functions and stored data of a FORTEZZA PC
|
||
card. Knowledge of the user PIN enables the card user to perform
|
||
the FORTEZZA functions that are intended for use by an end user.
|
||
(See: SSO PIN.)
|
||
|
||
$ user-PIN ORA (UORA)
|
||
(O) A MISSI organizational RA that operates in a mode in which the
|
||
ORA performs only the subset of card management functions that are
|
||
possible with knowledge of the user PIN for a FORTEZZA PC card.
|
||
(See: no-PIN ORA, SSO-PIN ORA.)
|
||
|
||
$ usurpation
|
||
See: (secondary definition under) threat consequence.
|
||
|
||
$ UTCTime
|
||
(N) The ASN.1 data type "UTCTime" contains a calendar date
|
||
(YYMMDD) and a time to a precision of either one minute (HHMM) or
|
||
one second (HHMMSS), where the time is either (a) Coordinated
|
||
Universal Time or (b) the local time followed by an offset that
|
||
enables Coordinated Universal Time to be calculated. Note: UTCTime
|
||
has the Year 2000 problem. (See: Coordinated Universal Time,
|
||
GeneralizedTime.)
|
||
|
||
$ v1 certificate
|
||
(C) Ambiguously refers to either an X.509 public-key certificate
|
||
in its version 1 format, or an X.509 attribute certificate in its
|
||
version 1 format. However, many people who use this term are not
|
||
aware that X.509 specifies attribute certificates that do not
|
||
contain a public key. Therefore, ISDs MAY use this term as an
|
||
abbreviation for "version 1 X.509 public-key certificate", but
|
||
only after using the full term at the first instance.
|
||
|
||
(D) ISDs SHOULD NOT use this term as an abbreviation for "version
|
||
1 X.509 attribute certificate".
|
||
|
||
$ v1 CRL
|
||
(I) An abbreviation for "X.509 CRL in version 1 format".
|
||
|
||
(C) ISDs should use this abbreviation only after using the full
|
||
term at its first occurrence and defining the abbreviation.
|
||
|
||
$ v2 certificate
|
||
(I) An abbreviation for "X.509 public-key certificate in version 2
|
||
format".
|
||
|
||
|
||
|
||
Shirey Informational [Page 187]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) ISDs should use this abbreviation only after using the full
|
||
term at its first occurrence and defining the abbreviation.
|
||
|
||
$ v2 CRL
|
||
(I) An abbreviation for "X.509 CRL in version 2 format".
|
||
|
||
(C) ISDs should use this abbreviation only after using the full
|
||
term at its first occurrence and defining the abbreviation.
|
||
|
||
$ v3 certificate
|
||
(I) An abbreviation for "X.509 public-key certificate in version 3
|
||
format".
|
||
|
||
(C) ISDs should use this abbreviation only after using the full
|
||
term at its first occurrence and defining the abbreviation.
|
||
|
||
$ valid certificate
|
||
(I) A digital certificate for which the binding of the data items
|
||
can be trusted; one that can be validated successfully. (See:
|
||
validate vs. verify.)
|
||
|
||
$ valid signature
|
||
(D) ISDs SHOULD NOT use this term; instead, use "authentic
|
||
signature". This Glossary recommends saying "validate the
|
||
certificate" and "verify the signature"; therefore, it would be
|
||
inconsistent to say that a signature is "valid". (See: validate
|
||
vs. verify.)
|
||
|
||
$ validate vs. verify
|
||
(C) The PKI community uses words inconsistently when describing
|
||
what a certificate user does to make certain that a digital
|
||
certificate can be trusted. Usually, we say "verify the signature"
|
||
but say "validate the certificate"; i.e., we "verify" atomic
|
||
truths but "validate" data structures, relationships, and systems
|
||
that are composed of or depend on verified items. Too often,
|
||
however, verify and validate are used interchangeably.
|
||
|
||
ISDs SHOULD comply with the following two rules to ensure
|
||
consistency and to align Internet security terminology with
|
||
ordinary English:
|
||
|
||
- Rule 1: Use "validate" when referring to a process intended to
|
||
establish the soundness or correctness of a construct. (E.g.,
|
||
see: certificate validation.)
|
||
|
||
- Rule 2: Use "verify" when referring to a process intended to
|
||
test or prove the truth or accuracy of a fact or value. (E.g.,
|
||
see: authenticate.)
|
||
|
||
|
||
|
||
Shirey Informational [Page 188]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
The rationale for Rule 1 is that "valid" derives from a word that
|
||
means "strong" in Latin. Thus, to validate means to make sure that
|
||
a construction is sound. A certificate user validates a public-key
|
||
certificate to establish trust in the binding that the certificate
|
||
asserts between an identity and a key. (To validate can also mean
|
||
to officially approve something; e.g., NIST validates
|
||
cryptographic modules for conformance with FIPS PUB 140-1.)
|
||
|
||
The rationale for Rule 2 is that "verify" derives from a word that
|
||
means "true" in Latin. Thus, to verify means to prove the truth of
|
||
an assertion by examining evidence or performing tests. To verify
|
||
an identity, an authentication process examines identification
|
||
information that is presented or generated. To validate a
|
||
certificate, a certificate user verifies the digital signature on
|
||
the certificate by performing calculations; verifies that the
|
||
current time is within the certificate's validity period; and may
|
||
need to validate a certification path involving additional
|
||
certificates.
|
||
|
||
$ validation
|
||
See: validate vs. verify.
|
||
|
||
$ validity period
|
||
(I) A data item in a digital certificate that specifies the time
|
||
period for which the binding between data items (especially
|
||
between the subject name and the public key value in a public-key
|
||
certificate) is valid, except if the certificate appears on a CRL
|
||
or the key appears on a CKL.
|
||
|
||
$ value-added network (VAN)
|
||
(I) A computer network or subnetwork (which is usually a
|
||
commercial enterprise) that transmits, receives, and stores EDI
|
||
transactions on behalf of its customers.
|
||
|
||
(C) A VAN may also provide additional services, ranging from EDI
|
||
format translation, to EDI-to-FAX conversion, to integrated
|
||
business systems.
|
||
|
||
$ VAN
|
||
See: value-added network.
|
||
|
||
$ verification
|
||
1. System verification: The process of comparing two levels of
|
||
system specification for proper correspondence, such as comparing
|
||
a security policy with a top-level specification, a top-level
|
||
specification with source code, or source code with object code.
|
||
[NCS04]
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 189]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
2. Identification verification: Presenting information to
|
||
establish the truth of a claimed identity.
|
||
|
||
$ verify
|
||
See: validate vs. verify.
|
||
|
||
$ violation
|
||
See: security violation.
|
||
|
||
$ virtual private network (VPN)
|
||
(I) A restricted-use, logical (i.e., artificial or simulated)
|
||
computer network that is constructed from the system resources of
|
||
a relatively public, physical (i.e., real) network (such as the
|
||
Internet), often by using encryption (located at hosts or
|
||
gateways), and often by tunneling links of the virtual network
|
||
across the real network.
|
||
|
||
(C) For example, if a corporation has LANs at several different
|
||
sites, each connected to the Internet by a firewall, the
|
||
corporation could create a VPN by (a) using encrypted tunnels to
|
||
connect from firewall to firewall across the Internet and (b) not
|
||
allowing any other traffic through the firewalls. A VPN is
|
||
generally less expensive to build and operate than a dedicated
|
||
real network, because the virtual network shares the cost of
|
||
system resources with other users of the real network.
|
||
|
||
$ virus
|
||
(I) A hidden, self-replicating section of computer software,
|
||
usually malicious logic, that propagates by infecting--i.e.,
|
||
inserting a copy of itself into and becoming part of--another
|
||
program. A virus cannot run by itself; it requires that its host
|
||
program be run to make the virus active.
|
||
|
||
$ VPN
|
||
See: virtual private network.
|
||
|
||
$ vulnerability
|
||
(I) A flaw or weakness in a system's design, implementation, or
|
||
operation and management that could be exploited to violate the
|
||
system's security policy.
|
||
|
||
(C) Most systems have vulnerabilities of some sort, but this does
|
||
not mean that the systems are too flawed to use. Not every threat
|
||
results in an attack, and not every attack succeeds. Success
|
||
depends on the degree of vulnerability, the strength of attacks,
|
||
and the effectiveness of any countermeasures in use. If the
|
||
attacks needed to exploit a vulnerability are very difficult to
|
||
carry out, then the vulnerability may be tolerable. If the
|
||
|
||
|
||
|
||
Shirey Informational [Page 190]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
perceived benefit to an attacker is small, then even an easily
|
||
exploited vulnerability may be tolerable. However, if the attacks
|
||
are well understood and easily made, and if the vulnerable system
|
||
is employed by a wide range of users, then it is likely that there
|
||
will be enough benefit for someone to make an attack.
|
||
|
||
$ W3
|
||
See: World Wide Web.
|
||
|
||
$ war dialer
|
||
(I) A computer program that automatically dials a series of
|
||
telephone numbers to find lines connected to computer systems, and
|
||
catalogs those numbers so that a cracker can try to break into the
|
||
systems.
|
||
|
||
$ Wassenaar Arrangement
|
||
(N) The Wassenaar Arrangement on Export Controls for Conventional
|
||
Arms and Dual-Use Goods and Technologies is a global, multilateral
|
||
agreement approved by 33 countries in July 1996 to contribute to
|
||
regional and international security and stability, by promoting
|
||
information exchange concerning, and greater responsibility in,
|
||
transfers of arms and dual-use items, thus preventing
|
||
destabilizing accumulations. (See: International Traffic in Arms
|
||
Regulations.)
|
||
|
||
(C) The Arrangement began operations in September 1996. The
|
||
participating countries are Argentina, Australia, Austria,
|
||
Belgium, Bulgaria, Canada, Czech Republic, Denmark, Finland,
|
||
France, Germany, Greece, Hungary, Ireland, Italy, Japan,
|
||
Luxembourg, Netherlands, New Zealand, Norway, Poland, Portugal,
|
||
Republic of Korea, Romania, Russian Federation, Slovak Republic,
|
||
Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom, and
|
||
United States. Participants meet on a regular basis in Vienna,
|
||
where the Arrangement has its headquarters.
|
||
|
||
Participating countries seek through their national policies to
|
||
ensure that transfers do not contribute to the development or
|
||
enhancement of military capabilities that undermine the goals of
|
||
the arrangement, and are not diverted to support such
|
||
capabilities. The countries maintain effective export controls for
|
||
items on the agreed lists, which are reviewed periodically to
|
||
account for technological developments and experience gained.
|
||
Through transparency and exchange of views and information,
|
||
suppliers of arms and dual-use items can develop common
|
||
understandings of the risks associated with their transfer and
|
||
assess the scope for coordinating national control policies to
|
||
combat these risks. Members provide semi-annual notification of
|
||
arms transfers, covering seven categories derived from the UN
|
||
|
||
|
||
|
||
Shirey Informational [Page 191]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
Register of Conventional Arms. Members also report transfers or
|
||
denials of transfers of certain controlled dual-use items.
|
||
However, the decision to transfer or deny transfer of any item is
|
||
the sole responsibility of each participating country. All
|
||
measures undertaken with respect to the arrangement are in
|
||
accordance with national legislation and policies and are
|
||
implemented on the basis of national discretion.
|
||
|
||
$ watermarking
|
||
See: digital watermarking.
|
||
|
||
$ web of trust
|
||
(O) PGP usage: A trust-file PKI technique used in PGP for building
|
||
a file of validated public keys by making personal judgments about
|
||
being able to trust certain people to be holding properly
|
||
certified keys of other people. (See: certification hierarchy,
|
||
mesh PKI.)
|
||
|
||
$ web server
|
||
(I) A software process that runs on a host computer connected to
|
||
the Internet to respond to HTTP requests for documents from client
|
||
web browsers.
|
||
|
||
$ web vs. Web
|
||
1. (I) Capitalized: ISDs SHOULD capitalize "Web" when using the
|
||
term (as either a noun or an adjective) to refer specifically to
|
||
the World Wide Web. (Similarly, see: internet vs. Internet.)
|
||
|
||
2. (C) Not capitalized: ISDs SHOULD NOT capitalize "web" when
|
||
using the term (usually as an adjective) to refer generically to
|
||
technology--such as web browsers, web servers, HTTP, and HTML--
|
||
that is used in the Web or similar networks.
|
||
|
||
(C) IETF documents SHOULD spell out "World Wide Web" fully at the
|
||
first instance of usage and SHOULD Use "Web" and "web" especially
|
||
carefully where confusion with the PGP "web of trust" is possible.
|
||
|
||
$ wiretapping
|
||
(I) An attack that intercepts and accesses data and other
|
||
information contained in a flow in a communication system.
|
||
|
||
(C) Although the term originally referred to making a mechanical
|
||
connection to an electrical conductor that links two nodes, it is
|
||
now used to refer to reading information from any sort of medium
|
||
used for a link or even directly from a node, such as gateway or
|
||
subnetwork switch.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 192]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
(C) "Active wiretapping" attempts to alter the data or otherwise
|
||
affect the flow; "passive wiretapping" only attempts to observe
|
||
the flow and gain knowledge of information it contains. (See:
|
||
active attack, end-to-end encryption, passive attack.)
|
||
|
||
$ work factor
|
||
(I) General security usage: The estimated amount of effort or time
|
||
that can be expected to be expended by a potential intruder to
|
||
penetrate a system, or defeat a particular countermeasure, when
|
||
using specified amounts of expertise and resources.
|
||
|
||
(I) Cryptography usage: The estimated amount of computing time and
|
||
power needed to break a cryptographic system.
|
||
|
||
$ World Wide Web ("the Web", WWW, W3)
|
||
(N) The global, hypermedia-based collection of information and
|
||
services that is available on Internet servers and is accessed by
|
||
browsers using Hypertext Transfer Protocol and other information
|
||
retrieval mechanisms. (See: web vs. Web, [R2084].)
|
||
|
||
$ worm
|
||
(I) A computer program that can run independently, can propagate a
|
||
complete working version of itself onto other hosts on a network,
|
||
and may consume computer resources destructively. (See: Morris
|
||
Worm, virus.)
|
||
|
||
$ wrap
|
||
(O) To use cryptography to provide data confidentiality service
|
||
for a data object. (See: encrypt, seal.)
|
||
|
||
(D) ISDs SHOULD NOT use this term with this definition because it
|
||
duplicates the meaning of other, standard terms. Instead, use
|
||
"encrypt" or use a term that is specific with regard to the
|
||
mechanism used.
|
||
|
||
$ WWW
|
||
See: World Wide Web.
|
||
|
||
$ X.400
|
||
(N) An ITU-T Recommendation [X400] that is one part of a joint
|
||
ITU-T/ISO multi-part standard (X.400-X.421) that defines the
|
||
Message Handling Systems. (The ISO equivalent is IS 10021, parts
|
||
1-7.) (See: Message Handling Systems.)
|
||
|
||
$ X.500
|
||
$ X.500 Directory
|
||
(N) An ITU-T Recommendation [X500] that is one part of a joint
|
||
ITU-T/ISO multi-part standard (X.500-X.525) that defines the X.500
|
||
|
||
|
||
|
||
Shirey Informational [Page 193]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
Directory, a conceptual collection of systems that provide
|
||
distributed directory capabilities for OSI entities, processes,
|
||
applications, and services. (The ISO equivalent is IS 9594-1 and
|
||
related standards, IS 9594-x.) (See: directory vs. Directory,
|
||
X.509.)
|
||
|
||
(C) The X.500 Directory is structured as a tree (the Directory
|
||
Information Tree), and information is stored in directory entries.
|
||
Each entry is a collection of information about one object, and
|
||
each object has a DN. A directory entry is composed of attributes,
|
||
each with a type and one or more values. For example, if a PKI
|
||
uses the Directory to distribute certificates, then the X.509
|
||
public-key certificate of an end user is normally stored as a
|
||
value of an attribute of type "userCertificate" in the Directory
|
||
entry that has the DN that is the subject of the certificate.
|
||
|
||
$ X.509
|
||
(N) An ITU-T Recommendation [X509] that defines a framework to
|
||
provide and support data origin authentication and peer entity
|
||
authentication services, including formats for X.509 public-key
|
||
certificates, X.509 attribute certificates, and X.509 CRLs. (The
|
||
ISO equivalent is IS 9498-4.) (See: X.500.)
|
||
|
||
(C) X.509 describes two levels of authentication: simple
|
||
authentication based on a password, and strong authentication
|
||
based on a public-key certificate.
|
||
|
||
$ X.509 attribute certificate
|
||
(N) An attribute certificate in the version 1 (v1) format defined
|
||
by X.509. (The v1 designation for an X.509 attribute certificate
|
||
is disjoint from the v1 designation for an X.509 public-key
|
||
certificate, and from the v1 designation for an X.509 CRL.)
|
||
|
||
(C) An X.509 attribute certificate has a subject field, but the
|
||
attribute certificate is a separate data structure from that
|
||
subject's public-key certificate. A subject may have multiple
|
||
attribute certificates associated with each of its public-key
|
||
certificates, and an attribute certificate may be issued by a
|
||
different CA than the one that issued the associated public-key
|
||
certificate.
|
||
|
||
(C) An X.509 attribute certificate contains a sequence of data
|
||
items and has a digital signature that is computed from that
|
||
sequence. In addition to the signature, an attribute certificate
|
||
contains items 1 through 9 listed below:
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 194]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
1. version Identifies v1.
|
||
2. subject Is one of the following:
|
||
2a. baseCertificateID - Issuer and serial number of an
|
||
X.509 public-key certificate.
|
||
2b. subjectName - DN of the subject.
|
||
3. issuer DN of the issuer (the CA who signed).
|
||
4. signature OID of algorithm that signed the cert.
|
||
|
||
5. serialNumber Certificate serial number;
|
||
an integer assigned by the issuer.
|
||
6. attCertValidityPeriod Validity period; a pair of UTCTime
|
||
values: "not before" and "not after".
|
||
7. attributes Sequence of attributes describing the
|
||
subject.
|
||
8. issuerUniqueId Optional, when a DN is not sufficient.
|
||
9. extensions Optional.
|
||
|
||
$ X.509 authority revocation list
|
||
(N) An ARL in one of the formats defined by X.509--version 1 (v1)
|
||
or version 2 (v2). A specialized kind of certificate revocation
|
||
list.
|
||
|
||
$ X.509 certificate
|
||
(N) Either an X.509 public-key certificate or an X.509 attribute
|
||
certificate.
|
||
|
||
(C) This Glossary uses the term with the precise meaning
|
||
recommended here. However, some who use the term may not be aware
|
||
that X.509 specifies attribute certificates that do not contain a
|
||
public key. Even among those who are aware, this term is commonly
|
||
used as an abbreviation to mean "X.509 public-key certificate".
|
||
ISDs MAY use the term as an abbreviation for "X.509 public-key
|
||
certificate", but only after using the full term at the first
|
||
instance.
|
||
|
||
(D) ISDs SHOULD NOT use this term as an abbreviation to mean
|
||
"X.509 attribute certificate".
|
||
|
||
$ X.509 certificate revocation list (CRL)
|
||
(N) A CRL in one of the formats defined by X.509--version 1 (v1)
|
||
or version 2 (v2). (The v1 and v2 designations for an X.509 CRL
|
||
are disjoint from the v1 and v2 designations for an X.509 public-
|
||
key certificate, and from the v1 designation for an X.509
|
||
attribute certificate.) (See: certificate revocation.)
|
||
|
||
(C) ISDs SHOULD NOT refer to an X.509 CRL as a digital
|
||
certificate, but note that an X.509 CRL does meet this Glossary's
|
||
definition of "digital certificate". Like a digital certificate,
|
||
|
||
|
||
|
||
Shirey Informational [Page 195]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
an X.509 CRL makes an assertion and is signed by a CA. But instead
|
||
of binding a key or other attributes to a subject, an X.509 CRL
|
||
asserts that certain previously-issued X.509 certificates have
|
||
been revoked.
|
||
|
||
(C) An X.509 CRL contains a sequence of data items and has a
|
||
digital signature computed on that sequence. In addition to the
|
||
signature, both v1 and v2 contain items 2 through 6b listed below.
|
||
Version 2 contains item 1 and may optionally contain 6c and 7.
|
||
|
||
1. version Optional. If present, identifies v2.
|
||
2. signature OID of the algorithm that signed CRL.
|
||
3. issuer DN of the issuer (the CA who signed).
|
||
4. thisUpdate A UTCTime value.
|
||
5. nextUpdate A UTCTime value.
|
||
6. revokedCertificates 3-tuples of 6a, 6b, and (optional) 6c:
|
||
6a. userCertificate A certificate's serial number.
|
||
6b. revocationDate UTCTime value for the revocation date.
|
||
6c. crlEntryExtensions Optional.
|
||
7. crlExtensions Optional.
|
||
|
||
$ X.509 public-key certificate
|
||
(N) A public-key certificate in one of the formats defined by
|
||
X.509--version 1 (v1), version 2 (v2), or version 3 (v3). (The v1
|
||
and v2 designations for an X.509 public-key certificate are
|
||
disjoint from the v1 and v2 designations for an X.509 CRL, and
|
||
from the v1 designation for an X.509 attribute certificate.)
|
||
|
||
(C) An X.509 public-key certificate contains a sequence of data
|
||
items and has a digital signature computed on that sequence. In
|
||
addition to the signature, all three versions contain items 1
|
||
through 7 listed below. Only v2 and v3 certificates may also
|
||
contain items 8 and 9, and only v3 may contain item 10.
|
||
|
||
1. version Identifies v1, v2, or v3.
|
||
2. serialNumber Certificate serial number;
|
||
an integer assigned by the issuer.
|
||
3. signature OID of algorithm that was used to
|
||
sign the certificate.
|
||
4. issuer DN of the issuer (the CA who signed).
|
||
5. validity Validity period; a pair of UTCTime
|
||
values: "not before" and "not after".
|
||
6. subject DN of entity who owns the public key.
|
||
7. subjectPublicKeyInfo Public key value and algorithm OID.
|
||
8. issuerUniqueIdentifier Defined for v2, v3; optional.
|
||
9. subjectUniqueIdentifier Defined for v2, v2; optional.
|
||
10. extensions Defined only for v3; optional.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 196]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
$ XTACACS
|
||
See: (secondary definition under) Terminal Access Controller (TAC)
|
||
Access Control System.
|
||
|
||
$ Yellow Book
|
||
(D) ISDs SHOULD NOT use this term as a synonym for "Computer
|
||
Security Requirements: Guidance for Applying the Department of
|
||
Defense Trusted Computer System Evaluation Criteria in Specific
|
||
Environments" [CSC3]. Instead, use the full proper name of the
|
||
document or, in subsequent references, a conventional
|
||
abbreviation. (See: (usage note under) Green Book, Rainbow
|
||
Series.)
|
||
|
||
$ zeroize
|
||
(I) Use erasure or other means to render stored data unusable and
|
||
unrecoverable, particularly a key stored in a cryptographic module
|
||
or other device.
|
||
|
||
(O) Erase electronically stored data by altering the contents of
|
||
the data storage so as to prevent the recovery of the data.
|
||
[FP140]
|
||
|
||
4. References
|
||
|
||
This Glossary focuses on the Internet Standards Process. Therefore,
|
||
this set of references emphasizes international, governmental, and
|
||
industry standards documents; only a few other texts are listed. RFCs
|
||
are listed, but not Internet-Drafts, because the latter are not an
|
||
archival document series and should not be cited or quoted in an RFC.
|
||
|
||
[A3092] American National Standards Institute, "American National
|
||
Standard Data Encryption Algorithm", ANSI X3.92-1981, 30 Dec
|
||
1980.
|
||
|
||
[A9009] ---, "Financial Institution Message Authentication
|
||
(Wholesale)", ANSI X9.9-1986, 15 Aug 1986.
|
||
|
||
[A9017] ---, "Financial Institution Key Management (Wholesale)",
|
||
X9.17, 4 Apr 1985. [Defines procedures for the manual and
|
||
automated management of keying material and uses DES to
|
||
provide key management for a variety of operational
|
||
environments.]
|
||
|
||
[A9042] ---, "Public key Cryptography for the Financial Service
|
||
Industry: Agreement of Symmetric Keys Using Diffie-Hellman
|
||
and MQV Algorithms", X9.42, 29 Jan 1999.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 197]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[A9052] ---, "Triple Data Encryption Algorithm Modes of Operation",
|
||
X9.52-1998, ANSI approval 9 Nov 1998.
|
||
|
||
[A9062] ---, "Public Key Cryptography for the Financial Services
|
||
Industry: The Elliptic Curve Digital Signature Algorithm
|
||
(ECDSA)", X9.62-1998, ANSI approval 7 Jan 1999.
|
||
|
||
[ABA] American Bar Association, "Digital Signature Guidelines:
|
||
Legal Infrastructure for Certification Authorities and
|
||
Secure Electronic Commerce", Chicago, IL, 1 Aug 1996.
|
||
|
||
[ACM] Association for Computing Machinery, "Communications of the
|
||
ACM", Jul 1998 issue with: Minerva M. Yeung, "Digital
|
||
Watermarking"; Nasir Memom and Ping Wah Wong, "Protecting
|
||
Digital Media Content"; and Scott Craver, Boon-Lock Yeo, and
|
||
Minerva Yeung, "Technical Trials and Legal Tribulations".
|
||
|
||
[Army] U.S. Army Corps of Engineers, "Electromagnetic Pulse (EMP)
|
||
and Tempest Protection for Facilities", EP 1110-3-2, 31 Dec
|
||
1990.
|
||
|
||
[B7799] British Standards Institution, "Information Security
|
||
Management, Part 1: Code of Practice for Information
|
||
Security Management", BS 7799-1:1999, effective 15 May 1999.
|
||
|
||
---, ---, "Part 2: Specification for Information Security
|
||
Management Systems", BS 7799-2:1999, effective 15 May 1999.
|
||
|
||
[Bell] D. E. Bell and L. J. LaPadula, "Secure Computer Systems:
|
||
Mathematical Foundations and Model", M74-244, The MITRE
|
||
Corporation, Bedford, MA, May 1973. (Available as AD-771543,
|
||
National Technical Information Service, Springfield, VA.)
|
||
|
||
[CCIB] Common Criteria Implementation Board, "Common Criteria for
|
||
Information Technology Security Evaluation, Part 1:
|
||
Introduction and General Model", ver. 2.1, CCIB-99-01, Aug
|
||
1999.
|
||
|
||
[CIPSO] Trusted Systems Interoperability Working Group, "Common IP
|
||
Security Option", ver. 2.3, 9 Mar 1993. [A "work in
|
||
progress" that is probably defunct.]
|
||
|
||
[CSC1] U.S. Department of Defense Computer Security Center,
|
||
"Department of Defense Trusted Computer System Evaluation
|
||
Criteria", CSC-STD-001-83, 15 Aug 1983. (Superseded by
|
||
[DOD1].)
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 198]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[CSC2] ---, "Department of Defense Password Management Guideline",
|
||
CSC-STD-002-85, 12 Apr 1985.
|
||
|
||
[CSC3] ---, "Computer Security Requirements: Guidance for Applying
|
||
the Department of Defense Trusted Computer System Evaluation
|
||
Criteria in Specific Environments", CSC-STD-003-85, 25 Jun
|
||
1985.
|
||
|
||
[CSOR] U.S. Department of Commerce, "General Procedures for
|
||
Registering Computer Security Objects", National Institute
|
||
of Standards Interagency Report 5308, Dec 1993.
|
||
|
||
[Denn] D. E. Denning, "A Lattice Model of Secure Information Flow",
|
||
in "Communications of the ACM", vol. 19, no. 5, May 1976,
|
||
pp. 236-243.
|
||
|
||
[DH76] W. Diffie and M. H. Hellman, "New Directions in
|
||
Cryptography" in "IEEE Transactions on Information Theory",
|
||
vol. IT-22, no. 6, Nov 1976, pp. 644-654.
|
||
|
||
[DOD1] U.S. Department of Defense, "Department of Defense Trusted
|
||
Computer System Evaluation Criteria", DoD 5200.28-STD, 26
|
||
Dec 1985. (Supersedes [CSC1].)
|
||
|
||
[DOD2] ---, Directive 5200.28, "Security Requirements for Automated
|
||
Information Systems (AISs)", 21 Mar 1988.
|
||
|
||
[DOD3] ---, "X.509 Certificate Policy", ver. 2, Mar 1999.
|
||
|
||
[DOD4] ---, "NSA Key Recovery Assessment Criteria", 8 Jun 1998.
|
||
|
||
[ElGa] T. El Gamal, "A Public-Key Cryptosystem and a Signature
|
||
Scheme Based on Discrete Logarithms" in "IEEE Transactions
|
||
on Information Theory", vol. IT-31, no. 4, 1985, pp. 469-
|
||
472.
|
||
|
||
[EMV1] Europay International S.A., MasterCard International
|
||
Incorporated, and Visa International Service Association,
|
||
"EMV '96 Integrated Circuit Card Specification for Payment
|
||
Systems", ver. 3.1.1, 31 May 1998.
|
||
|
||
[EMV2] ---, "EMV '96 Integrated Circuit Card Terminal Specification
|
||
for Payment Systems", ver. 3.1.1, 31 May 1998.
|
||
|
||
[EMV3] ---, EMV '96 Integrated Circuit Card Application
|
||
Specification for Payment Systems", ver. 3.1.1, 31 May 1998.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 199]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[For94] W. Ford, "Computer Communications Security: Principles,
|
||
Standard Protocols and Techniques", ISBN 0-13-799453-2,
|
||
1994.
|
||
|
||
[For97] W. Ford and M. Baum, "Secure Electronic Commerce: Building
|
||
the Infrastructure for Digital Signatures and Encryption",
|
||
ISBN 0-13-476342-4, 1994.
|
||
|
||
[FP031] U.S. Department of Commerce, "Guidelines for Automatic Data
|
||
Processing Physical Security and Risk Management", Federal
|
||
Information Processing Standards Publication (FIPS PUB) 31,
|
||
Jun 1974.
|
||
|
||
[FP039] ---, "Glossary for Computer Systems Security", FIPS PUB 39,
|
||
15 Feb 1976.
|
||
|
||
[FP046] ---, "Data Encryption Standard (DES)", FIPS PUB 46-2, 30 Dec
|
||
1993.
|
||
|
||
[FP081] ---, "DES Modes of Operation", FIPS PUB 81, 2 Dec 1980.
|
||
|
||
[FP102] ---, "Guideline for Computer Security Certification and
|
||
Accreditation", FIPS PUB 102, 27 Sep 1983.
|
||
|
||
[FP113] ---, "Computer Data Authentication", FIPS PUB 113, 30 May
|
||
1985.
|
||
|
||
[FP140] ---, "Security Requirements for Cryptographic Modules", FIPS
|
||
PUB 140-1, 11 Jan 1994.
|
||
|
||
[FP151] ---, "Portable Operating System Interface (POSIX)--System
|
||
Application Program Interface [C Language]", FIPS PUB 151-2,
|
||
12 May 1993
|
||
|
||
[FP180] ---, "Secure Hash Standard", FIPS PUB 180-1, 17 Apr 1995.
|
||
|
||
[FP185] ---, "Escrowed Encryption Standard", FIPS PUB 185, 9 Feb
|
||
1994.
|
||
|
||
[FP186] ---, "Digital Signature Standard (DSS)", FIPS PUB 186, 19
|
||
May 1994.
|
||
|
||
[FP188] ---, "Standard Security Label for Information Transfer",
|
||
FIPS PUB 188, 6 Sep 1994.
|
||
|
||
[FPDAM] Collaborative ITU and ISO/IEC meeting on the Directory,
|
||
"Final Proposed Draft Amendment on Certificate Extensions",
|
||
April 1999. (This draft proposes changes to [X.509].)
|
||
|
||
|
||
|
||
Shirey Informational [Page 200]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[FPKI] U.S. Department of Commerce, "Public Key Infrastructure
|
||
(PKI) Technical Specifications: Part A--Technical Concept of
|
||
Operations", National Institute of Standards, 4 Sep 1998.
|
||
|
||
[I3166] International Standards Organization, "Codes for the
|
||
Representation of Names of countries and Their Subdivisions
|
||
--Part 1: Country Codes", ISO 3166-1:1997.
|
||
|
||
---, --- "Part 2: Country Subdivision Codes", ISO/DIS 3166-
|
||
2.
|
||
|
||
---, --- "Part 3: Codes for Formerly Used Names of
|
||
Countries", ISO/DIS 3166-3.
|
||
|
||
[I7498] ---, "Information Processing Systems--Open Systems
|
||
Interconnection Reference Model--[Part 1:] Basic Reference
|
||
Model", ISO/IEC 7498-1. (Equivalent to ITU-T Recommendation
|
||
X.200.)
|
||
|
||
---, --- "Part 2: Security Architecture", ISO/IEC 7499-2.
|
||
|
||
---, --- "Part 4: Management Framework", ISO/IEC 7498-4.
|
||
|
||
[I7812] ---, "Identification cards--Identification of Issuers--Part
|
||
1: Numbering System", ISO/IEC 7812-1:1993
|
||
|
||
---, --- "Part 2: Application and Registration Procedures",
|
||
ISO/IEC 7812-2:1993.
|
||
|
||
[I9945] ---, "Portable Operating System Interface for Computer
|
||
Environments", ISO/IEC 9945-1:1990.
|
||
|
||
[I15408] ---, "Information Technology--Security Techniques--
|
||
Evaluation criteria for IT Security--Part 1: Introduction
|
||
and General Model", ISO/IEC 15408-1:1999.
|
||
|
||
[ITSEC] "Information Technology Security Evaluation Criteria
|
||
(ITSEC): Harmonised Criteria of France, Germany, the
|
||
Netherlands, and the United Kingdom", ver. 1.2, U.K.
|
||
Department of Trade and Industry, Jun 1991.
|
||
|
||
[Kahn] David Kahn, "The Codebreakers: The Story of Secret Writing",
|
||
The Macmillan Company, New York, 1967.
|
||
|
||
[Knuth] D. E. Knuth, Chapter 3 ("Random Numbers") in Volume 2
|
||
("Seminumerical Algorithms") of "The Art of Computer
|
||
Programming", Addison-Wesley, Reading, MA, 1969.
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 201]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[Kuhn] Markus G. Kuhn and Ross J. Anderson, "Soft Tempest: Hidden
|
||
Data Transmission Using Electromagnetic Emanations", in
|
||
David Aucsmith, ed., "Information Hiding, Second
|
||
International Workshop, IH'98", Portland, Oregon, USA, 15-17
|
||
Apr 1998, LNCS 1525, Springer-Verlag, ISBN 3-540-65386-4,
|
||
pp. 124-142.
|
||
|
||
[MISPC] U.S. Department of Commerce, "Minimum Interoperability
|
||
Specification for PKI Components (MISPC), Version 1",
|
||
National Institute of Standards Special Publication 800-15,
|
||
Sep 1997.
|
||
|
||
[NCS01] National Computer Security Center, "A Guide to Understanding
|
||
Audit in Trusted Systems", NCSC-TG-001, 1 Jun 1988. (Part of
|
||
the Rainbow Series.)
|
||
|
||
[NCS04] ---, "Glossary of Computer Security Terms", NCSC-TG-004,
|
||
ver. 1, 21 Oct 1988. (Part of the Rainbow Series.)
|
||
|
||
[NCS05] ---, "Trusted Network Interpretation of the Trusted Computer
|
||
System Evaluation Criteria", NCSC-TG-005, ver. 1, 31 Jul
|
||
1987. (Part of the Rainbow Series.)
|
||
|
||
[NCS25] ---, "A Guide to Understanding Data Remanence in Automated
|
||
Information Systems", NCSC-TG-025, ver. 2, Sep 1991. (Part
|
||
of the Rainbow Series.)
|
||
|
||
[NIST] National Institute of Standards and Technology, "SKIPJACK
|
||
and KEA Algorithm Specifications", ver. 2, 29 May 1998.
|
||
(http://csrc.nist.gov/encryption/skipjack-kea.htm)
|
||
|
||
[PGP] Simson Garfinkel, "PGP: Pretty Good Privacy", O'Reilly &
|
||
Associates, Inc., Sebastopol, CA, 1995.
|
||
|
||
[PKCS] Burton S. Kaliski, Jr., "An Overview of the PKCS Standards",
|
||
RSA Data Security, Inc., 3 Jun 1991.
|
||
|
||
[PKC07] RSA Laboratories, "PKCS #7: Cryptographic Message Syntax
|
||
Standard", ver. 1.5, RSA Laboratories Technical Note, 1 Nov
|
||
1993.
|
||
|
||
[PKC10] ---, "PKCS #10: Certification Request Syntax Standard", ver.
|
||
1.0, RSA Laboratories Technical Note, 1 Nov 1993.
|
||
|
||
[PKC11] ---, "PKCS #11: Cryptographic Token Interface Standard",
|
||
ver. 1.0, 28 Apr 1995.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 202]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[R0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, August
|
||
1980.
|
||
|
||
[R0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September
|
||
1981.
|
||
|
||
[R0792] Postel, J., "Internet Control Message Protocol", STD 5, RFC
|
||
792, September 1981. [See: RFC 1885.]
|
||
|
||
[R0793] Postel, J., ed., "Transmission Control Protocol", STD 7, RFC
|
||
793, September 1981.
|
||
|
||
[R0821] Postel, J., "Simple Mail Transfer Protocol", STD 10, RFC
|
||
821, August 1982.
|
||
|
||
[R0822] Crocker, D., "Standard for the Format of ARPA Internet Text
|
||
Messages", STD 11, RFC 822, August 1982.
|
||
|
||
[R0854] Postel, J. and J. Reynolds, "TELNET Protocol Specification",
|
||
STD 8, RFC 854, May 1983.
|
||
|
||
[R0959] Postel, J. and J. Reynolds, "File Transfer Protocol (FTP)",
|
||
STD 9, RFC 959, October 1985.
|
||
|
||
[R1034] Mockapetris, P., "Domain Names--Concepts and Facilities",
|
||
STD 13, RFC 1034, November 1987.
|
||
|
||
[R1157] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "A Simple
|
||
Network Management Protocol (SNMP)" [version 1], STD 15, RFC
|
||
1157, May 1990.
|
||
|
||
[R1208] Jacobsen O. and D. Lynch, "A Glossary of Networking Terms",
|
||
RFC 1208, March 1991.
|
||
|
||
[R1319] Kaliski, B., "The MD2 Message-Digest Algorithm", RFC 1319,
|
||
April 1992.
|
||
|
||
[R1320] Rivest, R., "The MD4 Message-Digest Algorithm", RFC 1320,
|
||
April 1992.
|
||
|
||
[R1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
|
||
April 1992.
|
||
|
||
[R1334] Lloyd, B. and W. Simpson, "PPP Authentication Protocols",
|
||
RFC 1334, October 1992.
|
||
|
||
[R1413] St. Johns, M., "Identification Protocol", RFC 1413, February
|
||
1993.
|
||
|
||
|
||
|
||
Shirey Informational [Page 203]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[R1421] Linn, J., "Privacy Enhancement for Internet Electronic Mail,
|
||
Part I: Message Encryption and Authentication Procedures",
|
||
RFC 1421, February 1993.
|
||
|
||
[R1422] Kent, S., "Privacy Enhancement for Internet Electronic Mail,
|
||
Part II: Certificate-Based Key Management", RFC 1422,
|
||
February 1993.
|
||
|
||
[R1455] Eastlake, D., "Physical Link Security Type of Service", RFC
|
||
1455, May 1993.
|
||
|
||
[R1457] Housley, R., "Security Label Framework for the Internet",
|
||
RFC 1457, May 1993.
|
||
|
||
[R1492] Finseth, C., "An Access Control Protocol, Sometimes Called
|
||
TACACS", RFC 1492, July 1993.
|
||
|
||
[R1507] Kaufman, C., "DASS: Distributed Authentication Security
|
||
Service", RFC 1507, September 1993.
|
||
|
||
[R1510] Kohl, J. and C. Neuman, "The Kerberos Network Authentication
|
||
Service (V5)", RFC 1510, September 1993.
|
||
|
||
[R1591] Kohl, J. and C. Neuman, "Domain Name System Structure and
|
||
Delegation", March 1994.
|
||
|
||
[R1630] Berners-Lee, T., "Universal Resource Identifiers in WWW",
|
||
RFC 1630, June 1994.
|
||
|
||
[R1661] Simpson, W., ed., " The Point-to-Point Protocol (PPP)", STD
|
||
51, RFC 1661, July 1994.
|
||
|
||
[R1731] Myers, J., "IMAP4 Authentication Mechanisms", RFC 1731,
|
||
December 1994.
|
||
|
||
[R1734] Myers, J., "POP3 AUTHentication Command", RFC 1734, December
|
||
1994.
|
||
|
||
[R1738] Myers, J., Masinter, L. and M. McCahill, ed's., "Uniform
|
||
Resource Locators (URL)", RFC 1738, December 1994.
|
||
|
||
[R1750] Eastlake, D., Crocker, S. and J. Schiller, "Randomness
|
||
Recommendations for Security", RFC 1750, December 1994.
|
||
|
||
[R1777] Yeong, W., Howes, T. and S. Kille, "Lightweight Directory
|
||
Access Protocol", RFC 1777, March 1995.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 204]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[R1808] Fielding, R., "Relative Uniform Resource Locators", RFC
|
||
1808, June 1995.
|
||
|
||
[R1824] Danisch, H., "The Exponential Security System TESS: An
|
||
Identity-Based Cryptographic Protocol for Authenticated Key-
|
||
Exchange (E.I.S.S.-Report 1995/4)", RFC 1824, August 1995.
|
||
|
||
[R1828] Metzger, P. and W. Simpson, "IP Authentication using Keyed
|
||
MD5", RFC 1828, August 1995.
|
||
|
||
[R1829] Karn, P., Metzger, P. and W. Simpson, "The ESP DES-CBC
|
||
Transform", RFC 1829, August 1995.
|
||
|
||
[R1848] Crocker, S., Freed, N., Galvin, J. and S. Murphy, "MIME
|
||
Object Security Services", RFC 1848, October 1995.
|
||
|
||
[R1851] Karn, P., Metzger, P. and W. Simpson, "The ESP Triple DES
|
||
Transform", RFC 1851, September 1995.
|
||
|
||
[R1866] Berners-Lee, T., "Hypertext Markup Language--2.0", RFC 1866,
|
||
November 1995.
|
||
|
||
[R1885] Conta, A. and S. Deering, "Internet Control Message Protocol
|
||
(ICMPv6) for the Internet Protocol Version 6 (IPv6)
|
||
Specification", RFC 1885, December 1995.
|
||
|
||
[R1928] Leech, M., Ganis, M., Lee, Y., Kuris, R., Koblas, D. and L.
|
||
Jones, "SOCKS Protocol Version 5", RFC 1928, March 1996.
|
||
|
||
[R1938] Haller, N. and C. Metzion, "A One-Time Password System", RFC
|
||
1938, May 1996.
|
||
|
||
[R1939] Myers, J. and M. Rose, "Post Office Protocol - Version 3",
|
||
STD 53, RFC 1939, May 1996.
|
||
|
||
[R1958] Carpenter, B., ed., "Architectural Principles of the
|
||
Internet", RFC 1958, June 1996.
|
||
|
||
[R1983] Malkin, G., ed., "Internet Users' Glossary", FYI 18, RFC
|
||
1983, August 1996.
|
||
|
||
[R1994] Simpson, W. "PPP Challenge Handshake Authentication Protocol
|
||
(CHAP)", RFC 1994, August 1996.
|
||
|
||
[R2023] Postel, J. and J. Reynolds, "Instructions to RFC Authors",
|
||
RFC 2023, October 1997.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 205]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[R2026] Bradner, S., "The Internet Standards Process--Revision 3",
|
||
BCP 9, RFC 2026, March 1994.
|
||
|
||
[R2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
|
||
Extensions (MIME) Part One: Format of Internet Message
|
||
Bodies", RFC 2045, November 1996.
|
||
|
||
[R2060] Crispin, M., "Internet Message Access Protocol--Version 4
|
||
Revision 1", RFC 2060, December 1996.
|
||
|
||
[R2065] Eastlake, D., 3rd, "Domain Name System Security Extensions",
|
||
RFC 2065, January 1997.
|
||
|
||
[R2078] Linn, J., "Generic Security Service Application Program
|
||
Interface, Version 2", RFC 2078, January 1997.
|
||
|
||
[R2084] Bossert, G., Cooper, S. and W. Drummond, "Considerations for
|
||
Web Transaction Security", RFC 2084, January 1997.
|
||
|
||
[R2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-
|
||
Hashing for Message Authentication", RFC 2104, February
|
||
1997.
|
||
|
||
[R2119] Bradner, S., "Key Words for Use in RFCs To Indicate
|
||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||
|
||
[R2138] Rigney, C., Rubens, A., Simpson, W. and S. Willens, "Remote
|
||
Authentication Dial In User Service (RADIUS)", RFC 2138,
|
||
April 1997.
|
||
|
||
[R2137] Eastlake, D., "Secure Domain Name System Dynamic Update",
|
||
RFC 2137, April 1997.
|
||
|
||
[R2179] Gwinn, A., "Network Security For Trade Shows", RFC 2179,
|
||
July 1997.
|
||
|
||
[R2195] Klensin, J., Catoe, R. and P. Krumviede, "IMAP/POP AUTHorize
|
||
Extension for Simple Challenge/Response", RFC 2195, Sepember
|
||
1997.
|
||
|
||
[R2196] Fraser, B., "Site Security Handbook", FYI 8, RFC 2196,
|
||
Sepember 1997.
|
||
|
||
[R2202] Cheng, P. and R. Glenn, "Test Cases for HMAC-MD5 and HMAC-
|
||
SHA-1", RFC 2202, Sepember 1997.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 206]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[R2222] Myers, J., "Simple Authentication and Security Layer
|
||
(SASL)", RFC 2222, October 1997.
|
||
|
||
[R2223] Postel, J., "Instructions to RFC Authors", RFC 2223, October
|
||
1997.
|
||
|
||
[R2246] Dierks, T. and C. Allen, "The TLS Protocol, Version 1.0",
|
||
RFC 2246, January 1999.
|
||
|
||
[R2284] Blunk, L. and J. Vollbrecht, "PPP Extensible Authentication
|
||
Protocol (EAP)", RFC 2284, March 1998.
|
||
|
||
[R2315] Kaliski, B., "PKCS #7: Cryptographic Message Syntax, Version
|
||
1.5", RFC 2315, March 1998.
|
||
|
||
[R2323] Ramos, A., "IETF Identification and Security Guidelines",
|
||
RFC 2323, 1 April 1998. [Intended for humorous entertainment
|
||
("please laugh loud and hard"); does not contain serious
|
||
security information.]
|
||
|
||
[R2350] Brownlee, N. and E. Guttman, "Expectations for Computer
|
||
Security Incident Response", RFC 2350, June 1998.
|
||
|
||
[R2356] Montenegro, C. and V. Gupta, "Sun's SKIP Firewall Traversal
|
||
for Mobile IP", RFC 2356, June 1998.
|
||
|
||
[R2373] Hinden, R. and S. Deering, "IP Version 6 Addressing
|
||
Architecture", RFC 2373, July 2998.
|
||
|
||
[R2401] Kent, S. and R. Atkinson, "Security Architecture for the
|
||
Internet Protocol", RFC 2401, November 1998.
|
||
|
||
[R2402] Kent, S. and R. Atkinson, "IP Authentication Header", RFC
|
||
2402, November 1998.
|
||
|
||
[R2403] Madson, C. and R. Glenn, "The Use of HMAC-MD5-96 within ESP
|
||
and AH", RFC 2403, November 1998.
|
||
|
||
[R2404] Madson, C. and R. Glenn, "The Use of HMAC-SHA-1-96 within
|
||
ESP and AH", RFC 2404, November 1998.
|
||
|
||
[R2405] Madson, C. and N. Doraswamy, "The ESP DES-CBC Cipher
|
||
Algorithm With Explicit IV", RFC 2405, November 1998.
|
||
|
||
[R2406] Kent, S. and R. Atkinson, "IP Encapsulating Security Payload
|
||
(ESP)", RFC 2406, November 1998.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 207]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[R2407] Piper, D., "The Internet IP Security Domain of
|
||
Interpretation for ISAKMP", RFC 2407, November 1998.
|
||
|
||
[R2408] Maughan, D., Schertler, M., Schneider, M. and J. Turner,
|
||
"Internet Security Association and Key Management Protocol
|
||
(ISAKMP)", RFC 2408, November 1998.
|
||
|
||
[R2409] Harkins, D. and D. Carrel, "The Internet Key Exchange
|
||
(IKE)", RFC 2409, November 1998.
|
||
|
||
[R2410] Glenn, R. and S. Kent, "The NULL Encryption Algorithm and
|
||
Its Use With IPsec", RFC 2410, November 1998.
|
||
|
||
[R2412] Orman, H., "The OAKLEY Key Determination Protocol", RFC
|
||
2412, November 1998.
|
||
|
||
[R2451] Pereira, R. and R. Adams, "The ESP CBC-Mode Cipher
|
||
Algorithms", RFC 2451, November 1998.
|
||
|
||
[R2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
|
||
(IPv6) Specification", RFC 2460, December 1998.
|
||
|
||
[R2504] Guttman, E., Leong, L. and G. Malkin, "Users' Security
|
||
Handbook", RFC 2504, February 1999.
|
||
|
||
[R2510] Adams, C. and S. Farrell, "Internet X.509 Public Key
|
||
Infrastructure Certificate Management Protocols", RFC 2510,
|
||
March 1999.
|
||
|
||
[R2527] Chokhani, S. and W. Ford, "Internet X.509 Public Key
|
||
Infrastructure, Certificate Policy and Certification
|
||
Practices Framework", RFC 2527, March 1999.
|
||
|
||
[R2536] EastLake, D., "DSA KEYs and SIGs in the Domain Name System
|
||
(DNS)", RFC 2536, March 1999.
|
||
|
||
[R2570] Case, J., Mundy, R., Partain, D. and B. Stewart,
|
||
"Introduction to Version 3 of the Internet-Standard Network
|
||
Management Framework", RFC 2570, April 1999.
|
||
|
||
[R2574] Blumenthal, U. and B. Wijnen, "User-based Security Model
|
||
(USM) for Version 3 of the Simple Network Management
|
||
Protocol (SNMPv3)", RFC 2574, April 1999.
|
||
|
||
[R2612] Adams, C. and J. Gilchrist, "The CAST-256 Encryption
|
||
Algorithm", RFC 2612, June 1999.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 208]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[R2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter,
|
||
L., Leach, P. and T. Berners-Lee, "Hypertext Transfer
|
||
Protocol-- HTTP/1.1", RFC 2616, June 1999.
|
||
|
||
[R2628] Smyslov, V., "Simple Cryptographic Program Interface", RFC
|
||
2628, June 1999.
|
||
|
||
[R2630] Housley, R., "Cryptographic Message Syntax", RFC 2630, June
|
||
1999.
|
||
|
||
[R2631] Rescorla, E., "Diffie-Hellman Key Agreement Method", RFC
|
||
2631, June 1999.
|
||
|
||
[R2633] Ramsdell, B., ed., "S/MIME Version 3 Message Specification",
|
||
RFC 2633, June 1999.
|
||
|
||
[R2634] Hoffman, P., ed., "Enhanced Security Services for S/MIME",
|
||
RFC 2634, June 1999.
|
||
|
||
[R2635] Hambridge, S. and A. Lunde, "Don't Spew: A Set of Guidelines
|
||
for Mass Unsolicited Mailings and Postings", RFC 2635, June
|
||
1999.
|
||
|
||
[Raym] E. S. Raymond, ed., "The On-Line Hacker Jargon File", ver.
|
||
4.0.0, 24 Jul 1996. (Also available as "The New Hacker's
|
||
Dictionary", 2nd edition, MIT Press, Sep 1993, ISBN 0-262-
|
||
18154-1. See: http://www.tuxedo.org/jargon/ for the latest
|
||
version.)
|
||
|
||
[Russ] D. Russell and G. T. Gangemi Sr., Chapter 10 ("TEMPEST") in
|
||
"Computer Security Basics", ISBN 0-937175-71-4, 1991.
|
||
|
||
[Schn] B. Schneier, "Applied Cryptography", John Wiley & Sons,
|
||
Inc., New York, 1994.
|
||
|
||
[SDNS3] U.S. Department of Defense, National Security Agency,
|
||
"Secure Data Network Systems, Security Protocol 3 (SP3)",
|
||
document SDN.301, Revision 1.5, 15 May 1989.
|
||
|
||
[SDNS4] ---, ---, "Security Protocol 4 (SP4)", document SDN.401,
|
||
Revision 1.2, 12 Jul 1988.
|
||
|
||
[SDNS7] ---, ---, "Secure data Network System, Message Security
|
||
Protocol (MSP)", document SDN.701, Revision 4.0, 7 Jun 1996,
|
||
with Corrections to Message Security Protocol, SDN.701, Rev
|
||
4.0", 96-06-07, 30 Aug, 1996.
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 209]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
[SET1] MasterCard and Visa, "SET Secure Electronic Transaction
|
||
Specification, Book 1: Business Description", ver. 1.0, 31
|
||
May 1997.
|
||
|
||
[SET2] ---, "SET Secure Electronic Transaction Specification, Book
|
||
2: Programmer's Guide", ver. 1.0, 31 May 1997.
|
||
|
||
[Stei] J. Steiner, C. Neuman, and J. Schiller, "Kerberos: An
|
||
Authentication Service for Open Network Systems" in "Usenix
|
||
Conference Proceedings", Feb 1988.
|
||
|
||
[X400] International Telecommunications Union--Telecommunication
|
||
Standardization Sector (formerly "CCITT"), Recommendation
|
||
X.400, "Message Handling Services: Message Handling System
|
||
and Service Overview".
|
||
|
||
[X500] ---, Recommendation X.500, "Information Technology--Open
|
||
Systems Interconnection--The Directory: Overview of
|
||
Concepts, Models, and Services". (Equivalent to ISO 9594-1.)
|
||
|
||
[X501] ---, Recommendation X.501, "Information Technology--Open
|
||
Systems Interconnection--The Directory: Models".
|
||
|
||
[X509] ---, Recommendation X.509, "Information Technology--Open
|
||
Systems Interconnection--The Directory: Authentication
|
||
Framework". (Equivalent to ISO 9594-8.)
|
||
|
||
[X519] ---, Recommendation X.519, "Information Technology--Open
|
||
Systems Interconnection--The Directory: Protocol
|
||
Specifications".
|
||
|
||
[X520] ---, Recommendation X.520, "Information Technology--Open
|
||
Systems Interconnection--The Directory: Selected Attribute
|
||
Types".
|
||
|
||
[X680] ---, Recommendation X.680, "Information Technology--Abstract
|
||
Syntax Notation One (ASN.1)--Specification of Basic
|
||
Notation", 15 Nov 1994. (Equivalent to ISO/IEC 8824-1.)
|
||
|
||
[X690] ---, Recommendation X.690, "Information Technology--ASN.1
|
||
Encoding Rules--Specification of Basic Encoding Rules (BER),
|
||
Canonical Encoding Rules (CER) and Distinguished Encoding
|
||
Rules (DER)", 15 Nov 1994. (Equivalent to ISO/IEC 8825-1.)
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 210]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
5. Security Considerations
|
||
|
||
This document only defines security terms and recommends how to use
|
||
them. It does not describe in detail the vulnerabilities of, threats
|
||
to, or mechanisms that protect specific Internet protocols.
|
||
|
||
6. Acknowledgments
|
||
|
||
Pat Cain, Mike Kong, and Charles Lynn provided meticulous comments on
|
||
an early draft.
|
||
|
||
7. Author's Address
|
||
|
||
Please address all comments to:
|
||
|
||
Robert W. Shirey GTE / BBN Technologies
|
||
EMail: rshirey@bbn.com Suite 1200, Mail Stop 30/12B2
|
||
Phone: +1 (703) 284-4641 1300 Seventeenth Street North
|
||
Fax: +1 (703) 284-2766 Arlington, VA 22209-3801 USA
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 211]
|
||
|
||
RFC 2828 Internet Security Glossary May 2000
|
||
|
||
|
||
8. Full Copyright Statement
|
||
|
||
Copyright (C) The Internet Society (2000). All Rights Reserved.
|
||
|
||
This document and translations of it may be copied and furnished to
|
||
others, and derivative works that comment on or otherwise explain it
|
||
or assist in its implementation may be prepared, copied, published
|
||
and distributed, in whole or in part, without restriction of any
|
||
kind, provided that the above copyright notice and this paragraph are
|
||
included on all such copies and derivative works. However, this
|
||
document itself may not be modified in any way, such as by removing
|
||
the copyright notice or references to the Internet Society or other
|
||
Internet organizations, except as needed for the purpose of
|
||
developing Internet standards in which case the procedures for
|
||
copyrights defined in the Internet Standards process must be
|
||
followed, or as required to translate it into languages other than
|
||
English.
|
||
|
||
The limited permissions granted above are perpetual and will not be
|
||
revoked by the Internet Society or its successors or assigns.
|
||
|
||
This document and the information contained herein is provided on an
|
||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||
|
||
Acknowledgement
|
||
|
||
Funding for the RFC Editor function is currently provided by the
|
||
Internet Society.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Shirey Informational [Page 212]
|
||
|