The care which an ordinary prudent person would have exercised under the same or similar circumstances. The terms due care and reasonable care are used interchangeably.
Dynamic Host Configuration Protocol (DHCP)
A protocol that issues IP addresses automatically within a specified range to devices such as PCs when they are first powered on. The device retains the use of the IP address for a specific license period that the system administrator can define.
Electronics Industry Association (EIA)
A U.S. standards organization that represents a large number of electronics firms.
Software that is an element of a larger system and performs some of the requirements of that system, such as controlling, measuring, or monitoring the actions of the systems physical components.
A system that performs or controls a function, either in whole or in part, as an integral element of a larger system or subsystem.
Synonymous with contingency plan.
emission(s) security (EMSEC)
The protection resulting from all measures taken to deny unauthorized persons information of value derived from the intercept and analysis of compromising emanations from cryptoequipment or an IT system.
To make the message unintelligible to all but the intended recipients.
Encrypted information sent from the point of origin to the final destination. In symmetric key encryption, this process requires the sender and the receiver to have the identical key for the session.
Gathering detailed information about a target information system.
The aggregate of external procedures, conditions, and objects that affect the development, operation, and maintenance of a system.
A process by which a signal recorded on magnetic media is removed. Erasure is accomplished in two ways 1) by alternating current erasure, by which the information is destroyed when an alternating high and low magnetic field is applied to the media 2) by direct current erasure, in which the media is saturated by applying a unidirectional magnetic field.
An error occurs 1) if an individual interacts with a software system and creates an error, e.g., a coding error, or an operational failure 2) when a discrepancy in the value actually produced by the software is different than the correct value 3) when one of the softwares state changes from correct to incorrect.
More intelligent than a hub, with the capability to connect the sending station directly to the receiving station.
Trusted individual who performs penetration tests without malicious intent.
Assessment of an IT product or system against defined security functional and assurance criteria performed by a combination of testing and analytic techniques.
Something that occurs such as a specific situation or an activity. Within a software system, an event handler is a subroutine that handles input received from the software.
The entities in softwares operational environment such as servers, middleware, and network devices that support, affect or influence its execution.
To exploit means to take advantage of a security weakness in software in order to compromise the software, e.g., to gain control of a system. An exploit also refers to the portion of code, data, or sequence of commands used to conduct the attack.
Evaluation Assurance Level (EAL)
In the Common Criteria, the degree of examination of the product to be tested. EALs range from EA1 (functional testing) to EA7 (detailed testing and formal design verification). Each numbered package represents a point on the CCs predefined assurance scale. An EAL can be considered a level of confidence in the security functions of an IT product or system.
One of several states in which a system can operate and the only one in which certain privileged instructions can be executed. Such instructions cannot be executed when the system is operating in other (for example, user) states. Synonymous with supervisor state.
Any information channel that is usable or detectable by subjects that are external to the trusted computing base, whose purpose is to violate the security policy of the system.
An instance of being exposed to losses from a threat.
The network and architectural components that the network interacts with but does not control.
Operations automatically switching over to a backup system when one systemapplication fails.
A term that refers to the automatic protection of programs andor processing systems to maintain safety when a hardware or software failure is detected in a system.
A term that refers to a system that preserves a secure state during and after identified failures occur.
When software is unable to perform its intended functions within the operational parameters specified for those functions.
When a security tool does not report a weakness where one is present.
When a security tool reports a weakness where no weakness is present.
false positive rate
The number of false positives divided by the sum of the number of false positives and the number of true positives.
A condition that causes a device or system component to fail to perform in a required manner.
Systems designed without redundancy in the event of failure, they result in a slightly longer downtime.
Federal Communications Commission.
Frequency division multiple access. A spectrumsharing technique whereby the available spectrum is divided into a number of individual radio channels.
Federal Intelligence Surveillance Act (FISA) of 1978
An act that limited wiretapping for national security purposes as a result of the Nixon administrations history of using illegal wiretaps.
A systemprovided restriction to prevent a program from accessing data in another users segment of storage.
Fiber Distributed Data Interface (FDDI)
An ANSI standard for tokenpassing networks. FDDI uses optical fiber and operates at 100 Mbps in dual, counterrotating rings.
An iterated block cipher that encrypts by breaking a plaintext block into two halves and, with a subkey, applying a round transformation to one of the halves. The output of this transformation is then XORd with the remaining half. The round is completed by swapping the two halves.
First in, first out.
A computer that provides network stations with controlled access to sharable resources. The network operating system (NOS) is loaded on the file server, and most sharable devices, including disk subsystems and printers, are attached to it.
The aggregate of all processes and procedures in a system designed to inhibit unauthorized access, contamination, or elimination of a file.
The means by which access to computer files is limited to authorized users only.
File Transfer Protocol (FTP)
A TCPIP protocol for file transfer.
Federal Information Processing Standard.
A network device that shields the trusted network from unauthorized users in the untrusted network by blocking certain specific types of traffic. Many types of firewalls exist, including packet filtering and stateful inspection.
Executable programs stored in nonvolatile memory.
A shortcoming in softwares requirements, architecture, or design specification that results in a weak design or errors in the implementation. A flaw may or may not be a vulnerability.
flow sensitive analysis
Analysis of a computer program that takes into account the flow of control.
Gathering information in both active and passive modes.
A technique to verify through use of mathematical proofs that software is consistent with its specified requirements, architecture, design, or security policy.
A complete and convincing mathematical argument presenting the full logical justification for each proof step for the truth of a theorem or set of theorems.
formal security policy model
A mathematically precise statement of a security policy. To be adequately precise, such a model must represent the initial state of a system, the way in which the system progresses from one state to another, and a definition of a secure state of the system. To be acceptable as a basis for a TCB, the model must be supported by a formal proof that if the initial state of the system satisfies the definition of a secure state and if all assumptions required by the model hold, then all future states of the system will be secure. Some formal modeling techniques include state transition models, denotational semantics models, and algebraic specification models.
The process of using formal proofs to demonstrate the consistency between a formal specification of a system and a formal security policy model (design verification) or between the formal specification and its highlevel program implementation (implementation verification).
The segment of security testing in which the advertised security mechanisms of the system are tested, under operational conditions, for correct operation.
A network component that provides interconnectivity at higher network layers.
gigabyte (GB, Gbyte)
A unit of measure for memory or disk storage capacity usually 1,073,741,824 bytes.
A measure of frequency one billion hertz.
Government off-the-shelf software.
GrammLeachBliley (GLB) Act of November 1999
An act that removes Depression era restrictions on banks that limited certain business activities, mergers, and affiliations. It repeals the restrictions on banks affiliating with securities firms contained in sections 20 and 32 of the GlassSteagall Act. GLB became effective on November 13, 2001. GLB also requires health plans and insurers to protect member and subscriber data in electronic and other formats. These health plans and insurers will fall under new state laws and regulations that are being passed to implement GLB because GLB explicitly assigns enforcement of the health plan and insurer regulations to state insurance authorities (15 U.S.C. 6805). Some of the privacy and security requirements of GrammLeachBliley are similar to those of HIPAA.
An expression of the relative size of a data object for example, protection at the file level is considered coarse granularity, whereas protection at the field level is considered to be of a finer granularity.
gray box test
A test in which the ethical hacking team has partial knowledge of the target information system.
gray hat hacker
A hacker who normally performs ethical hacking but sometimes reverts to malicious, black hat hacking.
A processor that provides a filter between two disparate systems operating at different security levels or between a user terminal and a database in order to filter out data that the user is not authorized to access.
The Hamming weight of a string is the number of symbols that are different from the zerosymbol of the alphabet used.
A dialogue between two entities (for example, a user and a computer, a computer and another computer, or a program and another program) for the purpose of identifying and authenticating the entities to one another.
A unit of frequency measurement one cycle of a periodic event per second. Used to measure frequency.
A timesharing computer accessed via terminals or terminal emulation a computer to which an expansion device attaches.
Hypertext Transfer Protocol.
Hypertext Markup Language (HTML)
A standard used on the Internet for defining hypertext links between documents.
Identification and authentication.
Inquiry access code used in inquiry procedures. The IAC can be one of two types a dedicated IAC for specific devices or a generic IAC for all devices.
Integrity check value. In WEP encryption, the frame is run through an integrity algorithm, and the generated ICV is placed at the end of the encrypted data in the frame. Then the receiving station runs the data through its integrity algorithm and compares it to the ICV received in the frame. If it matches, the unencrypted frame is passed to the higher layers. If it does not match, the frame is discarded.
Common abbreviation for identifier or identity.
The process that enables a system to recognize an entity, generally by the use of unique machinereadable usernames.
The type of service provided by a software component, e.g., NETWORKSERVICE.
Intrusion detection system.
Internet Engineering Task Force.
Internet key exchange.
Refers to the phase in the software life cycle when the software is coded from specifications andor integrated from components.
incomplete parameter checking
A system design flaw that results when all parameters have not been fully examined for accuracy and consistency, thus making the system vulnerable to penetration.
The ability to positively associate the identity of a user with the time, method, and degree of access to a system.
industrial, scientific, and medicine (ISM) bands
Radio frequency bands authorized by the Federal Communications Commission (FCC) for wireless LANs. The ISM bands are located at 902MHz, 2.400GHz, and 5.7GHz. The transmitted power is commonly less than 600mw, but no FCC license is required.
information flow control
A procedure undertaken to ensure that information transfers within a system are not made from a higher security level object to an object of a lower security level.
information security policy
The aggregate of public law, directives, regulations, and rules that regulate how an organization manages, protects, and distributes information. For example, the information security policy for financial data processed on DoD systems may be in USC, EO, DoD directives, and local regulations. The information security policy lists all the security requirements applicable to specific information.
information system (IS)
Any telecommunications or computer related equipment or interconnected systems or subsystems of equipment used in the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of voice andor data includes software, firmware, and hardware.
information system security officer (ISSO)
The person who is responsible to the designated approving authority (DAA) for ensuring that security is provided for and implemented throughout the life cycle of an AIS, from the beginning of the concept development plan through its design, development, operation, maintenance, and secure disposal. In C&A, the person responsible to the DAA for ensuring the security of an IT system is approved, operated, and maintained throughout its life cycle in accordance with the SSAA.
information technology (IT)
The hardware, firmware, and software used as part of the information system to perform information functions. This definition includes computers, telecommunications, automated information systems, and automatic data processing equipment. IT includes any assembly of computer hardware, software, andor firmware configured to collect, create, communicate, compute, disseminate, process, store, andor control data or information.
information technology security (ITSEC)
Protection of information technology against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users, including those measures necessary to detect, document, and counter such threats. Protection and maintenance of confidentiality, integrity, availability, and accountability.
infrared (IR) light
Light waves that range in length from about 0.75 to 1,000 microns this is a lower frequency than the spectral colors but a higher frequency than radio waves.
inheritance (in object-oriented programming)
When all the methods of one class, called a superclass, are inherited by a subclass. Thus, all messages understood by the superclass are understood by the subclass.
Checking the data that is input to a software application for acceptable parameters such as data type, length, and range.
Institute of Electrical and Electronic Engineers (IEEE)
A U.S.based standards organization participating in the development of standards for data transmission systems. The IEEE has made significant progress in the establishment of standards for LANs, namely the IEEE 802 series.
A testing process used to verify the interface among network components as the components are installed. The installation crew should integrate components into the network one by one and perform integration testing when necessary to ensure proper gradual integration of components.
An organization or individual that unites, combines, or otherwise incorporates information system components with another system(s).
(1) A term that refers to a sound, unimpaired, or perfect condition. (2) Quality of an IT system reflecting the logical correctness and reliability of the operating system, the logical completeness of the hardware and software implementing the protection mechanisms, and the consistency of the data structures and occurrence of the stored data. It is composed of data integrity and system integrity.
Analysis of code resulting in different files that have procedural, data, or other interdependencies.
Analysis between calling and called procedures within a computer program.
internal security controls
Hardware, firmware, and software features within a system that restrict access to resources (hardware, software, and data) to authorized subjects only (persons, programs, or devices).
International Standards Organization (ISO)
A nontreaty standards organization active in the development of international standards, such as the Open System Interconnection (OSI) network architecture.
International Telecommunications Union (ITU)
An intergovernmental agency of the United States responsible for making recommendations and standards regarding telephone and data communications systems for public and private telecommunication organizations and for providing coordination for the development of international standards.
Internet Protocol (IP)
The Internet standard protocol that defines the Internet datagram as the information unit passed across the Internet. IP provides the basis of a best effort packet delivery service. The Internet Protocol suite is often referred to as TCPIP because IP is one of the two fundamental protocols, the other being the Transfer Control Protocol.
Internetwork Packet Exchange (IPX)
NetWare protocol for the exchange of message packets on an internetwork. IPX passes application requests for network services to the network drives and then to other workstations, servers, or devices on the internetwork.
To convert an atom or molecule into an ion by adding or removing charged particles such as electrons or other ions.
The act of converting an atom or molecule into an ion by adding or removing charged particles such as electrons or other ions.
The containment of subjects and objects in a system in such a way that they are separated from one another as well as from the protection controls of the operating system.
Information systems security engineeringengineer.
Initialization vector for WEP encryption.
A high level of certainty achieved with actions, arguments, and evidence.
Kennedy Kassebaum Health Insurance Portability and Accountability Act (HIPAA) of 1996
A set of regulations that mandates the use of standards in health care record keeping and electronic transactions. The act requires that health care plans, providers, insurers, and clearinghouses do the following Provide for restricted access by the patient to personal health care information,Implement administrative simplification standards,Enable the portability of health insurance, Establish strong penalties for health care fraud
Information or sequence that controls the enciphering and deciphering of messages. Also known as a cryptovariable. Used with a particular algorithm to encipher or decipher the plaintext message.
A unit of frequency measurement equivalent to 1,000 hertz.
Refers to the rules and facts of the particular problem domain in an expert system.
The principle that requires each subject to be granted the most restrictive set of privileges needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use.
lightemitting diode (LED)
Used in conjunction with optical fiber, an LED emits incoherent light when current is passed through it. Its advantages include low cost and long lifetime, and it is capable of operating in the Mbps range.
local area network (LAN)
A network that interconnects devices in the same office, floor, building, or close buildings.
A measure of the magnetic flux density that remains after removal of the applied magnetic force. Refers to any data remaining on magnetic storage media after removal of the power.
A type of gateway that interconnects dissimilar email systems.
The organization or individual that maintains the information system.
The organization that keeps an IT system operating in accordance with prescribed laws, policies, procedures, and regulations. In the case of a contractormaintained system, the maintenance organization is the government organization responsible for, or sponsoring the operation of, the IT system.
Hardware, software, or firmware that is intentionally included in a system for an unauthorized purpose (for example, a Trojan horse).
Malware is a conjunction of the words malicious and software. Malware is inserted into a system, usually covertly, with the intention of compromising the confidentiality, availability, or integrity of the systems data, applications, and operating system. It may come to the attention of a user by inhibiting the operational abilities of the system. Often referred to as malicious code.
mandatory access control (MAC)
A means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (in other words, clearance) of subjects to access information of such sensitivity. Compare discretionary access control.
media access control (MAC)
An IEEE 802 standards sublayer used to control access to a network medium, such as a wireless LAN. Also deals with collision detection. Each computer has its own unique MAC address.
An intermediate software component located on the wired network between the wireless appliance and the application or data residing on the wired network. Middleware provides appropriate interfaces between the appliance and the host application or server database.
Usage of software that deviates from what is expected based on the softwares specifications. If the misuse is malicious in nature, it is typically referred to as abuse.
A device that is used in a manner that permits it to simultaneously process data of two or more security levels without risk of compromise. To accomplish this, sensitivity labels are normally stored on the same physical medium and in the same form (for example, machine-readable or human readable) as the data being processed.
A class of system containing information with different sensitivities that simultaneously permits access by users with different security clearances and needstoknow but that prevents users from obtaining access to information for which they lack authorization.
In object-oriented programming, a situation where a subclass inherits the behavior of multiple super classes.
multiuser mode of operation
A mode of operation designed for systems that process sensitive, unclassified information in which users might not have a needtoknow for all information processed in the system. This mode is also used for microcomputers processing sensitive unclassified information that cannot meet the requirements of the standalone mode of operation.
A state that exists between interacting processes (subsystems or programs) in which neither process can expect the other process to function securely with respect to some property.
National Computer Security Center (NCSC)
Originally named the DoD Computer Security Center, the NCSC is responsible for encouraging the widespread availability of trusted computer systems throughout the federal government. It is a branch of the National Security Agency (NSA) that also initiates research and develops and publishes standards and criteria for trusted information systems.
National Information Assurance Certification and Accreditation Process (NIACAP)
Provides a standard set of activities, general tasks, and a management structure to certify and accredit systems that will maintain the information assurance and security posture of a system or site. The NIACAP is designed to certify that the information system meets documented accreditation requirements and continues to maintain the accredited security posture throughout the system life cycle.
Need to know
The necessity for access to, knowledge of, or possession of specific information that is required to carry out official duties.
Network Basic InputOutput System (NetBIOS)
A standard interface between networks and PCs that enables applications on different computers to communicate within a LAN. NetBIOS was created by IBM for its early PC network, was adopted by Microsoft, and has since become a de facto industry standard. It is not routable across a WAN.
network interface card (NIC)
A network adapter inserted into a computer that enables the computer to be connected to a network.
A form of operational support enabling network management to view the networks inner workings. Most networkmonitoring equipment is nonobtrusive and can be used to determine the networks utilization and to locate faults.
National Information Assurance Partnership.
National Institute of Standards and Technology.
Any networkaddressable device on the network, such as a router or network interface card. Any network station.
Measures such as digital signatures that are intended to prevent a software actor (human or computer) from later denying responsibility for taking a specific action.
National Security Agency.
A passive entity that contains or receives information. Access to an object potentially implies access to the information that it contains. Examples of objects include records, blocks, pages, segments, files, directories, directory trees, and programs, as well as bits, bytes, words, fields, processors, video displays, keyboards, clocks, printers, and network nodes.
object request broker (ORB)
The fundamental building block of the object request architecture (ORA), which manages the communications among the ORA entities. The purpose of the ORB is to support the interaction of objects in heterogeneous, distributed environments. The objects may be on different types of computing platforms.
The reassignment and reuse of a storage medium (for example, page frame, disk sector, and magnetic tape) that once contained one or more objects. To be securely reused and assigned to a new subject, storage media must contain no residual data (data remanence) from the object(s) that were previously contained in the media.
Services that support the ORB in creating and tracking objects as well as performing access control functions.
Office of Management and Budget.
open security environment
An environment that includes those systems in which at least one of the following conditions holds true l) application developers (including maintainers) do not have sufficient clearance or authorization to provide an acceptable presumption that they have not introduced malicious logic, and 2) configuration control does not provide sufficient assurance that applications are protected against the introduction of malicious logic prior to and during the operation of system applications.
open source software (OSS)
Software that is publicly available and provided under a license that is less restrictive than a typical commercial license. A typical license may permit users to change the software and redistribute the software in modified or unmodified form.
Open System Interconnection (OSI)
An ISO standard specifying an open system capable of enabling communications between diverse systems. OSI has the following seven layers of distinction Physical, Data Link, Network, Transport, Session, Presentation, and Application. These layers provide the functions that enable standardized communications between two application processes.
Controls over hardware, media, and operators who have access protects against asset threats, baseline, or selective mechanisms.
An individual who supports system operations from the operators console, monitors execution of the system, controls the flow of jobs, and mounts inputoutput volumes (be alert for shoulder surfing).
Alternate name for the DoD Trusted Computer System Evaluation Criteria.
original equipment manufacturer (OEM)
A manufacturer of products for integration in other products or systems.
A path within a computer system or network that is designed for the authorized transfer of data. Compare with covert channel.
A stimulation to change the state of a bit followed by a known pattern.
A basic message unit for communication across a network. A packet usually includes routing information, data, and (sometimes) errordetection information.
(1) A network that routes data packets based on an address contained in the data packet is said to be a packetswitched network. Multiple data packets can share the same network resources. (2) A communications network that uses shared facilities to route data packets from and to different users. Unlike a circuitswitched network, a packetswitched network does not set up dedicated circuits for each session.
A protective layer that covers an integrated circuit.
The portion of security testing in which the evaluators attempt to circumvent the security features of a system. The evaluators might be assumed to use all system design and implementation documentation, which can include listings of system source code, manuals, and circuit diagrams. The evaluators work under the same constraints that are applied to ordinary users.
The use of simulation software to predict network behavior, allowing developers to perform capacity planning. Simulation makes it possible to model the network and impose varying levels of utilization to observe the effects.
A description of the type of authorized interactions that a subject can have with an object. Examples of permission types include read, write, execute, add, modify, and delete.
(1) The procedures that are established to ensure that all personnel who have access to sensitive information possess the required authority as well as appropriate clearances. (2) Procedures to ensure a persons background provides assurance of necessary trustworthiness.
The application of physical barriers and control procedures as preventive measures or countermeasures against threats to resources and sensitive information.
Gaining unauthorized access to a system via another users legitimate connection.
Public key infrastructure.