Term
| a property of key-agreement protocols ensuring that a session key derived from a set of long-term keys cannot be compromised if one of the long-term keys is compromised in the future. |
|
Definition
| PFS [Perfect Forward Secrecy] |
|
|
Term
| The randomness collected by an operating system or application for use in cryptography or other uses that require random data. This randomness is often collected from hardware sources, either pre-existing ones such as mouse movements or specially provided randomness generators |
|
Definition
|
|
Term
| The process of breaking out of a virtual machine and interacting with the host operating system. |
|
Definition
|
|
Term
| family of related protocols handling remote authentication and related services for networked access control through a centralized server |
|
Definition
| TACACS [Terminal Access Controller Access-Control System] |
|
|
Term
| Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services. TACACS+ and other flexible AAA protocols have largely replaced their predecessors. |
|
Definition
| TACACS+ [Terminal Access Controller Access-Control System Plus] |
|
|
Term
| A role donned by a system entity where the system entity provides services to principals or other system entities |
|
Definition
|
|
Term
| Is responsible for issuing identification information for all providers looking to interact/service with the system in any possible way, this is achieved via an authentication module which verifies a security token as an alternative to explicitly authenticating a user within a security realm. |
|
Definition
| IdP [Identity Provider] : aka Identity Assertion Provider |
|
|
Term
| a computer networking protocol defined in RFC 2845. It is used primarily by the Domain Name System (DNS) to provide a means of authenticating updates to a Dynamic DNS database, although it can also be used between servers and for regular queries. |
|
Definition
| TSIG [Transaction SIGnature] |
|
|
Term
| n Unix operating systems is an operation that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name (and therefore normally not access) files outside the designated directory tree. The modified environment is called a "chroot jail". |
|
Definition
|
|
Term
| type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. |
|
Definition
| MAC [Mandatory Access Control] |
|
|
Term
| which also governs the ability of subjects to access objects, allows users the ability to make policy decisions and/or assign security attributes. |
|
Definition
| DAC [Discretionary Access Control] |
|
|
Term
| an XML-based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. |
|
Definition
| SAML [Security Assertion Markup Language] |
|
|
Term
| is a version of the SAML standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, that is, an identity provider, and a SAML consumer, that is, a service provider. SAML 2.0 enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO), which helps reduce the administrative overhead of distributing multiple authentication tokens to the user. |
|
Definition
| SAMLv2 [Security Assertion Markup Language 2.0] |
|
|
Term
| a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. |
|
Definition
| XSS [Cross-site scripting] |
|
|
Term
| is the networking standard that supports virtual LANs (VLANs) on an Ethernet network. The standard defines a system of tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. The standard also contains provisions for a quality of service prioritization scheme commonly known as IEEE 802.1p and defines the Generic Attribute Registration Protocol. |
|
Definition
|
|
Term
| is an approved amendment to the IEEE 802.11 standard that defines a set of Quality of Service enhancements for wireless LAN applications through modifications to the Media Access Control (MAC) layer.[1] The standard is considered of critical importance for delay-sensitive applications, such as Voice over Wireless LAN and streaming multimedia. The amendment has been incorporated into the published IEEE 802.11-2007 standard. |
|
Definition
| 802.11e - EEE 802.11e-2005 or 802.11e |
|
|
Term
| The systems development life cycle (SDLC), also referred to as the application development life-cycle, is a term used in systems engineering, information systems and software engineering to describe a process for planning, creating, testing, and deploying an information system.[1] The systems development life-cycle concept applies to a range of hardware and software configurations, as a system can be composed of hardware only, software only, or a combination of both. |
|
Definition
|
|
Term
| Fuzz testing or fuzzing is a software testing technique, often automated or semiautomated, that involves providing invalid, unexpected, or random data to the inputs of a computer program. The program is then monitored for exceptions such as crashes, or failing built-in code assertions or for finding potential memory leaks. |
|
Definition
|
|
Term
| describes a bilateral or multilateral agreement between two or more parties. It expresses a convergence of will between the parties, indicating an intended common line of action . It is often used in cases where parties either do not imply a legal commitment or in situations where the parties cannot create a legally enforceable agreement. It is a more formal alternative to a gentlemen's agreement. |
|
Definition
| MOU memorandum of understanding (MoU) |
|
|
Term
| defines the interdependent relationships among the internal support groups of an organization working to support a service-level agreement (SLA).[1] The agreement describes the responsibilities of each internal support group toward other support groups, including the process and timeframe for delivery of their services. The objective of the OLA is to present a clear, concise and measurable description of the service provider's internal support relationship |
|
Definition
| OLA Operational-level agreement (OLA) |
|
|
Term
| are bulk unsolicited, automatically dialled, pre-recorded phone calls using the Voice over Internet Protocol (VoIP).[1] Telephone spam is comparable to E-mail spam, but due to its synchronous character, different mitigation methods are needed. |
|
Definition
| SPIT (Spam over Internet Telephony) |
|
|
Term
| defines a profile of RTP (Real-time Transport Protocol), intended to provide encryption, message authentication and integrity, and replay protection to the RTP data in both unicast and multicast applications. It was developed by a small team of IP protocol and cryptographic experts from Cisco and Ericsson including David Oran, David McGrew, Mark Baugher, Mats Naslund, Elisabetta Carrara, Karl Norman, and Rolf Blom. It was first published by the IETF in March 2004 as RFC 3711. |
|
Definition
| Secure Real-time Transport Protocol (or SRTP) |
|
|
Term
| The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate access requests according to the rules defined in policies. |
|
Definition
| XACML stands for eXtensible Access Control Markup Language |
|
|
Term
| is a system operating with coded signals over communication channels so as to provide control of remote equipment (using typically one communication channel per remote station). The supervisory system may be combined with a data acquisition system by adding the use of coded signals over communication channels to acquire information about the status of the remote equipment for display or for recording functions. |
|
Definition
| SCADA (supervisory control and data acquisition) |
|
|
Term
| A web application firewall (WAF) protects web application servers and infrastructure from attacks and breaches originating from the Internet and external networks. It is a purpose-built firewall that can be customized to accept and reject HTTP requests and sessions using predefined rules. |
|
Definition
| WAF Web application Firewall |
|
|
Term
| A security requirements traceability matrix (SRTM) is a grid that allows documentation and easy viewing of what is required for a system's security. SRTMs are necessary in technical projects that call for security to be included. Traceability matrixes in general can be used for any type of project, and allow requirements and tests to be easily traced back to one another. The matrix is a way to make sure that there is accountability for all processes and is an effective way for a user to ensure that all work is being completed. |
|
Definition
| SRTM review - Security Requirements Tractability Matrix Review |
|
|
Term
is a software testing technique that focuses on the analysis of software
functionality, versus internal system mechanisms. Black box testing was developed as a method of analyzing client requirements, specifications and high-level design strategies. A black box software tester selects a set of valid and invalid input and code execution conditions and checks for valid output responses. Black box testing is also known as functional testing. |
|
Definition
|
|
Term
| is a methodology used to ensure and validate the internal framework, mechanisms, objects and components of a software application. White-box testing verifies code according to design specifications and uncovers application vulnerabilities. White-box testing is also known as transparent box testing, clear box testing, structural testing and glass box testing. Glass box and clear box indicate that internal mechanisms are visible to a software engineering team. |
|
Definition
|
|
Term
| is a software testing methodology that involves the combination of white box and black box testing. It makes use of the straightforward technique of black box testing, as well as the approach for code targeted systems, as in the case of white box testing. Testers that use gray box testing need high-level application documentation to complete the tests. Gray box testing is geared toward finding defects based on improper structure or application use. Gray box testing is also known as translucent testing. |
|
Definition
|
|
Term
| is a term for software and products services combining security information management (SIM) and security event management (SEM). SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as software, appliances or managed services, and are also used to log security data and generate reports for compliance purposes. |
|
Definition
| Security information and event management (SIEM) |
|
|
Term
| references a set of principles and methodologies applied by software engineers to design and develop software in the form of interoperable services. Services are usually built in the form of components that can be reused for different purposes than originally intended. For this reason, the interfaces are often defined in a practical manner, allowing use across varying applications and multiple platforms |
|
Definition
| Service-oriented architecture (SOA) |
|
|
Term
| is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel protocol. The specification was part of the International Committee for Information Technology Standards T11 FC-BB-5 standard published in 2009.[1] |
|
Definition
| Fibre Channel over Ethernet (FCoE) |
|
|
Term
| is a distribution frame [passive device which terminates cables, allowing arbitrary interconnections to be made] in a central office or customer premises, which cross-connects the user cable media to individual user line circuits and may serve as a distribution point for multipair cables from the main distribution frame (MDF) or combined distribution frame (CDF) to individual cables connected to equipment in areas remote from these frames. IDFs are used for telephone exchange central office, customerpremise equipment, wide area network (WAN), and local area network (LAN) environments, among others. |
|
Definition
| intermediate distribution frame (IDF) |
|
|
Term
| occurs in computer networks when there is more than one Layer 2 (OSI model) path between two endpoints (e.g. multiple connections between two network switches or two ports on the same switch connected to each other). The loop creates broadcast storms as broadcasts and multicasts are forwarded by switches out every port, the switch or switches will repeatedly rebroadcast the broadcast messages flooding the network. Since the Layer 2 header does not support a time to live (TTL) value, if a frame is sent into a looped topology, it can loop forever. A physical topology that contains switching or bridge loops is attractive for redundancy reasons, yet a switched network must not have loops. The solution is to allow physical loops, but create a loop-free logical topology using the spanning tree protocol (STP) on the network switches. |
|
Definition
|
|
Term
| is a basic measure of the maintainability of repairable items. It represents the average time required to repair a failed component or device.[1] Expressed mathematically, it is the total corrective maintenance time divided by the total number of corrective maintenance actions during a given period of time.[2] It generally does not include lead time for parts not readily available or other Administrative or Logistic Downtime (ALDT) |
|
Definition
| Mean Time To Repair (MTTR) |
|
|
Term
| is an XML-based framework, being developed by OASIS, for exchanging user, resource and service provisioning information between cooperating organizations. The Service Provisioning Markup language is the open standard for the integration and interoperation of service provisioning requests. SPML is an OASIS standard based on the concepts of Directory Service Markup Language. SPML version 1.0 was approved in October 2003. SPML version 2.0 was approved in April 2006. Security Assertion Markup Language exchanges the authorization data. |
|
Definition
| Service Provisioning Markup Language (SPML) |
|
|
Term
| The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate access requests according to the rules defined in policies. As a published standard specification, one of the goals of XACML is to promote common terminology and interoperability between access control implementations by multiple vendors. XACML is primarily an Attribute Based Access Control system (ABAC), where attributes (bits of data) associated with a user or action or resource are inputs into the decision of whether a given user may access a given resource in a particular way. Role-based access control (RBAC) can also be implemented in XACML as a specialization of ABAC. |
|
Definition
The standard defines a
declarative access control policy language implemented in XML and a processing model
describing how to evaluate access requests according to the rules defined in policies. As a
published standard specification, one of the goals of XACML is to promote common terminology
and interoperability between access control implementations by multiple vendors. XACML is
primarily an Attribute Based Access Control system (ABAC), where attributes (bits of data)
associated with a user or action or resource are inputs into the decision of whether a given user
may access a given resource in a particular way. Role-based access control (RBAC) can also be
implemented in XACML as a specialization of ABAC. |
|
|
Term
| is a financial estimate intended to help buyers and owners determine the direct and indirect costs of a product or system. It is a management accounting concept that can be used in full cost accounting or even ecological economics where it includes social costs. |
|
Definition
|
|
Term
is a tool (hardware or software) used to capture and analyze signals and data traffic over a communication channel. Such a channel varies from a local computer bus to a satellite link, that provides a means of communication using a standard communication protocol (networked or point-to-point). Each type of communication protocol has a different tool to collect and analyze signals and data.
Protocol analyzer may refer to:
A Telecom Network Protocol Analyzer
A network packet analyzer
A bus analyzer
An IP Load tester |
|
Definition
Protocol analyzer"
Protocol analyzer may refer to:
A Telecom Network Protocol Analyzer
A network packet analyzer
A bus analyzer
An IP Load tester |
|
|
Term
| is a software architecture model used for designing and implementing communication between mutually interacting software applications in a serviceoriented architecture (SOA). As a software architectural model for distributed computing it is a specialty variant of the more general client server model and promotes agility and flexibility with regards to communication between applications. Its primary use is in enterprise application integration (EAI) of heterogeneous and complex landscapes |
|
Definition
| Enterprise Service Bus (ESB) |
|
|
Term
| are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection systems, intrusion prevention systems are placed inline and are able to actively prevent/block intrusions that are detected.[2][3] More specifically, IPS can take such actions as sending an alarm, dropping the malicious packets, resetting the connection and/or blocking the traffic from the offending IP address.[4] An IPS can also correct Cyclic Redundancy Check (CRC) errors, unfragment packet streams, prevent TCP sequencing issues, and clean up unwanted transport and network layer options. |
|
Definition
| Intrusion prevention systems |
|
|
Term
| Intrusion prevention systems can be classified into four different types:[1][6] |
|
Definition
Network-based intrusion prevention system (NIPS)
Wireless intrusion prevention systems (WIPS)
Network behavior analysis (NBA
Host-based intrusion prevention system (HIPS) |
|
|
Term
| monitors the entire network for suspicious traffic by analyzing protocol activity. |
|
Definition
| Network-based intrusion prevention system (NIPS) |
|
|
Term
| monitor a wireless network for suspicious traffic by analyzing wireless networking protocols. |
|
Definition
| Wireless intrusion prevention systems (WIPS) |
|
|
Term
| examines network traffic to identify threats that generate unusual traffic flows, such as distributed denial of service (DDoS) attacks, certain forms of malware and policy violations. |
|
Definition
| Network behavior analysis (NBA) |
|
|
Term
| an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host |
|
Definition
| Host-based intrusion prevention system (HIPS) |
|
|
Term
| The majority of intrusion prevention systems utilize one of three detection methods |
|
Definition
| signature-based, statistical anomaly-based, and stateful protocol analysis |
|
|
Term
| Signature based IDS monitors packets in the Network and compares with pre-configured and pre-determined attack patterns known as signatures. |
|
Definition
| Signature-Based Detection |
|
|
Term
| A statistical anomaly-based IDS determines the normal network activity like what sort of bandwidth is generally used, what protocols are used, what ports and devices generally connect to each other- and alert the administrator or user when traffic is detected which is anomalous (not normal). |
|
Definition
| Statistical anomaly-based detection |
|
|
Term
| This method identifies deviations of protocol states by comparing observed events with “predetermined profiles of generally accepted definitions of benign activity. |
|
Definition
| Stateful Protocol Analysis Detection |
|
|
Term
| is information collected about a remote computing device for the purpose of identification. Fingerprints can be used to fully or partially identify individual users or devices even when cookies are turned off. Basic web browser configuration information has long been collected by web analytics services in an effort to accurately measure real human web traffic and discount various forms of click fraud. With the assistance of client-side scripting languages, collection of much more esoteric parameters is possible.[1][2] Assimilation of such information into a single string comprises a device fingerprint. In 2010, EFF measured at least 18.1 bits of entropy possible from browser fingerprinting,[3] but that was before the advancements of canvas fingerprinting, which claims to add another 5.7 bits. Recently such fingerprints have proven useful in the detection and prevention of online identity theft and credit card fraud |
|
Definition
| Device fingerprint or machine fingerprint or browser fingerprint |
|
|
Term
| is the behavior of an electronic or software system where the output is dependent on the sequence or timing of other uncontrollable events. It becomes a bug when events do not happen in the order the programmer intended. The term originates with the idea of two signals racing each other to influence the output first. Race conditions can occur in electronics systems, especially logic circuits, and in computer software, especially multithreaded or distributed programs. |
|
Definition
| RACE Condition or RACE hazard |
|
|
Term
| refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract. The term is often seen in a legal setting wherein the authenticity of a signature is being challenged. In such an instance, the authenticity is being "repudiated". |
|
Definition
|
|
Term
| is the umbrella term covering an organization's approach across these three areas: Governance, risk management, and compliance. |
|
Definition
| Governance, Risk management, and Compliance or GRC |
|
|
Term
| describes the overall management approach through which senior executives direct and control the entire organization, using a combination of management information and hierarchical management control structures. This activities ensure that critical management information reaching the executive team is sufficiently complete, accurate and timely to enable appropriate management decision making, and provide the control mechanisms to ensure that strategies, directions and instructions from management are carried out systematically and effectively.[4] |
|
Definition
|
|
Term
| is the set of processes through which management identifies, analyzes, and, where necessary, responds appropriately to risks that might adversely affect realization of the organization's business objectives. The response to risks typically depends on their perceived gravity, and involves controlling, avoiding, accepting or transferring them to athird party. Whereas organizations routinely manage a wide range of risks (e.g. technological risks, commercial/financial risks, information security risks etc.), external legal and regulatory compliance risks are arguably the key issue in GRC. |
|
Definition
|
|
Term
| means conforming with stated requirements. At an organizational level, it is achieved through management processes which identify the applicable requirements (defined for example in laws, regulations, contracts, strategies and policies), assess the state of compliance, assess the risks and potential costs of non-compliance against the projected expenses to achieve compliance, and hence prioritize, fund and initiate any corrective actions deemed necessary. |
|
Definition
|
|
Term
| is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. |
|
Definition
| HSM - A hardware security module (HSM) |
|
|
Term
| is an all-inclusive security product able to perform multiple security functions within one single appliance: network firewalling, network intrusion prevention and gateway antivirus (AV), gateway anti-spam, VPN, content filtering, load balancing, data leak prevention and on-appliance reporting |
|
Definition
| UTM - Unified Threat Management |
|
|
