GLOSSARY
*-property Pronounced “star property,” this aspect of the Bell-LaPadula security model is commonly referred to as the “no-write-down” rule because it doesn’t allow a user to write to a file with a lower security classification, thus preserving confidentiality.
3DES Triple DES encryption—three rounds of DES encryption used to improve security.
802.11 A family of standards that describe network protocols for wireless devices.
802.1X An IEEE standard for performing authentication over networks.
abuse case A use case built around a work process designed to abuse a normal work process.
acceptance testing The formal analysis that is done to determine whether a system or software product satisfies its acceptance criteria.
acceptable use policy (AUP) A policy that communicates to users what specific uses of computer resources are permitted.
access A subject’s ability to perform specific operations on an object, such as a file. Typical access levels include read, write, execute, and delete.
access control Mechanisms or methods used to determine what access permissions subjects (such as users) have for specific objects (such as files).
access control list (ACL) A list associated with an object (such as a file) that identifies what level of access each subject (such as a user) has—what they can do to the object (such as read, write, or execute).
Active Directory The directory service portion of the Windows operating system that stores information about network-based entities (such as applications, files, printers, and people) and provides a structured, consistent way to name, describe, locate, access, and manage these resources.
ActiveX A Microsoft technology that facilitates rich Internet applications and, therefore, extends and enhances the functionality of Microsoft Internet Explorer. Like Java, ActiveX enables the development of interactive content. When an ActiveX-aware browser encounters a webpage that includes an unsupported feature, it can automatically install the appropriate application so the feature can be used.
Address Resolution Protocol (ARP) A protocol in the TCP/IP suite specification used to map an IP address to a Media Access Control (MAC) address.
adware Advertising-supported software that automatically plays, displays, or downloads advertisements after the software is installed or while the application is being used.
algorithm A step-by-step procedure—typically an established computation for solving a problem within a set number of steps.
alpha testing This is a form of end-to-end testing done prior to product delivery to determine operational and functional issues.
annualized loss expectancy (ALE) How much an event is expected to cost the business per year, given the dollar cost of the loss and how often it is likely to occur. ALE = single loss expectancy * annualized rate of occurrence.
annualized rate of occurrence (ARO) The frequency with which an event is expected to occur on an annualized basis.
anomaly Something that does not fit into an expected pattern.
application A program or group of programs designed to provide specific user functions, such as a word processor or web server.
ARP See Address Resolution Protocol.
asset Resources and information an organization needs to conduct its business.
asymmetric encryption Also called public key cryptography, this is a system for encrypting data that uses two mathematically derived keys to encrypt and decrypt a message—a public key, available to everyone, and a private key, available only to the owner of the key.
attack An action taken against a vulnerability to exploit a system.
Attack Surface Analyzer A product from Microsoft designed to enumerate the elements of a system that are subject to attack.
attack surface evaluation An examination of the elements of a system that are subject to attack and mitigations that can be applied.
attack surface measurement A measurement of the relative number of attack points in the system throughout the development process.
attack surface minimization The processes used to minimize the number of attackable elements in a system.
attack tree A graphical method of examining the required elements to successfully prosecute an attack.
audit trail A set of records or events, generally organized chronologically, that record what activity has occurred on a system. These records (often computer files) are often used in an attempt to re-create what took place when a security incident occurred, and they can also be used to detect possible intruders.
auditing Actions or processes used to verify the assigned privileges and rights of a user, or any capabilities used to create and maintain a record showing who accessed a particular system and what actions they performed.
authentication The process by which a subject’s (such as a user’s) identity is verified.
authentication, authorization, and accounting (AAA) Three common functions performed upon system login. Authentication and authorization almost always occur, with accounting being somewhat less common.
Authentication Header (AH) A portion of the IPsec security protocol that provides authentication services and replay-detection ability. AH can be used either by itself or with Encapsulating Security Payload (ESP). Refer to RFC 2402.
availability Part of the “CIA” of security. Availability applies to hardware, software, and data, specifically meaning that each of these should be present and accessible when the subject (the user) wants to access or use them.
backdoor A hidden method used to gain access to a computer system, network, or application. Often used by software developers to ensure unrestricted access to the systems they create. Synonymous with trapdoor.
backup Refers to copying and storing data in a secondary location, separate from the original, to preserve the data in the event that the original is lost, corrupted, or destroyed.
baseline A system or software as it is built and functioning at a specific point in time. Serves as a foundation for comparison or measurement, providing the necessary visibility to control change.
baseline management The process of managing change in a system with relationship to the baseline configuration.
Bell-LaPadula security model A computer security model built around the property of confidentiality and characterized by no-read-up and no-write-down rules.
beta testing A form of end-to-end testing performed prior to releasing a production version of a system.
Biba security model An information security model built around the property of integrity and characterized by no-write-up and no-read-down rules.
biometrics Used to verify an individual’s identity to the system or network using something unique about the individual for the verification process. Examples include fingerprints, retinal scans, hand and facial geometry, and voice analysis.
BIOS The part of the operating system that links specific hardware devices to the operating system software.
black box A form of testing where the testers have zero knowledge of the inner workings of a system.
bootstrapping A self-sustaining process that continues through its course without external stimuli.
botnet A term for a collection of software robots, or bots, that run autonomously and automatically, and commonly invisibly, in the background. The term is most often associated with malicious software, but it can also refer to the network of computers using distributed computing software.
buffer overflow A specific type of software coding error that enables user input to overflow the allocated storage area and corrupt a running program.
bug bar The defining of thresholds for bugs that determines which ones must be fixed prior to release to production.
business continuity planning (BCP) The plans a business develops to continue critical operations in the event of a major disruption.
cache The temporary storage of information before use, typically used to speed up systems. In an Internet context, refers to the storage of commonly accessed webpages, graphics files, and other content locally on a user’s PC or a web server. The cache helps to minimize download time and preserve bandwidth for frequently accessed websites, and it helps reduce the load on a web server.
canonical form The simplest form of an expression, one that all variants are resolved to prior to evaluation.
capability maturity model (CMM) A structured methodology that helps organizations improve the maturity of their software processes by providing an evolutionary path from ad hoc processes to disciplined software management processes. Developed at Carnegie Mellon University’s Software Engineering Institute.
centralized management A type of privilege management that brings the authority and responsibility for managing and maintaining rights and privileges into a single group, location, or area.
certificate A cryptographically signed object that contains an identity and a public key associated with this identity. The certificate can be used to establish identity, analogous to a notarized written document.
certificate revocation list (CRL) A digitally signed object that lists all of the current but revoked certificates issued by a given certification authority. This allows users to verify whether a certificate is currently valid even if it has not expired. CRL is analogous to a list of stolen charge card numbers that allows stores to reject bad credit cards.
certification authority (CA) An entity responsible for issuing and revoking certificates. CAs are typically not associated with the company requiring the certificate, although they exist for internal company use as well (such as Microsoft). This term is also applied to server software that provides these services. The term certificate authority is used interchangeably with certification authority.
chain of custody Rules for documenting, handling, and safeguarding evidence to ensure no unanticipated changes are made to the evidence.
Challenge Handshake Authentication Protocol (CHAP) Used to provide authentication across point-to-point links using the Point-to-Point Protocol (PPP).
change management A standard methodology for performing and recording changes during software development and operation.
change control board (CCB) A body that oversees the change management process and enables management to oversee and coordinate projects.
CIA of security Refers to confidentiality, integrity, and authorization, the basic functions of any security system.
client server A model in which a client machine is employed for users, with servers providing resources for computing.
CLR Microsoft’s Common Language Runtime—an interpreter for .NET languages on a system.
cloud computing The automatic provisioning of computational resources on demand is referred to as cloud computing.
code signing The application of digital signature technology to software to determine integrity and authenticity.
command injection An attack against an input validation failure designed to force a malicious command to be processed on the system.
commercial off the shelf (COTS) A software system designed for commercial use.
compensating controls Compensating controls are the security controls used when a direct control cannot be applied to a requirement.
complete mediation The process of ensuring a system consistently applies the required checks on every applicable occurrence.
confidentiality Part of the CIA of security. Refers to the security principle that states that information should not be disclosed to unauthorized individuals.
configuration auditing The process of verifying that configuration items are built and maintained according to requirements, standards, or contractual agreements.
configuration control The process of controlling changes to items that have been baselined.
configuration identification The process of identifying which assets need to be managed and controlled.
configuration item Data and software (or other assets) that are identified and managed as part of the software change management process. Also known as computer software configuration item.
configuration management The set of processes employed to create baseline configurations in an environment and managing configurations to comply with those baselines.
configuration management database (CMDB) A database that contains the information used in the process of managing change in a system.
configuration management system (CMS) The system used in the process of managing change in a software system.
configuration status accounting Procedures for tracking and maintaining data relative to each configuration item in the baseline.
constrained data item The data element in the Clark-Wilson integrity model that is under integrity control.
control A measure taken to detect, prevent, or mitigate the risk associated with a threat.
cookie Information stored on a user’s computer by a web server to maintain the state of the connection to the web server. Used primarily so preferences or previously used information can be recalled on future requests to the server.
countermeasure See control.
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) An enhanced data cryptographic encapsulation mechanism based upon the counter mode, with CBC-MAC from AES designed for use over wireless LANs.
cracking A term used by some to refer to malicious hacking, in which an individual attempts to gain unauthorized access to computer systems or networks. See also hacking.
CRC See cyclic redundancy check.
CRL See certificate revocation list.
cross-site request forgery (CSRF or XSRF) A method of attacking a system by sending malicious input to the system and relying upon the parsers and execution elements to perform the requested actions, thus instantiating the attack. XSRF exploits the trust a site has in the user’s browser.
cross-site scripting (XSS) A method of attacking a system by sending script commands to the system input and relying upon the parsers and execution elements to perform the requested scripted actions, thus instantiating the attack. XSS exploits the trust a user has for the site.
cryptanalysis The process of attempting to break a cryptographic system.
cryptography The art of secret writing that enables an individual to hide the contents of a message or file from all but the intended recipient.
cryptographic agility The ability for applications to change which cryptographic algorithms or implementations they use without having to make changes to the source code.
cryptographic validation The validation of cryptographic functions to meet specific requirements.
cyclic redundancy check (CRC) An error detection technique that uses a series of two 8-bit block check characters to represent an entire block of data. These block check characters are incorporated into the transmission frame and then checked at the receiving end.
common vulnerability enumeration (CVE) An enumeration of common vulnerability patterns in software.
common weakness enumeration (CWE) An enumeration of common weakness patterns in software that lead to vulnerabilities.
CVE See common vulnerability enumeration.
CWE See common weakness enumeration.
DAC See discretionary access control.
data classification The labeling of data elements with security, confidentiality, and integrity requirements.
data custodian The party responsible for safe custody, transport, and storage of the data and implementation of business rules with assigned data elements.
Data Encryption Standard (DES) A private key encryption algorithm adopted by the government as a standard for the protection of sensitive but unclassified information. Commonly used in triple DES, where three rounds are applied to provide greater security.
data flow diagram (DFD) A graphical representation of how data is processed in a system. A DFD can be developed at increasing levels of detail.
datagram A packet of data that can be transmitted over a packet-switched system in a connectionless mode.
data loss prevention (DLP) Technology, processes, and procedures designed to detect when unauthorized removal of data from a system occurs. DLP is typically active, preventing the loss of data, either by blocking the transfer or dropping the connection.
data owner The party responsible for data content, context, and associated business rules of specified data elements.
data protection principles This term refers to privacy principles enacted in the European Union by law.
declarative programming A programming methodology that describes what computations should be performed and not how to accomplish them.
decision tree A data structure in which each element in the structure is attached to one or more structures directly beneath it.
defense in depth A security principle involving overlapping systems of different controls to form a more comprehensive defense against attacks.
DES See Data Encryption Standard.
digital rights management The processes employed to control the use of digital data in a system.
digital signature A cryptography-based artifact that is a key component of a public key infrastructure (PKI) implementation. A digital signature can be used to prove identity because it is created with the private key portion of a public/private key pair. A recipient can decrypt the signature and, by doing so, receive assurance that the data must have come from the sender and that the data has not changed.
disaster recovery plan (DRP) A written plan developed to address how an organization will react to a natural or manmade disaster in order to ensure business continuity. Related to the concept of a business continuity plan (BCP).
discretionary access control (DAC) An access control mechanism in which the owner of an object (such as a file) can decide which other subjects (such as other users) may have access to the object and what access (read, write, execute) these objects can have.
distributed denial-of-service (DDoS) attack A special type of DoS attack in which the attacker elicits the generally unwilling support of other systems to launch a many-against-one attack.
diversity of defense The approach of creating dissimilar security layers so that an intruder who is able to breach one layer will be faced with an entirely different set of defenses at the next layer.
Domain Name Service (DNS) The service that translates an Internet domain name (such as www.mcgraw-hill.com) into an IP address.
DREAD An acronym used in threat modeling signifying the measurement of damage potential, reproducibility, exploitability, affected users, and discoverability.
DRP See disaster recovery plan.
dynamic code analysis The analysis of software code during execution.
elliptic curve cryptography (ECC) A method of public key cryptography based on the algebraic structure of elliptic curves over finite fields.
Encapsulating Security Payload (ESP) A portion of the IPsec implementation that provides for data confidentiality with optional authentication and replay-detection services. ESP completely encapsulates user data in the datagram and can be used either by itself or in conjunction with Authentication Headers for varying degrees of IPsec services.
enterprise service bus (ESB) A software architecture model used for designing and implementing the interaction between software applications in service-oriented architecture (SOA).
escalation auditing The process of looking for an increase in privileges, such as when an ordinary user obtains administrator-level privileges.
evidence The documents, verbal statements, and material objects admissible in a court of law.
exception management The process of handling exceptions (errors) during program execution.
exposure factor A measure of the magnitude of loss of an asset. Used in the calculation of single loss expectancy (SLE).
Extensible Authentication Protocol (EAP) A universal authentication framework used in wireless networks and point-to-point connections. It is defined in RFC 3748 and has been updated by RFC 5247.
fail safe The security concept that when a system fails, it does so in a manner that ensures it enters a safe or secure state upon failure.
failure mode effects analysis (FMEA) A formal method of examining the causes and mitigation of failures in a system.
false positive Term used when a security system makes an error and incorrectly reports the existence of a searched-for object. Examples include an intrusion detection system that misidentifies benign traffic as hostile, an antivirus program that reports the existence of a virus in software that actually is not infected, or a biometric system that allows access to a system to an unauthorized individual.
File Transfer Protocol (FTP) An application-level protocol used to transfer files over a network connection.
File Transfer Protocol Secure (FTPS) An application-level protocol used to transfer files over a network connection that uses FTP over an SSL or TLS connection.
FIPS 140-2 Federal Information Processing Standard number 140-2 is a standard for the accreditation of cryptographic modules.
firewall A network device used to segregate traffic based on rules.
FISMA Acronym for the Federal Information Systems Management Act, a law describing the implementation of information security functionality in federal data processing systems.
functional requirements A requirement for a system that defines a specific task the software is to accomplish.
functional testing The testing of software for meeting defined functional requirements.
fuzzing The process of testing input validation by sending large numbers of malformed inputs to test for exploitable vulnerabilities.
governance, risk, and compliance (GRC) A term used to describe the actions an entity takes to manage corporate efforts with respect to risk via a governance and compliance structure.
government off the shelf (GOTS) A software system built to government specifications and not for general commercial use.
Gramm-Leach-Bliley A federal law with privacy requirements associated with financial institutions.
grey box A system under test where the testers have some knowledge, but not complete knowledge, of the inner workings of the system.
hacking The term used by the media to refer to the process of gaining unauthorized access to computer systems and networks. The term has also been used to refer to the process of delving deep into the code and protocols used in computer systems and networks. See also cracking.
hash Form of encryption that creates a digest of the data put into the algorithm. These algorithms are referred to as one-way algorithms because there is no feasible way to decrypt what has been encrypted.
hash value See message digest.
Health Information Technology for Economic and Clinical Health Act (HITECH Act) An update to HIPAA, strengthening the security and privacy provisions of PHI data.
Healthcare Insurance Portability and Accountability Act (HIPAA) A federal law with provisions for security and privacy of personal health information.
identity management The processes and systems used to perform authentication and authorization on a system.
identity provider (IdP) An authentication module that uses a user-supplied security token to verify identity for authorization purposes.
impact The result of a vulnerability being exploited by a threat, resulting in a loss.
imperative programming A programming methodology that specifies the specific sequence of commands a program should execute.
incident response The process of responding to, containing, analyzing, and recovering from a computer-related incident.
Infrastructure as a Service (IaaS) The automatic, on-demand provisioning of infrastructure elements operating as a service; a common element of cloud computing.
integer overflow An attack method that uses integer overflows to force a program to result in an error that can be exploited.
integrated development environment (IDE) A set of development tools that operate together to implement elements of the software development process.
integration testing A form of testing to verify that models work together to achieve requirements.
intangible asset An asset for which a monetary equivalent is difficult or impossible to determine. Examples are brand recognition and goodwill.
integrity Part of the CIA of security, the security principle that requires that information is not modified except by individuals authorized to do so.
integrity verification processes (IVPs) The processes involved in the Clark-Wilson model that ensure integrity in constrained data items.
Internet Key Exchange (IKE) The protocol formerly known as ISAKMP/Oakley, defined in RFC 2409. A hybrid protocol that uses part of the Oakley and part of the Secure Key Exchange Mechanism for Internet (SKEMI) protocol suites inside the Internet Security Association and Key Management Protocol (ISAKMP) framework. IKE is used to establish a shared security policy and authenticated keys for services that require keys, such as IPsec.
Internet Protocol (IP) The network-layer protocol used by the Internet for routing packets across a network.
Internet Protocol Security (IPsec) A protocol used to secure IP packets during transmission across a network. IPsec offers authentication, integrity, and confidentiality services and uses Authentication Headers (AH) and Encapsulating Security Payload (ESP) to accomplish this functionality.
intrusion detection system (IDS) A system to identify suspicious, malicious, or undesirable activity that indicates a breach in computer security.
IPsec See Internet Protocol Security.
ITIL Information Technology Infrastructure Library (ITIL) is a set of practices for IT service management designed to align IT services with business needs.
JVM Java Virtual Machine—a sandbox environment where Java byte code is executed.
Kerberos A network authentication protocol designed by MIT for use in client server environments.
key In cryptography, a sequence of characters or bits used by an algorithm to encrypt or decrypt a message.
keyspace The entire set of all possible keys for a specific encryption algorithm.
layered security The practice of combining multiple mitigating security controls to protect resources and data in a system.
LDAP See Lightweight Directory Access Protocol.
least common mechanism The security concept of not sharing mechanisms used to access critical resources.
least privilege A security principle in which a user is provided with the minimum set of rights and privileges that he or she needs to perform required functions. The goal is to limit the potential damage that any user can cause.
Level Two Tunneling Protocol (L2TP) A Cisco switching protocol that operates at the data-link layer.
Lightweight Directory Access Protocol (LDAP) An application protocol used to access directory services across a TCP/IP network.
Lightweight Extensible Authentication Protocol (LEAP) A Cisco-developed version of EAP that was introduced prior to 802.11i to push 802.1X and WEP adoption.
load balancers A network device that distributes computing across multiple computers.
load testing The tests used to determine system performance under expected operational loads.
MAC See mandatory access control or Media Access Control.
managed code Software that has its resources managed by an external sandbox-type environment, such as CLR or JVM.
managed services The outsourcing of specific operational control of services to a third party.
man-in-the-middle attack Any attack that attempts to use a network node as the intermediary between two other nodes. Each of the endpoint nodes thinks it is talking directly to the other, but each is actually talking to the intermediary.
mandatory access control (MAC) An access control mechanism in which the security mechanism controls access to all objects (files), and individual subjects (processes or users) cannot change that access.
MD5 Message Digest 5, a hashing algorithm and a specific method of producing a message digest.
message queuing The use of asynchronous messages, passed through queues to communicate between modules.
message digest The result of applying a hash function to data. Sometimes also called a hash value. See hash.
misuse case See abuse case.
mitigate Action taken to reduce the likelihood of a threat occurring.
nonrepudiation The ability to verify that an operation has been performed by a particular person or account. This is a system property that prevents the parties to a transaction from subsequently denying involvement in the transaction.
near-field communication (NFC) A protocol for the use of radio frequency communication over very short distances to transport data.
non-repudiation The processes put in place to prevent a party from denying actions that have occurred.
Oakley protocol A key exchange protocol that defines how to acquire authenticated keying material based on the Diffie-Hellman key exchange algorithm.
OAuth An open standard for authentication.
open design The security concept of not relying upon secret designs to provide security.
OpenID An open standard for authentication using cooperating third parties.
Open Source Security Testing Methodology Manual (OSSTMM) A peer-reviewed, open-source manual of structured security testing and analysis.
Open Vulnerability and Assessment Language (OVAL) An XML-based standard for the communication of security information between tools and services.
operating system (OS) The basic software that handles input, output, display, memory management, and all the other highly detailed tasks required to support the user environment and associated applications.
OVAL See Open Vulnerability and Assessment Language.
P2P See peer-to-peer.
patch A replacement set of code designed to correct problems or vulnerabilities in existing software.
Payment Card Industry Data Security Standard (PCI DSS) An industry initiative to protect credit card data in transit and storage between merchants, processors, and banks.
peer-to-peer (P2P) A network connection methodology involving direct connection from peer to peer.
penetration testing A security test in which an attempt is made to circumvent security controls in order to discover vulnerabilities and weaknesses. Also called a pen test.
performance testing The testing conducted to determine operational performance test levels and the ability to meet SLAs.
personal health information (PHI) Personally identifiable information containing health care information.
permissions Authorized actions a subject can perform on an object. See also access controls.
personally identifiable information (PII) Information that can be used to identify a single person.
phishing The use of e-mail to get a target to click a link or attachment that then spreads malware.
phreaking Used in the media to refer to the hacking of computer systems and networks associated with the phone company. See also cracking.
PII See personally identifiable information.
PIN Personal identification number.
plaintext In cryptography, a piece of data that is not encrypted. It can also mean the data input into an encryption algorithm that would output ciphertext.
Platform as a Service (PaaS) A cloud-based computing platform offered as a service.
privacy Protecting an individual’s personal information from those not authorized to see it.
protected objects Part of trusted computing, a protected object is one whose existence may be known but cannot be directly interacted with.
psychological acceptability The security principle that security-related activities need to be accepted by users or they will be circumvented as a part of normal operations.
public key infrastructure (PKI) Infrastructure for binding a public key to a known user through a trusted intermediary, typically a certificate authority.
qualification testing The formal analysis that is done to determine whether a system or software product satisfies its acceptance criteria.
qualitative risk assessment The process of subjectively determining the impact of an event that affects a project, program, or business. It involves the use of expert judgment, experience, or group consensus to complete the assessment.
quantitative risk assessment The process of objectively determining the impact of an event that affects a project, program, or business. It usually involves the use of metrics and models to complete the assessment.
radio frequency identification (RFID) RFID is a technology that allows wireless, noncontact transfer of data.
RBAC See rule-based access control or role-based access control.
recovery The act of restoring a system to proper operating condition after a security incident.
reference monitor The mechanism that enforces access control over subjects and objects.
regression testing This is a form of testing to ensure patches do not introduce new bugs, and also is effective on alternative versions of the software.
release management The business process associated with the packaging and release of software to production.
relying party The party requesting authentication services in OpenID systems.
Remote Access Service (RAS) A combination of hardware and software used to enable remote access to a network.
remote code execution The execution of code on a system by an attacker; also known as arbitrary code execution.
repudiation The act of denying that a message was either sent or received.
requirements traceability matrix (RTM) A table that correlates the requirements of a system and where they are met.
residual risk Risks remaining after an iteration of risk management.
rich Internet application A browser-based application delivered via the Web that has the functional characteristics of a desktop application.
risk The possibility of suffering a loss.
risk assessment or risk analysis The process of analyzing an environment to identify the threats, vulnerabilities, and mitigating actions to determine (either quantitatively or qualitatively) the impact of an event affecting a project, program, or business.
risk management Overall decision-making process of identifying threats and vulnerabilities and their potential impacts, determining the costs to mitigate such events, and deciding what actions are cost effective to take to control these risks.
role-based access control (RBAC) An access control mechanism in which, instead of the users being assigned specific access permissions for the objects associated with the computer system or network, a set of roles that the user may perform is assigned to each user.
rule-based access control (RBAC) An access control mechanism based on rules.
safeguard See control.
safe harbor A principle of meeting EU privacy requirements with U.S.-based actions for transnational data transfers.
sandboxing The principle of running an application inside a container separating it from nonmediated contact with the operating system.
Sarbanes-Oxley A federal law requiring specific security considerations associated with public companies and their accounting data.
scanning The process of actively interrogating a system to determine its characteristics.
security association (SA) An instance of security policy and keying material applied to a specific data flow. Both IKE and IPsec use SAs, although these SAs are independent of one another. IPsec SAs are unidirectional and are unique in each security protocol, whereas IKE SAs are bidirectional. A set of SAs is needed for a protected data pipe, one per direction per protocol. SAs are uniquely identified by destination (IPsec endpoint) address, security protocol (AH or ESP), and security parameter index (SPI).
security baseline The end result of the process of establishing an information system’s security state. It is a known good configuration resistant to attacks and information theft.
security controls A group of technical, management, or operational policies and procedures designed to implement specific security functionality. Access controls are an example of a security control.
secure development lifecycle (SDL) A specific set of development elements designed to build security into the software development process.
security testing Testing the security requirements of a system.
segregation or separation of duties A basic control that prevents or detects errors and irregularities by assigning responsibilities to different individuals so that no single individual can commit fraudulent or malicious actions.
service-oriented architecture (SOA) An architecture where resources are requested and received via remote calls.
service level agreement (SLA) An agreement between parties concerning the expected or contracted uptime associated with a system.
session management The processes employed to ensure that communication sessions are secure between parties and are not subject to hijacking.
single loss expectancy (SLE) Monetary loss or impact of each occurrence of a threat. SLE = asset value * exposure factor.
single point of failure A point of a system that has the characteristics whereby a failure here could result in failure of the entire system.
single sign-on (SSO) An authentication process by which the user can enter a single user ID and password and then move from application to application or resource to resource without having to supply further authentication information.
social engineering The art of deceiving another person so that he or she reveals confidential information. This is often accomplished by posing as an individual who should be entitled to have access to the information.
Software as a Service (SaaS) The provisioning of software as a service, commonly known as on-demand software.
software configuration management (SCM) The processes associated with the maintenance of the configuration of software in the enterprise.
spear phishing A phishing attack against a specific target in an organization.
spiral model A development model consisting of a series of repeating steps that add value with each iteration.
spoofing Making data appear to have originated from another source so as to hide the true origin from the recipient.
SQL injection The use of malicious SQL statements to compromise a system.
stress testing The use of specific test methodologies to find performance issues before release to production.
STRIDE An acronym in threat modeling for spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege.
subject-object-activity matrix In access control and authorization, the subject-object-activity matrix shows the relationships between these elements for each case.
supplier risk assessment An all-hazards assessment of the specific risks associated with a supplier or supply chain element.
symmetric encryption Encryption that needs all parties to have a copy of the key, sometimes called a shared secret. The single key is used for both encryption and decryption.
syslog The standard for logging on Linux-based computer systems.
systems testing The testing of a complete system, not just the component parts.
tangible asset An asset for which a monetary equivalent can be determined. Examples are inventory, buildings, cash, hardware, software, and so on.
threat Any circumstance or event with the potential to cause harm to an asset.
threat modeling A listing of all of the methods of attacking a system and the mitigations employed to secure the system.
Transmission Control Protocol (TCP) The transport-layer protocol for use on the Internet that allows packet-level tracking of a conversation.
Transport Layer Security (TLS) A newer form of SSL being proposed as an Internet standard.
trapdoor See backdoor.
trusted computing base (TCB) All of the hardware and software of a system that are responsible for the security of the system.
Trusted Platform Module (TPM) A hardware chip to enable trusted computing platform operations.
type safe The property of ensuring that type errors do not occur in programs.
unconstrained data item (UDI) A data element in the Clark-Wilson model that does not have integrity managed.
unit testing The initial testing in a system, done at the unit level of a module, where a complete function can be tested.
unmanaged code Code that runs directly on a system and is responsible for its own control of system resources.
use-case A diagram of the process steps associated with a specific business function, detailing the specific requirements.
User Datagram Protocol (UDP) A connectionless protocol for the transport of data across the Internet.
user experience (UX) The human interface experience for a software system.
validation A check as to whether the software is meeting requirements. As Boehm describes it: Are we building the right product?
verification A check as to whether the software is being properly constructed. As Boehm describes it: Are we building the product right?
vulnerability A weakness in an asset that can be exploited by a threat to cause harm.
waterfall model A development model consisting of a linear series of steps without any retracing of steps.
weakest link The point in the system that is most susceptible to attack.
web application firewall A firewall that operates at the application level, specifically designed to protect web applications by examining requests at the application stack level.
white box A testing environment where the tester has complete knowledge of the inner workings of the system under test.
X.509 The standard format for digital certificates.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.