B

back door (backdoor)

An opening left in a program application (usually by the developer) that allows additional access to data. Typically, these are created for debugging purposes and aren't documented. Before the product ships, the back doors are closed; when they aren't closed, security loopholes exist.

Back Orifice

Originally created as a support tool, it is now well known as an illicit server program that can be used to gain access to Windows NT/2000 servers and take control.

backup

A usable copy of data made to media. Ideally, the backup is made to removable media and stored for recovery should anything happen to the original data.

backup plan

A documented plan governing backup situations.

backup policy

A written policy detailing the frequency of backups and the location of storage media.

Bell La-Padula model

A model designed for the military to address the storage and protection of classified information. This model is specifically designed to prevent unauthorized access to classified information. The model prevents the user from accessing information that has a higher security rating than they are authorized to access. It also prevents information from being written to a lower level of security.

best practices

A set of rules governing basic operations.

BGP

See Border Gateway Protocol (BGP).

BIA

See Business Impact Analysis (BIA).

Biba model

A model similar in concept to the Bell La-Padula model but more concerned with information integrity (an area the Bell La-Padula model doesn't address). In this model, there is no write up or read down. If you're assigned access to top-secret information, you can't read secret information or write to any level higher than the level to which you're authorized. This model keeps higher-level information pure by preventing less-reliable information from being intermixed with it.

biometric device

A device that can authenticate an individual based on a physical characteristic.

biometrics

The science of identifying a person by using one or more of their features. The feature can be a thumbprint, a retinal scan, or any other biological trait.

BIOS

The basic input/output system for an IBM-based PC. It is the firmware that allows the computer to boot.

birthday attack

A probability method of finding collision in hash functions.

Blowfish

A type of symmetric block cipher created by Bruce Schneier.

boot sector

Also known as the Master Boot Record (MBR). The first sector of the hard disk, where the program that boots the operating system resides. It's a popular target for viruses.

Border Gateway Protocol (BGP)

An ISP protocol that allows routers to share information about routes with each other.

border router

A router used to translate from LAN framing to WAN framing.

bot

An automated software program that collects information on the Web. For example, the Googlebot collects website information for the Google index. Bots can be used for malicious purposes as well.

brute force attack

A type of attack that relies purely on trial and error.

buffer overflow attack

A type of denial of service (DoS) attack that occurs when more data is put into a buffer than it can hold, thereby overflowing it (as the name implies).

Business Continuity Planning (BCP)

A contingency plan that allows a business to keep running in the event of a disruption to vital resources.

Business Impact Analysis (BIA)

A study of the possible impact if a disruption to a business's vital resources were to occur.