See certificate authority (CA).
A type of symmetric block cipher defined by RFC 2144.
See Carlisle Adams Stafford Tavares (CAST).
See Common Criteria (CC).
See Common Criteria Recognition Agreement (CCRA).
The primary office from which most resources extend.
A digital entity that establishes who you are and is often used with e-commerce. It contains your name and other identifying data.
An issuer of digital certificates (which are then used for digital signatures or key pairs).
Policies governing the use of certificates.
The principles and procedures employed in the issuing and managing of certificates.
The act of making a certificate invalid.
A list of digital certificate revocations that must be regularly downloaded to stay current.
The log of the history of evidence that has been collected.
A protocol that challenges a system to verify identity. CHAP is an improvement over Password Authentication Protocol (PAP) in which one-way hashing is incorporated into a three-way handshake. RFC 1334 applies to both PAP and CHAP.
Documentation required to make a change in the scope of any particular item. In the realm of project management, a change document is a formal document requiring many signatures before key elements of the project can be modified.
See Challenge Handshake Authentication Protocol (CHAP).
A certain action or moment in time that is used to perform a check. It allows a restart to begin at the last point the data was saved as opposed to from the beginning.
A hexadecimal value computed from transmitted data that is used in error-checking routines.
See cryptographic algorithm.
A switching method where a dedicated connection between the sender and receiver is maintained throughout the conversation.
An integrity model for creating a secure architecture.
Unencrypted text that can be read with any editor.
The part of a client/server network where the computing is usually done. In a typical setting, a client uses the server for remote storage, backups, or security (such as a firewall).
A server-centric network in which all resources are stored on a file server and processing power is distributed among workstations and the file server.
An early encryption system from the NSA for civilian use; it was a hardware implementation of the skipjack encryption algorithm.
A method of balancing loads and providing fault tolerance.
A type of cabling used in computer networks.
The storage and conditions for release of source code provided by a vendor, partner, or other party.
A physical site that has all the resources necessary to enable an organization to use it if the main site is inaccessible (destroyed). Commonly, plans call for turning to a cold site within a certain number of hours after the loss of the main site.
The means and orderly fashion by which evidence is collected, identified, and marked.
An agreement between individuals to commit fraud or deceit.
A document of specifications detailing security evaluation methods for IT products and systems.
A set of standards, formerly known as the Mutual Recognition Agreement (MRA), that defines Evaluation Assurance Levels (EALs).
An older form of scripting that was used extensively in early web systems.
A virus that creates a new program that runs in place of an expected program of the same name.
Standards that support a nonhierarchical security classification.
Assurance that data remains private and no one sees it except for those expected to see it.
The administration of setup and changes to configurations.
Type of communications between two hosts that have no previous session established for synchronizing sent data. The data isn't acknowledged at the receiving end. This method can allow data loss. Within the TCP/IP suite, User Datagram Protocol (UDP) is used for connectionless communication.
Type of communications between two hosts that have a previous session established for synchronizing sent data. The receiving PC acknowledges the data. This method allows for guaranteed delivery of data between PCs. Within the TCP/IP suite, TCP is used for connection-oriented communications.
A plain-text file stored on your machine that contains information about you (and your preferences) and is used by a database server.
See Certificate Practice Statement (CPS).
See hacker.
See cyclical redundancy check (CRC).
Functions on which the livelihood of the company depends.
See Certificate Revocation List (CRL).
The study and practice of finding weaknesses in ciphers.
A person who does cryptanalysis.
A person who participates in the study of cryptographic algorithms.
A symmetric algorithm, also known as a cipher, used to encrypt and decrypt data.
The field of mathematics focused on encrypting and decrypting data.
An individual responsible for maintaining the data, and the integrity of it, within their area.
An error-checking method in data communications that runs a formula against data before transmission. The sending station then appends the resultant value (called a checksum) to the data and sends it. The receiving station uses the same formula on the data. If the receiving station doesn't get the same checksum result for the calculation, it considers the transmission invalid, rejects the frame, and asks for retransmission.
3.15.147.215