M

M of N Control method

A rule stating that in order to access the key server if n number of administrators have the ability to perform a process, m number of those administrators must authenticate for access to occur. M of N Control may involve physical presence.

MAC

See Media Access Control (MAC), Mandatory Access Control (MAC), and message authentication code (MAC).

MAC address

The address that is either assigned to a network card or burned into the network interface card (NIC). PCs use MAC addresses to keep track of one another and keep each other separate.

macro virus

A software exploitation virus that works by using the macro feature included in many applications.

malicious code

Any code that is meant to do harm.

Mandatory Access Control (MAC)

A security policy wherein labels are used to identify the sensitivity of objects. When a user attempts to access an object, the label is checked to see if access should be allowed (that is, whether the user is operating at the same sensitivity level). This policy is "mandatory," because labels are automatically applied to all data (and can be changed only by administrative action), as opposed to "discretionary" policies that leave it up to the user to decide whether to apply a label.

man-in-the-middle attack

An attack that occurs when someone/-thing that is trusted intercepts packets and retransmits them to another party. Man-in-the-middle attacks have also been called TCP/IP hijacking in the past.

mantrap

A device, such as a small room, that limits access to one or a few individuals. Mantraps typically use electronic locks and other methods to control access.

mathematical attack

An attack focused on the encryption algorithm itself, the key mechanism, or any potential area of weakness in the algorithm.

mean time between failure (MTBF)

The measure of the anticipated incidence of failure of a system or component.

mean time to repair (MTTR)

The measurement of how long it takes to repair a system or component once a failure occurs.

media

Any storage medium.

Media Access Control (MAC)

A sublayer of the Data Link layer of the Open Systems Interconnection (OSI) model that controls the way multiple devices use the same media channel. It controls which devices can transmit and when they can transmit.

message authentication code (MAC)

A common method of verifying integrity. The MAC is derived from the message and a secret key.

message digest

The signature area within a message.

Message Digest Algorithm (MDA)

An algorithm that creates a hash value. The hash value is also used to help maintain integrity. There are several versions of MD; the most common are MD5, MD4, and MD2.

Microsoft Challenge Handshake Authentication Protocol (MSCHAP)

An implementation of the Challenge Handshake Authentication Protocol (CHAP) common in Microsoft's Windows-based operating systems. The latest version, and the only one supported in Windows Vista, is MSCHAPv2.

misuse-detection IDS (MD-IDS)

A method of evaluating attacks based on attack signatures and audit trails.

modem

A communications device that converts digital computer signals into analog tones for transmission over the Public Switched Telephone Network (PSTN) and converts them back to digital upon reception. The word modem is an acronym for modulator/demodulator.

modification attack

An attack that modifies information on your system.

MSCHAP

See Microsoft Challenge Handshake Authentication Protocol (MSCHAP).

multicasting

Sending data to more than one address.

multi-factor

The term employed anytime more than one factor must be considered.

multipartite virus

A virus that attacks a system in more than one way.