GLOSSARY
(AES) Advanced Encryption Standard An encryption algorithm for securing sensitive but unclassified material by US Government agencies and, as a consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector. Source: http://searchsecurity.techtarget.com/definition.Advanced-Encryption-Standard
AG Attorney General
Backdoor A means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a backdoor so that the program can be accessed for troubleshooting or other purposes. Source: http://searchsecurity.techtarget.com/definition/back-door
Big Data Analytics The process of examining large amounts of data of a variety of types (big data) to uncover hidden patterns, unknown correlations, and other useful information. Source: http://searchbusinessanalytics.techtarget.com/definition/big-data-analytics
Bulk Data An electronic collection of data composed of information from multiple records, whose primary relationship to each other is their shared origin from a single or multiple databases. Source: http://www.maine.gov/legis/opla/RTKINFORMEcomments.pdf
Church Committee An 11-member investigating body of the Senate (a Senate Select Committee) that studied governmental operations with respect to Intelligence Activities. It published 14 reports that contain a wealth of information on the formation, operation, and abuses of US intelligence agencies. The reports were published in 1975 and 1976, after which recommendations for reform were debated in Congress and in some cases enacted. Source: http://www.aarclibrary.org/publib/contents/church/contents_church_reports.htm
CIA Central Intelligence Agency
Cloud Computing A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Source: http://csrc.nist.gov/publications/nistpubs/800–145/SP800–145.pdf
CLPP Board Civil Liberties and Privacy Protection Board
(CMP) Continuous Monitoring Program Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Source: http://csrc.nist.gov/publications/nistpubs/800–137/SP800–137-Final.pdf
Counter-intelligence Information gathered and activities conducted to identify, deceive, exploit, disrupt, or protect against espionage, other intelligence activities, sabotage, or assassinations conducted for or on behalf of foreign powers, organizations or persons, or their agents, or international terrorist organizations or activities. Source: (Executive Order 12333, as amended 30 July 2008 and JP 2–01.2, CI & HUMINT in Joint Operations, 11 Mar 2011) http://www.fas.org/irp/eprint/ci-glossary.pdf
Counter-proliferation Those actions (e.g., detect and monitor, prepare to conduct counter-proliferation operations, offensive operations, weapons of mass destruction, active defense, and passive defense) taken to defeat the threat and/or use of weapons of mass destruction against the United States, our military forces, friends, and allies. Source: (JP 1–02 & JP 3–40) http://www.fas.org/irp/eprint/ci-glossary.pdf
Data-Mining The process of collecting, searching through, and analyzing a large amount of data within a database, to discover patterns of relationships. Source: http://dictionary.reference.com/browse/data+mining?s=t
Decryption The process of converting encrypted data back to its original form, so it can be understood. Source: http://searchsecurity.techtarget.com/definition/encryption
DHS Department of Homeland Security
DIAA Defense Information Assurance Agency
Diffie-Hellman Key Exchange Algorithm Cryptographic algorithm used for secure key exchange. The algorithm allows two users to exchange a symmetric secret key through an insecure wired or wireless channel and without any prior secrets. Source: (2005 International Conference on Wireless Networks, Communications and Mobile Computing) http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1549408&tag=1
(DRM) Digital Rights Management/(IRM) Information Rights Management A collection of systems and software applications used to protect the copyrights of documents and electronic media. These include digital music and movies, as well as other data that is stored and transferred digitally. DRM is important to publishers of electronic media because it helps to control the trading, protection, monitoring, and tracking of digital media, limiting the illegal propagation of copyrighted works. Source: http://www.techterms.com/definitions/drm
DISA Defense Information Systems Agency
DNI Director of National Intelligence
DOD Department of Defense
DOJ Department of Justice
DTRA Defense Threat Reduction Agency
EINSTEIN 3 An advanced, network-layer intrusion detection system (IDS) which analyzes Internet traffic as it moves in and out of United States Federal Government networks. EINSTEIN filters packets at the gateway and reports anomalies to the United States Computer Emergency Readiness Team (US-CERT) at the Department of Homeland Security. Source: http://searchsecurity.techtarget.com/definition/Einstein
Encryption The conversion of data into a form, called a ciphertext (encrypted text), that cannot be easily understood by unauthorized people. Source: http://searchsecurity.techtarget.com/definition/encryption
Executive Order Official documents, numbered consecutively, through which the President of the United States manages the operations of the Federal Government. Source: http://www.archives.gov/federal-register/executive-orders/about.html
Executive Order 12333 Under section 2.3, intelligence agencies can only collect, retain, and disseminate information about a “US person” (US citizens and lawful permanent residents) if permitted by applicable law, if the information fits within one of the enumerated categories under Executive Order 12333, and if it is permitted under that agency’s implementing guidelines approved by the Attorney General. The EO has been amended to reflect the changing security and intelligence environment and structure within the US Government. Source: https://it.ojp.gov/default.aspx?area=privacy&page=1261#12333
FBI Federal Bureau of Investigation
(FISA) Foreign Intelligence Surveillance Act As amended, establishes procedures for the authorization of electronic surveillance, use of pen registers and trap-and-trace devices, physical searches, and business records for the purpose of gathering foreign intelligence. Source: https://it.ojp.gov/default.aspx?area=privacy&page=1286
(FISC) Foreign Intelligence Surveillance Court A special court for which the Chief Justice of the United States designates 11 federal district court judges to review applications for warrants related to national security investigations. Source: https://www.fjc.gov/history/home.nsf/page/courts_special_fisc.html
FTC Federal Trade Commission
Identifier/Selector Communication accounts associated with a target (e.g., e-mails address, phone number)
IAD Information Assurance Directorate of the National Security Agency
Intelligence Community Seventeen-member group of Executive Branch agencies and organizations that work separately and together to engage in intelligence activities, either in an oversight, managerial, support, or participatory role necessary for the conduct of foreign relations and the protection of the national security of the United States. Source: http://www.fas.org/irp/eprint/ci-glossary.pdf
Meta-data A characterization or description documenting the identification, management, nature, use, or location of information resources (data). Source: A Glossary of Archival and Records Terminology, Copyright 2012, Society of American Archivists (http://www2.archivists.org/glossary).
(MLAT) Mutual Legal Assistance Treaty An understanding and agreement between two countries that wish to mutually cooperate regarding investigation, prosecution, and enforcement of the provisions of the laws of the agreeing countries. The MLAT also specifies the grounds on which a request by either nation may be rejected or denied by the other nation. Source: http://perry4law.org/clic/?page_id=39
NAS National Academy of Sciences
(NIPF) National Intelligence Priorities Framework DNI’s guidance to the Intelligence Community on the national intelligence priorities approved by the President. The NIPF guides prioritization for the operation, planning, and programming of US intelligence analysis and collection. Source: http://www.fbi.gov/about-us/nsb/faqs
(NSC/DC) National Security Council Deputies Committee The senior sub-Cabinet interagency forum for consideration of policy issues affecting national security. The NSC/DC prescribes and reviews work for the NSC interagency groups discussed in a directive. The NSC/DC helps to ensure issues brought before the NSC/PC or the NSC have been properly analyzed and prepared for decision. The regular members of the NSC/DC consist of the Deputy Secretary of State or Under Secretary of the Treasury or Under Secretary of the Treasury for International Affairs, the Deputy Secretary of Defense or Under Secretary of Defense for Policy, the Deputy Attorney General, the Deputy Director of the Office of Management and Budget, the Deputy Director of Central Intelligence, the Vice Chairman of the Joint Chiefs of Staff, the Deputy Chiefs of Staff to the President for Policy, the Chief of Staff and National Security Advisor to the Vice President, the Deputy Assistant to the President for International Economic Affairs, and the Assistant to the President and Deputy National Security Advisor (who shall serve as chair). Source: http://www.fas.org/irp/offdocs/nspd/nspd-1.htm
(NSC/PC) National Security Council Principals Committee The senior interagency forum for consideration of policy affecting national security. The regular members of the NSC/PC consist of the Secretary of State, the Secretary of the Treasury, the Secretary of Defense, the Chief of Staff to the President, and the Assistant to the President for National Security Affairs, who serves as chair. Source: http://www.fas.org/irp/offdocs/nspd/nspd-1.htm
(NSL) National Security Letter A letter from a United States government agency demanding information related to national security. It is independent of legal courts and therefore is different from a subpoena. It is used mainly by the FBI when investigating matters related to national security. It is issued to a particular entity or organization to turn over records and data pertaining to individuals. By law, NSLs can request only non-content information, such as transactional records, phone numbers dialed, or sender or recipient of the letter from disclosing that the letter was ever issued. Source: http://en.wikipedia.org/wiki/National_security_letter. Source: USA PATRIOT Improvement and Reauthorization Act of 2005: A Legal Analysis, Congressional Research Service’s Report for Congress, Brian T. Yeh, Charles Doyle, December 21, 2006.
NSS National Security Staff
NIST National Institute of Standards and Technology
Non-Disclosure Agreement (commonly referred to as “Gag Orders”) Contracts intended to protect information considered to be proprietary or confidential. Parties involved in executing an NDA promise not to divulge secret or protected information. Source: http://inventors.about.com/od/nondisclosure/a/Nondisclosure.htm
NRC National Research Council
NRO National Reconnaissance Office
NSA National Security Agency
NSD/DoJ National Security Division of the Department of Justice
ODNI Office of the Director of National Intelligence
ODOC NSA’s Office of the Director of Compliance
OIA/DoJ Office of International Affairs of the Department of Justice
OMB Office of Management and Budget
OSD Office of the Secretary of Defense
OTA Office of Technology Assessment
PATRIOT Act An Act of Congress that was signed into law by President George W. Bush on October 26, 2001. The title of the act is a ten-letter acronym (USA PATRIOT) that stands for Uniting (and) Strengthening America (by) Providing Appropriate Tools Required (to) Intercept (and) Obstruct Terrorism Act of 2001. Source: http://www.gpo.gov/fdsys/pkg/PLAW-107publ56/html/PLAW-107publ56.htm
PCLOB Privacy and Civil Liberties Oversight Board
Pen Register A device that decodes or records electronic impulses, allowing outgoing numbers from a telephone to be identified. Source: http://legal-dictionary.thefreedictionary.com/Pen+Register
PII Personally identifiable information
PIBD Public Interest Declassification Board
(RAS) Reasonable Articulable Suspicion/Reasonable Grounds to Believe (as applied to section 215) A legal standard of proof in United States law that is less than probable cause, the legal standard for arrests and warrants, but more than an “inchoate and unparticularized suspicion or ‘hunch’”; it must be based on “specific and articulable facts,” “taken together with rational inferences from those facts.” Source: http://supreme.justia.com/cases/federal/us/392/1/case.html#27. Source: http://en.wikipedia.org/wik/Reasonable_Articulable_Suspicion#cite_note-1
Rockefeller Commission Headed by Vice-President Nelson Rockefeller, the commission issued a single report in 1975, which delineated CIA abuses including mail openings and surveillance of domestic dissident groups. Source: http://historymatters.com/archive/contents/church/contents_church_reports_rockcomm.htm
RSA Algorithm (Rivest-Shamir-Adleman) An Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. The RSA algorithm is the most commonly used encryption and authentication algorithm and is included as part of the Web browsers from Microsoft and Netscape and many other products. Source: http://searchsecurity.techtarget.com/definition/RSA
Section 215 Statutory provision of FISA that permits the government access to business records for foreign intelligence and international terrorism investigations. The governing federal officials are permitted the ability to acquire business and other “tangible records” which include: business records, phone provider records, apartment rental records, driver’s license, library records, book sales records, gun sales records, tax return records, educational records, and medical records. Under this provision, federal investigators can compel third-party record holders, such as telecom firms, banks, or others, to disclose these documents. In order to use this provision, the US government must show that there are reasonable grounds to believe that the records are relevant to an international terrorism or counterintelligence investigation. Source: http://www.law.cornell.edu/uscode/text/50/1861. Source: http://belfercenter.ksg.harvard.edu/publication/19163/usapatriot_act.html
Section 702 Statutory provision for the targeting of individuals reasonably believed to be non-U.S persons located outside the United States. Source: http://www.fas.org/irp/news/2013/06/nsasect702.pdf
(SSL) Secure Sockets Layer A commonly used protocol for managing the security of a message transmission on the Internet. Source: http://searchsecurity.techtarget.com/definition/Secure-Sockets-Layer-SSL
(SIGINT) Signals Intelligence Intelligence derived from electronic signals and systems used by foreign targets, such as communications systems, and radar communications system. Source: http://www.nsa.gov/sigint
Social Networking A dedicated website or other application that enables users to communicate with each other by posting information, comments, messages, images, etc. Source: http://www.oxforddictionaries.com/us/definition/american_english/social-network
Splinternet Also referred to as “cyberbalkanization” or “Internet Balkanization,” it is the segregation of the Internet into smaller groups with similar interests, to a degree that they show a narrow-minded approach to outsiders or those with contradictory views. Source: http://www.techopedia.com/definition/28087/cyberbalkanization
Third Party Doctrine Provides that information “knowingly exposed” to a third party is not subject to Fourth Amendment protection because one “assumes the risk” that the third party will disclose that information. The doctrine holds that the information that individual disclosed to businesses (credit card transactions, phone records, etc.) doesn’t carry with it a “reasonable expectation of privacy” under the Fourth Amendment, as one has “assumed the risk” that this information might at some point be disclosed. Source: http://www.lawtechjournal.com/articles/2007/02_070426_lawless.pdf. Source: http://www.nationalreview.com/agenda/350896/third-party-doctrine-reihan-salam
T-TIP Transatlantic Trade and Investment Partnership
Trap-and-Trace A device or process that captures the incoming electronic or other impulses which identify the originating number or other dialing, routing, addressing, and signaling information reasonably likely to identify the source of a wire or electronic communication, provided, however, that such information shall not include the contents of any communication. Source: 18 U.S.C. § 3127(3).
Tutelage The codename of a classified NSA technology used to monitor communications used on military networks. Source: http://www.wired.com/threatlevel/2009/07/einstein/
Warfighter Military personnel with a combat or combat related mission.
Whistle-blower A person who tells someone in authority about something they believe to be illegal that is happening, especially in a government department or a company. Source: http://dictionary.cambridge.org/dictionary/british/whistle-blower
Wiretap To place a device on (someone’s phone) in order to secretly listen to telephone calls. Source: http://www.merriam-webster.com/dictionary/wiretap
Zero Day Exploitation Taking advantage of security vulnerability on the same day that the vulnerability becomes generally known. There are zero days between the time the vulnerability is discovered and the first attack. It is an exploit of vulnerability in software, which is being utilized for the first time and which, therefore, is unknown to defensive software. Source: http://searchsecurity.techtarget.com/definition/zero-day-exploit