summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc2828.txt
diff options
context:
space:
mode:
authorThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
committerThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
commit4bfd864f10b68b71482b35c818559068ef8d5797 (patch)
treee3989f47a7994642eb325063d46e8f08ffa681dc /doc/rfc/rfc2828.txt
parentea76e11061bda059ae9f9ad130a9895cc85607db (diff)
doc: Add RFC documents
Diffstat (limited to 'doc/rfc/rfc2828.txt')
-rw-r--r--doc/rfc/rfc2828.txt11875
1 files changed, 11875 insertions, 0 deletions
diff --git a/doc/rfc/rfc2828.txt b/doc/rfc/rfc2828.txt
new file mode 100644
index 0000000..47e819c
--- /dev/null
+++ b/doc/rfc/rfc2828.txt
@@ -0,0 +1,11875 @@
+
+
+
+
+
+
+Network Working Group R. Shirey
+Request for Comments: 2828 GTE / BBN Technologies
+FYI: 36 May 2000
+Category: Informational
+
+
+ Internet Security Glossary
+
+Status of this Memo
+
+ This memo provides information for the Internet community. It does
+ not specify an Internet standard of any kind. Distribution of this
+ memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2000). All Rights Reserved.
+
+Abstract
+
+ This Glossary (191 pages of definitions and 13 pages of references)
+ provides abbreviations, explanations, and recommendations for use of
+ information system security terminology. The intent is to improve the
+ comprehensibility of writing that deals with Internet security,
+ particularly Internet Standards documents (ISDs). To avoid confusion,
+ ISDs should use the same term or definition whenever the same concept
+ is mentioned. To improve international understanding, ISDs should use
+ terms in their plainest, dictionary sense. ISDs should use terms
+ established in standards documents and other well-founded
+ publications and should avoid substituting private or newly made-up
+ terms. ISDs should avoid terms that are proprietary or otherwise
+ favor a particular vendor, or that create a bias toward a particular
+ security technology or mechanism versus other, competing techniques
+ that already exist or might be developed in the future.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Shirey Informational [Page 1]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
+ 2. Explanation of Paragraph Markings . . . . . . . . . . . . . . 4
+ 2.1 Recommended Terms with an Internet Basis ("I") . . . . . . 4
+ 2.2 Recommended Terms with a Non-Internet Basis ("N") . . . . 5
+ 2.3 Other Definitions ("O") . . . . . . . . . . . . . . . . . 5
+ 2.4 Deprecated Terms, Definitions, and Uses ("D") . . . . . . 6
+ 2.5 Commentary and Additional Guidance ("C") . . . . . . . . . 6
+ 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6
+ 4. References . . . . . . . . . . . . . . . . . . . . . . . . . . 197
+ 5. Security Considerations . . . . . . . . . . . . . . . . . . . 211
+ 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 211
+ 7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 211
+ 8. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 212
+
+1. Introduction
+
+ This Glossary provides an internally consistent, complementary set of
+ abbreviations, definitions, explanations, and recommendations for use
+ of terminology related to information system security. The intent of
+ this Glossary is to improve the comprehensibility of Internet
+ Standards documents (ISDs)--i.e., RFCs, Internet-Drafts, and other
+ material produced as part of the Internet Standards Process [R2026]--
+ and of all other Internet material, too. Some non-security terms are
+ included to make the Glossary self-contained, but more complete lists
+ of networking terms are available elsewhere [R1208, R1983].
+
+ Some glossaries (e.g., [Raym]) list terms that are not listed here
+ but could be applied to Internet security. However, those terms have
+ not been included in this Glossary because they are not appropriate
+ for ISDs.
+
+ This Glossary marks terms and definitions as being either endorsed or
+ deprecated for use in ISDs, but this Glossary is not an Internet
+ standard. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
+ and "OPTIONAL" are intended to be interpreted the same way as in an
+ Internet Standard [R2119], but this guidance represents only the
+ recommendations of this author. However, this Glossary includes
+ reasons for the recommendations--particularly for the SHOULD NOTs--so
+ that readers can judge for themselves whether to follow the
+ recommendations.
+
+
+
+
+
+
+
+
+
+Shirey Informational [Page 2]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ This Glossary supports the goals of the Internet Standards Process:
+
+ o Clear, Concise, and Easily Understood Documentation
+
+ This Glossary seeks to improve comprehensibility of security-
+ related content of ISDs. That requires wording to be clear and
+ understandable, and requires the set of security-related terms and
+ definitions to be consistent and self-supporting. Also, the
+ terminology needs to be uniform across all ISDs; i.e., the same
+ term or definition needs to be used whenever and wherever the same
+ concept is mentioned. Harmonization of existing ISDs need not be
+ done immediately, but it is desirable to correct and standardize
+ the terminology when new versions are issued in the normal course
+ of standards development and evolution.
+
+ o Technical Excellence
+
+ Just as Internet Standard (STD) protocols should operate
+ effectively, ISDs should use terminology accurately, precisely,
+ and unambiguously to enable Internet Standards to be implemented
+ correctly.
+
+ o Prior Implementation and Testing
+
+ Just as STD protocols require demonstrated experience and
+ stability before adoption, ISDs need to use well-established
+ language. Using terms in their plainest, dictionary sense (when
+ appropriate) helps to ensure international understanding. ISDs
+ need to avoid using private, made-up terms in place of generally-
+ accepted terms from standards and other publications. ISDs need to
+ avoid substituting new definitions that conflict with established
+ ones. ISDs need to avoid using "cute" synonyms (e.g., see: Green
+ Book); no matter how popular a nickname may be in one community,
+ it is likely to cause confusion in another.
+
+ o Openness, Fairness, and Timeliness
+
+ ISDs need to avoid terms that are proprietary or otherwise favor a
+ particular vendor, or that create a bias toward a particular
+ security technology or mechanism over other, competing techniques
+ that already exist or might be developed in the future. The set of
+ terminology used across the set of ISDs needs to be flexible and
+ adaptable as the state of Internet security art evolves.
+
+
+
+
+
+
+
+
+Shirey Informational [Page 3]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+2. Explanation of Paragraph Markings
+
+ Section 3 marks terms and definitions as follows:
+
+ o Capitalization: Only terms that are proper nouns are capitalized.
+
+ o Paragraph Marking: Definitions and explanations are stated in
+ paragraphs that are marked as follows:
+
+ - "I" identifies a RECOMMENDED Internet definition.
+ - "N" identifies a RECOMMENDED non-Internet definition.
+ - "O" identifies a definition that is not recommended as the first
+ choice for Internet documents but is something that authors of
+ Internet documents need to know.
+ - "D" identifies a term or definition that SHOULD NOT be used in
+ Internet documents.
+ - "C" identifies commentary or additional usage guidance.
+
+ The rest of Section 2 further explains these five markings.
+
+2.1 Recommended Terms with an Internet Basis ("I")
+
+ The paragraph marking "I" (as opposed to "O") indicates a definition
+ that SHOULD be the first choice for use in ISDs. Most terms and
+ definitions of this type MAY be used in ISDs; however, some "I"
+ definitions are accompanied by a "D" paragraph that recommends
+ against using the term. Also, some "I" definitions are preceded by an
+ indication of a contextual usage limitation (e.g., see:
+ certification), and ISDs should not the term and definition outside
+ that context
+
+ An "I" (as opposed to an "N") also indicates that the definition has
+ an Internet basis. That is, either the Internet Standards Process is
+ authoritative for the term, or the term is sufficiently generic that
+ this Glossary can freely state a definition without contradicting a
+ non-Internet authority (e.g., see: attack).
+
+ Many terms with "I" definitions are proper nouns (e.g., see:
+ Internet Protocol). For such terms, the "I" definition is intended
+ only to provide basic information; the authoritative definition is
+ found elsewhere.
+
+ For a proper noun identified as an "Internet protocol", please refer
+ to the current edition of "Internet Official Protocol Standards" (STD
+ 1) for the standardization state and status of the protocol.
+
+
+
+
+
+
+Shirey Informational [Page 4]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+2.2 Recommended Terms with a Non-Internet Basis ("N")
+
+ The paragraph marking "N" (as opposed to "O") indicates a definition
+ that SHOULD be the first choice for the term, if the term is used at
+ all in Internet documents. Terms and definitions of this type MAY be
+ used in Internet documents (e.g., see: X.509 public-key certificate).
+
+ However, an "N" (as opposed to an "I") also indicates a definition
+ that has a non-Internet basis or origin. Many such definitions are
+ preceded by an indication of a contextual usage limitation, and this
+ Glossary's endorsement does not apply outside that context. Also,
+ some contexts are rarely if ever expected to occur in a Internet
+ document (e.g., see: baggage). In those cases, the listing exists to
+ make Internet authors aware of the non-Internet usage so that they
+ can avoid conflicts with non-Internet documents.
+
+ Many terms with "N" definitions are proper nouns (e.g., see:
+ Computer Security Objects Register). For such terms, the "N"
+ definition is intended only to provide basic information; the
+ authoritative definition is found elsewhere.
+
+2.3 Other Definitions ("O")
+
+ The paragraph marking "O" indicates a definition that has a non-
+ Internet basis, but indicates that the definition SHOULD NOT be used
+ in ISDs *except* in cases where the term is specifically identified
+ as non-Internet.
+
+ For example, an ISD might mention "BCA" (see: brand certification
+ authority) or "baggage" as an example to illustrate some concept; in
+ that case, the document should specifically say "SET(trademark) BCA"
+ or "SET(trademark) baggage" and include the definition of the term.
+
+ For some terms that have a definition published by a non-Internet
+ authority--government (see: object reuse), industry (see: Secure Data
+ Exchange), national (see: Data Encryption Standard), or international
+ (see: data confidentiality)--this Glossary marks the definition "N",
+ recommending its use in Internet documents. In other cases, the non-
+ Internet definition of a term is inadequate or inappropriate for
+ ISDs. For example, it may be narrow or outdated, or it may need
+ clarification by substituting more careful or more explanatory
+ wording using other terms that are defined in this Glossary. In those
+ cases, this Glossary marks the tern "O" and provides an "I"
+ definition (or sometimes a different "N" definition), which precedes
+ and supersedes the definition marked "O".
+
+
+
+
+
+
+Shirey Informational [Page 5]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ In most of the cases where this Glossary provides a definition to
+ supersede one from a non-Internet standard, the substitute is
+ intended to subsume the meaning of the superseded "O" definition and
+ not conflict with it. For the term "security service", for example,
+ the "O" definition deals narrowly with only communication services
+ provided by layers in the OSI model and is inadequate for the full
+ range of ISD usage; the "I" definition can be used in more situations
+ and for more kinds of service. However, the "O" definition is also
+ provided here so that ISD authors will be aware of the context in
+ which the term is used more narrowly.
+
+ When making substitutions, this Glossary attempts to use
+ understandable English that does not contradict any non-Internet
+ authority. Still, terminology differs between the standards of the
+ American Bar Association, OSI, SET, the U.S. Department of Defense,
+ and other authorities, and this Glossary probably is not exactly
+ aligned with all of them.
+
+2.4 Deprecated Terms, Definitions, and Uses ("D")
+
+ If this Glossary recommends that a term or definition SHOULD NOT be
+ used in ISDs, then either the definition has the paragraph marking
+ "D", or the restriction is stated in a "D" paragraph that immediately
+ follows the term or definition.
+
+2.5 Commentary and Additional Guidance ("C")
+
+ The paragraph marking "C" identifies text that is advisory or
+ tutorial. This text MAY be reused in other Internet documents. This
+ text is not intended to be authoritative, but is provided to clarify
+ the definitions and to enhance this Glossary so that Internet
+ security novices can use it as a tutorial.
+
+3. Definitions
+
+ Note: Each acronym or other abbreviation (except items of common
+ English usage, such as "e.g.", "etc.", "i.e.", "vol.", "pp.", "U.S.")
+ that is used in this Glossary, either in a definition or as a subpart
+ of a defined term, is also defined in this Glossary.
+
+ $ 3DES
+ See: triple DES.
+
+ $ *-property
+ (N) (Pronounced "star property".) See: "confinement property"
+ under Bell-LaPadula Model.
+
+
+
+
+
+Shirey Informational [Page 6]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ ABA Guidelines
+ (N) "American Bar Association (ABA) Digital Signature Guidelines"
+ [ABA], a framework of legal principles for using digital
+ signatures and digital certificates in electronic commerce.
+
+ $ Abstract Syntax Notation One (ASN.1)
+ (N) A standard for describing data objects. [X680]
+
+ (C) OSI standards use ASN.1 to specify data formats for protocols.
+ OSI defines functionality in layers. Information objects at higher
+ layers are abstractly defined to be implemented with objects at
+ lower layers. A higher layer may define transfers of abstract
+ objects between computers, and a lower layer may define transfers
+ concretely as strings of bits. Syntax is needed to define abstract
+ objects, and encoding rules are needed to transform between
+ abstract objects and bit strings. (See: Basic Encoding Rules.)
+
+ (C) In ASN.1, formal names are written without spaces, and
+ separate words in a name are indicated by capitalizing the first
+ letter of each word except the first word. For example, the name
+ of a CRL is "certificateRevocationList".
+
+ $ ACC
+ See: access control center.
+
+ $ access
+ (I) The ability and means to communicate with or otherwise
+ interact with a system in order to use system resources to either
+ handle information or gain knowledge of the information the system
+ contains.
+
+ (O) "A specific type of interaction between a subject and an
+ object that results in the flow of information from one to the
+ other." [NCS04]
+
+ (C) In this Glossary, "access" is intended to cover any ability to
+ communicate with a system, including one-way communication in
+ either direction. In actual practice, however, entities outside a
+ security perimeter that can receive output from the system but
+ cannot provide input or otherwise directly interact with the
+ system, might be treated as not having "access" and, therefore, be
+ exempt from security policy requirements, such as the need for a
+ security clearance.
+
+ $ access control
+ (I) Protection of system resources against unauthorized access; a
+ process by which use of system resources is regulated according to
+ a security policy and is permitted by only authorized entities
+
+
+
+Shirey Informational [Page 7]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (users, programs, processes, or other systems) according to that
+ policy. (See: access, access control service.)
+
+ (O) "The prevention of unauthorized use of a resource, including
+ the prevention of use of a resource in an unauthorized manner."
+ [I7498 Part 2]
+
+ $ access control center (ACC)
+ (I) A computer containing a database with entries that define a
+ security policy for an access control service.
+
+ (C) An ACC is sometimes used in conjunction with a key center to
+ implement access control in a key distribution system for
+ symmetric cryptography.
+
+ $ access control list (ACL)
+ (I) A mechanism that implements access control for a system
+ resource by enumerating the identities of the system entities that
+ are permitted to access the resource. (See: capability.)
+
+ $ access control service
+ (I) A security service that protects against a system entity using
+ a system resource in a way not authorized by the system's security
+ policy; in short, protection of system resources against
+ unauthorized access. (See: access control, discretionary access
+ control, identity-based security policy, mandatory access control,
+ rule-based security policy.)
+
+ (C) This service includes protecting against use of a resource in
+ an unauthorized manner by an entity that is authorized to use the
+ resource in some other manner. The two basic mechanisms for
+ implementing this service are ACLs and tickets.
+
+ $ access mode
+ (I) A distinct type of data processing operation--e.g., read,
+ write, append, or execute--that a subject can potentially perform
+ on an object in a computer system.
+
+ $ accountability
+ (I) The property of a system (including all of its system
+ resources) that ensures that the actions of a system entity may be
+ traced uniquely to that entity, which can be held responsible for
+ its actions. (See: audit service.)
+
+ (C) Accountability permits detection and subsequent investigation
+ of security breaches.
+
+
+
+
+
+Shirey Informational [Page 8]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ accredit
+ $ accreditation
+ (I) An administrative declaration by a designated authority that
+ an information system is approved to operate in a particular
+ security configuration with a prescribed set of safeguards.
+ [FP102] (See: certification.)
+
+ (C) An accreditation is usually based on a technical certification
+ of the system's security mechanisms. The terms "certification" and
+ "accreditation" are used more in the U.S. Department of Defense
+ and other government agencies than in commercial organizations.
+ However, the concepts apply any place where managers are required
+ to deal with and accept responsibility for security risks. The
+ American Bar Association is developing accreditation criteria for
+ CAs.
+
+ $ ACL
+ See: access control list.
+
+ $ acquirer
+ (N) SET usage: "The financial institution that establishes an
+ account with a merchant and processes payment card authorizations
+ and payments." [SET1]
+
+ (O) "The institution (or its agent) that acquires from the card
+ acceptor the financial data relating to the transaction and
+ initiates that data into an interchange system." [SET2]
+
+ $ active attack
+ See: (secondary definition under) attack.
+
+ $ active wiretapping
+ See: (secondary definition under) wiretapping.
+
+ $ add-on security
+ (I) "The retrofitting of protection mechanisms, implemented by
+ hardware or software, after the [automatic data processing] system
+ has become operational." [FP039]
+
+ $ administrative security
+ (I) Management procedures and constraints to prevent unauthorized
+ access to a system. (See: security architecture.)
+
+ (O) "The management constraints, operational procedures,
+ accountability procedures, and supplemental controls established
+ to provide an acceptable level of protection for sensitive data."
+ [FP039]
+
+
+
+
+Shirey Informational [Page 9]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) Examples include clear delineation and separation of duties,
+ and configuration control.
+
+ $ Advanced Encryption Standard (AES)
+ (N) A future FIPS publication being developed by NIST to succeed
+ DES. Intended to specify an unclassified, publicly-disclosed,
+ symmetric encryption algorithm, available royalty-free worldwide.
+
+ $ adversary
+ (I) An entity that attacks, or is a threat to, a system.
+
+ $ aggregation
+ (I) A circumstance in which a collection of information items is
+ required to be classified at a higher security level than any of
+ the individual items that comprise it.
+
+ $ AH
+ See: Authentication Header
+
+ $ algorithm
+ (I) A finite set of step-by-step instructions for a problem-
+ solving or computation procedure, especially one that can be
+ implemented by a computer. (See: cryptographic algorithm.)
+
+ $ alias
+ (I) A name that an entity uses in place of its real name, usually
+ for the purpose of either anonymity or deception.
+
+ $ American National Standards Institute (ANSI)
+ (N) A private, not-for-profit association of users, manufacturers,
+ and other organizations, that administers U.S. private sector
+ voluntary standards.
+
+ (C) ANSI is the sole U.S. representative to the two major non-
+ treaty international standards organizations, ISO and, via the
+ U.S. National Committee (USNC), the International Electrotechnical
+ Commission (IEC).
+
+ $ anonymous
+ (I) The condition of having a name that is unknown or concealed.
+ (See: anonymous login.)
+
+ (C) An application may require security services that maintain
+ anonymity of users or other system entities, perhaps to preserve
+ their privacy or hide them from attack. To hide an entity's real
+ name, an alias may be used. For example, a financial institution
+ may assign an account number. Parties to a transaction can thus
+ remain relatively anonymous, but can also accept the transaction
+
+
+
+Shirey Informational [Page 10]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ as legitimate. Real names of the parties cannot be easily
+ determined by observers of the transaction, but an authorized
+ third party may be able to map an alias to a real name, such as by
+ presenting the institution with a court order. In other
+ applications, anonymous entities may be completely untraceable.
+
+ $ anonymous login
+ (I) An access control feature (or, rather, an access control
+ weakness) in many Internet hosts that enables users to gain access
+ to general-purpose or public services and resources on a host
+ (such as allowing any user to transfer data using File Transfer
+ Protocol) without having a pre-established, user-specific account
+ (i.e., user name and secret password).
+
+ (C) This feature exposes a system to more threats than when all
+ the users are known, pre-registered entities that are individually
+ accountable for their actions. A user logs in using a special,
+ publicly known user name (e.g., "anonymous", "guest", or "ftp").
+ To use the public login name, the user is not required to know a
+ secret password and may not be required to input anything at all
+ except the name. In other cases, to complete the normal sequence
+ of steps in a login protocol, the system may require the user to
+ input a matching, publicly known password (such as "anonymous") or
+ may ask the user for an e-mail address or some other arbitrary
+ character string.
+
+ $ APOP
+ See: POP3 APOP.
+
+ $ archive
+ (I) (1.) Noun: A collection of data that is stored for a
+ relatively long period of time for historical and other purposes,
+ such as to support audit service, availability service, or system
+ integrity service. (See: backup.) (2.) Verb: To store data in such
+ a way. (See: back up.)
+
+ (C) A digital signature may need to be verified many years after
+ the signing occurs. The CA--the one that issued the certificate
+ containing the public key needed to verify that signature--may not
+ stay in operation that long. So every CA needs to provide for
+ long-term storage of the information needed to verify the
+ signatures of those to whom it issues certificates.
+
+ $ ARPANET
+ (N) Advanced Research Projects Agency Network, a pioneer packet-
+ switched network that was built in the early 1970s under contract
+ to the U.S. Government, led to the development of today's
+ Internet, and was decommissioned in June 1990.
+
+
+
+Shirey Informational [Page 11]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ ASN.1
+ See: Abstract Syntax Notation One.
+
+ $ association
+ (I) A cooperative relationship between system entities, usually
+ for the purpose of transferring information between them. (See:
+ security association.)
+
+ $ assurance
+ (I) (1.) An attribute of an information system that provides
+ grounds for having confidence that the system operates such that
+ the system security policy is enforced. (2.) A procedure that
+ ensures a system is developed and operated as intended by the
+ system's security policy.
+
+ $ assurance level
+ (I) Evaluation usage: A specific level on a hierarchical scale
+ representing successively increased confidence that a target of
+ evaluation adequately fulfills the requirements. (E.g., see:
+ TCSEC.)
+
+ $ asymmetric cryptography
+ (I) A modern branch of cryptography (popularly known as "public-
+ key cryptography") in which the algorithms employ a pair of keys
+ (a public key and a private key) and use a different component of
+ the pair for different steps of the algorithm. (See: key pair.)
+
+ (C) Asymmetric algorithms have key management advantages over
+ equivalently strong symmetric ones. First, one key of the pair
+ does not need to be known by anyone but its owner; so it can more
+ easily be kept secret. Second, although the other key of the pair
+ is shared by all entities that use the algorithm, that key does
+ not need to be kept secret from other, non-using entities; so the
+ key distribution part of key management can be done more easily.
+
+ (C) For encryption: In an asymmetric encryption algorithm (e.g.,
+ see: RSA), when Alice wants to ensure confidentiality for data she
+ sends to Bob, she encrypts the data with a public key provided by
+ Bob. Only Bob has the matching private key that is needed to
+ decrypt the data.
+
+ (C) For signature: In an asymmetric digital signature algorithm
+ (e.g., see: DSA), when Alice wants to ensure data integrity or
+ provide authentication for data she sends to Bob, she uses her
+ private key to sign the data (i.e., create a digital signature
+ based on the data). To verify the signature, Bob uses the matching
+ public key that Alice has provided.
+
+
+
+
+Shirey Informational [Page 12]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) For key agreement: In an asymmetric key agreement algorithm
+ (e.g., see: Diffie-Hellman), Alice and Bob each send their own
+ public key to the other person. Then each uses their own private
+ key and the other's public key to compute the new key value.
+
+ $ attack
+ (I) An assault on system security that derives from an intelligent
+ threat, i.e., an intelligent act that is a deliberate attempt
+ (especially in the sense of a method or technique) to evade
+ security services and violate the security policy of a system.
+ (See: penetration, violation, vulnerability.)
+
+ - Active vs. passive: An "active attack" attempts to alter system
+ resources or affect their operation. A "passive attack"
+ attempts to learn or make use of information from the system
+ but does not affect system resources. (E.g., see: wiretapping.)
+
+ - Insider vs. outsider: An "inside attack" is an attack initiated
+ by an entity inside the security perimeter (an "insider"),
+ i.e., an entity that is authorized to access system resources
+ but uses them in a way not approved by those who granted the
+ authorization. An "outside attack" is initiated from outside
+ the perimeter, by an unauthorized or illegitimate user of the
+ system (an "outsider"). In the Internet, potential outside
+ attackers range from amateur pranksters to organized criminals,
+ international terrorists, and hostile governments.
+
+ (C) The term "attack" relates to some other basic security terms
+ as shown in the following diagram:
+
+ + - - - - - - - - - - - - + + - - - - + + - - - - - - - - - - -+
+ | An Attack: | |Counter- | | A System Resource: |
+ | i.e., A Threat Action | | measure | | Target of the Attack |
+ | +----------+ | | | | +-----------------+ |
+ | | Attacker |<==================||<========= | |
+ | | i.e., | Passive | | | | | Vulnerability | |
+ | | A Threat |<=================>||<========> | |
+ | | Agent | or Active | | | | +-------|||-------+ |
+ | +----------+ Attack | | | | VVV |
+ | | | | | Threat Consequences |
+ + - - - - - - - - - - - - + + - - - - + + - - - - - - - - - - -+
+
+ $ attribute authority
+ (I) A CA that issues attribute certificates.
+
+ (O) "An authority, trusted by the verifier to delegate privilege,
+ which issues attribute certificates." [FPDAM]
+
+
+
+
+Shirey Informational [Page 13]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ attribute certificate
+ (I) A digital certificate that binds a set of descriptive data
+ items, other than a public key, either directly to a subject name
+ or to the identifier of another certificate that is a public-key
+ certificate. [X509]
+
+ (O) "A set of attributes of a user together with some other
+ information, rendered unforgeable by the digital signature created
+ using the private key of the CA which issued it." [X509]
+
+ (O) "A data structure that includes some attribute values and
+ identification information about the owner of the attribute
+ certificate, all digitally signed by an Attribute Authority. This
+ authority's signature serves as the guarantee of the binding
+ between the attributes and their owner." [FPDAM]
+
+ (C) A public-key certificate binds a subject name to a public key
+ value, along with information needed to perform certain
+ cryptographic functions. Other attributes of a subject, such as a
+ security clearance, may be certified in a separate kind of digital
+ certificate, called an attribute certificate. A subject may have
+ multiple attribute certificates associated with its name or with
+ each of its public-key certificates.
+
+ (C) An attribute certificate might be issued to a subject in the
+ following situations:
+
+ - Different lifetimes: When the lifetime of an attribute binding
+ is shorter than that of the related public-key certificate, or
+ when it is desirable not to need to revoke a subject's public
+ key just to revoke an attribute.
+
+ - Different authorities: When the authority responsible for the
+ attributes is different than the one that issues the public-key
+ certificate for the subject. (There is no requirement that an
+ attribute certificate be issued by the same CA that issued the
+ associated public-key certificate.)
+
+ $ audit service
+ (I) A security service that records information needed to
+ establish accountability for system events and for the actions of
+ system entities that cause them. (See: security audit.)
+
+ $ audit trail
+ See: security audit trail.
+
+
+
+
+
+
+Shirey Informational [Page 14]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ AUTH
+ See: POP3 AUTH.
+
+ $ authentic signature
+ (I) A signature (particularly a digital signature) that can be
+ trusted because it can be verified. (See: validate vs. verify.)
+
+ $ authenticate
+ (I) Verify (i.e., establish the truth of) an identity claimed by
+ or for a system entity. (See: authentication.)
+
+ (D) In general English usage, this term usually means "to prove
+ genuine" (e.g., an art expert authenticates a Michelangelo
+ painting). But the recommended definition carries a much narrower
+ meaning. For example, to be precise, an ISD SHOULD NOT say "the
+ host authenticates each received datagram". Instead, the ISD
+ SHOULD say "the host authenticates the origin of each received
+ datagram". In most cases, we also can say "and verifies the
+ datagram's integrity", because that is usually implied. (See:
+ ("relationship between data integrity service and authentication
+ services" under) data integrity service.)
+
+ (D) ISDs SHOULD NOT talk about authenticating a digital signature
+ or digital certificate. Instead, we "sign" and then "verify"
+ digital signatures, and we "issue" and then "validate" digital
+ certificates. (See: validate vs. verify.)
+
+ $ authentication
+ (I) The process of verifying an identity claimed by or for a
+ system entity. (See: authenticate, authentication exchange,
+ authentication information, credential, data origin
+ authentication, peer entity authentication.)
+
+ (C) An authentication process consists of two steps:
+
+ 1. Identification step: Presenting an identifier to the security
+ system. (Identifiers should be assigned carefully, because
+ authenticated identities are the basis for other security
+ services, such as access control service.)
+
+ 2. Verification step: Presenting or generating authentication
+ information that corroborates the binding between the entity
+ and the identifier. (See: verification.)
+
+ (C) See: ("relationship between data integrity service and
+ authentication services" under) data integrity service.
+
+
+
+
+
+Shirey Informational [Page 15]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ authentication code
+ (D) ISDs SHOULD NOT use this term as a synonym for any form of
+ checksum, whether cryptographic or not. The word "authentication"
+ is misleading because the mechanism involved usually serves a data
+ integrity function rather than an authentication function, and the
+ word "code" is misleading because it implies that either encoding
+ or encryption is involved or that the term refers to computer
+ software. (See: message authentication code.)
+
+ $ authentication exchange
+ (I) A mechanism to verify the identity of an entity by means of
+ information exchange.
+
+ (O) "A mechanism intended to ensure the identity of an entity by
+ means of information exchange." [I7498 Part 2]
+
+ $ Authentication Header (AH)
+ (I) An Internet IPsec protocol [R2402] designed to provide
+ connectionless data integrity service and data origin
+ authentication service for IP datagrams, and (optionally) to
+ provide protection against replay attacks.
+
+ (C) Replay protection may be selected by the receiver when a
+ security association is established. AH authenticates upper-layer
+ protocol data units and as much of the IP header as possible.
+ However, some IP header fields may change in transit, and the
+ value of these fields, when the packet arrives at the receiver,
+ may not be predictable by the sender. Thus, the values of such
+ fields cannot be protected end-to-end by AH; protection of the IP
+ header by AH is only partial when such fields are present.
+
+ (C) AH may be used alone, or in combination with the IPsec ESP
+ protocol, or in a nested fashion with tunneling. Security services
+ can be provided between a pair of communicating hosts, between a
+ pair of communicating security gateways, or between a host and a
+ gateway. ESP can provide the same security services as AH, and ESP
+ can also provide data confidentiality service. The main difference
+ between authentication services provided by ESP and AH is the
+ extent of the coverage; ESP does not protect IP header fields
+ unless they are encapsulated by AH.
+
+ $ authentication information
+ (I) Information used to verify an identity claimed by or for an
+ entity. (See: authentication, credential.)
+
+ (C) Authentication information may exist as, or be derived from,
+ one of the following:
+
+
+
+
+Shirey Informational [Page 16]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - Something the entity knows. (See: password).
+ - Something the entity possesses. (See: token.)
+ - Something the entity is. (See: biometric authentication.)
+
+ $ authentication service
+ (I) A security service that verifies an identity claimed by or for
+ an entity. (See: authentication.)
+
+ (C) In a network, there are two general forms of authentication
+ service: data origin authentication service and peer entity
+ authentication service.
+
+ $ authenticity
+ (I) The property of being genuine and able to be verified and be
+ trusted. (See: authenticate, authentication, validate vs. verify)
+
+ $ authority
+ (D) "An entity, responsible for the issuance of certificates."
+ [FPDAM]
+
+ (C) ISDs SHOULD NOT use this term as a synonym for AA, CA, RA,
+ ORA, or similar terms, because it may cause confusion. Instead,
+ use the full term at the first instance of usage and then, if it
+ is necessary to shorten text, use the style of abbreviation
+ defined in this Glossary.
+
+ (C) ISDs SHOULD NOT use this definition for any PKI entity,
+ because the definition is ambiguous with regard to whether the
+ entity actually issues certificates (e.g., attribute authority or
+ certification authority) or just has accountability for processes
+ that precede or follow signing (e.g., registration authority).
+ (See: issue.)
+
+ $ authority certificate
+ (D) "A certificate issued to an authority (e.g. either to a
+ certification authority or to an attribute authority)." [FPDAM]
+ (See: authority.)
+
+ (C) ISDs SHOULD NOT use this term or definition because they are
+ ambiguous with regard to which specific types of PKI entities they
+ address.
+
+ $ authority revocation list (ARL)
+ (I) A data structure that enumerates digital certificates that
+ were issued to CAs but have been invalidated by their issuer prior
+ to when they were scheduled to expire. (See: certificate
+ expiration, X.509 authority revocation list.)
+
+
+
+
+Shirey Informational [Page 17]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (O) "A revocation list containing a list of public-key
+ certificates issued to authorities, which are no longer considered
+ valid by the certificate issuer." [FPDAM]
+
+ $ authorization
+ $ authorize
+ (I) (1.) An "authorization" is a right or a permission that is
+ granted to a system entity to access a system resource. (2.) An
+ "authorization process" is a procedure for granting such rights.
+ (3.) To "authorize" means to grant such a right or permission.
+ (See: privilege.)
+
+ (O) SET usage: "The process by which a properly appointed person
+ or persons grants permission to perform some action on behalf of
+ an organization. This process assesses transaction risk, confirms
+ that a given transaction does not raise the account holder's debt
+ above the account's credit limit, and reserves the specified
+ amount of credit. (When a merchant obtains authorization, payment
+ for the authorized amount is guaranteed--provided, of course, that
+ the merchant followed the rules associated with the authorization
+ process.)" [SET2]
+
+ $ automated information system
+ (I) An organized assembly of resources and procedures--i.e.,
+ computing and communications equipment and services, with their
+ supporting facilities and personnel--that collect, record,
+ process, store, transport, retrieve, or display information to
+ accomplish a specified set of functions.
+
+ $ availability
+ (I) The property of a system or a system resource being accessible
+ and usable upon demand by an authorized system entity, according
+ to performance specifications for the system; i.e., a system is
+ available if it provides services according to the system design
+ whenever users request them. (See: critical, denial of service,
+ reliability, survivability.)
+
+ (O) "The property of being accessible and usable upon demand by an
+ authorized entity." [I7498 Part 2]
+
+ $ availability service
+ (I) A security service that protects a system to ensure its
+ availability.
+
+ (C) This service addresses the security concerns raised by denial-
+ of-service attacks. It depends on proper management and control of
+ system resources, and thus depends on access control service and
+ other security services.
+
+
+
+Shirey Informational [Page 18]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ back door
+ (I) A hardware or software mechanism that (a) provides access to a
+ system and its resources by other than the usual procedure, (b)
+ was deliberately left in place by the system's designers or
+ maintainers, and (c) usually is not publicly known. (See: trap
+ door.)
+
+ (C) For example, a way to access a computer other than through a
+ normal login. Such access paths do not necessarily have malicious
+ intent; e.g., operating systems sometimes are shipped by the
+ manufacturer with privileged accounts intended for use by field
+ service technicians or the vendor's maintenance programmers. (See:
+ trap door.)
+
+ $ back up vs. backup
+ (I) Verb "back up": To store data for the purpose of creating a
+ backup copy. (See: archive.)
+
+ (I) Noun/adjective "backup": (1.) A reserve copy of data that is
+ stored separately from the original, for use if the original
+ becomes lost or damaged. (See: archive.) (2.) Alternate means to
+ permit performance of system functions despite a disaster to
+ system resources. (See: contingency plan.)
+
+ $ baggage
+ (D) ISDs SHOULD NOT use this term to describe a data element
+ except when stated as "SET(trademark) baggage" with the following
+ meaning:
+
+ (O) SET usage: An "opaque encrypted tuple, which is included in a
+ SET message but appended as external data to the PKCS encapsulated
+ data. This avoids superencryption of the previously encrypted
+ tuple, but guarantees linkage with the PKCS portion of the
+ message." [SET2]
+
+ $ bandwidth
+ (I) Commonly used to mean the capacity of a communication channel
+ to pass data through the channel in a given amount of time.
+ Usually expressed in bits per second.
+
+ $ bank identification number (BIN)
+ (N) The digits of a credit card number that identify the issuing
+ bank. (See: primary account number.)
+
+ (O) SET usage: The first six digits of a primary account number.
+
+
+
+
+
+
+Shirey Informational [Page 19]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ Basic Encoding Rules (BER)
+ (I) A standard for representing ASN.1 data types as strings of
+ octets. [X690] (See: Distinguished Encoding Rules.)
+
+ $ bastion host
+ (I) A strongly protected computer that is in a network protected
+ by a firewall (or is part of a firewall) and is the only host (or
+ one of only a few hosts) in the network that can be directly
+ accessed from networks on the other side of the firewall.
+
+ (C) Filtering routers in a firewall typically restrict traffic
+ from the outside network to reaching just one host, the bastion
+ host, which usually is part of the firewall. Since only this one
+ host can be directly attacked, only this one host needs to be very
+ strongly protected, so security can be maintained more easily and
+ less expensively. However, to allow legitimate internal and
+ external users to access application resources through the
+ firewall, higher layer protocols and services need to be relayed
+ and forwarded by the bastion host. Some services (e.g., DNS and
+ SMTP) have forwarding built in; other services (e.g., TELNET and
+ FTP) require a proxy server on the bastion host.
+
+ $ BCA
+ See: brand certification authority.
+
+ $ BCI
+ See: brand CRL identifier.
+
+ $ Bell-LaPadula Model
+ (N) A formal, mathematical, state-transition model of security
+ policy for multilevel-secure computer systems. [Bell]
+
+ (C) The model separates computer system elements into a set of
+ subjects and a set of objects. To determine whether or not a
+ subject is authorized for a particular access mode on an object,
+ the clearance of the subject is compared to the classification of
+ the object. The model defines the notion of a "secure state", in
+ which the only permitted access modes of subjects to objects are
+ in accordance with a specified security policy. It is proven that
+ each state transition preserves security by moving from secure
+ state to secure state, thereby proving that the system is secure.
+
+ (C) In this model, a multilevel-secure system satisfies several
+ rules, including the following:
+
+
+
+
+
+
+
+Shirey Informational [Page 20]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - "Confinement property" (also called "*-property", pronounced
+ "star property"): A subject has write access to an object only
+ if classification of the object dominates the clearance of the
+ subject.
+
+ - "Simple security property": A subject has read access to an
+ object only if the clearance of the subject dominates the
+ classification of the object.
+
+ - "Tranquillity property": The classification of an object does
+ not change while the object is being processed by the system.
+
+ $ BER
+ See: Basic Encoding Rules.
+
+ $ beyond A1
+ (O) (1.) Formally, a level of security assurance that is beyond
+ the highest level of criteria specified by the TCSEC. (2.)
+ Informally, a level of trust so high that it cannot be provided or
+ verified by currently available assurance methods, and
+ particularly not by currently available formal methods.
+
+ $ BIN
+ See: bank identification number.
+
+ $ bind
+ (I) To inseparably associate by applying some mechanism, such as
+ when a CA uses a digital signature to bind together a subject and
+ a public key in a public-key certificate.
+
+ $ biometric authentication
+ (I) A method of generating authentication information for a person
+ by digitizing measurements of a physical characteristic, such as a
+ fingerprint, a hand shape, a retina pattern, a speech pattern
+ (voiceprint), or handwriting.
+
+ $ bit
+ (I) The smallest unit of information storage; a contraction of the
+ term "binary digit"; one of two symbols--"0" (zero) and "1" (one)
+ --that are used to represent binary numbers.
+
+ $ BLACK
+ (I) Designation for information system equipment or facilities
+ that handle (and for data that contains) only ciphertext (or,
+ depending on the context, only unclassified information), and for
+ such data itself. This term derives from U.S. Government COMSEC
+ terminology. (See: RED, RED/BLACK separation.)
+
+
+
+
+Shirey Informational [Page 21]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ block cipher
+ (I) An encryption algorithm that breaks plaintext into fixed-size
+ segments and uses the same key to transform each plaintext segment
+ into a fixed-size segment of ciphertext. (See: mode, stream
+ cipher.)
+
+ (C) For example, Blowfish, DEA, IDEA, RC2, and SKIPJACK. However,
+ a block cipher can be adapted to have a different external
+ interface, such as that of a stream cipher, by using a mode of
+ operation to "package" the basic algorithm.
+
+ $ Blowfish
+ (N) A symmetric block cipher with variable-length key (32 to 448
+ bits) designed in 1993 by Bruce Schneier as an unpatented,
+ license-free, royalty-free replacement for DES or IDEA. [Schn]
+
+ $ brand
+ (I) A distinctive mark or name that identifies a product or
+ business entity.
+
+ (O) SET usage: The name of a payment card. Financial institutions
+ and other companies have founded payment card brands, protect and
+ advertise the brands, establish and enforce rules for use and
+ acceptance of their payment cards, and provide networks to
+ interconnect the financial institutions. These brands combine the
+ roles of issuer and acquirer in interactions with cardholders and
+ merchants. [SET1]
+
+ $ brand certification authority (BCA)
+ (O) SET usage: A CA owned by a payment card brand, such as
+ MasterCard, Visa, or American Express. [SET2] (See: certification
+ hierarchy, SET.)
+
+ $ brand CRL identifier (BCI)
+ (O) SET usage: A digitally signed list, issued by a BCA, of the
+ names of CAs for which CRLs need to be processed when verifying
+ signatures in SET messages. [SET2]
+
+ $ break
+ (I) Cryptographic usage: To successfully perform cryptanalysis and
+ thus succeed in decrypting data or performing some other
+ cryptographic function, without initially having knowledge of the
+ key that the function requires. (This term applies to encrypted
+ data or, more generally, to a cryptographic algorithm or
+ cryptographic system.)
+
+
+
+
+
+
+Shirey Informational [Page 22]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ bridge
+ (I) A computer that is a gateway between two networks (usually two
+ LANs) at OSI layer 2. (See: router.)
+
+ $ British Standard 7799
+ (N) Part 1 is a standard code of practice and provides guidance on
+ how to secure an information system. Part 2 specifies the
+ management framework, objectives, and control requirements for
+ information security management systems [B7799]. The certification
+ scheme works like ISO 9000. It is in use in the UK, the
+ Netherlands, Australia, and New Zealand and might be proposed as
+ an ISO standard or adapted to be part of the Common Criteria.
+
+ $ browser
+ (I) An client computer program that can retrieve and display
+ information from servers on the World Wide Web.
+
+ (C) For example, Netscape's Navigator and Communicator, and
+ Microsoft's Explorer.
+
+ $ brute force
+ (I) A cryptanalysis technique or other kind of attack method
+ involving an exhaustive procedure that tries all possibilities,
+ one-by-one.
+
+ (C) For example, for ciphertext where the analyst already knows
+ the decryption algorithm, a brute force technique to finding the
+ original plaintext is to decrypt the message with every possible
+ key.
+
+ $ BS7799
+ See: British Standard 7799.
+
+ $ byte
+ (I) A fundamental unit of computer storage; the smallest
+ addressable unit in a computer's architecture. Usually holds one
+ character of information and, today, usually means eight bits.
+ (See: octet.)
+
+ (C) Larger than a "bit", but smaller than a "word". Although
+ "byte" almost always means "octet" today, bytes had other sizes
+ (e.g., six bits, nine bits) in earlier computer architectures.
+
+ $ CA
+ See: certification authority.
+
+
+
+
+
+
+Shirey Informational [Page 23]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ CA certificate
+ (I) "A [digital] certificate for one CA issued by another CA."
+ [X509]
+
+ (C) That is, a digital certificate whose holder is able to issue
+ digital certificates. A v3 X.509 public-key certificate may have a
+ "basicConstraints" extension containing a "cA" value that
+ specifically "indicates whether or not the public key may be used
+ to verify certificate signatures."
+
+ $ call back
+ (I) An authentication technique for terminals that remotely access
+ a computer via telephone lines. The host system disconnects the
+ caller and then calls back on a telephone number that was
+ previously authorized for that terminal.
+
+ $ capability
+ (I) A token, usually an unforgeable data value (sometimes called a
+ "ticket") that gives the bearer or holder the right to access a
+ system resource. Possession of the token is accepted by a system
+ as proof that the holder has been authorized to access the
+ resource named or indicated by the token. (See: access control
+ list, credential, digital certificate.)
+
+ (C) This concept can be implemented as a digital certificate.
+ (See: attribute certificate.)
+
+ $ CAPI
+ See: cryptographic application programming interface.
+
+ $ CAPSTONE chip
+ (N) An integrated circuit (the Mykotronx, Inc. MYK-82) with a Type
+ II cryptographic processor that implements SKIPJACK, KEA, DSA,
+ SHA, and basic mathematical functions to support asymmetric
+ cryptography, and includes the key escrow feature of the CLIPPER
+ chip. (See: FORTEZZA card.)
+
+ $ card
+ See: cryptographic card, FORTEZZA card, payment card, PC card,
+ smart card, token.
+
+ $ card backup
+ See: token backup.
+
+ $ card copy
+ See: token copy.
+
+
+
+
+
+Shirey Informational [Page 24]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ card restore
+ See: token restore.
+
+ $ cardholder
+ (I) An entity that has been issued a card.
+
+ (O) SET usage: "The holder of a valid payment card account and
+ user of software supporting electronic commerce." [SET2] A
+ cardholder is issued a payment card by an issuer. SET ensures that
+ in the cardholder's interactions with merchants, the payment card
+ account information remains confidential. [SET1]
+
+ $ cardholder certificate
+ (O) SET usage: A digital certificate that is issued to a
+ cardholder upon approval of the cardholder's issuing financial
+ institution and that is transmitted to merchants with purchase
+ requests and encrypted payment instructions, carrying assurance
+ that the account number has been validated by the issuing
+ financial institution and cannot be altered by a third party.
+ [SET1]
+
+ $ cardholder certification authority (CCA)
+ (O) SET usage: A CA responsible for issuing digital certificates
+ to cardholders and operated on behalf of a payment card brand, an
+ issuer, or another party according to brand rules. A CCA maintains
+ relationships with card issuers to allow for the verification of
+ cardholder accounts. A CCA does not issue a CRL but does
+ distribute CRLs issued by root CAs, brand CAs, geopolitical CAs,
+ and payment gateway CAs. [SET2]
+
+ $ CAST
+ (N) A design procedure for symmetric encryption algorithms, and a
+ resulting family of algorithms, invented by C.A. (Carlisle Adams)
+ and S.T. (Stafford Tavares). [R2144, R2612]
+
+ $ category
+ (I) A grouping of sensitive information items to which a non-
+ hierarchical restrictive security label is applied to increase
+ protection of the data. (See: compartment.)
+
+ $ CAW
+ See: certification authority workstation.
+
+ $ CBC
+ See: cipher block chaining.
+
+ $ CCA
+ See: cardholder certification authority.
+
+
+
+Shirey Informational [Page 25]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ CCITT
+ (N) Acronym for French translation of International Telephone and
+ Telegraph Consultative Committee. Now renamed ITU-T.
+
+ $ CERT
+ See: computer emergency response team.
+
+ $ certificate
+ (I) General English usage: A document that attests to the truth of
+ something or the ownership of something.
+
+ (C) Security usage: See: capability, digital certificate.
+
+ (C) PKI usage: See: attribute certificate, public-key certificate.
+
+ $ certificate authority
+ (D) ISDs SHOULD NOT use this term because it looks like sloppy use
+ of "certification authority", which is the term standardized by
+ X.509.
+
+ $ certificate chain
+ (D) ISDs SHOULD NOT use this term because it duplicates the
+ meaning of a standardized term. Instead, use "certification path".
+
+ $ certificate chain validation
+ (D) ISDs SHOULD NOT use this term because it duplicates the
+ meaning of standardized terms and mixes concepts in a potentially
+ misleading way. Instead, use "certificate validation" or "path
+ validation", depending on what is meant. (See: validate vs.
+ verify.)
+
+ $ certificate creation
+ (I) The act or process by which a CA sets the values of a digital
+ certificate's data fields and signs it. (See: issue.)
+
+ $ certificate expiration
+ (I) The event that occurs when a certificate ceases to be valid
+ because its assigned lifetime has been exceeded. (See: certificate
+ revocation, validity period.)
+
+ $ certificate extension
+ See: extension.
+
+
+
+
+
+
+
+
+
+Shirey Informational [Page 26]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ certificate holder
+ (D) ISDs SHOULD NOT use this term as a synonym for the subject of
+ a digital certificate because the term is potentially ambiguous.
+ For example, the term could also refer to a system entity, such as
+ a repository, that simply has possession of a copy of the
+ certificate. (See: certificate owner.)
+
+ $ certificate management
+ (I) The functions that a CA may perform during the life cycle of a
+ digital certificate, including the following:
+
+ - Acquire and verify data items to bind into the certificate.
+ - Encode and sign the certificate.
+ - Store the certificate in a directory or repository.
+ - Renew, rekey, and update the certificate.
+ - Revoke the certificate and issue a CRL.
+
+ (See: archive management, certificate management, key management,
+ security architecture, token management.)
+
+ $ certificate owner
+ (D) ISDs SHOULD NOT use this term as a synonym for the subject of
+ a digital certificate because the term is potentially ambiguous.
+ For example, the term could also refer to a system entity, such as
+ a corporation, that has acquired a certificate to operate some
+ other entity, such as a Web server. (See: certificate holder.)
+
+ $ certificate policy
+ (I) "A named set of rules that indicates the applicability of a
+ certificate to a particular community and/or class of application
+ with common security requirements." [X509] (See: certification
+ practice statement.)
+
+ (C) A certificate policy can help a certificate user decide
+ whether a certificate should be trusted in a particular
+ application. "For example, a particular certificate policy might
+ indicate applicability of a type of certificate for the
+ authentication of electronic data interchange transactions for the
+ trading goods within a given price range." [R2527]
+
+ (C) A v3 X.509 public-key certificate may have a
+ "certificatePolicies" extension that lists certificate policies,
+ recognized by the issuing CA, that apply to the certificate and
+ govern its use. Each policy is denoted by an object identifier and
+ may optionally have certificate policy qualifiers.
+
+
+
+
+
+
+Shirey Informational [Page 27]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) SET usage: Every SET certificate specifies at least one
+ certificate policy, that of the SET root CA. SET uses certificate
+ policy qualifiers to point to the actual policy statement and to
+ add qualifying policies to the root policy. (See: SET qualifier.)
+
+ $ certificate policy qualifier
+ (I) Information that pertains to a certificate policy and is
+ included in a "certificatePolicies" extension in a v3 X.509
+ public-key certificate.
+
+ $ certificate reactivation
+ (I) The act or process by which a digital certificate, which a CA
+ has designated for revocation but not yet listed on a CRL, is
+ returned to the valid state.
+
+ $ certificate rekey
+ (I) The act or process by which an existing public-key certificate
+ has its public key value changed by issuing a new certificate with
+ a different (usually new) public key. (See: certificate renewal,
+ certificate update, rekey.)
+
+ (C) For an X.509 public-key certificate, the essence of rekey is
+ that the subject stays the same and a new public key is bound to
+ that subject. Other changes are made, and the old certificate is
+ revoked, only as required by the PKI and CPS in support of the
+ rekey. If changes go beyond that, the process is a "certificate
+ update".
+
+ (O) MISSI usage: To rekey a MISSI X.509 public-key certificate
+ means that the issuing authority creates a new certificate that is
+ identical to the old one, except the new one has a new, different
+ KEA key; or a new, different DSS key; or new, different KEA and
+ DSS keys. The new certificate also has a different serial number
+ and may have a different validity period. A new key creation date
+ and maximum key lifetime period are assigned to each newly
+ generated key. If a new KEA key is generated, that key is assigned
+ a new KMID. The old certificate remains valid until it expires,
+ but may not be further renewed, rekeyed, or updated.
+
+ $ certificate renewal
+ (I) The act or process by which the validity of the data binding
+ asserted by an existing public-key certificate is extended in time
+ by issuing a new certificate. (See: certificate rekey, certificate
+ update.)
+
+ (C) For an X.509 public-key certificate, this term means that the
+ validity period is extended (and, of course, a new serial number
+ is assigned) but the binding of the public key to the subject and
+
+
+
+Shirey Informational [Page 28]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ to other data items stays the same. The other data items are
+ changed, and the old certificate is revoked, only as required by
+ the PKI and CPS to support the renewal. If changes go beyond that,
+ the process is a "certificate rekey" or "certificate update".
+
+ $ certificate request
+ (D) ISDs SHOULD NOT use this term because it looks like imprecise
+ use of a term standardized by PKCS #10 and used in PKIX. Instead,
+ use the standard term, "certification request".
+
+ $ certificate revocation
+ (I) The event that occurs when a CA declares that a previously
+ valid digital certificate issued by that CA has become invalid;
+ usually stated with a revocation date.
+
+ (C) In X.509, a revocation is announced to potential certificate
+ users by issuing a CRL that mentions the certificate. Revocation
+ and listing on a CRL is only necessary before certificate
+ expiration.
+
+ $ certificate revocation list (CRL)
+ (I) A data structure that enumerates digital certificates that
+ have been invalidated by their issuer prior to when they were
+ scheduled to expire. (See: certificate expiration, X.509
+ certificate revocation list.)
+
+ (O) "A signed list indicating a set of certificates that are no
+ longer considered valid by the certificate issuer. After a
+ certificate appears on a CRL, it is deleted from a subsequent CRL
+ after the certificate's expiry. CRLs may be used to identify
+ revoked public-key certificates or attribute certificates and may
+ represent revocation of certificates issued to authorities or to
+ users. The term CRL is also commonly used as a generic term
+ applying to all the different types of revocation lists, including
+ CRLs, ARLs, ACRLs, etc." [FPDAM]
+
+ $ certificate revocation tree
+ (I) A mechanism for distributing notice of certificate
+ revocations; uses a tree of hash results that is signed by the
+ tree's issuer. Offers an alternative to issuing a CRL, but is not
+ supported in X.509. (See: certificate status responder.)
+
+ $ certificate serial number
+ (I) An integer value that (a) is associated with, and may be
+ carried in, a digital certificate; (b) is assigned to the
+ certificate by the certificate's issuer; and (c) is unique among
+ all the certificates produced by that issuer.
+
+
+
+
+Shirey Informational [Page 29]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (O) "An integer value, unique within the issuing CA, which is
+ unambiguously associated with a certificate issued by that CA."
+ [X509]
+
+ $ certificate status responder
+ (N) FPKI usage: A trusted on-line server that acts for a CA to
+ provide authenticated certificate status information to
+ certificate users. [FPKI] Offers an alternative to issuing a CRL,
+ but is not supported in X.509. (See: certificate revocation tree.)
+
+ $ certificate update
+ (I) The act or process by which non-key data items bound in an
+ existing public-key certificate, especially authorizations granted
+ to the subject, are changed by issuing a new certificate. (See:
+ certificate rekey, certificate renewal.)
+
+ (C) For an X.509 public-key certificate, the essence of this
+ process is that fundamental changes are made in the data that is
+ bound to the public key, such that it is necessary to revoke the
+ old certificate. (Otherwise, the process is only a "certificate
+ rekey" or "certificate renewal".)
+
+ $ certificate user
+ (I) A system entity that depends on the validity of information
+ (such as another entity's public key value) provided by a digital
+ certificate. (See: relying party.)
+
+ (O) "An entity that needs to know, with certainty, the public key
+ of another entity." [X509]
+
+ (C) The system entity may be a human being or an organization, or
+ a device or process under the control of a human or an
+ organization.
+
+ (D) ISDs SHOULD NOT use this term as a synonym for the "subject"
+ of a certificate.
+
+ $ certificate validation
+ (I) An act or process by which a certificate user establishes that
+ the assertions made by a digital certificate can be trusted. (See:
+ valid certificate, validate vs. verify.)
+
+ (O) "The process of ensuring that a certificate is valid including
+ possibly the construction and processing of a certification path,
+ and ensuring that all certificates in that path have not expired
+ or been revoked." [FPDAM]
+
+
+
+
+
+Shirey Informational [Page 30]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) To validate a certificate, a certificate user checks that the
+ certificate is properly formed and signed and currently in force:
+
+ - Checks the signature: Employs the issuer's public key to verify
+ the digital signature of the CA who issued the certificate in
+ question. If the verifier obtains the issuer's public key from
+ the issuer's own public-key certificate, that certificate
+ should be validated, too. That validation may lead to yet
+ another certificate to be validated, and so on. Thus, in
+ general, certificate validation involves discovering and
+ validating a certification path.
+
+ - Checks the syntax and semantics: Parses the certificate's
+ syntax and interprets its semantics, applying rules specified
+ for and by its data fields, such as for critical extensions in
+ an X.509 certificate.
+
+ - Checks currency and revocation: Verifies that the certificate
+ is currently in force by checking that the current date and
+ time are within the validity period (if that is specified in
+ the certificate) and that the certificate is not listed on a
+ CRL or otherwise announced as invalid. (CRLs themselves require
+ a similar validation process.)
+
+ $ certification
+ (I) Information system usage: Technical evaluation (usually made
+ in support of an accreditation action) of an information system's
+ security features and other safeguards to establish the extent to
+ which the system's design and implementation meet specified
+ security requirements. [FP102] (See: accreditation.)
+
+ (I) Digital certificate usage: The act or process of vouching for
+ the truth and accuracy of the binding between data items in a
+ certificate. (See: certify.)
+
+ (I) Public key usage: The act or process of vouching for the
+ ownership of a public key by issuing a public-key certificate that
+ binds the key to the name of the entity that possesses the
+ matching private key. In addition to binding a key to a name, a
+ public-key certificate may bind those items to other restrictive
+ or explanatory data items. (See: X.509 public-key certificate.)
+
+ (O) SET usage: "The process of ascertaining that a set of
+ requirements or criteria has been fulfilled and attesting to that
+ fact to others, usually with some written instrument. A system
+ that has been inspected and evaluated as fully compliant with the
+ SET protocol by duly authorized parties and process would be said
+ to have been certified compliant." [SET2]
+
+
+
+Shirey Informational [Page 31]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ certification authority (CA)
+ (I) An entity that issues digital certificates (especially X.509
+ certificates) and vouches for the binding between the data items
+ in a certificate.
+
+ (O) "An authority trusted by one or more users to create and
+ assign certificates. Optionally, the certification authority may
+ create the user's keys." [X509]
+
+ (C) Certificate users depend on the validity of information
+ provided by a certificate. Thus, a CA should be someone that
+ certificate users trust, and usually holds an official position
+ created and granted power by a government, a corporation, or some
+ other organization. A CA is responsible for managing the life
+ cycle of certificates (see: certificate management) and, depending
+ on the type of certificate and the CPS that applies, may be
+ responsible for the life cycle of key pairs associated with the
+ certificates (see: key management).
+
+ $ certification authority workstation (CAW)
+ (I) A computer system that enables a CA to issue digital
+ certificates and supports other certificate management functions
+ as required.
+
+ $ certification hierarchy
+ (I) A tree-structured (loop-free) topology of relationships among
+ CAs and the entities to whom the CAs issue public-key
+ certificates. (See: hierarchical PKI.)
+
+ (C) In this structure, one CA is the top CA, the highest level of
+ the hierarchy. (See: root, top CA.) The top CA may issue public-
+ key certificates to one or more additional CAs that form the
+ second highest level. Each of these CAs may issue certificates to
+ more CAs at the third highest level, and so on. The CAs at the
+ second-lowest of the hierarchy issue certificates only to non-CA
+ entities, called "end entities" that form the lowest level. (See:
+ end entity.) Thus, all certification paths begin at the top CA and
+ descend through zero or more levels of other CAs. All certificate
+ users base path validations on the top CA's public key.
+
+ (O) MISSI usage: A MISSI certification hierarchy has three or four
+ levels of CAs:
+
+ - A CA at the highest level, the top CA, is a "policy approving
+ authority".
+ - A CA at the second-highest level is a "policy creation
+ authority".
+
+
+
+
+Shirey Informational [Page 32]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - A CA at the third-highest level is a local authority called a
+ "certification authority".
+ - A CA at the fourth-highest (optional) level is a "subordinate
+ certification authority".
+
+ (O) PEM usage: A PEM certification hierarchy has three levels of
+ CAs [R1422]:
+
+ - The highest level is the "Internet Policy Registration
+ Authority".
+ - A CA at the second-highest level is a "policy certification
+ authority".
+ - A CA at the third-highest level is a "certification authority".
+
+ (O) SET usage: A SET certification hierarchy has three or four
+ levels of CAs:
+
+ - The highest level is a "SET root CA".
+ - A CA at the second-highest level is a "brand certification
+ authority".
+ - A CA at the third-highest (optional) level is a "geopolitical
+ certification authority".
+ - A CA at the fourth-highest level is a "cardholder CA", a
+ "merchant CA", or a "payment gateway CA".
+
+ $ certification path
+ (I) An ordered sequence of public-key certificates (or a sequence
+ of public-key certificates followed by one attribute certificate)
+ that enables a certificate user to verify the signature on the
+ last certificate in the path, and thus enables the user to obtain
+ a certified public key (or certified attributes) of the entity
+ that is the subject of that last certificate. (See: certificate
+ validation, valid certificate.)
+
+ (O) "An ordered sequence of certificates of objects in the [X.500
+ Directory Information Tree] which, together with the public key of
+ the initial object in the path, can be processed to obtain that of
+ the final object in the path." [X509, R2527]
+
+ (C) The path is the "list of certificates needed to allow a
+ particular user to obtain the public key of another." [X509] The
+ list is "linked" in the sense that the digital signature of each
+ certificate (except the first) is verified by the public key
+ contained in the preceding certificate; i.e., the private key used
+ to sign a certificate and the public key contained in the
+ preceding certificate form a key pair owned by the entity that
+ signed.
+
+
+
+
+Shirey Informational [Page 33]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) In the X.509 quotation in the previous "C" paragraph, the word
+ "particular" points out that a certification path that can be
+ validated by one certificate user might not be able to be
+ validated by another. That is because either the first certificate
+ should be a trusted certificate (it might be a root certificate)
+ or the signature on the first certificate should be verified by a
+ trusted key (it might be a root key), but such trust is defined
+ relative to each user, not absolutely for all users.
+
+ $ certification policy
+ (D) ISDs SHOULD NOT use this term. Instead, use either
+ "certificate policy" or "certification practice statement",
+ depending on what is meant.
+
+ $ certification practice statement (CPS)
+ (I) "A statement of the practices which a certification authority
+ employs in issuing certificates." [ABA96, R2527] (See: certificate
+ policy.)
+
+ (C) A CPS is a published security policy that can help a
+ certificate user to decide whether a certificate issued by a
+ particular CA can be trusted enough to use in a particular
+ application. A CPS may be (a) a declaration by a CA of the details
+ of the system and practices it employs in its certificate
+ management operations, (b) part of a contract between the CA and
+ an entity to whom a certificate is issued, (c) a statute or
+ regulation applicable to the CA, or (d) a combination of these
+ types involving multiple documents. [ABA]
+
+ (C) A CPS is usually more detailed and procedurally oriented than
+ a certificate policy. A CPS applies to a particular CA or CA
+ community, while a certificate policy applies across CAs or
+ communities. A CA with a single CPS may support multiple
+ certificate policies, which may be used for different application
+ purposes or by different user communities. Multiple CAs, each with
+ a different CPS, may support the same certificate policy. [R2527]
+
+ $ certification request
+ (I) A algorithm-independent transaction format, defined by PCKS
+ #10 and used in PKIX, that contains a DN, a public key, and
+ optionally a set of attributes, collectively signed by the entity
+ requesting certification, and sent to a CA, which transforms the
+ request to an X.509 public-key certificate or another type of
+ certificate.
+
+
+
+
+
+
+
+Shirey Informational [Page 34]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ certify
+ 1. (I) Issue a digital certificate and thus vouch for the truth,
+ accuracy, and binding between data items in the certificate (e.g.,
+ see: X.509 public key certificate), such as the identity of the
+ certificate's subject and the ownership of a public key. (See:
+ certification.)
+
+ (C) To "certify a public key" means to issue a public-key
+ certificate that vouches for the binding between the certificate's
+ subject and the key.
+
+ 2. (I) The act by which a CA employs measures to verify the truth,
+ accuracy, and binding between data items in a digital certificate.
+
+ (C) A description of the measures used for verification should be
+ included in the CA's CPS.
+
+ $ CFB
+ See: cipher feedback.
+
+ $ Challenge Handshake Authentication Protocol (CHAP)
+ (I) A peer entity authentication method for PPP, using a randomly-
+ generated challenge and requiring a matching response that depends
+ on a cryptographic hash of the challenge and a secret key. [R1994]
+ (See: challenge-response, PAP.)
+
+ $ challenge-response
+ (I) An authentication process that verifies an identity by
+ requiring correct authentication information to be provided in
+ response to a challenge. In a computer system, the authentication
+ information is usually a value that is required to be computed in
+ response to an unpredictable challenge value.
+
+ $ Challenge-Response Authentication Mechanism (CRAM)
+ (I) IMAP4 usage: A mechanism [R2195], intended for use with IMAP4
+ AUTHENTICATE, by which an IMAP4 client uses a keyed hash [R2104]
+ to authenticate itself to an IMAP4 server. (See: POP3 APOP.)
+
+ (C) The server includes a unique timestamp in its ready response
+ to the client. The client replies with the client's name and the
+ hash result of applying MD5 to a string formed from concatenating
+ the timestamp with a shared secret that is known only to the
+ client and the server.
+
+ $ channel
+ (I) An information transfer path within a system. (See: covert
+ channel.)
+
+
+
+
+Shirey Informational [Page 35]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ CHAP
+ See: Challenge Handshake Authentication Protocol.
+
+ $ checksum
+ (I) A value that (a) is computed by a function that is dependent
+ on the contents of a data object and (b) is stored or transmitted
+ together with the object, for the purpose of detecting changes in
+ the data. (See: cyclic redundancy check, data integrity service,
+ error detection code, hash, keyed hash, protected checksum.)
+
+ (C) To gain confidence that a data object has not been changed, an
+ entity that later uses the data can compute a checksum and compare
+ it with the checksum that was stored or transmitted with the
+ object.
+
+ (C) Computer systems and networks employ checksums (and other
+ mechanisms) to detect accidental changes in data. However, active
+ wiretapping that changes data could also change an accompanying
+ checksum to match the changed data. Thus, some checksum functions
+ by themselves are not good countermeasures for active attacks. To
+ protect against active attacks, the checksum function needs to be
+ well-chosen (see: cryptographic hash), and the checksum result
+ needs to be cryptographically protected (see: digital signature,
+ keyed hash).
+
+ $ chosen-ciphertext attack
+ (I) A cryptanalysis technique in which the analyst tries to
+ determine the key from knowledge of plaintext that corresponds to
+ ciphertext selected (i.e., dictated) by the analyst.
+
+ $ chosen-plaintext attack
+ (I) A cryptanalysis technique in which the analyst tries to
+ determine the key from knowledge of ciphertext that corresponds to
+ plaintext selected (i.e., dictated) by the analyst.
+
+ $ CIAC
+ See: Computer Incident Advisory Capability.
+
+ $ CIK
+ See: cryptographic ignition key.
+
+ $ cipher
+ (I) A cryptographic algorithm for encryption and decryption.
+
+ $ cipher block chaining (CBC)
+ (I) An block cipher mode that enhances electronic codebook mode by
+ chaining together blocks of ciphertext it produces. [FP081] (See:
+ [R1829], [R2451].)
+
+
+
+Shirey Informational [Page 36]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) This mode operates by combining (exclusive OR-ing) the
+ algorithm's ciphertext output block with the next plaintext block
+ to form the next input block for the algorithm.
+
+ $ cipher feedback (CFB)
+ (I) An block cipher mode that enhances electronic code book mode
+ by chaining together the blocks of ciphertext it produces and
+ operating on plaintext segments of variable length less than or
+ equal to the block length. [FP081]
+
+ (C) This mode operates by using the previously generated
+ ciphertext segment as the algorithm's input (i.e., by "feeding
+ back" the ciphertext) to generate an output block, and then
+ combining (exclusive OR-ing) that output block with the next
+ plaintext segment (block length or less) to form the next
+ ciphertext segment.
+
+ $ ciphertext
+ (I) Data that has been transformed by encryption so that its
+ semantic information content (i.e., its meaning) is no longer
+ intelligible or directly available. (See: cleartext, plaintext.)
+
+ (O) "Data produced through the use of encipherment. The semantic
+ content of the resulting data is not available." [I7498 Part 2]
+
+ $ ciphertext-only attack
+ (I) A cryptanalysis technique in which the analyst tries to
+ determine the key solely from knowledge of intercepted ciphertext
+ (although the analyst may also know other clues, such as the
+ cryptographic algorithm, the language in which the plaintext was
+ written, the subject matter of the plaintext, and some probable
+ plaintext words.)
+
+ $ CIPSO
+ See: Common IP Security Option.
+
+ $ CKL
+ See: compromised key list.
+
+ $ class 2, 3, 4, or 5
+ (O) U.S. Department of Defense usage: Levels of PKI assurance
+ based on risk and value of information to be protected [DOD3]:
+
+ - Class 2: For handling low-value information (unclassified, not
+ mission-critical, or low monetary value) or protection of
+ system-high information in low- to medium-risk environment.
+
+
+
+
+
+Shirey Informational [Page 37]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - Class 3: For handling medium-value information in low- to
+ medium-risk environment. Typically requires identification of a
+ system entity as a legal person, rather than merely a member of
+ an organization.
+
+ - Class 4: For handling medium- to high-value information in any
+ environment. Typically requires identification of an entity as
+ a legal person, rather than merely a member of an organization,
+ and a cryptographic hardware token for protection of keying
+ material.
+
+ - Class 5: For handling high-value information in a high-risk
+ environment.
+
+ $ classification
+ $ classification level
+ (I) (1.) A grouping of classified information to which a
+ hierarchical, restrictive security label is applied to increase
+ protection of the data. (2.) The level of protection that is
+ required to be applied to that information. (See: security level.)
+
+ $ classified
+ (I) Refers to information (stored or conveyed, in any form) that
+ is formally required by a security policy to be given data
+ confidentiality service and to be marked with a security label
+ (which in some cases might be implicit) to indicate its protected
+ status. (See: unclassified.)
+
+ (C) The term is mainly used in government, especially in the
+ military, although the concept underlying the term also applies
+ outside government. In the U.S. Department of Defense, for
+ example, it means information that has been determined pursuant to
+ Executive Order 12958 ("Classified National Security Information",
+ 20 April 1995) or any predecessor order to require protection
+ against unauthorized disclosure and is marked to indicate its
+ classified status when in documentary form.
+
+ $ clean system
+ (I) A computer system in which the operating system and
+ application system software and files have just been freshly
+ installed from trusted software distribution media.
+
+ (C) A clean system is not necessarily in a secure state.
+
+ $ clearance
+ See: security clearance.
+
+
+
+
+
+Shirey Informational [Page 38]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ clearance level
+ (I) The security level of information to which a security
+ clearance authorizes a person to have access.
+
+ $ cleartext
+ (I) Data in which the semantic information content (i.e., the
+ meaning) is intelligible or is directly available. (See:
+ plaintext.)
+
+ (O) "Intelligible data, the semantic content of which is
+ available." [I7498 Part 2]
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "plaintext",
+ the input to an encryption operation, because the plaintext input
+ to encryption may itself be ciphertext that was output from
+ another operation. (See: superencryption.)
+
+ $ client
+ (I) A system entity that requests and uses a service provided by
+ another system entity, called a "server". (See: server.)
+
+ (C) Usually, the requesting entity is a computer process, and it
+ makes the request on behalf of a human user. In some cases, the
+ server may itself be a client of some other server.
+
+ $ CLIPPER chip
+ (N) The Mykotronx, Inc. MYK-82, an integrated microcircuit with a
+ cryptographic processor that implements the SKIPJACK encryption
+ algorithm and supports key escrow. (See: CAPSTONE, Escrowed
+ Encryption Standard.)
+
+ (C) The key escrow scheme for a chip involves a SKIPJACK key
+ common to all chips that protects the unique serial number of the
+ chip, and a second SKIPJACK key unique to the chip that protects
+ all data encrypted by the chip. The second key is escrowed as
+ split key components held by NIST and the U.S. Treasury
+ Department.
+
+ $ closed security environment
+ (O) U.S. Department of Defense usage: A system environment that
+ meets both of the following conditions: (a) Application developers
+ (including maintainers) have sufficient clearances and
+ authorizations to provide an acceptable presumption that they have
+ not introduced malicious logic. (b) Configuration control provides
+ sufficient assurance that system applications and the equipment
+ they run on are protected against the introduction of malicious
+ logic prior to and during the operation of applications. [NCS04]
+ (See: open security environment.)
+
+
+
+Shirey Informational [Page 39]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ code
+ (I) noun: A system of symbols used to represent information, which
+ might originally have some other representation. (See: encode.)
+
+ (D) ISDs SHOULD NOT use this term as synonym for the following:
+ (a) "cipher", "hash", or other words that mean "a cryptographic
+ algorithm"; (b) "ciphertext"; or (c) "encrypt", "hash", or other
+ words that refer to applying a cryptographic algorithm.
+
+ (D) ISDs SHOULD NOT this word as an abbreviation for the following
+ terms: country code, cyclic redundancy code, Data Authentication
+ Code, error detection code, Message Authentication Code, object
+ code, or source code. To avoid misunderstanding, use the fully
+ qualified term, at least at the point of first usage.
+
+ $ color change
+ (I) In a system that is being operated in periods processing mode,
+ the act of purging all information from one processing period and
+ then changing over to the next processing period.
+
+ $ Common Criteria
+ $ Common Criteria for Information Technology Security
+ (N) "The Common Criteria" is a standard for evaluating information
+ technology products and systems, such as operating systems,
+ computer networks, distributed systems, and applications. It
+ states requirements for security functions and for assurance
+ measures. [CCIB]
+
+ (C) Canada, France, Germany, the Netherlands, the United Kingdom,
+ and the United States (NIST and NSA) began developing this
+ standard in 1993, based on the European ITSEC, the Canadian
+ Trusted Computer Product Evaluation Criteria (CTCPEC), and the
+ U.S. "Federal Criteria for Information Technology Security" (FC)
+ and its precursor, the TCSEC. Work was done in cooperation with
+ ISO/IEC Joint Technical Committee 1 (Information Technology),
+ Subcommittee 27 (Security Techniques), Working Group 3 (Security
+ Criteria). Version 2.1 of the Criteria is equivalent to ISO's
+ International Standard 15408 [I15408]. The U.S. Government intends
+ that this standard eventually will supersede both the TCSEC and
+ FIPS PUB 140-1. (See: NIAP.)
+
+ (C) The standard addresses data confidentiality, data integrity,
+ and availability and may apply to other aspects of security. It
+ focuses on threats to information arising from human activities,
+ malicious or otherwise, but may apply to non-human threats. It
+ applies to security measures implemented in hardware, firmware, or
+ software. It does not apply to (a) administrative security not
+ related directly to technical security, (b) technical physical
+
+
+
+Shirey Informational [Page 40]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ aspects of security such as electromagnetic emanation control, (c)
+ evaluation methodology or administrative and legal framework under
+ which the criteria may be applied, (d) procedures for use of
+ evaluation results, or (e) assessment of inherent qualities of
+ cryptographic algorithms.
+
+ $ Common IP Security Option (CIPSO)
+ See: (secondary definition under) Internet Protocol Security
+ Option.
+
+ $ common name
+ (I) A character string that (a) may be a part of the X.500 DN of a
+ Directory object ("commonName" attribute), (b) is a (possibly
+ ambiguous) name by which the object is commonly known in some
+ limited scope (such as an organization), and (c) conforms to the
+ naming conventions of the country or culture with which it is
+ associated. [X520] (See: ("subject" and "issuer" under) X.509
+ public-key certificate.)
+
+ (C) For example, "Dr. E. F. Moore", "The United Nations", or
+ "12-th Floor Laser Printer".
+
+ $ communication security (COMSEC)
+ (I) Measures that implement and assure security services in a
+ communication system, particularly those that provide data
+ confidentiality and data integrity and that authenticate
+ communicating entities.
+
+ (C) Usually understood to include cryptographic algorithms and key
+ management methods and processes, devices that implement them, and
+ the life cycle management of keying material and devices.
+
+ $ community string
+ (I) A community name in the form of an octet string that serves as
+ a cleartext password in SNMP version 1. [R1157]
+
+ $ compartment
+ (I) A grouping of sensitive information items that require special
+ access controls beyond those normally provided for the basic
+ classification level of the information. (See: category.)
+
+ (C) The term is usually understood to include the special handling
+ procedures to be used for the information.
+
+ $ compromise
+ See: data compromise, security compromise.
+
+
+
+
+
+Shirey Informational [Page 41]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ compromised key list (CKL)
+ (O) MISSI usage: A list that identifies keys for which
+ unauthorized disclosure or alteration may have occurred. (See:
+ compromise.)
+
+ (C) A CKL is issued by an CA, like a CRL is issued. But a CKL
+ lists only KMIDs, not subjects that hold the keys, and not
+ certificates in which the keys are bound.
+
+ $ COMPUSEC
+ See: computer security.
+
+ $ computer emergency response team (CERT)
+ (I) An organization that studies computer and network INFOSEC in
+ order to provide incident response services to victims of attacks,
+ publish alerts concerning vulnerabilities and threats, and offer
+ other information to help improve computer and network security.
+ (See: CSIRT, security incident.)
+
+ (C) For example, the CERT Coordination Center at Carnegie-Mellon
+ University (sometimes called "the" CERT) and the Computer Incident
+ Advisory Capability.
+
+ $ Computer Incident Advisory Capability (CIAC)
+ (N) A computer emergency response team in the U.S. Department of
+ Energy.
+
+ $ computer network
+ (I) A collection of host computers together with the subnetwork or
+ internetwork through which they can exchange data.
+
+ (C) This definition is intended to cover systems of all sizes and
+ types, ranging from the complex Internet to a simple system
+ composed of a personal computer dialing in as a remote terminal of
+ another computer.
+
+ $ computer security (COMPUSEC)
+ (I) Measures that implement and assure security services in a
+ computer system, particularly those that assure access control
+ service.
+
+ (C) Usually understood to include functions, features, and
+ technical characteristics of computer hardware and software,
+ especially operating systems.
+
+
+
+
+
+
+
+Shirey Informational [Page 42]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ computer security incident response team (CSIRT)
+ (I) An organization "that coordinates and supports the response to
+ security incidents that involve sites within a defined
+ constituency." [R2350] (See: CERT, FIRST, security incident.)
+
+ (C) To be considered a CSIRT, an organization must do as follows:
+
+ - Provide a (secure) channel for receiving reports about
+ suspected security incidents.
+ - Provide assistance to members of its constituency in handling
+ the incidents.
+ - Disseminate incident-related information to its constituency
+ and other involved parties.
+
+ $ computer security object
+ (I) The definition or representation of a resource, tool, or
+ mechanism used to maintain a condition of security in computerized
+ environments. Includes many elements referred to in standards that
+ are either selected or defined by separate user communities.
+ [CSOR] (See: object identifier, Computer Security Objects
+ Register.)
+
+ $ Computer Security Objects Register (CSOR)
+ (N) A service operated by NIST is establishing a catalog for
+ computer security objects to provide stable object definitions
+ identified by unique names. The use of this register will enable
+ the unambiguous specification of security parameters and
+ algorithms to be used in secure data exchanges.
+
+ (C) The CSOR follows registration guidelines established by the
+ international standards community and ANSI. Those guidelines
+ establish minimum responsibilities for registration authorities
+ and assign the top branches of an international registration
+ hierarchy. Under that international registration hierarchy the
+ CSOR is responsible for the allocation of unique identifiers under
+ the branch {joint-iso-ccitt(2) country(16) us(840) gov(101)
+ csor(3)}.
+
+ $ COMSEC
+ See: communication security.
+
+ $ confidentiality
+ See: data confidentiality.
+
+ $ configuration control
+ (I) The process of regulating changes to hardware, firmware,
+ software, and documentation throughout the development and
+ operational life of a system. (See: administrative security.)
+
+
+
+Shirey Informational [Page 43]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) Configuration control helps protect against unauthorized or
+ malicious alteration of a system and thus provides assurance of
+ system integrity. (See: malicious logic.)
+
+ $ confinement property
+ See: (secondary definition under) Bell-LaPadula Model.
+
+ $ connectionless data integrity service
+ (I) A security service that provides data integrity service for an
+ individual IP datagram, by detecting modification of the datagram,
+ without regard to the ordering of the datagram in a stream of
+ datagrams.
+
+ (C) A connection-oriented data integrity service would be able to
+ detect lost or reordered datagrams within a stream of datagrams.
+
+ $ contingency plan
+ (I) A plan for emergency response, backup operations, and post-
+ disaster recovery in a system as part of a security program to
+ ensure availability of critical system resources and facilitate
+ continuity of operations in a crisis. [NCS04] (See: availability.)
+
+ $ controlled security mode
+ (D) ISDs SHOULD NOT use this term. It was defined in an earlier
+ version of the U.S. Department of Defense policy that regulates
+ system accreditation, but was subsumed by "partitioned security
+ mode" in the current version. [DOD2]
+
+ (C) The term refers to a mode of operation of an information
+ system, wherein at least some users with access to the system have
+ neither a security clearance nor a need-to-know for all classified
+ material contained in the system. However, separation and control
+ of users and classified material on the basis, respectively, of
+ clearance and classification level are not essentially under
+ operating system control like they are in "multilevel security
+ mode".
+
+ (C) Controlled mode was intended to encourage ingenuity in meeting
+ the security requirements of Defense policy in ways less
+ restrictive than "dedicated security mode" and "system high
+ security mode", but at a level of risk lower than that generally
+ associated with the true "multilevel security mode". This was to
+ be accomplished by implementation of explicit augmenting measures
+ to reduce or remove a substantial measure of system software
+ vulnerability together with specific limitation of the security
+ clearance levels of users permitted concurrent access to the
+ system.
+
+
+
+
+Shirey Informational [Page 44]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ cookie
+ (I) access control usage: A synonym for "capability" or "ticket"
+ in an access control system.
+
+ (I) IPsec usage: Data exchanged by ISAKMP to prevent certain
+ denial-of-service attacks during the establishment of a security
+ association.
+
+ (I) HTTP usage: Data exchanged between an HTTP server and a
+ browser (a client of the server) to store state information on the
+ client side and retrieve it later for server use.
+
+ (C) An HTTP server, when sending data to a client, may send along
+ a cookie, which the client retains after the HTTP connection
+ closes. A server can use this mechanism to maintain persistent
+ client-side state information for HTTP-based applications,
+ retrieving the state information in later connections. A cookie
+ may include a description of the range of URLs for which the state
+ is valid. Future requests made by the client in that range will
+ also send the current value of the cookie to the server. Cookies
+ can be used to generate profiles of web usage habits, and thus may
+ infringe on personal privacy.
+
+ $ Coordinated Universal Time (UTC)
+ (N) UTC is derived from International Atomic Time (TAI) by adding
+ a number of leap seconds. The International Bureau of Weights and
+ Measures computes TAI once each month by averaging data from many
+ laboratories. (See: GeneralizedTime, UTCTime.)
+
+ $ copy
+ See: card copy.
+
+ $ correctness integrity
+ (I) Accuracy and consistency of the information that data values
+ represent, rather than of the data itself. Closely related to
+ issues of accountability and error handling. (See: data integrity,
+ source integrity.)
+
+ $ correctness proof
+ (I) A mathematical proof of consistency between a specification
+ for system security and the implementation of that specification.
+ (See: formal specification.)
+
+ $ countermeasure
+ (I) An action, device, procedure, or technique that reduces a
+ threat, a vulnerability, or an attack by eliminating or preventing
+ it, by minimizing the harm it can cause, or by discovering and
+ reporting it so that corrective action can be taken.
+
+
+
+Shirey Informational [Page 45]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) In an Internet protocol, a countermeasure may take the form of
+ a protocol feature, an element function, or a usage constraint.
+
+ $ country code
+ (I) An identifier that is defined for a nation by ISO. [I3166]
+
+ (C) For each nation, ISO Standard 3166 defines a unique two-
+ character alphabetic code, a unique three-character alphabetic
+ code, and a three-digit code. Among many uses of these codes, the
+ two-character codes are used as top-level domain names.
+
+ $ covert channel
+ (I) A intra-system channel that permits two cooperating entities,
+ without exceeding their access authorizations, to transfer
+ information in a way that violates the system's security policy.
+ (See: channel, out of band.)
+
+ (O) "A communications channel that allows two cooperating
+ processes to transfer information in a manner that violates the
+ system's security policy." [NCS04]
+
+ (C) The cooperating entities can be either two insiders or an
+ insider and an outsider. Of course, an outsider has no access
+ authorization at all. A covert channel is a system feature that
+ the system architects neither designed nor intended for
+ information transfer:
+
+ - "Timing channel": A system feature that enable one system
+ entity to signal information to another by modulating its own
+ use of a system resource in such a way as to affect system
+ response time observed by the second entity.
+
+ - "Storage channel": A system feature that enables one system
+ entity to signal information to another entity by directly or
+ indirectly writing a storage location that is later directly or
+ indirectly read by the second entity.
+
+ $ CPS
+ See: certification practice statement.
+
+ $ cracker
+ (I) Someone who tries to break the security of, and gain access
+ to, someone else's system without being invited to do so. (See:
+ hacker and intruder.)
+
+ $ CRAM
+ See: Challenge-Response Authentication Mechanism.
+
+
+
+
+Shirey Informational [Page 46]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ CRC
+ See: cyclic redundancy check.
+
+ $ credential(s)
+ (I) Data that is transferred or presented to establish either a
+ claimed identity or the authorizations of a system entity. (See:
+ authentication information, capability, ticket.)
+
+ (O) "Data that is transferred to establish the claimed identity of
+ an entity." [I7498 Part 2]
+
+ $ critical
+ 1. (I) "Critical" system resource: A condition of a service or
+ other system resource such that denial of access to (i.e., lack of
+ availability of) that resource would jeopardize a system user's
+ ability to perform a primary function or would result in other
+ serious consequences. (See: availability, sensitive.)
+
+ 2. (N) "Critical" extension: Each extension of an X.509
+ certificate (or CRL) is marked as being either critical or non-
+ critical. If an extension is critical and a certificate user (or
+ CRL user) does not recognize the extension type or does not
+ implement its semantics, then the user is required to treat the
+ certificate (or CRL) as invalid. If an extension is non-critical,
+ a user that does not recognize or implement that extension type is
+ permitted to ignore the extension and process the rest of the
+ certificate (or CRL).
+
+ $ CRL
+ See: certificate revocation list.
+
+ $ CRL distribution point
+ See: distribution point.
+
+ $ CRL extension
+ See: extension.
+
+ $ cross-certificate
+ See: cross-certification.
+
+ $ cross-certification
+ (I) The act or process by which two CAs each certify a public key
+ of the other, issuing a public-key certificate to that other CA.
+
+ (C) Cross-certification enables users to validate each other's
+ certificate when the users are certified under different
+ certification hierarchies.
+
+
+
+
+Shirey Informational [Page 47]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ cryptanalysis
+ (I) The mathematical science that deals with analysis of a
+ cryptographic system in order to gain knowledge needed to break or
+ circumvent the protection that the system is designed to provide.
+ (See: cryptology.)
+
+ (O) "The analysis of a cryptographic system and/or its inputs and
+ outputs to derive confidential variables and/or sensitive data
+ including cleartext." [I7498 Part 2]
+
+ (C) The "O" definition states the traditional goal of
+ cryptanalysis--convert the ciphertext to plaintext (which usually
+ is cleartext) without knowing the key--but that definition applies
+ only to encryption systems. Today, the term is used with reference
+ to all kinds of cryptographic algorithms and key management, and
+ the "I" definition reflects that. In all cases, however, a
+ cryptanalyst tries to uncover or reproduce someone else's
+ sensitive data, such as cleartext, a key, or an algorithm. The
+ basic cryptanalytic attacks on encryption systems are ciphertext-
+ only, known-plaintext, chosen-plaintext, and chosen-ciphertext;
+ and these generalize to the other kinds of cryptography.
+
+ $ crypto
+ (D) Except as part of certain long-established terms listed in
+ this Glossary, ISDs SHOULD NOT use this abbreviated term because
+ it may be misunderstood. Instead, use "cryptography" or
+ "cryptographic".
+
+ $ cryptographic algorithm
+ (I) An algorithm that employs the science of cryptography,
+ including encryption algorithms, cryptographic hash algorithms,
+ digital signature algorithms, and key agreement algorithms.
+
+ $ cryptographic application programming interface (CAPI)
+ (I) The source code formats and procedures through which an
+ application program accesses cryptographic services, which are
+ defined abstractly compared to their actual implementation. For
+ example, see: PKCS #11, [R2628].
+
+ $ cryptographic card
+ (I) A cryptographic token in the form of a smart card or a PC
+ card.
+
+ $ cryptographic component
+ (I) A generic term for any system component that involves
+ cryptography. (See: cryptographic module.)
+
+
+
+
+
+Shirey Informational [Page 48]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ cryptographic hash
+ See: (secondary definition under) hash function.
+
+ $ cryptographic ignition key (CIK)
+ (I) A physical (usually electronic) token used to store,
+ transport, and protect cryptographic keys. (Sometimes abbreviated
+ as "crypto ignition key".)
+
+ (C) A typical use is to divide a split key between a CIK and a
+ cryptographic module, so that it is necessary to combine the two
+ to regenerate a key-encrypting key and thus activate the module
+ and other keys it contains.
+
+ $ cryptographic key
+ (I) Usually shortened to just "key". An input parameter that
+ varies the transformation performed by a cryptographic algorithm.
+
+ (O) "A sequence of symbols that controls the operations of
+ encipherment and decipherment." [I7498 Part 2]
+
+ (C) If a key value needs to be kept secret, the sequence of
+ symbols (usually bits) that comprise it should be random, or at
+ least pseudo-random, because that makes the key hard for an
+ adversary to guess. (See: cryptanalysis, brute force attack.)
+
+ $ Cryptographic Message Syntax (CMS)
+ (I) A encapsulation syntax for digital signatures, hashes, and
+ encryption of arbitrary messages. [R2630]
+
+ (C) CMS was derived from PKCS #7. CMS values are specified with
+ ASN.1 and use BER encoding. The syntax permits multiple
+ encapsulation with nesting, permits arbitrary attributes to be
+ signed along with message content, and supports a variety of
+ architectures for digital certificate-based key management.
+
+ $ cryptographic module
+ (I) A set of hardware, software, firmware, or some combination
+ thereof that implements cryptographic logic or processes,
+ including cryptographic algorithms, and is contained within the
+ module's cryptographic boundary, which is an explicitly defined
+ contiguous perimeter that establishes the physical bounds of the
+ module. [FP140]
+
+ $ cryptographic system
+ (I) A set of cryptographic algorithms together with the key
+ management processes that support use of the algorithms in some
+ application context.
+
+
+
+
+Shirey Informational [Page 49]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) This "I" definition covers a wider range of algorithms than
+ the following "O" definition:
+
+ (O) "A collection of transformations from plaintext into
+ ciphertext and vice versa [which would exclude digital signature,
+ cryptographic hash, and key agreement algorithms], the particular
+ transformation(s) to be used being selected by keys. The
+ transformations are normally defined by a mathematical algorithm."
+ [X509]
+
+ $ cryptographic token
+ (I) A portable, user-controlled, physical device used to store
+ cryptographic information and possibly perform cryptographic
+ functions. (See: cryptographic card, token.)
+
+ (C) A smart token may implement some set of cryptographic
+ algorithms and may implement related algorithms and key management
+ functions, such as a random number generator. A smart
+ cryptographic token may contain a cryptographic module or may not
+ be explicitly designed that way.
+
+ $ cryptography
+ (I) The mathematical science that deals with transforming data to
+ render its meaning unintelligible (i.e., to hide its semantic
+ content), prevent its undetected alteration, or prevent its
+ unauthorized use. If the transformation is reversible,
+ cryptography also deals with restoring encrypted data to
+ intelligible form. (See: cryptology, steganography.)
+
+ (O) "The discipline which embodies principles, means, and methods
+ for the transformation of data in order to hide its information
+ content, prevent its undetected modification and/or prevent its
+ unauthorized use. . . . Cryptography determines the methods used
+ in encipherment and decipherment." [I7498 Part 2]
+
+ $ Cryptoki
+ See: (secondary definition under) PKCS #11.
+
+ $ cryptology
+ (I) The science that includes both cryptography and cryptanalysis,
+ and sometimes is said to include steganography.
+
+ $ cryptonet
+ (I) A group of system entities that share a secret cryptographic
+ key for a symmetric algorithm.
+
+
+
+
+
+
+Shirey Informational [Page 50]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ cryptoperiod
+ (I) The time span during which a particular key is authorized to
+ be used in a cryptographic system. (See: key management.)
+
+ (C) A cryptoperiod is usually stated in terms of calendar or clock
+ time, but sometimes is stated in terms of the maximum amount of
+ data permitted to be processed by a cryptographic algorithm using
+ the key. Specifying a cryptoperiod involves a tradeoff between the
+ cost of rekeying and the risk of successful cryptanalysis.
+
+ (C) Although we deprecate its prefix, this term is long-
+ established in COMPUSEC usage. (See: crypto) In the context of
+ certificates and public keys, "key lifetime" and "validity period"
+ are often used instead.
+
+ $ cryptosystem
+ (D) ISDs SHOULD NOT use this term as an abbreviation for
+ cryptographic system. (For rationale, see: crypto.)
+
+ $ CSIRT
+ See: computer security incident response team.
+
+ $ CSOR
+ See: Computer Security Objects Register.
+
+ $ cut-and-paste attack
+ (I) An active attack on the data integrity of ciphertext, effected
+ by replacing sections of ciphertext with other ciphertext, such
+ that the result appears to decrypt correctly but actually decrypts
+ to plaintext that is forged to the satisfaction of the attacker.
+
+ $ cyclic redundancy check (CRC)
+ (I) Sometimes called "cyclic redundancy code". A type of checksum
+ algorithm that is not a cryptographic hash but is used to
+ implement data integrity service where accidental changes to data
+ are expected.
+
+ $ DAC
+ See: Data Authentication Code, discretionary access control.
+
+ $ DASS
+ See: Distributed Authentication Security Service.
+
+ $ data
+ (I) Information in a specific physical representation, usually a
+ sequence of symbols that have meaning; especially a representation
+ of information that can be processed or produced by a computer.
+
+
+
+
+Shirey Informational [Page 51]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ Data Authentication Algorithm
+ (N) A keyed hash function equivalent to DES cipher block chaining
+ with IV = 0. [A9009]
+
+ (D) ISDs SHOULD NOT use the uncapitalized form of this term as a
+ synonym for other kinds of checksums.
+
+ $ data authentication code vs. Data Authentication Code (DAC)
+ 1. (N) Capitalized: "The Data Authentication Code" refers to a
+ U.S. Government standard [FP113] for a checksum that is computed
+ by the Data Authentication Algorithm. (Also known as the ANSI
+ standard Message Authentication Code [A9009].)
+
+ 2. (D) Not capitalized: ISDs SHOULD NOT use "data authentication
+ code" as a synonym for another kind of checksum, because this term
+ mixes concepts in a potentially misleading way. (See:
+ authentication code.) Instead, use "checksum", "error detection
+ code", "hash", "keyed hash", "Message Authentication Code", or
+ "protected checksum", depending on what is meant.
+
+ $ data compromise
+ (I) A security incident in which information is exposed to
+ potential unauthorized access, such that unauthorized disclosure,
+ alteration, or use of the information may have occurred. (See:
+ compromise.)
+
+ $ data confidentiality
+ (I) "The property that information is not made available or
+ disclosed to unauthorized individuals, entities, or processes
+ [i.e., to any unauthorized system entity]." [I7498 Part 2]. (See:
+ data confidentiality service.)
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "privacy",
+ which is a different concept.
+
+ $ data confidentiality service
+ (I) A security service that protects data against unauthorized
+ disclosure. (See: data confidentiality.)
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "privacy",
+ which is a different concept.
+
+ $ Data Encryption Algorithm (DEA)
+ (N) A symmetric block cipher, defined as part of the U.S.
+ Government's Data Encryption Standard. DEA uses a 64-bit key, of
+ which 56 bits are independently chosen and 8 are parity bits, and
+ maps a 64-bit block into another 64-bit block. [FP046] (See: DES,
+ symmetric cryptography.)
+
+
+
+Shirey Informational [Page 52]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) This algorithm is usually referred to as "DES". The algorithm
+ has also been adopted in standards outside the Government (e.g.,
+ [A3092]).
+
+ $ data encryption key (DEK)
+ (I) A cryptographic key that is used to encipher application data.
+ (See: key-encrypting key.)
+
+ $ Data Encryption Standard (DES)
+ (N) A U.S. Government standard [FP046] that specifies the Data
+ Encryption Algorithm and states policy for using the algorithm to
+ protect unclassified, sensitive data. (See: AES, DEA.)
+
+ $ data integrity
+ (I) The property that data has not been changed, destroyed, or
+ lost in an unauthorized or accidental manner. (See: data integrity
+ service.)
+
+ (O) "The property that information has not been modified or
+ destroyed in an unauthorized manner." [I7498 Part 2]
+
+ (C) Deals with constancy of and confidence in data values, not
+ with the information that the values represent (see: correctness
+ integrity) or the trustworthiness of the source of the values
+ (see: source integrity).
+
+ $ data integrity service
+ (I) A security service that protects against unauthorized changes
+ to data, including both intentional change or destruction and
+ accidental change or loss, by ensuring that changes to data are
+ detectable. (See: data integrity.)
+
+ (C) A data integrity service can only detect a change and report
+ it to an appropriate system entity; changes cannot be prevented
+ unless the system is perfect (error-free) and no malicious user
+ has access. However, a system that offers data integrity service
+ might also attempt to correct and recover from changes.
+
+ (C) Relationship between data integrity service and authentication
+ services: Although data integrity service is defined separately
+ from data origin authentication service and peer entity
+ authentication service, it is closely related to them.
+ Authentication services depend, by definition, on companion data
+ integrity services. Data origin authentication service provides
+ verification that the identity of the original source of a
+ received data unit is as claimed; there can be no such
+ verification if the data unit has been altered. Peer entity
+
+
+
+
+Shirey Informational [Page 53]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ authentication service provides verification that the identity of
+ a peer entity in a current association is as claimed; there can be
+ no such verification if the claimed identity has been altered.
+
+ $ data origin authentication
+ (I) "The corroboration that the source of data received is as
+ claimed." [I7498 Part 2] (See: authentication.)
+
+ $ data origin authentication service
+ (I) A security service that verifies the identity of a system
+ entity that is claimed to be the original source of received data.
+ (See: authentication, authentication service.)
+
+ (C) This service is provided to any system entity that receives or
+ holds the data. Unlike peer entity authentication service, this
+ service is independent of any association between the originator
+ and the recipient, and the data in question may have originated at
+ any time in the past.
+
+ (C) A digital signature mechanism can be used to provide this
+ service, because someone who does not know the private key cannot
+ forge the correct signature. However, by using the signer's public
+ key, anyone can verify the origin of correctly signed data.
+
+ (C) This service is usually bundled with connectionless data
+ integrity service. (See: (relationship between data integrity
+ service and authentication services under) data integrity service.
+
+ $ data privacy
+ (D) ISDs SHOULD NOT use this term because it mix concepts in a
+ potentially misleading way. Instead, use either "data
+ confidentiality" or "privacy", depending on what is meant.
+
+ $ data security
+ (I) The protection of data from disclosure, alteration,
+ destruction, or loss that either is accidental or is intentional
+ but unauthorized.
+
+ (C) Both data confidentiality service and data integrity service
+ are needed to achieve data security.
+
+ $ datagram
+ (I) "A self-contained, independent entity of data carrying
+ sufficient information to be routed from the source to the
+ destination." [R1983]
+
+ $ DEA
+ See: Data Encryption Algorithm.
+
+
+
+Shirey Informational [Page 54]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ deception
+ See: (secondary definition under) threat consequence.
+
+ $ decipher
+ (D) ISDs SHOULD NOT use this term as a synonym for "decrypt",
+ except in special circumstances. (See: (usage discussion under)
+ encryption.)
+
+ $ decipherment
+ (D) ISDs SHOULD NOT use this term as a synonym for "decryption",
+ except in special circumstances. (See: (usage discussion under)
+ encryption.)
+
+ $ decode
+ (I) Convert encoded data back to its original form of
+ representation. (See: decrypt.)
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "decrypt",
+ because that would mix concepts in a potentially misleading way.
+
+ $ decrypt
+ (I) Cryptographically restore ciphertext to the plaintext form it
+ had before encryption.
+
+ $ decryption
+ See: (secondary definition under) encryption.
+
+ $ dedicated security mode
+ (I) A mode of operation of an information system, wherein all
+ users have the clearance or authorization, and the need-to-know,
+ for all data handled by the system. In this mode, the system may
+ handle either a single classification level or category of
+ information or a range of levels and categories. [DOD2]
+
+ (C) This mode is defined formally in U.S. Department of Defense
+ policy regarding system accreditation, but the term is also used
+ outside the Defense Department and outside the Government.
+
+ $ default account
+ (I) A system login account (usually accessed with a user name and
+ password) that has been predefined in a manufactured system to
+ permit initial access when the system is first put into service.
+
+ (C) Sometimes, the default user name and password are the same in
+ each copy of the system. In any case, when the system is put into
+ service, the default password should immediately be changed or the
+ default account should be disabled.
+
+
+
+
+Shirey Informational [Page 55]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ degauss
+ (N) Apply a magnetic field to permanently remove, erase, or clear
+ data from a magnetic storage medium, such as a tape or disk
+ [NCS25]. Reduce magnetic flux density to zero by applying a
+ reversing magnetic field.
+
+ $ degausser
+ (N) An electrical device that can degauss magnetic storage media.
+
+ $ DEK
+ See: data encryption key.
+
+ $ delta CRL
+ (I) A partial CRL that only contains entries for X.509
+ certificates that have been revoked since the issuance of a prior,
+ base CRL. This method can be used to partition CRLs that become
+ too large and unwieldy.
+
+ $ denial of service
+ (I) The prevention of authorized access to a system resource or
+ the delaying of system operations and functions. (See:
+ availability, critical (resource of a system), flooding.)
+
+ $ DES
+ See: Data Encryption Standard.
+
+ $ dictionary attack
+ (I) An attack that uses a brute-force technique of successively
+ trying all the words in some large, exhaustive list.
+
+ (C) For example, an attack on an authentication service by trying
+ all possible passwords; or an attack on encryption by encrypting
+ some known plaintext phrase with all possible keys so that the key
+ for any given encrypted message containing that phrase may be
+ obtained by lookup.
+
+ $ Diffie-Hellman
+ (N) A key agreement algorithm published in 1976 by Whitfield
+ Diffie and Martin Hellman [DH76, R2631].
+
+ (C) Diffie-Hellman does key establishment, not encryption.
+ However, the key that it produces may be used for encryption, for
+ further key management operations, or for any other cryptography.
+
+ (C) The difficulty of breaking Diffie-Hellman is considered to be
+ equal to the difficulty of computing discrete logarithms modulo a
+ large prime. The algorithm is described in [R2631] and [Schn]. In
+ brief, Alice and Bob together pick large integers that satisfy
+
+
+
+Shirey Informational [Page 56]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ certain mathematical conditions, and then use the integers to each
+ separately compute a public-private key pair. They send each other
+ their public key. Each person uses their own private key and the
+ other person's public key to compute a key, k, that, because of
+ the mathematics of the algorithm, is the same for each of them.
+ Passive wiretapping cannot learn the shared k, because k is not
+ transmitted, and neither are the private keys needed to compute k.
+ However, without additional mechanisms to authenticate each party
+ to the other, a protocol based on the algorithm may be vulnerable
+ to a man-in-the-middle attack.
+
+ $ digest
+ See: message digest.
+
+ $ digital certificate
+ (I) A certificate document in the form of a digital data object (a
+ data object used by a computer) to which is appended a computed
+ digital signature value that depends on the data object. (See:
+ attribute certificate, capability, public-key certificate.)
+
+ (D) ISDs SHOULD NOT use this term to refer to a signed CRL or CKL.
+ Although the recommended definition can be interpreted to include
+ those items, the security community does not use the term with
+ those meanings.
+
+ $ digital certification
+ (D) ISDs SHOULD NOT use this term as a synonym for
+ "certification", unless the context is not sufficient to
+ distinguish between digital certification and another kind of
+ certification, in which case it would be better to use "public-key
+ certification" or another phrase that indicates what is being
+ certified.
+
+ $ digital document
+ (I) An electronic data object that represents information
+ originally written in a non-electronic, non-magnetic medium
+ (usually ink on paper) or is an analogue of a document of that
+ type.
+
+ $ digital envelope
+ (I) A digital envelope for a recipient is a combination of (a)
+ encrypted content data (of any kind) and (b) the content
+ encryption key in an encrypted form that has been prepared for the
+ use of the recipient.
+
+ (C) In ISDs, this term should be defined at the point of first use
+ because, although the term is defined in PKCS #7 and used in
+ S/MIME, it is not yet widely established.
+
+
+
+Shirey Informational [Page 57]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) Digital enveloping is not simply a synonym for implementing
+ data confidentiality with encryption; digital enveloping is a
+ hybrid encryption scheme to "seal" a message or other data, by
+ encrypting the data and sending both it and a protected form of
+ the key to the intended recipient, so that no one other than the
+ intended recipient can "open" the message. In PCKS #7, it means
+ first encrypting the data using a symmetric encryption algorithm
+ and a secret key, and then encrypting the secret key using an
+ asymmetric encryption algorithm and the public key of the intended
+ recipient. In S/MIME, additional methods are defined for
+ conveying the content encryption key.
+
+ $ Digital ID(service mark)
+ (D) ISDs SHOULD NOT use this term as a synonym for "digital
+ certificate" because (a) it is the service mark of a commercial
+ firm, (b) it unnecessarily duplicates the meaning of other, well-
+ established terms, and (c) a certificate is not always used as
+ authentication information. In some contexts, however, it may be
+ useful to explain that the key conveyed in a public-key
+ certificate can be used to verify an identity and, therefore, that
+ the certificate can be thought of as digital identification
+ information. (See: identification information.)
+
+ $ digital key
+ (C) The adjective "digital" need not be used with "key" or
+ "cryptographic key", unless the context is insufficient to
+ distinguish the digital key from another kind of key, such as a
+ metal key for a door lock.
+
+ $ digital notary
+ (I) Analogous to a notary public. Provides a trusted date-and-time
+ stamp for a document, so that someone can later prove that the
+ document existed at a point in time. May also verify the
+ signature(s) on a signed document before applying the stamp. (See:
+ notarization.)
+
+ $ digital signature
+ (I) A value computed with a cryptographic algorithm and appended
+ to a data object in such a way that any recipient of the data can
+ use the signature to verify the data's origin and integrity. (See:
+ data origin authentication service, data integrity service,
+ digitized signature, electronic signature, signer.)
+
+ (I) "Data appended to, or a cryptographic transformation of, a
+ data unit that allows a recipient of the data unit to prove the
+ source and integrity of the data unit and protect against forgery,
+ e.g. by the recipient." [I7498 Part 2]
+
+
+
+
+Shirey Informational [Page 58]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) Typically, the data object is first input to a hash function,
+ and then the hash result is cryptographically transformed using a
+ private key of the signer. The final resulting value is called the
+ digital signature of the data object. The signature value is a
+ protected checksum, because the properties of a cryptographic hash
+ ensure that if the data object is changed, the digital signature
+ will no longer match it. The digital signature is unforgeable
+ because one cannot be certain of correctly creating or changing
+ the signature without knowing the private key of the supposed
+ signer.
+
+ (C) Some digital signature schemes use a asymmetric encryption
+ algorithm (e.g., see: RSA) to transform the hash result. Thus,
+ when Alice needs to sign a message to send to Bob, she can use her
+ private key to encrypt the hash result. Bob receives both the
+ message and the digital signature. Bob can use Alice's public key
+ to decrypt the signature, and then compare the plaintext result to
+ the hash result that he computes by hashing the message himself.
+ If the values are equal, Bob accepts the message because he is
+ certain that it is from Alice and has arrived unchanged. If the
+ values are not equal, Bob rejects the message because either the
+ message or the signature was altered in transit.
+
+ (C) Other digital signature schemes (e.g., see: DSS) transform the
+ hash result with an algorithm (e.g., see: DSA, El Gamal) that
+ cannot be directly used to encrypt data. Such a scheme creates a
+ signature value from the hash and provides a way to verify the
+ signature value, but does not provide a way to recover the hash
+ result from the signature value. In some countries, such a scheme
+ may improve exportability and avoid other legal constraints on
+ usage.
+
+ $ Digital Signature Algorithm (DSA)
+ (N) An asymmetric cryptographic algorithm that produces a digital
+ signature in the form of a pair of large numbers. The signature is
+ computed using rules and parameters such that the identity of the
+ signer and the integrity of the signed data can be verified. (See:
+ Digital Signature Standard.)
+
+ $ Digital Signature Standard (DSS)
+ (N) The U.S. Government standard [FP186] that specifies the
+ Digital Signature Algorithm (DSA), which involves asymmetric
+ cryptography.
+
+ $ digital watermarking
+ (I) Computing techniques for inseparably embedding unobtrusive
+ marks or labels as bits in digital data--text, graphics, images,
+ video, or audio--and for detecting or extracting the marks later.
+
+
+
+Shirey Informational [Page 59]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) The set of embedded bits (the digital watermark) is sometimes
+ hidden, usually imperceptible, and always intended to be
+ unobtrusive. Depending on the particular technique that is used,
+ digital watermarking can assist in proving ownership, controlling
+ duplication, tracing distribution, ensuring data integrity, and
+ performing other functions to protect intellectual property
+ rights. [ACM]
+
+ $ digitized signature
+ (D) ISDs SHOULD NOT use this term because there is no current
+ consensus on its definition. Although it appears to be used mainly
+ to refer to various forms of digitized images of handwritten
+ signatures, the term should be avoided because it might be
+ confused with "digital signature".
+
+ $ directory
+ $ Directory
+ See: directory vs. Directory.
+
+ $ Directory Access Protocol (DAP)
+ (N) An OSI protocol [X519] for communication between a Directory
+ User Agent (a client) and a Directory System Agent (a server).
+ (See: Lightweight Directory Access Protocol.)
+
+ $ directory vs. Directory
+ 1. (I) Not capitalized: The term "directory" refers generically to
+ a database server or other system that provides information--such
+ as a digital certificate or CRL--about an entity whose name is
+ known.
+
+ 2. (I) Capitalized: "Directory" refers specifically to the X.500
+ Directory. (See: repository.)
+
+ $ disaster plan
+ (D) A synonym for "contingency plan". In the interest of
+ consistency, ISDs SHOULD use "contingency plan" instead of
+ "disaster plan".
+
+ $ disclosure (i.e., unauthorized disclosure)
+ See: (secondary definition under) threat consequence.
+
+ $ discretionary access control (DAC)
+ (I) An access control service that enforces a security policy
+ based on the identity of system entities and their authorizations
+ to access system resources. (See: access control list, identity-
+ based security policy, mandatory access control.)
+
+
+
+
+
+Shirey Informational [Page 60]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) This service is termed "discretionary" because an entity might
+ have access rights that permit the entity, by its own volition, to
+ enable another entity to access some resource.
+
+ (O) "A means of restricting access to objects based on the
+ identity of subjects and/or groups to which they belong. The
+ controls are discretionary in the sense that a subject with a
+ certain access permission is capable of passing that permission
+ (perhaps indirectly) on to any other subject." [DOD1]
+
+ $ disruption
+ See: (secondary definition under) threat consequence.
+
+ $ Distinguished Encoding Rules (DER)
+ (N) A subset of the Basic Encoding Rules, which gives exactly one
+ way to represent any ASN.1 value as an octet string [X690].
+
+ (C) Since there is more than one way to encode ASN.1 in BER, DER
+ is used in applications in which a unique encoding is needed, such
+ as when a digital signature is computed on an ASN.1 value.
+
+ $ distinguished name (DN)
+ (I) An identifier that uniquely represents an object in the X.500
+ Directory Information Tree (DIT) [X501]. (See: domain name.)
+
+ (C) A DN is a set of attribute values that identify the path
+ leading from the base of the DIT to the object that is named. An
+ X.509 public-key certificate or CRL contains a DN that identifies
+ its issuer, and an X.509 attribute certificate contains a DN or
+ other form of name that identifies its subject.
+
+ $ Distributed Authentication Security Service (DASS)
+ (I) An experimental Internet protocol [R1507] that uses
+ cryptographic mechanisms to provide strong, mutual authentication
+ services in a distributed environment.
+
+ $ distribution point
+ (I) An X.500 Directory entry or other information source that is
+ named in a v3 X.509 public-key certificate extension as a location
+ from which to obtain a CRL that might list the certificate.
+
+ (C) A v3 X.509 public-key certificate may have a
+ "cRLDistributionPoints" extension that names places to get CRLs on
+ which the certificate might be listed. A CRL obtained from a
+ distribution point may (a) cover either all reasons for which a
+ certificate might be revoked or only some of the reasons, (b) be
+ issued by either the authority that signed the certificate or some
+
+
+
+
+Shirey Informational [Page 61]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ other authority, and (c) contain revocation entries for only a
+ subset of the full set of certificates issued by one CA or (c')
+ contain revocation entries for multiple CAs.
+
+ $ DN
+ See: distinguished name.
+
+ $ DNS
+ See: Domain Name System.
+
+ $ DOI
+ See: Domain of Interpretation.
+
+ $ domain
+ (I) Security usage: An environment or context that is defined by a
+ security policy, security model, or security architecture to
+ include a set of system resources and the set of system entities
+ that have the right to access the resources. (See: domain of
+ interpretation, security perimeter.)
+
+ (I) Internet usage: That part of the Internet domain name space
+ tree [R1034] that is at or below the name the specifies the
+ domain. A domain is a subdomain of another domain if it is
+ contained within that domain. For example, D.C.B.A is a subdomain
+ of C.B.A. (See: Domain Name System.)
+
+ (O) MISSI usage: The domain of a MISSI CA is the set of MISSI
+ users whose certificates are signed by the CA.
+
+ (O) OSI usage: An administrative partition of a complex
+ distributed OSI system.
+
+ $ domain name
+ (I) The style of identifier--a sequence of case-insensitive ASCII
+ labels separated by dots ("bbn.com.")--defined for subtrees in the
+ Internet Domain Name System [R1034] and used in other Internet
+ identifiers, such as host names (e.g., "rosslyn.bbn.com."),
+ mailbox names (e.g., "rshirey@bbn.com."), and URLs (e.g.,
+ "http://www.rosslyn.bbn.com/foo"). (See: distinguished name,
+ domain.)
+
+ (C) The domain name space of the DNS is a tree structure in which
+ each node and leaf holds records describing a resource. Each node
+ has a label. The domain name of a node is the list of labels on
+ the path from the node to the root of the tree. The labels in a
+ domain name are printed or read left to right, from the most
+ specific (lowest, farthest from the root) to the least specific
+ (highest, closest to the root). The root's label is the null
+
+
+
+Shirey Informational [Page 62]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ string, so a complete domain name properly ends in a dot. The top-
+ level domains, those immediately below the root, include COM, EDU,
+ GOV, INT, MIL, NET, ORG, and two-letter country codes (such as US)
+ from ISO-3166. [R1591] (See: country code.)
+
+ $ Domain Name System (DNS)
+ (I) The main Internet operations database, which is distributed
+ over a collection of servers and used by client software for
+ purposes such as translating a domain name-style host name into an
+ IP address (e.g., "rosslyn.bbn.com" is "192.1.7.10") and locating
+ a host that accepts mail for some mailbox address. [R1034]
+
+ (C) The DNS has three major components:
+
+ - Domain name space and resource records: Specifications for the
+ tree-structured domain name space, and data associated with the
+ names.
+
+ - Name servers: Programs that hold information about a subset of
+ the tree's structure and data holdings, and also hold pointers
+ to other name servers that can provide information from any
+ part of the tree.
+
+ - Resolvers: Programs that extract information from name servers
+ in response to client requests; typically, system routines
+ directly accessible to user programs.
+
+ (C) Extensions to the DNS [R2065, R2137, R2536] support (a) key
+ distribution for public keys needed for the DNS and for other
+ protocols, (b) data origin authentication service and data
+ integrity service for resource records, (c) data origin
+ authentication service for transactions between resolvers and
+ servers, and (d) access control of records.
+
+ $ domain of interpretation (DOI)
+ (I) IPsec usage: An ISAKMP/IKE DOI defines payload formats,
+ exchange types, and conventions for naming security-relevant
+ information such as security policies or cryptographic algorithms
+ and modes.
+
+ (C) For example, see [R2407]. The DOI concept is based on work by
+ the TSIG's CIPSO Working Group.
+
+ $ dominate
+ (I) Security level A is said to "dominate" security level B if the
+ hierarchical classification level of A is greater (higher) than or
+ equal to that of B and the nonhierarchical categories of A include
+ all of those of B.
+
+
+
+Shirey Informational [Page 63]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ dongle
+ (I) A portable, physical, electronic device that is required to be
+ attached to a computer to enable a particular software program to
+ run. (See: token.)
+
+ (C) A dongle is essentially a physical key used for copy
+ protection of software, because the program will not run unless
+ the matching dongle is attached. When the software runs, it
+ periodically queries the dongle and quits if the dongle does not
+ reply with the proper authentication information. Dongles were
+ originally constructed as an EPROM (erasable programmable read-
+ only memory) to be connected to a serial input-output port of a
+ personal computer.
+
+ $ downgrade
+ (I) Reduce the classification level of information in an
+ authorized manner.
+
+ $ draft RFC
+ (D) ISDs SHOULD NOT use this term, because the Request for Comment
+ series is archival in nature and does not have a "draft" category.
+ (Instead, see: Internet Draft, Draft Standard (in Internet
+ Standard).)
+
+ $ DSA
+ See: Digital Signature Algorithm.
+
+ $ DSS
+ See: Digital Signature Standard.
+
+ $ dual control
+ (I) A procedure that uses two or more entities (usually persons)
+ operating in concert to protect a system resource, such that no
+ single entity acting alone can access that resource. (See: no-lone
+ zone, separation of duties, split knowledge.)
+
+ $ dual signature
+ (D) ISDs SHOULD NOT use this term except when stated as
+ "SET(trademark) dual signature" with the following meaning:
+
+ (O) SET usage: A single digital signature that protects two
+ separate messages by including the hash results for both sets in a
+ single encrypted value. [SET2]
+
+
+
+
+
+
+
+
+Shirey Informational [Page 64]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) Generated by hashing each message separately, concatenating
+ the two hash results, and then hashing that value and encrypting
+ the result with the signer's private key. Done to reduce the
+ number of encryption operations and to enable verification of data
+ integrity without complete disclosure of the data.
+
+ $ EAP
+ See: Extensible Authentication Protocol
+
+ $ eavesdropping
+ (I) Passive wiretapping done secretly, i.e., without the knowledge
+ of the originator or the intended recipients of the communication.
+
+ $ ECB
+ See: electronic codebook.
+
+ $ ECDSA
+ See: Elliptic Curve Digital Signature Algorithm.
+
+ $ economy of mechanism
+ (I) The principle that each security mechanism should be designed
+ to be as simple as possible, so that the mechanism can be
+ correctly implemented and so that it can be verified that the
+ operation of the mechanism enforces the containing system's
+ security policy. (See: least privilege.)
+
+ $ EDI
+ See: electronic data interchange.
+
+ $ EDIFACT
+ See: (secondary definition under) electronic data interchange.
+
+ $ EE
+ (D) ISDs SHOULD NOT use this abbreviation because of possible
+ confusion among "end entity", "end-to-end encryption", "escrowed
+ encryption standard", and other terms.
+
+ $ EES
+ See: Escrowed Encryption Standard.
+
+ $ El Gamal algorithm
+ (N) An algorithm for asymmetric cryptography, invented in 1985 by
+ Taher El Gamal, that is based on the difficulty of calculating
+ discrete logarithms and can be used for both encryption and
+ digital signatures. [ElGa, Schn]
+
+
+
+
+
+
+Shirey Informational [Page 65]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ electronic codebook (ECB)
+ (I) An block cipher mode in which a plaintext block is used
+ directly as input to the encryption algorithm and the resultant
+ output block is used directly as ciphertext [FP081].
+
+ $ electronic commerce
+ (I) General usage: Business conducted through paperless exchanges
+ of information, using electronic data interchange, electronic
+ funds transfer (EFT), electronic mail, computer bulletin boards,
+ facsimile, and other paperless technologies.
+
+ (O) SET usage: "The exchange of goods and services for payment
+ between the cardholder and merchant when some or all of the
+ transaction is performed via electronic communication." [SET2]
+
+ $ electronic data interchange (EDI)
+ (I) Computer-to-computer exchange, between trading partners, of
+ business data in standardized document formats.
+
+ (C) EDI formats have been standardized primarily by ANSI X12 and
+ by EDIFACT (EDI for Administration, Commerce, and Transportation),
+ which is an international, UN-sponsored standard primarily used in
+ Europe and Asia. X12 and EDIFACT are aligning to create a single,
+ global EDI standard.
+
+ $ electronic signature
+ (D) ISDs SHOULD NOT use this term because there is no current
+ consensus on its definition. (Instead, see: digital signature.)
+
+ $ elliptic curve cryptography (ECC)
+ (I) A type of asymmetric cryptography based on mathematics of
+ groups that are defined by the points on a curve.
+
+ (C) The most efficient implementation of ECC is claimed to be
+ stronger per bit of key (against cryptanalysis that uses a brute
+ force attack) than any other known form of asymmetric
+ cryptography. ECC is based on mathematics different than the kinds
+ originally used to define the Diffie-Hellman algorithm and the
+ Digital Signature Algorithm. ECC is based on the mathematics of
+ groups defined by the points on a curve, where the curve is
+ defined by a quadratic equation in a finite field. ECC can be used
+ to define both an algorithm for key agreement that is an analog of
+ Diffie-Hellman and an algorithm for digital signature that is an
+ analog of DSA. (See: ECDSA.)
+
+ $ Elliptic Curve Digital Signature Algorithm (ECDSA)
+ (N) A standard [A9062] that is the elliptic curve cryptography
+ analog of the Digital Signature Algorithm.
+
+
+
+Shirey Informational [Page 66]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ emanation
+ (I) An signal (electromagnetic, acoustic, or other medium) that is
+ emitted by a system (through radiation or conductance) as a
+ consequence (i.e., byproduct) of its operation, and that may
+ contain information. (See: TEMPEST.)
+
+ $ emanations security (EMSEC)
+ (I) Physical constraints to prevent information compromise through
+ signals emanated by a system, particular the application of
+ TEMPEST technology to block electromagnetic radiation.
+
+ $ emergency plan
+ (D) A synonym for "contingency plan". In the interest of
+ consistency, ISDs SHOULD use "contingency plan" instead of
+ "emergency plan".
+
+ $ EMSEC
+ See: emanations security.
+
+ $ EMV
+ (I) An abbreviation of "Europay, MasterCard, Visa". Refers to a
+ specification for smart cards that are used as payment cards, and
+ for related terminals and applications. [EMV1, EMV2, EMV3]
+
+ $ Encapsulating Security Payload (ESP)
+ (I) An Internet IPsec protocol [R2406] designed to provide a mix
+ of security services--especially data confidentiality service--in
+ the Internet Protocol. (See: Authentication Header.)
+
+ (C) ESP may be used alone, or in combination with the IPsec AH
+ protocol, or in a nested fashion with tunneling. Security services
+ can be provided between a pair of communicating hosts, between a
+ pair of communicating security gateways, or between a host and a
+ gateway. The ESP header is encapsulated by the IP header, and the
+ ESP header encapsulates either the upper layer protocol header
+ (transport mode) or an IP header (tunnel mode). ESP can provide
+ data confidentiality service, data origin authentication service,
+ connectionless data integrity service, an anti-replay service, and
+ limited traffic flow confidentiality. The set of services depends
+ on the placement of the implementation and on options selected
+ when the security association is established.
+
+ $ encipher
+ (D) ISDs SHOULD NOT use this term as a synonym for "encrypt".
+ However, see the usage note under "encryption".
+
+
+
+
+
+
+Shirey Informational [Page 67]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ encipherment
+ (D) ISDs SHOULD NOT use this term as a synonym for "encryption",
+ except in special circumstances that are explained in the usage
+ discussion under "encryption".
+
+ $ encode
+ (I) Use a system of symbols to represent information, which might
+ originally have some other representation. (See: decode.)
+
+ (C) Examples include Morse code, ASCII, and BER.
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "encrypt",
+ because encoding is not usually intended to conceal meaning.
+
+ $ encrypt
+ (I) Cryptographically transform data to produce ciphertext. (See:
+ encryption.)
+
+ $ encryption
+ (I) Cryptographic transformation of data (called "plaintext") into
+ a form (called "ciphertext") that conceals the data's original
+ meaning to prevent it from being known or used. If the
+ transformation is reversible, the corresponding reversal process
+ is called "decryption", which is a transformation that restores
+ encrypted data to its original state. (See: cryptography.)
+
+ (C) Usage note: For this concept, ISDs should use the verb "to
+ encrypt" (and related variations: encryption, decrypt, and
+ decryption). However, because of cultural biases, some
+ international usage, particularly ISO and CCITT standards, avoids
+ "to encrypt" and instead uses the verb "to encipher" (and related
+ variations: encipherment, decipher, decipherment).
+
+ (O) "The cryptographic transformation of data (see: cryptography)
+ to produce ciphertext." [I7498 Part 2]
+
+ (C) Usually, the plaintext input to an encryption operation is
+ cleartext. But in some cases, the plaintext may be ciphertext that
+ was output from another encryption operation. (See:
+ superencryption.)
+
+ (C) Encryption and decryption involve a mathematical algorithm for
+ transforming data. In addition to the data to be transformed, the
+ algorithm has one or more inputs that are control parameters: (a)
+ a key value that varies the transformation and, in some cases, (b)
+ an initialization value that establishes the starting state of the
+ algorithm.
+
+
+
+
+Shirey Informational [Page 68]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ encryption certificate
+ (I) A public-key certificate that contains a public key that is
+ intended to be used for encrypting data, rather than for verifying
+ digital signatures or performing other cryptographic functions.
+
+ C) A v3 X.509 public-key certificate may have a "keyUsage"
+ extension that indicates the purpose for which the certified
+ public key is intended.
+
+ $ end entity
+ (I) A system entity that is the subject of a public-key
+ certificate and that is using, or is permitted and able to use,
+ the matching private key only for a purpose or purposes other than
+ signing a digital certificate; i.e., an entity that is not a CA.
+
+ (D) "A certificate subject which uses its public [sic] key for
+ purposes other than signing certificates." [X509]
+
+ (C) ISDs SHOULD NOT use the X.509 definition, because it is
+ misleading and incomplete. First, the X.509 definition should say
+ "private key" rather than "public key" because certificates are
+ not usefully signed with a public key. Second, the X.509
+ definition is weak regarding whether an end entity may or may not
+ use the private key to sign a certificate, i.e., whether the
+ subject may be a CA. The intent of X.509's authors was that an end
+ entity certificate is not valid for use in verifying a signature
+ on an X.509 certificate or X.509 CRL. Thus, it would have been
+ better for the X.509 definition to have said "only for purposes
+ other than signing certificates".
+
+ (C) Despite the problems in the X.509 definition, the term itself
+ is useful in describing applications of asymmetric cryptography.
+ The way the term is used in X.509 implies that it was meant to be
+ defined, as we have done here, relative to roles that an entity
+ (which is associated with an OSI end system) is playing or is
+ permitted to play in applications of asymmetric cryptography other
+ than the PKI that supports applications.
+
+ (C) Whether a subject can play both CA and non-CA roles, with
+ either the same or different certificates, is a matter of policy.
+ (See: certification practice statement.) A v3 X.509 public-key
+ certificate may have a "basicConstraints" extension containing a
+ "cA" value that specifically "indicates whether or not the public
+ key may be used to verify certificate signatures".
+
+
+
+
+
+
+
+Shirey Informational [Page 69]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ end system
+ (I) An OSI term for a computer that implements all seven layers of
+ the OSIRM and may attach to a subnetwork. (In the context of the
+ Internet Protocol Suite, usually called a "host".)
+
+ $ end-to-end encryption
+ (I) Continuous protection of data that flows between two points in
+ a network, provided by encrypting data when it leaves its source,
+ leaving it encrypted while it passes through any intermediate
+ computers (such as routers), and decrypting only when the data
+ arrives at the intended destination. (See: link encryption,
+ wiretapping.)
+
+ (C) When two points are separated by multiple communication links
+ that are connected by one or more intermediate relays, end-to-end
+ encryption enables the source and destination systems to protect
+ their communications without depending on the intermediate systems
+ to provide the protection.
+
+ $ end user
+ (I) General usage: A system entity, usually a human individual,
+ that makes use of system resources, primarily for application
+ purposes as opposed to system management purposes.
+
+ (I) PKI usage: A synonym for "end entity"; but the term "end
+ entity" is preferred.
+
+ $ entity
+ See: system entity.
+
+ $ entrapment
+ (I) "The deliberate planting of apparent flaws in a system for the
+ purpose of detecting attempted penetrations or confusing an
+ intruder about which flaws to exploit." [FP039] (See: honey pot.)
+
+ $ ephemeral key
+ (I) A public key or a private key that is relatively short-lived.
+ (See: session key.)
+
+ $ error detection code
+ (I) A checksum designed to detect, but not correct, accidental
+ (i.e., unintentional) changes in data.
+
+ $ Escrowed Encryption Standard (EES)
+ (N) A U.S. Government standard [FP185] that specifies use of a
+ symmetric encryption algorithm (SKIPJACK) and a Law Enforcement
+
+
+
+
+
+Shirey Informational [Page 70]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ Access Field (LEAF) creation method to implement part of a key
+ escrow system that provides for decryption of encrypted
+ telecommunications when interception is lawfully authorized.
+
+ (C) Both SKIPJACK and the LEAF are to be implemented in equipment
+ used to encrypt and decrypt unclassified, sensitive
+ telecommunications data.
+
+ $ ESP
+ See: Encapsulating Security Payload.
+
+ $ Estelle
+ (N) A language (ISO 9074-1989) for formal specification of
+ computer network protocols.
+
+ $ evaluated products list
+ (O) General usage: A list of information system equipment items
+ that have been evaluated against, and found to be compliant with,
+ a particular set of criteria.
+
+ (O) U.S. Department of Defense usage: The Evaluated Products List
+ (http://www.radium.ncsc.mil/tpep/epl/) contains items that have
+ been evaluated against the TCSEC by the NCSC, or against the
+ Common Criteria by the NCSC or one of its partner agencies in
+ another county. The List forms Chapter 4 of NSA's "Information
+ Systems Security Products and Services Catalogue".
+
+ $ evaluated system
+ (I) Refers to a system that has been evaluated against security
+ criteria such as the TCSEC or the Common Criteria.
+
+ $ expire
+ See: certificate expiration.
+
+ $ exposure
+ See: (secondary definition under) threat consequence.
+
+ $ Extensible Authentication Protocol
+ (I) A framework that supports multiple, optional authentication
+ mechanisms for PPP, including cleartext passwords, challenge-
+ response, and arbitrary dialog sequences. [R2284]
+
+ (C) This protocol is intended for use primarily by a host or
+ router that connects to a PPP network server via switched circuits
+ or dial-up lines.
+
+
+
+
+
+
+Shirey Informational [Page 71]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ extension
+ (I) A data item defined for optional inclusion in a v3 X.509
+ public-key certificate or a v2 X.509 CRL.
+
+ (C) The formats defined in X.509 can be extended to provide
+ methods for associating additional attributes with subjects and
+ public keys and for managing a certification hierarchy:
+
+ - "Certificate extension": X.509 defines standard extensions that
+ may be included in v3 certificates to provide additional key
+ and security policy information, subject and issuer attributes,
+ and certification path constraints.
+
+ - "CRL extension": X.509 defines extensions that may be included
+ in v2 CRLs to provide additional issuer key and name
+ information, revocation reasons and constraints, and
+ information about distribution points and delta CRLs.
+
+ - "Private extension": Additional extensions, each named by an
+ OID, can be locally defined as needed by applications or
+ communities. (See: PKIX private extension, SET private
+ extensions.)
+
+ $ extranet
+ (I) A computer network that an organization uses to carry
+ application data traffic between the organization and its business
+ partners. (See: intranet.)
+
+ (C) An extranet can be implemented securely, either on the
+ Internet or using Internet technology, by constructing the
+ extranet as a VPN.
+
+ $ fail safe
+ (I) A mode of system termination that automatically leaves system
+ processes and components in a secure state when a failure occurs
+ or is detected in the system.
+
+ $ fail soft
+ (I) Selective termination of affected non-essential system
+ functions and processes when a failure occurs or is detected in
+ the system.
+
+ $ failure control
+ (I) A methodology used to provide fail-safe or fail-soft
+ termination and recovery of functions and processes when failures
+ are detected or occur in a system. [FP039]
+
+
+
+
+
+Shirey Informational [Page 72]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ Federal Information Processing Standards (FIPS)
+ (N) The Federal Information Processing Standards Publication (FIPS
+ PUB) series issued by the U.S. National Institute of Standards and
+ Technology as technical guidelines for U.S. Government
+ procurements of information processing system equipment and
+ services. [FP031, FP039, FP046, FP081, FP102, FP113, FP140, FP151,
+ FP180, FP185, FP186, FP188]
+
+ (C) Issued under the provisions of section 111(d) of the Federal
+ Property and Administrative Services Act of 1949 as amended by the
+ Computer Security Act of 1987, Public Law 100-235.
+
+ $ Federal Public-key Infrastructure (FPKI)
+ (N) A PKI being planned to establish facilities, specifications,
+ and policies needed by the U.S. Federal Government to use public-
+ key certificates for INFOSEC, COMSEC, and electronic commerce
+ involving unclassified but sensitive applications and interactions
+ between Federal agencies as well as with entities of other
+ branches of the Federal Government, state, and local governments,
+ business, and the public. [FPKI]
+
+ $ Federal Standard 1027
+ (N) An U.S. Government document defining emanation, anti-tamper,
+ security fault analysis, and manual key management criteria for
+ DES encryption devices, primary for OSI layer 2. Was renamed "FIPS
+ PUB 140" when responsibility for protecting unclassified,
+ sensitive information was transferred from NSA to NIST, and then
+ was superseded by FIPS PUB 140-1.
+
+ $ File Transfer Protocol (FTP)
+ (I) A TCP-based, application-layer, Internet Standard protocol
+ [R0959] for moving data files from one computer to another.
+
+ $ filtering router
+ (I) An internetwork router that selectively prevents the passage
+ of data packets according to a security policy.
+
+ (C) A filtering router may be used as a firewall or part of a
+ firewall. A router usually receives a packet from a network and
+ decides where to forward it on a second network. A filtering
+ router does the same, but first decides whether the packet should
+ be forwarded at all, according to some security policy. The policy
+ is implemented by rules (packet filters) loaded into the router.
+ The rules mostly involve values of data packet control fields
+ (especially IP source and destination addresses and TCP port
+ numbers). [R2179]
+
+
+
+
+
+Shirey Informational [Page 73]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ financial institution
+ (N) "An establishment responsible for facilitating customer-
+ initiated transactions or transmission of funds for the extension
+ of credit or the custody, loan, exchange, or issuance of money."
+ [SET2]
+
+ $ fingerprint
+ (I) A pattern of curves formed by the ridges on a fingertip. (See:
+ biometric authentication, thumbprint.)
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "hash result"
+ because it mixes concepts in a potentially misleading way.
+
+ (D) ISDs SHOULD NOT use this term with the following PGP
+ definition, because the term and definition mix concepts in a
+ potentially misleading way and duplicate the meaning of "hash
+ result":
+
+ (O) PGP usage: A hash result used to authenticate a public key
+ (key fingerprint) or other data. [PGP]
+
+ $ FIPS
+ See: Federal Information Processing Standards.
+
+ $ FIPS PUB 140-1
+ (N) The U.S. Government standard [FP140] for security requirements
+ to be met by a cryptographic module used to protect unclassified
+ information in computer and communication systems. (See: Common
+ Criteria, FIPS, Federal Standard 1027.)
+
+ (C) The standard specifies four increasing levels (from "Level 1"
+ to "Level 4") of requirements to cover a wide range of potential
+ applications and environments. The requirements address basic
+ design and documentation, module interfaces, authorized roles and
+ services, physical security, software security, operating system
+ security, key management, cryptographic algorithms,
+ electromagnetic interference and electromagnetic compatibility
+ (EMI/EMC), and self-testing. NIST and the Canadian Communication
+ Security Establishment jointly certify modules.
+
+ $ firewall
+ (I) An internetwork gateway that restricts data communication
+ traffic to and from one of the connected networks (the one said to
+ be "inside" the firewall) and thus protects that network's system
+ resources against threats from the other network (the one that is
+ said to be "outside" the firewall). (See: guard, security
+ gateway.)
+
+
+
+
+Shirey Informational [Page 74]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) A firewall typically protects a smaller, secure network (such
+ as a corporate LAN, or even just one host) from a larger network
+ (such as the Internet). The firewall is installed at the point
+ where the networks connect, and the firewall applies security
+ policy rules to control traffic that flows in and out of the
+ protected network.
+
+ (C) A firewall is not always a single computer. For example, a
+ firewall may consist of a pair of filtering routers and one or
+ more proxy servers running on one or more bastion hosts, all
+ connected to a small, dedicated LAN between the two routers. The
+ external router blocks attacks that use IP to break security (IP
+ address spoofing, source routing, packet fragments), while proxy
+ servers block attacks that would exploit a vulnerability in a
+ higher layer protocol or service. The internal router blocks
+ traffic from leaving the protected network except through the
+ proxy servers. The difficult part is defining criteria by which
+ packets are denied passage through the firewall, because a
+ firewall not only needs to keep intruders out, but usually also
+ needs to let authorized users in and out.
+
+ $ firmware
+ (I) Computer programs and data stored in hardware--typically in
+ read-only memory (ROM) or programmable read-only memory (PROM)--
+ such that the programs and data cannot be dynamically written or
+ modified during execution of the programs. (See: hardware,
+ software.)
+
+ $ FIRST
+ See: Forum of Incident Response and Security Teams.
+
+ $ flaw hypothesis methodology
+ (I) An evaluation or attack technique in which specifications and
+ documentation for a system are analyzed to hypothesize flaws in
+ the system. The list of hypothetical flaws is prioritized on the
+ basis of the estimated probability that a flaw exists and,
+ assuming it does, on the ease of exploiting it and the extent of
+ control or compromise it would provide. The prioritized list is
+ used to direct a penetration test or attack against the system.
+ [NCS04]
+
+ $ flooding
+ (I) An attack that attempts to cause a failure in (especially, in
+ the security of) a computer system or other data processing entity
+ by providing more input than the entity can process properly.
+ (See: denial of service.)
+
+
+
+
+
+Shirey Informational [Page 75]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ flow analysis
+ (I) An analysis performed on a nonprocedural formal system
+ specification that locates potential flows of information between
+ system variables. By assigning security levels to the variables,
+ the analysis can find some types of covert channels.
+
+ $ flow control
+ (I) A procedure or technique to ensure that information transfers
+ within a system are not made from one security level to another
+ security level, and especially not from a higher level to a lower
+ level. (See: covert channel, simple security property, confinement
+ property.)
+
+ $ formal specification
+ (I) A specification of hardware or software functionality in a
+ computer-readable language; usually a precise mathematical
+ description of the behavior of the system with the aim of
+ providing a correctness proof.
+
+ $ formulary
+ (I) A technique for enabling a decision to grant or deny access to
+ be made dynamically at the time the access is attempted, rather
+ than earlier when an access control list or ticket is created.
+
+ $ FORTEZZA(trademark)
+ (N) A registered trademark of NSA, used for a family of
+ interoperable security products that implement a NIST/NSA-approved
+ suite of cryptographic algorithms for digital signature, hash,
+ encryption, and key exchange. The products include a PC card that
+ contains a CAPSTONE chip, serial port modems, server boards, smart
+ cards, and software implementations.
+
+ $ Forum of Incident Response and Security Teams (FIRST)
+ (N) An international consortium of CSIRTs that work together to
+ handle computer security incidents and promote preventive
+ activities. (See: CSIRT, security incident.)
+
+ (C) FIRST was founded in 1990 and, as of September 1999, had
+ nearly 70 members spanning the globe. Its mission includes:
+
+ - Provide members with technical information, tools, methods,
+ assistance, and guidance.
+ - Coordinate proactive liaison activities and analytical support.
+ - Encourage development of quality products and services.
+ - Improve national and international information security for
+ government, private industry, academia, and the individual.
+ - Enhance the image and status of the CSIRT community.
+
+
+
+
+Shirey Informational [Page 76]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ forward secrecy
+ See: public-key forward secrecy.
+
+ $ FPKI
+ See: Federal Public-Key Infrastructure.
+
+ $ FTP
+ See: File Transfer Protocol.
+
+ $ gateway
+ (I) A relay mechanism that attaches to two (or more) computer
+ networks that have similar functions but dissimilar
+ implementations and that enables host computers on one network to
+ communicate with hosts on the other; an intermediate system that
+ is the interface between two computer networks. (See: bridge,
+ firewall, guard, internetwork, proxy server, router, and
+ subnetwork.)
+
+ (C) In theory, gateways are conceivable at any OSI layer. In
+ practice, they operate at OSI layer 3 (see: bridge, router) or
+ layer 7 (see: proxy server). When the two networks differ in the
+ protocol by which they offer service to hosts, the gateway may
+ translate one protocol into another or otherwise facilitate
+ interoperation of hosts (see: Internet Protocol).
+
+ $ GCA
+ See: geopolitical certificate authority.
+
+ $ GeneralizedTime
+ (N) The ASN.1 data type "GeneralizedTime" (specified in ISO 8601)
+ contains a calendar date (YYYYMMDD) and a time of day, which is
+ either (a) the local time, (b) the Coordinated Universal Time, or
+ (c) both the local time and an offset allowing Coordinated
+ Universal Time to be calculated. (See: Coordinated Universal Time,
+ UTCTime.)
+
+ $ Generic Security Service Application Program Interface (GSS-API)
+ (I) An Internet Standard protocol [R2078] that specifies calling
+ conventions by which an application (typically another
+ communication protocol) can obtain authentication, integrity, and
+ confidentiality security services independently of the underlying
+ security mechanisms and technologies, thus allowing the
+ application source code to be ported to different environments.
+
+ (C) "A GSS-API caller accepts tokens provided to it by its local
+ GSS-API implementation and transfers the tokens to a peer on a
+ remote system; that peer passes the received tokens to its local
+
+
+
+
+Shirey Informational [Page 77]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ GSS-API implementation for processing. The security services
+ available through GSS-API in this fashion are implementable (and
+ have been implemented) over a range of underlying mechanisms based
+ on [symmetric] and [asymmetric cryptography]." [R2078]
+
+ $ geopolitical certificate authority (GCA)
+ (O) SET usage: In a SET certification hierarchy, an optional level
+ that is certified by a BCA and that may certify cardholder CAs,
+ merchant CAs, and payment gateway CAs. Using GCAs enables a brand
+ to distribute responsibility for managing certificates to
+ geographic or political regions, so that brand policies can vary
+ between regions as needed.
+
+ $ Green Book
+ (D) Except as an explanatory appositive, ISDs SHOULD NOT use this
+ term as a synonym for "Defense Password Management Guideline"
+ [CSC2]. Instead, use the full proper name of the document or, in
+ subsequent references, a conventional abbreviation. (See: Rainbow
+ Series.)
+
+ (D) Usage note: To improve international comprehensibility of
+ Internet Standards and the Internet Standards Process, ISDs SHOULD
+ NOT use "cute" synonyms for document titles. No matter how popular
+ and clearly understood a nickname may be in one community, it is
+ likely to cause confusion in others. For example, several other
+ information system standards also are called "the Green Book". The
+ following are some examples:
+
+ - Each volume of 1992 ITU-T (at that time, CCITT) standards.
+ - "PostScript Language Program Design", Adobe Systems, Addison-
+ Wesley, 1988.
+ - IEEE 1003.1 POSIX Operating Systems Interface.
+ - "Smalltalk-80: Bits of History, Words of Advice", Glenn
+ Krasner, Addison-Wesley, 1983.
+ - "X/Open Compatibility Guide".
+ - A particular CD-ROM format developed by Phillips.
+
+ $ GRIP
+ (I) A contraction of "Guidelines and Recommendations for Security
+ Incident Processing", the name of the IETF working group that
+ seeks to facilitate consistent handling of security incidents in
+ the Internet community. (See: security incident.)
+
+ (C) Guidelines to be produced by the WG will address technology
+ vendors, network service providers, and response teams in their
+ roles assisting organizations in resolving security incidents.
+ These relationships are functional and can exist within and across
+ organizational boundaries.
+
+
+
+Shirey Informational [Page 78]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ GSS-API
+ See: Generic Security Service Application Program Interface.
+
+ $ guard
+ (I) A gateway that is interposed between two networks (or
+ computers, or other information systems) operating at different
+ security levels (one level is usually higher than the other) and
+ is trusted to mediate all information transfers between the two
+ levels, either to ensure that no sensitive information from the
+ first (higher) level is disclosed to the second (lower) level, or
+ to protect the integrity of data on the first (higher) level.
+ (See: firewall.)
+
+ $ guest login
+ See: anonymous login.
+
+ $ GULS
+ (I) Generic Upper Layer Security service element (ISO 11586), a
+ five-part standard for the exchange of security information and
+ security-transformation functions that protect confidentiality and
+ integrity of application data.
+
+ $ hacker
+ (I) Someone with a strong interest in computers, who enjoys
+ learning about them and experimenting with them. (See: cracker.)
+
+ (C) The recommended definition is the original meaning of the term
+ (circa 1960), which then had a neutral or positive connotation of
+ "someone who figures things out and makes something cool
+ happen". Today, the term is frequently misused, especially by
+ journalists, to have the pejorative meaning of cracker.
+
+ $ handle
+ (I) (1.) Verb: Perform processing operations on data, such as
+ receive and transmit, collect and disseminate, create and delete,
+ store and retrieve, read and write, and compare. (2.) Noun: An on-
+ line pseudonym, particularly one used by a cracker; derived from
+ citizens band radio culture.
+
+ $ hardware
+ (I) The material physical components of a computer system. (See:
+ firmware, software.)
+
+ $ hardware token
+ See: token.
+
+
+
+
+
+
+Shirey Informational [Page 79]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ hash code
+ (D) ISDs SHOULD NOT use this term (especially not as a synonym for
+ "hash result") because it mixes concepts in a potentially
+ misleading way. A hash result is not a "code" in any sense defined
+ by this glossary. (See: code, hash result, hash value, message
+ digest.)
+
+ $ hash function
+ (I) An algorithm that computes a value based on a data object
+ (such as a message or file; usually variable-length; possibly very
+ large), thereby mapping the data object to a smaller data object
+ (the "hash result") which is usually a fixed-size value. (See:
+ checksum, keyed hash.)
+
+ (O) "A (mathematical) function which maps values from a large
+ (possibly very large) domain into a smaller range. A 'good' hash
+ function is such that the results of applying the function to a
+ (large) set of values in the domain will be evenly distributed
+ (and apparently at random) over the range." [X509]
+
+ (C) The kind of hash function needed for security applications is
+ called a "cryptographic hash function", an algorithm for which it
+ is computationally infeasible (because no attack is significantly
+ more efficient than brute force) to find either (a) a data object
+ that maps to a pre-specified hash result (the "one-way" property)
+ or (b) two data objects that map to the same hash result (the
+ "collision-free" property). (See: MD2, MD4, MD5, SHA-1.)
+
+ (C) A cryptographic hash is "good" in the sense stated in the "O"
+ definition for hash function. Any change to an input data object
+ will, with high probability, result in a different hash result, so
+ that the result of a cryptographic hash makes a good checksum for
+ a data object.
+
+ $ hash result
+ (I) The output of a hash function. (See: hash code, hash value.)
+
+ (O) "The output produced by a hash function upon processing a
+ message" (where "message" is broadly defined as "a digital
+ representation of data"). [ABA] (The recommended definition is
+ compatible with this ABA definition, but we avoid the unusual
+ definition of "message".)
+
+ $ hash value
+ (D) ISDs SHOULD NOT use this term (especially not as a synonym for
+ "hash result", the output of a hash function) because it might be
+ confused with "hashed value" (the input to a hash function). (See:
+ hash code, hash result, message digest.)
+
+
+
+Shirey Informational [Page 80]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ hierarchical PKI
+ (I) A PKI architecture based on a certification hierarchy. (See:
+ mesh PKI, trust-file PKI.)
+
+ $ hierarchy management
+ (I) The process of generating configuration data and issuing
+ public-key certificates to build and operate a certification
+ hierarchy.
+
+ $ hierarchy of trust
+ (D) ISDs SHOULD NOT use this term with regard to PKI, especially
+ not as a synonym for "certification hierarchy", because this term
+ mixes concepts in a potentially misleading way. (See:
+ certification hierarchy, trust, web of trust.)
+
+ $ hijack attack
+ (I) A form of active wiretapping in which the attacker seizes
+ control of a previously established communication association.
+ (See: man-in-the-middle attack, pagejacking, piggyback attack.)
+
+ $ HMAC
+ (I) A keyed hash [R2104] that can be based on any iterated
+ cryptographic hash (e.g., MD5 or SHA-1), so that the cryptographic
+ strength of HMAC depends on the properties of the selected
+ cryptographic hash. (See: [R2202, R2403, R2404].)
+
+ (C) Assume that H is a generic cryptographic hash in which a
+ function is iterated on data blocks of length B bytes. L is the
+ length of the of hash result of H. K is a secret key of length L
+ <= K <= B. The values IPAD and OPAD are fixed strings used as
+ inner and outer padding and defined as follows: IPAD = the byte
+ 0x36 repeated B times, OPAD = the byte 0x5C repeated B times. HMAC
+ is computed by H(K XOR OPAD, H(K XOR IPAD, inputdata)).
+
+ (C) The goals of HMAC are as follows:
+
+ - To use available cryptographic hash functions without
+ modification, particularly functions that perform well in
+ software and for which software is freely and widely available.
+ - To preserve the original performance of the selected hash
+ without significant degradation.
+ - To use and handle keys in a simple way.
+ - To have a well-understood cryptographic analysis of the
+ strength of the mechanism based on reasonable assumptions about
+ the underlying hash function.
+ - To enable easy replacement of the hash function in case a
+ faster or stronger hash is found or required.
+
+
+
+
+Shirey Informational [Page 81]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ honey pot
+ (I) A system (e.g., a web server) or a system resource (e.g., a
+ file on a server), that is designed to be attractive to potential
+ crackers and intruders, like honey is attractive to bears. (See:
+ entrapment.)
+
+ (D) It is likely that other cultures have different metaphors for
+ this concept. To ensure international understanding, ISDs should
+ not use this term unless they also provide an explanation like
+ this one. (See: (usage note under) Green Book.)
+
+ $ host
+ (I) General computer network usage: A computer that is attached to
+ a communication subnetwork or internetwork and can use services
+ provided by the network to exchange data with other attached
+ systems. (See: end system.)
+
+ (I) Specific Internet Protocol Suite usage: A networked computer
+ that does not forward Internet Protocol packets that are not
+ addressed to the computer itself. (See: router.)
+
+ (C) Derivation: As viewed by its users, a host "entertains"
+ guests, providing application layer services or access to other
+ computers attached to the network. However, even though some
+ traditional peripheral service devices, such as printers, can now
+ be independently connected to networks, they are not usually
+ called hosts.
+
+ $ HTML
+ See: Hypertext Markup Language.
+
+ $ HTTP
+ See: Hypertext Transfer Protocol.
+
+ $ https
+ (I) When used in the first part of a URL (the part that precedes
+ the colon and specifies an access scheme or protocol), this term
+ specifies the use of HTTP enhanced by a security mechanism, which
+ is usually SSL. (See: S-HTTP.)
+
+ $ hybrid encryption
+ (I) An application of cryptography that combines two or more
+ encryption algorithms, particularly a combination of symmetric and
+ asymmetric encryption. (E.g., see: digital envelope.)
+
+ (C) Asymmetric algorithms require more computation than
+ equivalently strong symmetric ones. Thus, asymmetric encryption is
+ not normally used for data confidentiality except in distributing
+
+
+
+Shirey Informational [Page 82]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ symmetric keys in applications where the key data is usually short
+ (in terms of bits) compared to the data it protects. (E.g., see:
+ MSP, PEM, PGP.)
+
+ $ hyperlink
+ (I) In hypertext or hypermedia, an information object (such as a
+ word, a phrase, or an image; usually highlighted by color or
+ underscoring) that points (indicates how to connect) to related
+ information that is located elsewhere and can be retrieved by
+ activating the link (e.g., by selecting the object with a mouse
+ pointer and then clicking).
+
+ $ hypermedia
+ (I) A generalization of hypertext; any media that contain
+ hyperlinks that point to material in the same or another data
+ object.
+
+ $ hypertext
+ (I) A computer document, or part of a document, that contains
+ hyperlinks to other documents; i.e., text that contains active
+ pointers to other text. Usually written in Hypertext Markup
+ Language and accessed using a web browser. (See: hypermedia.)
+
+ $ Hypertext Markup Language (HTML)
+ (I) A platform-independent system of syntax and semantics for
+ adding characters to data files (particularly text files) to
+ represent the data's structure and to point to related data, thus
+ creating hypertext for use in the World Wide Web and other
+ applications. [R1866]
+
+ $ Hypertext Transfer Protocol (HTTP)
+ (I) A TCP-based, application-layer, client-server, Internet
+ protocol [R2616] used to carry data requests and responses in the
+ World Wide Web. (See: hypertext.)
+
+ $ IAB
+ See: Internet Architecture Board.
+
+ $ IANA
+ See: Internet Assigned Numbers Authority.
+
+ $ ICANN
+ See: Internet Corporation for Assigned Names and Numbers.
+
+ $ ICMP
+ See: Internet Control Message Protocol.
+
+
+
+
+
+Shirey Informational [Page 83]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ ICMP flood
+ (I) A denial of service attack that sends a host more ICMP echo
+ request ("ping") packets than the protocol implementation can
+ handle. (See: flooding, smurf.)
+
+ $ ICRL
+ See: indirect certificate revocation list.
+
+ $ IDEA
+ See: International Data Encryption Algorithm.
+
+ $ identification
+ (I) An act or process that presents an identifier to a system so
+ that the system can recognize a system entity and distinguish it
+ from other entities. (See: authentication.)
+
+ $ Identification Protocol
+ (I) An client-server Internet protocol [R1413] for learning the
+ identity of a user of a particular TCP connection.
+
+ (C) Given a TCP port number pair, the server returns a character
+ string that identifies the owner of that connection on the
+ server's system. The protocol is not intended for authorization or
+ access control. At best, it provides additional auditing
+ information with respect to TCP.
+
+ $ identity-based security policy
+ (I) "A security policy based on the identities and/or attributes
+ of users, a group of users, or entities acting on behalf of the
+ users and the resources/objects being accessed." [I7498 Part 2]
+ (See: rule-based security policy.)
+
+ $ IEEE
+ See: Institute of Electrical and Electronics Engineers, Inc.
+
+ $ IEEE 802.10
+ (N) An IEEE committee developing security standards for local area
+ networks. (See: SILS.)
+
+ $ IEEE P1363
+ (N) An IEEE working group, Standard for Public-Key Cryptography,
+ developing a comprehensive reference standard for asymmetric
+ cryptography. Covers discrete logarithm (e.g., DSA), elliptic
+ curve, and integer factorization (e.g., RSA); and covers key
+ agreement, digital signature, and encryption.
+
+ $ IESG
+ See: Internet Engineering Steering Group.
+
+
+
+Shirey Informational [Page 84]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ IETF
+ See: Internet Engineering Task Force.
+
+ $ IKE
+ See: IPsec Key Exchange.
+
+ $ IMAP4
+ See: Internet Message Access Protocol, version 4.
+
+ $ IMAP4 AUTHENTICATE
+ (I) A IMAP4 "command" (better described as a transaction type, or
+ a protocol-within-a-protocol) by which an IMAP4 client optionally
+ proposes a mechanism to an IMAP4 server to authenticate the client
+ to the server and provide other security services. (See: POP3.)
+
+ (C) If the server accepts the proposal, the command is followed by
+ performing a challenge-response authentication protocol and,
+ optionally, negotiating a protection mechanism for subsequent POP3
+ interactions. The security mechanisms that are used by IMAP4
+ AUTHENTICATE--including Kerberos, GSSAPI, and S/Key--are described
+ in [R1731].
+
+ $ in the clear
+ (I) Not encrypted. (See: cleartext.)
+
+ $ indirect certificate revocation list (ICRL)
+ (I) In X.509, a CRL that may contain certificate revocation
+ notifications for certificates issued by CAs other than the issuer
+ of the ICRL.
+
+ $ indistinguishability
+ (I) An attribute of an encryption algorithm that is a
+ formalization of the notion that the encryption of some string is
+ indistinguishable from the encryption of an equal-length string of
+ nonsense.
+
+ (C) Under certain conditions, this notion is equivalent to
+ "semantic security".
+
+ $ information
+ (I) Facts and ideas, which can be represented (encoded) as various
+ forms of data.
+
+ $ Information Technology Security Evaluation Criteria (ITSEC)
+ (N) Standard developed for use in the European Union; accommodates
+ a wider range of security assurance and functionality combinations
+ than the TCSEC. Superseded by the Common Criteria. [ITSEC]
+
+
+
+
+Shirey Informational [Page 85]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ INFOSEC
+ (I) Abbreviation for "information security", referring to security
+ measures that implement and assure security services in computer
+ systems (i.e., COMPUSEC) and communication systems (i.e., COMSEC).
+
+ $ initialization value (IV)
+ (I) An input parameter that sets the starting state of a
+ cryptographic algorithm or mode. (Sometimes called "initialization
+ vector" or "message indicator".)
+
+ (C) An IV can be used to introduce cryptographic variance in
+ addition to that provided by a key (see: salt), and to synchronize
+ one cryptographic process with another. For an example of the
+ latter, cipher block chaining mode requires an IV. [R2405]
+
+ $ initialization vector
+ (D) For consistency, ISDs SHOULD NOT use this term as a synonym
+ for "initialization value".
+
+ $ insider attack
+ See: (secondary definition under) attack.
+
+ $ Institute of Electrical and Electronics Engineers, Inc. (IEEE)
+ (N) The IEEE is a not-for-profit association of more than 330,000
+ individual members in 150 countries. The IEEE produces 30 percent
+ of the world's published literature in electrical engineering,
+ computers, and control technology; holds annually more than 300
+ major conferences; and has more than 800 active standards with 700
+ under development. (See: Standards for Interoperable LAN/MAN
+ Security.)
+
+ $ integrity
+ See: data integrity, correctness integrity, source integrity,
+ system integrity.
+
+ $ integrity check
+ (D) ISDs SHOULD NOT use this term as a synonym for "cryptographic
+ hash" or "protected checksum", because this term unnecessarily
+ duplicates the meaning of other, well-established terms.
+
+ $ intelligent threat
+ (I) A circumstance in which an adversary has the technical and
+ operational capability to detect and exploit a vulnerability and
+ also has the demonstrated, presumed, or inferred intent to do so.
+ (See: threat.)
+
+
+
+
+
+
+Shirey Informational [Page 86]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ International Data Encryption Algorithm (IDEA)
+ (N) A patented, symmetric block cipher that uses a 128-bit key and
+ operates on 64-bit blocks. [Schn] (See: symmetric cryptography.)
+
+ $ International Standard
+ See: (secondary definition under) ISO.
+
+ $ International Traffic in Arms Regulations (ITAR)
+ (N) Rules issued by the U.S. State Department, by authority of the
+ Arms Export Control Act (22 U.S.C. 2778), to control export and
+ import of defense articles and defense services, including
+ information security systems, such as cryptographic systems, and
+ TEMPEST suppression technology. (See: Wassenaar Arrangement.)
+
+ $ internet
+ $ Internet
+ See: internet vs. Internet.
+
+ $ Internet Architecture Board (IAB)
+ (I) A technical advisory group of the ISOC, chartered by the ISOC
+ Trustees to provide oversight of Internet architecture and
+ protocols and, in the context of Internet Standards, a body to
+ which decisions of the IESG may be appealed. Responsible for
+ approving appointments to the IESG from among nominees submitted
+ by the IETF nominating committee. [R2026]
+
+ $ Internet Assigned Numbers Authority (IANA)
+ (I) From the early days of the Internet, the IANA was chartered by
+ the ISOC and the U.S. Government's Federal Network Council to be
+ the central coordination, allocation, and registration body for
+ parameters for Internet protocols. Superseded by ICANN.
+
+ $ Internet Control Message Protocol (ICMP)
+ (I) An Internet Standard protocol [R0792] that is used to report
+ error conditions during IP datagram processing and to exchange
+ other information concerning the state of the IP network.
+
+ $ Internet Corporation for Assigned Names and Numbers (ICANN)
+ (I) The non-profit, private corporation that has assumed
+ responsibility for the IP address space allocation, protocol
+ parameter assignment, domain name system management, and root
+ server system management functions formerly performed under U.S.
+ Government contract by IANA and other entities.
+
+ (C) The Internet Protocol Suite, as defined by the IETF and the
+ IESG, contains numerous parameters, such as internet addresses,
+ domain names, autonomous system numbers, protocol numbers, port
+ numbers, management information base object identifiers, including
+
+
+
+Shirey Informational [Page 87]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ private enterprise numbers, and many others. The Internet
+ community requires that the values used in these parameter fields
+ be assigned uniquely. ICANN makes those assignments as requested
+ and maintains a registry of the current values.
+
+ (C) ICANN was formed in October 1998, by a coalition of the
+ Internet's business, technical, and academic communities. The U.S.
+ Government designated ICANN to serve as the global consensus
+ entity with responsibility for coordinating four key functions for
+ the Internet: the allocation of IP address space, the assignment
+ of protocol parameters, the management of the DNS, and the
+ management of the DNS root server system.
+
+ $ Internet Draft
+ (I) A working document of the IETF, its areas, and its working
+ groups. (Other groups may also distribute working documents as
+ Internet Drafts.) An Internet Draft is not an archival document
+ like an RFC is. Instead, an Internet Draft is a preliminary or
+ working document that is valid for a maximum of six months and may
+ be updated, replaced, or made obsolete by other documents at any
+ time. It is inappropriate to use an Internet Draft as reference
+ material or to cite it other than as "work in progress."
+
+ $ Internet Engineering Steering Group (IESG)
+ (I) The part of the ISOC responsible for technical management of
+ IETF activities and administration of the Internet Standards
+ Process according to procedures approved by the ISOC Trustees.
+ Directly responsible for actions along the "standards track",
+ including final approval of specifications as Internet Standards.
+ Composed of IETF Area Directors and the IETF chairperson, who also
+ chairs the IESG. [R2026]
+
+ $ Internet Engineering Task Force (IETF)
+ (I) A self-organized group of people who make contributions to the
+ development of Internet technology. The principal body engaged in
+ developing Internet Standards, although not itself a part of the
+ ISOC. Composed of Working Groups, which are arranged into Areas
+ (such as the Security Area), each coordinated by one or more Area
+ Directors. Nominations to the IAB and the IESG are made by a
+ committee selected at random from regular IETF meeting attendees
+ who have volunteered. [R2026, R2323]
+
+ $ Internet Message Access Protocol, version 4 (IMAP4)
+ (I) An Internet protocol [R2060] by which a client workstation can
+ dynamically access a mailbox on a server host to manipulate and
+ retrieve mail messages that the server has received and is holding
+ for the client. (See: POP3.)
+
+
+
+
+Shirey Informational [Page 88]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) IMAP4 has mechanisms for optionally authenticating a client to
+ a server and providing other security services. (See: IMAP4
+ AUTHENTICATE.)
+
+ $ Internet Policy Registration Authority (IPRA)
+ (I) An X.509-compliant CA that is the top CA of the Internet
+ certification hierarchy operated under the auspices of the ISOC
+ [R1422]. (See: (PEM usage under) certification hierarchy.)
+
+ $ Internet Protocol (IP)
+ (I) A Internet Standard protocol (version 4 [R0791] and version 6
+ [R2460]) that moves datagrams (discrete sets of bits) from one
+ computer to another across an internetwork but does not provide
+ reliable delivery, flow control, sequencing, or other end-to-end
+ services that TCP provides. (See: IP address, TCP/IP.)
+
+ (C) In the OSIRM, IP would be located at the top of layer 3.
+
+ $ Internet Protocol security (IPsec)
+ (I) (1.) The name of the IETF working group that is specifying a
+ security architecture [R2401] and protocols to provide security
+ services for Internet Protocol traffic. (2.) A collective name for
+ that architecture and set of protocols. (Implementation of IPsec
+ protocols is optional for IP version 4, but mandatory for IP
+ version 6.) (See: Internet Protocol Security Option.)
+
+ (C) Note that the letters "sec" are lower-case.
+
+ (C) The IPsec architecture specifies (a) security protocols (AH
+ and ESP), (b) security associations (what they are, how they work,
+ how they are managed, and associated processing), (c) key
+ management (IKE), and (d) algorithms for authentication and
+ encryption. The set of security services include access control
+ service, connectionless data integrity service, data origin
+ authentication service, protection against replays (detection of
+ the arrival of duplicate datagrams, within a constrained window),
+ data confidentiality service, and limited traffic flow
+ confidentiality.
+
+ $ Internet Protocol Security Option (IPSO)
+ (I) Refers to one of three types of IP security options, which are
+ fields that may be added to an IP datagram for the purpose of
+ carrying security information about the datagram. (See: IPsec.)
+
+ (D) ISDs SHOULD NOT use this term without a modifier to indicate
+ which of the three types is meant.
+
+
+
+
+
+Shirey Informational [Page 89]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ 1. "DoD Basic Security Option" (IP option type 130): Defined for
+ use on U.S. Department of Defense common user data networks.
+ Identifies the Defense classification level at which the
+ datagram is to be protected and the protection authorities
+ whose rules apply to the datagram. [R1108]
+
+ A "protection authority" is a National Access Program (e.g.,
+ GENSER, SIOP-ESI, SCI, NSA, Department of Energy) or Special
+ Access Program that specifies protection rules for transmission
+ and processing of the information contained in the datagram.
+ [R1108]
+
+ 2. "DoD Extended Security Option" (IP option type 133): Permits
+ additional security labeling information, beyond that present
+ in the Basic Security Option, to be supplied in the datagram to
+ meet the needs of registered authorities. [R1108]
+
+ 3. "Common IP Security Option" (CIPSO) (IP option type 134):
+ Designed by TSIG to carry hierarchic and non-hierarchic
+ security labels. (Formerly called "Commercial IP Security
+ Option".) Was published as Internet-Draft [CIPSO]; not advanced
+ to RFC.
+
+ $ Internet Protocol Suite
+ See: (secondary definition under) Internet.
+
+ $ Internet Security Association and Key Management Protocol (ISAKMP)
+ (I) An Internet IPsec protocol [R2408] to negotiate, establish,
+ modify, and delete security associations, and to exchange key
+ generation and authentication data, independent of the details of
+ any specific key generation technique, key establishment protocol,
+ encryption algorithm, or authentication mechanism.
+
+ (C) ISAKMP supports negotiation of security associations for
+ protocols at all TCP/IP layers. By centralizing management of
+ security associations, ISAKMP reduces duplicated functionality
+ within each protocol. ISAKMP can also reduce connection setup
+ time, by negotiating a whole stack of services at once. Strong
+ authentication is required on ISAKMP exchanges, and a digital
+ signature algorithm based on asymmetric cryptography is used
+ within ISAKMP's authentication component.
+
+ $ Internet Society (ISOC)
+ (I) A professional society concerned with Internet development
+ (including technical Internet Standards); with how the Internet is
+ and can be used; and with social, political, and technical issues
+
+
+
+
+
+Shirey Informational [Page 90]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ that result. The ISOC Board of Trustees approves appointments to
+ the IAB from among nominees submitted by the IETF nominating
+ committee. [R2026]
+
+ $ Internet Standard
+ (I) A specification, approved by the IESG and published as an RFC,
+ that is stable and well-understood, is technically competent, has
+ multiple, independent, and interoperable implementations with
+ substantial operational experience, enjoys significant public
+ support, and is recognizably useful in some or all parts of the
+ Internet. [R2026] (See: RFC.)
+
+ (C) The Internet Standards Process is an activity of the ISOC and
+ is organized and managed by the IAB and the IESG. The process is
+ concerned with all protocols, procedures, and conventions used in
+ or by the Internet, whether or not they are part of the Internet
+ Protocol Suite. The "Internet Standards Track" has three levels of
+ increasing maturity: Proposed Standard, Draft Standard, and
+ Standard. (See: (standards levels under) ISO.)
+
+ $ Internet Standards document (ISD)
+ (C) In this Glossary, this term refers to an RFC, Internet-Draft,
+ or other item that is produced as part of the Internet Standards
+ Process [R2026]. However, neither the term nor the abbreviation is
+ widely accepted and, therefore, SHOULD NOT be used in an ISD
+ unless it is accompanied by an explanation like this. (See:
+ Internet Standard.)
+
+ $ internet vs. Internet
+ 1. (I) Not capitalized: A popular abbreviation for "internetwork".
+
+ 2. (I) Capitalized: "The Internet" is the single, interconnected,
+ worldwide system of commercial, government, educational, and other
+ computer networks that share the set of protocols specified by the
+ IAB [R2026] and the name and address spaces managed by the ICANN.
+
+ (C) The protocol set is named the "Internet Protocol Suite". It
+ also is popularly known as "TCP/IP", because TCP and IP are two of
+ its fundamental components. These protocols enable a user of any
+ one of the networks in the Internet to communicate with, or use
+ services located on, any of the other networks.
+
+ (C) Although the Internet does have architectural principles
+ [R1958], no Internet Standard formally defines a layered reference
+ model for the IPS that is similar to the OSIRM. However, Internet
+ community documents do refer (inconsistently) to layers:
+ application, socket, transport, internetwork, network, data link,
+
+
+
+
+Shirey Informational [Page 91]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ and physical. In this Glossary, Internet layers are referred to by
+ name to avoid confusing them with OSIRM layers, which are referred
+ to by number.
+
+ $ internetwork
+ (I) A system of interconnected networks; a network of networks.
+ Usually shortened to "internet". (See: internet vs. Internet.)
+
+ (C) An internet is usually built using OSI layer 3 gateways to
+ connect a set of subnetworks. When the subnetworks differ in the
+ OSI layer 3 protocol service they provide, the gateways sometimes
+ implement a uniform internetwork protocol (e.g., IP) that operates
+ at the top of layer 3 and hides the underlying heterogeneity from
+ hosts that use communication services provided by the internet.
+ (See: router.)
+
+ $ intranet
+ (I) A computer network, especially one based on Internet
+ technology, that an organization uses for its own internal, and
+ usually private, purposes and that is closed to outsiders. (See:
+ extranet, virtual private network.)
+
+ $ intruder
+ (I) An entity that gains or attempts to gain access to a system or
+ system resource without having authorization to do so. (See:
+ cracker.)
+
+ $ intrusion
+ See: security intrusion.
+
+ $ intrusion detection
+ (I) A security service that monitors and analyzes system events
+ for the purpose of finding, and providing real-time or near real-
+ time warning of, attempts to access system resources in an
+ unauthorized manner.
+
+ $ invalidity date
+ (N) An X.509 CRL entry extension that "indicates the date at which
+ it is known or suspected that the [revoked certificate's private
+ key] was compromised or that the certificate should otherwise be
+ considered invalid" [X509].
+
+ (C) This date may be earlier than the revocation date in the CRL
+ entry, and may even be earlier than the date of issue of earlier
+ CRLs. However, the invalidity date is not, by itself, sufficient
+ for purposes of non-repudiation service. For example, to
+
+
+
+
+
+Shirey Informational [Page 92]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ fraudulently repudiate a validly-generated signature, a private
+ key holder may falsely claim that the key was compromised at some
+ time in the past.
+
+ $ IP
+ See: Internet Protocol.
+
+ $ IP address
+ (I) A computer's internetwork address that is assigned for use by
+ the Internet Protocol and other protocols.
+
+ (C) An IP version 4 [R0791] address is written as a series of four
+ 8-bit numbers separated by periods. For example, the address of
+ the host named "rosslyn.bbn.com" is 192.1.7.10.
+
+ (C) An IP version 6 [R2373] address is written as x:x:x:x:x:x:x:x,
+ where each "x" is the hexadecimal value of one of the eight 16-bit
+ parts of the address. For example, 1080:0:0:0:8:800:200C:417A and
+ FEDC:BA98:7654:3210:FEDC:BA98:7654:3210.
+
+ $ IP Security Option
+ See: Internet Protocol Security Option.
+
+ $ IPRA
+ See: Internet Policy Registration Authority.
+
+ $ IPsec
+ See: Internet Protocol security.
+
+ $ IPsec Key Exchange (IKE)
+ (I) An Internet, IPsec, key-establishment protocol [R2409] (partly
+ based on OAKLEY) that is intended for putting in place
+ authenticated keying material for use with ISAKMP and for other
+ security associations, such as in AH and ESP.
+
+ $ IPSO
+ See: Internet Protocol Security Option.
+
+ $ ISAKMP
+ See: Internet Security Association and Key Management Protocol.
+
+ $ ISD
+ See: Internet Standards document.
+
+ $ ISO
+ (I) International Organization for Standardization, a voluntary,
+ non-treaty, non-government organization, established in 1947, with
+ voting members that are designated standards bodies of
+
+
+
+Shirey Informational [Page 93]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ participating nations and non-voting observer organizations. (See:
+ ANSI, ITU-T.)
+
+ (C) Legally, ISO is a Swiss, non-profit, private organization. ISO
+ and the IEC (the International Electrotechnical Commission) form
+ the specialized system for worldwide standardization. National
+ bodies that are members of ISO or IEC participate in developing
+ international standards through ISO and IEC technical committees
+ that deal with particular fields of activity. Other international
+ governmental and non-governmental organizations, in liaison with
+ ISO and IEC, also take part. (ANSI is the U.S. voting member of
+ ISO. ISO is a class D member of ITU-T.)
+
+ (C) The ISO standards development process has four levels of
+ increasing maturity: Working Draft (WD), Committee Draft (CD),
+ Draft International Standard (DIS), and International Standard
+ (IS). (See: (standards track levels under) Internet Standard.) In
+ information technology, ISO and IEC have a joint technical
+ committee, ISO/IEC JTC 1. DISs adopted by JTC 1 are circulated to
+ national bodies for voting, and publication as an IS requires
+ approval by at least 75% of the national bodies casting a vote.
+
+ $ ISOC
+ See: Internet Society.
+
+ $ issue (a digital certificate or CRL)
+ (I) Generate and sign a digital certificate (or CRL) and, usually,
+ distribute it and make it available to potential certificate users
+ (or CRL users). (See: certificate creation.)
+
+ (C) The ABA Guidelines [ABA] explicitly limit this term to
+ certificate creation, and exclude the act of publishing. In
+ general usage, however, "issuing" a digital certificate (or CRL)
+ includes not only certificate creation but also making it
+ available to potential users, such as by storing it in a
+ repository or other directory or otherwise publishing it.
+
+ $ issuer
+ 1. (I) "Issuer" of a certificate or CRL: The CA that signs the
+ digital certificate or CRL.
+
+ (C) An X.509 certificate always includes the issuer's name. The
+ name may include a common name value.
+
+ 2. (N) "Issuer" of a payment card: SET usage: "The financial
+ institution or its agent that issues the unique primary account
+ number to the cardholder for the payment card brand." [SET2]
+
+
+
+
+Shirey Informational [Page 94]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) The institution that establishes the account for a cardholder
+ and issues the payment card also guarantees payment for authorized
+ transactions that use the card in accordance with card brand
+ regulations and local legislation. [SET1]
+
+ $ ITAR
+ See: International Traffic in Arms Regulations.
+
+ $ ITSEC
+ See: Information Technology System Evaluation Criteria.
+
+ $ ITU-T
+ (N) International Telecommunications Union, Telecommunication
+ Standardization Sector (formerly "CCITT"), a United Nations treaty
+ organization that is composed mainly of postal, telephone, and
+ telegraph authorities of the member countries and that publishes
+ standards called "Recommendations". (See: X.400, X.500.)
+
+ (C) The Department of State represents the United States. ITU-T
+ works on many kinds of communication systems. ITU-T cooperates
+ with ISO on communication protocol standards, and many
+ Recommendations in that area are also published as an ISO standard
+ with an ISO name and number.
+
+ $ IV
+ See: initialization value.
+
+ $ KDC
+ See: Key Distribution Center.
+
+ $ KEA
+ See: Key Exchange Algorithm.
+
+ $ KEK
+ See: key-encrypting key.
+
+ $ Kerberos
+ (N) A system developed at the Massachusetts Institute of
+ Technology that depends on passwords and symmetric cryptography
+ (DES) to implement ticket-based, peer entity authentication
+ service and access control service distributed in a client-server
+ network environment. [R1510, Stei]
+
+ (C) Kerberos was developed by Project Athena and is named for the
+ three-headed dog guarding Hades.
+
+ $ key
+ See: cryptographic key.
+
+
+
+Shirey Informational [Page 95]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ key agreement (algorithm or protocol)
+ (I) A key establishment method (especially one involving
+ asymmetric cryptography) by which two or more entities, without
+ prior arrangement except a public exchange of data (such as public
+ keys), each computes the same key value. I.e., each can
+ independently generate the same key value, but that key cannot be
+ computed by other entities. (See: Diffie-Hellman, key
+ establishment, Key Exchange Algorithm, key transport.)
+
+ (O) "A method for negotiating a key value on line without
+ transferring the key, even in an encrypted form, e.g., the Diffie-
+ Hellman technique." [X509]
+
+ (O) "The procedure whereby two different parties generate shared
+ symmetric keys such that any of the shared symmetric keys is a
+ function of the information contributed by all legitimate
+ participants, so that no party [alone] can predetermine the value
+ of the key." [A9042]
+
+ (C) For example, a message originator and the intended recipient
+ can each use their own private key and the other's public key with
+ the Diffie-Hellman algorithm to first compute a shared secret
+ value and, from that value, derive a session key to encrypt the
+ message.
+
+ $ key authentication
+ (N) "The assurance of the legitimate participants in a key
+ agreement that no non-legitimate party possesses the shared
+ symmetric key." [A9042]
+
+ $ key center
+ (I) A centralized key distribution process (used in symmetric
+ cryptography), usually a separate computer system, that uses key-
+ encrypting keys (master keys) to encrypt and distribute session
+ keys needed in a community of users.
+
+ (C) An ANSI standard [A9017] defines two types of key center: key
+ distribution center and key translation center.
+
+ $ key confirmation
+ (N) "The assurance of the legitimate participants in a key
+ establishment protocol that the intended parties sharing the
+ symmetric key actually possess the shared symmetric key." [A9042]
+
+ $ key distribution
+ (I) A process that delivers a cryptographic key from the location
+ where it is generated to the locations where it is used in a
+ cryptographic algorithm. (See: key management.)
+
+
+
+Shirey Informational [Page 96]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ key distribution center (KDC)
+ (I) A type of key center (used in symmetric cryptography) that
+ implements a key distribution protocol to provide keys (usually,
+ session keys) to two (or more) entities that wish to communicate
+ securely. (See: key translation center.)
+
+ (C) A KDC distributes keys to Alice and Bob, who (a) wish to
+ communicate with each other but do not currently share keys, (b)
+ each share a KEK with the KDC, and (c) may not be able to generate
+ or acquire keys by themselves. Alice requests the keys from the
+ KDC. The KDC generates or acquires the keys and makes two
+ identical sets. The KDC encrypts one set in the KEK it shares with
+ Alice, and sends that encrypted set to Alice. The KDC encrypts the
+ second set in the KEK it shares with Bob, and either sends that
+ encrypted set to Alice for her to forward to Bob, or sends it
+ directly to Bob (although the latter option is not supported in
+ the ANSI standard [A9017]).
+
+ $ key encapsulation
+ See: (secondary definition under) key recovery.
+
+ $ key-encrypting key (KEK)
+ (I) A cryptographic key that is used to encrypt other keys, either
+ DEKs or other KEKs, but usually is not used to encrypt application
+ data.
+
+ $ key escrow
+ See: (secondary definition under) key recovery.
+
+ $ key establishment (algorithm or protocol)
+ (I) A process that combines the key generation and key
+ distribution steps needed to set up or install a secure
+ communication association. (See: key agreement, key transport.)
+
+ (O) "The procedure to share a symmetric key among different
+ parties by either key agreement or key transport." [A9042]
+
+ (C) Key establishment involves either key agreement or key
+ transport:
+
+ - Key transport: One entity generates a secret key and securely
+ sends it to the other entity. (Or each entity generates a
+ secret value and securely sends it to the other entity, where
+ the two values are combined to form a secret key.)
+
+ - Key agreement: No secret is sent from one entity to another.
+ Instead, both entities, without prior arrangement except a
+ public exchange of data, compute the same secret value. I.e.,
+
+
+
+Shirey Informational [Page 97]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ each can independently generate the same value, but that value
+ cannot be computed by other entities.
+
+ $ Key Exchange Algorithm (KEA)
+ (N) A key agreement algorithm [NIST] that is similar to the
+ Diffie-Hellman algorithm, uses 1024-bit asymmetric keys, and was
+ developed and formerly classified at the "Secret" level by NSA.
+ (See: CAPSTONE, CLIPPER, FORTEZZA, SKIPJACK.)
+
+ (C) On 23 June 1998, the NSA announced that KEA had been
+ declassified.
+
+ $ key generation
+ (I) A process that creates the sequence of symbols that comprise a
+ cryptographic key. (See: key management.)
+
+ $ key generator
+ 1. (I) An algorithm that uses mathematical rules to
+ deterministically produce a pseudo-random sequence of
+ cryptographic key values.
+
+ 2. (I) An encryption device that incorporates a key generation
+ mechanism and applies the key to plaintext (e.g., by exclusive OR-
+ ing the key bit string with the plaintext bit string) to produce
+ ciphertext.
+
+ $ key length
+ (I) The number of symbols (usually bits) needed to be able to
+ represent any of the possible values of a cryptographic key. (See:
+ key space.)
+
+ $ key lifetime
+ (N) MISSI usage: An attribute of a MISSI key pair that specifies a
+ time span that bounds the validity period of any MISSI X.509
+ public-key certificate that contains the public component of the
+ pair. (See: cryptoperiod.)
+
+ $ key management
+ (I) The process of handling and controlling cryptographic keys and
+ related material (such as initialization values) during their life
+ cycle in a cryptographic system, including ordering, generating,
+ distributing, storing, loading, escrowing, archiving, auditing,
+ and destroying the material. (See: key distribution, key escrow,
+ keying material, public-key infrastructure.)
+
+ (O) "The generation, storage, distribution, deletion, archiving
+ and application of keys in accordance with a security policy."
+ [I7498 Part 2]
+
+
+
+Shirey Informational [Page 98]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (O) "The activities involving the handling of cryptographic keys
+ and other related security parameters (e.g., IVs, counters) during
+ the entire life cycle of the keys, including their generation,
+ storage, distribution, entry and use, deletion or destruction, and
+ archiving." [FP140]
+
+ $ Key Management Protocol (KMP)
+ (N) A protocol to establish a shared symmetric key between a pair
+ (or a group) of users. (One version of KMP was developed by SDNS,
+ and another by SILS.)
+
+ $ key material identifier (KMID)
+ (N) MISSI usage: A 64-bit identifier that is assigned to a key
+ pair when the public key is bound in a MISSI X.509 public-key
+ certificate.
+
+ $ key pair
+ (I) A set of mathematically related keys--a public key and a
+ private key--that are used for asymmetric cryptography and are
+ generated in a way that makes it computationally infeasible to
+ derive the private key from knowledge of the public key (e.g.,
+ see: Diffie-Hellman, Rivest-Shamir-Adleman).
+
+ (C) A key pair's owner discloses the public key to other system
+ entities so they can use the key to encrypt data, verify a digital
+ signature, compute a protected checksum, or generate a key in a
+ key agreement algorithm. The matching private key is kept secret
+ by the owner, who uses it to decrypt data, generate a digital
+ signature, verify a protected checksum, or generate a key in a key
+ agreement algorithm.
+
+ $ key recovery
+ 1. (I) A process for learning the value of a cryptographic key
+ that was previously used to perform some cryptographic operation.
+ (See: cryptanalysis.)
+
+ 2. (I) Techniques that provide an intentional, alternate (i.e.,
+ secondary) means to access the key used for data confidentiality
+ service in an encrypted association. [DOD4]
+
+ (C) We assume that the encryption mechanism has a primary means of
+ obtaining the key through a key establishment algorithm or
+ protocol. For the secondary means, there are two classes of key
+ recovery techniques--key escrow and key encapsulation:
+
+
+
+
+
+
+
+Shirey Informational [Page 99]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - "Key escrow": A key recovery technique for storing knowledge of
+ a cryptographic key or parts thereof in the custody of one or
+ more third parties called "escrow agents", so that the key can
+ be recovered and used in specified circumstances.
+
+ Key escrow is typically implemented with split knowledge
+ techniques. For example, the Escrowed Encryption Standard
+ [FP185] entrusts two components of a device-unique split key to
+ separate escrow agents. The agents provide the components only
+ to someone legally authorized to conduct electronic
+ surveillance of telecommunications encrypted by that specific
+ device. The components are used to reconstruct the device-
+ unique key, and it is used to obtain the session key needed to
+ decrypt communications.
+
+ - "Key encapsulation": A key recovery technique for storing
+ knowledge of a cryptographic key by encrypting it with another
+ key and ensuring that that only certain third parties called
+ "recovery agents" can perform the decryption operation to
+ retrieve the stored key.
+
+ Key encapsulation typically allows direct retrieval of the
+ secret key used to provide data confidentiality.
+
+ $ key space
+ (I) The range of possible values of a cryptographic key; or the
+ number of distinct transformations supported by a particular
+ cryptographic algorithm. (See: key length.)
+
+ $ key translation center
+ (I) A type of key center (used in a symmetric cryptography) that
+ implements a key distribution protocol to convey keys between two
+ (or more) parties who wish to communicate securely. (See: key
+ distribution center.)
+
+ (C) A key translation center translates keys for future
+ communication between Bob and Alice, who (a) wish to communicate
+ with each other but do not currently share keys, (b) each share a
+ KEK with the center, and (c) have the ability to generate or
+ acquire keys by themselves. Alice generates or acquires a set of
+ keys for communication with Bob. Alice encrypts the set in the KEK
+ she shares with the center and sends the encrypted set to the
+ center. The center decrypts the set, reencrypts the set in the KEK
+ it shares with Bob, and either sends that encrypted set to Alice
+ for her to forward to Bob, or sends it directly to Bob (although
+ direct distribution is not supported in the ANSI standard
+ [A9017]).
+
+
+
+
+Shirey Informational [Page 100]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ key transport (algorithm or protocol)
+ (I) A key establishment method by which a secret key is generated
+ by one entity in a communication association and securely sent to
+ another entity in the association. (See: key agreement.)
+
+ (O) "The procedure to send a symmetric key from one party to other
+ parties. As a result, all legitimate participants share a common
+ symmetric key in such a way that the symmetric key is determined
+ entirely by one party." [A9042]
+
+ (C) For example, a message originator can generate a random
+ session key and then use the Rivest-Shamir-Adleman algorithm to
+ encrypt that key with the public key of the intended recipient.
+
+ $ key update
+ (I) Derive a new key from an existing key. (See: certificate
+ rekey.)
+
+ $ key validation
+ (N) "The procedure for the receiver of a public key to check that
+ the key conforms to the arithmetic requirements for such a key in
+ order to thwart certain types of attacks." [A9042]
+
+ $ keyed hash
+ (I) A cryptographic hash (e.g., [R1828]) in which the mapping to a
+ hash result is varied by a second input parameter that is a
+ cryptographic key. (See: checksum.)
+
+ (C) If the input data object is changed, a new hash result cannot
+ be correctly computed without knowledge of the secret key. Thus,
+ the secret key protects the hash result so it can be used as a
+ checksum even when there is a threat of an active attack on the
+ data. There are least two forms of keyed hash:
+
+ - A function based on a keyed encryption algorithm. (E.g., see:
+ Data Authentication Code.)
+
+ - A function based on a keyless hash that is enhanced by
+ combining (e.g., by concatenating) the input data object
+ parameter with a key parameter before mapping to the hash
+ result. (E.g., see: HMAC.)
+
+ $ keying material
+ (I) Data (such as keys, key pairs, and initialization values)
+ needed to establish and maintain a cryptographic security
+ association.
+
+
+
+
+
+Shirey Informational [Page 101]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ KMID
+ See: key material identifier.
+
+ $ known-plaintext attack
+ (I) A cryptanalysis technique in which the analyst tries to
+ determine the key from knowledge of some plaintext-ciphertext
+ pairs (although the analyst may also have other clues, such as the
+ knowing the cryptographic algorithm).
+
+ $ L2F
+ See: Layer 2 Forwarding Protocol.
+
+ $ L2TP
+ See: Layer 2 Tunneling Protocol.
+
+ $ label
+ See: security label.
+
+ $ Language of Temporal Ordering Specification (LOTOS)
+ (N) A language (ISO 8807-1990) for formal specification of
+ computer network protocols; describes the order in which events
+ occur.
+
+ $ lattice model
+ (I) A security model for flow control in a system, based on the
+ lattice that is formed by the finite security levels in a system
+ and their partial ordering. [Denn] (See: flow control, security
+ level, security model.)
+
+ (C) The model describes the semantic structure formed by a finite
+ set of security levels, such as those used in military
+ organizations.
+
+ (C) A lattice is a finite set together with a partial ordering on
+ its elements such that for every pair of elements there is a least
+ upper bound and a greatest lower bound. For example, a lattice is
+ formed by a finite set S of security levels -- i.e., a set S of all
+ ordered pairs (x, c), where x is one of a finite set X of
+ hierarchically ordered classification levels (X1, ..., Xm), and c
+ is a (possibly empty) subset of a finite set C of non-hierarchical
+ categories (C1, ..., Cn) -- together with the "dominate" relation.
+ (See: dominate.)
+
+ $ Law Enforcement Access Field (LEAF)
+ (N) A data item that is automatically embedded in data encrypted
+ by devices (e.g., see: CLIPPER chip) that implement the Escrowed
+ Encryption Standard.
+
+
+
+
+Shirey Informational [Page 102]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ Layer 2 Forwarding Protocol (L2F)
+ (N) An Internet protocol (originally developed by Cisco
+ Corporation) that uses tunneling of PPP over IP to create a
+ virtual extension of a dial-up link across a network, initiated by
+ the dial-up server and transparent to the dial-up user. (See:
+ L2TP.)
+
+ $ Layer 2 Tunneling Protocol (L2TP)
+ (N) An Internet client-server protocol that combines aspects of
+ PPTP and L2F and supports tunneling of PPP over an IP network or
+ over frame relay or other switched network. (See: virtual private
+ network.)
+
+ (C) PPP can in turn encapsulate any OSI layer 3 protocol. Thus,
+ L2TP does not specify security services; it depends on protocols
+ layered above and below it to provide any needed security.
+
+ $ LDAP
+ See: Lightweight Directory Access Protocol.
+
+ $ least privilege
+ (I) The principle that a security architecture should be designed
+ so that each system entity is granted the minimum system resources
+ and authorizations that the entity needs to do its work. (See:
+ economy of mechanism.)
+
+ (C) This principle tends to limit damage that can be caused by an
+ accident, error, or unauthorized act.
+
+ $ Lightweight Directory Access Protocol (LDAP)
+ (N) A client-server protocol that supports basic use of the X.500
+ Directory (or other directory servers) without incurring the
+ resource requirements of the full Directory Access Protocol (DAP).
+ [R1777]
+
+ (C) Designed for simple management and browser applications that
+ provide simple read/write interactive directory service. Supports
+ both simple authentication and strong authentication of the client
+ to the directory server.
+
+ $ link
+ (I) World Wide Web usage: See: hyperlink.
+
+ (I) Subnetwork usage: A point-to-point communication channel
+ connecting two subnetwork relays (especially one between two
+ packet switches) that is implemented at OSI layer 2. (See: link
+ encryption.)
+
+
+
+
+Shirey Informational [Page 103]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) The relay computers assume that links are logically passive.
+ If a computer at one end of a link sends a sequence of bits, the
+ sequence simply arrives at the other end after a finite time,
+ although some bits may have been changed either accidentally
+ (errors) or by active wiretapping.
+
+ $ link-by-link encryption
+ $ link encryption
+ (I) Stepwise protection of data that flows between two points in a
+ network, provided by encrypting data separately on each network
+ link, i.e., by encrypting data when it leaves a host or subnetwork
+ relay and decrypting when it arrives at the next host or relay.
+ Each link may use a different key or even a different algorithm.
+ [R1455] (See: end-to-end encryption.)
+
+ $ logic bomb
+ (I) Malicious logic that activates when specified conditions are
+ met. Usually intended to cause denial of service or otherwise
+ damage system resources. (See: Trojan horse, virus, worm.)
+
+ $ login
+ (I) The act of a system entity gaining access to a session in
+ which the entity can use system resources; usually accomplished by
+ providing a user name and password to an access control system
+ that authenticates the user.
+
+ (C) Derives from "log" file", a security audit trail that records
+ security events, such as the beginning of sessions, and who
+ initiates them.
+
+ $ LOTOS
+ See: Language of Temporal Ordering Specification.
+
+ $ MAC
+ See: mandatory access control, Message Authentication Code.
+
+ $ malicious logic
+ (I) Hardware, software, or firmware that is intentionally included
+ or inserted in a system for a harmful purpose. (See: logic bomb,
+ Trojan horse, virus, worm.)
+
+ $ malware
+ (I) A contraction of "malicious software". (See: malicious logic.)
+
+ (D) ISDs SHOULD NOT use this term because it is not listed in most
+ dictionaries and could confuse international readers.
+
+
+
+
+
+Shirey Informational [Page 104]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ man-in-the-middle
+ (I) A form of active wiretapping attack in which the attacker
+ intercepts and selectively modifies communicated data in order to
+ masquerade as one or more of the entities involved in a
+ communication association. (See: hijack attack, piggyback attack.)
+
+ (C) For example, suppose Alice and Bob try to establish a session
+ key by using the Diffie-Hellman algorithm without data origin
+ authentication service. A "man in the middle" could (a) block
+ direct communication between Alice and Bob and then (b) masquerade
+ as Alice sending data to Bob, (c) masquerade as Bob sending data
+ to Alice, (d) establish separate session keys with each of them,
+ and (e) function as a clandestine proxy server between them in
+ order to capture or modify sensitive information that Alice and
+ Bob think they are sending only to each other.
+
+ $ mandatory access control (MAC)
+ (I) An access control service that enforces a security policy
+ based on comparing (a) security labels (which indicate how
+ sensitive or critical system resources are) with (b) security
+ clearances (which indicate system entities are eligible to access
+ certain resources). (See: discretionary access control, rule-based
+ security policy.)
+
+ (C) This kind of access control is called "mandatory" because an
+ entity that has clearance to access a resource may not, just by
+ its own volition, enable another entity to access that resource.
+
+ (O) "A means of restricting access to objects based on the
+ sensitivity (as represented by a label) of the information
+ contained in the objects and the formal authorization (i.e.,
+ clearance) of subjects to access information of such sensitivity."
+ [DOD1]
+
+ $ manipulation detection code
+ (D) ISDs SHOULD NOT use this term as a synonym for "checksum"
+ because the word "manipulation" implies protection against active
+ attacks, which an ordinary checksum might not provide. Instead, if
+ such protection is intended, use "protected checksum" or some
+ particular type thereof, depending on which is meant. If such
+ protection is not intended, use "error detection code" or some
+ specific type of checksum that is not protected.
+
+ $ masquerade attack
+ (I) A type of attack in which one system entity illegitimately
+ poses as (assumes the identity of) another entity. (See: spoofing
+ attack.)
+
+
+
+
+Shirey Informational [Page 105]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ MCA
+ See: merchant certificate authority.
+
+ $ MD2
+ (N) A cryptographic hash [R1319] that produces a 128-bit hash
+ result, was designed by Ron Rivest, and is similar to MD4 and MD5
+ but slower. (See: message digest.)
+
+ $ MD4
+ (N) A cryptographic hash [R1320] that produces a 128-bit hash
+ result and was designed by Ron Rivest. (See: message digest and
+ SHA-1.)
+
+ $ MD5
+ (N) A cryptographic hash [R1321] that produces a 128-bit hash
+ result and was designed by Ron Rivest to be an improved version of
+ MD4.
+
+ $ merchant
+ (O) SET usage: "A seller of goods, services, and/or other
+ information who accepts payment for these items electronically."
+ [SET2] A merchant may also provide electronic selling services
+ and/or electronic delivery of items for sale. With SET, the
+ merchant can offer its cardholders secure electronic interactions,
+ but a merchant that accepts payment cards is required to have a
+ relationship with an acquirer. [SET1, SET2]
+
+ $ merchant certificate
+ (O) SET usage: A public-key certificate issued to a merchant.
+ Sometimes used to refer to a pair of such certificates where one
+ is for digital signature use and the other is for encryption.
+
+ $ merchant certification authority (MCA)
+ (O) SET usage: A CA that issues digital certificates to merchants
+ and is operated on behalf of a payment card brand, an acquirer, or
+ another party according to brand rules. Acquirers verify and
+ approve requests for merchant certificates prior to issuance by
+ the MCA. An MCA does not issue a CRL, but does distribute CRLs
+ issued by root CAs, brand CAs, geopolitical CAs, and payment
+ gateway CAs. [SET2]
+
+ $ mesh PKI
+ (I) A non-hierarchical PKI architecture in which there are several
+ trusted CAs rather than a single root. Each certificate user bases
+ path validations on the public key of one of the trusted CAs,
+ usually the one that issued that user's own public-key
+ certificate. Rather than having superior-to-subordinate
+
+
+
+
+Shirey Informational [Page 106]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ relationships between CAs, the relationships are peer-to-peer, and
+ CAs issue cross-certificates to each other. (See: hierarchical
+ PKI, trust-file PKI.)
+
+ $ message authentication code vs. Message Authentication Code (MAC)
+ 1. (N) Capitalized: "(The) Message Authentication Code" refers to
+ an ANSI standard for a checksum that is computed with a keyed hash
+ that is based on DES. [A9009] (Also known as the U.S. Government
+ standard Data Authentication Code. [FP113])
+
+ (C) The ANSI standard MAC algorithm is equivalent to cipher block
+ chaining with IV = 0.
+
+ 2. (D) Not capitalized: ISDs SHOULD NOT use the uncapitalized form
+ "message authentication code", because this term mixes concepts in
+ a potentially misleading way. Instead, use "checksum", "error
+ detection code", "hash", "keyed hash", "Message Authentication
+ Code", or "protected checksum", depending on what is meant. (See:
+ authentication code.)
+
+ (C) In the uncapitalized form, the word "message" is misleading
+ because it implies that the mechanism is particularly suitable for
+ or limited to electronic mail (see: Message Handling Systems), the
+ word "authentication" is misleading because the mechanism
+ primarily serves a data integrity function rather than an
+ authentication function, and the word "code" is misleading because
+ it implies that either encoding or encryption is involved or that
+ the term refers to computer software.
+
+ $ message digest
+ (D) ISDs SHOULD NOT use this term as a synonym for "hash result"
+ because it unnecessarily duplicates the meaning of the other, more
+ general term and mixes concepts in a potentially misleading way.
+ (See: cryptographic hash, Message Handling System.)
+
+ $ Message Handling Systems
+ (I) A ITU-T/ISO system concept, which encompasses the notion of
+ electronic mail but defines more comprehensive OSI systems and
+ services that enable users to exchange messages on a store-and-
+ forward basis. (The ISO equivalent is "Message Oriented Text
+ Interchange System".) (See: X.400.)
+
+ $ message indicator
+ (D) ISDs SHOULD NOT use this term as a synonym for "initialization
+ value" because it mixes concepts in a potentially misleading way.
+
+
+
+
+
+
+Shirey Informational [Page 107]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ message integrity check
+ $ message integrity code
+ (D) ISDs SHOULD NOT use these terms because they mix concepts in a
+ potentially misleading way. (The word "message" is misleading
+ because it suggests that the mechanism is particularly suitable
+ for or limited to electronic mail. The word "code" is misleading
+ because it suggests that either encoding or encryption is
+ involved, or that the term refers to computer software.) Instead,
+ use "checksum", "error detection code", "hash", "keyed hash",
+ "Message Authentication Code", or "protected checksum", depending
+ on what is meant.
+
+ $ Message Security Protocol (MSP)
+ (N) A secure message handling protocol [SDNS7] for use with X.400
+ and Internet mail protocols. Developed by NSA's SDNS program and
+ used in the U.S. Defense Message System.
+
+ $ MHS
+ See: message handling system.
+
+ $ MIME
+ See: Multipurpose Internet Mail Extensions.
+
+ $ MIME Object Security Services (MOSS)
+ (I) An Internet protocol [R1848] that applies end-to-end
+ encryption and digital signature to MIME message content, using
+ symmetric cryptography for encryption and asymmetric cryptography
+ for key distribution and signature. MOSS is based on features and
+ specifications of PEM. (See: S/MIME.)
+
+ $ Minimum Interoperability Specification for PKI Components (MISPC)
+ (N) A technical description to provide a basis for interoperation
+ between PKI components from different vendors; consists primarily
+ of a profile of certificate and CRL extensions and a set of
+ transactions for PKI operation. [MISPC]
+
+ $ MISPC
+ See: Minimum Interoperability Specification for PKI Components.
+
+ $ MISSI
+ (N) Multilevel Information System Security Initiative, an NSA
+ program to encourage development of interoperable, modular
+ products for constructing secure network information systems in
+ support of a wide variety of Government missions. (See: MSP.)
+
+
+
+
+
+
+
+Shirey Informational [Page 108]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ MISSI user
+ (O) MISSI usage: A system entity that is the subject of one or
+ more MISSI X.509 public-key certificates issued under a MISSI
+ certification hierarchy. (See: personality.)
+
+ (C) MISSI users include both end users and the authorities that
+ issue certificates. A MISSI user is usually a person but may be a
+ machine or other automated process. Some machines are required to
+ operate non-stop. To avoid downtime needed to exchange the
+ FORTEZZA cards of machine operators at shift changes, the machines
+ may be issued their own cards, as if they were persons.
+
+ $ mode
+ $ mode of operation
+ (I) Encryption usage: A technique for enhancing the effect of a
+ cryptographic algorithm or adapting the algorithm for an
+ application, such as applying a block cipher to a sequence of data
+ blocks or a data stream. (See: electronic codebook, cipher block
+ chaining, cipher feedback, output feedback.)
+
+ (I) System operation usage: A type of security policy that states
+ the range of classification levels of information that a system is
+ permitted to handle and the range of clearances and authorizations
+ of users who are permitted to access the system. (See: dedicated
+ security mode, multilevel security mode, partitioned security
+ mode, system high security mode.)
+
+ $ modulus
+ (I) The defining constant in modular arithmetic, and usually a
+ part of the public key in asymmetric cryptography that is based on
+ modular arithmetic. (See: Diffie-Hellman, Rivest-Shamir-Adleman.)
+
+ $ Morris Worm
+ (I) A worm program written by Robert T. Morris, Jr. that flooded
+ the ARPANET in November, 1988, causing problems for thousands of
+ hosts. (See: worm.)
+
+ $ MOSS
+ See: MIME Object Security Services.
+
+ $ MSP
+ See: Message Security Protocol.
+
+ $ multilevel secure (MLS)
+ (I) A class of system that has system resources (particularly
+ stored information) at more than one security level (i.e., has
+ different types of sensitive resources) and that permits
+
+
+
+
+Shirey Informational [Page 109]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ concurrent access by users who differ in security clearance and
+ need-to-know, but is able to prevent each user from accessing
+ resources for which the user lacks authorization.
+
+ $ multilevel security mode
+ (I) A mode of operation of an information system, that allows two
+ or more classification levels of information to be processed
+ concurrently within the same system when not all users have a
+ clearance or formal access authorization for all data handled by
+ the system.
+
+ (C) This mode is defined formally in U.S. Department of Defense
+ policy regarding system accreditation [DOD2], but the term is also
+ used outside the Defense Department and outside the Government.
+
+ $ Multipurpose Internet Mail Extensions (MIME)
+ (I) An Internet protocol [R2045] that enhances the basic format of
+ Internet electronic mail messages [R0822] to be able to use
+ character sets other than US-ASCII for textual headers and text
+ content, and to carry non-textual and multi-part content. (See:
+ S/MIME.)
+
+ $ mutual suspicion
+ (I) The state that exists between two interacting system entities
+ in which neither entity can trust the other to function correctly
+ with regard to some security requirement.
+
+ $ National Computer Security Center (NCSC)
+ (N) A U.S. Department of Defense organization, housed in NSA, that
+ has responsibility for encouraging widespread availability of
+ trusted computer systems throughout the Federal Government. It has
+ established criteria for, and performs evaluations of, computer
+ and network systems that have a trusted computing base. (See:
+ Evaluated Products List, Rainbow Series, TCSEC.)
+
+ $ National Information Assurance Partnership (NIAP)
+ (N) An organization created by NIST and NSA to enhance the quality
+ of commercial products for information security and increase
+ consumer confidence in those products through objective evaluation
+ and testing methods.
+
+ (C) NIAP is registered, through the U.S. Department of Defense, as
+ a National Performance Review Reinvention Laboratory. NIAP
+ functions include the following:
+
+ - Developing tests, test methods, and other tools that developers
+ and testing laboratories may use to improve and evaluate
+ security products.
+
+
+
+Shirey Informational [Page 110]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - Collaborating with industry and others on research and testing
+ programs.
+ - Using the Common Criteria to develop protection profiles and
+ associated test sets for security products and systems.
+ - Cooperating with the NIST National Voluntary Laboratory
+ Accreditation Program to develop a program to accredit private-
+ sector laboratories for the testing of information security
+ products using the Common Criteria.
+ - Working to establish a formal, international mutual recognition
+ scheme for a Common Criteria-based evaluation.
+
+ $ National Institute of Standards and Technology (NIST)
+ (N) A U.S. Department of Commerce agency that promotes U.S.
+ economic growth by working with industry to develop and apply
+ technology, measurements, and standards. Has primary Government
+ responsibility for INFOSEC standards for unclassified but
+ sensitive information. (See: ANSI, DES, DSA, DSS, FIPS, NIAP,
+ NSA.)
+
+ $ National Security Agency (NSA)
+ (N) A U.S. Department of Defense intelligence agency that has
+ primary Government responsibility for INFOSEC for classified
+ information and for unclassified but sensitive information handled
+ by national security systems. (See: FORTEZZA, KEA, MISSI, NIAP,
+ NIST, SKIPJACK.)
+
+ $ need-to-know
+ (I) The necessity for access to, knowledge of, or possession of
+ specific information required to carry out official duties.
+
+ (C) This criterion is used in security procedures that require a
+ custodian of sensitive information, prior to disclosing the
+ information to someone else, to establish that the intended
+ recipient has proper authorization to access the information.
+
+ $ network
+ See: computer network.
+
+ $ NIAP
+ See: National Information Assurance Partnership.
+
+ $ NIST
+ See: National Institute of Standards and Technology.
+
+ $ NLSP
+ Network Layer Security Protocol. An OSI protocol (IS0 11577) for
+ end-to-end encryption services at the top of OSI layer 3. NLSP is
+ derived from an SDNS protocol, SP3, but is much more complex.
+
+
+
+Shirey Informational [Page 111]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ no-lone zone
+ (I) A room or other space to which no person may have
+ unaccompanied access and that, when occupied, is required to be
+ occupied by two or more appropriately authorized persons. (See:
+ dual control.)
+
+ $ nonce
+ (I) A random or non-repeating value that is included in data
+ exchanged by a protocol, usually for the purpose of guaranteeing
+ liveness and thus detecting and protecting against replay attacks.
+
+ $ non-critical
+ See: critical (extension of certificate).
+
+ $ non-repudiation service
+ (I) A security service that provide protection against false
+ denial of involvement in a communication. (See: repudiation.)
+
+ (C) Non-repudiation service does not and cannot prevent an entity
+ from repudiating a communication. Instead, the service provides
+ evidence that can be stored and later presented to a third party
+ to resolve disputes that arise if and when a communication is
+ repudiated by one of the entities involved. There are two basic
+ kinds of non-repudiation service:
+
+ - "Non-repudiation with proof of origin" provides the recipient
+ of data with evidence that proves the origin of the data, and
+ thus protects the recipient against an attempt by the
+ originator to falsely deny sending the data. This service can
+ be viewed as a stronger version of an data origin
+ authentication service, in that it proves authenticity to a
+ third party.
+
+ - "Non-repudiation with proof of receipt" provides the originator
+ of data with evidence that proves the data was received as
+ addressed, and thus protects the originator against an attempt
+ by the recipient to falsely deny receiving the data.
+
+ (C) Phases of a Non-Repudiation Service: Ford [For94, For97] uses
+ the term "critical action" to refer to the act of communication
+ that is the subject of the service:
+
+
+
+
+
+
+
+
+
+
+Shirey Informational [Page 112]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ -------- -------- -------- -------- -------- . --------
+ Phase 1: Phase 2: Phase 3: Phase 4: Phase 5: . Phase 6:
+ Request Generate Transfer Verify Retain . Resolve
+ Service Evidence Evidence Evidence Evidence . Dispute
+ -------- -------- -------- -------- -------- . --------
+
+ Service Critical Evidence Evidence Archive . Evidence
+ Request => Action => Stored => Is => Evidence . Is
+ Is Made Occurs For Later Tested In Case . Verified
+ and Use | ^ Critical . ^
+ Evidence v | Action Is . |
+ Is +-------------------+ Repudiated . |
+ Generated |Verifiable Evidence|------> ... . ----+
+ +-------------------+
+
+ Phase / Explanation
+ -------------------
+ 1. Before the critical action, the service requester asks, either
+ implicitly or explicitly, to have evidence of the action be
+ generated.
+ 2. When the critical action occurs, evidence is generated by a
+ process involving the potential repudiator and possibly also a
+ trusted third party.
+ 3. The evidence is transferred to the requester, or stored by a
+ third party, for later use if needed.
+ 4. The entity that holds the evidence tests to be sure that it
+ will suffice if a dispute arises.
+ 5. The evidence is retained for possible future retrieval and use.
+ 6. In this phase, which occurs only if the critical action is
+ repudiated, the evidence is retrieved from storage, presented,
+ and verified to resolve the dispute.
+
+ $ no-PIN ORA (NORA)
+ (O) MISSI usage: An organizational RA that operates in a mode in
+ which the ORA performs no card management functions and,
+ therefore, does not require knowledge of either the SSO PIN or
+ user PIN for an end user's FORTEZZA PC card.
+
+ $ NORA
+ See: no-PIN ORA.
+
+ $ notarization
+ (I) Registration of data under the authority or in the care of a
+ trusted third party, thus making it possible to provide subsequent
+ assurance of the accuracy of characteristics claimed for the data,
+ such as content, origin, time, and delivery. [I7498 Part 2] (See:
+ digital notary.)
+
+
+
+
+Shirey Informational [Page 113]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ NULL encryption algorithm
+ (I) An algorithm [R2410] that does nothing to transform plaintext
+ data; i.e., a no-op. It originated because of IPsec ESP, which
+ always specifies the use of an encryption algorithm to provide
+ confidentiality. The NULL encryption algorithm is a convenient way
+ to represent the option of not applying encryption in ESP (or in
+ any other context where this is needed).
+
+ $ OAKLEY
+ (I) A key establishment protocol (proposed for IPsec but
+ superseded by IKE) based on the Diffie-Hellman algorithm and
+ designed to be a compatible component of ISAKMP. [R2412]
+
+ (C) OAKLEY establishes a shared key with an assigned identifier
+ and associated authenticated identities for parties. I.e., OAKLEY
+ provides authentication service to ensure the entities of each
+ other's identity, even if the Diffie-Hellman exchange is
+ threatened by active wiretapping. Also, provides public-key
+ forward secrecy for the shared key and supports key updates,
+ incorporation of keys distributed by out-of-band mechanisms, and
+ user-defined abstract group structures for use with Diffie-
+ Hellman.
+
+ $ object
+ (I) Trusted computer system modeling usage: A system element that
+ contains or receives information. (See: Bell-LaPadula Model,
+ trusted computer system.)
+
+ $ object identifier (OID)
+ (I) An official, globally unique name for a thing, written as a
+ sequence of integers (which are formed and assigned as defined in
+ the ASN.1 standard) and used to reference the thing in abstract
+ specifications and during negotiation of security services in a
+ protocol.
+
+ (O) "A value (distinguishable from all other such values) which is
+ associated with an object." [X680]
+
+ (C) Objects named by OIDs are leaves of the object identifier tree
+ (which is similar to but different from the X.500 Directory
+ Information Tree). Each arc (i.e., each branch of the tree) is
+ labeled with a non-negative integer. An OID is the sequence of
+ integers on the path leading from the root of the tree to a named
+ object.
+
+ (C) The OID tree has three arcs immediately below the root: {0}
+ for use by ITU-T, {1} for use by ISO, and {2} for use by both
+ jointly. Below ITU-T are four arcs, where {0 0} is for ITU-T
+
+
+
+Shirey Informational [Page 114]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ recommendations. Below {0 0} are 26 arcs, one for each series of
+ recommendations starting with the letters A to Z, and below these
+ are arcs for each recommendation. Thus, the OID for ITU-T
+ Recommendation X.509 is {0 0 24 509}. Below ISO are four arcs,
+ where {1 0 }is for ISO standards, and below these are arcs for
+ each ISO standard. Thus, the OID for ISO/IEC 9594-8 (the ISO
+ number for X.509) is {1 0 9594 8}.
+
+ (C) The following are additional examples: ANSI registers
+ organization names below the branch {joint-iso-ccitt(2)
+ country(16) US(840) organization(1)}. The NIST CSOR records PKI
+ objects below the branch {joint-iso-ccitt(2) country(16) us(840)
+ gov(101) csor(3) pki(4)}. The U.S. Department of Defense registers
+ INFOSEC objects below the branch {joint-iso-ccitt(2) country(16)
+ us(840) organization(1) gov(101) dod(2) infosec(1)}. The OID for
+ the PKIX private extension is defined in an arc below the arc for
+ the PKIX name space, as {iso(1) identified-organization(3) dod(6)
+ internet(1) security(5) mechanisms(5) pkix(7) 1 1}.
+
+ $ object reuse
+ (N) "The reassignment and reuse of a storage medium (e.g., page
+ frame, disk sector, magnetic tape) that once contained one or more
+ [information] objects. To be securely reused and assigned to a new
+ subject, storage media must contain no residual data (magnetic
+ remanence) from the object(s) previously contained in the media."
+ [NCS04]
+
+ $ OCSP
+ See: On-line Certificate Status Protocol.
+
+ $ octet
+ (I) A data unit of eight bits. (See: byte.)
+
+ (c) This term is used in networking (especially in OSI standards)
+ in preference to "byte", because some systems use "byte" for data
+ storage units of a size other than eight.
+
+ $ OFB
+ See: output feedback.
+
+ $ ohnosecond
+ (C) That minuscule fraction of time in which you realize that your
+ private key has been compromised.
+
+ $ OID
+ See: object identifier.
+
+
+
+
+
+Shirey Informational [Page 115]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ On-line Certificate Status Protocol (OCSP)
+ (I) An Internet protocol used by a client to obtain from a server
+ the validity status and other information concerning a digital
+ certificate.
+
+ (C) In some applications, such as those involving high-value
+ commercial transactions, it may be necessary to obtain certificate
+ revocation status that is more timely than is possible with CRLs
+ or to obtain other kinds of status information. OCSP may be used
+ to determine the current revocation status of a digital
+ certificate, in lieu of or as a supplement to checking against a
+ periodic CRL. An OCSP client issues a status request to an OCSP
+ server and suspends acceptance of the certificate in question
+ until the server provides a response.
+
+ $ one-time pad
+ (I) An encryption algorithm in which the key is a random sequence
+ of symbols and each symbol is used for encryption only one time--
+ to encrypt only one plaintext symbol to produce only one
+ ciphertext symbol--and a copy of the key is used similarly for
+ decryption.
+
+ (C) To ensure one-time use, the copy of the key used for
+ encryption is destroyed after use, as is the copy used for
+ decryption. This is the only encryption algorithm that is truly
+ unbreakable, even given unlimited resources for cryptanalysis
+ [Schn], but key management costs and synchronization problems make
+ it impractical except in special situations.
+
+ $ one-time password
+ $ One-Time Password (OTP)
+ 1. Not capitalized: A "one-time password" is a simple
+ authentication technique in which each password is used only once
+ as authentication information that verifies an identity. This
+ technique counters the threat of a replay attack that uses
+ passwords captured by wiretapping.
+
+ 2. Capitalized: "One-Time Password" is an Internet protocol
+ [R1938] that is based on S/KEY and uses a cryptographic hash
+ function to generate one-time passwords for use as authentication
+ information in system login and in other processes that need
+ protection against replay attacks.
+
+ $ one-way encryption
+ (I) Irreversible transformation of plaintext to ciphertext, such
+ that the plaintext cannot be recovered from the ciphertext by
+ other than exhaustive procedures even if the cryptographic key is
+ known. (See: encryption.)
+
+
+
+Shirey Informational [Page 116]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ one-way function
+ (I) "A (mathematical) function, f, which is easy to compute, but
+ which for a general value y in the range, it is computationally
+ difficult to find a value x in the domain such that f(x) = y.
+ There may be a few values of y for which finding x is not
+ computationally difficult." [X509]
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "cryptographic
+ hash".
+
+ $ open security environment
+ (O) U.S. Department of Defense usage: A system environment that
+ meets at least one of the following conditions: (a) Application
+ developers (including maintainers) do not have sufficient
+ clearance or authorization to provide an acceptable presumption
+ that they have not introduced malicious logic. (b) Configuration
+ control does not provide sufficient assurance that applications
+ and the equipment are protected against the introduction of
+ malicious logic prior to and during the operation of system
+ applications. [NCS04] (See: closed security environment.)
+
+ $ Open Systems Interconnection (OSI) Reference Model (OSIRM)
+ (N) A joint ISO/ITU-T standard [I7498 Part 1] for a seven-layer,
+ architectural communication framework for interconnection of
+ computers in networks.
+
+ (C) OSI-based standards include communication protocols that are
+ mostly incompatible with the Internet Protocol Suite, but also
+ include security models, such as X.509, that are used in the
+ Internet.
+
+ (C) The OSIRM layers, from highest to lowest, are (7) Application,
+ (6) Presentation, (5) Session, (4) Transport, (3) Network, (2)
+ Data Link, and (1) Physical. In this Glossary, these layers are
+ referred to by number to avoid confusing them with Internet
+ Protocol Suite layers, which are referred to by name.
+
+ (C) Some unknown person described how the OSI layers correspond to
+ the seven deadly sins:
+
+ 7. Wrath: Application is always angry at the mess it sees below
+ itself. (Hey! Who is it to be pointing fingers?)
+ 6. Sloth: Presentation is too lazy to do anything productive by
+ itself.
+ 5. Lust: Session is always craving and demanding what truly
+ belongs to Application's functionality.
+ 4. Avarice: Transport wants all of the end-to-end functionality.
+ (Of course, it deserves it, but life isn't fair.)
+
+
+
+Shirey Informational [Page 117]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ 3. Gluttony: (Connection-Oriented) Network is overweight and
+ overbearing after trying too often to eat Transport's lunch.
+ 2. Envy: Poor Data Link is always starved for attention. (With
+ Asynchronous Transfer Mode, maybe now it is feeling less
+ neglected.)
+ 1. Pride: Physical has managed to avoid much of the controversy,
+ and nearly all of the embarrassment, suffered by the others.
+
+ (C) John G. Fletcher described how the OSI layers also correspond
+ to Snow White's dwarf friends:
+
+ 7. Doc: Application acts as if it is in charge, but sometimes
+ muddles its syntax.
+ 6. Sleepy: Presentation is indolent, being guilty of the sin of
+ Sloth.
+ 5. Dopey: Session is confused because its charter is not very
+ clear.
+ 4. Grumpy: Transport is irritated because Network has encroached
+ on Transport's turf.
+ 3. Happy: Network smiles for the same reason that Transport is
+ irritated.
+ 2. Sneezy: Data Link makes loud noises in the hope of attracting
+ attention.
+ 1. Bashful: Physical quietly does its work, unnoticed by the
+ others.
+
+ $ operational integrity
+ (I) A synonym for "system integrity"; emphasizes the actual
+ performance of system functions rather than just the ability to
+ perform them.
+
+ $ operations security (OPSEC)
+ (I) A process to identify, control, and protect evidence of the
+ planning and execution of sensitive activities and operations, and
+ thereby prevent potential adversaries from gaining knowledge of
+ capabilities and intentions.
+
+ $ OPSEC
+ See: operations security.
+
+ $ ORA
+ See: organizational registration authority.
+
+ $ Orange Book
+ (D) ISDs SHOULD NOT use this term as a synonym for "Trusted
+ Computer System Evaluation Criteria" [CSC001, DOD1]. Instead, use
+
+
+
+
+
+Shirey Informational [Page 118]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ the full, proper name of the document or, in subsequent
+ references, the abbreviation "TCSEC". (See: (usage note under)
+ Green Book.)
+
+ $ organizational certificate
+ (O) MISSI usage: A type of MISSI X.509 public-key certificate that
+ is issued to support organizational message handling for the U.S.
+ Government's Defense Message System.
+
+ $ organizational registration authority (ORA)
+ (I) General usage: An RA for an organization.
+
+ (O) MISSI usage: The MISSI implementation of RA. A MISSI end
+ entity that (a) assists a PCA, CA, or SCA to register other end
+ entities, by gathering, verifying, and entering data and
+ forwarding it to the signing authority and (b) may also assist
+ with card management functions. An ORA is a local administrative
+ authority, and the term refers both to the office or role, and to
+ the person who fills that office. An ORA does not sign
+ certificates, CRLs, or CKLs. (See: no-PIN ORA, SSO-PIN ORA, user-
+ PIN ORA.)
+
+ $ origin authentication
+ $ origin authenticity
+ (D) ISDs SHOULD NOT use these terms because they look like
+ careless use of an internationally standardized term. Instead, use
+ "data origin authentication" or "peer entity authentication",
+ depending which is meant.
+
+ $ OSI
+ $ OSIRM
+ See: Open Systems Interconnection Reference Model.
+
+ $ OTP
+ See: One-Time Password.
+
+ $ out of band
+ (I) Transfer of information using a channel that is outside (i.e.,
+ separate from) the channel that is normally used. (See: covert
+ channel.)
+
+ (C) Out-of-band mechanisms are often used to distribute shared
+ secrets (e.g., a symmetric key) or other sensitive information
+ items (e.g., a root key) that are needed to initialize or
+ otherwise enable the operation of cryptography or other security
+ mechanisms. (See: key distribution.)
+
+
+
+
+
+Shirey Informational [Page 119]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ output feedback (OFB)
+ (N) A block cipher mode [FP081] that modifies electronic codebook
+ mode to operate on plaintext segments of variable length less than
+ or equal to the block length.
+
+ (C) This mode operates by directly using the algorithm's
+ previously generated output block as the algorithm's next input
+ block (i.e., by "feeding back" the output block) and combining
+ (exclusive OR-ing) the output block with the next plaintext
+ segment (of block length or less) to form the next ciphertext
+ segment.
+
+ $ outside attack
+ $ outsider attack
+ See: (secondary definition under) attack.
+
+ $ P1363
+ See: IEEE P1363.
+
+ $ PAA
+ See: policy approving authority.
+
+ $ packet filter
+ See: (secondary definition under) filtering router.
+
+ $ pagejacking
+ (I) A contraction of "Web page hijacking". A masquerade attack in
+ which the attacker copies (steals) a home page or other material
+ from the target server, rehosts the page on a server the attacker
+ controls, and causes the rehosted page to be indexed by the major
+ Web search services, thereby diverting browsers from the target
+ server to the attacker's server.
+
+ (D) ISDs SHOULD NOT use this term without including a definition,
+ because the term is not listed in most dictionaries and could
+ confuse international readers. (See: (usage note under) Green
+ Book.)
+
+ $ PAN
+ See: primary account number.
+
+ $ PAP
+ See: Password Authentication Protocol.
+
+
+
+
+
+
+
+
+Shirey Informational [Page 120]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ partitioned security mode
+ (N) A mode of operation of an information system, wherein all
+ users have the clearance, but not necessarily formal access
+ authorization and need-to-know, for all information handled by the
+ system. This mode is defined in U.S. Department of Defense policy
+ regarding system accreditation. [DoD2]
+
+ $ passive attack
+ See: (secondary definition under) attack.
+
+ $ passive wiretapping
+ See: (secondary definition under) wiretapping.
+
+ $ password
+ (I) A secret data value, usually a character string, that is used
+ as authentication information. (See: challenge-response.)
+
+ (C) A password is usually matched with a user identifier that is
+ explicitly presented in the authentication process, but in some
+ cases the identity may be implicit.
+
+ (C) Using a password as authentication information assumes that
+ the password is known only by the system entity whose identity is
+ being authenticated. Therefore, in a network environment where
+ wiretapping is possible, simple authentication that relies on
+ transmission of static (i.e., repetitively used) passwords as
+ cleartext is inadequate. (See: one-time password, strong
+ authentication.)
+
+ $ Password Authentication Protocol (PAP)
+ (I) A simple authentication mechanism in PPP. In PAP, a user
+ identifier and password are transmitted in cleartext. [R1334]
+ (See: CHAP.)
+
+ $ password sniffing
+ (I) Passive wiretapping, usually on a local area network, to gain
+ knowledge of passwords. (See: (usage note under) sniffing.)
+
+ $ path discovery
+ (I) For a digital certificate, the process of finding a set of
+ public-key certificates that comprise a certification path from a
+ trusted key to that specific certificate.
+
+ $ path validation
+ (I) The process of validating (a) all of the digital certificates
+ in a certification path and (b) the required relationships between
+ those certificates, thus validating the contents of the last
+ certificate on the path. (See: certificate validation.)
+
+
+
+Shirey Informational [Page 121]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ payment card
+ (N) SET usage: Collectively refers "to credit cards, debit cards,
+ charge cards, and bank cards issued by a financial institution and
+ which reflects a relationship between the cardholder and the
+ financial institution." [SET2]
+
+ $ payment gateway
+ (O) SET usage: A system operated by an acquirer, or a third party
+ designated by an acquirer, for the purpose of providing electronic
+ commerce services to the merchants in support of the acquirer, and
+ which interfaces to the acquirer to support the authorization,
+ capture, and processing of merchant payment messages, including
+ payment instructions from cardholders. [SET1, SET2]
+
+ $ payment gateway certification authority (SET PCA)
+ (O) SET usage: A CA that issues digital certificates to payment
+ gateways and is operated on behalf of a payment card brand, an
+ acquirer, or another party according to brand rules. A SET PCA
+ issues a CRL for compromised payment gateway certificates. [SET2]
+ (See: PCA.)
+
+ $ PC card
+ (N) A type of credit card-sized, plug-in peripheral device that
+ was originally developed to provide memory expansion for portable
+ computers, but is also used for other kinds of functional
+ expansion. (See: FORTEZZA, PCMCIA.)
+
+ (C) The international PC Card Standard defines a non-proprietary
+ form factor in three standard sizes--Types I, II and III--each of
+ which have a 68-pin interface between the card and the socket into
+ which it plugs. All three types have the same length and width,
+ roughly the size of a credit card, but differ in their thickness
+ from 3.3 to 10.5 mm. Examples include storage modules, modems,
+ device interface adapters, and cryptographic modules.
+
+ $ PCA
+ (D) ISDs SHOULD NOT use this acronym without a qualifying
+ adjective because that would be ambiguous. (See: Internet policy
+ certification authority, (MISSI) policy creation authority, (SET)
+ payment gateway certification authority.)
+
+ $ PCMCIA
+ (N) Personal Computer Memory Card International Association, a
+ group of manufacturers, developers, and vendors, founded in 1989
+ to standardize plug-in peripheral memory cards for personal
+ computers and now extended to deal with any technology that works
+ in the PC card form factor. (See: PC card.)
+
+
+
+
+Shirey Informational [Page 122]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ peer entity authentication
+ (I) "The corroboration that a peer entity in an association is the
+ one claimed." [I7498 Part 2] (See: authentication.)
+
+ $ peer entity authentication service
+ (I) A security service that verifies an identity claimed by or for
+ a system entity in an association. (See: authentication,
+ authentication service.)
+
+ (C) This service is used at the establishment of, or at times
+ during, an association to confirm the identity of one entity to
+ another, thus protecting against a masquerade by the first entity.
+ However, unlike data origin authentication service, this service
+ requires an association to exist between the two entities, and the
+ corroboration provided by the service is valid only at the current
+ time that the service is provided.
+
+ (C) See: "relationship between data integrity service and
+ authentication services" under data integrity service.
+
+ $ PEM
+ See: Privacy Enhanced Mail.
+
+ $ penetration
+ (I) Successful, repeatable, unauthorized access to a protected
+ system resource. (See: attack, violation.)
+
+ $ penetration test
+ (I) A system test, often part of system certification, in which
+ evaluators attempt to circumvent the security features of the
+ system. [NCS04]
+
+ (C) Penetration testing may be performed under various constraints
+ and conditions. However, for a TCSEC evaluation, testers are
+ assumed to have all system design and implementation
+ documentation, including source code, manuals, and circuit
+ diagrams, and to work under no greater constraints than those
+ applied to ordinary users.
+
+ $ perfect forward secrecy
+ See: (discussion under) public-key forward secrecy.
+
+ $ perimeter
+ See: security perimeter.
+
+
+
+
+
+
+
+Shirey Informational [Page 123]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ periods processing
+ (I) A mode of system operation in which information of different
+ sensitivities is processed at distinctly different times by the
+ same system, with the system being properly purged or sanitized
+ between periods. (See: color change.)
+
+ $ permission
+ (I) A synonym for "authorization", but "authorization" is
+ preferred in the PKI context. (See: privilege.)
+
+ $ personal identification number (PIN)
+ (I) A character string used as a password to gain access to a
+ system resource. (See: authentication information.)
+
+ (C) Despite the words "identification" and "number", a PIN seldom
+ serves as a user identifier, and a PIN's characters are not
+ necessarily all numeric. A better name for this concept would have
+ been "personal authentication system string (PASS)".
+
+ (C) Retail banking applications commonly use 4-digit PINs.
+ FORTEZZA PC card's use up to 12 characters for user or SSO PINs.
+
+ $ personality
+ $ personality label
+ (O) MISSI usage: A set of MISSI X.509 public-key certificates that
+ have the same subject DN, together with their associated private
+ keys and usage specifications, that is stored on a FORTEZZA PC
+ card to support a role played by the card's user.
+
+ (C) When a card's user selects a personality to use in a FORTEZZA-
+ aware application, the data determines behavior traits (the
+ personality) of the application. A card's user may have multiple
+ personalities on the card. Each has a "personality label", a user-
+ friendly character string that applications can display to the
+ user for selecting or changing the personality to be used. For
+ example, a military user's card might contain three personalities:
+ GENERAL HALFTRACK, COMMANDER FORT SWAMPY, and NEW YEAR'S EVE PARTY
+ CHAIRMAN. Each personality includes one or more certificates of
+ different types (such as DSA versus RSA), for different purposes
+ (such as digital signature versus encryption), or with different
+ authorizations.
+
+ $ personnel security
+ (I) Procedures to ensure that persons who access a system have
+ proper clearance, authorization, and need-to-know as required by
+ the system's security policy.
+
+
+
+
+
+Shirey Informational [Page 124]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ PGP(trademark)
+ See: Pretty Good Privacy.
+
+ $ Photuris
+ (I) A UDP-based, key establishment protocol for session keys,
+ designed for use with the IPsec protocols AH and ESP. Superseded
+ by IKE.
+
+ $ phreaking
+ (I) A contraction of "telephone breaking". An attack on or
+ penetration of a telephone system or, by extension, any other
+ communication or information system. [Raym]
+
+ (D) ISDs SHOULD NOT use this term because it is not listed in most
+ dictionaries and could confuse international readers.
+
+ $ physical security
+ (I) Tangible means of preventing unauthorized physical access to a
+ system. E.g., fences, walls, and other barriers; locks, safes, and
+ vaults; dogs and armed guards; sensors and alarm bells. [FP031,
+ R1455]
+
+ $ piggyback attack
+ (I) A form of active wiretapping in which the attacker gains
+ access to a system via intervals of inactivity in another user's
+ legitimate communication connection. Sometimes called a "between-
+ the-lines" attack. (See: hijack attack, man-in-the-middle attack.)
+
+ $ PIN
+ See: personal identification number.
+
+ $ ping of death
+ (I) An attack that sends an improperly large ICMP [R0792] echo
+ request packet (a "ping") with the intent of overflowing the input
+ buffers of the destination machine and causing it to crash.
+
+ $ ping sweep
+ (I) An attack that sends ICMP [R0792] echo requests ("pings") to a
+ range of IP addresses, with the goal of finding hosts that can be
+ probed for vulnerabilities.
+
+ $ PKCS
+ See: Public-Key Cryptography Standards.
+
+ $ PKCS #7
+ (N) A standard [PKC07, R2315] from the PKCS series; defines a
+ syntax for data that may have cryptography applied to it, such as
+ for digital signatures and digital envelopes.
+
+
+
+Shirey Informational [Page 125]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ PKCS #10
+ (N) A standard [PKC10] from the PKCS series; defines a syntax for
+ requests for public-key certificates. (See: certification
+ request.)
+
+ (C) A PKCS #10 request contains a DN and a public key, and may
+ contain other attributes, and is signed by the entity making the
+ request. The request is sent to a CA, who converts it to an X.509
+ public-key certificate (or some other form) and returns it,
+ possibly in PKCS #7 format.
+
+ $ PKCS #11
+ (N) A standard [PKC11] from the PKCS series; defines a software
+ CAPI called Cryptoki (pronounced "crypto-key"; short for
+ "cryptographic token interface") for devices that hold
+ cryptographic information and perform cryptographic functions.
+
+ $ PKI
+ See: public-key infrastructure.
+
+ $ PKIX
+ (I) (1.) A contraction of "Public-Key Infrastructure (X.509)", the
+ name of the IETF working group that is specifying an architecture
+ and set of protocols needed to support an X.509-based PKI for the
+ Internet. (2.) A collective name for that architecture and set of
+ protocols.
+
+ (C) The goal of PKIX is to facilitate the use of X.509 public-key
+ certificates in multiple Internet applications and to promote
+ interoperability between different implementations that use those
+ certificates. The resulting PKI is intended to provide a framework
+ that supports a range of trust and hierarchy environments and a
+ range of usage environments. PKIX specifies (a) profiles of the v3
+ X.509 public-key certificate standards and the v2 X.509 CRL
+ standards for the Internet; (b) operational protocols used by
+ relying parties to obtain information such as certificates or
+ certificate status; (c) management protocols used by system
+ entities to exchange information needed for proper management of
+ the PKI; and (d) information about certificate policies and CPSs,
+ covering the areas of PKI security not directly addressed in the
+ rest of PKIX.
+
+ $ PKIX private extension
+ (I) PKIX defines a private extension to identify an on-line
+ verification service supporting the issuing CA.
+
+
+
+
+
+
+Shirey Informational [Page 126]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ plaintext
+ (I) Data that is input to and transformed by an encryption
+ process, or that is output by a decryption process.
+
+ (C) Usually, the plaintext input to an encryption operation is
+ cleartext. But in some cases, the input is ciphertext that was
+ output from another encryption operation. (See: superencryption.)
+
+ $ Point-to-Point Protocol (PPP)
+ (I) An Internet Standard protocol [R1661] for encapsulation and
+ full-duplex transportation of network layer (mainly OSI layer 3)
+ protocol data packets over a link between two peers, and for
+ multiplexing different network layer protocols over the same link.
+ Includes optional negotiation to select and use a peer entity
+ authentication protocol to authenticate the peers to each other
+ before they exchange network layer data. (See: CHAP, EAP, PAP.)
+
+ $ Point-to-Point Tunneling Protocol (PPTP)
+ (I) An Internet client-server protocol (originally developed by
+ Ascend and Microsoft) that enables a dial-up user to create a
+ virtual extension of the dial-up link across a network by
+ tunneling PPP over IP. (See: L2TP.)
+
+ (C) PPP can encapsulate any Internet Protocol Suite network layer
+ protocol (or OSI layer 3 protocol). Therefore, PPTP does not
+ specify security services; it depends on protocols above and below
+ it to provide any needed security. PPTP makes it possible to
+ divorce the location of the initial dial-up server (i.e., the PPTP
+ Access Concentrator, the client, which runs on a special-purpose
+ host) from the location at which the dial-up protocol (PPP)
+ connection is terminated and access to the network is provided
+ (i.e., the PPTP Network Server, which runs on a general-purpose
+ host).
+
+ $ policy
+ (D) ISDs SHOULD NOT use this word as an abbreviation for either
+ "security policy" or "certificate policy". Instead, to avoid
+ misunderstanding, use the fully qualified term, at least at the
+ point of first usage.
+
+ $ policy approving authority (PAA)
+ (O) MISSI usage: The top-level signing authority of a MISSI
+ certification hierarchy. The term refers both to that
+ authoritative office or role and to the person who plays that
+ role. (See: root registry.)
+
+
+
+
+
+
+Shirey Informational [Page 127]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) A PAA registers MISSI PCAs and signs their X.509 public-key
+ certificates. A PAA issues CRLs but does not issue a CKL. A PAA
+ may issue cross-certificates to other PAAs.
+
+ $ policy certification authority (Internet PCA)
+ (I) An X.509-compliant CA at the second level of the Internet
+ certification hierarchy, under the Internet Policy Registration
+ Authority (IPRA). Each PCA operates in accordance with its
+ published security policy (see: certification practice statement)
+ and within constraints established by the IPRA for all PCAs.
+ [R1422]. (See: policy creation authority.)
+
+ $ policy creation authority (MISSI PCA)
+ (O) MISSI usage: The second level of a MISSI certification
+ hierarchy; the administrative root of a security policy domain of
+ MISSI users and other, subsidiary authorities. The term refers
+ both to that authoritative office or role and to the person who
+ fills that office. (See: policy certification authority.)
+
+ (C) A MISSI PCA's certificate is issued by a policy approving
+ authority. The PCA registers the CAs in its domain, defines their
+ configurations, and issues their X.509 public-key certificates.
+ (The PCA may also issue certificates for SCAs, ORAs, and other end
+ entities, but a PCA does not usually do this.) The PCA
+ periodically issues CRLs and CKLs for its domain.
+
+ $ Policy Management Authority
+ (N) Canadian usage: An organization responsible for PKI oversight
+ and policy management in the Government of Canada.
+
+ $ policy mapping
+ (I) "Recognizing that, when a CA in one domain certifies a CA in
+ another domain, a particular certificate policy in the second
+ domain may be considered by the authority of the first domain to
+ be equivalent (but not necessarily identical in all respects) to a
+ particular certificate policy in the first domain." [X509]
+
+ $ POP3
+ See: Post Office Protocol, version 3.
+
+ $ POP3 APOP
+ (I) A POP3 "command" (better described as a transaction type, or a
+ protocol-within-a-protocol) by which a POP3 client optionally uses
+ a keyed hash (based on MD5) to authenticate itself to a POP3
+ server and, depending on the server implementation, to protect
+ against replay attacks. (See: CRAM, POP3 AUTH, IMAP4
+ AUTHENTICATE.)
+
+
+
+
+Shirey Informational [Page 128]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) The server includes a unique timestamp in its greeting to the
+ client. The subsequent APOP command sent by the client to the
+ server contains the client's name and the hash result of applying
+ MD5 to a string formed from both the timestamp and a shared secret
+ that is known only to the client and the server. APOP was designed
+ to provide as an alternative to using POP3's USER and PASS (i.e.,
+ password) command pair, in which the client sends a cleartext
+ password to the server.
+
+ $ POP3 AUTH
+ (I) A "command" [R1734] (better described as a transaction type,
+ or a protocol-within-a-protocol) in POP3, by which a POP3 client
+ optionally proposes a mechanism to a POP3 server to authenticate
+ the client to the server and provide other security services.
+ (See: POP3 APOP, IMAP4 AUTHENTICATE.)
+
+ (C) If the server accepts the proposal, the command is followed by
+ performing a challenge-response authentication protocol and,
+ optionally, negotiating a protection mechanism for subsequent POP3
+ interactions. The security mechanisms used by POP3 AUTH are those
+ used by IMAP4.
+
+ $ port scan
+ (I) An attack that sends client requests to a range of server port
+ addresses on a host, with the goal of finding an active port and
+ exploiting a known vulnerability of that service.
+
+ $ POSIX
+ (N) Portable Operating System Interface for Computer Environments,
+ a standard [FP151, IS9945-1] (originally IEEE Standard P1003.1)
+ that defines an operating system interface and environment to
+ support application portability at the source code level. It is
+ intended to be used by both application developers and system
+ implementers.
+
+ (C) P1003.1 supports security functionality like those on most
+ UNIX systems, including discretionary access control and
+ privilege. IEEE Draft Standard P1003.6.1 specifies additional
+ functionality not provided in the base standard, including (a)
+ discretionary access control, (b) audit trail mechanisms, (c)
+ privilege mechanisms, (d) mandatory access control, and (e)
+ information label mechanisms.
+
+ $ Post Office Protocol, version 3 (POP3)
+ (I) An Internet Standard protocol [R1939] by which a client
+ workstation can dynamically access a mailbox on a server host to
+ retrieve mail messages that the server has received and is holding
+ for the client. (See: IMAP4.)
+
+
+
+Shirey Informational [Page 129]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) POP3 has mechanisms for optionally authenticating a client to
+ a server and providing other security services. (See: POP3 APOP,
+ POP3 AUTH.)
+
+ $ PPP
+ See: Point-to-Point Protocol.
+
+ $ PPTP
+ See: Point-to-Point Tunneling Protocol.
+
+ $ pre-authorization
+ (I) A capability of a CAW that enables certification requests to
+ be automatically validated against data provided in advance to the
+ CA by an authorizing entity.
+
+ $ Pretty Good Privacy(trademark) (PGP(trademark))
+ (O) Trademarks of Network Associates, Inc., referring to a
+ computer program (and related protocols) that uses cryptography to
+ provide data security for electronic mail and other applications
+ on the Internet. (See: MOSS, PEM, S/MIME.)
+
+ (C) PGP encrypts messages with IDEA in CFB mode, distributes the
+ IDEA keys by encrypting them with RSA, and creates digital
+ signatures on messages with MD5 and RSA. To establish ownership of
+ public keys, PGP depends on the web of trust. (See: Privacy
+ Enhanced Mail.)
+
+ $ primary account number (PAN)
+ (O) SET usage: "The assigned number that identifies the card
+ issuer and cardholder. This account number is composed of an
+ issuer identification number, an individual account number
+ identification, and an accompanying check digit as defined by ISO
+ 7812-1985." [SET2, IS7812] (See: bank identification number.)
+
+ (C) The PAN is embossed, encoded, or both on a magnetic-strip-
+ based credit card. The PAN identifies the issuer to which a
+ transaction is to be routed and the account to which it is to be
+ applied unless specific instructions indicate otherwise. The
+ authority that assigns the bank identification number part of the
+ PAN is the American Bankers Association.
+
+ $ privacy
+ (I) The right of an entity (normally a person), acting in its own
+ behalf, to determine the degree to which it will interact with its
+ environment, including the degree to which the entity is willing
+ to share information about itself with others. (See: anonymity.)
+
+
+
+
+
+Shirey Informational [Page 130]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (O) "The right of individuals to control or influence what
+ information related to them may be collected and stored and by
+ whom and to whom that information may be disclosed." [I7498 Part
+ 2]
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "data
+ confidentiality" or "data confidentiality service", which are
+ different concepts. Privacy is a reason for security rather than a
+ kind of security. For example, a system that stores personal data
+ needs to protect the data to prevent harm, embarrassment,
+ inconvenience, or unfairness to any person about whom data is
+ maintained, and to protect the person's privacy. For that reason,
+ the system may need to provide data confidentiality service.
+
+ $ Privacy Enhanced Mail (PEM)
+ (I) An Internet protocol to provide data confidentiality, data
+ integrity, and data origin authentication for electronic mail.
+ [R1421, R1422]. (See: MOSS, MSP, PGP, S/MIME.)
+
+ (C) PEM encrypts messages with DES in CBC mode, provides key
+ distribution of DES keys by encrypting them with RSA, and signs
+ messages with RSA over either MD2 or MD5. To establish ownership
+ of public keys, PEM uses a certification hierarchy, with X.509
+ public-key certificates and X.509 CRLs that are signed with RSA
+ and MD2. (See: Pretty Good Privacy.)
+
+ (C) PEM is designed to be compatible with a wide range of key
+ management methods, but is limited to specifying security services
+ only for text messages and, like MOSS, has not been widely
+ implemented in the Internet.
+
+ $ private component
+ (I) A synonym for "private key".
+
+ (D) In most cases, ISDs SHOULD NOT use this term; to avoid
+ confusing readers, use "private key" instead. However, the term
+ MAY be used when specifically discussing a key pair; e.g., "A key
+ pair has a public component and a private component."
+
+ $ private extension
+ See: (secondary definition under) extension.
+
+ $ private key
+ (I) The secret component of a pair of cryptographic keys used for
+ asymmetric cryptography. (See: key pair, public key.)
+
+ (O) "(In a public key cryptosystem) that key of a user's key pair
+ which is known only by that user." [X509]
+
+
+
+Shirey Informational [Page 131]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ privilege
+ (I) An authorization or set of authorizations to perform security-
+ relevant functions, especially in the context of a computer
+ operating system.
+
+ $ privilege management infrastructure
+ (N) "The complete set of processes required to provide an
+ authorization service", i.e., processes concerned with attribute
+ certificates. [FPDAM] (See: PKI.)
+
+ (D) ISDs SHOULD NOT use this term and its definition because the
+ definition is vague, and there is no consensus on an alternate
+ definition.
+
+ $ privileged process
+ (I) An computer process that is authorized (and, therefore,
+ trusted) to perform some security-relevant functions that ordinary
+ processes are not. (See: privilege, trusted process.)
+
+ $ procedural security
+ (D) ISDs SHOULD NOT use this term as a synonym for "administrative
+ security". Any type of security may involve procedures; therefore,
+ the term may be misleading. Instead, use "administrative
+ security", "communication security", "computer security",
+ "emanations security", "personnel security", "physical security",
+ or whatever specific type is meant. (See: security architecture.)
+
+ $ proprietary
+ (I) Refers to information (or other property) that is owned by an
+ individual or organization and for which the use is restricted by
+ that entity.
+
+ $ protected checksum
+ (I) A checksum that is computed for a data object by means that
+ protect against active attacks that would attempt to change the
+ checksum to make it match changes made to the data object. (See:
+ digital signature, keyed hash, (discussion under) checksum.
+
+ $ protected distribution system
+ (I) A wireline or fiber-optic system that includes sufficient
+ safeguards (acoustic, electric, electromagnetic, and physical) to
+ permit its use for unencrypted transmission of (cleartext) data.
+
+ $ protection authority
+ See: (secondary definition under) Internet Protocol Security
+ Option.
+
+
+
+
+
+Shirey Informational [Page 132]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ protection ring
+ (I) One of a hierarchy of privileged operation modes of a system
+ that gives certain access rights to processes authorized to
+ operate in that mode.
+
+ $ protocol
+ (I) A set of rules (i.e., formats and procedures) to implement and
+ control some type of association (e.g., communication) between
+ systems. (E.g., see: Internet Protocol.)
+
+ (C) In particular, a series of ordered steps involving computing
+ and communication that are performed by two or more system
+ entities to achieve a joint objective. [A9042]
+
+ $ protocol suite
+ (I) A complementary collection of communication protocols used in
+ a computer network. (See: Internet, OSI.)
+
+ $ proxy server
+ (I) A computer process--often used as, or as part of, a firewall--
+ that relays a protocol between client and server computer systems,
+ by appearing to the client to be the server and appearing to the
+ server to be the client. (See: SOCKS.)
+
+ (C) In a firewall, a proxy server usually runs on a bastion host,
+ which may support proxies for several protocols (e.g., FTP, HTTP,
+ and TELNET). Instead of a client in the protected enclave
+ connecting directly to an external server, the internal client
+ connects to the proxy server which in turn connects to the
+ external server. The proxy server waits for a request from inside
+ the firewall, forwards the request to the remote server outside
+ the firewall, gets the response, then sends the response back to
+ the client. The proxy may be transparent to the clients, or they
+ may need to connect first to the proxy server, and then use that
+ association to also initiate a connection to the real server.
+
+ (C) Proxies are generally preferred over SOCKS for their ability
+ to perform caching, high-level logging, and access control. A
+ proxy can provide security service beyond that which is normally
+ part of the relayed protocol, such as access control based on peer
+ entity authentication of clients, or peer entity authentication of
+ servers when clients do not have that capability. A proxy at OSI
+ layer 7 can also provide finer-grained security service than can a
+ filtering router at OSI layer 3. For example, an FTP proxy could
+ permit transfers out of, but not into, a protected network.
+
+
+
+
+
+
+Shirey Informational [Page 133]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ pseudo-random
+ (I) A sequence of values that appears to be random (i.e.,
+ unpredictable) but is actually generated by a deterministic
+ algorithm. (See: random.)
+
+ $ pseudo-random number generator
+ (I) A process used to deterministically generate a series of
+ numbers (usually integers) that appear to be random according to
+ certain statistical tests, but actually are pseudo-random.
+
+ (C) Pseudo-random number generators are usually implemented in
+ software.
+
+ $ public component
+ (I) A synonym for "public key".
+
+ (D) In most cases, ISDs SHOULD NOT use this term; to avoid
+ confusing readers, use "private key" instead. However, the term
+ MAY be used when specifically discussing a key pair; e.g., "A key
+ pair has a public component and a private component."
+
+ $ public key
+ (I) The publicly-disclosable component of a pair of cryptographic
+ keys used for asymmetric cryptography. (See: key pair, private
+ key.)
+
+ (O) "(In a public key cryptosystem) that key of a user's key pair
+ which is publicly known." [X509]
+
+ $ public-key certificate
+ (I) A digital certificate that binds a system entity's identity to
+ a public key value, and possibly to additional data items; a
+ digitally-signed data structure that attests to the ownership of a
+ public key. (See: X.509 public-key certificate.)
+
+ (C) The digital signature on a public-key certificate is
+ unforgeable. Thus, the certificate can be published, such as by
+ posting it in a directory, without the directory having to protect
+ the certificate's data integrity.
+
+ (O) "The public key of a user, together with some other
+ information, rendered unforgeable by encipherment with the private
+ key of the certification authority which issued it." [X509]
+
+ $ public-key cryptography
+ (I) The popular synonym for "asymmetric cryptography".
+
+
+
+
+
+Shirey Informational [Page 134]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ Public-Key Cryptography Standards (PKCS)
+ (I) A series of specifications published by RSA Laboratories for
+ data structures and algorithm usage for basic applications of
+ asymmetric cryptography. (See: PKCS #7, PKCS #10, PKCS #11.)
+
+ (C) The PKCS were begun in 1991 in cooperation with industry and
+ academia, originally including Apple, Digital, Lotus, Microsoft,
+ Northern Telecom, Sun, and MIT. Today, the specifications are
+ widely used, but they are not sanctioned by an official standards
+ organization, such as ANSI, ITU-T, or IETF. RSA Laboratories
+ retains sole decision-making authority over the PKCS.
+
+ $ public-key forward secrecy (PFS)
+ (I) For a key agreement protocol based on asymmetric cryptography,
+ the property that ensures that a session key derived from a set of
+ long-term public and private keys will not be compromised if one
+ of the private keys is compromised in the future.
+
+ (C) Some existing RFCs use the term "perfect forward secrecy" but
+ either do not define it or do not define it precisely. While
+ preparing this Glossary, we tried to find a good definition for
+ that term, but found this to be a muddled area. Experts did not
+ agree. For all practical purposes, the literature defines "perfect
+ forward secrecy" by stating the Diffie-Hellman algorithm. The term
+ "public-key forward secrecy" (suggested by Hilarie Orman) and the
+ "I" definition stated for it here were crafted to be compatible
+ with current Internet documents, yet be narrow and leave room for
+ improved terminology.
+
+ (C) Challenge to the Internet security community: We need a
+ taxonomy--a family of mutually exclusive and collectively
+ exhaustive terms and definitions to cover the basic properties
+ discussed here--for the full range of cryptographic algorithms and
+ protocols used in Internet Standards:
+
+ (C) Involvement of session keys vs. long-term keys: Experts
+ disagree about the basic ideas involved.
+
+ - One concept of "forward secrecy" is that, given observations of
+ the operation of a key establishment protocol up to time t, and
+ given some of the session keys derived from those protocol runs,
+ you cannot derive unknown past session keys or future session
+ keys.
+
+ - A related property is that, given observations of the protocol
+ and knowledge of the derived session keys, you cannot derive one
+ or more of the long-term private keys.
+
+
+
+
+Shirey Informational [Page 135]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - The "I" definition presented above involves a third concept of
+ "forward secrecy" that refers to the effect of the compromise of
+ long-term keys.
+
+ - All three concepts involve the idea that a compromise of "this"
+ encryption key is not supposed to compromise the "next" one. There
+ also is the idea that compromise of a single key will compromise
+ only the data protected by the single key. In Internet literature,
+ the focus has been on protection against decryption of back
+ traffic in the event of a compromise of secret key material held
+ by one or both parties to a communication.
+
+ (C) Forward vs. backward: Experts are unhappy with the word
+ "forward", because compromise of "this" encryption key also is not
+ supposed to compromise the "previous" one, which is "backward"
+ rather than forward. In S/KEY, if the key used at time t is
+ compromised, then all keys used prior to that are compromised. If
+ the "long-term" key (i.e., the base of the hashing scheme) is
+ compromised, then all keys past and future are compromised; thus,
+ you could say that S/KEY has neither forward nor backward secrecy.
+
+ (C) Asymmetric cryptography vs. symmetric: Experts disagree about
+ forward secrecy in the context of symmetric cryptographic systems.
+ In the absence of asymmetric cryptography, compromise of any long-
+ term key seems to compromise any session key derived from the
+ long-term key. For example, Kerberos isn't forward secret, because
+ compromising a client's password (thus compromising the key shared
+ by the client and the authentication server) compromises future
+ session keys shared by the client and the ticket-granting server.
+
+ (C) Ordinary forward secrecy vs. "perfect" forward secret: Experts
+ disagree about the difference between these two. Some say there is
+ no difference, and some say that the initial naming was
+ unfortunate and suggest dropping the word "perfect". Some suggest
+ using "forward secrecy" for the case where one long-term private
+ key is compromised, and adding "perfect" for when both private
+ keys (or, when the protocol is multi-party, all private keys) are
+ compromised.
+
+ (C) Acknowledgements: Bill Burr, Burt Kaliski, Steve Kent, Paul
+ Van Oorschot, Michael Wiener, and, especially, Hilarie Orman
+ contributed ideas to this discussion.
+
+ $ public-key infrastructure (PKI)
+ (I) A system of CAs (and, optionally, RAs and other supporting
+ servers and agents) that perform some set of certificate
+ management, archive management, key management, and token
+
+
+
+
+Shirey Informational [Page 136]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ management functions for a community of users in an application of
+ asymmetric cryptography. (See: hierarchical PKI, mesh PKI,
+ security management infrastructure, trust-file PKI.)
+
+ (O) PKIX usage: The set of hardware, software, people, policies,
+ and procedures needed to create, manage, store, distribute, and
+ revoke digital certificates based on asymmetric cryptography.
+
+ (C) The core PKI functions are (a) to register users and issue
+ their public-key certificates, (b) to revoke certificates when
+ required, and (c) to archive data needed to validate certificates
+ at a much later time. Key pairs for data confidentiality may be
+ generated (and perhaps escrowed) by CAs or RAs, but requiring a
+ PKI client to generate its own digital signature key pair helps
+ maintain system integrity of the cryptographic system, because
+ then only the client ever possesses the private key it uses. Also,
+ an authority may be established to approve or coordinate CPSs,
+ which are security policies under which components of a PKI
+ operate.
+
+ (C) A number of other servers and agents may support the core PKI,
+ and PKI clients may obtain services from them. The full range of
+ such services is not yet fully understood and is evolving, but
+ supporting roles may include archive agent, certified delivery
+ agent, confirmation agent, digital notary, directory, key escrow
+ agent, key generation agent, naming agent who ensures that issuers
+ and subjects have unique identifiers within the PKI, repository,
+ ticket-granting agent, and time stamp agent.
+
+ $ RA
+ See: registration authority.
+
+ $ RA domains
+ (I) A capability of a CAW that allows a CA to divide the
+ responsibility for certification requests among multiple RAs.
+
+ (C) This capability might be used to restrict access to private
+ authorization data that is provided with a certification request,
+ and to distribute the responsibility to review and approve
+ certification requests in high volume environments. RA domains
+ might segregate certification requests according to an attribute
+ of the certificate subject, such as an organizational unit.
+
+ $ RADIUS
+ See: Remote Authentication Dial-In User Service.
+
+
+
+
+
+
+Shirey Informational [Page 137]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ Rainbow Series
+ (O) A set of more than 30 technical and policy documents with
+ colored covers, issued by the NCSC, that discuss in detail the
+ TCSEC and provide guidance for meeting and applying the criteria.
+ (See: Green Book, Orange Book, Red Book, Yellow Book.)
+
+ $ random
+ (I) General usage: In mathematics, random means "unpredictable". A
+ sequence of values is called random if each successive value is
+ obtained merely by chance and does not depend on the preceding
+ values of the sequence, and a selected individual value is called
+ random if each of the values in the total population of
+ possibilities has equal probability of being selected. [Knuth]
+ (See: cryptographic key, pseudo-random, random number generator.)
+
+ (I) Security usage: In cryptography and other security
+ applications, random means not only unpredictable, but also
+ "unguessable". When selecting data values to use for cryptographic
+ keys, "the requirement is for data that an adversary has a very
+ low probability of guessing or determining." It is not sufficient
+ to use data that "only meets traditional statistical tests for
+ randomness or which is based on limited range sources, such as
+ clocks. Frequently such random quantities are determinable [i.e.,
+ guessable] by an adversary searching through an embarrassingly
+ small space of possibilities." [R1750]
+
+ $ random number generator
+ (I) A process used to generate an unpredictable, uniformly
+ distributed series of numbers (usually integers). (See: pseudo-
+ random, random.)
+
+ (C) True random number generators are hardware-based devices that
+ depend on the output of a "noisy diode" or other physical
+ phenomena. [R1750]
+
+ $ RBAC
+ See: Role-Based Access Control.
+
+ $ RC2
+ $ RC4
+ See: Rivest Cipher #2, Rivest Cipher #4.
+
+ $ realm
+ (O) Kerberos usage: The domain of authority of a Kerberos server
+ (consisting of an authentication server and a ticket-granting
+ server), including the Kerberized clients and the Kerberized
+ application servers
+
+
+
+
+Shirey Informational [Page 138]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ RED
+ (I) Designation for information system equipment or facilities
+ that handle (and for data that contains) only plaintext (or,
+ depending on the context, classified information), and for such
+ data itself. This term derives from U.S. Government COMSEC
+ terminology. (See: BLACK, RED/BLACK separation.)
+
+ $ Red Book
+ (D) ISDs SHOULD NOT use this term as a synonym for "Trusted
+ Network Interpretation of the Trusted Computer System Evaluation
+ Criteria" [NCS05]. Instead, use the full proper name of the
+ document or, in subsequent references, a more conventional
+ abbreviation. (See: TCSEC, Rainbow Series, (usage note under)
+ Green Book.)
+
+ $ RED/BLACK separation
+ (I) An architectural concept for cryptographic systems that
+ strictly separates the parts of a system that handle plaintext
+ (i.e., RED information) from the parts that handle ciphertext
+ (i.e., BLACK information). This term derives from U.S. Government
+ COMSEC terminology. (See: BLACK, RED.)
+
+ $ reference monitor
+ (I) "An access control concept that refers to an abstract machine
+ that mediates all accesses to objects by subjects." [NCS04] (See:
+ security kernel.)
+
+ (C) A reference monitor should be (a) complete (i.e., it mediates
+ every access), (b) isolated (i.e., it cannot be modified by other
+ system entities), and (c) verifiable (i.e., small enough to be
+ subjected to analysis and tests to ensure that it is correct).
+
+ $ reflection attack
+ (I) A type of replay attack in which transmitted data is sent back
+ to its originator.
+
+ $ register
+ $ registration
+ (I) An administrative act or process whereby an entity's name and
+ other attributes are established for the first time at a CA, prior
+ to the CA issuing a digital certificate that has the entity's name
+ as the subject. (See: registration authority.)
+
+ (C) Registration may be accomplished either directly, by the CA,
+ or indirectly, by a separate RA. An entity is presented to the CA
+ or RA, and the authority either records the name(s) claimed for
+ the entity or assigns the entity's name(s). The authority also
+ determines and records other attributes of the entity that are to
+
+
+
+Shirey Informational [Page 139]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ be bound in a certificate (such as a public key or authorizations)
+ or maintained in the authority's database (such as street address
+ and telephone number). The authority is responsible, possibly
+ assisted by an RA, for authenticating the entity's identity and
+ verifying the correctness of the other attributes, in accordance
+ with the CA's CPS.
+
+ (C) Among the registration issues that a CPS may address are the
+ following [R2527]:
+
+ - How a claimed identity and other attributes are verified.
+ - How organization affiliation or representation is verified.
+ - What forms of names are permitted, such as X.500 DN, domain
+ name, or IP address.
+ - Whether names are required to be meaningful or unique, and
+ within what domain.
+ - How naming disputes are resolved, including the role of
+ trademarks.
+ - Whether certificates are issued to entities that are not
+ persons.
+ - Whether a person is required to appear before the CA or RA, or
+ can instead be represented by an agent.
+ - Whether and how an entity proves possession of the private key
+ matching a public key.
+
+ $ registration authority (RA)
+ (I) An optional PKI entity (separate from the CAs) that does not
+ sign either digital certificates or CRLs but has responsibility
+ for recording or verifying some or all of the information
+ (particularly the identities of subjects) needed by a CA to issue
+ certificates and CRLs and to perform other certificate management
+ functions. (See: organizational registration authority,
+ registration.)
+
+ (C) Sometimes, a CA may perform all certificate management
+ functions for all end users for which the CA signs certificates.
+ Other times, such as in a large or geographically dispersed
+ community, it may be necessary or desirable to offload secondary
+ CA functions and delegate them to an assistant, while the CA
+ retains the primary functions (signing certificates and CRLs). The
+ tasks that are delegated to an RA by a CA may include personal
+ authentication, name assignment, token distribution, revocation
+ reporting, key generation, and archiving. An RA is an optional PKI
+ component, separate from the CA, that is assigned secondary
+ functions. The duties assigned to RAs vary from case to case but
+ may include the following:
+
+
+
+
+
+Shirey Informational [Page 140]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - Verifying a subject's identity, i.e., performing personal
+ authentication functions.
+ - Assigning a name to a subject. (See: distinguished name.)
+ - Verifying that a subject is entitled to have the attributes
+ requested for a certificate.
+ - Verifying that a subject possesses the private key that matches
+ the public key requested for a certificate.
+ - Performing functions beyond mere registration, such as
+ generating key pairs, distributing tokens, and handling
+ revocation reports. (Such functions may be assigned to a PKI
+ element that is separate from both the CA and the RA.)
+
+ (I) PKIX usage: An optional PKI component, separate from the
+ CA(s). The functions that the RA performs will vary from case to
+ case but may include identity authentication and name assignment,
+ key generation and archiving of key pairs, token distribution, and
+ revocation reporting. [R2510]
+
+ (O) SET usage: "An independent third-party organization that
+ processes payment card applications for multiple payment card
+ brands and forwards applications to the appropriate financial
+ institutions." [SET2]
+
+ $ regrade
+ (I) Deliberately change the classification level of information in
+ an authorized manner.
+
+ $ rekey
+ (I) Change the value of a cryptographic key that is being used in
+ an application of a cryptographic system. (See: certificate
+ rekey.)
+
+ (C) For example, rekey is required at the end of a cryptoperiod or
+ key lifetime.
+
+ $ reliability
+ (I) The ability of a system to perform a required function under
+ stated conditions for a specified period of time. (See:
+ availability, survivability.)
+
+ $ relying party
+ (N) A synonym for "certificate user". Used in a legal context to
+ mean a recipient of a certificate who acts in reliance on that
+ certificate. (See: ABA Guidelines.)
+
+ $ Remote Authentication Dial-In User Service (RADIUS)
+ (I) An Internet protocol [R2138] for carrying dial-in users'
+ authentication information and configuration information between a
+
+
+
+Shirey Informational [Page 141]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ shared, centralized authentication server (the RADIUS server) and
+ a network access server (the RADIUS client) that needs to
+ authenticate the users of its network access ports. (See: TACACS.)
+
+ (C) A user of the RADIUS client presents authentication
+ information to the client, and the client passes that information
+ to the RADIUS server. The server authenticates the client using a
+ shared secret value, then checks the user's authentication
+ information, and finally returns to the client all authorization
+ and configuration information needed by the client to deliver
+ service to the user.
+
+ $ renew
+ See: certificate renewal.
+
+ $ replay attack
+ (I) An attack in which a valid data transmission is maliciously or
+ fraudulently repeated, either by the originator or by an adversary
+ who intercepts the data and retransmits it, possibly as part of a
+ masquerade attack. (See: active wiretapping.)
+
+ $ repository
+ (I) A system for storing and distributing digital certificates and
+ related information (including CRLs, CPSs, and certificate
+ policies) to certificate users. (See: directory.)
+
+ (O) "A trustworthy system for storing and retrieving certificates
+ or other information relevant to certificates." [ABA]
+
+ (C) A certificate is published to those who might need it by
+ putting it in a repository. The repository usually is a publicly
+ accessible, on-line server. In the Federal Public-key
+ Infrastructure, for example, the expected repository is a
+ directory that uses LDAP, but also may be the X.500 Directory that
+ uses DAP, or an HTTP server, or an FTP server that permits
+ anonymous login.
+
+ $ repudiation
+ (I) Denial by a system entity that was involved in an association
+ (especially an association that transfers information) of having
+ participated in the relationship. (See: accountability, non-
+ repudiation service.)
+
+ (O) "Denial by one of the entities involved in a communication of
+ having participated in all or part of the communication." [I7498
+ Part 2]
+
+
+
+
+
+Shirey Informational [Page 142]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ Request for Comment (RFC)
+ (I) One of the documents in the archival series that is the
+ official channel for ISDs and other publications of the Internet
+ Engineering Steering Group, the Internet Architecture Board, and
+ the Internet community in general. [R2026, R2223] (See: Internet
+ Standard.)
+
+ (C) This term is *not* a synonym for "Internet Standard".
+
+ $ residual risk
+ (I) The risk that remains after countermeasures have been applied.
+
+ $ restore
+ See: card restore.
+
+ $ revocation
+ See: certificate revocation.
+
+ $ revocation date
+ (N) In an X.509 CRL entry, a date-time field that states when the
+ certificate revocation occurred, i.e., when the CA declared the
+ digital certificate to be invalid. (See: invalidity date.)
+
+ (C) The revocation date may not resolve some disputes because, in
+ the worst case, all signatures made during the validity period of
+ the certificate may have to be considered invalid. However, it may
+ be desirable to treat a digital signature as valid even though the
+ private key used to sign was compromised after the signing. If
+ more is known about when the compromise actually occurred, a
+ second date-time, an "invalidity date", can be included in an
+ extension of the CRL entry.
+
+ $ revocation list
+ See: certificate revocation list.
+
+ $ revoke
+ See: certificate revocation.
+
+ $ RFC
+ See: Request for Comment.
+
+ $ risk
+ (I) An expectation of loss expressed as the probability that a
+ particular threat will exploit a particular vulnerability with a
+ particular harmful result.
+
+
+
+
+
+
+Shirey Informational [Page 143]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (O) SET usage: "The possibility of loss because of one or more
+ threats to information (not to be confused with financial or
+ business risk)." [SET2]
+
+ $ risk analysis
+ $ risk assessment
+ (I) A process that systematically identifies valuable system
+ resources and threats to those resources, quantifies loss
+ exposures (i.e., loss potential) based on estimated frequencies
+ and costs of occurrence, and (optionally) recommends how to
+ allocate resources to countermeasures so as to minimize total
+ exposure.
+
+ (C) The analysis lists risks in order of cost and criticality,
+ thereby determining where countermeasures should be applied first.
+ It is usually financially and technically infeasible to counteract
+ all aspects of risk, and so some residual risk will remain, even
+ after all available countermeasures have been deployed. [FP031,
+ R2196]
+
+ $ risk management
+ (I) The process of identifying, controlling, and eliminating or
+ minimizing uncertain events that may affect system resources.
+ (See: risk analysis.)
+
+ $ Rivest Cipher #2 (RC2)
+ (N) A proprietary, variable-key-length block cipher invented by
+ Ron Rivest for RSA Data Security, Inc. (now a wholly-owned
+ subsidiary of Security Dynamics, Inc.).
+
+ $ Rivest Cipher #4 (RC4)
+ (N) A proprietary, variable-key-length stream cipher invented by
+ Ron Rivest for RSA Data Security, Inc. (now a wholly-owned
+ subsidiary of Security Dynamics, Inc.).
+
+ $ Rivest-Shamir-Adleman (RSA)
+ (N) An algorithm for asymmetric cryptography, invented in 1977 by
+ Ron Rivest, Adi Shamir, and Leonard Adleman [RSA78, Schn].
+
+ (C) RSA uses exponentiation modulo the product of two large prime
+ numbers. The difficulty of breaking RSA is believed to be
+ equivalent to the difficulty of factoring integers that are the
+ product of two large prime numbers of approximately equal size.
+
+ (C) To create an RSA key pair, randomly choose two large prime
+ numbers, p and q, and compute the modulus, n = pq. Randomly choose
+ a number e, the public exponent, that is less than n and
+ relatively prime to (p-1)(q-1). Choose another number d, the
+
+
+
+Shirey Informational [Page 144]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ private exponent, such that ed-1 evenly divides (p-1)(q-1). The
+ public key is the set of numbers (n,e), and the private key is the
+ set (n,d).
+
+ (C) It is assumed to be difficult to compute the private key (n,d)
+ from the public key (n,e). However, if n can be factored into p
+ and q, then the private key d can be computed easily. Thus, RSA
+ security depends on the assumption that it is computationally
+ difficult to factor a number that is the product of two large
+ prime numbers. (Of course, p and q are treated as part of the
+ private key, or else destroyed after computing n.)
+
+ (C) For encryption of a message, m, to be sent to Bob, Alice uses
+ Bob's public key (n,e) to compute m**e (mod n) = c. She sends c to
+ Bob. Bob computes c**d (mod n) = m. Only Bob knows d, so only Bob
+ can compute c**d (mod n) = m to recover m.
+
+ (C) To provide data origin authentication of a message, m, to be
+ sent to Bob, Alice computes m**d (mod n) = s, where (d,n) is
+ Alice's private key. She sends m and s to Bob. To recover the
+ message that only Alice could have sent, Bob computes s**e (mod n)
+ = m, where (e,n) is Alice's public key.
+
+ (C) To ensure data integrity in addition to data origin
+ authentication requires extra computation steps in which Alice and
+ Bob use a cryptographic hash function h (as explained for digital
+ signature). Alice computes the hash value h(m) = v, and then
+ encrypts v with her private key to get s. She sends m and s. Bob
+ receives m' and s', either of which might have been changed from
+ the m and s that Alice sent. To test this, he decrypts s' with
+ Alice's public key to get v'. He then computes h(m') = v". If v'
+ equals v", Bob is assured that m' is the same m that Alice sent.
+
+ $ role-based access control (RBAC)
+ (I) A form of identity-based access control where the system
+ entities that are identified and controlled are functional
+ positions in an organization or process.
+
+ $ root
+ (I) A CA that is directly trusted by an end entity. Acquiring the
+ value of a root CA's public key involves an out-of-band procedure.
+
+ (I) Hierarchical PKI usage: The CA that is the highest level (most
+ trusted) CA in a certification hierarchy; i.e., the authority upon
+ whose public key all certificate users base their trust. (See: top
+ CA.)
+
+
+
+
+
+Shirey Informational [Page 145]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) In a hierarchical PKI, a root issues public-key certificates
+ to one or more additional CAs that form the second highest level.
+ Each of these CAs may issue certificates to more CAs at the third
+ highest level, and so on. To initialize operation of a
+ hierarchical PKI, the root's initial public key is securely
+ distributed to all certificate users in a way that does not depend
+ on the PKI's certification relationships. The root's public key
+ may be distributed simply as a numerical value, but typically is
+ distributed in a self-signed certificate in which the root is the
+ subject. The root's certificate is signed by the root itself
+ because there is no higher authority in a certification hierarchy.
+ The root's certificate is then the first certificate in every
+ certification path.
+
+ (O) MISSI usage: A name previously used for a MISSI policy
+ creation authority, which is not a root as defined above for
+ general usage, but is a CA at the second level of the MISSI
+ hierarchy, immediately subordinate to a MISSI policy approving
+ authority.
+
+ (O) UNIX usage: A user account (also called "superuser") that has
+ all privileges (including all security-related privileges) and
+ thus can manage the system and its other user accounts.
+
+ $ root certificate
+ (I) A certificate for which the subject is a root.
+
+ (I) Hierarchical PKI usage: The self-signed public-key certificate
+ at the top of a certification hierarchy.
+
+ $ root key
+ (I) A public key for which the matching private key is held by a
+ root.
+
+ $ root registry
+ (O) MISSI usage: A name previously used for a MISSI policy
+ approving authority.
+
+ $ router
+ (I) A computer that is a gateway between two networks at OSI layer
+ 3 and that relays and directs data packets through that
+ internetwork. The most common form of router operates on IP
+ packets. (See: bridge.)
+
+ (I) Internet usage: In the context of the Internet protocol suite,
+ a networked computer that forwards Internet Protocol packets that
+ are not addressed to the computer itself. (See: host.)
+
+
+
+
+Shirey Informational [Page 146]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ RSA
+ See: Rivest-Shamir-Adleman.
+
+ $ rule-based security policy
+ (I) "A security policy based on global rules imposed for all
+ users. These rules usually rely on comparison of the sensitivity
+ of the resource being accessed and the possession of corresponding
+ attributes of users, a group of users, or entities acting on
+ behalf of users." [I7498 Part 2] (See: identity-based security
+ policy.)
+
+ $ safety
+ (I) The property of a system being free from risk of causing harm
+ to system entities and outside entities.
+
+ $ SAID
+ See: security association identifier.
+
+ $ salt
+ (I) A random value that is concatenated with a password before
+ applying the one-way encryption function used to protect passwords
+ that are stored in the database of an access control system. (See:
+ initialization value.)
+
+ (C) Salt protects a password-based access control system against a
+ dictionary attack.
+
+ $ sanitize
+ (I) Delete sensitive data from a file, a device, or a system; or
+ modify data so as to be able to downgrade its classification
+ level.
+
+ $ SASL
+ See: Simple Authentication and Security Layer.
+
+ $ SCA
+ See: subordinate certification authority.
+
+ $ scavenging
+ See: (secondary definition under) threat consequence.
+
+ $ screening router
+ (I) A synonym for "filtering router".
+
+ $ SDE
+ See: Secure Data Exchange.
+
+
+
+
+
+Shirey Informational [Page 147]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ SDNS
+ See: Secure Data Network System.
+
+ $ seal
+ (O) To use cryptography to provide data integrity service for a
+ data object. (See: sign, wrap.)
+
+ (D) ISDs SHOULD NOT use this definition; instead, use language
+ that is more specific with regard to the mechanism(s) used, such
+ as "sign" when the mechanism is digital signature.
+
+ $ secret
+ (I) (1.) Adjective: The condition of information being protected
+ from being known by any system entities except those who are
+ intended to know it. (2.) Noun: An item of information that is
+ protected thusly.
+
+ (C) This term applies to symmetric keys, private keys, and
+ passwords.
+
+ $ secret-key cryptography
+ (I) A synonym for "symmetric cryptography".
+
+ $ Secure Data Exchange (SDE)
+ (N) A local area network security protocol defined by the IEEE
+ 802.10 standard.
+
+ $ Secure Data Network System (SDNS)
+ (N) An NSA program that developed security protocols for
+ electronic mail (Message Security Protocol), OSI layer 3 (SP3),
+ OSI layer 4 (SP4), and key management (KMP).
+
+ $ Secure Hash Standard (SHS)
+ (N) The U.S. Government standard [FP180] that specifies the Secure
+ Hash Algorithm (SHA-1), a cryptographic hash function that
+ produces a 160-bit output (hash result) for input data of any
+ length < 2**64 bits.
+
+ $ Secure Hypertext Transfer Protocol (Secure-HTTP, S-HTTP)
+ (I) A Internet protocol for providing client-server security
+ services for HTTP communications. (See: https.)
+
+ (C) S-HTTP was originally specified by CommerceNet, a coalition of
+ businesses interested in developing the Internet for commercial
+ uses. Several message formats may be incorporated into S-HTTP
+ clients and servers, particularly CMS and MOSS. S-HTTP supports
+ choice of security policies, key management mechanisms, and
+ cryptographic algorithms through option negotiation between
+
+
+
+Shirey Informational [Page 148]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ parties for each transaction. S-HTTP supports both asymmetric and
+ symmetric key operation modes. S-HTTP attempts to avoid presuming
+ a particular trust model, but it attempts to facilitate multiply-
+ rooted hierarchical trust and anticipates that principals may have
+ many public key certificates.
+
+ $ Secure/MIME (S/MIME)
+ (I) Secure/Multipurpose Internet Mail Extensions, an Internet
+ protocol [R2633] to provide encryption and digital signatures for
+ Internet mail messages.
+
+ $ Secure Sockets Layer (SSL)
+ (N) An Internet protocol (originally developed by Netscape
+ Communications, Inc.) that uses connection-oriented end-to-end
+ encryption to provide data confidentiality service and data
+ integrity service for traffic between a client (often a web
+ browser) and a server, and that can optionally provide peer entity
+ authentication between the client and the server. (See: Transport
+ Layer Security.)
+
+ (C) SSL is layered below HTTP and above a reliable transport
+ protocol (TCP). SSL is independent of the application it
+ encapsulates, and any higher level protocol can layer on top of
+ SSL transparently. However, many Internet applications might be
+ better served by IPsec.
+
+ (C) SSL has two layers: (a) SSL's lower layer, the SSL Record
+ Protocol, is layered on top of the transport protocol and
+ encapsulates higher level protocols. One such encapsulated
+ protocol is SSL Handshake Protocol. (b) SSL's upper layer provides
+ asymmetric cryptography for server authentication (verifying the
+ server's identity to the client) and optional client
+ authentication (verifying the client's identity to the server),
+ and also enables them to negotiate a symmetric encryption
+ algorithm and secret session key (to use for data confidentiality)
+ before the application protocol transmits or receives data. A
+ keyed hash provides data integrity service for encapsulated data.
+
+ $ secure state
+ (I) A system condition in which no subject can access any object
+ in an unauthorized manner. (See: (secondary definition under)
+ Bell-LaPadula Model, clean system.)
+
+ $ security
+ (I) (1.) Measures taken to protect a system. (2.) The condition of
+ a system that results from the establishment and maintenance of
+
+
+
+
+
+Shirey Informational [Page 149]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ measures to protect the system. (3.) The condition of system
+ resources being free from unauthorized access and from
+ unauthorized or accidental change, destruction, or loss.
+
+ $ security architecture
+ (I) A plan and set of principles that describe (a) the security
+ services that a system is required to provide to meet the needs of
+ its users, (b) the system elements required to implement the
+ services, and (c) the performance levels required in the elements
+ to deal with the threat environment. (See: (discussion under)
+ security policy.)
+
+ (C) A security architecture is the result of applying the system
+ engineering process. A complete system security architecture
+ includes administrative security, communication security, computer
+ security, emanations security, personnel security, and physical
+ security (e.g., see: [R2179]). A complete security architecture
+ needs to deal with both intentional, intelligent threats and
+ accidental kinds of threats.
+
+ $ security association
+ (I) A relationship established between two or more entities to
+ enable them to protect data they exchange. The relationship is
+ used to negotiate characteristics of protection mechanisms, but
+ does not include the mechanisms themselves. (See: association.)
+
+ (C) A security association describes how entities will use
+ security services. The relationship is represented by a set of
+ information that is shared between the entities and is agreed upon
+ and considered a contract between them.
+
+ (O) IPsec usage: A simplex (uni-directional) logical connection
+ created for security purposes and implemented with either AH or
+ ESP (but not both). The security services offered by a security
+ association depend on the protocol selected, the IPsec mode
+ (transport or tunnel), the endpoints, and the election of optional
+ services within the protocol. A security association is identified
+ by a triple consisting of (a) a destination IP address, (b) a
+ protocol (AH or ESP) identifier, and (c) a Security Parameter
+ Index.
+
+ $ security association identifier (SAID)
+ (I) A data field in a security protocol (such as NLSP or SDE),
+ used to identify the security association to which a protocol data
+ unit is bound. The SAID value is usually used to select a key for
+ decryption or authentication at the destination. (See: Security
+ Parameter Index.)
+
+
+
+
+Shirey Informational [Page 150]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ security audit
+ (I) An independent review and examination of a system's records
+ and activities to determine the adequacy of system controls,
+ ensure compliance with established security policy and procedures,
+ detect breaches in security services, and recommend any changes
+ that are indicated for countermeasures. [I7498 Part 2, NCS01]
+
+ (C) The basic audit objective is to establish accountability for
+ system entities that initiate or participate in security-relevant
+ events and actions. Thus, means are needed to generate and record
+ a security audit trail and to review and analyze the audit trail
+ to discover and investigate attacks and security compromises.
+
+ $ security audit trail
+ (I) A chronological record of system activities that is sufficient
+ to enable the reconstruction and examination of the sequence of
+ environments and activities surrounding or leading to an
+ operation, procedure, or event in a security-relevant transaction
+ from inception to final results. [NCS04] (See: security audit.)
+
+ $ security class
+ (D) A synonym for "security level". For consistency, ISDs SHOULD
+ use "security level" instead of "security class".
+
+ $ security clearance
+ (I) A determination that a person is eligible, under the standards
+ of a specific security policy, for authorization to access
+ sensitive information or other system resources. (See: clearance
+ level.)
+
+ $ security compromise
+ (I) A security violation in which a system resource is exposed, or
+ is potentially exposed, to unauthorized access. (See: data
+ compromise, violation.)
+
+ $ security domain
+ See: domain.
+
+ $ security environment
+ (I) The set of external entities, procedures, and conditions that
+ affect secure development, operation, and maintenance of a system.
+
+ $ security event
+ (I) A occurrence in a system that is relevant to the security of
+ the system. (See: security incident.)
+
+
+
+
+
+
+Shirey Informational [Page 151]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) The term includes both events that are security incidents and
+ those that are not. In a CA workstation, for example, a list of
+ security events might include the following:
+
+ - Performing a cryptographic operation, e.g., signing a digital
+ certificate or CRL.
+ - Performing a cryptographic card operation: creation, insertion,
+ removal, or backup.
+ - Performing a digital certificate lifecycle operation: rekey,
+ renewal, revocation, or update.
+ - Posting information to an X.500 Directory.
+ - Receiving a key compromise notification.
+ - Receiving an improper certification request.
+ - Detecting an alarm condition reported by a cryptographic
+ module.
+ - Logging the operator in or out.
+ - Failing a built-in hardware self-test or a software system
+ integrity check.
+
+ $ security fault analysis
+ (I) A security analysis, usually performed on hardware at a logic
+ gate level, gate-by-gate, to determine the security properties of
+ a device when a hardware fault is encountered.
+
+ $ security gateway
+ (I) A gateway that separates trusted (or relatively more trusted)
+ hosts on the internal network side from untrusted (or less
+ trusted) hosts on the external network side. (See: firewall and
+ guard.)
+
+ (O) IPsec usage: "An intermediate system that implements IPsec
+ protocols." [R2401] Normally, AH or ESP is implemented to serve a
+ set of internal hosts, providing security services for the hosts
+ when they communicate with other, external hosts or gateways that
+ also implement IPsec.
+
+ $ security incident
+ (I) A security event that involves a security violation. (See:
+ CERT, GRIP, security event, security intrusion, security
+ violation.)
+
+ (C) In other words, a security-relevant system event in which the
+ system's security policy is disobeyed or otherwise breached.
+
+ (O) "Any adverse event which compromises some aspect of computer
+ or network security." [R2350]
+
+
+
+
+
+Shirey Informational [Page 152]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (D) ISDs SHOULD NOT use this "O" definition because (a) a security
+ incident may occur without actually being harmful (i.e., adverse)
+ and (b) this Glossary defines "compromise" more narrowly in
+ relation to unauthorized access.
+
+ $ security intrusion
+ (I) A security event, or a combination of multiple security
+ events, that constitutes a security incident in which an intruder
+ gains, or attempts to gain, access to a system (or system
+ resource) without having authorization to do so.
+
+ $ security kernel
+ (I) "The hardware, firmware, and software elements of a trusted
+ computing base that implement the reference monitor concept. It
+ must mediate all accesses, be protected from modification, and be
+ verifiable as correct." [NCS04] (See: reference monitor.)
+
+ (C) That is, a security kernel is an implementation of a reference
+ monitor for a given hardware base.
+
+ $ security label
+ (I) A marking that is bound to a system resource and that names or
+ designates the security-relevant attributes of that resource.
+ [I7498 Part 2, R1457]
+
+ (C) The recommended definition is usefully broad, but usually the
+ term is understood more narrowly as a marking that represents the
+ security level of an information object, i.e., a marking that
+ indicates how sensitive an information object is. [NCS04]
+
+ (C) System security mechanisms interpret security labels according
+ to applicable security policy to determine how to control access
+ to the associated information, otherwise constrain its handling,
+ and affix appropriate security markings to visible (printed and
+ displayed) images thereof. [FP188]
+
+ $ security level
+ (I) The combination of a hierarchical classification level and a
+ set of non-hierarchical category designations that represents how
+ sensitive information is. (See: (usage note under) classification
+ level, dominate, lattice model.)
+
+ $ security management infrastructure (SMI)
+ (I) System elements and activities that support security policy by
+ monitoring and controlling security services and mechanisms,
+ distributing security information, and reporting security events.
+ The associated functions are as follows [I7498-4]:
+
+
+
+
+Shirey Informational [Page 153]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - Controlling (granting or restricting) access to system
+ resources: This includes verifying authorizations and
+ identities, controlling access to sensitive security data, and
+ modifying access priorities and procedures in the event of
+ attacks.
+
+ - Retrieving (gathering) and archiving (storing) security
+ information: This includes logging security events and
+ analyzing the log, monitoring and profiling usage, and
+ reporting security violations.
+
+ - Managing and controlling the encryption process: This includes
+ performing the functions of key management and reporting on key
+ management problems. (See: public-key infrastructure.)
+
+ $ security mechanism
+ (I) A process (or a device incorporating such a process) that can
+ be used in a system to implement a security service that is
+ provided by or within the system. (See: (discussion under)
+ security policy.)
+
+ (C) Some examples of security mechanisms are authentication
+ exchange, checksum, digital signature, encryption, and traffic
+ padding.
+
+ $ security model
+ (I) A schematic description of a set of entities and relationships
+ by which a specified set of security services are provided by or
+ within a system. (See: (discussion under) security policy.)
+
+ (C) An example is the Bell-LaPadula Model.
+
+ $ security parameters index (SPI)
+ (I) IPsec usage: The type of security association identifier used
+ in IPsec protocols. A 32-bit value used to distinguish among
+ different security associations terminating at the same
+ destination (IP address) and using the same IPsec security
+ protocol (AH or ESP). Carried in AH and ESP to enable the
+ receiving system to determine under which security association to
+ process a received packet.
+
+ $ security perimeter
+ (I) The boundary of the domain in which a security policy or
+ security architecture applies; i.e., the boundary of the space in
+ which security services protect system resources.
+
+
+
+
+
+
+Shirey Informational [Page 154]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ security policy
+ (I) A set of rules and practices that specify or regulate how a
+ system or organization provides security services to protect
+ sensitive and critical system resources. (See: identity-based
+ security policy, rule-based security policy, security
+ architecture, security mechanism, security model.)
+
+ (O) "The set of rules laid down by the security authority
+ governing the use and provision of security services and
+ facilities." [X509]
+
+ (C) Ravi Sandhu notes that security policy is one of four layers
+ of the security engineering process (as shown in the following
+ diagram). Each layer provides a different view of security,
+ ranging from what services are needed to how services are
+ implemented.
+
+ What Security Services Should Be Provided?
+ ^
+ | + - - - - - - - - - - - +
+ | | Security Policy |
+ | + - - - - - - - - - - - + + - - - - - - - - - - - - - - +
+ | | Security Model | | A "top-level specification" |
+ | + - - - - - - - - - - - + <- | is at a level below "model" |
+ | | Security Architecture | | but above "architecture". |
+ | + - - - - - - - - - - - + + - - - - - - - - - - - - - - +
+ | | Security Mechanism |
+ | + - - - - - - - - - - - +
+ v
+ How Are Security Services Implemented?
+
+ $ Security Protocol 3 (SP3)
+ (O) A protocol [SDNS3] developed by SDNS to provide connectionless
+ data security at the top of OSI layer 3. (See: NLSP.)
+
+ $ Security Protocol 4 (SP4)
+ (O) A protocol [SDNS4] developed by SDNS to provide either
+ connectionless or end-to-end connection-oriented data security at
+ the bottom of OSI layer 4. (See: TLSP.)
+
+ $ security-relevant event
+ See: security event.
+
+ $ security service
+ (I) A processing or communication service that is provided by a
+ system to give a specific kind of protection to system resources.
+ (See: access control service, audit service, availability service,
+
+
+
+
+Shirey Informational [Page 155]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ data confidentiality service, data integrity service, data origin
+ authentication service, non-repudiation service, peer entity
+ authentication service, system integrity service.)
+
+ (O) "A service, provided by a layer of communicating open systems,
+ which ensures adequate security of the systems or the data
+ transfers." [I7498 Part 2]
+
+ (C) Security services implement security policies, and are
+ implemented by security mechanisms.
+
+ $ security situation
+ (I) ISAKMP usage: The set of all security-relevant information--
+ e.g., network addresses, security classifications, manner of
+ operation (normal or emergency)--that is needed to decide the
+ security services that are required to protect the association
+ that is being negotiated.
+
+ $ security token
+ See: token.
+
+ $ security violation
+ (I) An act or event that disobeys or otherwise breaches security
+ policy. (See: compromise, penetration, security incident.)
+
+ $ self-signed certificate
+ (I) A public-key certificate for which the public key bound by the
+ certificate and the private key used to sign the certificate are
+ components of the same key pair, which belongs to the signer.
+ (See: root certificate.)
+
+ (C) In a self-signed X.509 public-key certificate, the issuer's DN
+ is the same as the subject's DN.
+
+ $ semantic security
+ (I) An attribute of a encryption algorithm that is a formalization
+ of the notion that the algorithm not only hides the plaintext but
+ also reveals no partial information about the plaintext. Whatever
+ is efficiently computable about the plaintext when given the
+ ciphertext, is also efficiently computable without the ciphertext.
+ (See: indistinguishability.)
+
+ $ sensitive (information)
+ (I) Information is sensitive if disclosure, alteration,
+ destruction, or loss of the information would adversely affect the
+ interests or business of its owner or user. (See: critical.)
+
+
+
+
+
+Shirey Informational [Page 156]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ separation of duties
+ (I) The practice of dividing the steps in a system function among
+ different individuals, so as to keep a single individual from
+ subverting the process. (See: dual control, administrative
+ security.)
+
+ $ serial number
+ See: certificate serial number.
+
+ $ server
+ (I) A system entity that provides a service in response to
+ requests from other system entities called clients.
+
+ $ session key
+ (I) In the context of symmetric encryption, a key that is
+ temporary or is used for a relatively short period of time. (See:
+ ephemeral key, key distribution center, master key.)
+
+ (C) Usually, a session key is used for a defined period of
+ communication between two computers, such as for the duration of a
+ single connection or transaction set, or the key is used in an
+ application that protects relatively large amounts of data and,
+ therefore, needs to be rekeyed frequently.
+
+ $ SET
+ See: SET Secure Electronic Transaction(trademark).
+
+ $ SET private extension
+ (O) One of the private extensions defined by SET for X.509
+ certificates. Carries information about hashed root key,
+ certificate type, merchant data, cardholder certificate
+ requirements, encryption support for tunneling, or message support
+ for payment instructions.
+
+ $ SET qualifier
+ (O) A certificate policy qualifier that provides information about
+ the location and content of a SET certificate policy.
+
+ (C) In addition to the policies and qualifiers inherited from its
+ own certificate, each CA in the SET certification hierarchy may
+ add one qualifying statement to the root policy when the CA issues
+ a certificate. The additional qualifier is a certificate policy
+ for that CA. Each policy in a SET certificate may have these
+ qualifiers:
+
+ - A URL where a copy of the policy statement may be found.
+ - An electronic mail address where a copy of the policy statement
+ may be found.
+
+
+
+Shirey Informational [Page 157]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - A hash result of the policy statement, computed using the
+ indicated algorithm.
+ - A statement declaring any disclaimers associated with the
+ issuing of the certificate.
+
+ $ SET Secure Electronic Transaction(trademark) or SET(trademark)
+ (N) A protocol developed jointly by MasterCard International and
+ Visa International and published as an open standard to provide
+ confidentiality of transaction information, payment integrity, and
+ authentication of transaction participants for payment card
+ transactions over unsecured networks, such as the Internet. [SET1]
+ (See: acquirer, brand, cardholder, dual signature, electronic
+ commerce, issuer, merchant, payment gateway, third party.)
+
+ (C) This term and acronym are trademarks of SETCo. MasterCard and
+ Visa announced the SET standard on 1 February 1996. On 19 December
+ 1997, MasterCard and Visa formed SET Secure Electronic Transaction
+ LLC (commonly referred to as "SETCo") to implement the SET 1.0
+ specification. A memorandum of understanding adds American Express
+ and JCB Credit Card Company as co-owners of SETCo.
+
+ $ SETCo
+ See: (secondary definition under) SET Secure Electronic
+ Transaction.
+
+ $ SHA-1
+ See: Secure Hash Standard.
+
+ $ shared secret
+ (I) A synonym for "keying material" or "cryptographic key".
+
+ $ S-HTTP
+ See: Secure HTTP.
+
+ $ sign
+ (I) Create a digital signature for a data object.
+
+ $ signature
+ See: digital signature, electronic signature.
+
+ $ signature certificate
+ (I) A public-key certificate that contains a public key that is
+ intended to be used for verifying digital signatures, rather than
+ for encrypting data or performing other cryptographic functions.
+
+ (C) A v3 X.509 public-key certificate may have a "keyUsage"
+ extension which indicates the purpose for which the certified
+ public key is intended.
+
+
+
+Shirey Informational [Page 158]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ signer
+ (N) A human being or an organization entity that uses its private
+ key to create a digital signature for a data object. [ABA]
+
+ $ SILS
+ See: Standards for Interoperable LAN/MAN Security.
+
+ $ simple authentication
+ (I) An authentication process that uses a password as the
+ information needed to verify an identity claimed for an entity.
+ (See: strong authentication.)
+
+ (O) "Authentication by means of simple password arrangements."
+ [X509]
+
+ $ Simple Authentication and Security Layer (SASL)
+ (I) An Internet specification [R2222] for adding authentication
+ service to connection-based protocols. To use SASL, a protocol
+ includes a command for authenticating a user to a server and for
+ optionally negotiating protection of subsequent protocol
+ interactions. The command names a registered security mechanism.
+ SASL mechanisms include Kerberos, GSSAPI, S/KEY, and others. Some
+ protocols that use SASL are IMAP4 and POP3.
+
+ $ Simple Key-management for Internet Protocols (SKIP)
+ (I) A key distribution protocol that uses hybrid encryption to
+ convey session keys that are used to encrypt data in IP packets.
+ [R2356] (See: IKE, IPsec.)
+
+ (C) SKIP uses the Diffie-Hellman algorithm (or could use another
+ key agreement algorithm) to generate a key-encrypting key for use
+ between two entities. A session key is used with a symmetric
+ algorithm to encrypt data in one or more IP packets that are to be
+ sent from one of the entities to the other. The KEK is used with a
+ symmetric algorithm to encrypt the session key, and the encrypted
+ session key is placed in a SKIP header that is added to each IP
+ packet that is encrypted with that session key.
+
+ $ Simple Mail Transfer Protocol (SMTP)
+ (I) A TCP-based, application-layer, Internet Standard protocol
+ [R0821] for moving electronic mail messages from one computer to
+ another.
+
+ $ Simple Network Management Protocol (SNMP)
+ (I) A UDP-based, application-layer, Internet Standard protocol
+ [R2570, R2574] for conveying management information between
+ managers and agents.
+
+
+
+
+Shirey Informational [Page 159]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) SNMP version 1 uses cleartext passwords for authentication and
+ access control. (See: community string.) Version 2 adds
+ cryptographic mechanisms based on DES and MD5. Version 3 provides
+ enhanced, integrated support for security services, including data
+ confidentiality, data integrity, data origin authentication, and
+ message timeliness and limited replay protection.
+
+ $ simple security property
+ See: (secondary definition under) Bell-LaPadula Model.
+
+ $ single sign-on
+ (I) A system that enables a user to access multiple computer
+ platforms (usually a set of hosts on the same network) or
+ application systems after being authenticated just one time. (See:
+ Kerberos.)
+
+ (C) Typically, a user logs in just once, and then is transparently
+ granted access to a variety of permitted resources with no further
+ login being required until after the user logs out. Such a system
+ has the advantages of being user friendly and enabling
+ authentication to be managed consistently across an entire
+ enterprise, and has the disadvantage of requiring all hosts and
+ applications to trust the same authentication mechanism.
+
+ $ situation
+ See: security situation.
+
+ $ S/Key
+ (I) A security mechanism that uses a cryptographic hash function
+ to generate a sequence of 64-bit, one-time passwords for remote
+ user login. [R1760]
+
+ (C) The client generates a one-time password by applying the MD4
+ cryptographic hash function multiple times to the user's secret
+ key. For each successive authentication of the user, the number of
+ hash applications is reduced by one. (Thus, an intruder using
+ wiretapping cannot compute a valid password from knowledge of one
+ previously used.) The server verifies a password by hashing the
+ currently presented password (or initialization value) one time
+ and comparing the hash result with the previously presented
+ password.
+
+ $ SKIP
+ See: Simple Key-management for IP.
+
+
+
+
+
+
+
+Shirey Informational [Page 160]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ SKIPJACK
+ (N) A Type II block cipher [NIST] with a block size of 64 bits and
+ a key size of 80 bits, that was developed by NSA and formerly
+ classified at the U.S. Department of Defense "Secret" level. (See:
+ CAPSTONE, CLIPPER, FORTEZZA, Key Exchange Algorithm.)
+
+ (C) On 23 June 1998, NSA announced that SKIPJACK had been
+ declassified.
+
+ $ slot
+ (O) MISSI usage: One of the FORTEZZA PC card storage areas that
+ are each able to hold an X.509 certificate and additional data
+ that is associated with the certificate, such as the matching
+ private key.
+
+ $ smart card
+ (I) A credit-card sized device containing one or more integrated
+ circuit chips, which perform the functions of a computer's central
+ processor, memory, and input/output interface. (See: PC card.)
+
+ (C) Sometimes this term is used rather strictly to mean a card
+ that closely conforms to the dimensions and appearance of the kind
+ of plastic credit card issued by banks and merchants. At other
+ times, the term is used loosely to include cards that are larger
+ than credit cards, especially cards that are thicker, such as PC
+ cards.
+
+ (C) A "smart token" is a device that conforms to the definition of
+ smart card except that rather than having standard credit card
+ dimensions, the token is packaged in some other form, such as a
+ dog tag or door key shape.
+
+ $ smart token
+ See: (secondary definition under) smart card.
+
+ $ SMI
+ See: security management infrastructure.
+
+ $ S/MIME
+ See: Secure/MIME.
+
+ $ SMTP
+ See: Simple Mail Transfer Protocol.
+
+ $ smurf
+ (I) Software that mounts a denial-of-service attack ("smurfing")
+ by exploiting IP broadcast addressing and ICMP ping packets to
+ cause flooding. (See: flood, ICMP flood.)
+
+
+
+Shirey Informational [Page 161]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (D) ISDs SHOULD NOT use this term because it is not listed in most
+ dictionaries and could confuse international readers.
+
+ (C) A smurf program builds a network packet that appears to
+ originate from another address, that of the "victim", either a
+ host or an IP router. The packet contains an ICMP ping message
+ that is addressed to an IP broadcast address, i.e., to all IP
+ addresses in a given network. The echo responses to the ping
+ message return to the victim's address. The goal of smurfing may
+ be either to deny service at a particular host or to flood all or
+ part of an IP network.
+
+ $ sniffing
+ (C) A synonym for "passive wiretapping". (See: password sniffing.)
+
+ (D) ISDs SHOULD NOT use this term because it unnecessarily
+ duplicates the meaning of a term that is better established. (See:
+ (usage note under) Green Book.
+
+ $ SNMP
+ See: Simple Network Management Protocol.
+
+ $ social engineering
+ (I) A euphemism for non-technical or low-technology means--such as
+ lies, impersonation, tricks, bribes, blackmail, and threats--used
+ to attack information systems. (See: masquerade attack.)
+
+ (D) ISDs SHOULD NOT use this term because it is vague; instead,
+ use a term that is specific with regard to the means of attack.
+
+ $ SOCKS
+ (I) An Internet protocol [R1928] that provides a generalized proxy
+ server that enables client-server applications--such as TELNET,
+ FTP, and HTTP; running over either TCP or UDP--to use the services
+ of a firewall.
+
+ (C) SOCKS is layered under the application layer and above the
+ transport layer. When a client inside a firewall wishes to
+ establish a connection to an object that is reachable only through
+ the firewall, it uses TCP to connect to the SOCKS server,
+ negotiates with the server for the authentication method to be
+ used, authenticates with the chosen method, and then sends a relay
+ request. The SOCKS server evaluates the request, typically based
+ on source and destination addresses, and either establishes the
+ appropriate connection or denies it.
+
+
+
+
+
+
+Shirey Informational [Page 162]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ soft TEMPEST
+ (O) The use of software techniques to reduce the radio frequency
+ information leakage from computer displays and keyboards. [Kuhn]
+ (See: TEMPEST.)
+
+ $ software
+ (I) Computer programs (which are stored in and executed by
+ computer hardware) and associated data (which also is stored in
+ the hardware) that may be dynamically written or modified during
+ execution. (See: firmware, hardware.)
+
+ $ SORA
+ See: SSO-PIN ORA.
+
+ $ source authentication
+ (D) ISDs SHOULD NOT use this term because it is ambiguous. If the
+ intent is to authenticate the original creator or packager of data
+ received, then say "data origin authentication". If the intent is
+ to authenticate the identity of the sender of data, then say "peer
+ entity authentication". (See: data origin authentication, peer
+ entity authentication).
+
+ $ source integrity
+ (I) The degree of confidence that can be placed in information
+ based on the trustworthiness of its sources. (See: integrity.)
+
+ $ SP3
+ See: Security Protocol 3.
+
+ $ SP4
+ See: Security Protocol 4.
+
+ $ spam
+ (I) (1.) Verb: To indiscriminately send unsolicited, unwanted,
+ irrelevant, or inappropriate messages, especially commercial
+ advertising in mass quantities. (2.) Noun: electronic "junk mail".
+ [R2635]
+
+ (D) This term SHOULD NOT be written in upper-case letters, because
+ SPAM(trademark) is a trademark of Hormel Foods Corporation. Hormel
+ says, "We do not object to use of this slang term [spam] to
+ describe [unsolicited commercial email (UCE)], although we do
+ object to the use of our product image in association with that
+ term. Also, if the term is to be used, it should be used in all
+ lower-case letters to distinguish it from our trademark SPAM,
+ which should be used with all uppercase letters."
+
+
+
+
+
+Shirey Informational [Page 163]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) In sufficient volume, spam can cause denial of service. (See:
+ flooding.) According to the SPAM Web site, the term was adopted as
+ a result of the Monty Python skit in which a group of Vikings sang
+ a chorus of 'SPAM, SPAM, SPAM . . .' in an increasing crescendo,
+ drowning out other conversation. Hence, the analogy applied
+ because UCE was drowning out normal discourse on the Internet.
+
+ $ SPC
+ See: software publisher certificate.
+
+ $ SPI
+ See: Security Parameters Index.
+
+ $ split key
+ (I) A cryptographic key that is divided into two or more separate
+ data items that individually convey no knowledge of the whole key
+ that results from combining the items. (See: dual control, split
+ knowledge.)
+
+ $ split knowledge
+ (I) A security technique in which two or more entities separately
+ hold data items that individually convey no knowledge of the
+ information that results from combining the items. (See: dual
+ control, split key.)
+
+ (O) "A condition under which two or more entities separately have
+ key components which individually convey no knowledge of the
+ plaintext key which will be produced when the key components are
+ combined in the cryptographic module." [FP140]
+
+ $ spoofing attack
+ (I) A synonym for "masquerade attack".
+
+ $ SSH
+ (I) A protocol for secure remote login and other secure network
+ services over an insecure network.
+
+ (C) Consists of three major components:
+
+ - Transport layer protocol: Provides server authentication,
+ confidentiality, and integrity. It may optionally also provide
+ compression. The transport layer will typically be run over a
+ TCP/IP connection, but might also be used on top of any other
+ reliable data stream.
+
+ - User authentication protocol: Authenticates the client-side
+ user to the server. It runs over the transport layer protocol.
+
+
+
+
+Shirey Informational [Page 164]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - Connection protocol: Multiplexes the encrypted tunnel into
+ several logical channels. It runs over the user authentication
+ protocol.
+
+ $ SSL
+ See: Secure Sockets Layer, Standard Security Label.
+
+ $ SSO
+ See: system security officer.
+
+ $ SSO PIN
+ (O) MISSI usage: One of two personal identification numbers that
+ control access to the functions and stored data of a FORTEZZA PC
+ card. Knowledge of the SSO PIN enables the card user to perform
+ the FORTEZZA functions intended for use by an end user and also
+ the functions intended for use by a MISSI certification authority.
+ (See: user PIN.)
+
+ $ SSO-PIN ORA (SORA)
+ (O) MISSI usage: A MISSI organizational RA that operates in a mode
+ in which the ORA performs all card management functions and,
+ therefore, requires knowledge of the SSO PIN for an end user's
+ FORTEZZA PC card.
+
+ $ Standards for Interoperable LAN/MAN Security (SILS)
+ (N) (1.) The IEEE 802.10 standards committee. (2.) A developing
+ set of IEEE standards, which has eight parts: (a) Model, including
+ security management, (b) Secure Data Exchange protocol, (c) Key
+ Management, (d) [has been incorporated in (a)], (e) SDE Over
+ Ethernet 2.0, (f) SDE Sublayer Management, (g) SDE Security
+ Labels, and (h) SDE PICS Conformance. Parts b, e, f, g, and h are
+ incorporated in IEEE Standard 802.10-1998.
+
+ $ star property
+ (I) (Written "*-property".) See: "confinement property" under
+ Bell-LaPadula Model.
+
+ $ Star Trek attack
+ (C) An attack that penetrates your system where no attack has ever
+ gone before.
+
+ $ steganography
+ (I) Methods of hiding the existence of a message or other data.
+ This is different than cryptography, which hides the meaning of a
+ message but does not hide the message itself. (See: cryptology.)
+
+ (C) An example of a steganographic method is "invisible" ink.
+ (See: digital watermark.)
+
+
+
+Shirey Informational [Page 165]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ storage channel
+ See: (secondary definition under) covert channel.
+
+ $ stream cipher
+ (I) An encryption algorithm that breaks plaintext into a stream of
+ successive bits (or characters) and encrypts the n-th plaintext
+ bit with the n-th element of a parallel key stream, thus
+ converting the plaintext bit stream into a ciphertext bit stream.
+ [Schn] (See: block cipher.)
+
+ $ strong authentication
+ (I) An authentication process that uses cryptography--particularly
+ public-key certificates--to verify the identity claimed for an
+ entity. (See: X.509.)
+
+ (O) "Authentication by means of cryptographically derived
+ credentials." [X509]
+
+ $ subject
+ 1. (I) In a computer system: A system entity that causes
+ information to flow among objects or changes the system state;
+ technically, a process-domain pair. (See: Bell-LaPadula Model.)
+
+ 2. (I) Of a certificate: The entity name that is bound to the data
+ items in a digital certificate, and particularly a name that is
+ bound to a key value in a public-key certificate.
+
+ $ subnetwork
+ (N) An OSI term for a system of packet relays and connecting links
+ that implement the lower three protocol layers of the OSIRM to
+ provide a communication service that interconnects attached end
+ systems. Usually the relays operate at OSI layer 3 and are all of
+ the same type (e.g., all X.25 packet switches, or all interface
+ units in an IEEE 802.3 LAN). (See: gateway, internet, router.)
+
+ $ subordinate certification authority (SCA)
+ (I) A CA whose public-key certificate is issued by another
+ (superior) CA. (See: certification hierarchy.)
+
+ (O) MISSI usage: The fourth-highest (bottom) level of a MISSI
+ certification hierarchy; a MISSI CA whose public-key certificate
+ is signed by a MISSI CA rather than by a MISSI PCA. A MISSI SCA is
+ the administrative authority for a subunit of an organization,
+ established when it is desirable to organizationally distribute or
+ decentralize the CA service. The term refers both to that
+ authoritative office or role, and to the person who fills that
+
+
+
+
+
+Shirey Informational [Page 166]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ office. A MISSI SCA registers end users and issues their
+ certificates and may also register ORAs, but may not register
+ other CAs. An SCA periodically issues a CRL.
+
+ $ subordinate distinguished name
+ (I) An X.500 DN is subordinate to another X.500 DN if it begins
+ with a set of attributes that is the same as the entire second DN
+ except for the terminal attribute of the second DN (which is
+ usually the name of a CA). For example, the DN <C=FooLand, O=Gov,
+ OU=Treasurer, CN=DukePinchpenny> is subordinate to the DN
+ <C=FooLand, O=Gov, CN=KingFooCA>.
+
+ $ superencryption
+ (I) An encryption operation for which the plaintext input to be
+ transformed is the ciphertext output of a previous encryption
+ operation.
+
+ $ survivability
+ (I) The ability of a system to remain in operation or existence
+ despite adverse conditions, including both natural occurrences,
+ accidental actions, and attacks on the system. (See: availability,
+ reliability.)
+
+ $ symmetric cryptography
+ (I) A branch of cryptography involving algorithms that use the
+ same key for two different steps of the algorithm (such as
+ encryption and decryption, or signature creation and signature
+ verification). (See: asymmetric cryptography.)
+
+ (C) Symmetric cryptography has been used for thousands of years
+ [Kahn]. A modern example of a symmetric encryption algorithm is
+ the U.S. Government's Data Encryption Algorithm. (See: DEA, DES.)
+
+ (C) Symmetric cryptography is sometimes called "secret-key
+ cryptography" (versus public-key cryptography) because the
+ entities that share the key, such as the originator and the
+ recipient of a message, need to keep the key secret. For example,
+ when Alice wants to ensure confidentiality for data she sends to
+ Bob, she encrypts the data with a secret key, and Bob uses the
+ same key to decrypt. Keeping the shared key secret entails both
+ cost and risk when the key is distributed to both Alice and Bob.
+ Thus, symmetric cryptography has a key management disadvantage
+ compared to asymmetric cryptography.
+
+ $ symmetric key
+ (I) A cryptographic key that is used in a symmetric cryptographic
+ algorithm.
+
+
+
+
+Shirey Informational [Page 167]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ SYN flood
+ (I) A denial of service attack that sends a host more TCP SYN
+ packets (request to synchronize sequence numbers, used when
+ opening a connection) than the protocol implementation can handle.
+ (See: flooding.)
+
+ $ system
+ (C) In this Glossary, the term is mainly used as an abbreviation
+ for "automated information system".
+
+ $ system entity
+ (I) An active element of a system--e.g., an automated process, a
+ subsystem, a person or group of persons--that incorporates a
+ specific set of capabilities.
+
+ $ system high
+ (I) The highest security level supported by a system at a
+ particular time or in a particular environment. (See: system high
+ security mode.)
+
+ $ system high security mode
+ (I) A mode of operation of an information system, wherein all
+ users having access to the system possess a security clearance or
+ authorization, but not necessarily a need-to-know, for all data
+ handled by the system. (See: mode of operation.)
+
+ (C) This mode is defined formally in U.S. Department of Defense
+ policy regarding system accreditation [DOD2], but the term is
+ widely used outside the Defense Department and outside the
+ Government.
+
+ $ system integrity
+ (I) "The quality that a system has when it can perform its
+ intended function in a unimpaired manner, free from deliberate or
+ inadvertent unauthorized manipulation." [NCS04] (See: system
+ integrity service.)
+
+ $ system integrity service
+ (I) A security service that protects system resources in a
+ verifiable manner against unauthorized or accidental change, loss,
+ or destruction. (See: system integrity.)
+
+ $ system low
+ (I) The lowest security level supported by a system at a
+ particular time or in a particular environment. (See: system
+ high.)
+
+
+
+
+
+Shirey Informational [Page 168]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ system resource
+ (I) Data contained in an information system; or a service provided
+ by a system; or a system capability, such as processing power or
+ communication bandwidth; or an item of system equipment (i.e., a
+ system component--hardware, firmware, software, or documentation);
+ or a facility that houses system operations and equipment.
+
+ $ system security officer (SSO)
+ (I) A person responsible for enforcement or administration of the
+ security policy that applies to the system.
+
+ $ system verification
+ See: (secondary definition under) verification.
+
+ $ TACACS
+ $ TACACS+
+ See: Terminal Access Controller (TAC) Access Control System.
+
+ $ tamper
+ (I) Make an unauthorized modification in a system that alters the
+ system's functioning in a way that degrades the security services
+ that the system was intended to provide.
+
+ $ TCB
+ See: trusted computing base.
+
+ $ TCP
+ See: Transmission Control Protocol.
+
+ $ TCP/IP
+ (I) A synonym for "Internet Protocol Suite", in which the
+ Transmission Control Protocol (TCP) and the Internet Protocol (IP)
+ are important parts.
+
+ $ TCSEC
+ See: Trusted Computer System Evaluation Criteria.
+
+ $ TELNET
+ (I) A TCP-based, application-layer, Internet Standard protocol
+ [R0854] for remote login from one host to another.
+
+ $ TEMPEST
+ (O) A nickname for specifications and standards for limiting the
+ strength of electromagnetic emanations from electrical and
+ electronic equipment and thus reducing vulnerability to
+ eavesdropping. This term originated in the U.S. Department of
+ Defense. [Army, Kuhn, Russ] (See: emanation security, soft
+ tempest.)
+
+
+
+Shirey Informational [Page 169]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (D) ISDs SHOULD NOT use this term as a synonym for
+ "electromagnetic emanations security".
+
+ $ Terminal Access Controller (TAC) Access Control System (TACACS)
+ (I) A UDP-based authentication and access control protocol [R1492]
+ in which a network access server receives an identifier and
+ password from a remote terminal and passes them to a separate
+ authentication server for verification.
+
+ (C) TACACS was developed for ARPANET and has evolved for use in
+ commercial equipment. TACs were a type of network access server
+ computer used to connect terminals to the early Internet, usually
+ using dial-up modem connections. TACACS used centralized
+ authentication servers and served not only network access servers
+ like TACs but also routers and other networked computing devices.
+ TACs are no longer in use, but TACACS+ is. [R1983]
+
+ - "XTACACS": The name of Cisco Corporation's implementation,
+ which enhances and extends the original TACACS.
+
+ - "TACACS+": A TCP-based protocol that improves on TACACS and
+ XTACACS by separating the functions of authentication,
+ authorization, and accounting and by encrypting all traffic
+ between the network access server and authentication server. It
+ is extensible to allow any authentication mechanism to be used
+ with TACACS+ clients.
+
+ $ TESS
+ See: The Exponential Encryption System.
+
+ $ The Exponential Encryption System (TESS)
+ (I) A system of separate but cooperating cryptographic mechanisms
+ and functions for the secure authenticated exchange of
+ cryptographic keys, the generation of digital signatures, and the
+ distribution of public keys. TESS employs asymmetric cryptography,
+ based on discrete exponentiation, and a structure of self-
+ certified public keys. [R1824]
+
+ $ threat
+ (I) A potential for violation of security, which exists when there
+ is a circumstance, capability, action, or event that could breach
+ security and cause harm. (See: attack, threat action, threat
+ consequence.)
+
+ (C) That is, a threat is a possible danger that might exploit a
+ vulnerability. A threat can be either "intentional" (i.e.,
+ intelligent; e.g., an individual cracker or a criminal
+
+
+
+
+Shirey Informational [Page 170]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ organization) or "accidental" (e.g., the possibility of a computer
+ malfunctioning, or the possibility of an "act of God" such as an
+ earthquake, a fire, or a tornado).
+
+ (C) In some contexts, such as the following, the term is used
+ narrowly to refer only to intelligent threats:
+
+ (N) U. S. Government usage: The technical and operational
+ capability of a hostile entity to detect, exploit, or subvert
+ friendly information systems and the demonstrated, presumed, or
+ inferred intent of that entity to conduct such activity.
+
+ $ threat action
+ (I) An assault on system security. (See: attack, threat, threat
+ consequence.)
+
+ (C) A complete security architecture deals with both intentional
+ acts (i.e. attacks) and accidental events [FIPS31]. Various kinds
+ of threat actions are defined as subentries under "threat
+ consequence".
+
+ $ threat analysis
+ (I) An analysis of the probability of occurrences and consequences
+ of damaging actions to a system.
+
+ $ threat consequence
+ (I) A security violation that results from a threat action.
+ Includes disclosure, deception, disruption, and usurpation. (See:
+ attack, threat, threat action.)
+
+ (C) The following subentries describe four kinds of threat
+ consequences, and also list and describe the kinds of threat
+ actions that cause each consequence. Threat actions that are
+ accidental events are marked by "*".
+
+ 1. "(Unauthorized) Disclosure" (a threat consequence): A
+ circumstance or event whereby an entity gains access to data
+ for which the entity is not authorized. (See: data
+ confidentiality.) The following threat actions can cause
+ unauthorized disclosure:
+
+ A. "Exposure": A threat action whereby sensitive data is
+ directly released to an unauthorized entity. This includes:
+
+ a. "Deliberate Exposure": Intentional release of sensitive
+ data to an unauthorized entity.
+
+
+
+
+
+Shirey Informational [Page 171]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ b. "Scavenging": Searching through data residue in a system
+ to gain unauthorized knowledge of sensitive data.
+
+ c* "Human error": Human action or inaction that
+ unintentionally results in an entity gaining unauthorized
+ knowledge of sensitive data.
+
+ d* "Hardware/software error". System failure that results in
+ an entity gaining unauthorized knowledge of sensitive
+ data.
+
+ B. "Interception": A threat action whereby an unauthorized
+ entity directly accesses sensitive data traveling between
+ authorized sources and destinations. This includes:
+
+ a. "Theft": Gaining access to sensitive data by stealing a
+ shipment of a physical medium, such as a magnetic tape or
+ disk, that holds the data.
+
+ b. "Wiretapping (passive)": Monitoring and recording data
+ that is flowing between two points in a communication
+ system. (See: wiretapping.)
+
+ c. "Emanations analysis": Gaining direct knowledge of
+ communicated data by monitoring and resolving a signal
+ that is emitted by a system and that contains the data
+ but is not intended to communicate the data. (See:
+ emanation.)
+
+ C. "Inference": A threat action whereby an unauthorized entity
+ indirectly accesses sensitive data (but not necessarily the
+ data contained in the communication) by reasoning from
+ characteristics or byproducts of communications. This
+ includes:
+
+ a. Traffic analysis: Gaining knowledge of data by observing
+ the characteristics of communications that carry the
+ data. (See: (main Glossary entry for) traffic analysis.)
+
+ b. "Signals analysis": Gaining indirect knowledge of
+ communicated data by monitoring and analyzing a signal
+ that is emitted by a system and that contains the data
+ but is not intended to communicate the data. (See:
+ emanation.)
+
+ D. "Intrusion": A threat action whereby an unauthorized entity
+ gains access to sensitive data by circumventing a system's
+ security protections. This includes:
+
+
+
+Shirey Informational [Page 172]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ a. "Trespass": Gaining unauthorized physical access to
+ sensitive data by circumventing a system's protections.
+
+ b. "Penetration": Gaining unauthorized logical access to
+ sensitive data by circumventing a system's protections.
+
+ c. "Reverse engineering": Acquiring sensitive data by
+ disassembling and analyzing the design of a system
+ component.
+
+ d. Cryptanalysis: Transforming encrypted data into plaintext
+ without having prior knowledge of encryption parameters
+ or processes. (See: (main Glossary entry for)
+ cryptanalysis.)
+
+ 2. "Deception" (a threat consequence): A circumstance or event
+ that may result in an authorized entity receiving false data
+ and believing it to be true. The following threat actions can
+ cause deception:
+
+ A. "Masquerade": A threat action whereby an unauthorized entity
+ gains access to a system or performs a malicious act by
+ posing as an authorized entity. (See: (main Glossary entry
+ for) masquerade attack.)
+
+ a. "Spoof": Attempt by an unauthorized entity to gain access
+ to a system by posing as an authorized user.
+
+ b. "Malicious logic": In context of masquerade, any
+ hardware, firmware, or software (e.g., Trojan horse) that
+ appears to perform a useful or desirable function, but
+ actually gains unauthorized access to system resources or
+ tricks a user into executing other malicious logic. (See:
+ (main Glossary entry for) malicious logic.)
+
+ B. "Falsification": A threat action whereby false data deceives
+ an authorized entity. (See: active wiretapping.)
+
+ a. "Substitution": Altering or replacing valid data with
+ false data that serves to deceive an authorized entity.
+
+ b. "Insertion": Introducing false data that serves to
+ deceive an authorized entity.
+
+ C. "Repudiation": A threat action whereby an entity deceives
+ another by falsely denying responsibility for an act. (See:
+ non-repudiation service, (main Glossary entry for)
+ repudiation.)
+
+
+
+Shirey Informational [Page 173]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ a. "False denial of origin": Action whereby the originator
+ of data denies responsibility for its generation.
+
+ b. "False denial of receipt": Action whereby the recipient
+ of data denies receiving and possessing the data.
+
+ 3. "Disruption" (a threat consequence): A circumstance or event
+ that interrupts or prevents the correct operation of system
+ services and functions. (See: denial of service.) The following
+ threat actions can cause disruption:
+
+ A. "Incapacitation": A threat action that prevents or
+ interrupts system operation by disabling a system component.
+
+ a. "Malicious logic": In context of incapacitation, any
+ hardware, firmware, or software (e.g., logic bomb)
+ intentionally introduced into a system to destroy system
+ functions or resources. (See: (main Glossary entry for)
+ malicious logic.)
+
+ b. "Physical destruction": Deliberate destruction of a
+ system component to interrupt or prevent system
+ operation.
+
+ c* "Human error": Action or inaction that unintentionally
+ disables a system component.
+
+ d* "Hardware or software error": Error that causes failure
+ of a system component and leads to disruption of system
+ operation.
+
+ e* "Natural disaster": Any "act of God" (e.g., fire, flood,
+ earthquake, lightning, or wind) that disables a system
+ component. [FP031 section 2]
+
+ B. "Corruption": A threat action that undesirably alters system
+ operation by adversely modifying system functions or data.
+
+ a. "Tamper": In context of corruption, deliberate alteration
+ of a system's logic, data, or control information to
+ interrupt or prevent correct operation of system
+ functions.
+
+ b. "Malicious logic": In context of corruption, any
+ hardware, firmware, or software (e.g., a computer virus)
+ intentionally introduced into a system to modify system
+ functions or data. (See: (main Glossary entry for)
+ malicious logic.)
+
+
+
+Shirey Informational [Page 174]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ c* "Human error": Human action or inaction that
+ unintentionally results in the alteration of system
+ functions or data.
+
+ d* "Hardware or software error": Error that results in the
+ alteration of system functions or data.
+
+ e* "Natural disaster": Any "act of God" (e.g., power surge
+ caused by lightning) that alters system functions or
+ data. [FP031 section 2]
+
+ C. "Obstruction": A threat action that interrupts delivery of
+ system services by hindering system operations.
+
+ a. "Interference": Disruption of system operations by
+ blocking communications or user data or control
+ information.
+
+ b. "Overload": Hindrance of system operation by placing
+ excess burden on the performance capabilities of a system
+ component. (See: flooding.)
+
+ 4. "Usurpation" (a threat consequence): A circumstance or event
+ that results in control of system services or functions by an
+ unauthorized entity. The following threat actions can cause
+ usurpation:
+
+ A. "Misappropriation": A threat action whereby an entity
+ assumes unauthorized logical or physical control of a system
+ resource.
+
+ a. "Theft of service": Unauthorized use of service by an
+ entity.
+
+ b. "Theft of functionality": Unauthorized acquisition of
+ actual hardware, software, or firmware of a system
+ component.
+
+ c. "Theft of data": Unauthorized acquisition and use of
+ data.
+
+ B. "Misuse": A threat action that causes a system component to
+ perform a function or service that is detrimental to system
+ security.
+
+ a. "Tamper": In context of misuse, deliberate alteration of
+ a system's logic, data, or control information to cause
+ the system to perform unauthorized functions or services.
+
+
+
+Shirey Informational [Page 175]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ b. "Malicious logic": In context of misuse, any hardware,
+ software, or firmware intentionally introduced into a
+ system to perform or control execution of an unauthorized
+ function or service.
+
+ c. "Violation of permissions": Action by an entity that
+ exceeds the entity's system privileges by executing an
+ unauthorized function.
+
+ $ thumbprint
+ (I) A pattern of curves formed by the ridges on the tip of a
+ thumb. (See: biometric authentication, fingerprint.)
+
+ (D) ISDs SHOULD NOT use this term as a synonym for "hash result"
+ because that meaning mixes concepts in a potentially misleading
+ way.
+
+ $ ticket
+ (I) A synonym for "capability". (See: Kerberos.)
+
+ (C) A ticket is usually granted by a centralized access control
+ server (ticket-granting agent) to authorize access to a system
+ resource for a limited time. Tickets have been implemented with
+ symmetric cryptography, but can also be implemented as attribute
+ certificates using asymmetric cryptography.
+
+ $ timing channel
+ See: (secondary definition under) covert channel.
+
+ $ TLS
+ See: Transport Layer Security. (See: TLSP.)
+
+ $ TLSP
+ See: Transport Layer Security Protocol. (See: TLS.)
+
+ $ token
+ 1. (I) General usage: An object that is used to control access and
+ is passed between cooperating entities in a protocol that
+ synchronizes use of a shared resource. Usually, the entity that
+ currently holds the token has exclusive access to the resource.
+
+ 2. (I) Authentication usage: A data object or a portable, user-
+ controlled, physical device used to verify an identity in an
+ authentication process. (See: authentication information, dongle.)
+
+ 3. (I) Cryptographic usage: See: cryptographic token.
+
+
+
+
+
+Shirey Informational [Page 176]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ 4. (O) SET usage: "A portable device [e.g., smart card or PCMCIA
+ card] specifically designed to store cryptographic information and
+ possibly perform cryptographic functions in a secure manner."
+ [SET2]
+
+ $ token backup
+ (I) A token management operation that stores sufficient
+ information in a database (e.g., in a CAW) to recreate or restore
+ a security token (e.g., a smart card) if it is lost or damaged.
+
+ $ token copy
+ (I) A token management operation that copies all the personality
+ information from one security token to another. However, unlike in
+ a token restore operation, the second token is initialized with
+ its own, different local security values such as PINs and storage
+ keys.
+
+ $ token management
+ (I) The process of initializing security tokens (e.g., see: smart
+ card), loading data into the tokens, and controlling the tokens
+ during their life cycle. May include performing key management and
+ certificate management functions; generating and installing PINs;
+ loading user personality data; performing card backup, card copy,
+ and card restore operations; and updating firmware.
+
+ $ token restore
+ (I) A token management operation that loads a security token with
+ data for the purpose of recreating (duplicating) the contents
+ previously held by that or another token.
+
+ $ token storage key
+ (I) A cryptography key used to protect data that is stored on a
+ security token.
+
+ $ top CA
+ (I) A CA that is the highest level (i.e., is the most trusted CA)
+ in a certification hierarchy. (See: root.)
+
+ $ top-level specification
+ (I) "A non-procedural description of system behavior at the most
+ abstract level; typically a functional specification that omits
+ all implementation details." [NCS04] (See: (discussion under)
+ security policy.)
+
+ (C) A top-level specification may be descriptive or formal:
+
+
+
+
+
+
+Shirey Informational [Page 177]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ - "Descriptive top-level specification": One that is written in a
+ natural language like English or an informal design notation.
+
+ - "Formal top-level specification": One that is written in a
+ formal mathematical language to enable theorems to be proven that
+ show that the specification correctly implements a set of formal
+ requirements or a formal security model. (See: correctness proof.)
+
+ $ traffic analysis
+ (I) Inference of information from observable characteristics of
+ data flow(s), even when the data is encrypted or otherwise not
+ directly available. Such characteristics include the identities
+ and locations of the source(s) and destination(s), and the
+ presence, amount, frequency, and duration of occurrence. (See:
+ wiretapping.)
+
+ (O) "The inference of information from observation of traffic
+ flows (presence, absence, amount, direction, and frequency)."
+ [I7498 Part 2]
+
+ $ traffic flow confidentiality
+ (I) A data confidentiality service to protect against traffic
+ analysis.
+
+ (O) "A confidentiality service to protect against traffic
+ analysis." [I7498 Part 2]
+
+ $ traffic padding
+ (I) "The generation of spurious instances of communication,
+ spurious data units, and/or spurious data within data units."
+ [I7498 Part 2]
+
+ $ tranquillity property
+ See: (secondary definition under) Bell-LaPadula Model.
+
+ $ Transmission Control Protocol (TCP)
+ (I) An Internet Standard protocol [R0793] that reliably delivers a
+ sequence of datagrams (discrete sets of bits) from one computer to
+ another in a computer network. (See: TCP/IP.)
+
+ (C) TCP is designed to fit into a layered hierarchy of protocols
+ that support internetwork applications. TCP assumes it can obtain
+ a simple, potentially unreliable datagram service (such as the
+ Internet Protocol) from the lower-layer protocols.
+
+ $ Transport Layer Security (TLS)
+ (I) TLS Version 1.0 is an Internet protocol [R2246] based-on and
+ very similar to SSL Version 3.0. (See: TLSP.)
+
+
+
+Shirey Informational [Page 178]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) The TLS protocol is misnamed, because it operates well above
+ the transport layer (OSI layer 4).
+
+ $ Transport Layer Security Protocol (TLSP)
+ (I) An end-to-end encryption protocol(ISO Standard 10736) that
+ provides security services at the bottom of OSI layer 4, i.e.,
+ directly above layer 3. (See: TLS.)
+
+ (C) TLSP evolved directly from the SP4 protocol of SDNS.
+
+ $ transport mode vs. tunnel mode
+ (I) IPsec usage: Two ways to apply IPsec protocols (AH and ESP) to
+ protect communications:
+
+ - "Transport mode": The protection applies to (i.e., the IPsec
+ protocol encapsulates) the packets of upper-layer protocols,
+ the ones that are carried above IP.
+
+ - "Tunnel mode": The protection applies to (i.e., the IPsec
+ protocol encapsulates) IP packets.
+
+ (C) A transport mode security association is always between two
+ hosts. In a tunnel mode security association, each end may be
+ either a host or a gateway. Whenever either end of an IPsec
+ security association is a security gateway, the association is
+ required to be in tunnel mode.
+
+ $ trap door
+ (I) A hidden computer flaw known to an intruder, or a hidden
+ computer mechanism (usually software) installed by an intruder,
+ who can activate the trap door to gain access to the computer
+ without being blocked by security services or mechanisms. (See:
+ back door, Trojan horse.)
+
+ $ triple DES
+ (I) A block cipher, based on DES, that transforms each 64-bit
+ plaintext block by applying the Data Encryption Algorithm three
+ successive times, using either two or three different keys, for an
+ effective key length of 112 or 168 bits. [A9052] (See: DES.)
+
+ (C) IPsec usage: The algorithm variation proposed for ESP uses a
+ 168-bit key, consisting of three independent 56-bit quantities
+ used by the Data Encryption Algorithm, and a 64-bit initialization
+ value. Each datagram contains an IV to ensure that each received
+ datagram can be decrypted even when other datagrams are dropped or
+ a sequence of datagrams is reordered in transit. [R1851]
+
+
+
+
+
+Shirey Informational [Page 179]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ triple-wrapped
+ (I) S/MIME usage: Data that has been signed with a digital
+ signature, and then encrypted, and then signed again. [R2634]
+
+ $ Trojan horse
+ (I) A computer program that appears to have a useful function, but
+ also has a hidden and potentially malicious function that evades
+ security mechanisms, sometimes by exploiting legitimate
+ authorizations of a system entity that invokes the program.
+
+ $ trust
+ 1. (I) Information system usage: The extent to which someone who
+ relies on a system can have confidence that the system meets its
+ specifications, i.e., that the system does what it claims to do
+ and does not perform unwanted functions. (See: trust level.)
+
+ (C) "trusted vs. trustworthy": In discussing a system or system
+ process or object, this Glossary (and industry usage) prefers the
+ term "trusted" to describe a system that operates as expected,
+ according to design and policy. When the trust can also be
+ guaranteed in some convincing way, such as through formal analysis
+ or code review, the system is termed "trustworthy"; this differs
+ from the ABA Guidelines definition (see: trustworthy system).
+
+ 2. (I) PKI usage: A relationship between a certificate user and a
+ CA in which the user acts according to the assumption that the CA
+ creates only valid digital certificates.
+
+ (O) "Generally, an entity can be said to 'trust' a second entity
+ when it (the first entity) makes the assumption that the second
+ entity will behave exactly as the first entity expects. This trust
+ may apply only for some specific function. The key role of trust
+ in [X.509] is to describe the relationship between an entity and a
+ [certification] authority; an entity shall be certain that it can
+ trust the certification authority to create only valid and
+ reliable certificates." [X509]
+
+ $ trust chain
+ (D) ISDs SHOULD NOT use this term as a synonym for "certification
+ path" because it mixes concepts in a potentially misleading way.
+ (See: trust.)
+
+ $ trust-file PKI
+ (I) A non-hierarchical PKI in which each certificate user has a
+ local file (which is used by application software) of public-key
+ certificates that the user trusts as starting points (i.e., roots)
+ for certification paths. (See: hierarchical PKI, mesh PKI, root,
+ web of trust.)
+
+
+
+Shirey Informational [Page 180]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) For example, popular browsers are distributed with an initial
+ file of trusted certificates, which often are self-signed
+ certificates. Users can add certificates to the file or delete
+ from it. The file may be directly managed by the user, or the
+ user's organization may manage it from a centralized server.
+
+ $ trust hierarchy
+ (D) ISDs SHOULD NOT use this term as a synonym for "certification
+ hierarchy" because this term mixes concepts (see: trust) in a
+ potentially misleading way and duplicates the meaning of another,
+ standardized term. (See: trust, web of trust.)
+
+ $ trust level
+ (I) A characterization of a standard of security protection to be
+ met by a computer system.
+
+ (C) The TCSEC defines eight trust levels. From the lowest to the
+ highest, they are D, C1, C2, B1, B2, B3, and A1. A trust level is
+ based not only on the presence of security mechanisms but also on
+ the use of systems engineering discipline to properly structure
+ the system and implementation analysis to ensure that the system
+ provides an appropriate degree of trust.
+
+ $ trusted
+ See: (discussion under) trust.
+
+ $ trusted certificate
+ (I) A certificate upon which a certificate user relies as being
+ valid without the need for validation testing; especially a
+ public-key certificate that is used to provide the first public
+ key in a certification path. (See: certification path, root
+ certificate, validation.)
+
+ (C) A trusted public-key certificate might be (a) the root
+ certificate in a hierarchical PKI, (b) the certificate of the CA
+ that issued the user's own certificate in a mesh PKI, or (c)
+ any certificate accepted by the user in a trust-file PKI.
+
+ $ trusted computer system
+ (I) Multilevel security usage: "A system that employs sufficient
+ hardware and software assurance measures to allow its use for
+ simultaneous processing of a range of sensitive or classified
+ information." [NCS04] (See: (discussion under) trust.)
+
+ $ Trusted Computer System Evaluation Criteria (TCSEC)
+ (N) A standard for evaluating the security provided by operating
+ systems [CSC001, DOD1]. Informally called the "Orange Book"
+
+
+
+
+Shirey Informational [Page 181]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ because of the color of its cover; first document in the Rainbow
+ Series. (See: Common Criteria, (usage note under) Green Book,
+ Orange Book, trust level.)
+
+ $ trusted computing base (TCB)
+ (I) "The totality of protection mechanisms within a computer
+ system, including hardware, firmware, and software, the
+ combination of which is responsible for enforcing a security
+ policy." [NCS04] (See: (discussion of "trusted" under) trust.)
+
+ $ trusted distribution
+ (I) "A trusted method for distributing the TCB hardware, software,
+ and firmware components, both originals and updates, that provides
+ methods for protecting the TCB from modification during
+ distribution and for detection of any changes to the TCB that may
+ occur." [NCS04]
+
+ $ trusted key
+ (I) A public key upon which a user relies; especially a public key
+ that can be used as the first public key in a certification path.
+ (See: certification path, root key, validation.)
+
+ (C) A trusted public key might be (a) the root key in a
+ hierarchical PKI, (b) the key of the CA that issued the user's own
+ certificate in a mesh PKI, or (c) any key accepted by the user in
+ a trust-file PKI.
+
+ $ trusted path
+ (I) COMPUSEC usage: A mechanism by which a computer system user
+ can communicate directly and reliably with the trusted computing
+ base (TCB) and that can only be activated by the user or the TCB
+ and cannot be imitated by untrusted software within the computer.
+ [NCS04]
+
+ (I) COMSEC usage: A mechanism by which a person or process can
+ communicate directly with a cryptographic module and that can only
+ be activated by the person, process, or module, and cannot be
+ imitated by untrusted software within the module. [FP140]
+
+ $ trusted process
+ (I) A system process that has privileges that enable it to affect
+ the state of system security and that can, therefore, through
+ incorrect or malicious execution, violate the system's security
+ policy. (See: privileged process, (discussion of "trusted" under)
+ trust.)
+
+
+
+
+
+
+Shirey Informational [Page 182]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ trusted subnetwork
+ (I) A subnetwork containing hosts and routers that trust each
+ other not to engage in active or passive attacks. (There also is
+ an assumption that the underlying communication channels--e.g.,
+ telephone lines, or a LAN--are protected from attack by some
+ means.)
+
+ $ trusted system
+ See: (discussion under) trust, trusted computer system,
+ trustworthy system.
+
+ $ Trusted Systems Interoperability Group (TSIG)
+ (N) A forum of computer vendors, system integrators, and users
+ devoted to promoting interoperability of trusted computer systems.
+ TSIG meetings are open to all persons who are working in the
+ INFOSEC area.
+
+ $ trustworthy system
+ (O) ABA usage: "Computer hardware, software, and procedures that:
+ (a) are reasonably secure from intrusion and misuse; (b) provide a
+ reasonably reliable level of availability, reliability, and
+ correct operation; (c) are reasonably suited to performing their
+ intended functions; and (d) adhere to generally accepted security
+ principles." [ABA] This differs somewhat from other industry
+ usage. (See: (discussion of "trusted vs. trustworthy" under)
+ trust.)
+
+ $ TSIG
+ See: Trusted System Interoperability Group.
+
+ $ tunnel
+ (I) A communication channel created in a computer network by
+ encapsulating (carrying, layering) a communication protocol's data
+ packets in (on top of) a second protocol that normally would be
+ carried above, or at the same layer as, the first one. (See: L2TP,
+ VPN.)
+
+ (C) Tunneling can involve almost any OSI or TCP/IP protocol
+ layers; for example, a TCP connection between two hosts could
+ conceivably be tunneled through email messages across the
+ Internet. Most often, a tunnel is a logical point-to-point link--
+ i.e., an OSI layer 2 connection--created by encapsulating the
+ layer 2 protocol in a transport protocol (such as TCP), in a
+ network or internetwork layer protocol (such as IP), or in another
+ link layer protocol. Often, encapsulation is accomplished with an
+ extra, intermediate protocol, i.e., a tunneling protocol (such as
+ L2TP) that is layered between the tunneled layer 2 protocol and
+ the encapsulating protocol.
+
+
+
+Shirey Informational [Page 183]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) Tunneling can move data between computers that use a protocol
+ not supported by the network connecting them. Tunneling also can
+ enable a computer network to use the services of a second network
+ as though the second network were a set of point-to-point links
+ between the first network's nodes. (See: virtual private network.)
+
+ (O) SET usage: The name of a SET private extension that indicates
+ whether the CA or the payment gateway supports passing encrypted
+ messages to the cardholder through the merchant. If so, the
+ extension lists OIDs of symmetric encryption algorithms that are
+ supported.
+
+ $ tunnel mode
+ (I) IPsec usage: See: transport mode vs. tunnel mode.
+
+ $ two-person control
+ (I) The close surveillance and control of a system, process, or
+ materials (especially with regard to cryptography) at all times by
+ a minimum of two appropriately authorized persons, each capable of
+ detecting incorrect and unauthorized procedures with respect to
+ the tasks to be performed and each familiar with established
+ security requirements. (See: dual control, no-lone zone.)
+
+ $ Type I cryptography
+ (O) A cryptographic algorithm or device approved by NSA for
+ protecting classified information.
+
+ $ Type II cryptography
+ (O) A cryptographic algorithm or device approved by NSA for
+ protecting sensitive unclassified information (as specified in
+ section 2315 of Title 10 United States Code, or section 3502(2) of
+ Title 44, United States Code.)
+
+ $ Type III cryptography
+ (O) A cryptographic algorithm or device approved as a Federal
+ Information Processing Standard.
+
+ $ UDP
+ See: User Datagram Protocol.
+
+ $ unclassified
+ (I) Not classified.
+
+ $ unencrypted
+ (I) Not encrypted.
+
+
+
+
+
+
+Shirey Informational [Page 184]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ unforgeable
+ (I) Cryptographic usage: The property of a cryptographic data
+ structure (i.e., a data structure that is defined using one or
+ more cryptographic functions) that makes it computationally
+ infeasible to construct (i.e., compute) an unauthorized but
+ correct value of the structure without having knowledge of one of
+ more keys. (E.g., see: digital certificate.)
+
+ (C) This definition is narrower than general English usage, where
+ "unforgeable" means unable to be fraudulently created or
+ duplicated. In that broader sense, anyone can forge a digital
+ certificate containing any set of data items whatsoever by
+ generating the to-be-signed certificate and signing it with any
+ private key whatsoever. But for PKI purposes, the forged data
+ structure is invalid if it is not signed with the true private key
+ of the claimed issuer; thus, the forgery will be detected when a
+ certificate user uses the true public key of the claimed issuer to
+ verify the signature.
+
+ $ uniform resource identifier (URI)
+ (I) A type of formatted identifier that encapsulates the name of
+ an Internet object, and labels it with an identification of the
+ name space, thus producing a member of the universal set of names
+ in registered name spaces and of addresses referring to registered
+ protocols or name spaces. [R1630]
+
+ (C) URIs are used in HTML to identify the target of hyperlinks. In
+ common practice, URIs include uniform resource locators [R2368]
+ and relative URLs, and may be URNs. [R1808]
+
+ $ uniform resource locator (URL)
+ (I) A type of formatted identifier that describes the access
+ method and location of an information resource object on the
+ Internet. [R1738]
+
+ (C) A URL is a URI that provides explicit instructions on how to
+ access the named object. For example,
+ "ftp://bbnarchive.bbn.com/foo/bar/picture/cambridge.zip" is a URL.
+ The part before the colon specifies the access scheme or protocol,
+ and the part after the colon is interpreted according to that
+ access method. Usually, two slashes after the colon indicate the
+ host name of a server (written as a domain name). In an FTP or
+ HTTP URL, the host name is followed by the path name of a file on
+ the server. The last (optional) part of a URL may be either a
+ fragment identifier that indicates a position in the file, or a
+ query string.
+
+
+
+
+
+Shirey Informational [Page 185]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ uniform resource name (URN)
+ (I) A URI that has an institutional commitment to persistence and
+ availability.
+
+ $ untrusted process
+ (I) A system process that is not able to affect the state of
+ system security through incorrect or malicious operation, usually
+ because its operation is confined by a security kernel. (See:
+ trusted process.)
+
+ $ UORA
+ See: user-PIN ORA.
+
+ $ update
+ See: certificate update and key update.
+
+ $ URI
+ See: uniform resource identifier.
+
+ $ URL
+ See: uniform resource locator.
+
+ $ URN
+ See: uniform resource name.
+
+ $ user
+ (I) A person, organization entity, or automated process that
+ accesses a system, whether authorized to do so or not. (See:
+ [R2504].)
+
+ (C) Any ISD that uses this term SHOULD provide an explicit
+ definition, because this term is used in many ways and can easily
+ be misunderstood.
+
+ $ User Datagram Protocol (UDP)
+ (I) An Internet Standard protocol [R0768] that provides a datagram
+ mode of packet-switched computer communication in an internetwork.
+
+ (C) UDP is a transport layer protocol, and it assumes that IP is
+ the underlying protocol. UDP enables application programs to send
+ transaction-oriented data to other programs with minimal protocol
+ mechanism. UDP does not provide reliable delivery, flow control,
+ sequencing, or other end-to-end services that TCP provides.
+
+ $ user identifier
+ (I) A character string or symbol that is used in a system to
+ uniquely name a specific user or group of users.
+
+
+
+
+Shirey Informational [Page 186]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) Often verified by a password in an authentication process.
+
+ $ user PIN
+ (O) MISSI usage: One of two personal identification numbers that
+ control access to the functions and stored data of a FORTEZZA PC
+ card. Knowledge of the user PIN enables the card user to perform
+ the FORTEZZA functions that are intended for use by an end user.
+ (See: SSO PIN.)
+
+ $ user-PIN ORA (UORA)
+ (O) A MISSI organizational RA that operates in a mode in which the
+ ORA performs only the subset of card management functions that are
+ possible with knowledge of the user PIN for a FORTEZZA PC card.
+ (See: no-PIN ORA, SSO-PIN ORA.)
+
+ $ usurpation
+ See: (secondary definition under) threat consequence.
+
+ $ UTCTime
+ (N) The ASN.1 data type "UTCTime" contains a calendar date
+ (YYMMDD) and a time to a precision of either one minute (HHMM) or
+ one second (HHMMSS), where the time is either (a) Coordinated
+ Universal Time or (b) the local time followed by an offset that
+ enables Coordinated Universal Time to be calculated. Note: UTCTime
+ has the Year 2000 problem. (See: Coordinated Universal Time,
+ GeneralizedTime.)
+
+ $ v1 certificate
+ (C) Ambiguously refers to either an X.509 public-key certificate
+ in its version 1 format, or an X.509 attribute certificate in its
+ version 1 format. However, many people who use this term are not
+ aware that X.509 specifies attribute certificates that do not
+ contain a public key. Therefore, ISDs MAY use this term as an
+ abbreviation for "version 1 X.509 public-key certificate", but
+ only after using the full term at the first instance.
+
+ (D) ISDs SHOULD NOT use this term as an abbreviation for "version
+ 1 X.509 attribute certificate".
+
+ $ v1 CRL
+ (I) An abbreviation for "X.509 CRL in version 1 format".
+
+ (C) ISDs should use this abbreviation only after using the full
+ term at its first occurrence and defining the abbreviation.
+
+ $ v2 certificate
+ (I) An abbreviation for "X.509 public-key certificate in version 2
+ format".
+
+
+
+Shirey Informational [Page 187]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) ISDs should use this abbreviation only after using the full
+ term at its first occurrence and defining the abbreviation.
+
+ $ v2 CRL
+ (I) An abbreviation for "X.509 CRL in version 2 format".
+
+ (C) ISDs should use this abbreviation only after using the full
+ term at its first occurrence and defining the abbreviation.
+
+ $ v3 certificate
+ (I) An abbreviation for "X.509 public-key certificate in version 3
+ format".
+
+ (C) ISDs should use this abbreviation only after using the full
+ term at its first occurrence and defining the abbreviation.
+
+ $ valid certificate
+ (I) A digital certificate for which the binding of the data items
+ can be trusted; one that can be validated successfully. (See:
+ validate vs. verify.)
+
+ $ valid signature
+ (D) ISDs SHOULD NOT use this term; instead, use "authentic
+ signature". This Glossary recommends saying "validate the
+ certificate" and "verify the signature"; therefore, it would be
+ inconsistent to say that a signature is "valid". (See: validate
+ vs. verify.)
+
+ $ validate vs. verify
+ (C) The PKI community uses words inconsistently when describing
+ what a certificate user does to make certain that a digital
+ certificate can be trusted. Usually, we say "verify the signature"
+ but say "validate the certificate"; i.e., we "verify" atomic
+ truths but "validate" data structures, relationships, and systems
+ that are composed of or depend on verified items. Too often,
+ however, verify and validate are used interchangeably.
+
+ ISDs SHOULD comply with the following two rules to ensure
+ consistency and to align Internet security terminology with
+ ordinary English:
+
+ - Rule 1: Use "validate" when referring to a process intended to
+ establish the soundness or correctness of a construct. (E.g.,
+ see: certificate validation.)
+
+ - Rule 2: Use "verify" when referring to a process intended to
+ test or prove the truth or accuracy of a fact or value. (E.g.,
+ see: authenticate.)
+
+
+
+Shirey Informational [Page 188]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ The rationale for Rule 1 is that "valid" derives from a word that
+ means "strong" in Latin. Thus, to validate means to make sure that
+ a construction is sound. A certificate user validates a public-key
+ certificate to establish trust in the binding that the certificate
+ asserts between an identity and a key. (To validate can also mean
+ to officially approve something; e.g., NIST validates
+ cryptographic modules for conformance with FIPS PUB 140-1.)
+
+ The rationale for Rule 2 is that "verify" derives from a word that
+ means "true" in Latin. Thus, to verify means to prove the truth of
+ an assertion by examining evidence or performing tests. To verify
+ an identity, an authentication process examines identification
+ information that is presented or generated. To validate a
+ certificate, a certificate user verifies the digital signature on
+ the certificate by performing calculations; verifies that the
+ current time is within the certificate's validity period; and may
+ need to validate a certification path involving additional
+ certificates.
+
+ $ validation
+ See: validate vs. verify.
+
+ $ validity period
+ (I) A data item in a digital certificate that specifies the time
+ period for which the binding between data items (especially
+ between the subject name and the public key value in a public-key
+ certificate) is valid, except if the certificate appears on a CRL
+ or the key appears on a CKL.
+
+ $ value-added network (VAN)
+ (I) A computer network or subnetwork (which is usually a
+ commercial enterprise) that transmits, receives, and stores EDI
+ transactions on behalf of its customers.
+
+ (C) A VAN may also provide additional services, ranging from EDI
+ format translation, to EDI-to-FAX conversion, to integrated
+ business systems.
+
+ $ VAN
+ See: value-added network.
+
+ $ verification
+ 1. System verification: The process of comparing two levels of
+ system specification for proper correspondence, such as comparing
+ a security policy with a top-level specification, a top-level
+ specification with source code, or source code with object code.
+ [NCS04]
+
+
+
+
+Shirey Informational [Page 189]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ 2. Identification verification: Presenting information to
+ establish the truth of a claimed identity.
+
+ $ verify
+ See: validate vs. verify.
+
+ $ violation
+ See: security violation.
+
+ $ virtual private network (VPN)
+ (I) A restricted-use, logical (i.e., artificial or simulated)
+ computer network that is constructed from the system resources of
+ a relatively public, physical (i.e., real) network (such as the
+ Internet), often by using encryption (located at hosts or
+ gateways), and often by tunneling links of the virtual network
+ across the real network.
+
+ (C) For example, if a corporation has LANs at several different
+ sites, each connected to the Internet by a firewall, the
+ corporation could create a VPN by (a) using encrypted tunnels to
+ connect from firewall to firewall across the Internet and (b) not
+ allowing any other traffic through the firewalls. A VPN is
+ generally less expensive to build and operate than a dedicated
+ real network, because the virtual network shares the cost of
+ system resources with other users of the real network.
+
+ $ virus
+ (I) A hidden, self-replicating section of computer software,
+ usually malicious logic, that propagates by infecting--i.e.,
+ inserting a copy of itself into and becoming part of--another
+ program. A virus cannot run by itself; it requires that its host
+ program be run to make the virus active.
+
+ $ VPN
+ See: virtual private network.
+
+ $ vulnerability
+ (I) A flaw or weakness in a system's design, implementation, or
+ operation and management that could be exploited to violate the
+ system's security policy.
+
+ (C) Most systems have vulnerabilities of some sort, but this does
+ not mean that the systems are too flawed to use. Not every threat
+ results in an attack, and not every attack succeeds. Success
+ depends on the degree of vulnerability, the strength of attacks,
+ and the effectiveness of any countermeasures in use. If the
+ attacks needed to exploit a vulnerability are very difficult to
+ carry out, then the vulnerability may be tolerable. If the
+
+
+
+Shirey Informational [Page 190]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ perceived benefit to an attacker is small, then even an easily
+ exploited vulnerability may be tolerable. However, if the attacks
+ are well understood and easily made, and if the vulnerable system
+ is employed by a wide range of users, then it is likely that there
+ will be enough benefit for someone to make an attack.
+
+ $ W3
+ See: World Wide Web.
+
+ $ war dialer
+ (I) A computer program that automatically dials a series of
+ telephone numbers to find lines connected to computer systems, and
+ catalogs those numbers so that a cracker can try to break into the
+ systems.
+
+ $ Wassenaar Arrangement
+ (N) The Wassenaar Arrangement on Export Controls for Conventional
+ Arms and Dual-Use Goods and Technologies is a global, multilateral
+ agreement approved by 33 countries in July 1996 to contribute to
+ regional and international security and stability, by promoting
+ information exchange concerning, and greater responsibility in,
+ transfers of arms and dual-use items, thus preventing
+ destabilizing accumulations. (See: International Traffic in Arms
+ Regulations.)
+
+ (C) The Arrangement began operations in September 1996. The
+ participating countries are Argentina, Australia, Austria,
+ Belgium, Bulgaria, Canada, Czech Republic, Denmark, Finland,
+ France, Germany, Greece, Hungary, Ireland, Italy, Japan,
+ Luxembourg, Netherlands, New Zealand, Norway, Poland, Portugal,
+ Republic of Korea, Romania, Russian Federation, Slovak Republic,
+ Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom, and
+ United States. Participants meet on a regular basis in Vienna,
+ where the Arrangement has its headquarters.
+
+ Participating countries seek through their national policies to
+ ensure that transfers do not contribute to the development or
+ enhancement of military capabilities that undermine the goals of
+ the arrangement, and are not diverted to support such
+ capabilities. The countries maintain effective export controls for
+ items on the agreed lists, which are reviewed periodically to
+ account for technological developments and experience gained.
+ Through transparency and exchange of views and information,
+ suppliers of arms and dual-use items can develop common
+ understandings of the risks associated with their transfer and
+ assess the scope for coordinating national control policies to
+ combat these risks. Members provide semi-annual notification of
+ arms transfers, covering seven categories derived from the UN
+
+
+
+Shirey Informational [Page 191]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ Register of Conventional Arms. Members also report transfers or
+ denials of transfers of certain controlled dual-use items.
+ However, the decision to transfer or deny transfer of any item is
+ the sole responsibility of each participating country. All
+ measures undertaken with respect to the arrangement are in
+ accordance with national legislation and policies and are
+ implemented on the basis of national discretion.
+
+ $ watermarking
+ See: digital watermarking.
+
+ $ web of trust
+ (O) PGP usage: A trust-file PKI technique used in PGP for building
+ a file of validated public keys by making personal judgments about
+ being able to trust certain people to be holding properly
+ certified keys of other people. (See: certification hierarchy,
+ mesh PKI.)
+
+ $ web server
+ (I) A software process that runs on a host computer connected to
+ the Internet to respond to HTTP requests for documents from client
+ web browsers.
+
+ $ web vs. Web
+ 1. (I) Capitalized: ISDs SHOULD capitalize "Web" when using the
+ term (as either a noun or an adjective) to refer specifically to
+ the World Wide Web. (Similarly, see: internet vs. Internet.)
+
+ 2. (C) Not capitalized: ISDs SHOULD NOT capitalize "web" when
+ using the term (usually as an adjective) to refer generically to
+ technology--such as web browsers, web servers, HTTP, and HTML--
+ that is used in the Web or similar networks.
+
+ (C) IETF documents SHOULD spell out "World Wide Web" fully at the
+ first instance of usage and SHOULD Use "Web" and "web" especially
+ carefully where confusion with the PGP "web of trust" is possible.
+
+ $ wiretapping
+ (I) An attack that intercepts and accesses data and other
+ information contained in a flow in a communication system.
+
+ (C) Although the term originally referred to making a mechanical
+ connection to an electrical conductor that links two nodes, it is
+ now used to refer to reading information from any sort of medium
+ used for a link or even directly from a node, such as gateway or
+ subnetwork switch.
+
+
+
+
+
+Shirey Informational [Page 192]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ (C) "Active wiretapping" attempts to alter the data or otherwise
+ affect the flow; "passive wiretapping" only attempts to observe
+ the flow and gain knowledge of information it contains. (See:
+ active attack, end-to-end encryption, passive attack.)
+
+ $ work factor
+ (I) General security usage: The estimated amount of effort or time
+ that can be expected to be expended by a potential intruder to
+ penetrate a system, or defeat a particular countermeasure, when
+ using specified amounts of expertise and resources.
+
+ (I) Cryptography usage: The estimated amount of computing time and
+ power needed to break a cryptographic system.
+
+ $ World Wide Web ("the Web", WWW, W3)
+ (N) The global, hypermedia-based collection of information and
+ services that is available on Internet servers and is accessed by
+ browsers using Hypertext Transfer Protocol and other information
+ retrieval mechanisms. (See: web vs. Web, [R2084].)
+
+ $ worm
+ (I) A computer program that can run independently, can propagate a
+ complete working version of itself onto other hosts on a network,
+ and may consume computer resources destructively. (See: Morris
+ Worm, virus.)
+
+ $ wrap
+ (O) To use cryptography to provide data confidentiality service
+ for a data object. (See: encrypt, seal.)
+
+ (D) ISDs SHOULD NOT use this term with this definition because it
+ duplicates the meaning of other, standard terms. Instead, use
+ "encrypt" or use a term that is specific with regard to the
+ mechanism used.
+
+ $ WWW
+ See: World Wide Web.
+
+ $ X.400
+ (N) An ITU-T Recommendation [X400] that is one part of a joint
+ ITU-T/ISO multi-part standard (X.400-X.421) that defines the
+ Message Handling Systems. (The ISO equivalent is IS 10021, parts
+ 1-7.) (See: Message Handling Systems.)
+
+ $ X.500
+ $ X.500 Directory
+ (N) An ITU-T Recommendation [X500] that is one part of a joint
+ ITU-T/ISO multi-part standard (X.500-X.525) that defines the X.500
+
+
+
+Shirey Informational [Page 193]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ Directory, a conceptual collection of systems that provide
+ distributed directory capabilities for OSI entities, processes,
+ applications, and services. (The ISO equivalent is IS 9594-1 and
+ related standards, IS 9594-x.) (See: directory vs. Directory,
+ X.509.)
+
+ (C) The X.500 Directory is structured as a tree (the Directory
+ Information Tree), and information is stored in directory entries.
+ Each entry is a collection of information about one object, and
+ each object has a DN. A directory entry is composed of attributes,
+ each with a type and one or more values. For example, if a PKI
+ uses the Directory to distribute certificates, then the X.509
+ public-key certificate of an end user is normally stored as a
+ value of an attribute of type "userCertificate" in the Directory
+ entry that has the DN that is the subject of the certificate.
+
+ $ X.509
+ (N) An ITU-T Recommendation [X509] that defines a framework to
+ provide and support data origin authentication and peer entity
+ authentication services, including formats for X.509 public-key
+ certificates, X.509 attribute certificates, and X.509 CRLs. (The
+ ISO equivalent is IS 9498-4.) (See: X.500.)
+
+ (C) X.509 describes two levels of authentication: simple
+ authentication based on a password, and strong authentication
+ based on a public-key certificate.
+
+ $ X.509 attribute certificate
+ (N) An attribute certificate in the version 1 (v1) format defined
+ by X.509. (The v1 designation for an X.509 attribute certificate
+ is disjoint from the v1 designation for an X.509 public-key
+ certificate, and from the v1 designation for an X.509 CRL.)
+
+ (C) An X.509 attribute certificate has a subject field, but the
+ attribute certificate is a separate data structure from that
+ subject's public-key certificate. A subject may have multiple
+ attribute certificates associated with each of its public-key
+ certificates, and an attribute certificate may be issued by a
+ different CA than the one that issued the associated public-key
+ certificate.
+
+ (C) An X.509 attribute certificate contains a sequence of data
+ items and has a digital signature that is computed from that
+ sequence. In addition to the signature, an attribute certificate
+ contains items 1 through 9 listed below:
+
+
+
+
+
+
+Shirey Informational [Page 194]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ 1. version Identifies v1.
+ 2. subject Is one of the following:
+ 2a. baseCertificateID - Issuer and serial number of an
+ X.509 public-key certificate.
+ 2b. subjectName - DN of the subject.
+ 3. issuer DN of the issuer (the CA who signed).
+ 4. signature OID of algorithm that signed the cert.
+
+ 5. serialNumber Certificate serial number;
+ an integer assigned by the issuer.
+ 6. attCertValidityPeriod Validity period; a pair of UTCTime
+ values: "not before" and "not after".
+ 7. attributes Sequence of attributes describing the
+ subject.
+ 8. issuerUniqueId Optional, when a DN is not sufficient.
+ 9. extensions Optional.
+
+ $ X.509 authority revocation list
+ (N) An ARL in one of the formats defined by X.509--version 1 (v1)
+ or version 2 (v2). A specialized kind of certificate revocation
+ list.
+
+ $ X.509 certificate
+ (N) Either an X.509 public-key certificate or an X.509 attribute
+ certificate.
+
+ (C) This Glossary uses the term with the precise meaning
+ recommended here. However, some who use the term may not be aware
+ that X.509 specifies attribute certificates that do not contain a
+ public key. Even among those who are aware, this term is commonly
+ used as an abbreviation to mean "X.509 public-key certificate".
+ ISDs MAY use the term as an abbreviation for "X.509 public-key
+ certificate", but only after using the full term at the first
+ instance.
+
+ (D) ISDs SHOULD NOT use this term as an abbreviation to mean
+ "X.509 attribute certificate".
+
+ $ X.509 certificate revocation list (CRL)
+ (N) A CRL in one of the formats defined by X.509--version 1 (v1)
+ or version 2 (v2). (The v1 and v2 designations for an X.509 CRL
+ are disjoint from the v1 and v2 designations for an X.509 public-
+ key certificate, and from the v1 designation for an X.509
+ attribute certificate.) (See: certificate revocation.)
+
+ (C) ISDs SHOULD NOT refer to an X.509 CRL as a digital
+ certificate, but note that an X.509 CRL does meet this Glossary's
+ definition of "digital certificate". Like a digital certificate,
+
+
+
+Shirey Informational [Page 195]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ an X.509 CRL makes an assertion and is signed by a CA. But instead
+ of binding a key or other attributes to a subject, an X.509 CRL
+ asserts that certain previously-issued X.509 certificates have
+ been revoked.
+
+ (C) An X.509 CRL contains a sequence of data items and has a
+ digital signature computed on that sequence. In addition to the
+ signature, both v1 and v2 contain items 2 through 6b listed below.
+ Version 2 contains item 1 and may optionally contain 6c and 7.
+
+ 1. version Optional. If present, identifies v2.
+ 2. signature OID of the algorithm that signed CRL.
+ 3. issuer DN of the issuer (the CA who signed).
+ 4. thisUpdate A UTCTime value.
+ 5. nextUpdate A UTCTime value.
+ 6. revokedCertificates 3-tuples of 6a, 6b, and (optional) 6c:
+ 6a. userCertificate A certificate's serial number.
+ 6b. revocationDate UTCTime value for the revocation date.
+ 6c. crlEntryExtensions Optional.
+ 7. crlExtensions Optional.
+
+ $ X.509 public-key certificate
+ (N) A public-key certificate in one of the formats defined by
+ X.509--version 1 (v1), version 2 (v2), or version 3 (v3). (The v1
+ and v2 designations for an X.509 public-key certificate are
+ disjoint from the v1 and v2 designations for an X.509 CRL, and
+ from the v1 designation for an X.509 attribute certificate.)
+
+ (C) An X.509 public-key certificate contains a sequence of data
+ items and has a digital signature computed on that sequence. In
+ addition to the signature, all three versions contain items 1
+ through 7 listed below. Only v2 and v3 certificates may also
+ contain items 8 and 9, and only v3 may contain item 10.
+
+ 1. version Identifies v1, v2, or v3.
+ 2. serialNumber Certificate serial number;
+ an integer assigned by the issuer.
+ 3. signature OID of algorithm that was used to
+ sign the certificate.
+ 4. issuer DN of the issuer (the CA who signed).
+ 5. validity Validity period; a pair of UTCTime
+ values: "not before" and "not after".
+ 6. subject DN of entity who owns the public key.
+ 7. subjectPublicKeyInfo Public key value and algorithm OID.
+ 8. issuerUniqueIdentifier Defined for v2, v3; optional.
+ 9. subjectUniqueIdentifier Defined for v2, v2; optional.
+ 10. extensions Defined only for v3; optional.
+
+
+
+
+Shirey Informational [Page 196]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ $ XTACACS
+ See: (secondary definition under) Terminal Access Controller (TAC)
+ Access Control System.
+
+ $ Yellow Book
+ (D) ISDs SHOULD NOT use this term as a synonym for "Computer
+ Security Requirements: Guidance for Applying the Department of
+ Defense Trusted Computer System Evaluation Criteria in Specific
+ Environments" [CSC3]. Instead, use the full proper name of the
+ document or, in subsequent references, a conventional
+ abbreviation. (See: (usage note under) Green Book, Rainbow
+ Series.)
+
+ $ zeroize
+ (I) Use erasure or other means to render stored data unusable and
+ unrecoverable, particularly a key stored in a cryptographic module
+ or other device.
+
+ (O) Erase electronically stored data by altering the contents of
+ the data storage so as to prevent the recovery of the data.
+ [FP140]
+
+4. References
+
+ This Glossary focuses on the Internet Standards Process. Therefore,
+ this set of references emphasizes international, governmental, and
+ industry standards documents; only a few other texts are listed. RFCs
+ are listed, but not Internet-Drafts, because the latter are not an
+ archival document series and should not be cited or quoted in an RFC.
+
+ [A3092] American National Standards Institute, "American National
+ Standard Data Encryption Algorithm", ANSI X3.92-1981, 30 Dec
+ 1980.
+
+ [A9009] ---, "Financial Institution Message Authentication
+ (Wholesale)", ANSI X9.9-1986, 15 Aug 1986.
+
+ [A9017] ---, "Financial Institution Key Management (Wholesale)",
+ X9.17, 4 Apr 1985. [Defines procedures for the manual and
+ automated management of keying material and uses DES to
+ provide key management for a variety of operational
+ environments.]
+
+ [A9042] ---, "Public key Cryptography for the Financial Service
+ Industry: Agreement of Symmetric Keys Using Diffie-Hellman
+ and MQV Algorithms", X9.42, 29 Jan 1999.
+
+
+
+
+
+Shirey Informational [Page 197]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [A9052] ---, "Triple Data Encryption Algorithm Modes of Operation",
+ X9.52-1998, ANSI approval 9 Nov 1998.
+
+ [A9062] ---, "Public Key Cryptography for the Financial Services
+ Industry: The Elliptic Curve Digital Signature Algorithm
+ (ECDSA)", X9.62-1998, ANSI approval 7 Jan 1999.
+
+ [ABA] American Bar Association, "Digital Signature Guidelines:
+ Legal Infrastructure for Certification Authorities and
+ Secure Electronic Commerce", Chicago, IL, 1 Aug 1996.
+
+ [ACM] Association for Computing Machinery, "Communications of the
+ ACM", Jul 1998 issue with: Minerva M. Yeung, "Digital
+ Watermarking"; Nasir Memom and Ping Wah Wong, "Protecting
+ Digital Media Content"; and Scott Craver, Boon-Lock Yeo, and
+ Minerva Yeung, "Technical Trials and Legal Tribulations".
+
+ [Army] U.S. Army Corps of Engineers, "Electromagnetic Pulse (EMP)
+ and Tempest Protection for Facilities", EP 1110-3-2, 31 Dec
+ 1990.
+
+ [B7799] British Standards Institution, "Information Security
+ Management, Part 1: Code of Practice for Information
+ Security Management", BS 7799-1:1999, effective 15 May 1999.
+
+ ---, ---, "Part 2: Specification for Information Security
+ Management Systems", BS 7799-2:1999, effective 15 May 1999.
+
+ [Bell] D. E. Bell and L. J. LaPadula, "Secure Computer Systems:
+ Mathematical Foundations and Model", M74-244, The MITRE
+ Corporation, Bedford, MA, May 1973. (Available as AD-771543,
+ National Technical Information Service, Springfield, VA.)
+
+ [CCIB] Common Criteria Implementation Board, "Common Criteria for
+ Information Technology Security Evaluation, Part 1:
+ Introduction and General Model", ver. 2.1, CCIB-99-01, Aug
+ 1999.
+
+ [CIPSO] Trusted Systems Interoperability Working Group, "Common IP
+ Security Option", ver. 2.3, 9 Mar 1993. [A "work in
+ progress" that is probably defunct.]
+
+ [CSC1] U.S. Department of Defense Computer Security Center,
+ "Department of Defense Trusted Computer System Evaluation
+ Criteria", CSC-STD-001-83, 15 Aug 1983. (Superseded by
+ [DOD1].)
+
+
+
+
+
+Shirey Informational [Page 198]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [CSC2] ---, "Department of Defense Password Management Guideline",
+ CSC-STD-002-85, 12 Apr 1985.
+
+ [CSC3] ---, "Computer Security Requirements: Guidance for Applying
+ the Department of Defense Trusted Computer System Evaluation
+ Criteria in Specific Environments", CSC-STD-003-85, 25 Jun
+ 1985.
+
+ [CSOR] U.S. Department of Commerce, "General Procedures for
+ Registering Computer Security Objects", National Institute
+ of Standards Interagency Report 5308, Dec 1993.
+
+ [Denn] D. E. Denning, "A Lattice Model of Secure Information Flow",
+ in "Communications of the ACM", vol. 19, no. 5, May 1976,
+ pp. 236-243.
+
+ [DH76] W. Diffie and M. H. Hellman, "New Directions in
+ Cryptography" in "IEEE Transactions on Information Theory",
+ vol. IT-22, no. 6, Nov 1976, pp. 644-654.
+
+ [DOD1] U.S. Department of Defense, "Department of Defense Trusted
+ Computer System Evaluation Criteria", DoD 5200.28-STD, 26
+ Dec 1985. (Supersedes [CSC1].)
+
+ [DOD2] ---, Directive 5200.28, "Security Requirements for Automated
+ Information Systems (AISs)", 21 Mar 1988.
+
+ [DOD3] ---, "X.509 Certificate Policy", ver. 2, Mar 1999.
+
+ [DOD4] ---, "NSA Key Recovery Assessment Criteria", 8 Jun 1998.
+
+ [ElGa] T. El Gamal, "A Public-Key Cryptosystem and a Signature
+ Scheme Based on Discrete Logarithms" in "IEEE Transactions
+ on Information Theory", vol. IT-31, no. 4, 1985, pp. 469-
+ 472.
+
+ [EMV1] Europay International S.A., MasterCard International
+ Incorporated, and Visa International Service Association,
+ "EMV '96 Integrated Circuit Card Specification for Payment
+ Systems", ver. 3.1.1, 31 May 1998.
+
+ [EMV2] ---, "EMV '96 Integrated Circuit Card Terminal Specification
+ for Payment Systems", ver. 3.1.1, 31 May 1998.
+
+ [EMV3] ---, EMV '96 Integrated Circuit Card Application
+ Specification for Payment Systems", ver. 3.1.1, 31 May 1998.
+
+
+
+
+
+Shirey Informational [Page 199]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [For94] W. Ford, "Computer Communications Security: Principles,
+ Standard Protocols and Techniques", ISBN 0-13-799453-2,
+ 1994.
+
+ [For97] W. Ford and M. Baum, "Secure Electronic Commerce: Building
+ the Infrastructure for Digital Signatures and Encryption",
+ ISBN 0-13-476342-4, 1994.
+
+ [FP031] U.S. Department of Commerce, "Guidelines for Automatic Data
+ Processing Physical Security and Risk Management", Federal
+ Information Processing Standards Publication (FIPS PUB) 31,
+ Jun 1974.
+
+ [FP039] ---, "Glossary for Computer Systems Security", FIPS PUB 39,
+ 15 Feb 1976.
+
+ [FP046] ---, "Data Encryption Standard (DES)", FIPS PUB 46-2, 30 Dec
+ 1993.
+
+ [FP081] ---, "DES Modes of Operation", FIPS PUB 81, 2 Dec 1980.
+
+ [FP102] ---, "Guideline for Computer Security Certification and
+ Accreditation", FIPS PUB 102, 27 Sep 1983.
+
+ [FP113] ---, "Computer Data Authentication", FIPS PUB 113, 30 May
+ 1985.
+
+ [FP140] ---, "Security Requirements for Cryptographic Modules", FIPS
+ PUB 140-1, 11 Jan 1994.
+
+ [FP151] ---, "Portable Operating System Interface (POSIX)--System
+ Application Program Interface [C Language]", FIPS PUB 151-2,
+ 12 May 1993
+
+ [FP180] ---, "Secure Hash Standard", FIPS PUB 180-1, 17 Apr 1995.
+
+ [FP185] ---, "Escrowed Encryption Standard", FIPS PUB 185, 9 Feb
+ 1994.
+
+ [FP186] ---, "Digital Signature Standard (DSS)", FIPS PUB 186, 19
+ May 1994.
+
+ [FP188] ---, "Standard Security Label for Information Transfer",
+ FIPS PUB 188, 6 Sep 1994.
+
+ [FPDAM] Collaborative ITU and ISO/IEC meeting on the Directory,
+ "Final Proposed Draft Amendment on Certificate Extensions",
+ April 1999. (This draft proposes changes to [X.509].)
+
+
+
+Shirey Informational [Page 200]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [FPKI] U.S. Department of Commerce, "Public Key Infrastructure
+ (PKI) Technical Specifications: Part A--Technical Concept of
+ Operations", National Institute of Standards, 4 Sep 1998.
+
+ [I3166] International Standards Organization, "Codes for the
+ Representation of Names of countries and Their Subdivisions
+ --Part 1: Country Codes", ISO 3166-1:1997.
+
+ ---, --- "Part 2: Country Subdivision Codes", ISO/DIS 3166-
+ 2.
+
+ ---, --- "Part 3: Codes for Formerly Used Names of
+ Countries", ISO/DIS 3166-3.
+
+ [I7498] ---, "Information Processing Systems--Open Systems
+ Interconnection Reference Model--[Part 1:] Basic Reference
+ Model", ISO/IEC 7498-1. (Equivalent to ITU-T Recommendation
+ X.200.)
+
+ ---, --- "Part 2: Security Architecture", ISO/IEC 7499-2.
+
+ ---, --- "Part 4: Management Framework", ISO/IEC 7498-4.
+
+ [I7812] ---, "Identification cards--Identification of Issuers--Part
+ 1: Numbering System", ISO/IEC 7812-1:1993
+
+ ---, --- "Part 2: Application and Registration Procedures",
+ ISO/IEC 7812-2:1993.
+
+ [I9945] ---, "Portable Operating System Interface for Computer
+ Environments", ISO/IEC 9945-1:1990.
+
+ [I15408] ---, "Information Technology--Security Techniques--
+ Evaluation criteria for IT Security--Part 1: Introduction
+ and General Model", ISO/IEC 15408-1:1999.
+
+ [ITSEC] "Information Technology Security Evaluation Criteria
+ (ITSEC): Harmonised Criteria of France, Germany, the
+ Netherlands, and the United Kingdom", ver. 1.2, U.K.
+ Department of Trade and Industry, Jun 1991.
+
+ [Kahn] David Kahn, "The Codebreakers: The Story of Secret Writing",
+ The Macmillan Company, New York, 1967.
+
+ [Knuth] D. E. Knuth, Chapter 3 ("Random Numbers") in Volume 2
+ ("Seminumerical Algorithms") of "The Art of Computer
+ Programming", Addison-Wesley, Reading, MA, 1969.
+
+
+
+
+Shirey Informational [Page 201]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [Kuhn] Markus G. Kuhn and Ross J. Anderson, "Soft Tempest: Hidden
+ Data Transmission Using Electromagnetic Emanations", in
+ David Aucsmith, ed., "Information Hiding, Second
+ International Workshop, IH'98", Portland, Oregon, USA, 15-17
+ Apr 1998, LNCS 1525, Springer-Verlag, ISBN 3-540-65386-4,
+ pp. 124-142.
+
+ [MISPC] U.S. Department of Commerce, "Minimum Interoperability
+ Specification for PKI Components (MISPC), Version 1",
+ National Institute of Standards Special Publication 800-15,
+ Sep 1997.
+
+ [NCS01] National Computer Security Center, "A Guide to Understanding
+ Audit in Trusted Systems", NCSC-TG-001, 1 Jun 1988. (Part of
+ the Rainbow Series.)
+
+ [NCS04] ---, "Glossary of Computer Security Terms", NCSC-TG-004,
+ ver. 1, 21 Oct 1988. (Part of the Rainbow Series.)
+
+ [NCS05] ---, "Trusted Network Interpretation of the Trusted Computer
+ System Evaluation Criteria", NCSC-TG-005, ver. 1, 31 Jul
+ 1987. (Part of the Rainbow Series.)
+
+ [NCS25] ---, "A Guide to Understanding Data Remanence in Automated
+ Information Systems", NCSC-TG-025, ver. 2, Sep 1991. (Part
+ of the Rainbow Series.)
+
+ [NIST] National Institute of Standards and Technology, "SKIPJACK
+ and KEA Algorithm Specifications", ver. 2, 29 May 1998.
+ (http://csrc.nist.gov/encryption/skipjack-kea.htm)
+
+ [PGP] Simson Garfinkel, "PGP: Pretty Good Privacy", O'Reilly &
+ Associates, Inc., Sebastopol, CA, 1995.
+
+ [PKCS] Burton S. Kaliski, Jr., "An Overview of the PKCS Standards",
+ RSA Data Security, Inc., 3 Jun 1991.
+
+ [PKC07] RSA Laboratories, "PKCS #7: Cryptographic Message Syntax
+ Standard", ver. 1.5, RSA Laboratories Technical Note, 1 Nov
+ 1993.
+
+ [PKC10] ---, "PKCS #10: Certification Request Syntax Standard", ver.
+ 1.0, RSA Laboratories Technical Note, 1 Nov 1993.
+
+ [PKC11] ---, "PKCS #11: Cryptographic Token Interface Standard",
+ ver. 1.0, 28 Apr 1995.
+
+
+
+
+
+Shirey Informational [Page 202]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [R0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, August
+ 1980.
+
+ [R0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September
+ 1981.
+
+ [R0792] Postel, J., "Internet Control Message Protocol", STD 5, RFC
+ 792, September 1981. [See: RFC 1885.]
+
+ [R0793] Postel, J., ed., "Transmission Control Protocol", STD 7, RFC
+ 793, September 1981.
+
+ [R0821] Postel, J., "Simple Mail Transfer Protocol", STD 10, RFC
+ 821, August 1982.
+
+ [R0822] Crocker, D., "Standard for the Format of ARPA Internet Text
+ Messages", STD 11, RFC 822, August 1982.
+
+ [R0854] Postel, J. and J. Reynolds, "TELNET Protocol Specification",
+ STD 8, RFC 854, May 1983.
+
+ [R0959] Postel, J. and J. Reynolds, "File Transfer Protocol (FTP)",
+ STD 9, RFC 959, October 1985.
+
+ [R1034] Mockapetris, P., "Domain Names--Concepts and Facilities",
+ STD 13, RFC 1034, November 1987.
+
+ [R1157] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "A Simple
+ Network Management Protocol (SNMP)" [version 1], STD 15, RFC
+ 1157, May 1990.
+
+ [R1208] Jacobsen O. and D. Lynch, "A Glossary of Networking Terms",
+ RFC 1208, March 1991.
+
+ [R1319] Kaliski, B., "The MD2 Message-Digest Algorithm", RFC 1319,
+ April 1992.
+
+ [R1320] Rivest, R., "The MD4 Message-Digest Algorithm", RFC 1320,
+ April 1992.
+
+ [R1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
+ April 1992.
+
+ [R1334] Lloyd, B. and W. Simpson, "PPP Authentication Protocols",
+ RFC 1334, October 1992.
+
+ [R1413] St. Johns, M., "Identification Protocol", RFC 1413, February
+ 1993.
+
+
+
+Shirey Informational [Page 203]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [R1421] Linn, J., "Privacy Enhancement for Internet Electronic Mail,
+ Part I: Message Encryption and Authentication Procedures",
+ RFC 1421, February 1993.
+
+ [R1422] Kent, S., "Privacy Enhancement for Internet Electronic Mail,
+ Part II: Certificate-Based Key Management", RFC 1422,
+ February 1993.
+
+ [R1455] Eastlake, D., "Physical Link Security Type of Service", RFC
+ 1455, May 1993.
+
+ [R1457] Housley, R., "Security Label Framework for the Internet",
+ RFC 1457, May 1993.
+
+ [R1492] Finseth, C., "An Access Control Protocol, Sometimes Called
+ TACACS", RFC 1492, July 1993.
+
+ [R1507] Kaufman, C., "DASS: Distributed Authentication Security
+ Service", RFC 1507, September 1993.
+
+ [R1510] Kohl, J. and C. Neuman, "The Kerberos Network Authentication
+ Service (V5)", RFC 1510, September 1993.
+
+ [R1591] Kohl, J. and C. Neuman, "Domain Name System Structure and
+ Delegation", March 1994.
+
+ [R1630] Berners-Lee, T., "Universal Resource Identifiers in WWW",
+ RFC 1630, June 1994.
+
+ [R1661] Simpson, W., ed., " The Point-to-Point Protocol (PPP)", STD
+ 51, RFC 1661, July 1994.
+
+ [R1731] Myers, J., "IMAP4 Authentication Mechanisms", RFC 1731,
+ December 1994.
+
+ [R1734] Myers, J., "POP3 AUTHentication Command", RFC 1734, December
+ 1994.
+
+ [R1738] Myers, J., Masinter, L. and M. McCahill, ed's., "Uniform
+ Resource Locators (URL)", RFC 1738, December 1994.
+
+ [R1750] Eastlake, D., Crocker, S. and J. Schiller, "Randomness
+ Recommendations for Security", RFC 1750, December 1994.
+
+ [R1777] Yeong, W., Howes, T. and S. Kille, "Lightweight Directory
+ Access Protocol", RFC 1777, March 1995.
+
+
+
+
+
+Shirey Informational [Page 204]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [R1808] Fielding, R., "Relative Uniform Resource Locators", RFC
+ 1808, June 1995.
+
+ [R1824] Danisch, H., "The Exponential Security System TESS: An
+ Identity-Based Cryptographic Protocol for Authenticated Key-
+ Exchange (E.I.S.S.-Report 1995/4)", RFC 1824, August 1995.
+
+ [R1828] Metzger, P. and W. Simpson, "IP Authentication using Keyed
+ MD5", RFC 1828, August 1995.
+
+ [R1829] Karn, P., Metzger, P. and W. Simpson, "The ESP DES-CBC
+ Transform", RFC 1829, August 1995.
+
+ [R1848] Crocker, S., Freed, N., Galvin, J. and S. Murphy, "MIME
+ Object Security Services", RFC 1848, October 1995.
+
+ [R1851] Karn, P., Metzger, P. and W. Simpson, "The ESP Triple DES
+ Transform", RFC 1851, September 1995.
+
+ [R1866] Berners-Lee, T., "Hypertext Markup Language--2.0", RFC 1866,
+ November 1995.
+
+ [R1885] Conta, A. and S. Deering, "Internet Control Message Protocol
+ (ICMPv6) for the Internet Protocol Version 6 (IPv6)
+ Specification", RFC 1885, December 1995.
+
+ [R1928] Leech, M., Ganis, M., Lee, Y., Kuris, R., Koblas, D. and L.
+ Jones, "SOCKS Protocol Version 5", RFC 1928, March 1996.
+
+ [R1938] Haller, N. and C. Metzion, "A One-Time Password System", RFC
+ 1938, May 1996.
+
+ [R1939] Myers, J. and M. Rose, "Post Office Protocol - Version 3",
+ STD 53, RFC 1939, May 1996.
+
+ [R1958] Carpenter, B., ed., "Architectural Principles of the
+ Internet", RFC 1958, June 1996.
+
+ [R1983] Malkin, G., ed., "Internet Users' Glossary", FYI 18, RFC
+ 1983, August 1996.
+
+ [R1994] Simpson, W. "PPP Challenge Handshake Authentication Protocol
+ (CHAP)", RFC 1994, August 1996.
+
+ [R2023] Postel, J. and J. Reynolds, "Instructions to RFC Authors",
+ RFC 2023, October 1997.
+
+
+
+
+
+Shirey Informational [Page 205]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [R2026] Bradner, S., "The Internet Standards Process--Revision 3",
+ BCP 9, RFC 2026, March 1994.
+
+ [R2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
+ Extensions (MIME) Part One: Format of Internet Message
+ Bodies", RFC 2045, November 1996.
+
+ [R2060] Crispin, M., "Internet Message Access Protocol--Version 4
+ Revision 1", RFC 2060, December 1996.
+
+ [R2065] Eastlake, D., 3rd, "Domain Name System Security Extensions",
+ RFC 2065, January 1997.
+
+ [R2078] Linn, J., "Generic Security Service Application Program
+ Interface, Version 2", RFC 2078, January 1997.
+
+ [R2084] Bossert, G., Cooper, S. and W. Drummond, "Considerations for
+ Web Transaction Security", RFC 2084, January 1997.
+
+ [R2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-
+ Hashing for Message Authentication", RFC 2104, February
+ 1997.
+
+ [R2119] Bradner, S., "Key Words for Use in RFCs To Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+ [R2138] Rigney, C., Rubens, A., Simpson, W. and S. Willens, "Remote
+ Authentication Dial In User Service (RADIUS)", RFC 2138,
+ April 1997.
+
+ [R2137] Eastlake, D., "Secure Domain Name System Dynamic Update",
+ RFC 2137, April 1997.
+
+ [R2179] Gwinn, A., "Network Security For Trade Shows", RFC 2179,
+ July 1997.
+
+ [R2195] Klensin, J., Catoe, R. and P. Krumviede, "IMAP/POP AUTHorize
+ Extension for Simple Challenge/Response", RFC 2195, Sepember
+ 1997.
+
+ [R2196] Fraser, B., "Site Security Handbook", FYI 8, RFC 2196,
+ Sepember 1997.
+
+ [R2202] Cheng, P. and R. Glenn, "Test Cases for HMAC-MD5 and HMAC-
+ SHA-1", RFC 2202, Sepember 1997.
+
+
+
+
+
+
+Shirey Informational [Page 206]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [R2222] Myers, J., "Simple Authentication and Security Layer
+ (SASL)", RFC 2222, October 1997.
+
+ [R2223] Postel, J., "Instructions to RFC Authors", RFC 2223, October
+ 1997.
+
+ [R2246] Dierks, T. and C. Allen, "The TLS Protocol, Version 1.0",
+ RFC 2246, January 1999.
+
+ [R2284] Blunk, L. and J. Vollbrecht, "PPP Extensible Authentication
+ Protocol (EAP)", RFC 2284, March 1998.
+
+ [R2315] Kaliski, B., "PKCS #7: Cryptographic Message Syntax, Version
+ 1.5", RFC 2315, March 1998.
+
+ [R2323] Ramos, A., "IETF Identification and Security Guidelines",
+ RFC 2323, 1 April 1998. [Intended for humorous entertainment
+ ("please laugh loud and hard"); does not contain serious
+ security information.]
+
+ [R2350] Brownlee, N. and E. Guttman, "Expectations for Computer
+ Security Incident Response", RFC 2350, June 1998.
+
+ [R2356] Montenegro, C. and V. Gupta, "Sun's SKIP Firewall Traversal
+ for Mobile IP", RFC 2356, June 1998.
+
+ [R2373] Hinden, R. and S. Deering, "IP Version 6 Addressing
+ Architecture", RFC 2373, July 2998.
+
+ [R2401] Kent, S. and R. Atkinson, "Security Architecture for the
+ Internet Protocol", RFC 2401, November 1998.
+
+ [R2402] Kent, S. and R. Atkinson, "IP Authentication Header", RFC
+ 2402, November 1998.
+
+ [R2403] Madson, C. and R. Glenn, "The Use of HMAC-MD5-96 within ESP
+ and AH", RFC 2403, November 1998.
+
+ [R2404] Madson, C. and R. Glenn, "The Use of HMAC-SHA-1-96 within
+ ESP and AH", RFC 2404, November 1998.
+
+ [R2405] Madson, C. and N. Doraswamy, "The ESP DES-CBC Cipher
+ Algorithm With Explicit IV", RFC 2405, November 1998.
+
+ [R2406] Kent, S. and R. Atkinson, "IP Encapsulating Security Payload
+ (ESP)", RFC 2406, November 1998.
+
+
+
+
+
+Shirey Informational [Page 207]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [R2407] Piper, D., "The Internet IP Security Domain of
+ Interpretation for ISAKMP", RFC 2407, November 1998.
+
+ [R2408] Maughan, D., Schertler, M., Schneider, M. and J. Turner,
+ "Internet Security Association and Key Management Protocol
+ (ISAKMP)", RFC 2408, November 1998.
+
+ [R2409] Harkins, D. and D. Carrel, "The Internet Key Exchange
+ (IKE)", RFC 2409, November 1998.
+
+ [R2410] Glenn, R. and S. Kent, "The NULL Encryption Algorithm and
+ Its Use With IPsec", RFC 2410, November 1998.
+
+ [R2412] Orman, H., "The OAKLEY Key Determination Protocol", RFC
+ 2412, November 1998.
+
+ [R2451] Pereira, R. and R. Adams, "The ESP CBC-Mode Cipher
+ Algorithms", RFC 2451, November 1998.
+
+ [R2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
+ (IPv6) Specification", RFC 2460, December 1998.
+
+ [R2504] Guttman, E., Leong, L. and G. Malkin, "Users' Security
+ Handbook", RFC 2504, February 1999.
+
+ [R2510] Adams, C. and S. Farrell, "Internet X.509 Public Key
+ Infrastructure Certificate Management Protocols", RFC 2510,
+ March 1999.
+
+ [R2527] Chokhani, S. and W. Ford, "Internet X.509 Public Key
+ Infrastructure, Certificate Policy and Certification
+ Practices Framework", RFC 2527, March 1999.
+
+ [R2536] EastLake, D., "DSA KEYs and SIGs in the Domain Name System
+ (DNS)", RFC 2536, March 1999.
+
+ [R2570] Case, J., Mundy, R., Partain, D. and B. Stewart,
+ "Introduction to Version 3 of the Internet-Standard Network
+ Management Framework", RFC 2570, April 1999.
+
+ [R2574] Blumenthal, U. and B. Wijnen, "User-based Security Model
+ (USM) for Version 3 of the Simple Network Management
+ Protocol (SNMPv3)", RFC 2574, April 1999.
+
+ [R2612] Adams, C. and J. Gilchrist, "The CAST-256 Encryption
+ Algorithm", RFC 2612, June 1999.
+
+
+
+
+
+Shirey Informational [Page 208]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [R2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter,
+ L., Leach, P. and T. Berners-Lee, "Hypertext Transfer
+ Protocol-- HTTP/1.1", RFC 2616, June 1999.
+
+ [R2628] Smyslov, V., "Simple Cryptographic Program Interface", RFC
+ 2628, June 1999.
+
+ [R2630] Housley, R., "Cryptographic Message Syntax", RFC 2630, June
+ 1999.
+
+ [R2631] Rescorla, E., "Diffie-Hellman Key Agreement Method", RFC
+ 2631, June 1999.
+
+ [R2633] Ramsdell, B., ed., "S/MIME Version 3 Message Specification",
+ RFC 2633, June 1999.
+
+ [R2634] Hoffman, P., ed., "Enhanced Security Services for S/MIME",
+ RFC 2634, June 1999.
+
+ [R2635] Hambridge, S. and A. Lunde, "Don't Spew: A Set of Guidelines
+ for Mass Unsolicited Mailings and Postings", RFC 2635, June
+ 1999.
+
+ [Raym] E. S. Raymond, ed., "The On-Line Hacker Jargon File", ver.
+ 4.0.0, 24 Jul 1996. (Also available as "The New Hacker's
+ Dictionary", 2nd edition, MIT Press, Sep 1993, ISBN 0-262-
+ 18154-1. See: http://www.tuxedo.org/jargon/ for the latest
+ version.)
+
+ [Russ] D. Russell and G. T. Gangemi Sr., Chapter 10 ("TEMPEST") in
+ "Computer Security Basics", ISBN 0-937175-71-4, 1991.
+
+ [Schn] B. Schneier, "Applied Cryptography", John Wiley & Sons,
+ Inc., New York, 1994.
+
+ [SDNS3] U.S. Department of Defense, National Security Agency,
+ "Secure Data Network Systems, Security Protocol 3 (SP3)",
+ document SDN.301, Revision 1.5, 15 May 1989.
+
+ [SDNS4] ---, ---, "Security Protocol 4 (SP4)", document SDN.401,
+ Revision 1.2, 12 Jul 1988.
+
+ [SDNS7] ---, ---, "Secure data Network System, Message Security
+ Protocol (MSP)", document SDN.701, Revision 4.0, 7 Jun 1996,
+ with Corrections to Message Security Protocol, SDN.701, Rev
+ 4.0", 96-06-07, 30 Aug, 1996.
+
+
+
+
+
+Shirey Informational [Page 209]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+ [SET1] MasterCard and Visa, "SET Secure Electronic Transaction
+ Specification, Book 1: Business Description", ver. 1.0, 31
+ May 1997.
+
+ [SET2] ---, "SET Secure Electronic Transaction Specification, Book
+ 2: Programmer's Guide", ver. 1.0, 31 May 1997.
+
+ [Stei] J. Steiner, C. Neuman, and J. Schiller, "Kerberos: An
+ Authentication Service for Open Network Systems" in "Usenix
+ Conference Proceedings", Feb 1988.
+
+ [X400] International Telecommunications Union--Telecommunication
+ Standardization Sector (formerly "CCITT"), Recommendation
+ X.400, "Message Handling Services: Message Handling System
+ and Service Overview".
+
+ [X500] ---, Recommendation X.500, "Information Technology--Open
+ Systems Interconnection--The Directory: Overview of
+ Concepts, Models, and Services". (Equivalent to ISO 9594-1.)
+
+ [X501] ---, Recommendation X.501, "Information Technology--Open
+ Systems Interconnection--The Directory: Models".
+
+ [X509] ---, Recommendation X.509, "Information Technology--Open
+ Systems Interconnection--The Directory: Authentication
+ Framework". (Equivalent to ISO 9594-8.)
+
+ [X519] ---, Recommendation X.519, "Information Technology--Open
+ Systems Interconnection--The Directory: Protocol
+ Specifications".
+
+ [X520] ---, Recommendation X.520, "Information Technology--Open
+ Systems Interconnection--The Directory: Selected Attribute
+ Types".
+
+ [X680] ---, Recommendation X.680, "Information Technology--Abstract
+ Syntax Notation One (ASN.1)--Specification of Basic
+ Notation", 15 Nov 1994. (Equivalent to ISO/IEC 8824-1.)
+
+ [X690] ---, Recommendation X.690, "Information Technology--ASN.1
+ Encoding Rules--Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished Encoding
+ Rules (DER)", 15 Nov 1994. (Equivalent to ISO/IEC 8825-1.)
+
+
+
+
+
+
+
+
+Shirey Informational [Page 210]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+5. Security Considerations
+
+ This document only defines security terms and recommends how to use
+ them. It does not describe in detail the vulnerabilities of, threats
+ to, or mechanisms that protect specific Internet protocols.
+
+6. Acknowledgments
+
+ Pat Cain, Mike Kong, and Charles Lynn provided meticulous comments on
+ an early draft.
+
+7. Author's Address
+
+ Please address all comments to:
+
+ Robert W. Shirey GTE / BBN Technologies
+ EMail: rshirey@bbn.com Suite 1200, Mail Stop 30/12B2
+ Phone: +1 (703) 284-4641 1300 Seventeenth Street North
+ Fax: +1 (703) 284-2766 Arlington, VA 22209-3801 USA
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Shirey Informational [Page 211]
+
+RFC 2828 Internet Security Glossary May 2000
+
+
+8. Full Copyright Statement
+
+ Copyright (C) The Internet Society (2000). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph are
+ included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assigns.
+
+ This document and the information contained herein is provided on an
+ "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+ TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
+ BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
+ HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Shirey Informational [Page 212]
+