NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
NISTIR 7298 Revision 1, Glossary of Key Information Security Terms NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Secret Key (symmetric) Cryptographic Algorithm – A cryptographic algorithm that uses a single secret key for both encryption and decryption. SOURCE: FIPS 140-2 A cryptographic algorithm that uses a single key (i.e., a secret key) for both encryption and decryption. SOURCE: CNSSI-4009 Secret Seed – A secret value used to initialize a pseudorandom number generator. SOURCE: CNSSI-4009 Secure/Multipurpose Internet Mail Extensions (S/MIME) – A set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard [MIME] and describes a protocol for adding cryptographic security services through MIME encapsulation of digitally signed and encrypted objects. The basic security services offered by S/MIME are authentication, nonrepudiation of origin, message integrity, and message privacy. Optional security services include signed receipts, security labels, secure mailing lists, and an extended method of identifying the signer’s certificate(s). SOURCE: SP 800-49; CNSSI-4009 Secure Communication Protocol – A communication protocol that provides the appropriate confidentiality, authentication, and content integrity protection. SOURCE: SP 800-57; CNSSI-4009 Secure Communications – Telecommunications deriving security through use of NSA-approved products and/or Protected Distribution Systems. SOURCE: CNSSI-4009 Secure DNS (SECDNS) – Configuring and operating DNS servers so that the security goals of data integrity and source authentication are achieved and maintained. SOURCE: SP 800-81 Secure Erase – An overwrite technology using firmware-based process to overwrite a hard drive. Is a drive command defined in the ANSI ATA and SCSI disk drive interface specifications, which runs inside drive hardware. It completes in about 1/8 the time of 5220 block erasure. SOURCE: SP 800-88 Secure Hash Algorithm (SHA) – A hash algorithm with the property that is computationally infeasible 1) to find a message that corresponds to a given message digest, or 2) to find two different messages that produce the same message digest. SOURCE: CNSSI-4009 Pg 166
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Secure Hash Standard – Secure Socket Layer (SSL) – This Standard specifies four secure hash algorithms – SHA-1, SHA- 256, SHA-384, and SHA-512 – for computing a condensed representation of electronic data (message). When a message of any length
- Page 116 and 117: NIST IR 7298 Revision 1, Glossary o
- Page 118 and 119: NIST IR 7298 Revision 1, Glossary o
- Page 120 and 121: NIST IR 7298 Revision 1, Glossary o
- Page 122 and 123: NIST IR 7298 Revision 1, Glossary o
- Page 124 and 125: NIST IR 7298 Revision 1, Glossary o
- Page 126 and 127: NIST IR 7298 Revision 1, Glossary o
- Page 128 and 129: NIST IR 7298 Revision 1, Glossary o
- Page 130 and 131: NIST IR 7298 Revision 1, Glossary o
- Page 132 and 133: NIST IR 7298 Revision 1, Glossary o
- Page 134 and 135: NIST IR 7298 Revision 1, Glossary o
- Page 136 and 137: NIST IR 7298 Revision 1, Glossary o
- Page 138 and 139: NIST IR 7298 Revision 1, Glossary o
- Page 140 and 141: NIST IR 7298 Revision 1, Glossary o
- Page 142 and 143: NIST IR 7298 Revision 1, Glossary o
- Page 144 and 145: NIST IR 7298 Revision 1, Glossary o
- Page 146 and 147: NIST IR 7298 Revision 1, Glossary o
- Page 148 and 149: NIST IR 7298 Revision 1, Glossary o
- Page 150 and 151: NIST IR 7298 Revision 1, Glossary o
- Page 152 and 153: NIST IR 7298 Revision 1, Glossary o
- Page 154 and 155: NIST IR 7298 Revision 1, Glossary o
- Page 156 and 157: NIST IR 7298 Revision 1, Glossary o
- Page 158 and 159: NIST IR 7298 Revision 1, Glossary o
- Page 160 and 161: NIST IR 7298 Revision 1, Glossary o
- Page 162 and 163: NIST IR 7298 Revision 1, Glossary o
- Page 164 and 165: NIST IR 7298 Revision 1, Glossary o
- Page 168 and 169: NIST IR 7298 Revision 1, Glossary o
- Page 170 and 171: NIST IR 7298 Revision 1, Glossary o
- Page 172 and 173: NIST IR 7298 Revision 1, Glossary o
- Page 174 and 175: NIST IR 7298 Revision 1, Glossary o
- Page 176 and 177: NIST IR 7298 Revision 1, Glossary o
- Page 178 and 179: NIST IR 7298 Revision 1, Glossary o
- Page 180 and 181: NIST IR 7298 Revision 1, Glossary o
- Page 182 and 183: NIST IR 7298 Revision 1, Glossary o
- Page 184 and 185: NIST IR 7298 Revision 1, Glossary o
- Page 186 and 187: NIST IR 7298 Revision 1, Glossary o
- Page 188 and 189: NIST IR 7298 Revision 1, Glossary o
- Page 190 and 191: NIST IR 7298 Revision 1, Glossary o
- Page 192 and 193: NIST IR 7298 Revision 1, Glossary o
- Page 194 and 195: NIST IR 7298 Revision 1, Glossary o
- Page 196 and 197: NIST IR 7298 Revision 1, Glossary o
- Page 198 and 199: NIST IR 7298 Revision 1, Glossary o
- Page 200 and 201: NIST IR 7298 Revision 1, Glossary o
- Page 202 and 203: NIST IR 7298 Revision 1, Glossary o
- Page 204 and 205: NIST IR 7298 Revision 1, Glossary o
- Page 206 and 207: NIST IR 7298 Revision 1, Glossary o
- Page 208 and 209: NIST IR 7298 Revision 1, Glossary o
- Page 210 and 211: NIST IR 7298, Glossary of Key Infor
NIST IR <strong>7298</strong> <strong>Revision</strong> 1, <strong>Glossary</strong> <strong>of</strong> <strong>Key</strong> <strong>Information</strong> <strong>Security</strong> <strong>Terms</strong><br />
Secret <strong>Key</strong> (symmetric)<br />
Cryptographic Algorithm –<br />
A cryptographic algorithm that uses a single secret key for both<br />
encryption and decryption.<br />
SOURCE: FIPS 140-2<br />
A cryptographic algorithm that uses a single key (i.e., a secret key)<br />
for both encryption and decryption.<br />
SOURCE: CNSSI-4009<br />
Secret Seed – A secret value used to initialize a pseudorandom number generator.<br />
SOURCE: CNSSI-4009<br />
Secure/Multipurpose Internet Mail<br />
Extensions (S/MIME) –<br />
A set <strong>of</strong> specifications for securing electronic mail. S/MIME is based<br />
upon the widely used MIME standard [MIME] and describes a<br />
protocol for adding cryptographic security services through MIME<br />
encapsulation <strong>of</strong> digitally signed and encrypted objects. The basic<br />
security services <strong>of</strong>fered by S/MIME are authentication, nonrepudiation<br />
<strong>of</strong> origin, message integrity, and message privacy.<br />
Optional security services include signed receipts, security labels,<br />
secure mailing lists, and an extended method <strong>of</strong> identifying the<br />
signer’s certificate(s).<br />
SOURCE: SP 800-49; CNSSI-4009<br />
Secure Communication Protocol – A communication protocol that provides the appropriate<br />
confidentiality, authentication, and content integrity protection.<br />
SOURCE: SP 800-57; CNSSI-4009<br />
Secure Communications – Telecommunications deriving security through use <strong>of</strong> NSA-approved<br />
products and/or Protected Distribution Systems.<br />
SOURCE: CNSSI-4009<br />
Secure DNS (SECDNS) –<br />
Configuring and operating DNS servers so that the security goals <strong>of</strong><br />
data integrity and source authentication are achieved and maintained.<br />
SOURCE: SP 800-81<br />
Secure Erase – An overwrite technology using firmware-based process to overwrite<br />
a hard drive. Is a drive command defined in the ANSI ATA and<br />
SCSI disk drive interface specifications, which runs inside drive<br />
hardware. It completes in about 1/8 the time <strong>of</strong> 5220 block erasure.<br />
SOURCE: SP 800-88<br />
Secure Hash Algorithm (SHA) –<br />
A hash algorithm with the property that is computationally infeasible<br />
1) to find a message that corresponds to a given message digest, or 2)<br />
to find two different messages that produce the same message digest.<br />
SOURCE: CNSSI-4009<br />
Pg 166