NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

More documents

Recommendations

Info

NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Spoofing – Involves— 1) the ability to receive a message by masquerading as the legitimate receiving destination, or 2) masquerading as the sending machine and sending a message to a destination. SOURCE: FIPS 191 1. Faking the sending address of a transmission to gain illegal entry into a secure system. Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing. 2. The deliberate inducement of a user or resource to take incorrect action. SOURCE: CNSSI-4009 Spread Spectrum – Telecommunications techniques in which a signal is transmitted in a bandwidth considerably greater than the frequency content of the original information. Frequency hopping, direct sequence spreading, time scrambling, and combinations of these techniques are forms of spread spectrum. SOURCE: CNSSI-4009 Spyware – Software that is secretly or surreptitiously installed into an information system to gather information on individuals or organizations without their knowledge; a type of malicious code. SOURCE: SP 800-53; CNSSI-4009 SSL – See Secure Sockets Layer. Standard – A published statement on a topic specifying characteristics, usually measurable, that must be satisfied or achieved in order to comply with the standard. SOURCE: FIPS 201 Start-Up KEK Key-encryption-key held in common by a group of potential communicating entities and used to establish ad hoc tactical networks. SOURCE: CNSSI-4009 State – Intermediate Cipher result that can be pictured as a rectangular array of bytes. SOURCE: FIPS 197 Static Key – A key that is intended for use for a relatively long period of time and is typically intended for use in many instances of a cryptographic key establish scheme SOURCE: SP 800-57 Pg 182
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Steganography – The art and science of communicating in a way that hides the existence of the communication. For example, a child pornography image can be hidden inside another graphic image file, audio file, or other file format. SOURCE: SP 800-72; SP 800-101 The art, science, and practice of communicating in a way that hides the existence of the communication. SOURCE: CNSSI-4009 Storage Object – Object supporting both read and write accesses to an information system. SOURCE: CNSSI-4009 Strength of Mechanism (SoM) – A scale for measuring the relative strength of a security mechanism. SOURCE: CNSSI-4009 Striped Core – A network architecture in which user data traversing a core IP network is decrypted, filtered and re-encrypted one or more times. Note: The decryption, filtering, and re-encryption are performed within a “Red gateway”; consequently, the core is “striped” because the data path is alternately Black, Red, and Black. SOURCE: CNSSI-4009 Strong Authentication – The requirement to use multiple factors for authentication and advanced technology, such as dynamic passwords or digital certificates, to verify an entity’s identity. SOURCE: CNSSI-4009 Subassembly – Major subdivision of an assembly consisting of a package of parts, elements, and circuits that perform a specific function. SOURCE: CNSSI-4009 Subject – The person whose identity is bound to a particular credential. SOURCE: SP 800-63 Generally an individual, process, or device causing information to flow among objects or changes to the system state. See Object. SOURCE: SP 800-53 An active entity (generally an individual, process, or device) that causes information to flow among objects or changes the system state. See also object. SOURCE: CNSSI-4009 Pg 183
Page 2 and 3:
NIST IR 7298 Revision 1 Glossary of
Page 4 and 5:
NIST IR 7298 Revision 1, Glossary o
Page 6 and 7:
Page 8 and 9:
Page 10 and 11:
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133: NIST IR 7298 Revision 1, Glossary o
Page 210 and 211: NIST IR 7298, Glossary of Key Infor
show all

NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

Create successful ePaper yourself

Delete template?

Save as template?