Glossary

An unauthorized attempt to break into a computer system.

An unauthorized person who actively seeks ways to gain control of computer systems.

An unsophisticated attack. In the simplest form, this attack simply tries to guess passwords or encryption keys by generating strings one after another, until it finds a match. Complex examples of this attack might use dictionaries of common words or common passwords. Theoretically, all encryption is susceptible if the attacking system has infinite resources (memory and time).

Trusted third parties that issue digital certificates for use by other parties to validate public keys.

Malicious attackers interested in taking things apart for personal gain or mischief.

Demilitarized zone. A firewall configuration that secures local area networks (LANs).

Tools and methods that prey upon a system's vulnerabilities. Viruses, worms, and Trojans are the automation of exploits.

The unique information by which systems, components, OSs, and so on are identifiable.

A person interested in figuring out how things work by taking them apart and putting them back together in different, interesting, and (hopefully) better ways.

The process of securing a computer system through expert configuration, especially to protect against attackers.

Software intentionally designed for a harmful purpose (portmanteau of "MALicious softWARE”).

Concerning digital security, non-repudiation is proof that a message has been sent or received. This is typically important in situations such as banking (and other instances) where the initiation of a transaction must be verified as well as the proof that the transaction was completed. In other words, non-repudiation of origin proves the sending of data, and non-repudiation of delivery proves the reception of data.

Pluggable Authentication Modules. A set of modules that enable the decoupling of common security services from the components that need them. These modules include, among other provisions, the ability to check for password strength and account policies.

The act of sending an e-mail falsely claiming to be an established, legitimate enterprise in an attempt to obtain private information to be used for identity theft. The e-mail directs recipients to visit a Web site where they are asked to update personal information.

A system should grant users, or processes, only the privileges needed for the immediate task. Some security flaws enable the escalation of privilege, which means that a user or process obtains a higher-level permission allowing a malicious intruder to circumvent the access controls that were set for the previous privilege level. Many applications, including many server applications, require some root-level privileges. If these privileges are compromised, these applications can allow an intruder full root privileges.

A quantifiable assessment of security, represented by this pseudo-formula:

(Threat – Countermeasure) x Value ⇒ Risk

A set of software tools intended to conceal running processes, files, or system data, thereby helping an intruder to maintain access to a system while avoiding detection.

A declarative document that identifies computer systems and components that need safeguarding and defines the degree to which they should receive protection, but does not define how this is done.

The unique means by which you can identify an attack, virus, Trojan, or worm.

A specific security flaw.

A state in which a system or component is susceptible to an exploit or exposed to security risk.

A set of items that are explicitly trusted. Items can be network addresses, users, e-mail addresses, and so on.

Attacks for which no signature exists.