RFC 4949
Internet Security Glossary, Version 2
$ collateral information
(O) /U.S. Government/ Information that is classified but is not
required to be protected by an SAP. (See: /U.S. Government/
classified.)
$ color change
(I) In a system being operated in periods-processing mode, the act
of purging all information from one processing period and then
changing over to the next processing period. (See: BLACK, RED.)
$ Commercial COMSEC Evaluation Program (CCEP)
(O) "Relationship between NSA and industry in which NSA provides
the COMSEC expertise (i.e., standards, algorithms, evaluations,
and guidance) and industry provides design, development, and
production capabilities to produce a type 1 or type 2 product."
[C4009]
$ commercially licensed evaluation facility (CLEF)
(N) An organization that has official approval to evaluate the
security of products and systems under the Common Criteria, ITSEC,
or some other standard. (Compare: KLIF.)
$ Committee on National Security Systems (CNSS)
(O) /U.S. Government/ A Government, interagency, standing
committee of the President's Critical Infrastructure Protection
Board. The CNSS is chaired by the Secretary of Defense and
provides a forum for the discussion of policy issues, sets
national policy, and promulgates direction, operational
procedures, and guidance for the security of national security
systems. The Secretary of Defense and the Director of Central
Intelligence are responsible for developing and overseeing the
implementation of Government-wide policies, principles, standards,
and guidelines for the security of systems that handle national
security information.
$ Common Criteria for Information Technology Security
(N) A standard for evaluating information technology (IT) products
and systems. It states requirements for security functions and for
assurance measures. [CCIB] (See: CLEF, EAL, packages, protection
profile, security target, TOE. Compare: CMM.)
Tutorial: Canada, France, Germany, the Netherlands, the United
Kingdom, and the United States (NIST and NSA) began developing
this standard in 1993, based on the European ITSEC, the Canadian
Trusted Computer Product Evaluation Criteria (CTCPEC), and the
U.S. "Federal Criteria for Information Technology Security" and
its precursor, the TCSEC. Work was done in cooperation with
ISO/IEC Joint Technical Committee 1 (Information Technology),
Subcommittee 27 (Security Techniques), Working Group 3 (Security
Criteria). Version 2.0 of the Criteria has been issued as ISO's
International Standard 15408. The U.S. Government intends this
standard to supersede both the TCSEC and FIPS PUB 140. (See:
NIAP.)
The standard addresses data confidentiality, data integrity, and
availability and may apply to other aspects of security. It
focuses on threats to information arising from human activities,
malicious or otherwise, but may apply to non-human threats. It
applies to security measures implemented in hardware, firmware, or
software. It does not apply to (a) administrative security not
related directly to technical security, (b) technical physical
aspects of security such as electromagnetic emanation control, (c)
evaluation methodology or administrative and legal framework under
which the criteria may be applied, (d) procedures for use of
evaluation results, or (e) assessment of inherent qualities of
cryptographic algorithms.
Part 1, Introduction and General Model, defines general concepts
and principles of IT security evaluation; presents a general model
of evaluation; and defines constructs for expressing IT security
objectives, for selecting and defining IT security requirements,
and for writing high-level specifications for products and
systems.
Part 2, Security Functional Requirements, contains a catalog of
well-defined and well-understood functional requirement statements
that are intended to be used as a standard way of expressing the
security requirements for IT products and systems.
Part 3, Security Assurance Requirements, contains a catalog of
assurance components for use as a standard way of expressing such
requirements for IT products and systems, and defines evaluation
criteria for protection profiles and security targets.
$ Common IP Security Option (CIPSO)
(I) See: secondary definition under "IPSO".
$ common name
(N) A character string that (a) may be a part of the X.500 DN of a
Directory object ("commonName" attribute), (b) is a (possibly
ambiguous) name by which the object is commonly known in some
limited scope (such as an organization), and (c) conforms to the
naming conventions of the country or culture with which it is
associated. [X520] (See: "subject" and "issuer" under "X.509
public-key certificate".)
Examples: "Dr. Albert Einstein", "The United Nations", and "12-th
Floor Laser Printer".
$ communications cover
(N) "Concealing or altering of characteristic communications
patterns to hide information that could be of value to an
adversary." [C4009] (See: operations security, traffic-flow
confidentiality, TRANSEC.)
$ communication security (COMSEC)
(I) Measures that implement and assure security services in a
communication system, particularly those that provide data
confidentiality and data integrity and that authenticate
communicating entities.
Usage: COMSEC is usually understood to include (a) cryptography
and its related algorithms and key management methods and
processes, devices that implement those algorithms and processes,
and the lifecycle management of the devices and keying material.
Also, COMSEC is sometimes more broadly understood as further
including (b) traffic-flow confidentiality, (c) TRANSEC, and (d)
steganography [Kahn]. (See: cryptology, signal security.)
$ community of interest (COI)
1. (I) A set of entities that operate under a common security
policy. (Compare: domain.)
2. (I) A set of entities that exchange information collaboratively
for some purpose.
$ community risk
(N) Probability that a particular vulnerability will be exploited
within an interacting population and adversely affect some members
of that population. [C4009] (See: Morris worm, risk.)
$ community string
(I) A community name in the form of an octet string that serves as
a cleartext password in SNMP version 1 (RFC 1157) and version 2
(RFC 1901). (See: password, Simple Network Management Protocol.)
Tutorial: The SNMPv1 and SNMPv2 protocols have been declared
"historic" and have been replaced by the more secure SNMPv3
standard (RFCs 3410-3418), which does not use cleartext passwords.
$ compartment
1. (I) A grouping of sensitive information items that require
special access controls beyond those normally provided for the
basic classification level of the information. (See: compartmented
security mode. Compare: category, classification.)
Usage: The term is usually understood to include the special
handling procedures to be used for the information.
2. (I) Synonym for "category".
Deprecated Usage: This Glossary defines "category" with a slightly
narrower meaning than "compartment". That is, a security label is
assigned to a category because the data owner needs to handle the
data as a compartment. However, a compartment could receive
special protection in a system without being assigned a category
label.
$ compartmented security mode
(N) A mode of system operation wherein all users having access to
the system have the necessary security clearance for the single,
hierarchical classification level of all data handled by the
system, but some users do not have the clearance for a non-
hierarchical category of some data handled by the system. (See:
category, /system operation/ under "mode", protection level,
security clearance.)
Usage: Usually abbreviated as "compartmented mode". This term was
defined in U.S. Government policy on system accreditation. In this
mode, a system may handle (a) a single hierarchical classification
level and (b) multiple non-hierarchical categories within that
level.
$ Compartments field
(I) A 16-bit field (the "C field") that specifies compartment
values in the security option (option type 130) of version 4 IP's
datagram header format. The valid field values are assigned by the
U.S. Government, as specified in RFC 791.
Deprecated Abbreviation: IDOCs SHOULD NOT use the abbreviation "C
field"; the abbreviation is potentially ambiguous. Instead, use
"Compartments field".
$ component
See: system component.
$ compression
(I) A process that encodes information in a way that minimizes the
number of resulting code symbols and thus reduces storage space or
transmission time.
Tutorial: A data compression algorithm may be "lossless", i.e.,
retain all information that was encoded in the data, so that
decompression can recover all the information; or an algorithm may
be "lossy". Text usually needs to be compressed losslessly, but
images are often compressed with lossy schemes.
Not all schemes that encode information losslessly for machine
processing are efficient in terms of minimizing the number of
output bits. For example, ASCII encoding is lossless, but ASCII
data can often be losslessly reencoded in fewer bits with other
schemes. These more efficient schemes take advantage of some sort
of inherent imbalance, redundancy, or repetition in the data, such
as by replacing a character string in which all characters are the
same by a shorter string consisting of only the single character
and a character count.
Lossless compression schemes cannot effectively reduce the number
of bits in cipher text produced by a strong encryption algorithm,
because the cipher text is essentially a pseudorandom bit string
that does not contain patterns susceptible to reencoding.
Therefore, protocols that offer both encryption and compression
services (e.g., SSL) need to perform the compression operation
before the encryption operation.
$ compromise
See: data compromise, security compromise.
$ compromise recovery
(I) The process of regaining a secure state for a system after
detecting that the system has experienced a security compromise.
$ compromised key list (CKL)
(N) /MISSI/ A list that identifies keys for which unauthorized
disclosure or alteration may have occurred. (See: compromise.)
Tutorial: A CKL is issued by a CA, like a CRL is issued. But a CKL
lists only KMIDs, not subjects that hold the keys, and not
certificates in which the keys are bound.
$ COMPUSEC
(I) See: computer security.
$ computer emergency response team (CERT)
(I) An organization that studies computer and network INFOSEC in
order to provide incident response services to victims of attacks,
publish alerts concerning vulnerabilities and threats, and offer
other information to help improve computer and network security.
(See: CSIRT, security incident.)
Examples: CERT Coordination Center at Carnegie Mellon University
(sometimes called "the" CERT); CIAC.
$ Computer Incident Advisory Capability (CIAC)
(O) The centralized CSIRT of the U.S. Department of Energy; a
member of FIRST.
$ computer network
(I) A collection of host computers together with the subnetwork or
internetwork through which they can exchange data.
Usage: This definition is intended to cover systems of all sizes
and types, ranging from the complex Internet to a simple system
composed of a personal computer dialing in as a remote terminal of
another computer.
$ computer platform
(I) A combination of computer hardware and an operating system
(which may consist of software, firmware, or both) for that
hardware. (Compare: computer system.)
$ computer security (COMPUSEC)
1. (I) Measures to implement and assure security services in a
computer system, particularly those that assure access control
service.
Usage: Usually refers to internal controls (functions, features,
and technical characteristics) that are implemented in software
(especially in operating systems); sometimes refers to internal
controls implemented in hardware; rarely used to refer to external
controls.
2. (O) "The protection afforded to an automated information system
in order to attain the applicable objectives of preserving the
integrity, availability and confidentiality of information system
resources (includes hardware, software, firmware,
information/data, and telecommunications)." [SP12]
$ computer security incident response team (CSIRT)
(I) An organization "that coordinates and supports the response to
security incidents that involve sites within a defined
constituency." [R2350] (See: CERT, FIRST, security incident.)
Tutorial: To be considered a CSIRT, an organization must do as
follows: (a) Provide a (secure) channel for receiving reports
about suspected security incidents. (b) Provide assistance to
members of its constituency in handling the incidents. (c)
Disseminate incident-related information to its constituency and
other involved parties.
$ computer security object
(I) The definition or representation of a resource, tool, or
mechanism used to maintain a condition of security in computerized
environments. Includes many items referred to in standards that
are either selected or defined by separate user communities.
[CSOR] (See: object identifier, Computer Security Objects
Register.)
$ Computer Security Objects Register (CSOR)
(N) A service operated by NIST is establishing a catalog for
computer security objects to provide stable object definitions
identified by unique names. The use of this register will enable
the unambiguous specification of security parameters and
algorithms to be used in secure data exchanges. (See: object
identifier.)
Tutorial: The CSOR follows registration guidelines established by
the international standards community and ANSI. Those guidelines
establish minimum responsibilities for registration authorities
and assign the top branches of an international registration
hierarchy. Under that international registration hierarchy, the
CSOR is responsible for the allocation of unique identifiers under
the branch: {joint-iso-ccitt(2) country(16) us(840)
organization(1) gov(101) csor(3)}.
$ computer system
(I) Synonym for "information system", or a component thereof.
(Compare: computer platform.)
$ Computers At Risk
(O) The 1991 report [NRC91] of the System Security Study
Committee, sponsored by the U.S. National Academy of Sciences and
supported by the Defense Advanced Research Projects Agency of the
U.S. DoD. It made many recommendations for industry and
governments to improve computer security and trustworthiness. Some
of the most important recommendations (e.g., establishing an
Information Security Foundation chartered by the U.S. Government)
have not been implemented at all, and others (e.g., codifying
Generally Accepted System Security Principles similar to
accounting principles) have been implemented but not widely
adopted [SP14, SP27].
$ COMSEC
(I) See: communication security.
$ COMSEC account
(O) /U.S. Government/ "Administrative entity, identified by an
account number, used to maintain accountability, custody, and
control of COMSEC material." [C4009] (See: COMSEC custodian.)
$ COMSEC accounting
(O) /U.S. Government/ The process of creating, collecting, and
maintaining data records that describe the status and custody of
designated items of COMSEC material. (See: accounting legend
code.)
Tutorial: Almost any secure information system needs to record a
security audit trail, but a system that manages COMSEC material
needs to record additional data about the status and custody of
COMSEC items.
- COMSEC tracking: The process of automatically collecting,
recording, and managing information that describes the status
of designated items of COMSEC material at all times during each
product's lifecycle.
- COMSEC controlling: The process of supplementing tracking data
with custody data, which consists of explicit acknowledgements
of system entities that they (a) have received specific COMSEC
items and (b) are responsible for preventing exposure of those
items.
For example, a key management system that serves a large customer
base needs to record tracking data for the same reasons that a
national parcel delivery system does, i.e., to answer the question
"Where is that thing now?". If keys are encrypted immediately upon
generation and handled only in BLACK form between the point of
generation and the point of use, then tracking may be all that is
needed. However, in cases where keys are handled at least partly
in RED form and are potentially subject to exposure, then tracking
needs to be supplemented by controlling.
Data that is used purely for tracking need be retained only
temporarily, until an item's status changes. Data that is used for
controlling is retained indefinitely to ensure accountability and
support compromise recovery.
$ COMSEC boundary
(N) "Definable perimeter encompassing all hardware, firmware, and
software components performing critical COMSEC functions, such as
key generation and key handling and storage." [C4009] (Compare:
cryptographic boundary.)
$ COMSEC custodian
(O) /U.S. Government/ "Individual designated by proper authority
to be responsible for the receipt, transfer, accounting,
safeguarding, and destruction of COMSEC material assigned to a
COMSEC account." [C4009]
$ COMSEC material
(N) /U.S. Government/ Items designed to secure or authenticate
communications or information in general; these items include (but
are not limited to) keys; equipment, devices, documents, firmware,
and software that embodies or describes cryptographic logic; and
other items that perform COMSEC functions. [C4009] (Compare:
keying material.)
$ COMSEC Material Control System (CMCS)
(O) /U.S. Government/ "Logistics and accounting system through
which COMSEC material marked 'CRYPTO' is distributed, controlled,
and safeguarded." [C4009] (See: COMSEC account, COMSEC custodian.)
$ confidentiality
See: data confidentiality.
$ concealment system
(O) "A method of achieving confidentiality in which sensitive
information is hidden by embedding it in irrelevant data." [NCS04]
(Compare: steganography.)
$ configuration control
(I) The process of regulating changes to hardware, firmware,
software, and documentation throughout the development and
operational life of a system. (See: administrative security,
harden, trusted distribution.)
Tutorial: Configuration control helps protect against unauthorized
or malicious alteration of a system and thus provides assurance of
system integrity. (See: malicious logic.)
$ confinement property
(N) /formal model/ Property of a system whereby a subject has
write access to an object only if the classification of the object
dominates the clearance of the subject. (See: *-property, Bell-
LaPadula model.)
$ constraint
(I) /access control/ A limitation on the function of an identity,
role, or privilege. (See: rule-based access control.)
Tutorial: In effect, a constraint is a form of security policy and
may be either static or dynamic:
- "Static constraint": A constraint that must be satisfied at the
time the policy is defined, and then continues to be satisfied
until the constraint is removed.
- "Dynamic constraint": A constraint that may be defined to apply
at various times that the identity, role, or other object of
the constraint is active in the system.
$ content filter
(I) /World Wide Web/ Application software used to prevent access
to certain Web servers, such as by parents who do not want their
children to access pornography. (See: filter, guard.)
Tutorial: The filter is usually browser-based, but could be part
of an intermediate cache server. The two basic content filtering
techniques are (a) to block a specified list of URLs and (b) to
block material that contains specified words and phrases.
$ contingency plan
(I) A plan for emergency response, backup operations, and post-
disaster recovery in a system as part of a security program to
ensure availability of critical system resources and facilitate
continuity of operations in a crisis. [NCS04] (See: availability.)
$ control zone
(O) "The space, expressed in feet of radius, surrounding equipment
processing sensitive information, that is under sufficient
physical and technical control to preclude an unauthorized entry
or compromise." [NCSSG] (Compare: inspectable space, TEMPEST
zone.)
$ controlled access protection
(O) /TCSEC/ The level of evaluation criteria for a C2 computer
system.
Tutorial: The major features of the C2 level are individual
accountability, audit, access control, and object reuse.
$ controlled cryptographic item (CCI)
(O) /U.S. Government/ "Secure telecommunications or information
handling equipment, or associated cryptographic component, that is
unclassified but governed by a special set of control
requirements." [C4009] (Compare: EUCI.)
Tutorial: This category of equipment was established in 1985 to
promote broad use of secure equipment for protecting both
classified and unclassified information in the national interest.
CCI equipment uses a classified cryptographic logic, but the
hardware or firmware embodiment of that logic is unclassified.
Drawings, software implementations, and other descriptions of that
logic remain classified. [N4001]
$ controlled interface
(I) A mechanism that facilitates the adjudication of the different
security policies of interconnected systems. (See: domain, guard.)
$ controlled security mode
(D) /U.S. DoD/ A mode of system operation wherein (a) two or more
security levels of information are allowed to be handled
concurrently within the same system when some users having access
to the system have neither a security clearance nor need-to-know
for some of the data handled by the system, but (b) separation of
the users and the classified material on the basis, respectively,
of clearance and classification level are not dependent only on
operating system control (like they are in multilevel security
mode). (See: /system operation/ under "mode", protection level.)
Deprecated Term: IDOCs SHOULD NOT use this term. It was defined in
a U.S. Government policy regarding system accreditation and was
subsumed by "partitioned security mode" in a later policy. Both
terms were dropped in still later policies.
Tutorial: Controlled mode was intended to encourage ingenuity in
meeting data confidentiality requirements in ways less restrictive
than "dedicated security mode" and "system-high security mode",
but at a level of risk lower than that generally associated with
true "multilevel security mode". This was intended to be
accomplished by implementation of explicit augmenting measures to
reduce or remove a substantial measure of system software
vulnerability together with specific limitation of the security
clearance levels of users having concurrent access to the system.
$ controlling authority
(O) /U.S. Government/ "Official responsible for directing the
operation of a cryptonet and for managing the operational use and
control of keying material assigned to the cryptonet." [C4009,
N4006]
$ cookie
1. (I) /HTTP/ Data exchanged between an HTTP server and a browser
(a client of the server) to store state information on the client
side and retrieve it later for server use.
Tutorial: An HTTP server, when sending data to a client, may send
along a cookie, which the client retains after the HTTP connection
closes. A server can use this mechanism to maintain persistent
client-side state information for HTTP-based applications,
retrieving the state information in later connections. A cookie
may include a description of the range of URLs for which the state
is valid. Future requests made by the client in that range will
also send the current value of the cookie to the server. Cookies
can be used to generate profiles of web usage habits, and thus may
infringe on personal privacy.
2. (I) /IPsec/ Data objects exchanged by ISAKMP to prevent certain
denial-of-service attacks during the establishment of a security
association.
3. (D) /access control/ Synonym for "capability token" or
"ticket".
Deprecated Definition: IDOCs SHOULD NOT use this term with
definition 3; that would duplicate the meaning of better-
established terms and mix concepts in a potentially misleading
way.
$ Coordinated Universal Time (UTC)
(N) UTC is derived from International Atomic Time (TAI) by adding
a number of leap seconds. The International Bureau of Weights and
Measures computes TAI once each month by averaging data from many
laboratories. (See: GeneralizedTime, UTCTime.)
$ correction
(I) /security/ A system change made to eliminate or reduce the
risk of reoccurrence of a security violation or threat
consequence. (See: secondary definition under "security".)
$ correctness
(I) "The property of a system that is guaranteed as the result of
formal verification activities." [Huff] (See: correctness proof,
verification.)
$ correctness integrity
(I) The property that the information represented by data is
accurate and consistent. (Compare: data integrity, source
integrity.)
Tutorial: IDOCs SHOULD NOT use this term without providing a
definition; the term is neither well-known nor precisely defined.
Data integrity refers to the constancy of data values, and source
integrity refers to confidence in data values. However,
correctness integrity refers to confidence in the underlying
information that data values represent, and this property is
closely related to issues of accountability and error handling.
$ correctness proof
(I) A mathematical proof of consistency between a specification
for system security and the implementation of that specification.
(See: correctness, formal specification.)
$ corruption
(I) A type of threat action that undesirably alters system
operation by adversely modifying system functions or data. (See:
disruption.)
Usage: This type of threat action includes the following subtypes:
- "Tampering": /corruption/ Deliberately altering a system's
logic, data, or control information to interrupt or prevent
correct operation of system functions. (See: misuse, main entry
for "tampering".)
- "Malicious logic": /corruption/ Any hardware, firmware, or
software (e.g., a computer virus) intentionally introduced into
a system to modify system functions or data. (See:
incapacitation, main entry for "malicious logic", masquerade,
misuse.)
- "Human error": /corruption/ Human action or inaction that
unintentionally results in the alteration of system functions
or data.
- "Hardware or software error": /corruption/ Error that results
in the alteration of system functions or data.
- "Natural disaster": /corruption/ Any "act of God" (e.g., power
surge caused by lightning) that alters system functions or
data. [FP031 Section 2]
$ counter
1. (N) /noun/ See: counter mode.
2. (I) /verb/ See: countermeasure.
$ counter-countermeasure
(I) An action, device, procedure, or technique used by an attacker
to offset a defensive countermeasure.
Tutorial: For every countermeasure devised to protect computers
and networks, some cracker probably will be able to devise a
counter-countermeasure. Thus, systems must use "defense in depth".
$ counter mode (CTR)
(N) A block cipher mode that enhances ECB mode by ensuring that
each encrypted block is different from every other block encrypted
under the same key. [SP38A] (See: block cipher.)
Tutorial: This mode operates by first encrypting a generated
sequence of blocks, called "counters", that are separate from the
input sequence of plaintext blocks which the mode is intended to
protect. The resulting sequence of encrypted counters is
exclusive-ORed with the sequence of plaintext blocks to produce
the final ciphertext output blocks. The sequence of counters must
have the property that each counter is different from every other
counter for all of the plain text that is encrypted under the same
key.
$ Counter with Cipher Block Chaining-Message Authentication Code
(CCM)
(N) A block cipher mode [SP38C] that provides both data
confidentiality and data origin authentication, by combining the
techniques of CTR and a CBC-based message authentication code.
(See: block cipher.)
$ countermeasure
(I) An action, device, procedure, or technique that meets or
opposes (i.e., counters) a threat, a vulnerability, or an attack
by eliminating or preventing it, by minimizing the harm it can
cause, or by discovering and reporting it so that corrective
action can be taken.
Tutorial: In an Internet protocol, a countermeasure may take the
form of a protocol feature, a component function, or a usage
constraint.
$ country code
(I) An identifier that is defined for a nation by ISO. [I3166]
Tutorial: For each nation, ISO Standard 3166 defines a unique two-
character alphabetic code, a unique three-character alphabetic
code, and a three-digit code. Among many uses of these codes, the
two-character codes are used as top-level domain names.
$ Courtney's laws
(N) Principles for managing system security that were stated by
Robert H. Courtney, Jr.
Tutorial: Bill Murray codified Courtney's laws as follows: [Murr]
- Courtney's first law: You cannot say anything interesting
(i.e., significant) about the security of a system except in
the context of a particular application and environment.
- Courtney's second law: Never spend more money eliminating a
security exposure than tolerating it will cost you. (See:
acceptable risk, risk analysis.)
-- First corollary: Perfect security has infinite cost.
-- Second corollary: There is no such thing as zero risk.
- Courtney's third law: There are no technical solutions to
management problems, but there are management solutions to
technical problems.
$ covert action
(I) An operation that is planned and executed in a way that
conceals the identity of the operator.
$ covert channel
1. (I) An unintended or unauthorized intra-system channel that
enables two cooperating entities to transfer information in a way
that violates the system's security policy but does not exceed the
entities' access authorizations. (See: covert storage channel,
covert timing channel, out-of-band, tunnel.)
2. (O) "A communications channel that allows two cooperating
processes to transfer information in a manner that violates the
system's security policy." [NCS04]
Tutorial: The cooperating entities can be either two insiders or
an insider and an outsider. Of course, an outsider has no access
authorization at all. A covert channel is a system feature that
the system architects neither designed nor intended for
information transfer.
$ covert storage channel
(I) A system feature that enables one system entity to signal
information to another entity by directly or indirectly writing a
storage location that is later directly or indirectly read by the
second entity. (See: covert channel.)
$ covert timing channel
(I) A system feature that enables one system entity to signal
information to another by modulating its own use of a system
resource in such a way as to affect system response time observed
by the second entity. (See: covert channel.)
$ CPS
(I) See: certification practice statement.
$ cracker
(I) Someone who tries to break the security of, and gain
unauthorized access to, someone else's system, often with
malicious intent. (See: adversary, intruder, packet monkey, script
kiddy. Compare: hacker.)
Usage: Was sometimes spelled "kracker". [NCSSG]
$ CRAM
(I) See: Challenge-Response Authentication Mechanism.
$ CRC
(I) See: cyclic redundancy check.
$ credential
1. (I) /authentication/ "identifier credential": A data object
that is a portable representation of the association between an
identifier and a unit of authentication information, and that can
be presented for use in verifying an identity claimed by an entity
that attempts to access a system. Example: X.509 public-key
certificate. (See: anonymous credential.)
2. (I) /access control/ "authorization credential": A data object
that is a portable representation of the association between an
identifier and one or more access authorizations, and that can be
presented for use in verifying those authorizations for an entity
that attempts such access. Example: X.509 attribute certificate.
(See: capability token, ticket.)
3. (D) /OSIRM/ "Data that is transferred to establish the claimed
identity of an entity." [I7498-2]
Deprecated Definition: IDOCs SHOULD NOT use the term with
definition 3. As explained in the tutorial below, an
authentication process can involve the transfer of multiple data
objects, and not all of those are credentials.
4. (D) /U.S. Government/ "An object that is verified when
presented to the verifier in an authentication transaction."
[M0404]
Deprecated Definition: IDOCs SHOULD NOT use the term with
definition 4; it mixes concepts in a potentially misleading way.
For example, in an authentication process, it is the identity that
is "verified", not the credential; the credential is "validated".
(See: validate vs. verify.)
Tutorial: In general English, "credentials" are evidence or
testimonials that (a) support a claim of identity or authorization
and (b) usually are intended to be used more than once (i.e., a
credential's life is long compared to the time needed for one
use). Some examples are a policeman's badge, an automobile
driver's license, and a national passport. An authentication or
access control process that uses a badge, license, or passport is
outwardly simple: the holder just shows the thing.
The problem with adopting this term in Internet security is that
an automated process for authentication or access control usually
requires multiple steps using multiple data objects, and it might
not be immediately obvious which of those objects should get the
name "credential".
For example, if the verification step in a user authentication
process employs public-key technology, then the process involves
at least three data items: (a) the user's private key, (b) a
signed value -- signed with that private key and passed to the
system, perhaps in response to a challenge from the system -- and
(c) the user's public-key certificate, which is validated by the
system and provides the public key needed to verify the signature.
- Private key: The private key is *not* a credential, because it
is never transferred or presented. Instead, the private key is
"authentication information", which is associated with the
user's identifier for a specified period of time and can be
used in multiple authentications during that time.
- Signed value: The signed value is *not* a credential; the
signed value is only ephemeral, not long lasting. The OSIRM
definition could be interpreted to call the signed value a
credential, but that would conflict with general English.
- Certificate: The user's certificate *is* a credential. It can
be "transferred" or "presented" to any person or process that
needs it at any time. A public-key certificate may be used as
an "identity credential", and an attribute certificate may be
used as an "authorization credential".
$ critical
1. (I) /system resource/ A condition of a system resource such
that denial of access to, or lack of availability of, that
resource would jeopardize a system user's ability to perform a
primary function or would result in other serious consequences,
such as human injury or loss of life. (See: availability,
precedence. Compare: sensitive.)
2. (N) /extension/ An indication that an application is not
permitted to ignore an extension. [X509]
Tutorial: Each extension of an X.509 certificate or CRL is flagged
as either "critical" or "non-critical". In a certificate, if a
computer program does not recognize an extension's type (i.e.,
does not implement its semantics), then if the extension is
critical, the program is required to treat the certificate as
invalid; but if the extension is non-critical, the program is
permitted to ignore the extension.
In a CRL, if a program does not recognize a critical extension
that is associated with a specific certificate, the program is
required to assume that the listed certificate has been revoked
and is no longer valid, and then take whatever action is required
by local policy.
When a program does not recognize a critical extension that is
associated with the CRL as a whole, the program is required to
assume that all listed certificates have been revoked and are no
longer valid. However, since failing to process the extension may
mean that the list has not been completed, the program cannot
assume that other certificates are valid, and the program needs to
take whatever action is therefore required by local policy.
$ critical information infrastructure
(I) Those systems that are so vital to a nation that their
incapacity or destruction would have a debilitating effect on
national security, the economy, or public health and safety.
$ CRL
(I) See: certificate revocation list.
$ CRL distribution point
(I) See: distribution point.
$ CRL extension
(I) See: extension.
$ cross-certificate
(I) A public-key certificate issued by a CA in one PKI to a CA in
another PKI. (See: cross-certification.)
$ cross-certification
(I) The act or process by which a CA in one PKI issues a public-
key certificate to a CA in another PKI. [X509] (See: bridge CA.)
Tutorial: X.509 says that a CA (say, CA1) may issue a "cross-
certificate" in which the subject is another CA (say, CA2). X.509
calls CA2 the "subject CA" and calls CA1 an "intermediate CA", but
this Glossary deprecates those terms. (See: intermediate CA,
subject CA).
Cross-certification of CA2 by CA1 appears similar to certification
of a subordinate CA by a superior CA, but cross-certification
involves a different concept. The "subordinate CA" concept applies
when both CAs are in the same PKI, i.e., when either (a) CA1 and
CA2 are under the same root or (b) CA1 is itself a root. The
"cross-certification" concept applies in other cases:
First, cross-certification applies when two CAs are in different
PKIs, i.e., when CA1 and CA2 are under different roots, or perhaps
are both roots themselves. Issuing the cross-certificate enables
end entities certified under CA1 in PK1 to construct the
certification paths needed to validate the certificates of end
entities certified under CA2 in PKI2. Sometimes, a pair of cross-
certificates is issued -- by CA1 to CA2, and by CA2 to CA1 -- so
that an end entity in either PKI can validate certificates issued
in the other PKI.
Second, X.509 says that two CAs in some complex, multi-CA PKI can
cross-certify one another to shorten the certification paths
constructed by end entities. Whether or not a CA may perform this
or any other form of cross-certification, and how such
certificates may be used by end entities, should be addressed by
the local certificate policy and CPS.
$ cross-domain solution
1. (D) Synonym for "guard".
Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
"guard"; this term unnecessarily (and verbosely) duplicates the
meaning of the long-established "guard".
2. (O) /U.S. Government/ A process or subsystem that provides a
capability (which could be either manual or automated) to access
two or more differing security domains in a system, or to transfer
information between such domains. (See: domain, guard.)
$ cryptanalysis
1. (I) The mathematical science that deals with analysis of a
cryptographic system to gain knowledge needed to break or
circumvent the protection that the system is designed to provide.
(See: cryptology, secondary definition under "intrusion".)
2. (O) "The analysis of a cryptographic system and/or its inputs
and outputs to derive confidential variables and/or sensitive data
including cleartext." [I7498-2]
Tutorial: Definition 2 states the traditional goal of
cryptanalysis, i.e., convert cipher text to plain text (which
usually is clear text) without knowing the key; but that
definition applies only to encryption systems. Today, the term is
used with reference to all kinds of cryptographic algorithms and
key management, and definition 1 reflects that. In all cases,
however, a cryptanalyst tries to uncover or reproduce someone
else's sensitive data, such as clear text, a key, or an algorithm.
The basic cryptanalytic attacks on encryption systems are
ciphertext-only, known-plaintext, chosen-plaintext, and chosen-
ciphertext; and these generalize to the other kinds of
cryptography.
$ crypto, CRYPTO
1. (N) A prefix ("crypto-") that means "cryptographic".
Usage: IDOCs MAY use this prefix when it is part of a term listed
in this Glossary. Otherwise, IDOCs SHOULD NOT use this prefix;
instead, use the unabbreviated adjective, "cryptographic".
2. (D) In lower case, "crypto" is an abbreviation for the
adjective "cryptographic", or for the nouns "cryptography" or
"cryptographic component".
Deprecated Abbreviation: IDOCs SHOULD NOT use this abbreviation
because it could easily be misunderstood in some technical sense.
3. (O) /U.S. Government/ In upper case, "CRYPTO" is a marking or
designator that identifies "COMSEC keying material used to secure
or authenticate telecommunications carrying classified or
sensitive U.S. Government or U.S. Government-derived information."
[C4009] (See: security label, security marking.)
$ cryptographic
(I) An adjective that refers to cryptography.
$ cryptographic algorithm
(I) An algorithm that uses the science of cryptography, including
(a) encryption algorithms, (b) cryptographic hash algorithms, (c)
digital signature algorithms, and (d) key-agreement algorithms.
$ cryptographic application programming interface (CAPI)
(I) The source code formats and procedures through which an
application program accesses cryptographic services, which are
defined abstractly compared to their actual implementation.
Example, see: PKCS #11, [R2628].
$ cryptographic association
(I) A security association that involves the use of cryptography
to provide security services for data exchanged by the associated
entities. (See: ISAKMP.)
$ cryptographic boundary
(I) See: secondary definition under "cryptographic module".
$ cryptographic card
(I) A cryptographic token in the form of a smart card or a PC
card.
$ cryptographic component
(I) A generic term for any system component that involves
cryptography. (See: cryptographic module.)
$ cryptographic hash
(I) See: secondary definition under "hash function".
$ cryptographic ignition key (CIK)
1. (N) A physical (usually electronic) token used to store,
transport, and protect cryptographic keys and activation data.
(Compare: dongle, fill device.)
Tutorial: A key-encrypting key could be divided (see: split key)
between a CIK and a cryptographic module, so that it would be
necessary to combine the two to regenerate the key, use it to
decrypt other keys and data contained in the module, and thus
activate the module.
2. (O) "Device or electronic key used to unlock the secure mode of
cryptographic equipment." [C4009] Usage: Abbreviated as "crypto-
ignition key".
$ cryptographic key
(I) See: key. Usage: Usually shortened to just "key".
$ Cryptographic Message Syntax (CMS)
(I) An encapsulation syntax (RFC 3852) for digital signatures,
hashes, and encryption of arbitrary messages.
Tutorial: CMS derives from PKCS #7. CMS values are specified with
ASN.1 and use BER encoding. The syntax permits multiple
encapsulation with nesting, permits arbitrary attributes to be
signed along with message content, and supports a variety of
architectures for digital certificate-based key management.
$ cryptographic module
(I) A set of hardware, software, firmware, or some combination
thereof that implements cryptographic logic or processes,
including cryptographic algorithms, and is contained within the
module's "cryptographic boundary", which is an explicitly defined
contiguous perimeter that establishes the physical bounds of the
module. [FP140]
$ cryptographic system
1. (I) A set of cryptographic algorithms together with the key
management processes that support use of the algorithms in some
application context.
Usage: IDOCs SHOULD use definition 1 because it covers a wider
range of algorithms than definition 2.
2. (O) "A collection of transformations from plain text into
cipher text and vice versa [which would exclude digital signature,
cryptographic hash, and key-agreement algorithms], the particular
transformation(s) to be used being selected by keys. The
transformations are normally defined by a mathematical algorithm."
[X509]
$ cryptographic token
1. (I) A portable, user-controlled, physical device (e.g., smart
card or PCMCIA card) used to store cryptographic information and
possibly also perform cryptographic functions. (See: cryptographic
card, token.)
Tutorial: A smart token might implement some set of cryptographic
algorithms and might incorporate related key management functions,
such as a random number generator. A smart cryptographic token may
contain a cryptographic module or may not be explicitly designed
that way.
$ cryptography
1. (I) The mathematical science that deals with transforming data
to render its meaning unintelligible (i.e., to hide its semantic
content), prevent its undetected alteration, or prevent its
unauthorized use. If the transformation is reversible,
cryptography also deals with restoring encrypted data to
intelligible form. (See: cryptology, steganography.)
2. (O) "The discipline which embodies principles, means, and
methods for the transformation of data in order to hide its
information content, prevent its undetected modification and/or
prevent its unauthorized use.... Cryptography determines the
methods used in encipherment and decipherment." [I7498-2]
Tutorial: Comprehensive coverage of applied cryptographic
protocols and algorithms is provided by Schneier [Schn].
Businesses and governments use cryptography to make data
incomprehensible to outsiders; to make data incomprehensible to
both outsiders and insiders, the data is sent to lawyers for a
rewrite.
$ Cryptoki
(N) A CAPI defined in PKCS #11. Pronunciation: "CRYPTO-key".
Derivation: Abbreviation of "cryptographic token interface".
$ cryptology
(I) The science of secret communication, which includes both
cryptography and cryptanalysis.
Tutorial: Sometimes the term is used more broadly to denote
activity that includes both rendering signals secure (see: signal
security) and extracting information from signals (see: signal
intelligence) [Kahn].
$ cryptonet
(I) A network (i.e., a communicating set) of system entities that
share a secret cryptographic key for a symmetric algorithm. (See:
controlling authority.)
(O) "Stations holding a common key." [C4009]
$ cryptoperiod
(I) The time span during which a particular key value is
authorized to be used in a cryptographic system. (See: key
management.)
Usage: This term is long-established in COMPUSEC usage. In the
context of certificates and public keys, "key lifetime" and
"validity period" are often used instead.
Tutorial: A cryptoperiod is usually stated in terms of calendar or
clock time, but sometimes is stated in terms of the maximum amount
of data permitted to be processed by a cryptographic algorithm
using the key. Specifying a cryptoperiod involves a tradeoff
between the cost of rekeying and the risk of successful
cryptoanalysis.
$ cryptosystem
(I) Contraction of "cryptographic system".
$ cryptovariable
(D) Synonym for "key".
Deprecated Usage: In contemporary COMSEC usage, the term "key" has
replaced the term "cryptovariable".
$ CSIRT
(I) See: computer security incident response team.
$ CSOR
(N) See: Computer Security Objects Register.
$ CTAK
(D) See: ciphertext auto-key.
$ CTR
(N) See: counter mode.
$ cut-and-paste attack
(I) An active attack on the data integrity of cipher text,
effected by replacing sections of cipher text with other cipher
text, such that the result appears to decrypt correctly but
actually decrypts to plain text that is forged to the satisfaction
of the attacker.
$ cyclic redundancy check (CRC)
(I) A type of checksum algorithm that is not a cryptographic hash
but is used to implement data integrity service where accidental
changes to data are expected. Sometimes called "cyclic redundancy
code".
$ DAC
(N) See: Data Authentication Code, discretionary access control.
Deprecated Usage: IDOCs that use this term SHOULD state a
definition for it because this abbreviation is ambiguous.
$ daemon
(I) A computer program that is not invoked explicitly but waits
until a specified condition occurs, and then runs with no
associated user (principal), usually for an administrative
purpose. (See: zombie.)
$ dangling threat
(O) A threat to a system for which there is no corresponding
vulnerability and, therefore, no implied risk.
$ dangling vulnerability
(O) A vulnerability of a system for which there is no
corresponding threat and, therefore, no implied risk.
$ DASS
(I) See: Distributed Authentication Security Service.
$ data
(I) Information in a specific representation, usually as a
sequence of symbols that have meaning.
Usage: Refers to both (a) representations that can be recognized,
processed, or produced by a computer or other type of machine, and
(b) representations that can be handled by a human.
$ Data Authentication Algorithm, data authentication algorithm
1. (N) /capitalized/ The ANSI standard for a keyed hash function
that is equivalent to DES cipher block chaining with IV = 0.
[A9009]
2. (D) /not capitalized/ Synonym for some kind of "checksum".
Deprecated Term: IDOCs SHOULD NOT use the uncapitalized form "data
authentication algorithm" as a synonym for any kind of checksum,
regardless of whether or not the checksum is based on a hash.
Instead, use "checksum", "Data Authentication Code", "error
detection code", "hash", "keyed hash", "Message Authentication
Code", "protected checksum", or some other specific term,
depending on what is meant.
The uncapitalized term can be confused with the Data
Authentication Code and also mixes concepts in a potentially
misleading way. The word "authentication" is misleading because
the checksum may be used to perform a data integrity function
rather than a data origin authentication function.
$ Data Authentication Code, data authentication code
1. (N) /capitalized/ A specific U.S. Government standard [FP113]
for a checksum that is computed by the Data Authentication
Algorithm. Usage: a.k.a. Message Authentication Code [A9009].)
(See: DAC.)
2. (D) /not capitalized/ Synonym for some kind of "checksum".
Deprecated Term: IDOCs SHOULD NOT use the uncapitalized form "data
authentication code" as a synonym for any kind of checksum,
regardless of whether or not the checksum is based on the Data
Authentication Algorithm. The uncapitalized term can be confused
with the Data Authentication Code and also mixes concepts in a
potentially misleading way (see: authentication code).
$ data compromise
1. (I) A security incident in which information is exposed to
potential unauthorized access, such that unauthorized disclosure,
alteration, or use of the information might have occurred.
(Compare: security compromise, security incident.)
2. (O) /U.S. DoD/ A "compromise" is a "communication or physical
transfer of information to an unauthorized recipient." [DoD5]
3. (O) /U.S. Government/ "Type of [security] incident where
information is disclosed to unauthorized individuals or a
violation of the security policy of a system in which unauthorized
intentional or unintentional disclosure, modification,
destruction, or loss of an object may have occurred." [C4009]
$ data confidentiality
1. (I) The property that data is not disclosed to system entities
unless they have been authorized to know the data. (See: Bell-
LaPadula model, classification, data confidentiality service,
secret. Compare: privacy.)
2. (D) "The property that information is not made available or
disclosed to unauthorized individuals, entities, or processes
[i.e., to any unauthorized system entity]." [I7498-2].
Deprecated Definition: The phrase "made available" might be
interpreted to mean that the data could be altered, and that would
confuse this term with the concept of "data integrity".
$ data confidentiality service
(I) A security service that protects data against unauthorized
disclosure. (See: access control, data confidentiality, datagram
confidentiality service, flow control, inference control.)
Deprecated Usage: IDOCs SHOULD NOT use this term as a synonym for
"privacy", which is a different concept.
$ Data Encryption Algorithm (DEA)
(N) A symmetric block cipher, defined in the U.S. Government's
DES. DEA uses a 64-bit key, of which 56 bits are independently
chosen and 8 are parity bits, and maps a 64-bit block into another
64-bit block. [FP046] (See: AES, symmetric cryptography.)
Usage: This algorithm is usually referred to as "DES". The
algorithm has also been adopted in standards outside the
Government (e.g., [A3092]).
$ data encryption key (DEK)
(I) A cryptographic key that is used to encipher application data.
(Compare: key-encrypting key.)
$ Data Encryption Standard (DES)
(N) A U.S. Government standard [FP046] that specifies the DEA and
states policy for using the algorithm to protect unclassified,
sensitive data. (See: AES.)
$ data integrity
1. (I) The property that data has not been changed, destroyed, or
lost in an unauthorized or accidental manner. (See: data integrity
service. Compare: correctness integrity, source integrity.)
2. (O) "The property that information has not been modified or
destroyed in an unauthorized manner." [I7498-2]
Usage: Deals with (a) constancy of and confidence in data values,
and not with either (b) information that the values represent
(see: correctness integrity) or (c) the trustworthiness of the
source of the values (see: source integrity).
$ data integrity service
(I) A security service that protects against unauthorized changes
to data, including both intentional change or destruction and
accidental change or loss, by ensuring that changes to data are
detectable. (See: data integrity, checksum, datagram integrity
service.)
Tutorial: A data integrity service can only detect a change and
report it to an appropriate system entity; changes cannot be
prevented unless the system is perfect (error-free) and no
malicious user has access. However, a system that offers data
integrity service might also attempt to correct and recover from
changes.
The ability of this service to detect changes is limited by the
technology of the mechanisms used to implement the service. For
example, if the mechanism were a one-bit parity check across each
entire SDU, then changes to an odd number of bits in an SDU would
be detected, but changes to an even number of bits would not.
Relationship between data integrity service and authentication
services: Although data integrity service is defined separately
from data origin authentication service and peer entity
authentication service, it is closely related to them.
Authentication services depend, by definition, on companion data
integrity services. Data origin authentication service provides
verification that the identity of the original source of a
received data unit is as claimed; there can be no such
verification if the data unit has been altered. Peer entity
authentication service provides verification that the identity of
a peer entity in a current association is as claimed; there can be
no such verification if the claimed identity has been altered.
$ data origin authentication
(I) "The corroboration that the source of data received is as
claimed." [I7498-2] (See: authentication.)
$ data origin authentication service
(I) A security service that verifies the identity of a system
entity that is claimed to be the original source of received data.
(See: authentication, authentication service.)
Tutorial: This service is provided to any system entity that
receives or holds the data. Unlike peer entity authentication
service, this service is independent of any association between
the originator and the recipient, and the data in question may
have originated at any time in the past.
A digital signature mechanism can be used to provide this service,
because someone who does not know the private key cannot forge the
correct signature. However, by using the signer's public key,
anyone can verify the origin of correctly signed data.
This service is usually bundled with connectionless data integrity
service. (See: "relationship between data integrity service and
authentication services" under "data integrity service".
$ data owner
(N) The organization that has the final statutory and operational
authority for specified information.
$ data privacy
(D) Synonym for "data confidentiality".
Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts
in a potentially misleading way. Instead, use either "data
confidentiality" or "privacy" or both, depending on what is meant.
$ data recovery
1. (I) /cryptanalysis/ A process for learning, from some cipher
text, the plain text that was previously encrypted to produce the
cipher text. (See: recovery.)
2. (I) /system integrity/ The process of restoring information
following damage or destruction.
$ data security
(I) The protection of data from disclosure, alteration,
destruction, or loss that either is accidental or is intentional
but unauthorized.
Tutorial: Both data confidentiality service and data integrity
service are needed to achieve data security.
$ datagram
(I) "A self-contained, independent entity of data [i.e., a packet]
carrying sufficient information to be routed from the source
[computer] to the destination computer without reliance on earlier
exchanges between this source and destination computer and the
transporting network." [R1983] Example: A PDU of IP.
$ datagram confidentiality service
(I) A data confidentiality service that preserves the
confidentiality of data in a single, independent, packet; i.e.,
the service applies to datagrams one-at-a-time. Example: ESP.
(See: data confidentiality.)
Usage: When a protocol is said to provide data confidentiality
service, this is usually understood to mean that only the SDU is
protected in each packet. IDOCs that use the term to mean that the
entire PDU is protected should include a highlighted definition.
Tutorial: This basic form of network confidentiality service
suffices for protecting the data in a stream of packets in both
connectionless and connection-oriented protocols. Except perhaps
for traffic flow confidentiality, nothing further is needed to
protect the confidentiality of data carried by a packet stream.
The OSIRM distinguishes between connection confidentiality and
connectionless confidentiality. The IPS need not make that
distinction, because those services are just instances of the same
service (i.e., datagram confidentiality) being offered in two
different protocol contexts. (For data integrity service, however,
additional effort is needed to protect a stream, and the IPS does
need to distinguish between "datagram integrity service" and
"stream integrity service".)
$ datagram integrity service
(I) A data integrity service that preserves the integrity of data
in a single, independent, packet; i.e., the service applies to
datagrams one-at-a-time. (See: data integrity. Compare: stream
integrity service.)
Tutorial: The ability to provide appropriate data integrity is
important in many Internet security situations, and so there are
different kinds of data integrity services suited to different
applications. This service is the simplest kind; it is suitable
for connectionless data transfers.
Datagram integrity service usually is designed only to attempt to
detect changes to the SDU in each packet, but it might also
attempt to detect changes to some or all of the PCI in each packet
(see: selective field integrity). In contrast to this simple,
one-at-a-time service, some security situations demand a more
complex service that also attempts to detect deleted, inserted, or
reordered datagrams within a stream of datagrams (see: stream
integrity service).
$ DEA
(N) See: Data Encryption Algorithm.
$ deception
(I) A circumstance or event that may result in an authorized
entity receiving false data and believing it to be true. (See:
authentication.)
Tutorial: This is a type of threat consequence, and it can be
caused by the following types of threat actions: masquerade,
falsification, and repudiation.
$ decipher
(D) Synonym for "decrypt".
Deprecated Definition: IDOCs SHOULD NOT use this term as a synonym
for "decrypt". However, see usage note under "encryption".
$ decipherment
(D) Synonym for "decryption".
Deprecated Definition: IDOCs SHOULD NOT use this term as a synonym
for "decryption". However, see the Usage note under "encryption".
$ declassification
(I) An authorized process by which information is declassified.
(Compare: classification.)
$ declassify
(I) To officially remove the security level designation of a
classified information item or information type, such that the
information is no longer classified (i.e., becomes unclassified).
(See: classified, classify, security level. Compare: downgrade.)
(next page on part 5)
