RFC 4949
Internet Security Glossary, Version 2
$ firmware
(I) Computer programs and data stored in hardware -- typically in
read-only memory (ROM) or programmable read-only memory (PROM) --
such that the programs and data cannot be dynamically written or
modified during execution of the programs. (See: hardware,
software.)
$ FIRST
(N) See: Forum of Incident Response and Security Teams.
$ flaw
1. (I) An error in the design, implementation, or operation of an
information system. A flaw may result in a vulnerability.
(Compare: vulnerability.)
2. (D) "An error of commission, omission, or oversight in a system
that allows protection mechanisms to be bypassed." [NCSSG]
(Compare: vulnerability. See: brain-damaged.)
Deprecated Definition: IDOCs SHOULD NOT use this term with
definition 2; not every flaw is a vulnerability.
$ flaw hypothesis methodology
(I) An evaluation or attack technique in which specifications and
documentation for a system are analyzed to hypothesize flaws in
the system. The list of hypothetical flaws is prioritized on the
basis of the estimated probability that a flaw exists and,
assuming it does, on the ease of exploiting it and the extent of
control or compromise it would provide. The prioritized list is
used to direct a penetration test or attack against the system.
[NCS04] (See: fault tree, flaw.)
$ flooding
1. (I) An attack that attempts to cause a failure in a system by
providing more input than the system can process properly. (See:
denial of service, fairness. Compare: jamming.)
Tutorial: Flooding uses "overload" as a type of "obstruction"
intended to cause "disruption".
2. (I) The process of delivering data or control messages to every
node of a network. (RFC 3753)
$ flow analysis
(I) An analysis performed on a nonprocedural, formal, system
specification that locates potential flows of information between
system variables. By assigning security levels to the variables,
the analysis can find some types of covert channels. [Huff]
$ flow control
1. (I) /data security/ A procedure or technique to ensure that
information transfers within a system are not made from one
security level to another security level, and especially not from
a higher level to a lower level. [Denns] (See: covert channel,
confinement property, information flow policy, simple security
property.)
2. (O) /data security/ "A concept requiring that information
transfers within a system be controlled so that information in
certain types of objects cannot, via any channel within the
system, flow to certain other types of objects." [NCSSG]
$ For Official Use Only (FOUO)
(O) /U.S. DoD/ A U.S. Government designation for information that
has not been given a security classification pursuant to the
criteria of an Executive Order dealing with national security, but
which may be withheld from the public because disclosure would
cause a foreseeable harm to an interest protected by one of the
exemptions stated in the Freedom of Information Act (Section 552
of title 5, United States Code). (See: security label, security
marking. Compare: classified.)
$ formal
(I) Expressed in a restricted syntax language with defined
semantics based on well-established mathematical concepts. [CCIB]
(Compare: informal, semiformal.)
$ formal access approval
(O) /U.S. Government/ Documented approval by a data owner to allow
access to a particular category of information in a system. (See:
category.)
$ Formal Development Methodology
(O) See: Ina Jo.
$ formal model
(I) A security model that is formal. Example: Bell-LaPadula model.
[Land] (See: formal, security model.)
$ formal proof
(I) "A complete and convincing mathematical argument, presenting
the full logical justification for each step in the proof, for the
truth of a theorem or set of theorems." [NCSSG]
$ formal specification
(I) A precise description of the (intended) behavior of a system,
usually written in a mathematical language, sometimes for the
purpose of supporting formal verification through a correctness
proof. [Huff] (See: Affirm, Gypsy, HDM, Ina Jo.) (See: formal.)
Tutorial: A formal specification can be written at any level of
detail but is usually a top-level specification.
$ formal top-level specification
(I) "A top-level specification that is written in a formal
mathematical language to allow theorems showing the correspondence
of the system specification to its formal requirements to be
hypothesized and formally proven." [NCS04] (See: formal
specification.)
$ formulary
(I) A technique for enabling a decision to grant or deny access to
be made dynamically at the time the access is attempted, rather
than earlier when an access control list or ticket is created.
$ FORTEZZA(trademark)
(O) A registered trademark of NSA, used for a family of
interoperable security products that implement a NIST/NSA-approved
suite of cryptographic algorithms for digital signature, hash,
encryption, and key exchange. The products include a PC card
(which contains a CAPSTONE chip), and compatible serial port
modems, server boards, and software implementations.
$ Forum of Incident Response and Security Teams (FIRST)
(N) An international consortium of CSIRTs (e.g., CIAC) that work
together to handle computer security incidents and promote
preventive activities. (See: CSIRT, security incident.)
Tutorial: FIRST was founded in 1990 and, as of July 2004, had more
than 100 members spanning the globe. Its mission includes:
- Provide members with technical information, tools, methods,
assistance, and guidance.
- Coordinate proactive liaison activities and analytical support.
- Encourage development of quality products and services.
- Improve national and international information security for
governments, private industry, academia, and the individual.
- Enhance the image and status of the CSIRT community.
$ forward secrecy
(I) See: perfect forward secrecy.
$ FOUO
(O) See: For Official Use Only.
$ FPKI
(O) See: Federal Public-Key Infrastructure.
$ fraggle attack
(D) /slang/ A synonym for "smurf attack".
Deprecated Term: It is likely that other cultures use different
metaphors for this concept. Therefore, to avoid international
misunderstanding, IDOCs SHOULD NOT use this term.
Derivation: The Fraggles are a fictional race of small humanoids
(represented as hand puppets in a children's television series,
"Fraggle Rock") that live underground.
$ frequency hopping
(N) Repeated switching of frequencies during radio transmission
according to a specified algorithm. [C4009] (See: spread
spectrum.)
Tutorial: Frequency hopping is a TRANSEC technique to minimize the
potential for unauthorized interception or jamming.
$ fresh
(I) Recently generated; not replayed from some earlier interaction
of the protocol.
Usage: Describes data contained in a PDU that is received and
processed for the first time. (See: liveness, nonce, replay
attack.)
$ FTP
(I) See: File Transfer Protocol.
$ gateway
(I) An intermediate system (interface, relay) that attaches to two
(or more) computer networks that have similar functions but
dissimilar implementations and that enables either one-way or two-
way communication between the networks. (See: bridge, firewall,
guard, internetwork, proxy server, router, and subnetwork.)
Tutorial: The networks may differ in any of several aspects,
including protocols and security mechanisms. When two computer
networks differ in the protocol by which they offer service to
hosts, a gateway may translate one protocol into the other or
otherwise facilitate interoperation of hosts (see: Internet
Protocol). In theory, gateways between computer networks are
conceivable at any OSIRM layer. In practice, they usually operate
at OSIRM Layer 2 (see: bridge), 3 (see: router), or 7 (see: proxy
server).
$ GCA
(O) See: geopolitical certificate authority.
$ GDOI
(O) See: Group Domain of Interpretation.
$ GeldKarte
(O) A smartcard-based, electronic money system that is maintained
by the German banking industry, incorporates cryptography, and can
be used to make payments via the Internet. (See: IOTP.)
$ GeneralizedTime
(N) The ASN.1 data type "GeneralizedTime" (ISO 8601) contains a
calendar date (YYYYMMDD) and a time of day, which is either (a)
the local time, (b) the Coordinated Universal Time, or (c) both
the local time and an offset that enables Coordinated Universal
Time to be calculated. (See: Coordinated Universal Time. Compare:
UTCTime.)
$ Generic Security Service Application Program Interface (GSS-API)
(I) An Internet Standard protocol [R2743] that specifies calling
conventions by which an application (typically another
communication protocol) can obtain authentication, integrity, and
confidentiality security services independently of the underlying
security mechanisms and technologies, thus enabling the
application source code to be ported to different environments.
(Compare: EAP, SASL.)
Tutorial: "A GSS-API caller accepts tokens provided to it by its
local GSS-API implementation and transfers the tokens to a peer on
a remote system; that peer passes the received tokens to its local
GSS-API implementation for processing. The security services
available through GSS-API in this fashion are implementable (and
have been implemented) over a range of underlying mechanisms based
on [symmetric] and [asymmetric cryptography]." [R2743]
$ geopolitical certificate authority (GCA)
(O) /SET/ In a SET certification hierarchy, an optional level that
is certified by a BCA and that may certify cardholder CAs,
merchant CAs, and payment gateway CAs. Using GCAs enables a brand
to distribute responsibility for managing certificates to
geographic or political regions, so that brand policies can vary
between regions as needed.
$ GIG
(O) See: Global Information Grid.
$ Global Information Grid (GIG)
(O) /U.S. DoD/ The GIG is "a globally interconnected, end-to-end
set of information capabilities, associated processes and
personnel for collecting, processing, storing, disseminating, and
managing information on demand to war fighters, policy makers, and
support personnel." [IATF] Usage: Formerly referred to as the DII.
$ good engineering practice(s)
(N) A term used to specify or characterize design, implementation,
installation, or operating practices for an information system,
when a more explicit specification is not possible. Generally
understood to refer to the state of the engineering art for
commercial systems that have problems and solutions equivalent to
the system in question.
$ granularity
1. (N) /access control/ Relative fineness to which an access
control mechanism can be adjusted.
2. (N) /data security/ "The size of the smallest protectable unit
of information" in a trusted system. [Huff]
$ Green Book
(D) /slang/ Synonym for "Defense Password Management Guideline"
[CSC2].
Deprecated Term: Except as an explanatory appositive, IDOCs SHOULD
NOT use this term, regardless of the associated definition.
Instead, use the full proper name of the document or, in
subsequent references, a conventional abbreviation. (See: Rainbow
Series.)
Deprecated Usage: To improve international comprehensibility of
Internet Standards and the Internet Standards Process, IDOCs
SHOULD NOT use "cute" synonyms. No matter how clearly understood
or popular a nickname may be in one community, it is likely to
cause confusion or offense in others. For example, several other
information system standards also are called "the Green Book"; the
following are some examples:
- Each volume of 1992 ITU-T (known at that time as CCITT)
standards.
- "PostScript Language Program Design", Adobe Systems, Addison-
Wesley, 1988.
- IEEE 1003.1 POSIX Operating Systems Interface.
- "Smalltalk-80: Bits of History, Words of Advice", Glenn
Krasner, Addison-Wesley, 1983.
- "X/Open Compatibility Guide".
- A particular CD-ROM format developed by Phillips.
$ Group Domain of Interpretation (GDOI)
(I) An ISAKMP/IKE domain of interpretation for group key
management; i.e., a phase 2 protocol in ISAKMP. [R3547] (See:
secure multicast.)
Tutorial: In this group key management model that extends the
ISAKMP standard, the protocol is run between a group member and a
"group controller/key server", which establishes security
associations [R4301] among authorized group members. The GDOI
protocol is itself protected by an ISAKMP phase 1 association.
For example, multicast applications may use ESP to protect their
data traffic. GDOI carries the needed security association
parameters for ESP. In this way, GDOI supports multicast ESP with
group authentication of ESP packets using a shared, group key.
$ group identity
(I) See: secondary definition under "identity".
$ group security association
(I) "A bundling of [security associations] (SAs) that together
define how a group communicates securely. The [group SA] may
include a registration protocol SA, a rekey protocol SA, and one
or more data security protocol SAs." [R3740]
$ GSS-API
(I) See: Generic Security Service Application Program Interface.
$ guard
(I) A computer system that (a) acts as gateway between two
information systems operating under different security policies
and (b) is trusted to mediate information data transfers between
the two. (See: controlled interface, cross-domain solution,
domain, filter. Compare: firewall.)
Usage: Frequently understood to mean that one system is operating
at a higher security level than the other, and that the gateway's
purpose is to prevent unauthorized disclosure of data from the
higher system to the lower. However, the purpose might also be to
protect the data integrity, availability, or general system
integrity of one system from threats posed by connecting to the
other system. The mediation may be entirely automated or may
involve "reliable human review".
$ guest login
(I) See: anonymous login.
$ GULS
(I) Generic Upper Layer Security service element (ISO 11586), a
five-part standard for the exchange of security information and
security-transformation functions that protect confidentiality and
integrity of application data.
$ Gypsy verification environment
(O) A methodology, language, and integrated set of software tools
developed at the University of Texas for specifying, coding, and
verifying software to produce correct and reliable programs.
[Cheh]
$ H field
(D) See: Deprecated Usage under "Handling Restrictions field".
$ hack
1a. (I) /verb/ To work on something, especially to program a
computer. (See: hacker.)
1b. (I) /verb/ To do some kind of mischief, especially to play a
prank on, or penetrate, a system. (See: hacker, cracker.)
2. (I) /noun/ An item of completed work, or a solution for a
problem, that is non-generalizable, i.e., is very specific to the
application area or problem being solved.
Tutorial: Often, the application area or problem involves computer
programming or other use of a computer. Characterizing something
as a hack can be a compliment, such as when the solution is
minimal and elegant; or it can be derogatory, such as when the
solution fixes the problem but leaves the system in an
unmaintainable state.
See [Raym] for several other meanings of this term and also
definitions of several derivative terms.
$ hacker
1. (I) Someone with a strong interest in computers, who enjoys
learning about them, programming them, and experimenting and
otherwise working with them. (See: hack. Compare: adversary,
cracker, intruder.)
Usage: This first definition is the original meaning of the term
(circa 1960); it then had a neutral or positive connotation of
"someone who figures things out and makes something cool happen".
2. (O) "An individual who spends an inordinate amount of time
working on computer systems for other than professional purposes."
[NCSSG]
3. (D) Synonym for "cracker".
Deprecated Usage: Today, the term is frequently (mis)used
(especially by journalists) with definition 3.
$ handle
1. (I) /verb/ Perform processing operations on data, such as
receive and transmit, collect and disseminate, create and delete,
store and retrieve, read and write, and compare. (See: access.)
2. (I) /noun/ An online pseudonym, particularly one used by a
cracker; derived from citizens' band radio culture.
$ handling restriction
(I) A type of access control other than (a) the rule-based
protections of mandatory access control and (b) the identity-based
protections of discretionary access control; usually involves
administrative security.
$ Handling Restrictions field
(I) A 16-bit field that specifies a control and release marking in
the security option (option type 130) of IP's datagram header
format. The valid field values are alphanumeric digraphs assigned
by the U.S. Government, as specified in RFC 791.
Deprecated Abbreviation: IDOCs SHOULD NOT use the abbreviation "H
field" because it is potentially ambiguous. Instead, use "Handling
Restrictions field".
$ handshake
(I) Protocol dialogue between two systems for identifying and
authenticating themselves to each other, or for synchronizing
their operations with each other.
$ Handshake Protocol
(I) /TLS/ The TLS Handshake Protocol consists of three parts
(i.e., subprotocols) that enable peer entities to agree upon
security parameters for the record layer, authenticate themselves
to each other, instantiate negotiated security parameters, and
report error conditions to each other. [R4346]
$ harden
(I) To protect a system by configuring it to operate in a way that
eliminates or mitigates known vulnerabilities. Example: [RSCG].
(See: default account.)
$ hardware
(I) The material physical components of an information system.
(See: firmware, software.)
$ hardware error
(I) /threat action/ See: secondary definitions under "corruption",
"exposure", and "incapacitation".
$ hardware token
See: token.
$ hash code
(D) Synonym for "hash result" or "hash function".
Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts
in a potentially misleading way. A hash result is not a "code",
and a hash function does not "encode" in any sense defined by this
glossary. (See: hash value, message digest.)
$ hash function
1. (I) A function H that maps an arbitrary, variable-length bit
string, s, into a fixed-length string, h = H(s) (called the "hash
result"). For most computing applications, it is desirable that
given a string s with H(s) = h, any change to s that creates a
different string s' will result in an unpredictable hash result
H(s') that is, with high probability, not equal to H(s).
2. (O) "A (mathematical) function which maps values from a large
(possibly very large) domain into a smaller range. A 'good' hash
function is such that the results of applying the function to a
(large) set of values in the domain will be evenly distributed
(and apparently at random) over the range." [X509]
Tutorial: A hash function operates on variable-length input (e.g.,
a message or a file) and outputs a fixed-length output, which
typically is much shorter than most input values. If the algorithm
is "good" as described in the "O" definition, then the hash
function may be a candidate for use in a security mechanism to
detect accidental changes in data, but not necessarily for a
mechanism to detect changes made by active wiretapping. (See:
Tutorial under "checksum".)
Security mechanisms require a "cryptographic hash function" (e.g.,
MD2, MD4, MD5, SHA-1, Snefru), i.e., a good hash function that
also has the one-way property and one of the two collision-free
properties:
- "One-way property": Given H and a hash result h = H(s), it is
hard (i.e., computationally infeasible, "impossible") to find
s. (Of course, given H and an input s, it must be relatively
easy to compute the hash result H(s).)
- "Weakly collision-free property": Given H and an input s, it is
hard (i.e., computationally infeasible, "impossible") to find a
different input, s', such that H(s) = H(s').
- "Strongly collision-free property": Given H, it is hard to find
any pair of inputs s and s' such that H(s) = H(s').
If H produces a hash result N bits long, then to find an s' where
H(s') = H(s) for a specific given s, the amount of computation
required is O(2**n); i.e., it is necessary to try on the order of
2 to the power n values of s' before finding a collision. However,
to simply find any pair of values s and s' that collide, the
amount of computation required is only O(2**(n/2)); i.e., after
computing H(s) for 2 to the power n/2 randomly chosen values of s,
the probability is greater than 1/2 that two of those values have
the same hash result. (See: birthday attack.)
$ hash result
1. (I) The output of a hash function. (See: hash code, hash value.
Compare: hash value.)
2. (O) "The output produced by a hash function upon processing a
message" (where "message" is broadly defined as "a digital
representation of data"). [DSG]
Usage: IDOCs SHOULD avoid the unusual usage of "message" that is
seen in the "O" definition.
$ hash value
(D) Synonym for "hash result".
Deprecated Term: IDOCs SHOULD NOT use this term for the output of
a hash function; the term could easily be confused with "hashed
value", which means the input to a hash function. (See: hash code,
hash result, message digest.)
$ HDM
(O) See: Hierarchical Development Methodology.
$ Hierarchical Development Methodology (HDM)
(O) A methodology, language, and integrated set of software tools
developed at SRI International for specifying, coding, and
verifying software to produce correct and reliable programs.
[Cheh]
$ hierarchical PKI
(I) A PKI architecture based on a certification hierarchy.
(Compare: mesh PKI, trust-file PKI.)
$ hierarchy management
(I) The process of generating configuration data and issuing
public-key certificates to build and operate a certification
hierarchy. (See: certificate management.)
$ hierarchy of trust
(D) Synonym for "certification hierarchy".
Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts
in a potentially misleading way. (See: certification hierarchy,
trust, web of trust.)
$ high-assurance guard
(O) "An oxymoron," said Lt. Gen. William H. Campbell, former U.S.
Army chief information officer, speaking at an Armed Forces
Communications and Electronics Association conference.
Usage: IDOCs that use this term SHOULD state a definition for it
because the term mixes concepts and could easily be misunderstood.
$ hijack attack
(I) A form of active wiretapping in which the attacker seizes
control of a previously established communication association.
(See: man-in-the-middle attack, pagejacking, piggyback attack.)
$ HIPAA
(N) Health Information Portability and Accountability Act of 1996,
a U.S. law (Public Law 104-191) that is intended to protect the
privacy of patients' medical records and other health information
in all forms, and mandates security for that information,
including for its electronic storage and transmission.
$ HMAC
(I) A keyed hash [R2104] that can be based on any iterated
cryptographic hash (e.g., MD5 or SHA-1), so that the cryptographic
strength of HMAC depends on the properties of the selected
cryptographic hash. (See: [R2202, R2403, R2404].)
Derivation: Hash-based MAC. (Compare: CMAC.)
Tutorial: Assume that H is a generic cryptographic hash in which a
function is iterated on data blocks of length B bytes. L is the
length of the of hash result of H. K is a secret key of length L
<= K <= B. The values IPAD and OPAD are fixed strings used as
inner and outer padding and defined as follows: IPAD = the byte
0x36 repeated B times, and OPAD = the byte 0x5C repeated B times.
HMAC is computed by H(K XOR OPAD, H(K XOR IPAD, inputdata)).
HMAC has the following goals:
- To use available cryptographic hash functions without
modification, particularly functions that perform well in
software and for which software is freely and widely available.
- To preserve the original performance of the selected hash
without significant degradation.
- To use and handle keys in a simple way.
- To have a well-understood cryptographic analysis of the
strength of the mechanism based on reasonable assumptions about
the underlying hash function.
- To enable easy replacement of the hash function in case a
faster or stronger hash is found or required.
$ honey pot
(N) A system (e.g., a web server) or system resource (e.g., a file
on a server) that is designed to be attractive to potential
crackers and intruders, like honey is attractive to bears. (See:
entrapment.)
Usage: It is likely that other cultures use different metaphors
for this concept. Therefore, to avoid international
misunderstanding, an IDOC SHOULD NOT use this term without
providing a definition for it. (See: Deprecated Usage under "Green
Book".)
$ host
1. (I) /general/ A computer that is attached to a communication
subnetwork or internetwork and can use services provided by the
network to exchange data with other attached systems. (See: end
system. Compare: server.)
2. (I) /IPS/ A networked computer that does not forward IP packets
that are not addressed to the computer itself. (Compare: router.)
Derivation: As viewed by its users, a host "entertains" them,
providing Application-Layer services or access to other computers
attached to the network. However, even though some traditional
peripheral service devices, such as printers, can now be
independently connected to networks, they are not usually called
hosts.
$ HTML
(I) See: Hypertext Markup Language.
$ HTTP
(I) See: Hypertext Transfer Protocol.
$ https
(I) When used in the first part of a URL (the part that precedes
the colon and specifies an access scheme or protocol), this term
specifies the use of HTTP enhanced by a security mechanism, which
is usually SSL. (Compare: S-HTTP.)
$ human error
(I) /threat action/ See: secondary definitions under "corruption",
"exposure", and "incapacitation".
$ hybrid encryption
(I) An application of cryptography that combines two or more
encryption algorithms, particularly a combination of symmetric and
asymmetric encryption. Examples: digital envelope, MSP, PEM, PGP.
(Compare: superencryption.)
Tutorial: Asymmetric algorithms require more computation than
equivalently strong symmetric ones. Thus, asymmetric encryption is
not normally used for data confidentiality except to distribute a
symmetric key in a hybrid encryption scheme, where the symmetric
key is usually very short (in terms of bits) compared to the data
file it protects. (See: bulk key.)
$ hyperlink
(I) In hypertext or hypermedia, an information object (such as a
word, a phrase, or an image, which usually is highlighted by color
or underscoring) that points (i.e., indicates how to connect) to
related information that is located elsewhere and can be retrieved
by activating the link (e.g., by selecting the object with a mouse
pointer and then clicking).
$ hypermedia
(I) A generalization of hypertext; any media that contain
hyperlinks that point to material in the same or another data
object.
$ hypertext
(I) A computer document, or part of a document, that contains
hyperlinks to other documents; i.e., text that contains active
pointers to other text. Usually written in HTML and accessed using
a web browser. (See: hypermedia.)
$ Hypertext Markup Language (HTML)
(I) A platform-independent system of syntax and semantics (RFC
1866) for adding characters to data files (particularly text
files) to represent the data's structure and to point to related
data, thus creating hypertext for use in the World Wide Web and
other applications. (Compare: XML.)
$ Hypertext Transfer Protocol (HTTP)
(I) A TCP-based, Application-Layer, client-server, Internet
protocol (RFC 2616) that is used to carry data requests and
responses in the World Wide Web. (See: hypertext.)
$ IAB
(I) See: Internet Architecture Board.
$ IANA
(I) See: Internet Assigned Numbers Authority.
$ IATF
(O) See: Information Assurance Technical Framework.
$ ICANN
(I) See: Internet Corporation for Assigned Names and Numbers.
$ ICMP
(I) See: Internet Control Message Protocol.
$ ICMP flood
(I) A denial-of-service attack that sends a host more ICMP echo
request ("ping") packets than the protocol implementation can
handle. (See: flooding, smurf.)
$ ICRL
(N) See: indirect certificate revocation list.
$ IDEA
(N) See: International Data Encryption Algorithm.
$ identification
(I) An act or process that presents an identifier to a system so
that the system can recognize a system entity and distinguish it
from other entities. (See: authentication.)
$ identification information
(D) Synonym for "identifier"; synonym for "authentication
information". (See: authentication, identifying information.)
Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
either of those terms; this term (a) is not as precise as they are
and (b) mixes concepts in a potentially misleading way. Instead,
use "identifier" or "authentication information", depending on
what is meant.
$ Identification Protocol
(I) A client-server Internet protocol [R1413] for learning the
identity of a user of a particular TCP connection.
Tutorial: Given a TCP port number pair, the server returns a
character string that identifies the owner of that connection on
the server's system. The protocol does not provide an
authentication service and is not intended for authorization or
access control. At best, it provides additional auditing
information with respect to TCP.
$ identifier
(I) A data object -- often, a printable, non-blank character
string -- that definitively represents a specific identity of a
system entity, distinguishing that identity from all others.
(Compare: identity.)
Tutorial: Identifiers for system entities must be assigned very
carefully, because authenticated identities are the basis for
other security services, such as access control service.
$ identifier credential
1. (I) See: /authentication/ under "credential".
2. (D) Synonym for "signature certificate".
Usage: IDOCs that use this term SHOULD state a definition for it
because the term is used in many ways and could easily be
misunderstood.
$ identifying information
(D) Synonym for "identifier"; synonym for "authentication
information". (See: authentication, identification information.)
Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
either of those terms; this term (a) is not as precise as they are
and (b) mixes concepts in a potentially misleading way. Instead,
use "identifier" or "authentication information", depending on
what is meant.
$ identity
(I) The collective aspect of a set of attribute values (i.e., a
set of characteristics) by which a system user or other system
entity is recognizable or known. (See: authenticate, registration.
Compare: identifier.)
Usage: An IDOC MAY apply this term to either a single entity or a
set of entities. If an IDOC involves both meanings, the IDOC
SHOULD use the following terms and definitions to avoid ambiguity:
- "Singular identity": An identity that is registered for an
entity that is one person or one process.
- "Shared identity": An identity that is registered for an entity
that is a set of singular entities (1) in which each member is
authorized to assume the identity individually and (2) for
which the registering system maintains a record of the singular
entities that comprise the set. In this case, we would expect
each member entity to be registered with a singular identity
before becoming associated with the shared identity.
- "Group identity": An identity that is registered for an entity
(1) that is a set of entities (2) for which the registering
system does not maintain a record of singular entities that
comprise the set.
Tutorial: When security services are based on identities, two
properties are desirable for the set of attributes used to define
identities:
- The set should be sufficient to distinguish each entity from
all other entities, i.e., to represent each entity uniquely.
- The set should be sufficient to distinguish each identity from
any other identities of the same entity.
The second property is needed if a system permits an entity to
register two or more concurrent identities. Having two or more
identities for the same entity implies that the entity has two
separate justifications for registration. In that case, the set of
attributes used for identities must be sufficient to represent
multiple identities for a single entity.
Having two or more identities registered for the same entity is
different from concurrently associating two different identifiers
with the same identity, and also is different from a single
identity concurrently accessing the system in two different roles.
(See: principal, role-based access control.)
When an identity of a user is being registered in a system, the
system may require presentation of evidence that proves the
identity's authenticity (i.e., that the user has the right to
claim or use the identity) and its eligibility (i.e., that the
identity is qualified to be registered and needs to be
registered).
The following diagram illustrates how this term relates to some
other terms in a PKI system: authentication information,
identifier, identifier credential, registration, registered user,
subscriber, and user.
Relationships: === one-to-one, ==> one-to-many, <=> many-to-many.
+- - - - - - - - - - - - - - - - - - - - - - - - - - +
| PKI System |
+ - - - - + | +------------------+ +-------------------------+ |
| User, | | |Subscriber, i.e., | | Identity of Subscriber | |
|i.e., one| | | Registered User, | | is system-unique | |
| of the | | | is system-unique | | +---------------------+ | |
|following| | | +--------------+ | | | Subscriber | | |
| | | | | User's core | | | | Identity's | | |
| +-----+ |===| | Registration | |==>| | Registration data | | |
| |human| | | | | data, i.e., | | | |+-------------------+| | |
| |being| | | | | an entity's | | | || same core data || | |
| +-----+ | | | |distinguishing|========|for all Identities || | |
| or | | | | attribute | | | || of the same User || | |
| +-----+ | | | | values | | +===|+-------------------+| | |
| |auto-| | | | +--------------+ | | | +---------------------+ | |
| |mated| | | +------------------+ | +------------|------------+ |
| |pro- | | | | +=======+ | |
| |cess | | | +-------v----|----------------------|------------+ |
| +-----+ | | | +----------v---+ +------------v----------+ | |
| or | | | |Authentication|<===>|Identifier of Identity | | |
|+-------+| | | | Information | | is system-unique | | |
|| a set || | | +--------------+ +-----------------------+ | |
|| of || | | Identifier Credential that associates unit of | |
|| either|| | | Authentication Information with the Identifier | |
|+-------+| | +------------------------------------------------+ |
+ - - - - + + - - - - - - - - - - - - - - - - - - - - - - - - - -+
$ identity-based security policy
(I) "A security policy based on the identities and/or attributes
of users, a group of users, or entities acting on behalf of the
users and the resources/objects being accessed." [I7498-2] (See:
rule-based security policy.)
$ identity proofing
(I) A process that vets and verifies the information that is used
to establish the identity of a system entity. (See: registration.)
$ IDOC
(I) An abbreviation used in this Glossary to refer to a document
or other item of written material that is generated in the
Internet Standards Process (RFC 2026), i.e., an RFC, an Internet-
Draft, or some other item of discourse.
Deprecated Usage: This abbreviation SHOULD NOT be used in an IDOC
unless it is first defined in the IDOC because the abbreviation
was invented for this Glossary and is not widely known.
$ IDS
(I) See: intrusion detection system.
$ IEEE
(N) See: Institute of Electrical and Electronics Engineers, Inc.
$ IEEE 802.10
(N) An IEEE committee developing security standards for LANs.
(See: SILS.)
$ IEEE P1363
(N) An IEEE working group, Standard for Public-Key Cryptography,
engaged in developing a comprehensive reference standard for
asymmetric cryptography. Covers discrete logarithm (e.g., DSA),
elliptic curve, and integer factorization (e.g., RSA); and covers
key agreement, digital signature, and encryption.
$ IESG
(I) See: Internet Engineering Steering Group.
$ IETF
(I) See: Internet Engineering Task Force.
$ IKE
(I) See: IPsec Key Exchange.
$ IMAP4
(I) See: Internet Message Access Protocol, version 4.
$ IMAP4 AUTHENTICATE
(I) An IMAP4 command (better described as a transaction type, or
subprotocol) by which an IMAP4 client optionally proposes a
mechanism to an IMAP4 server to authenticate the client to the
server and provide other security services. (See: POP3.)
Tutorial: If the server accepts the proposal, the command is
followed by performing a challenge-response authentication
protocol and, optionally, negotiating a protection mechanism for
subsequent POP3 interactions. The security mechanisms that are
used by IMAP4 AUTHENTICATE -- including Kerberos, GSS-API, and
S/Key -- are described in [R1731].
$ impossible
(O) Cannot be done in any reasonable amount of time. (See: break,
brute force, strength, work factor.)
$ in the clear
(I) Not encrypted. (See: clear text.)
$ Ina Jo
(O) A methodology, language, and integrated set of software tools
developed at the System Development Corporation for specifying,
coding, and verifying software to produce correct and reliable
programs. Usage: a.k.a. the Formal Development Methodology. [Cheh]
$ incapacitation
(I) A type of threat action that prevents or interrupts system
operation by disabling a system component. (See: disruption.)
Usage: This type of threat action includes the following subtypes:
- "Malicious logic": In context of incapacitation, any hardware,
firmware, or software (e.g., logic bomb) intentionally
introduced into a system to destroy system functions or
resources. (See: corruption, main entry for "malicious logic",
masquerade, misuse.)
- "Physical destruction": Deliberate destruction of a system
component to interrupt or prevent system operation.
- "Human error": /incapacitation/ Action or inaction that
unintentionally disables a system component. (See: corruption,
exposure.)
- "Hardware or software error": /incapacitation/ Error that
unintentionally causes failure of a system component and leads
to disruption of system operation. (See: corruption, exposure.)
- "Natural disaster": /incapacitation/ Any "act of God" (e.g.,
fire, flood, earthquake, lightning, or wind) that disables a
system component. [FP031 Section 2]
$ incident
See: security incident.
$ INCITS
(N) See: "International Committee for Information Technology
Standardization" under "ANSI".
$ indicator
(N) An action -- either specific, generalized, or theoretical --
that an adversary might be expected to take in preparation for an
attack. [C4009] (See: "attack sensing, warning, and response".
Compare: message indicator.)
$ indirect attack
(I) See: secondary definition under "attack". Compare: direct
attack.
$ indirect certificate revocation list (ICRL)
(N) In X.509, a CRL that may contain certificate revocation
notifications for certificates issued by CAs other than the issuer
(i.e., signer) of the ICRL.
$ indistinguishability
(I) An attribute of an encryption algorithm that is a
formalization of the notion that the encryption of some string is
indistinguishable from the encryption of an equal-length string of
nonsense. (Compare: semantic security.)
$ inference
1. (I) A type of threat action that reasons from characteristics
or byproducts of communication and thereby indirectly accesses
sensitive data, but not necessarily the data contained in the
communication. (See: traffic analysis, signal analysis.)
2. (I) A type of threat action that indirectly gains unauthorized
access to sensitive information in a database management system by
correlating query responses with information that is already
known.
$ inference control
(I) Protection of data confidentiality against inference attack.
(See: traffic-flow confidentiality.)
Tutorial: A database management system containing N records about
individuals may be required to provide statistical summaries about
subsets of the population, while not revealing sensitive
information about a single individual. An attacker may try to
obtain sensitive information about an individual by isolating a
desired record at the intersection of a set of overlapping
queries. A system can attempt to prevent this by restricting the
size and overlap of query sets, distorting responses by rounding
or otherwise perturbing database values, and limiting queries to
random samples. However, these techniques may be impractical to
implement or use, and no technique is totally effective. For
example, restricting the minimum size of a query set -- that is,
not responding to queries for which there are fewer than K or more
than N-K records that satisfy the query -- usually cannot prevent
unauthorized disclosure. An attacker can pad small query sets with
extra records, and then remove the effect of the extra records.
The formula for identifying the extra records is called the
"tracker". [Denns]
$ INFOCON
(O) See: information operations condition
$ informal
(N) Expressed in natural language. [CCIB] (Compare: formal,
semiformal.)
$ information
1. (I) Facts and ideas, which can be represented (encoded) as
various forms of data.
2. (I) Knowledge -- e.g., data, instructions -- in any medium or
form that can be communicated between system entities.
Tutorial: Internet security could be defined simply as protecting
information in the Internet. However, the perceived need to use
different protective measures for different types of information
(e.g., authentication information, classified information,
collateral information, national security information, personal
information, protocol control information, sensitive compartmented
information, sensitive information) has led to the diversity of
terminology listed in this Glossary.
$ information assurance
(N) /U.S. Government/ "Measures that protect and defend
information and information systems by ensuring their availability
integrity, authentication, confidentiality, and non-repudiation.
These measures include providing for restoration of information
systems by incorporating protection, detection, and reaction
capabilities." [C4009]
$ Information Assurance Technical Framework (IATF)
(O) A publicly available document [IATF], developed through a
collaborative effort by organizations in the U.S. Government and
industry, and issued by NSA. Intended for security managers and
system security engineers as a tutorial and reference document
about security problems in information systems and networks, to
improve awareness of tradeoffs among available technology
solutions and of desired characteristics of security approaches
for particular problems. (See: ISO 17799, [SP14].)
$ information domain
(O) See: secondary definition under "domain".
$ information domain security policy
(O) See: secondary definition under "domain".
$ information flow policy
(N) /formal model/ A triple consisting of a set of security levels
(or their equivalent security labels), a binary operator that maps
each pair of security levels into a security level, and a binary
relation on the set that selects a set of pairs of levels such
that information is permitted to flow from an object of the first
level to an object of the second level. (See: flow control,
lattice model.)
$ information operations condition (INFOCON)
(O) /U.S. DoD/ A comprehensive defense posture and response based
on the status of information systems, military operations, and
intelligence assessments of adversary capabilities and intent.
(See: threat)
Derivation: From DEFCON, i.e., defense condition.
Tutorial: The U.S. DoD defines five INFOCON levels: NORMAL (normal
activity), ALPHA (increased risk of attack), BRAVO (specific risk
of attack), CHARLIE (limited attack), and DELTA (general attack).
$ information security (INFOSEC)
(N) Measures that implement and assure security services in
information systems, including in computer systems (see: COMPUSEC)
and in communication systems (see: COMSEC).
$ information system
(I) An organized assembly of computing and communication resources
and procedures -- i.e., equipment and services, together with
their supporting infrastructure, facilities, and personnel -- that
create, collect, record, process, store, transport, retrieve,
display, disseminate, control, or dispose of information to
accomplish a specified set of functions. (See: system entity,
system resource. Compare: computer platform.)
$ Information Technology Security Evaluation Criteria (ITSEC)
(N) A Standard [ITSEC] jointly developed by France, Germany, the
Netherlands, and the United Kingdom for use in the European Union;
accommodates a wider range of security assurance and functionality
combinations than the TCSEC. Superseded by the Common Criteria.
$ INFOSEC
(I) See: information security.
$ ingress filtering
(I) A method [R2827] for countering attacks that use packets with
false IP source addresses, by blocking such packets at the
boundary between connected networks.
Tutorial: Suppose network A of an internet service provider (ISP)
includes a filtering router that is connected to customer network
B, and an attacker in B at IP source address "foo" attempts to
send packets with false source address "bar" into A. The false
address may be either fixed or randomly changing, and it may
either be unreachable or be a forged address that legitimately
exists within either B or some other network C. In ingress
filtering, the ISP's router blocks all inbound packet that arrive
from B with a source address that is not within the range of
legitimately advertised addresses for B. This method does not
prevent all attacks that can originate from B, but the actual
source of such attacks can be more easily traced because the
originating network is known.
$ initialization value (IV)
(I) /cryptography/ An input parameter that sets the starting state
of a cryptographic algorithm or mode. (Compare: activation data.)
Tutorial: An IV can be used to synchronize one cryptographic
process with another; e.g., CBC, CFB, and OFB use IVs. An IV also
can be used to introduce cryptographic variance (see: salt)
besides that provided by a key.
$ initialization vector
(D) /cryptography/ Synonym for "initialization value".
Deprecated Term: To avoid international misunderstanding, IDOCs
SHOULD NOT use this term in the context of cryptography because
most dictionary definitions of "vector" includes a concept of
direction or magnitude, which are irrelevant to cryptographic use.
$ insertion
1. (I) /packet/ See: secondary definition under "stream integrity
service".
2. (I) /threat action/ See: secondary definition under
"falsification".
$ inside attack
(I) See: secondary definition under "attack". Compare: insider.
$ insider
1. (I) A user (usually a person) that accesses a system from a
position that is inside the system's security perimeter. (Compare:
authorized user, outsider, unauthorized user.)
Tutorial: An insider has been assigned a role that has more
privileges to access system resources than do some other types of
users, or can access those resources without being constrained by
some access controls that are applied to outside users. For
example, a salesclerk is an insider who has access to the cash
register, but a store customer is an outsider.
The actions performed by an insider in accessing the system may be
either authorized or unauthorized; i.e., an insider may act either
as an authorized user or as an unauthorized user.
2. (O) A person with authorized physical access to the system.
Example: In this sense, an office janitor is an insider, but a
burglar or casual visitor is not. [NRC98]
3. (O) A person with an organizational status that causes the
system or members of the organization to view access requests as
being authorized. Example: In this sense, a purchasing agent is an
insider but a vendor is not. [NRC98]
$ inspectable space
(O) /EMSEC/ "Three-dimensional space surrounding equipment that
process classified and/or sensitive information within which
TEMPEST exploitation is not considered practical or where legal
authority to identify and/or remove a potential TEMPEST
exploitation exists." [C4009] (Compare: control zone, TEMPEST
zone.)
$ Institute of Electrical and Electronics Engineers, Inc. (IEEE)
(N) The IEEE is a not-for-profit association of approximately
300,000 individual members in 150 countries. The IEEE produces
nearly one third of the world's published literature in electrical
engineering, computers, and control technology; holds hundreds of
major, annual conferences; and maintains more than 800 active
standards, with many more under development. (See: SILS.)
$ integrity
See: data integrity, datagram integrity service, correctness
integrity, source integrity, stream integrity service, system
integrity.
$ integrity check
(D) A computation that is part of a mechanism to provide data
integrity service or data origin authentication service. (Compare:
checksum.)
Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
"cryptographic hash" or "protected checksum". This term
unnecessarily duplicates the meaning of other, well-established
terms; this term only mentions integrity, even though the intended
service may be data origin authentication; and not every checksum
is cryptographically protected.
$ integrity label
(I) A security label that tells the degree of confidence that may
be placed in the data, and may also tell what countermeasures are
required to be applied to protect the data from alteration and
destruction. (See: integrity. Compare: classification label.)
$ intelligent threat
(I) A circumstance in which an adversary has the technical and
operational ability to detect and exploit a vulnerability and also
has the demonstrated, presumed, or inferred intent to do so. (See:
threat.)
$ interception
(I) A type of threat action whereby an unauthorized entity
directly accesses sensitive data while the data is traveling
between authorized sources and destinations. (See: unauthorized
disclosure.)
Usage: This type of threat action includes the following subtypes:
- "Theft": Gaining access to sensitive data by stealing a
shipment of a physical medium, such as a magnetic tape or disk,
that holds the data.
- "Wiretapping (passive)": Monitoring and recording data that is
flowing between two points in a communication system. (See:
wiretapping.)
- "Emanations analysis": Gaining direct knowledge of communicated
data by monitoring and resolving a signal that is emitted by a
system and that contains the data but was not intended to
communicate the data. (See: emanation.)
$ interference
(I) /threat action/ See: secondary definition under "obstruction".
$ intermediate CA
(D) The CA that issues a cross-certificate to another CA. [X509]
(See: cross-certification.)
Deprecated Term: IDOCs SHOULD NOT use this term because it is not
widely known and mixes concepts in a potentially misleading way.
For example, suppose that end entity 1 ("EE1) is in one PKI
("PKI1"), end entity 2 ("EE2) is in another PKI ("PKI2"), and the
root in PKI1 ("CA1") cross-certifies the root CA in PKI2 ("CA2").
Then, if EE1 constructs the certification path CA1-to-CA2-to-EE2
to validate a certificate of EE2, conventional English usage would
describe CA2 as being in the "intermediate" position in that path,
not CA1.
$ internal controls
(I) /COMPUSEC/ Functions, features, and technical characteristics
of computer hardware and software, especially of operating
systems. Includes mechanisms to regulate the operation of a
computer system with regard to access control, flow control, and
inference control. (Compare: external controls.)
$ International Data Encryption Algorithm (IDEA)
(N) A patented, symmetric block cipher that uses a 128-bit key and
operates on 64-bit blocks. [Schn] (See: symmetric cryptography.)
$ International Standard
(N) See: secondary definition under "ISO".
$ International Traffic in Arms Regulations (ITAR)
(O) Rules issued by the U.S. State Department, by authority of the
Arms Export Control Act (22 U.S.C. 2778), to control export and
import of defense articles and defense services, including
information security systems, such as cryptographic systems, and
TEMPEST suppression technology. (See: type 1 product, Wassenaar
Arrangement.)
$ internet, Internet
1. (I) /not capitalized/ Abbreviation of "internetwork".
2. (I) /capitalized/ The Internet is the single, interconnected,
worldwide system of commercial, governmental, educational, and
other computer networks that share (a) the protocol suite
specified by the IAB (RFC 2026) and (b) the name and address
spaces managed by the ICANN. (See: Internet Layer, Internet
Protocol Suite.)
Usage: Use with definite article ("the") when using as a noun. For
example, say "My LAN is small, but the Internet is large." Don't
say "My LAN is small, but Internet is large."
$ Internet Architecture Board (IAB)
(I) A technical advisory group of the ISOC, chartered by the ISOC
Trustees to provide oversight of Internet architecture and
protocols and, in the context of Internet Standards, a body to
which decisions of the IESG may be appealed. Responsible for
approving appointments to the IESG from among nominees submitted
by the IETF nominating committee. (RFC 2026)
$ Internet Assigned Numbers Authority (IANA)
(I) From the early days of the Internet, the IANA was chartered by
the ISOC and the U.S. Government's Federal Network Council to be
the central coordination, allocation, and registration body for
parameters for Internet protocols. Superseded by ICANN.
$ Internet Control Message Protocol (ICMP)
(I) An Internet Standard protocol (RFC 792) that is used to report
error conditions during IP datagram processing and to exchange
other information concerning the state of the IP network.
$ Internet Corporation for Assigned Names and Numbers (ICANN)
(I) The non-profit, private corporation that has assumed
responsibility for the IP address space allocation, protocol
parameter assignment, DNS management, and root server system
management functions formerly performed under U.S. Government
contract by IANA and other entities.
Tutorial: The IPS, as defined by the IETF and the IESG, contains
numerous parameters, such as Internet addresses, domain names,
autonomous system numbers, protocol numbers, port numbers,
management information base OIDs, including private enterprise
numbers, and many others. The Internet community requires that the
values used in these parameter fields be assigned uniquely. ICANN
makes those assignments as requested and maintains a registry of
the current values.
ICANN was formed in October 1998, by a coalition of the Internet's
business, technical, and academic communities. The U.S. Government
designated ICANN to serve as the global consensus entity with
responsibility for coordinating four key functions for the
Internet: allocation of IP address space, assignment of protocol
parameters, management of the DNS, and management of the DNS root
server system.
$ Internet-Draft
(I) A working document of the IETF, its areas, and its working
groups. (RFC 2026) (Compare: RFC.)
Usage: The term is customarily hyphenated when used either as a
adjective or a noun, even though the latter is not standard
English punctuation.
Tutorial: An Internet-Draft is not an archival document like an
RFC is. Instead, an Internet-Draft is a preliminary or working
document that is valid for a maximum of six months and may be
updated, replaced, or made obsolete by other documents at any
time. It is inappropriate to use an Internet-Draft as reference
material or to cite it other than as a "work in progress".
Although most of the Internet-Drafts are produced by the IETF, any
interested organization may request to have its working documents
published as Internet-Drafts.
$ Internet Engineering Steering Group (IESG)
(I) The part of the ISOC responsible for technical management of
IETF activities and administration of the Internet Standards
Process according to procedures approved by the ISOC Trustees.
Directly responsible for actions along the "standards track",
including final approval of specifications as Internet Standards.
Composed of IETF Area Directors and the IETF chairperson, who also
chairs the IESG. (RFC 2026)
$ Internet Engineering Task Force (IETF)
(I) A self-organized group of people who make contributions to the
development of Internet technology. The principal body engaged in
developing Internet Standards, although not itself a part of the
ISOC. Composed of Working Groups, which are arranged into Areas
(such as the Security Area), each coordinated by one or more Area
Directors. Nominations to the IAB and the IESG are made by a
committee selected at random from regular IETF meeting attendees
who have volunteered. (RFCs 2026, 3935) [R2323]
$ Internet Key Exchange (IKE)
(I) An Internet, IPsec, key-establishment protocol [R4306] for
putting in place authenticated keying material (a) for use with
ISAKMP and (b) for other security associations, such as in AH and
ESP.
Tutorial: IKE is based on three earlier protocol designs: ISAKMP,
OAKLEY, and SKEME.
$ Internet Layer
(I) See: Internet Protocol Suite.
$ Internet Message Access Protocol, version 4 (IMAP4)
(I) An Internet protocol (RFC 2060) by which a client workstation
can dynamically access a mailbox on a server host to manipulate
and retrieve mail messages that the server has received and is
holding for the client. (See: POP3.)
Tutorial: IMAP4 has mechanisms for optionally authenticating a
client to a server and providing other security services. (See:
IMAP4 AUTHENTICATE.)
$ Internet Open Trading Protocol (IOTP)
(I) An Internet protocol [R2801] proposed as a general framework
for Internet commerce, able to encapsulate transactions of various
proprietary payment systems (e.g., GeldKarte, Mondex, SET, Visa
Cash). Provides optional security services by incorporating
various Internet security mechanisms (e.g., MD5) and protocols
(e.g., TLS).
$ Internet Policy Registration Authority (IPRA)
(I) An X.509-compliant CA that is the top CA of the Internet
certification hierarchy operated under the auspices of the ISOC
[R1422]. (See: /PEM/ under "certification hierarchy".)
$ Internet Private Line Interface (IPLI)
(O) A successor to the PLI, updated to use TCP/IP and newer
military-grade COMSEC equipment (TSEC/KG-84). The IPLI was a
portable, modular system that was developed for use in tactical,
packet-radio networks. (See: end-to-end encryption.)
$ Internet Protocol (IP)
(I) An Internet Standard, Internet-Layer protocol that moves
datagrams (discrete sets of bits) from one computer to another
across an internetwork but does not provide reliable delivery,
flow control, sequencing, or other end-to-end services that TCP
provides. IP version 4 (IPv4) is specified in RFC 791, and IP
version 6 (IPv6) is specified in RFC 2460. (See: IP address,
TCP/IP.)
Tutorial: If IP were used in an OSIRM stack, IP would be placed at
the top of Layer 3, above other Layer 3 protocols in the stack.
In any IPS stack, IP is always present in the Internet Layer and
is always placed at the top of that layer, on top of any other
protocols that are used in that layer. In some sense, IP is the
only protocol specified for the IPS Internet Layer; other
protocols used there, such as AH and ESP, are just IP variations.
$ Internet Protocol security
See: IP Security Protocol.
(next page on part 7)
