RFC 4949
Internet Security Glossary, Version 2
$ Internet Protocol Security Option (IPSO)
(I) Refers to one of three types of IP security options, which are
fields that may be added to an IP datagram for carrying security
information about the datagram. (Compare: IPsec.)
Deprecated Usage: IDOCs SHOULD NOT use this term without a
modifier to indicate which of the following three types is meant:
- "DoD Basic Security Option" (IP option type 130): Defined for
use on U.S. DoD common-use data networks. Identifies the DoD
classification level at which the datagram is to be protected
and the protection authorities whose rules apply to the
datagram. (A "protection authority" is a National Access
Program (e.g., GENSER, SIOP-ESI, SCI, NSA, Department of
Energy) or Special Access Program that specifies protection
rules for transmission and processing of the information
contained in the datagram.) [R1108]
- "DoD Extended Security Option" (IP option type 133): Permits
additional security labeling information, beyond that present
in the Basic Security Option, to be supplied in the datagram to
meet the needs of registered authorities. [R1108]
- "Common IP Security Option" (CIPSO) (IP option type 134):
Designed by TSIG to carry hierarchic and non-hierarchic
security labels. (Formerly called "Commercial IP Security
Option"; a version 2.3 draft was published 9 March 1993 as an
Internet-Draft but did not advance to RFC form.) [CIPSO]
$ Internet Protocol Suite (IPS)
(I) The set of network communication protocols that are specified
by the IETF, and approved as Internet Standards by the IESG,
within the oversight of the IAB. (See: OSIRM Security
Architecture. Compare: OSIRM.)
Usage: This set of protocols is popularly known as "TCP/IP"
because TCP and IP are its most basic and important components.
For clarity, this Glossary refers to IPS protocol layers by name
and capitalizes those names, and refers to OSIRM protocol layers
by number.
Tutorial: The IPS does have architectural principles [R1958], but
there is no Internet Standard that defines a layered IPS reference
model like the OSIRM. Still, Internet community literature has
referred (inconsistently) to IPS layers since early in the
Internet's development [Padl].
This Glossary treats the IPS as having five protocol layers --
Application, Transport, Internet, Network Interface, and Network
Hardware (or Network Substrate) -- which are illustrated in the
following diagram:
OSIRM Layers Examples IPS Layers Examples
------------------ --------------- --------------- --------------
Message Format: P2 [X420] Message Format: ARPA (RFC 822)
+----------------+ +-------------+
|7.Application | P1 [X419] | Application | SMTP (RFC 821)
+----------------+ - - - - - - | |
|6.Presentation | [I8823] | |
+----------------+ - - - - - - | |
|5.Session | [I8327] +-------------+
+----------------+ - - - - - - | Transport | TCP (RFC 793)
|4.Transport | TP4 [I8073] | |
+----------------+ - - - - - - +-------------+
|3.Network | CLNP [I8473] | Internet | IP (RFC 791)
| | +-------------+
| | | Network | IP over IEEE
+----------------+ - - - - - - | Interface | 802 (RFC 1042)
|2.Data Link | +-------------+
| | LLC [I8802-2] - Network - The IPS does
| | MAC [I8802-3] - Hardware - not include
+----------------+ - (or Network - standards for
|1.Physical | Baseband - Substrate) - this layer.
+----------------+ Signaling [Stal] + - - - - - - +
The diagram approximates how the five IPS layers align with the
seven OSIRM layers, and it offers examples of protocol stacks that
provide roughly equivalent electronic mail service over a private
LAN that uses baseband signaling.
- IPS Application Layer: The user runs an application program.
The program selects the data transport service it needs --
either a sequence of data messages or a continuous stream of
data -- and hands application data to the Transport Layer for
delivery.
- IPS Transport Layer: This layer divides application data into
packets, adds a destination address to each, and communicates
them end-to-end -- from one application program to another --
optionally regulating the flow and ensuring reliable (error-
free and sequenced) delivery.
- IPS Internet Layer: This layer carries transport packets in IP
datagrams. It moves each datagram independently, from its
source computer to its addressed destination computer, routing
the datagram through a sequence of networks and relays and
selecting appropriate network interfaces en route.
- IPS Network Interface Layer: This layer accepts datagrams for
transmission over a specific network. This layer specifies
interface conventions for carrying IP over OSIRM Layer 3
protocols and over Media Access Control sublayer protocols of
OSIRM Layer 2. An example is IP over IEEE 802 (RFD 1042).
- IPS Network Hardware Layer: This layer consists of specific,
physical communication media. However, the IPS does not specify
its own peer-to-peer protocols in this layer. Instead, the
layering conventions specified by the Network Interface Layer
use Layer 2 and Layer 3 protocols that are specified by bodies
other than the IETF. That is, the IPS addresses *inter*-network
functions and does not address *intra*-network functions.
The two models are most dissimilar in the upper layers, where the
IPS model does not include Session and Presentation layers.
However, this omission causes fewer functional differences between
the models than might be imagined, and the differences have
relatively few security implications:
- Formal separation of OSIRM Layers 5, 6, and 7 is not needed in
implementations; the functions of these layers sometimes are
mixed in a single software unit, even in protocols in the OSI
suite.
- Some OSIRM Layer 5 services -- for example, connection
termination -- are built into TCP, and the remaining Layer 5
and 6 functions are built into IPS Application-Layer protocols
where needed.
- The OSIRM does not place any security services in Layer 5 (see:
OSIRM Security Architecture).
- The lack of an explicit Presentation Layer in the IPS sometimes
makes it simpler to implement security in IPS applications. For
example, a primary function of Layer 6 is to convert data
between internal and external forms, using a transfer syntax to
unambiguously encode data for transmission. If an OSIRM
application encrypts data to protect against disclosure during
transmission, the transfer encoding must be done before the
encryption. If an application does encryption, as is done in
OSI message handling and directory service protocols, then
Layer 6 functions must be replicated in Layer 7. [X400, X500].
The two models are most alike at the top of OSIRM Layer 3, where
the OSI Connectionless Network Layer Protocol (CLNP) and the IPS
IP are quite similar. Connection-oriented security services
offered in OSIRM Layer 3 are inapplicable in the IPS, because the
IPS Internet Layer lacks the explicit, connection-oriented service
offered in the OSIRM.
$ Internet Security Association and Key Management Protocol (ISAKMP)
(I) An Internet IPsec protocol [R2408] to negotiate, establish,
modify, and delete security associations, and to exchange key
generation and authentication data, independent of the details of
any specific key generation technique, key establishment protocol,
encryption algorithm, or authentication mechanism.
Tutorial: ISAKMP supports negotiation of security associations for
protocols at all IPS layers. By centralizing management of
security associations, ISAKMP reduces duplicated functionality
within each protocol. ISAKMP can also reduce connection setup
time, by negotiating a whole stack of services at once. Strong
authentication is required on ISAKMP exchanges, and a digital
signature algorithm based on asymmetric cryptography is used
within ISAKMP's authentication component.
ISAKMP negotiations are conducted in two "phases":
- "Phase 1 negotiation". A phase 1 negotiation establishes a
security association to be used by ISAKMP to protect its own
protocol operations.
- "Phase 2 negotiation". A phase 2 negotiation (which is
protected by a security association that was established by a
phase 1 negotiation) establishes a security association to be
used to protect the operations of a protocol other than ISAKMP,
such as ESP.
$ Internet Society (ISOC)
(I) A professional society concerned with Internet development
(including technical Internet Standards); with how the Internet is
and can be used; and with social, political, and technical issues
that result. The ISOC Board of Trustees approves appointments to
the IAB from among nominees submitted by the IETF nominating
committee. (RFC 2026)
$ Internet Standard
(I) A specification, approved by the IESG and published as an RFC,
that is stable and well-understood, is technically competent, has
multiple, independent, and interoperable implementations with
substantial operational experience, enjoys significant public
support, and is recognizably useful in some or all parts of the
Internet. (RFC 2026) (Compare: RFC.)
Tutorial: The "Internet Standards Process" is an activity of the
ISOC and is organized and managed by the IAB and the IESG. The
process is concerned with all protocols, procedures, and
conventions used in or by the Internet, whether or not they are
part of the IPS. The "Internet Standards Track" has three levels
of increasing maturity: Proposed Standard, Draft Standard, and
Standard. (Compare: ISO, W3C.)
$ internetwork
(I) A system of interconnected networks; a network of networks.
Usually shortened to "internet". (See: internet, Internet.)
Tutorial: An internet can be built using OSIRM Layer 3 gateways to
implement connections between a set of similar subnetworks. With
dissimilar subnetworks, i.e., subnetworks that differ in the Layer
3 protocol service they offer, an internet can be built by
implementing a uniform internetwork protocol (e.g., IP) that
operates at the top of Layer 3 and hides the underlying
subnetworks' heterogeneity from hosts that use communication
services provided by the internet. (See: router.)
$ intranet
(I) A computer network, especially one based on Internet
technology, that an organization uses for its own internal (and
usually private) purposes and that is closed to outsiders. (See:
extranet, VPN.)
$ intruder
(I) An entity that gains or attempts to gain access to a system or
system resource without having authorization to do so. (See:
intrusion. Compare: adversary, cracker, hacker.)
$ intrusion
1. (I) A security event, or a combination of multiple security
events, that constitutes a security incident in which an intruder
gains, or attempts to gain, access to a system or system resource
without having authorization to do so. (See: IDS.)
2. (I) A type of threat action whereby an unauthorized entity
gains access to sensitive data by circumventing a system's
security protections. (See: unauthorized disclosure.)
Usage: This type of threat action includes the following subtypes:
- "Trespass": Gaining physical access to sensitive data by
circumventing a system's protections.
- "Penetration": Gaining logical access to sensitive data by
circumventing a system's protections.
- "Reverse engineering": Acquiring sensitive data by
disassembling and analyzing the design of a system component.
- "Cryptanalysis": Transforming encrypted data into plain text
without having prior knowledge of encryption parameters or
processes. (See: main entry for "cryptanalysis".)
$ intrusion detection
(I) Sensing and analyzing system events for the purpose of
noticing (i.e., becoming aware of) attempts to access system
resources in an unauthorized manner. (See: anomaly detection, IDS,
misuse detection. Compare: extrusion detection.) [IDSAN, IDSSC,
IDSSE, IDSSY]
Usage: This includes the following subtypes:
- "Active detection": Real-time or near-real-time analysis of
system event data to detect current intrusions, which result in
an immediate protective response.
- "Passive detection": Off-line analysis of audit data to detect
past intrusions, which are reported to the system security
officer for corrective action. (Compare: security audit.)
$ intrusion detection system (IDS)
1. (N) A process or subsystem, implemented in software or
hardware, that automates the tasks of (a) monitoring events that
occur in a computer network and (b) analyzing them for signs of
security problems. [SP31] (See: intrusion detection.)
2. (N) A security alarm system to detect unauthorized entry.
[DC6/9].
Tutorial: Active intrusion detection processes can be either host-
based or network-based:
- "Host-based": Intrusion detection components -- traffic sensors
and analyzers -- run directly on the hosts that they are
intended to protect.
- "Network-based": Sensors are placed on subnetwork components,
and analysis components run either on subnetwork components or
hosts.
$ invalidity date
(N) An X.509 CRL entry extension that "indicates the date at which
it is known or suspected that the [revoked certificate's private
key] was compromised or that the certificate should otherwise be
considered invalid." [X509].
Tutorial: This date may be earlier than the revocation date in the
CRL entry, and may even be earlier than the date of issue of
earlier CRLs. However, the invalidity date is not, by itself,
sufficient for purposes of non-repudiation service. For example,
to fraudulently repudiate a validly generated signature, a private
key holder may falsely claim that the key was compromised at some
time in the past.
$ IOTP
(I) See: Internet Open Trading Protocol.
$ IP
(I) See: Internet Protocol.
$ IP address
(I) A computer's internetwork address that is assigned for use by
IP and other protocols.
Tutorial: An IP version 4 address (RFC 791) has four 8-bit parts
and is written as a series of four decimal numbers separated by
periods. Example: The address of the host named "rosslyn.bbn.com"
is 192.1.7.10.
An IP version 6 address (RFC 2373) has eight 16-bit parts and is
written as eight hexadecimal numbers separated by colons.
Examples: 1080:0:0:0:8:800:200C:417A and
FEDC:BA98:7654:3210:FEDC:BA98:7654:3210.
$ IP Security Option
(I) See: Internet Protocol Security Option.
$ IP Security Protocol (IPsec)
1a. (I) The name of the IETF working group that is specifying an
architecture [R2401, R4301] and set of protocols to provide
security services for IP traffic. (See: AH, ESP, IKE, SAD, SPD.
Compare: IPSO.)
1b. (I) A collective name for the IP security architecture [R4301]
and associated set of protocols (primarily AH, ESP, and IKE).
Usage: In IDOCs that use the abbreviation "IPsec", the letters
"IP" SHOULD be in uppercase, and the letters "sec" SHOULD NOT.
Tutorial: The security services provided by IPsec include access
control service, connectionless data integrity service, data
origin authentication service, protection against replays
(detection of the arrival of duplicate datagrams, within a
constrained window), data confidentiality service, and limited
traffic-flow confidentiality. IPsec specifies (a) security
protocols (AH and ESP), (b) security associations (what they are,
how they work, how they are managed, and associated processing),
(c) key management (IKE), and (d) algorithms for authentication
and encryption. Implementation of IPsec is optional for IP version
4, but mandatory for IP version 6. (See: transport mode, tunnel
mode.)
$ IPLI
(I) See: Internet Private Line Interface.
$ IPRA
(I) See: Internet Policy Registration Authority.
$ IPS
(I) See: Internet Protocol Suite.
$ IPsec
(I) See: IP Security Protocol.
$ IPSO
(I) See: Internet Protocol Security Option.
$ ISAKMP
(I) See: Internet Security Association and Key Management
Protocol.
$ ISO
(I) International Organization for Standardization, a voluntary,
non-treaty, non-governmental organization, established in 1947,
with voting members that are designated standards bodies of
participating nations and non-voting observer organizations.
(Compare: ANSI, IETF, ITU-T, W3C.)
Tutorial: Legally, ISO is a Swiss, non-profit, private
organization. ISO and the IEC (the International Electrotechnical
Commission) form the specialized system for worldwide
standardization. National bodies that are members of ISO or IEC
participate in developing international standards through ISO and
IEC technical committees that deal with particular fields of
activity. Other international governmental and non-governmental
organizations, in liaison with ISO and IEC, also take part. (ANSI
is the U.S. voting member of ISO. ISO is a class D member of ITU-
T.)
The ISO standards development process has four levels of
increasing maturity: Working Draft (WD), Committee Draft (CD),
Draft International Standard (DIS), and International Standard
(IS). (Compare: "Internet Standards Track" under "Internet
Standard".) In information technology, ISO and IEC have a joint
technical committee, ISO/IEC JTC 1. DISs adopted by JTC 1 are
circulated to national bodies for voting, and publication as an IS
requires approval by at least 75% of the national bodies casting a
vote.
$ ISO 17799
(N) An International Standard that is a code of practice, derived
from Part 1 of British Standard 7799, for managing the security of
information systems in an organization. This standard does not
provide definitive or specific material on any security topic. It
provides general guidance on a wide variety of topics, but
typically does not go into depth. (See: IATF, [SP14].)
$ ISOC
(I) See: Internet Society.
$ issue
(I) /PKI/ Generate and sign a digital certificate (or a CRL) and,
usually, distribute it and make it available to potential
certificate users (or CRL users). (See: certificate creation.)
Usage: The term "issuing" is usually understood to refer not only
to creating a digital certificate (or a CRL) but also to making it
available to potential users, such as by storing it in a
repository or other directory or otherwise publishing it. However,
the ABA [DSG] explicitly limits this term to the creation process
and excludes any related publishing or distribution process.
$ issuer
1. (I) /certificate, CRL/ The CA that signs a digital certificate
or CRL.
Tutorial: An X.509 certificate always includes the issuer's name.
The name may include a common name value.
2. (O) /payment card, SET/ "The financial institution or its agent
that issues the unique primary account number to the cardholder
for the payment card brand." [SET2]
Tutorial: The institution that establishes the account for a
cardholder and issues the payment card also guarantees payment for
authorized transactions that use the card in accordance with card
brand regulations and local legislation. [SET1]
$ ITAR
(O) See: International Traffic in Arms Regulations.
$ ITSEC
(N) See: Information Technology System Evaluation Criteria.
$ ITU-T
(N) International Telecommunications Union, Telecommunication
Standardization Sector (formerly "CCITT"), a United Nations treaty
organization that is composed mainly of postal, telephone, and
telegraph authorities of the member countries and that publishes
standards called "Recommendations". (See: X.400, X.500.)
Tutorial: The Department of State represents the United States.
ITU-T works on many kinds of communication systems. ITU-T
cooperates with ISO on communication protocol standards, and many
Recommendations in that area are also published as an ISO standard
with an ISO name and number.
$ IV
(I) See: initialization value.
$ jamming
(N) An attack that attempts to interfere with the reception of
broadcast communications. (See: anti-jam, denial of service.
Compare: flooding.)
Tutorial: Jamming uses "interference" as a type of "obstruction"
intended to cause "disruption". Jamming a broadcast signal is
typically done by broadcasting a second signal that receivers
cannot separate from the first one. Jamming is mainly thought of
in the context of wireless communication, but also can be done in
some wired technologies, such as LANs that use contention
techniques to share a broadcast medium.
$ KAK
(D) See: key-auto-key. (Compare: KEK.)
$ KDC
(I) See: Key Distribution Center.
$ KEA
(N) See: Key Exchange Algorithm.
$ KEK
(I) See: key-encrypting key. (Compare: KAK.)
$ Kerberos
(I) A system developed at the Massachusetts Institute of
Technology that depends on passwords and symmetric cryptography
(DES) to implement ticket-based, peer entity authentication
service and access control service distributed in a client-server
network environment. [R4120, Stei] (See: realm.)
Tutorial: Kerberos was originally developed by Project Athena and
is named for the mythical three-headed dog that guards Hades. The
system architecture includes authentication servers and ticket-
granting servers that function as an ACC and a KDC.
RFC 4556 describes extensions to the Kerberos specification that
modify the initial authentication exchange between a client and
the KDC. The extensions employ public-key cryptography to enable
the client and KDC to mutually authenticate and establish shared,
symmetric keys that are used to complete the exchange. (See:
PKINIT.)
$ kernel
(I) A small, trusted part of a system that provides services on
which the other parts of the system depend. (See: security
kernel.)
$ Kernelized Secure Operating System (KSOS)
(O) An MLS computer operating system, designed to be a provably
secure replacement for UNIX Version 6, and consisting of a
security kernel, non-kernel security-related utility programs, and
optional UNIX application development and support environments.
[Perr]
Tutorial: KSOS-6 was the implementation on a SCOMP. KSOS-11 was
the implementation by Ford Aerospace and Communications
Corporation on the DEC PDP-11/45 and PDP-11/70 computers.
$ key
1a. (I) /cryptography/ An input parameter used to vary a
transformation function performed by a cryptographic algorithm.
(See: private key, public key, storage key, symmetric key, traffic
key. Compare: initialization value.)
1b. (O) /cryptography/ Used in singular form as a collective noun
referring to keys or keying material. Example: A fill device can
be used transfer key between two cryptographic devices.
2. (I) /anti-jam/ An input parameter used to vary a process that
determines patterns for an anti-jam measure. (See: frequency
hopping, spread spectrum.)
Tutorial: A key is usually specified as a sequence of bits or
other symbols. If a key value needs to be kept secret, the
sequence of symbols that comprise it should be random, or at least
pseudorandom, because that makes the key harder for an adversary
to guess. (See: brute-force attack, cryptanalysis, strength.)
$ key agreement (algorithm or protocol)
1. (I) A key establishment method (especially one involving
asymmetric cryptography) by which two or more entities, without
prior arrangement except a public exchange of data (such as public
keys), each can generate the same key value. That is, the method
does not send a secret from one entity to the other; instead, both
entities, without prior arrangement except a public exchange of
data, can compute the same secret value, but that value cannot be
computed by other, unauthorized entities. (See: Diffie-Hellman-
Merkle, key establishment, KEA, MQV. Compare: key transport.)
2. (O) "A method for negotiating a key value on line without
transferring the key, even in an encrypted form, e.g., the Diffie-
Hellman technique." [X509] (See: Diffie-Hellman-Merkle.)
3. (O) "The procedure whereby two different parties generate
shared symmetric keys such that any of the shared symmetric keys
is a function of the information contributed by all legitimate
participants, so that no party [alone] can predetermine the value
of the key." [A9042]
Example: A message originator and the intended recipient can each
use their own private key and the other's public key with the
Diffie-Hellman-Merkle algorithm to first compute a shared secret
value and, from that value, derive a session key to encrypt the
message.
$ key authentication
(N) "The assurance of the legitimate participants in a key
agreement [i.e., in a key-agreement protocol] that no non-
legitimate party possesses the shared symmetric key." [A9042]
$ key-auto-key (KAK)
(D) "Cryptographic logic [i.e., a mode of operation] using
previous key to produce key." [C4009, A1523] (See: CTAK,
/cryptographic operation/ under "mode".)
Deprecated Term: IDOCs SHOULD NOT use this term; it is neither
well-known nor precisely defined. Instead, use terms associated
with modes that are defined in standards, such as CBC, CFB, and
OFB.
$ key center
(I) A centralized, key-distribution process (used in symmetric
cryptography), usually a separate computer system, that uses
master keys (i.e., KEKs) to encrypt and distribute session keys
needed by a community of users.
Tutorial: An ANSI standard [A9017] defines two types of key
center: "key distribution center" and "key translation center".
$ key confirmation
(N) "The assurance [provided to] the legitimate participants in a
key establishment protocol that the [parties that are intended to
share] the symmetric key actually possess the shared symmetric
key." [A9042]
$ key distribution
(I) A process that delivers a cryptographic key from the location
where it is generated to the locations where it is used in a
cryptographic algorithm. (See: key establishment, key management.)
$ key distribution center (KDC)
1. (I) A type of key center (used in symmetric cryptography) that
implements a key-distribution protocol to provide keys (usually,
session keys) to two (or more) entities that wish to communicate
securely. (Compare: key translation center.)
2. (N) "COMSEC facility generating and distributing key in
electrical form." [C4009]
Tutorial: A KDC distributes keys to Alice and Bob, who (a) wish to
communicate with each other but do not currently share keys, (b)
each share a KEK with the KDC, and (c) may not be able to generate
or acquire keys by themselves. Alice requests the keys from the
KDC. The KDC generates or acquires the keys and makes two
identical sets. The KDC encrypts one set in the KEK it shares with
Alice, and sends that encrypted set to Alice. The KDC encrypts the
second set in the KEK it shares with Bob, and either (a) sends
that encrypted set to Alice for her to forward to Bob or (b) sends
it directly to Bob (although the latter option is not supported in
the ANSI standard [A9017]).
$ key encapsulation
(N) A key recovery technique for storing knowledge of a
cryptographic key by encrypting it with another key and ensuring
that only certain third parties called "recovery agents" can
perform the decryption operation to retrieve the stored key. Key
encapsulation typically permits direct retrieval of a secret key
used to provide data confidentiality. (Compare: key escrow.)
$ key-encrypting key (KEK)
(I) A cryptographic key that (a) is used to encrypt other keys
(either DEKs or other TEKs) for transmission or storage but (b)
(usually) is not used to encrypt application data. Usage:
Sometimes called "key-encryption key".
$ key escrow
(N) A key recovery technique for storing knowledge of a
cryptographic key or parts thereof in the custody of one or more
third parties called "escrow agents", so that the key can be
recovered and used in specified circumstances. (Compare: key
encapsulation.)
Tutorial: Key escrow is typically implemented with split knowledge
techniques. For example, the Escrowed Encryption Standard [FP185]
entrusts two components of a device-unique split key to separate
escrow agents. The agents provide the components only to someone
legally authorized to conduct electronic surveillance of
telecommunications encrypted by that specific device. The
components are used to reconstruct the device-unique key, and it
is used to obtain the session key needed to decrypt
communications.
$ key establishment (algorithm or protocol)
1. (I) A procedure that combines the key-generation and key-
distribution steps needed to set up or install a secure
communication association.
2. (I) A procedure that results in keying material being shared
among two or more system entities. [A9042, SP56]
Tutorial: The two basic techniques for key establishment are "key
agreement" and "key transport".
$ Key Exchange Algorithm (KEA)
(N) A key-agreement method [SKIP, R2773] that is based on the
Diffie-Hellman-Merkle algorithm and uses 1024-bit asymmetric keys.
(See: CAPSTONE, CLIPPER, FORTEZZA, SKIPJACK.)
Tutorial: KEA was developed by NSA and formerly classified at the
U.S. DoD "Secret" level. On 23 June 1998, the NSA announced that
KEA had been declassified.
$ key generation
(I) A process that creates the sequence of symbols that comprise a
cryptographic key. (See: key management.)
$ key generator
1. (I) An algorithm that uses mathematical rules to
deterministically produce a pseudorandom sequence of cryptographic
key values.
2. (I) An encryption device that incorporates a key-generation
mechanism and applies the key to plain text to produce cipher text
(e.g., by exclusive OR-ing (a) a bit-string representation of the
key with (b) a bit-string representation of the plaintext).
$ key length
(I) The number of symbols (usually stated as a number of bits)
needed to be able to represent any of the possible values of a
cryptographic key. (See: key space.)
$ key lifetime
1. (D) Synonym for "cryptoperiod".
Deprecated Definition: IDOCs SHOULD NOT use this term with
definition 1 because a key's cryptoperiod may be only a part of
the key's lifetime. A key could be generated at some time prior to
when its cryptoperiod begins and might not be destroyed (i.e.,
zeroized) until some time after its cryptoperiod ends.
2. (O) /MISSI/ An attribute of a MISSI key pair that specifies a
time span that bounds the validity period of any MISSI X.509
public-key certificate that contains the public component of the
pair. (See: cryptoperiod.)
$ key loader
(N) Synonym for "fill device".
$ key loading and initialization facility (KLIF)
(N) A place where ECU hardware is activated after being
fabricated. (Compare: CLEF.)
Tutorial: Before going to its KLIF, an ECU is not ready to be
fielded, usually because it is not yet able to receive DEKs. The
KLIF employs trusted processes to complete the ECU by installing
needed data such as KEKs, seed values, and, in some cases,
cryptographic software. After KLIF processing, the ECU is ready
for deployment.
$ key management
1a. (I) The process of handling keying material during its life
cycle in a cryptographic system; and the supervision and control
of that process. (See: key distribution, key escrow, keying
material, public-key infrastructure.)
Usage: Usually understood to include ordering, generating,
storing, archiving, escrowing, distributing, loading, destroying,
auditing, and accounting for the material.
1b. (O) /NIST/ "The activities involving the handling of
cryptographic keys and other related security parameters (e.g.,
IVs, counters) during the entire life cycle of the keys, including
their generation, storage, distribution, entry and use, deletion
or destruction, and archiving." [FP140, SP57]
2. (O) /OSIRM/ "The generation, storage, distribution, deletion,
archiving and application of keys in accordance with a security
policy." [I7498-2]
$ Key Management Protocol (KMP)
(N) A protocol to establish a shared symmetric key between a pair
(or a group) of users. (One version of KMP was developed by SDNS,
and another by SILS.) Superseded by ISAKMP and IKE.
$ key material
(D) Synonym for "keying material".
Deprecated Usage: IDOCs SHOULD NOT use this term as a synonym for
"keying material".
$ key pair
(I) A set of mathematically related keys -- a public key and a
private key -- that are used for asymmetric cryptography and are
generated in a way that makes it computationally infeasible to
derive the private key from knowledge of the public key. (See:
Diffie-Hellman-Merkle, RSA.)
Tutorial: A key pair's owner discloses the public key to other
system entities so they can use the key to (a) encrypt data, (b)
verify a digital signature, or (c) generate a key with a key-
agreement algorithm. The matching private key is kept secret by
the owner, who uses it to (a') decrypt data, (b') generate a
digital signature, or (c') generate a key with a key-agreement
algorithm.
$ key recovery
1. (I) /cryptanalysis/ A process for learning the value of a
cryptographic key that was previously used to perform some
cryptographic operation. (See: cryptanalysis, recovery.)
2. (I) /backup/ Techniques that provide an intentional, alternate
means to access the key used for data confidentiality service in
an encrypted association. [DoD4] (Compare: recovery.)
Tutorial: It is assumed that the cryptographic system includes a
primary means of obtaining the key through a key-establishment
algorithm or protocol. For the secondary means, there are two
classes of key recovery techniques: key encapsulation and key
escrow.
$ key space
(I) The range of possible values of a cryptographic key; or the
number of distinct transformations supported by a particular
cryptographic algorithm. (See: key length.)
$ key translation center
(I) A type of key center that implements a key-distribution
protocol (based on symmetric cryptography) to convey keys between
two (or more) parties who wish to communicate securely. (Compare:
key distribution center.)
Tutorial: A key translation center transfers keys for future
communication between Bob and Alice, who (a) wish to communicate
with each other but do not currently share keys, (b) each share a
KEK with the center, and (c) have the ability to generate or
acquire keys by themselves. Alice generates or acquires a set of
keys for communication with Bob. Alice encrypts the set in the KEK
she shares with the center and sends the encrypted set to the
center. The center decrypts the set, reencrypts the set in the KEK
it shares with Bob, and either (a) sends that reencrypted set to
Alice for her to forward to Bob or (b) sends it directly to Bob
(although direct distribution is not supported in the ANSI
standard [A9017]).
$ key transport (algorithm or protocol)
1. (I) A key establishment method by which a secret key is
generated by a system entity in a communication association and
securely sent to another entity in the association. (Compare: key
agreement.)
Tutorial: Either (a) one entity generates a secret key and
securely sends it to the other entity, or (b) each entity
generates a secret value and securely sends it to the other
entity, where the two values are combined to form a secret key.
For example, a message originator can generate a random session
key and then use the RSA algorithm to encrypt that key with the
public key of the intended recipient.
2. (O) "The procedure to send a symmetric key from one party to
other parties. As a result, all legitimate participants share a
common symmetric key in such a way that the symmetric key is
determined entirely by one party." [A9042]
$ key update
1. (I) Derive a new key from an existing key. (Compare: rekey.)
2. (O) Irreversible cryptographic process that modifies a key to
produce a new key. [C4009]
$ key validation
1. (I) "The procedure for the receiver of a public key to check
that the key conforms to the arithmetic requirements for such a
key in order to thwart certain types of attacks." [A9042] (See:
weak key)
2. (D) Synonym for "certificate validation".
Deprecated Usage: IDOCs SHOULD NOT use the term as a synonym for
"certificate validation"; that would unnecessarily duplicate the
meaning of the latter term and mix concepts in a potentially
misleading way. In validating an X.509 public-key certificate, the
public key contained in the certificate is normally treated as an
opaque data object.
$ keyed hash
(I) A cryptographic hash (e.g., [R1828]) in which the mapping to a
hash result is varied by a second input parameter that is a
cryptographic key. (See: checksum.)
Tutorial: If the input data object is changed, a new,
corresponding hash result cannot be correctly computed without
knowledge of the secret key. Thus, the secret key protects the
hash result so it can be used as a checksum even when there is a
threat of an active attack on the data. There are two basic types
of keyed hash:
- A function based on a keyed encryption algorithm. Example: Data
Authentication Code.
- A function based on a keyless hash that is enhanced by
combining (e.g., by concatenating) the input data object
parameter with a key parameter before mapping to the hash
result. Example: HMAC.
$ keying material
1. (I) Data that is needed to establish and maintain a
cryptographic security association, such as keys, key pairs, and
IVs.
2. (O) "Key, code, or authentication information in physical or
magnetic form." [C4009] (Compare: COMSEC material.)
$ keying material identifier (KMID)
1. (I) An identifier assigned to an item of keying material.
2. (O) /MISSI/ A 64-bit identifier that is assigned to a key pair
when the public key is bound in a MISSI X.509 public-key
certificate.
$ Khafre
(N) A patented, symmetric block cipher designed by Ralph C. Merkle
as a plug-in replacement for DES. [Schn]
Tutorial: Khafre was designed for efficient encryption of small
amounts of data. However, because Khafre does not precompute
tables used for encryption, it is slower than Khufu for large
amounts of data.
$ Khufu
(N) A patented, symmetric block cipher designed by Ralph C. Merkle
as a plug-in replacement for DES. [Schn]
Tutorial: Khufu was designed for fast encryption of large amounts
of data. However, because Khufu precomputes tables used in
encryption, it is less efficient than Khafre for small amounts of
data.
$ KLIF
(N) See: key loading and initialization facility.
$ KMID
(I) See: keying material identifier.
$ known-plaintext attack
(I) A cryptanalysis technique in which the analyst tries to
determine the key from knowledge of some plaintext-ciphertext
pairs (although the analyst may also have other clues, such as
knowing the cryptographic algorithm).
$ kracker
(O) Old spelling for "cracker".
$ KSOS, KSOS-6, KSOS-11
(O) See: Kernelized Secure Operating System.
$ L2F
(N) See: Layer 2 Forwarding Protocol.
$ L2TP
(N) See: Layer 2 Tunneling Protocol.
$ label
See: time stamp, security label.
$ laboratory attack
(O) "Use of sophisticated signal recovery equipment in a
laboratory environment to recover information from data storage
media." [C4009]
$ LAN
(I) Abbreviation for "local area network" [R1983]. (See: [FP191].)
$ land attack
(I) A denial-of-service attack that sends an IP packet that (a)
has the same address in both the Source Address and Destination
Address fields and (b) contains a TCP SYN packet that has the same
port number in both the Source Port and Destination Port fields.
Derivation: This single-packet attack was named for "land", the
program originally published by the cracker who invented this
exploit. Perhaps that name was chosen because the inventor thought
of multi-packet (i.e., flooding) attacks as arriving by sea.
$ Language of Temporal Ordering Specification (LOTOS)
(N) A language (ISO 8807-1990) for formal specification of
computer network protocols; describes the order in which events
occur.
$ lattice
(I) A finite set together with a partial ordering on its elements
such that for every pair of elements there is a least upper bound
and a greatest lower bound.
Example: A lattice is formed by a finite set S of security levels
-- i.e., a set S of all ordered pairs (x,c), where x is one of a
finite set X of hierarchically ordered classification levels X(1),
non-hierarchical categories C(1), ..., C(M) -- together with the
"dominate" relation. Security level (x,c) is said to "dominate"
(x',c') if and only if (a) x is greater (higher) than or equal to
x' and (b) c includes at least all of the elements of c'. (See:
dominate, lattice model.)
Tutorial: Lattices are used in some branches of cryptography, both
as a basis for hard computational problems upon which
cryptographic algorithms can be defined, and also as a basis for
attacks on cryptographic algorithms.
$ lattice model
1. (I) A description of the semantic structure formed by a finite
set of security levels, such as those used in military
organizations. (See: dominate, lattice, security model.)
2. (I) /formal model/ A model for flow control in a system, based
on the lattice that is formed by the finite security levels in a
system and their partial ordering. [Denn]
$ Law Enforcement Access Field (LEAF)
(N) A data item that is automatically embedded in data encrypted
by devices (e.g., CLIPPER chip) that implement the Escrowed
Encryption Standard.
$ Layer 1, 2, 3, 4, 5, 6, 7
(N) See: OSIRM.
$ Layer 2 Forwarding Protocol (L2F)
(N) An Internet protocol (originally developed by Cisco
Corporation) that uses tunneling of PPP over IP to create a
virtual extension of a dial-up link across a network, initiated by
the dial-up server and transparent to the dial-up user. (See:
L2TP.)
$ Layer 2 Tunneling Protocol (L2TP)
(N) An Internet client-server protocol that combines aspects of
PPTP and L2F and supports tunneling of PPP over an IP network or
over frame relay or other switched network. (See: VPN.)
Tutorial: PPP can in turn encapsulate any OSIRM Layer 3 protocol.
Thus, L2TP does not specify security services; it depends on
protocols layered above and below it to provide any needed
security.
$ LDAP
(I) See: Lightweight Directory Access Protocol.
$ least common mechanism
(I) The principle that a security architecture should minimize
reliance on mechanisms that are shared by many users.
Tutorial: Shared mechanisms may include cross-talk paths that
permit a breach of data security, and it is difficult to make a
single mechanism operate in a correct and trusted manner to the
satisfaction of a wide range of users.
$ least privilege
(I) The principle that a security architecture should be designed
so that each system entity is granted the minimum system resources
and authorizations that the entity needs to do its work. (Compare:
economy of mechanism, least trust.)
Tutorial: This principle tends to limit damage that can be caused
by an accident, error, or unauthorized act. This principle also
tends to reduce complexity and promote modularity, which can make
certification easier and more effective. This principle is similar
to the principle of protocol layering, wherein each layer provides
specific, limited communication services, and the functions in one
layer are independent of those in other layers.
$ least trust
(I) The principle that a security architecture should be designed
in a way that minimizes (a) the number of components that require
trust and (b) the extent to which each component is trusted.
(Compare: least privilege, trust level.)
$ legacy system
(I) A system that is in operation but will not be improved or
expanded while a new system is being developed to supersede it.
$ legal non-repudiation
(I) See: secondary definition under "non-repudiation".
$ leap of faith
1. (I) /general security/ Operating a system as though it began
operation in a secure state, even though it cannot be proven that
such a state was established (i.e., even though a security
compromise might have occurred at or before the time when
operation began).
2. (I) /COMSEC/ The initial part, i.e., the first communication
step, or steps, of a protocol that is vulnerable to attack
(especially a man-in-the-middle attack) during that part but, if
that part is completed without being attacked, is subsequently not
vulnerable in later steps (i.e., results in a secure communication
association for which no man-in-the-middle attack is possible).
Usage: This term is listed in English dictionaries, but their
definitions are broad and can be interpreted in many ways in
Internet contexts. Similarly, the definition stated here can be
interpreted in several ways. Therefore, IDOCs that use this term
(especially IDOCs that are protocol specifications) SHOULD state a
more specific definition for it.
Tutorial: In a protocol, a leap of faith typically consists of
accepting a claim of peer identity, data origin, or data integrity
without authenticating that claim. When a protocol includes such a
step, the protocol might also be designed so that if a man-in-
the-middle attack succeeds during the vulnerable first part, then
the attacker must remain in the middle for all subsequent
exchanges or else one of the legitimate parties will be able to
detect the attack.
$ level of concern
(N) /U.S. DoD/ A rating assigned to an information system that
indicates the extent to which protective measures, techniques, and
procedures must be applied. (See: critical, sensitive, level of
robustness.)
$ level of robustness
(N) /U.S. DoD/ A characterization of (a) the strength of a
security function, mechanism, service, or solution and (b) the
assurance (or confidence) that it is implemented and functioning.
[Cons, IATF] (See: level of concern.)
$ Liberty Alliance
(O) An international consortium of more than 150 commercial,
nonprofit, and governmental organizations that was created in 2001
to address technical, business, and policy problems of identity
and identity-based Web services and develop a standard for
federated network identity that supports current and emerging
network devices.
$ Lightweight Directory Access Protocol (LDAP)
(I) An Internet client-server protocol (RFC 3377) that supports
basic use of the X.500 Directory (or other directory servers)
without incurring the resource requirements of the full Directory
Access Protocol (DAP).
Tutorial: Designed for simple management and browser applications
that provide simple read/write interactive directory service.
Supports both simple authentication and strong authentication of
the client to the directory server.
$ link
1a. (I) A communication facility or physical medium that can
sustain data communications between multiple network nodes, in the
protocol layer immediately below IP. (RFC 3753)
1b. (I) /subnetwork/ A communication channel connecting subnetwork
relays (especially one between two packet switches) that is
implemented at OSIRM Layer 2. (See: link encryption.)
Tutorial: The relay computers assume that links are logically
passive. If a computer at one end of a link sends a sequence of
bits, the sequence simply arrives at the other end after a finite
time, although some bits may have been changed either accidentally
(errors) or by active wiretapping.
2. (I) /World Wide Web/ See: hyperlink.
$ link encryption
(I) Stepwise (link-by-link) protection of data that flows between
two points in a network, provided by encrypting data separately on
each network link, i.e., by encrypting data when it leaves a host
or subnetwork relay and decrypting when it arrives at the next
host or relay. Each link may use a different key or even a
different algorithm. [R1455] (Compare: end-to-end encryption.)
$ liveness
(I) A property of a communication association or a feature of a
communication protocol that provides assurance to the recipient of
data that the data is being freshly transmitted by its originator,
i.e., that the data is not being replayed, by either the
originator or a third party, from a previous transmission. (See:
fresh, nonce, replay attack.)
$ logic bomb
(I) Malicious logic that activates when specified conditions are
met. Usually intended to cause denial of service or otherwise
damage system resources. (See: Trojan horse, virus, worm.)
$ login
1a. (I) An act by which a system entity establishes a session in
which the entity can use system resources. (See: principal,
session.)
1b. (I) An act by which a system user has its identity
authenticated by the system. (See: principal, session.)
Usage: Usually understood to be accomplished by providing an
identifier and matching authentication information (e.g., a
password) to a security mechanism that authenticates the user's
identity; but sometimes refers to establishing a connection with a
server when no authentication or specific authorization is
involved.
Derivation: Refers to "log" file, a security audit trail that
records (a) security events, such as the beginning of a session,
and (b) the names of the system entities that initiate events.
$ long title
(O) /U.S. Government/ "Descriptive title of [an item of COMSEC
material]." [C4009] (Compare: short title.)
$ low probability of detection
(I) Result of TRANSEC measures used to hide or disguise a
communication.
$ low probability of intercept
(I) Result of TRANSEC measures used to prevent interception of a
communication.
$ LOTOS
(N) See: Language of Temporal Ordering Specification.
$ MAC
(N) See: mandatory access control, Message Authentication Code.
Deprecated Usage: IDOCs that use this term SHOULD state a
definition for it because this abbreviation is ambiguous.
$ magnetic remanence
(N) Magnetic representation of residual information remaining on a
magnetic medium after the medium has been cleared. [NCS25] (See:
clear, degauss, purge.)
$ main mode
(I) See: /IKE/ under "mode".
$ maintenance hook
(N) "Special instructions (trapdoors) in software allowing easy
maintenance and additional feature development. Since maintenance
hooks frequently allow entry into the code without the usual
checks, they are a serious security risk if they are not removed
prior to live implementation." [C4009] (See: back door.)
$ malicious logic
(I) Hardware, firmware, or software that is intentionally included
or inserted in a system for a harmful purpose. (See: logic bomb,
Trojan horse, spyware, virus, worm. Compare: secondary definitions
under "corruption", "incapacitation", "masquerade", and "misuse".)
$ malware
(D) A contraction of "malicious software". (See: malicious logic.)
Deprecated Term: IDOCs SHOULD NOT use this term; it is not listed
in most dictionaries and could confuse international readers.
$ MAN
(I) metropolitan area network.
$ man-in-the-middle attack
(I) A form of active wiretapping attack in which the attacker
intercepts and selectively modifies communicated data to
masquerade as one or more of the entities involved in a
communication association. (See: hijack attack, piggyback attack.)
Tutorial: For example, suppose Alice and Bob try to establish a
session key by using the Diffie-Hellman-Merkle algorithm without
data origin authentication service. A "man in the middle" could
(a) block direct communication between Alice and Bob and then (b)
masquerade as Alice sending data to Bob, (c) masquerade as Bob
sending data to Alice, (d) establish separate session keys with
each of them, and (e) function as a clandestine proxy server
between them to capture or modify sensitive information that Alice
and Bob think they are sending only to each other.
$ manager
(I) A person who controls the service configuration of a system or
the functional privileges of operators and other users. (See:
administrative security. Compare: operator, SSO, user.)
$ mandatory access control
1. (I) An access control service that enforces a security policy
based on comparing (a) security labels, which indicate how
sensitive or critical system resources are, with (b) security
clearances, which indicate that system entities are eligible to
access certain resources. (See: discretionary access control, MAC,
rule-based security policy.)
Derivation: This kind of access control is called "mandatory"
because an entity that has clearance to access a resource is not
permitted, just by its own volition, to enable another entity to
access that resource.
2. (O) "A means of restricting access to objects based on the
sensitivity (as represented by a label) of the information
contained in the objects and the formal authorization (i.e.,
clearance) of subjects to access information of such sensitivity."
[DoD1]
$ manipulation detection code
(D) Synonym for "checksum".
Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
"checksum"; the word "manipulation" implies protection against
active attacks, which an ordinary checksum might not provide.
Instead, if such protection is intended, use "protected checksum"
or some particular type thereof, depending on which is meant. If
such protection is not intended, use "error detection code" or
some specific type of checksum that is not protected.
$ marking
See: time stamp, security marking.
$ MARS
(O) A symmetric, 128-bit block cipher with variable key length
(128 to 448 bits), developed by IBM as a candidate for the AES.
$ Martian
(D) /slang/ A packet that arrives unexpectedly at the wrong
address or on the wrong network because of incorrect routing or
because it has a non-registered or ill-formed IP address. [R1208]
Deprecated Term: It is likely that other cultures use different
metaphors for this concept. Therefore, to avoid international
misunderstanding, IDOCs SHOULD NOT use this term. (See: Deprecated
Usage under "Green Book".)
$ masquerade
(I) A type of threat action whereby an unauthorized entity gains
access to a system or performs a malicious act by illegitimately
posing as an authorized entity. (See: deception.)
Usage: This type of threat action includes the following subtypes:
- "Spoof": Attempt by an unauthorized entity to gain access to a
system by posing as an authorized user.
- "Malicious logic": In context of masquerade, any hardware,
firmware, or software (e.g., Trojan horse) that appears to
perform a useful or desirable function, but actually gains
unauthorized access to system resources or tricks a user into
executing other malicious logic. (See: corruption,
incapacitation, main entry for "malicious logic", misuse.)
$ MCA
(O) See: merchant certification authority.
$ MD2
(N) A cryptographic hash [R1319] that produces a 128-bit hash
result, was designed by Ron Rivest, and is similar to MD4 and MD5
but slower.
Derivation: Apparently, an abbreviation of "message digest", but
that term is deprecated by this Glossary.
$ MD4
(N) A cryptographic hash [R1320] that produces a 128-bit hash
result and was designed by Ron Rivest. (See: Derivation under
"MD2", SHA-1.)
$ MD5
(N) A cryptographic hash [R1321] that produces a 128-bit hash
result and was designed by Ron Rivest to be an improved version of
MD4. (See: Derivation under "MD2".)
$ merchant
(O) /SET/ "A seller of goods, services, and/or other information
who accepts payment for these items electronically." [SET2] A
merchant may also provide electronic selling services and/or
electronic delivery of items for sale. With SET, the merchant can
offer its cardholders secure electronic interactions, but a
merchant that accepts payment cards is required to have a
relationship with an acquirer. [SET1, SET2]
$ merchant certificate
(O) /SET/ A public-key certificate issued to a merchant. Sometimes
used to refer to a pair of such certificates where one is for
digital signature use and the other is for encryption.
$ merchant certification authority (MCA)
(O) /SET/ A CA that issues digital certificates to merchants and
is operated on behalf of a payment card brand, an acquirer, or
another party according to brand rules. Acquirers verify and
approve requests for merchant certificates prior to issuance by
the MCA. An MCA does not issue a CRL, but does distribute CRLs
issued by root CAs, brand CAs, geopolitical CAs, and payment
gateway CAs. [SET2]
$ mesh PKI
(I) A non-hierarchical PKI architecture in which there are several
trusted CAs rather than a single root. Each certificate user bases
path validations on the public key of one of the trusted CAs,
usually the one that issued that user's own public-key
certificate. Rather than having superior-to-subordinate
relationships between CAs, the relationships are peer-to-peer, and
CAs issue cross-certificates to each other. (Compare: hierarchical
PKI, trust-file PKI.)
$ Message Authentication Code (MAC), message authentication code
1. (N) /capitalized/ A specific ANSI standard for a checksum that
is computed with a keyed hash that is based on DES. [A9009] Usage:
a.k.a. Data Authentication Code, which is a U.S. Government
standard. [FP113] (See: MAC.)
2. (D) /not capitalized/ Synonym for "error detection code".
Deprecated Term: IDOCs SHOULD NOT use the uncapitalized form
"message authentication code". Instead, use "checksum", "error
detection code", "hash", "keyed hash", "Message Authentication
Code", or "protected checksum", depending on what is meant. (See:
authentication code.)
The uncapitalized form mixes concepts in a potentially misleading
way. The word "message" is misleading because it implies that the
mechanism is particularly suitable for or limited to electronic
mail (see: Message Handling Systems). The word "authentication" is
misleading because the mechanism primarily serves a data integrity
function rather than an authentication function. The word "code"
is misleading because it implies that either encoding or
encryption is involved or that the term refers to computer
software.
$ message digest
(D) Synonym for "hash result". (See: cryptographic hash.)
Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
"hash result"; this term unnecessarily duplicates the meaning of
the other, more general term and mixes concepts in a potentially
misleading way. The word "message" is misleading because it
implies that the mechanism is particularly suitable for or limited
to electronic mail (see: Message Handling Systems).
$ message handling system
(D) Synonym for the Internet electronic mail system.
Deprecated Term: IDOCs SHOULD NOT use this term, because it could
be confused with Message Handling System. Instead, use "Internet
electronic mail" or some other, more specific term.
$ Message Handling System
(O) An ITU-T system concept that encompasses the notion of
electronic mail but defines more comprehensive OSI systems and
services that enable users to exchange messages on a store-and-
forward basis. (The ISO equivalent is "Message Oriented Text
Interchange System".) (See: X.400.)
$ message indicator
1. (D) /cryptographic function/ Synonym for "initialization
value". (Compare: indicator.)
2. (D) "Sequence of bits transmitted over a communications system
for synchronizing cryptographic equipment." [C4009]
Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
"initialization value"; the term mixes concepts in a potentially
misleading way. The word "message" is misleading because it
suggests that the mechanism is specific to electronic mail. (See:
Message Handling System.)
$ message integrity check
$ message integrity code (MIC)
(D) Synonyms for some form of "checksum".
Deprecated Term: IDOCs SHOULD NOT use these terms for any form of
checksum. Instead, use "checksum", "error detection code", "hash",
"keyed hash", "Message Authentication Code", or "protected
checksum", depending on what is meant.
These two terms mix concepts in potentially misleading ways. The
word "message" is misleading because it suggests that the
mechanism is particularly suitable for or limited to electronic
mail. The word "integrity" is misleading because the checksum may
be used to perform a data origin authentication function rather
than an integrity function. The word "code" is misleading because
it suggests either that encoding or encryption is involved or that
the term refers to computer software.
$ Message Security Protocol (MSP)
(N) A secure message handling protocol [SDNS7] for use with X.400
and Internet mail protocols. Developed by NSA's SDNS program and
used in the U.S. DoD's Defense Message System.
$ meta-data
(I) Descriptive information about a data object; i.e., data about
data, or data labels that describe other data. (See: security
label. Compare: metadata)
Tutorial: Meta-data can serve various management purposes:
- System management: File name, type, size, creation date.
- Application management: Document title, version, author.
- Usage management: Data categories, keywords, classifications.
Meta-data can be associated with a data object in two basic ways:
- Explicitly: Be part of the data object (e.g., a header field of
a data file or packet) or be linked to the object.
- Implicitly: Be associated with the data object because of some
other, explicit attribute of the object.
$ metadata, Metadata(trademark), METADATA(trademark)
(D) Proprietary variants of "meta-data". (See: SPAM(trademark).)
Deprecated Usage: IDOCs SHOULD NOT use these unhypenated forms;
IDOCs SHOULD use only the uncapitalized, hyphenated "meta-data".
The terms "Metadata" and "METADATA" are claimed as registered
trademarks (numbers 1,409,260 and 2,185,504) owned by The Metadata
Company, originally known as Metadata Information Partners, a
company founded by Jack Myers. The status of "metadata" is
unclear.
$ MHS
(N) See: message handling system.
$ MIC
(D) See: message integrity code.
$ MIME
(I) See: Multipurpose Internet Mail Extensions.
$ MIME Object Security Services (MOSS)
(I) An Internet protocol [R1848] that applies end-to-end
encryption and digital signature to MIME message content, using
symmetric cryptography for encryption and asymmetric cryptography
for key distribution and signature. MOSS is based on features and
specifications of PEM. (See: S/MIME.)
$ Minimum Interoperability Specification for PKI Components (MISPC)
(N) A technical description to provide a basis for interoperation
between PKI components from different vendors; consists primarily
of a profile of certificate and CRL extensions and a set of
transactions for PKI operation. [SP15]
$ misappropriation
(I) A type of threat action whereby an entity assumes unauthorized
logical or physical control of a system resource. (See:
usurpation.)
Usage: This type of threat action includes the following subtypes:
- Theft of data: Unauthorized acquisition and use of data
contained in a system.
- Theft of service: Unauthorized use of a system service.
- Theft of functionality: Unauthorized acquisition of actual
hardware, firmware, or software of a system component.
$ MISPC
(N) See: Minimum Interoperability Specification for PKI
Components.
(next page on part 8)
