Home   A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z  

Internet Security Glossary, Version 2 :: RFC4949








Network Working Group                                          R. Shirey
Request for Comments: 4949                                   August 2007
FYI: 36
Obsoletes: 2828
Category: Informational


                 Internet Security Glossary, Version 2

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

RFC Editor Note

   This document is both a major revision and a major expansion of the
   Security Glossary in RFC 2828. This revised Glossary is an extensive
   reference that should help the Internet community to improve the
   clarity of documentation and discussion in an important area of
   Internet technology. However, readers should be aware of the
   following:

   (1) The recommendations and some particular interpretations in
   definitions are those of the author, not an official IETF position.
   The IETF has not taken a formal position either for or against
   recommendations made by this Glossary, and the use of RFC 2119
   language (e.g., SHOULD NOT) in the Glossary must be understood as
   unofficial. In other words, the usage rules, wording interpretations,
   and other recommendations that the Glossary offers are personal
   opinions of the Glossary's author. Readers must judge for themselves
   whether or not to follow his recommendations, based on their own
   knowledge combined with the reasoning presented in the Glossary.

   (2) The glossary is rich in the history of early network security
   work, but it may be somewhat incomplete in describing recent security
   work, which has been developing rapidly.









Shirey                       Informational                      [Page 1]

RFC 4949         Internet Security Glossary, Version 2       August 2007


Abstract

   This Glossary provides definitions, abbreviations, and explanations
   of terminology for information system security. The 334 pages of
   entries offer recommendations to improve the comprehensibility of
   written material that is generated in the Internet Standards Process
   (RFC 2026). The recommendations follow the principles that such
   writing should (a) use the same term or definition whenever the same
   concept is mentioned; (b) use terms in their plainest, dictionary
   sense; (c) use terms that are already well-established in open
   publications; and (d) avoid terms that either favor a particular
   vendor or favor a particular technology or mechanism over other,
   competing techniques that already exist or could be developed.

Table of Contents

   1. Introduction ....................................................3
   2. Format of Entries ...............................................4
      2.1. Order of Entries ...........................................4
      2.2. Capitalization and Abbreviations ...........................5
      2.3. Support for Automated Searching ............................5
      2.4. Definition Type and Context ................................5
      2.5. Explanatory Notes ..........................................6
      2.6. Cross-References ...........................................6
      2.7. Trademarks .................................................6
      2.8. The New Punctuation ........................................6
   3. Types of Entries ................................................7
      3.1. Type "I": Recommended Definitions of Internet Origin .......7
      3.2. Type "N": Recommended Definitions of Non-Internet Origin ...8
      3.3. Type "O": Other Terms and Definitions To Be Noted ..........8
      3.4. Type "D": Deprecated Terms and Definitions .................8
      3.5. Definition Substitutions ...................................8
   4. Definitions .....................................................9
   5. Security Considerations .......................................343
   6. Normative Reference ...........................................343
   7. Informative References ........................................343
   8. Acknowledgments ...............................................364














Shirey                       Informational                      [Page 2]

RFC 4949         Internet Security Glossary, Version 2       August 2007


1. Introduction

   This Glossary is *not* an Internet Standard, and its recommendations
   represent only the opinions of its author. However, this Glossary
   gives reasons for its recommendations -- especially for the SHOULD
   NOTs -- so that readers can judge for themselves what to do.

   This Glossary provides an internally consistent and self-contained
   set of terms, abbreviations, and definitions -- supported by
   explanations, recommendations, and references -- for terminology that
   concerns information system security. The intent of this Glossary is
   to improve the comprehensibility of written materials that are
   generated in the Internet Standards Process (RFC 2026) -- i.e., RFCs,
   Internet-Drafts, and other items of discourse -- which are referred
   to here as IDOCs. A few non-security, networking terms are included
   to make the Glossary self-contained, but more complete glossaries of
   such terms are available elsewhere [A1523, F1037, R1208, R1983].

   This Glossary supports the goals of the Internet Standards Process:

   o  Clear, Concise, Easily Understood Documentation

      This Glossary seeks to improve comprehensibility of security-
      related content of IDOCs. That requires wording to be clear and
      understandable, and requires the set of security-related terms and
      definitions to be consistent and self-supporting. Also,
      terminology needs to be uniform across all IDOCs; i.e., the same
      term or definition needs to be used whenever and wherever the same
      concept is mentioned. Harmonization of existing IDOCs need not be
      done immediately, but it is desirable to correct and standardize
      terminology when new versions are issued in the normal course of
      standards development and evolution.

   o  Technical Excellence

      Just as Internet Standard (STD) protocols should operate
      effectively, IDOCs should use terminology accurately, precisely,
      and unambiguously to enable standards to be implemented correctly.

   o  Prior Implementation and Testing

      Just as STD protocols require demonstrated experience and
      stability before adoption, IDOCs need to use well-established
      language; and the robustness principle for protocols -- "be
      liberal in what you accept, and conservative in what you send" --
      is also applicable to the language used in IDOCs that describe
      protocols. Using terms in their plainest, dictionary sense (when
      appropriate) helps to make them more easily understood by



Shirey                       Informational                      [Page 3]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      international readers. IDOCs need to avoid using private, newly
      invented terms in place of generally accepted terms from open
      publications. IDOCs need to avoid substituting new definitions
      that conflict with established ones. IDOCs need to avoid using
      "cute" synonyms (e.g., "Green Book"), because no matter how
      popular a nickname may be in one community, it is likely to cause
      confusion in another.

      However, although this Glossary strives for plain, internationally
      understood English language, its terms and definitions are biased
      toward English as used in the United States of America (U.S.).
      Also, with regard to terminology used by national governments and
      in national defense areas, the glossary addresses only U.S. usage.

   o  Openness, Fairness, and Timeliness

      IDOCs need to avoid using proprietary and trademarked terms for
      purposes other than referring to those particular systems. IDOCs
      also need to avoid terms that either favor a particular vendor or
      favor a particular security technology or mechanism over other,
      competing techniques that already exist or might be developed in
      the future. The set of terminology used across the set of IDOCs
      needs to be flexible and adaptable as the state of Internet
      security art evolves.

   In support of those goals, this Glossary offers guidance by marking
   terms and definitions as being either endorsed or deprecated for use
   in IDOCs. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
   and "OPTIONAL" are intended to be interpreted the same way as in an
   Internet Standard (i.e., as specified in RFC 2119 [R2119]). Other
   glossaries (e.g., [Raym]) list additional terms that deal with
   Internet security but have not been included in this Glossary because
   they are not appropriate for IDOCs.

2. Format of Entries

   Section 4 presents Glossary entries in the following manner:

2.1. Order of Entries

   Entries are sorted in lexicographic order, without regard to
   capitalization. Numeric digits are treated as preceding alphabetic
   characters, and special characters are treated as preceding digits.
   Blanks are treated as preceding non-blank characters, except that a
   hyphen or slash between the parts of a multiword entry (e.g.,
   "RED/BLACK separation") is treated like a blank.





Shirey                       Informational                      [Page 4]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   If an entry has multiple definitions (e.g., "domain"), they are
   numbered beginning with "1", and any of those multiple definitions
   that are RECOMMENDED for use in IDOCs are presented before other
   definitions for that entry. If definitions are closely related (e.g.,
   "threat"), they are denoted by adding letters to a number, such as
   "1a" and "1b".

2.2. Capitalization and Abbreviations

   Entries that are proper nouns are capitalized (e.g., "Data Encryption
   Algorithm"), as are other words derived from proper nouns (e.g.,
   "Caesar cipher"). All other entries are not capitalized (e.g.,
   "certification authority"). Each acronym or other abbreviation that
   appears in this Glossary, either as an entry or in a definition or
   explanation, is defined in this Glossary, except items of common
   English usage, such as "a.k.a.", "e.g.", "etc.", "i.e.", "vol.",
   "pp.", and "U.S.".

2.3. Support for Automated Searching

   Each entry is preceded by a dollar sign ($) and a space. This makes
   it possible to find the defining entry for an item "X" by searching
   for the character string "$ X", without stopping at other entries in
   which "X" is used in explanations.

2.4. Definition Type and Context

   Each entry is preceded by a character -- I, N, O, or D -- enclosed in
   parentheses, to indicate the type of definition (as is explained
   further in Section 3):
   -  "I" for a RECOMMENDED term or definition of Internet origin.
   -  "N" if RECOMMENDED but not of Internet origin.
   -  "O" for a term or definition that is NOT recommended for use in
      IDOCs but is something that authors of Internet documents should
      know about.
   -  "D" for a term or definition that is deprecated and SHOULD NOT be
      used in Internet documents.

   If a definition is valid only in a specific context (e.g.,
   "baggage"), that context is shown immediately following the
   definition type and is enclosed by a pair of slash symbols (/). If
   the definition is valid only for specific parts of speech, that is
   shown in the same way (e.g., "archive").








Shirey                       Informational                      [Page 5]

RFC 4949         Internet Security Glossary, Version 2       August 2007


2.5. Explanatory Notes

   Some entries have explanatory text that is introduced by one or more
   of the following keywords:
   -  Deprecated Abbreviation (e.g., "AA")
   -  Deprecated Definition (e.g., "digital certification")
   -  Deprecated Usage (e.g., "authenticate")
   -  Deprecated Term (e.g., "certificate authority")
   -  Pronunciation (e.g., "*-property")
   -  Derivation (e.g., "discretionary access control")
   -  Tutorial (e.g., "accreditation")
   -  Example (e.g., "back door")
   -  Usage (e.g., "access")

   Explanatory text in this Glossary MAY be reused in IDOCs. However,
   this text is not intended to authoritatively supersede text of an
   IDOC in which the Glossary entry is already used.

2.6. Cross-References

   Some entries contain a parenthetical remark of the form "(See: X.)",
   where X is a list of other, related terms. Some entries contain a
   remark of the form "(Compare: X)", where X is a list of terms that
   either are antonyms of the entry or differ in some other manner worth
   noting.

2.7. Trademarks

   All servicemarks and trademarks that appear in this Glossary are used
   in an editorial fashion and to the benefit of the mark owner, without
   any intention of infringement.

2.8. The New Punctuation

   This Glossary uses the "new" or "logical" punctuation style favored
   by computer programmers, as described by Raymond [Raym]: Programmers
   use pairs of quotation marks the same way they use pairs of
   parentheses, i.e., as balanced delimiters. For example, if "Alice
   sends" is a phrase, and so are "Bill receives" and "Eve listens",
   then a programmer would write the following sentence:

      "Alice sends", "Bill receives", and "Eve listens".

   According to standard American usage, the punctuation in that
   sentence is incorrect; the continuation commas and the final period
   should go inside the string quotes, like this:

      "Alice sends," "Bill receives," and "Eve listens."



Shirey                       Informational                      [Page 6]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   However, a programmer would not include a character in a literal
   string if the character did not belong there, because that could
   cause an error. For example, suppose a sentence in a draft of a
   tutorial on the vi editing language looked like this:

      Then delete one line from the file by typing "dd".

   A book editor following standard usage might change the sentence to
   look like this:

      Then delete one line from the file by typing "dd."

   However, in the vi language, the dot character repeats the last
   command accepted. So, if a reader entered "dd.", two lines would be
   deleted instead of one.

   Similarly, use of standard American punctuation might cause
   misunderstanding in entries in this Glossary. Thus, the new
   punctuation is used here, and we recommend it for IDOCs.

3. Types of Entries

   Each entry in this Glossary is marked as type I, N, O, or D:

3.1. Type "I": Recommended Definitions of Internet Origin

   The marking "I" indicates two things:
   -  Origin: "I" (as opposed to "N") means either that the Internet
      Standards Process or Internet community is authoritative for the
      definition *or* that the term is sufficiently generic that this
      Glossary can freely state a definition without contradicting a
      non-Internet authority (e.g., "attack").
   -  Recommendation: "I" (as opposed to "O") means that the term and
      definition are RECOMMENDED for use in IDOCs. However, some "I"
      entries may be accompanied by a "Usage" note that states a
      limitation (e.g., "certification"), and IDOCs SHOULD NOT use the
      defined term outside that limited context.

   Many "I" entries are proper nouns (e.g., "Internet Protocol") for
   which the definition is intended only to provide basic information;
   i.e., the authoritative definition of such terms is found elsewhere.
   For a proper noun described as an "Internet protocol", please refer
   to the current edition of "Internet Official Protocol Standards"
   (Standard 1) for the standardization status of the protocol.







Shirey                       Informational                      [Page 7]

RFC 4949         Internet Security Glossary, Version 2       August 2007


3.2. Type "N": Recommended Definitions of Non-Internet Origin

   The marking "N" indicates two things:
   -  Origin: "N" (as opposed to "I") means that the entry has a non-
      Internet basis or origin.
   -  Recommendation: "N" (as opposed to "O") means that the term and
      definition are RECOMMENDED for use in IDOCs, if they are needed at
      all in IDOCs. Many of these entries are accompanied by a label
      that states a context (e.g., "package") or a note that states a
      limitation (e.g., "data integrity"), and IDOCs SHOULD NOT use the
      defined term outside that context or limit. Some of the contexts
      are rarely if ever expected to occur in an IDOC (e.g., "baggage").
      In those cases, the listing exists to make Internet authors aware
      of the non-Internet usage so that they can avoid conflicts with
      non-Internet documents.

3.3. Type "O": Other Terms and Definitions To Be Noted

   The marking "O" means that the definition is of non-Internet origin
   and SHOULD NOT be used in IDOCs *except* in cases where the term is
   specifically identified as non-Internet.

   For example, an IDOC might mention "BCA" (see: brand certification
   authority) or "baggage" as an example of some concept; in that case,
   the document should specifically say "SET(trademark) BCA" or
   "SET(trademark) baggage" and include the definition of the term.

3.4. Type "D": Deprecated Terms and Definitions

   If this Glossary recommends that a term or definition SHOULD NOT be
   used in IDOCs, then the entry is marked as type "D", and an
   explanatory note -- "Deprecated Term", "Deprecated Abbreviation",
   "Deprecated Definition", or "Deprecated Usage" -- is provided.

3.5. Definition Substitutions

   Some terms have a definition published by a non-Internet authority --
   a government (e.g., "object reuse"), an industry (e.g., "Secure Data
   Exchange"), a national authority (e.g., "Data Encryption Standard"),
   or an international body (e.g., "data confidentiality") -- that is
   suitable for use in IDOCs. In those cases, this Glossary marks the
   definition "N", recommending its use in Internet documents.

   Other such terms have definitions that are inadequate or
   inappropriate for IDOCs. For example, a definition might be outdated
   or too narrow, or it might need clarification by substituting more
   careful wording (e.g., "authentication exchange") or explanations,
   using other terms that are defined in this Glossary. In those cases,



Shirey                       Informational                      [Page 8]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   this Glossary marks the entry "O", and provides an "I" or "N" entry
   that precedes, and is intended to supersede, the "O" entry.

   In some cases where this Glossary provides a definition to supersede
   an "O" definition, the substitute is intended to subsume the meaning
   of the "O" entry and not conflict with it. For the term "security
   service", for example, the "O" definition deals narrowly with only
   communication services provided by layers in the OSIRM and is
   inadequate for the full range of IDOC usage, while the new "I"
   definition provided by this Glossary can be used in more situations
   and for more kinds of service. However, the "O" definition is also
   listed so that IDOC authors will be aware of the context in which the
   term is used more narrowly.

   When making substitutions, this Glossary attempts to avoid
   contradicting any non-Internet authority. Still, terminology differs
   between authorities such as the American Bar Association, OSI, SET,
   the U.S. DoD, and other authorities; and this Glossary probably is
   not exactly aligned with any of them.

4. Definitions

   $ *-property
      (N) Synonym for "confinement property" in the context of the Bell-
      LaPadula model. Pronunciation: star property.

   $ 3DES
      (N) See: Triple Data Encryption Algorithm.

   $ A1 computer system
      (O) /TCSEC/ See: Tutorial under "Trusted Computer System
      Evaluation Criteria". (Compare: beyond A1.)

   $ AA
      (D) See: Deprecated Usage under "attribute authority".

   $ ABA Guidelines
      (N) "American Bar Association (ABA) Digital Signature Guidelines"
      [DSG], a framework of legal principles for using digital
      signatures and digital certificates in electronic commerce.

   $ Abstract Syntax Notation One (ASN.1)
      (N) A standard for describing data objects. [Larm, X680] (See:
      CMS.)

      Usage: IDOCs SHOULD use the term "ASN.1" narrowly to describe the
      notation or language called "Abstract Syntax Notation One". IDOCs
      MAY use the term more broadly to encompass the notation, its



Shirey                       Informational                      [Page 9]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      associated encoding rules (see: BER), and software tools that
      assist in its use, when the context makes this meaning clear.

      Tutorial: OSIRM defines computer network functionality in layers.
      Protocols and data objects at higher layers are abstractly defined
      to be implemented using protocols and data objects from lower
      layers. A higher layer may define transfers of abstract objects
      between computers, and a lower layer may define those transfers
      concretely as strings of bits. Syntax is needed to specify data
      formats of abstract objects, and encoding rules are needed to
      transform abstract objects into bit strings at lower layers. OSI
      standards use ASN.1 for those specifications and use various
      encoding rules for those transformations. (See: BER.)

      In ASN.1, formal names are written without spaces, and separate
      words in a name are indicated by capitalizing the first letter of
      each word except the first word. For example, the name of a CRL is
      "certificateRevocationList".

   $ ACC
      (I) See: access control center.

   $ acceptable risk
      (I) A risk that is understood and tolerated by a system's user,
      operator, owner, or accreditor, usually because the cost or
      difficulty of implementing an effective countermeasure for the
      associated vulnerability exceeds the expectation of loss. (See:
      adequate security, risk, "second law" under "Courtney's laws".)

   $ access
      1a. (I) The ability and means to communicate with or otherwise
      interact with a system to use system resources either to handle
      information or to gain knowledge of the information the system
      contains. (Compare: handle.)

      Usage: The definition is intended to include all types of
      communication with a system, including one-way communication in
      either direction. In actual practice, however, passive users might
      be treated as not having "access" and, therefore, be exempt from
      most requirements of the system's security policy. (See: "passive
      user" under "user".)

      1b. (O) "Opportunity to make use of an information system (IS)
      resource." [C4009]

      2. (O) /formal model/ "A specific type of interaction between a
      subject and an object that results in the flow of information from
      one to the other." [NCS04]



Shirey                       Informational                     [Page 10]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ Access Certificate for Electronic Services (ACES)
      (O) A PKI operated by the U.S. Government's General Services
      Administration in cooperation with industry partners. (See: CAM.)

   $ access control
      1. (I) Protection of system resources against unauthorized access.

      2. (I) A process by which use of system resources is regulated
      according to a security policy and is permitted only by authorized
      entities (users, programs, processes, or other systems) according
      to that policy. (See: access, access control service, computer
      security, discretionary access control, mandatory access control,
      role-based access control.)

      3. (I) /formal model/ Limitations on interactions between subjects
      and objects in an information system.

      4. (O) "The prevention of unauthorized use of a resource,
      including the prevention of use of a resource in an unauthorized
      manner." [I7498-2]

      5. (O) /U.S. Government/ A system using physical, electronic, or
      human controls to identify or admit personnel with properly
      authorized access to a SCIF.

   $ access control center (ACC)
      (I) A computer that maintains a database (possibly in the form of
      an access control matrix) defining the security policy for an
      access control service, and that acts as a server for clients
      requesting access control decisions.

      Tutorial: An ACC is sometimes used in conjunction with a key
      center to implement access control in a key-distribution system
      for symmetric cryptography. (See: BLACKER, Kerberos.)

   $ access control list (ACL)
      (I) /information system/ A mechanism that implements access
      control for a system resource by enumerating the system entities
      that are permitted to access the resource and stating, either
      implicitly or explicitly, the access modes granted to each entity.
      (Compare: access control matrix, access list, access profile,
      capability list.)

   $ access control matrix
      (I) A rectangular array of cells, with one row per subject and one
      column per object. The entry in a cell -- that is, the entry for a
      particular subject-object pair -- indicates the access mode that
      the subject is permitted to exercise on the object. Each column is



Shirey                       Informational                     [Page 11]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      equivalent to an "access control list" for the object; and each
      row is equivalent to an "access profile" for the subject.

   $ access control service
      (I) A security service that protects against a system entity using
      a system resource in a way not authorized by the system's security
      policy. (See: access control, discretionary access control,
      identity-based security policy, mandatory access control, rule-
      based security policy.)

      Tutorial: This service includes protecting against use of a
      resource in an unauthorized manner by an entity (i.e., a
      principal) that is authorized to use the resource in some other
      manner. (See: insider.) The two basic mechanisms for implementing
      this service are ACLs and tickets.

   $ access level
      1. (D) Synonym for the hierarchical "classification level" in a
      security level. [C4009] (See: security level.)

      2. (D) Synonym for "clearance level".

      Deprecated Definitions: IDOCs SHOULD NOT use this term with these
      definitions because they duplicate the meaning of more specific
      terms. Any IDOC that uses this term SHOULD provide a specific
      definition for it because access control may be based on many
      attributes other than classification level and clearance level.

   $ access list
      (I) /physical security/ Roster of persons who are authorized to
      enter a controlled area. (Compare: access control list.)

   $ access mode
      (I) A distinct type of data processing operation (e.g., read,
      write, append, or execute, or a combination of operations) that a
      subject can potentially perform on an object in an information
      system. [Huff] (See: read, write.)

   $ access policy
      (I) A kind of "security policy". (See: access, access control.)

   $ access profile
      (O) Synonym for "capability list".

      Usage: IDOCs that use this term SHOULD state a definition for it
      because the definition is not widely known.





Shirey                       Informational                     [Page 12]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ access right
      (I) Synonym for "authorization"; emphasizes the possession of the
      authorization by a system entity.

   $ accountability
      (I) The property of a system or system resource that ensures that
      the actions of a system entity may be traced uniquely to that
      entity, which can then be held responsible for its actions. [Huff]
      (See: audit service.)

      Tutorial: Accountability (a.k.a. individual accountability)
      typically requires a system ability to positively associate the
      identity of a user with the time, method, and mode of the user's
      access to the system. This ability supports detection and
      subsequent investigation of security breaches. Individual persons
      who are system users are held accountable for their actions after
      being notified of the rules of behavior for using the system and
      the penalties associated with violating those rules.

   $ accounting See: COMSEC accounting.

   $ accounting legend code (ALC)
      (O) /U.S. Government/ Numeric system used to indicate the minimum
      accounting controls required for items of COMSEC material within
      the CMCS. [C4009] (See: COMSEC accounting.)

   $ accreditation
      (N) An administrative action by which a designated authority
      declares that an information system is approved to operate in a
      particular security configuration with a prescribed set of
      safeguards. [FP102, SP37] (See: certification.)

      Tutorial: An accreditation is usually based on a technical
      certification of the system's security mechanisms. To accredit a
      system, the approving authority must determine that any residual
      risk is an acceptable risk. Although the terms "certification" and
      "accreditation" are used more in the U.S. DoD and other U.S.
      Government agencies than in commercial organizations, the concepts
      apply any place where managers are required to deal with and
      accept responsibility for security risks. For example, the
      American Bar Association is developing accreditation criteria for
      CAs.

   $ accreditation boundary
      (O) Synonym for "security perimeter". [C4009]






Shirey                       Informational                     [Page 13]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ accreditor
      (N) A management official who has been designated to have the
      formal authority to "accredit" an information system, i.e., to
      authorize the operation of, and the processing of sensitive data
      in, the system and to accept the residual risk associated with the
      system. (See: accreditation, residual risk.)

   $ ACES
      (O) See: Access Certificate for Electronic Services.

   $ ACL
      (I) See: access control list.

   $ acquirer
      1. (O) /SET/ "The financial institution that establishes an
      account with a merchant and processes payment card authorizations
      and payments." [SET1]

      2. (O) /SET/ "The institution (or its agent) that acquires from
      the card acceptor the financial data relating to the transaction
      and initiates that data into an interchange system." [SET2]

   $ activation data
      (N) Secret data, other than keys, that is required to access a
      cryptographic module. (See: CIK. Compare: initialization value.)

   $ active attack
      (I) See: secondary definition under "attack".

   $ active content
      1a. (I) Executable software that is bound to a document or other
      data file and that executes automatically when a user accesses the
      file, without explicit initiation by the user. (Compare: mobile
      code.)

      Tutorial: Active content can be mobile code when its associated
      file is transferred across a network.

      1b. (O) "Electronic documents that can carry out or trigger
      actions automatically on a computer platform without the
      intervention of a user. [This technology enables] mobile code
      associated with a document to execute as the document is
      rendered." [SP28]

   $ active user
      (I) See: secondary definition under "system user".





Shirey                       Informational                     [Page 14]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ active wiretapping
      (I) A wiretapping attack that attempts to alter data being
      communicated or otherwise affect data flow. (See: wiretapping.
      Compare: active attack, passive wiretapping.)

   $ add-on security
      (N) The retrofitting of protection mechanisms, implemented by
      hardware or software, in an information system after the system
      has become operational. [FP039] (Compare: baked-in security.)

   $ adequate security
      (O) /U.S. DoD/ "Security commensurate with the risk and magnitude
      of harm resulting from the loss, misuse, or unauthorized access to
      or modification of information." (See: acceptable risk, residual
      risk.)

   $ administrative security
      1. (I) Management procedures and constraints to prevent
      unauthorized access to a system. (See: "third law" under
      "Courtney's laws", manager, operational security, procedural
      security, security architecture. Compare: technical security.)

      Examples: Clear delineation and separation of duties;
      configuration control.

      Usage: Administrative security is usually understood to consist of
      methods and mechanisms that are implemented and executed primarily
      by people, rather than by automated systems.

      2. (O) "The management constraints, operational procedures,
      accountability procedures, and supplemental controls established
      to provide an acceptable level of protection for sensitive data."
      [FP039]

   $ administrator
      1. (O) /Common Criteria/ A person that is responsible for
      configuring, maintaining, and administering the TOE in a correct
      manner for maximum security. (See: administrative security.)

      2. (O) /ITSEC/ A person in contact with the TOE, who is
      responsible for maintaining its operational capability.

   $ Advanced Encryption Standard (AES)
      (N) A U.S. Government standard [FP197] (the successor to DES) that
      (a) specifies "the AES algorithm", which is a symmetric block
      cipher that is based on Rijndael and uses key sizes of 128, 192,
      or 256 bits to operate on a 128-bit block, and (b) states policy
      for using that algorithm to protect unclassified, sensitive data.



Shirey                       Informational                     [Page 15]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Tutorial: Rijndael was designed to handle additional block sizes
      and key lengths that were not adopted in the AES. Rijndael was
      selected by NIST through a public competition that was held to
      find a successor to the DEA; the other finalists were MARS, RC6,
      Serpent, and Twofish.

   $ adversary
      1. (I) An entity that attacks a system. (Compare: cracker,
      intruder, hacker.)

      2. (I) An entity that is a threat to a system.

   $ AES
      (N) See: Advanced Encryption Standard.

   $ Affirm
      (O) A formal methodology, language, and integrated set of software
      tools developed at the University of Southern California's
      Information Sciences Institute for specifying, coding, and
      verifying software to produce correct and reliable programs.
      [Cheh]

   $ aggregation
      (I) A circumstance in which a collection of information items is
      required to be classified at a higher security level than any of
      the items is classified individually. (See: classification.)

   $ AH
      (I) See: Authentication Header

   $ air gap
      (I) An interface between two systems at which (a) they are not
      connected physically and (b) any logical connection is not
      automated (i.e., data is transferred through the interface only
      manually, under human control). (See: sneaker net. Compare:
      gateway.)

      Example: Computer A and computer B are on opposite sides of a
      room. To move data from A to B, a person carries a disk across the
      room. If A and B operate in different security domains, then
      moving data across the air gap may involve an upgrade or downgrade
      operation.

   $ ALC
      (O) See: accounting legend code.






Shirey                       Informational                     [Page 16]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ algorithm
      (I) A finite set of step-by-step instructions for a problem-
      solving or computation procedure, especially one that can be
      implemented by a computer. (See: cryptographic algorithm.)

   $ alias
      (I) A name that an entity uses in place of its real name, usually
      for the purpose of either anonymity or masquerade.

   $ Alice and Bob
      (I) The parties that are most often called upon to illustrate the
      operation of bipartite security protocols. These and other
      dramatis personae are listed by Schneier [Schn].

   $ American National Standards Institute (ANSI)
      (N) A private, not-for-profit association that administers U.S.
      private-sector voluntary standards.

      Tutorial: ANSI has approximately 1,000 member organizations,
      including equipment users, manufacturers, and others. These
      include commercial firms, governmental agencies, and other
      institutions and international entities.

      ANSI is the sole U.S. representative to (a) ISO and (b) (via the
      U.S. National Committee) the International Electrotechnical
      Commission (IEC), which are the two major, non-treaty,
      international standards organizations.

      ANSI provides a forum for ANSI-accredited standards development
      groups. Among those groups, the following are especially relevant
      to Internet security:
      -  International Committee for Information Technology
         Standardization (INCITS) (formerly X3): Primary U.S. focus of
         standardization in information and communications technologies,
         encompassing storage, processing, transfer, display,
         management, organization, and retrieval of information.
         Example: [A3092].
      -  Accredited Standards Committee X9: Develops, establishes,
         maintains, and promotes standards for the financial services
         industry. Example: [A9009].
      -  Alliance for Telecommunications Industry Solutions (ATIS):
         Develops standards, specifications, guidelines, requirements,
         technical reports, industry processes, and verification tests
         for interoperability and reliability of telecommunications
         networks, equipment, and software. Example: [A1523].






Shirey                       Informational                     [Page 17]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ American Standard Code for Information Interchange (ASCII)
      (N) A scheme that encodes 128 specified characters -- the numbers
      0-9, the letters a-z and A-Z, some basic punctuation symbols, some
      control codes that originated with Teletype machines, and a blank
      space -- into the 7-bit binary integers. Forms the basis of the
      character set representations used in most computers and many
      Internet standards. [FP001] (See: code.)

   $ Anderson report
      (O) A 1972 study of computer security that was written by James P.
      Anderson for the U.S. Air Force [Ande].

      Tutorial: Anderson collaborated with a panel of experts to study
      Air Force requirements for multilevel security. The study
      recommended research and development that was urgently needed to
      provide secure information processing for command and control
      systems and support systems. The report introduced the reference
      monitor concept and provided development impetus for computer and
      network security technology. However, many of the security
      problems that the 1972 report called "current" still plague
      information systems today.

   $ anomaly detection
      (I) An intrusion detection method that searches for activity that
      is different from the normal behavior of system entities and
      system resources. (See: IDS. Compare: misuse detection.)

   $ anonymity
      (I) The condition of an identity being unknown or concealed. (See:
      alias, anonymizer, anonymous credential, anonymous login,
      identity, onion routing, persona certificate. Compare: privacy.)

      Tutorial: An application may require security services that
      maintain anonymity of users or other system entities, perhaps to
      preserve their privacy or hide them from attack. To hide an
      entity's real name, an alias may be used; for example, a financial
      institution may assign account numbers. Parties to transactions
      can thus remain relatively anonymous, but can also accept the
      transactions as legitimate. Real names of the parties cannot be
      easily determined by observers of the transactions, but an
      authorized third party may be able to map an alias to a real name,
      such as by presenting the institution with a court order. In other
      applications, anonymous entities may be completely untraceable.

   $ anonymizer
      (I) An internetwork service, usually provided via a proxy server,
      that provides anonymity and privacy for clients. That is, the
      service enables a client to access servers (a) without allowing



Shirey                       Informational                     [Page 18]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      anyone to gather information about which servers the client
      accesses and (b) without allowing the accessed servers to gather
      information about the client, such as its IP address.

   $ anonymous credential
      (D) /U.S. Government/ A credential that (a) can be used to
      authenticate a person as having a specific attribute or being a
      member of a specific group (e.g., military veterans or U.S.
      citizens) but (b) does not reveal the individual identity of the
      person that presents the credential. [M0404] (See: anonymity.)

      Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts
      in a potentially misleading way. For example, when the credential
      is an X.509 certificate, the term could be misunderstood to mean
      that the certificate was signed by a CA that has a persona
      certificate. Instead, use "attribute certificate", "organizational
      certificate", or "persona certificate" depending on what is meant,
      and provide additional explanations as needed.

   $ anonymous login
      (I) An access control feature (actually, an access control
      vulnerability) in many Internet hosts that enables users to gain
      access to general-purpose or public services and resources of a
      host (such as allowing any user to transfer data using FTP)
      without having a pre-established, identity-specific account (i.e.,
      user name and password). (See: anonymity.)

      Tutorial: This feature exposes a system to more threats than when
      all the users are known, pre-registered entities that are
      individually accountable for their actions. A user logs in using a
      special, publicly known user name (e.g., "anonymous", "guest", or
      "ftp"). To use the public login name, the user is not required to
      know a secret password and may not be required to input anything
      at all except the name. In other cases, to complete the normal
      sequence of steps in a login protocol, the system may require the
      user to input a matching, publicly known password (such as
      "anonymous") or may ask the user for an e-mail address or some
      other arbitrary character string.

   $ ANSI
      (N) See: American National Standards Institute.

   $ anti-jam
      (N) "Measures ensuring that transmitted information can be
      received despite deliberate jamming attempts." [C4009] (See:
      electronic security, frequency hopping, jam, spread spectrum.)





Shirey                       Informational                     [Page 19]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ apex trust anchor
      (N) The trust anchor that is superior to all other trust anchors
      in a particular system or context. (See: trust anchor, top CA.)

   $ API
      (I) See: application programming interface.

   $ APOP
      (I) See: POP3 APOP.

   $ Application Layer
      See: Internet Protocol Suite, OSIRM.

   $ application program
      (I) A computer program that performs a specific function directly
      for a user (as opposed to a program that is part of a computer
      operating system and exists to perform functions in support of
      application programs).

   $ architecture
      (I) See: security architecture, system architecture.

   $ archive
      1a. (I) /noun/ A collection of data that is stored for a
      relatively long period of time for historical and other purposes,
      such as to support audit service, availability service, or system
      integrity service. (Compare: backup, repository.)

      1b. (I) /verb/ To store data in such a way as to create an
      archive. (Compare: back up.)

      Tutorial: A digital signature may need to be verified many years
      after the signing occurs. The CA -- the one that issued the
      certificate containing the public key needed to verify that
      signature -- may not stay in operation that long. So every CA
      needs to provide for long-term storage of the information needed
      to verify the signatures of those to whom it issues certificates.

   $ ARPANET
      (I) Advanced Research Projects Agency (ARPA) Network, a pioneer
      packet-switched network that (a) was designed, implemented,
      operated, and maintained by BBN from January 1969 until July 1975
      under contract to the U.S. Government; (b) led to the development
      of today's Internet; and (c) was decommissioned in June 1990.
      [B4799, Hafn]

   $ ASCII
      (N) See: American Standard Code for Information Interchange.



Shirey                       Informational                     [Page 20]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ ASN.1
      (N) See: Abstract Syntax Notation One.

   $ asset
      (I) A system resource that is (a) required to be protected by an
      information system's security policy, (b) intended to be protected
      by a countermeasure, or (c) required for a system's mission.

   $ association
      (I) A cooperative relationship between system entities, usually
      for the purpose of transferring information between them. (See:
      security association.)

   $ assurance See: security assurance.

   $ assurance level
      (N) A rank on a hierarchical scale that judges the confidence
      someone can have that a TOE adequately fulfills stated security
      requirements. (See: assurance, certificate policy, EAL, TCSEC.)

      Example: U.S. Government guidance [M0404] describes four assurance
      levels for identity authentication, where each level "describes
      the [U.S. Federal Government] agency's degree of certainty that
      the user has presented [a credential] that refers to [the user's]
      identity." In that guidance, assurance is defined as (a) "the
      degree of confidence in the vetting process used to establish the
      identity of the individual to whom the credential was issued" and
      (b) "the degree of confidence that the individual who uses the
      credential is the individual to whom the credential was issued."

      The four levels are described as follows:
      -  Level 1: Little or no confidence in the asserted identity.
      -  Level 2: Some confidence in the asserted identity.
      -  Level 3: High confidence in the asserted identity.
      -  Level 4: Very high confidence in the asserted identity.

      Standards for determining these levels are provided in a NIST
      publication [SP12]. However, as noted there, an assurance level is
      "a degree of confidence, not a true measure of how secure the
      system actually is. This distinction is necessary because it is
      extremely difficult -- and in many cases, virtually impossible --
      to know exactly how secure a system is."

   $ asymmetric cryptography
      (I) A modern branch of cryptography (popularly known as "public-
      key cryptography") in which the algorithms use a pair of keys (a
      public key and a private key) and use a different component of the
      pair for each of two counterpart cryptographic operations (e.g.,



Shirey                       Informational                     [Page 21]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      encryption and decryption, or signature creation and signature
      verification). (See: key pair, symmetric cryptography.)

      Tutorial: Asymmetric algorithms have key management advantages
      over equivalently strong symmetric ones. First, one key of the
      pair need not be known by anyone but its owner; so it can more
      easily be kept secret. Second, although the other key is shared by
      all entities that use the algorithm, that key need not be kept
      secret from other, non-using entities; thus, the key-distribution
      part of key management can be done more easily.

      Asymmetric cryptography can be used to create algorithms for
      encryption, digital signature, and key agreement:
      -  In an asymmetric encryption algorithm (e.g., "RSA"), when Alice
         wants to ensure confidentiality for data she sends to Bob, she
         encrypts the data with a public key provided by Bob. Only Bob
         has the matching private key that is needed to decrypt the
         data. (Compare: seal.)
      -  In an asymmetric digital signature algorithm (e.g., "DSA"),
         when Alice wants to ensure data integrity or provide
         authentication for data she sends to Bob, she uses her private
         key to sign the data (i.e., create a digital signature based on
         the data). To verify the signature, Bob uses the matching
         public key that Alice has provided.
      -  In an asymmetric key-agreement algorithm (e.g., "Diffie-
         Hellman-Merkle"), Alice and Bob each send their own public key
         to the other party. Then each uses their own private key and
         the other's public key to compute the new key value.

   $ asymmetric key
      (I) A cryptographic key that is used in an asymmetric
      cryptographic algorithm. (See: asymmetric cryptography, private
      key, public key.)

   $ ATIS
      (N) See: "Alliance for Telecommunications Industry Solutions"
      under "ANSI".

   $ attack
      1. (I) An intentional act by which an entity attempts to evade
      security services and violate the security policy of a system.
      That is, an actual assault on system security that derives from an
      intelligent threat. (See: penetration, violation, vulnerability.)

      2. (I) A method or technique used in an assault (e.g.,
      masquerade). (See: blind attack, distributed attack.)





Shirey                       Informational                     [Page 22]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Tutorial: Attacks can be characterized according to intent:
      -  An "active attack" attempts to alter system resources or affect
         their operation.
      -  A "passive attack" attempts to learn or make use of information
         from a system but does not affect system resources of that
         system. (See: wiretapping.)

      The object of a passive attack might be to obtain data that is
      needed for an off-line attack.
      -  An "off-line attack" is one in which the attacker obtains data
         from the target system and then analyzes the data on a
         different system of the attacker's own choosing, possibly in
         preparation for a second stage of attack on the target.

      Attacks can be characterized according to point of initiation:
      -  An "inside attack" is one that is initiated by an entity inside
         the security perimeter (an "insider"), i.e., an entity that is
         authorized to access system resources but uses them in a way
         not approved by the party that granted the authorization.
      -  An "outside attack" is initiated from outside the security
         perimeter, by an unauthorized or illegitimate user of the
         system (an "outsider"). In the Internet, potential outside
         attackers range from amateur pranksters to organized criminals,
         international terrorists, and hostile governments.
      Attacks can be characterized according to method of delivery:
      -  In a "direct attack", the attacker addresses attacking packets
         to the intended victim(s).
      -  In an "indirect attack", the attacker addresses packets to a
         third party, and the packets either have the address(es) of the
         intended victim(s) as their source address(es) or indicate the
         intended victim(s) in some other way. The third party responds
         by sending one or more attacking packets to the intended
         victims. The attacker can use third parties as attack
         amplifiers by providing a broadcast address as the victim
         address (e.g., "smurf attack"). (See: reflector attack.
         Compare: reflection attack, replay attack.)















Shirey                       Informational                     [Page 23]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      The term "attack" relates to some other basic security terms as
      shown in the following diagram:

      + - - - - - - - - - - - - +  + - - - - +  + - - - - - - - - - - -+
      | An Attack:              |  |Counter- |  | A System Resource:   |
      | i.e., A Threat Action   |  | measure |  | Target of the Attack |
      | +----------+            |  |         |  | +-----------------+  |
      | | Attacker |<==================||<=========                 |  |
      | |   i.e.,  |   Passive  |  |         |  | |  Vulnerability  |  |
      | | A Threat |<=================>||<========>                 |  |
      | |  Agent   |  or Active |  |         |  | +-------|||-------+  |
      | +----------+   Attack   |  |         |  |         VVV          |
      |                         |  |         |  | Threat Consequences  |
      + - - - - - - - - - - - - +  + - - - - +  + - - - - - - - - - - -+

   $ attack potential
      (I) The perceived likelihood of success should an attack be
      launched, expressed in terms of the attacker's ability (i.e.,
      expertise and resources) and motivation. (Compare: threat, risk.)

   $ attack sensing, warning, and response
      (I) A set of security services that cooperate with audit service
      to detect and react to indications of threat actions, including
      both inside and outside attacks. (See: indicator.)

   $ attack tree
      (I) A branching, hierarchical data structure that represents a set
      of potential approaches to achieving an event in which system
      security is penetrated or compromised in a specified way. [Moor]

      Tutorial: Attack trees are special cases of fault trees. The
      security incident that is the goal of the attack is represented as
      the root node of the tree, and the ways that an attacker could
      reach that goal are iteratively and incrementally represented as
      branches and subnodes of the tree. Each subnode defines a subgoal,
      and each subgoal may have its own set of further subgoals, etc.
      The final nodes on the paths outward from the root, i.e., the leaf
      nodes, represent different ways to initiate an attack. Each node
      other than a leaf is either an AND-node or an OR-node. To achieve
      the goal represented by an AND-node, the subgoals represented by
      all of that node's subnodes must be achieved; and for an OR-node,
      at least one of the subgoals must be achieved. Branches can be
      labeled with values representing difficulty, cost, or other attack
      attributes, so that alternative attacks can be compared.







Shirey                       Informational                     [Page 24]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ attribute
      (N) Information of a particular type concerning an identifiable
      system entity or object. An "attribute type" is the component of
      an attribute that indicates the class of information given by the
      attribute; and an "attribute value" is a particular instance of
      the class of information indicated by an attribute type. (See:
      attribute certificate.)

   $ attribute authority (AA)
      1. (N) A CA that issues attribute certificates.

      2. (O) "An authority [that] assigns privileges by issuing
      attribute certificates." [X509]

      Deprecated Usage: The abbreviation "AA" SHOULD NOT be used in an
      IDOC unless it is first defined in the IDOC.

   $ attribute certificate
      1. (I) A digital certificate that binds a set of descriptive data
      items, other than a public key, either directly to a subject name
      or to the identifier of another certificate that is a public-key
      certificate. (See: capability token.)

      2. (O) "A data structure, digitally signed by an [a]ttribute
      [a]uthority, that binds some attribute values with identification
      information about its holder." [X509]

      Tutorial: A public-key certificate binds a subject name to a
      public key value, along with information needed to perform certain
      cryptographic functions using that key. Other attributes of a
      subject, such as a security clearance, may be certified in a
      separate kind of digital certificate, called an attribute
      certificate. A subject may have multiple attribute certificates
      associated with its name or with each of its public-key
      certificates.

      An attribute certificate might be issued to a subject in the
      following situations:
      -  Different lifetimes: When the lifetime of an attribute binding
         is shorter than that of the related public-key certificate, or
         when it is desirable not to need to revoke a subject's public
         key just to revoke an attribute.
      -  Different authorities: When the authority responsible for the
         attributes is different than the one that issues the public-key
         certificate for the subject. (There is no requirement that an
         attribute certificate be issued by the same CA that issued the
         associated public-key certificate.)




Shirey                       Informational                     [Page 25]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ audit
      See: security audit.

   $ audit log
      (I) Synonym for "security audit trail".

   $ audit service
      (I) A security service that records information needed to
      establish accountability for system events and for the actions of
      system entities that cause them. (See: security audit.)

   $ audit trail
      (I) See: security audit trail.

   $ AUTH
      (I) See: POP3 AUTH.

   $ authenticate
      (I) Verify (i.e., establish the truth of) an attribute value
      claimed by or for a system entity or system resource. (See:
      authentication, validate vs. verify, "relationship between data
      integrity service and authentication services" under "data
      integrity service".)

      Deprecated Usage: In general English usage, this term is used with
      the meaning "to prove genuine" (e.g., an art expert authenticates
      a Michelangelo painting); but IDOCs should restrict usage as
      follows:
      -  IDOCs SHOULD NOT use this term to refer to proving or checking
         that data has not been changed, destroyed, or lost in an
         unauthorized or accidental manner. Instead, use "verify".
      -  IDOCs SHOULD NOT use this term to refer to proving the truth or
         accuracy of a fact or value such as a digital signature.
         Instead, use "verify".
      -  IDOCs SHOULD NOT use this term to refer to establishing the
         soundness or correctness of a construct, such as a digital
         certificate. Instead, use "validate".

   $ authentication
      (I) The process of verifying a claim that a system entity or
      system resource has a certain attribute value. (See: attribute,
      authenticate, authentication exchange, authentication information,
      credential, data origin authentication, peer entity
      authentication, "relationship between data integrity service and
      authentication services" under "data integrity service", simple
      authentication, strong authentication, verification, X.509.)





Shirey                       Informational                     [Page 26]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Tutorial: Security services frequently depend on authentication of
      the identity of users, but authentication may involve any type of
      attribute that is recognized by a system. A claim may be made by a
      subject about itself (e.g., at login, a user typically asserts its
      identity) or a claim may be made on behalf of a subject or object
      by some other system entity (e.g., a user may claim that a data
      object originates from a specific source, or that a data object is
      classified at a specific security level).

      An authentication process consists of two basic steps:
      -  Identification step: Presenting the claimed attribute value
         (e.g., a user identifier) to the authentication subsystem.
      -  Verification step: Presenting or generating authentication
         information (e.g., a value signed with a private key) that acts
         as evidence to prove the binding between the attribute and that
         for which it is claimed. (See: verification.)

   $ authentication code
      (D) Synonym for a checksum based on cryptography. (Compare: Data
      Authentication Code, Message Authentication Code.)

      Deprecated Term: IDOCs SHOULD NOT use this uncapitalized term as a
      synonym for any kind of checksum, regardless of whether or not the
      checksum is cryptographic. Instead, use "checksum", "Data
      Authentication Code", "error detection code", "hash", "keyed
      hash", "Message Authentication Code", "protected checksum", or
      some other recommended term, depending on what is meant.

      The term mixes concepts in a potentially misleading way. The word
      "authentication" is misleading because the checksum may be used to
      perform a data integrity function rather than a data origin
      authentication function.

   $ authentication exchange
      1. (I) A mechanism to verify the identity of an entity by means of
      information exchange.

      2. (O) "A mechanism intended to ensure the identity of an entity
      by means of information exchange." [I7498-2]

   $ Authentication Header (AH)
      (I) An Internet protocol [R2402, R4302] designed to provide
      connectionless data integrity service and connectionless data
      origin authentication service for IP datagrams, and (optionally)
      to provide partial sequence integrity and protection against
      replay attacks. (See: IPsec. Compare: ESP.)





Shirey                       Informational                     [Page 27]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Tutorial: Replay protection may be selected by the receiver when a
      security association is established. AH authenticates the upper-
      layer PDU that is carried as an IP SDU, and also authenticates as
      much of the IP PCI (i.e., the IP header) as possible. However,
      some IP header fields may change in transit, and the value of
      these fields, when the packet arrives at the receiver, may not be
      predictable by the sender. Thus, the values of such fields cannot
      be protected end-to-end by AH; protection of the IP header by AH
      is only partial when such fields are present.

      AH may be used alone, or in combination with the ESP, or in a
      nested fashion with tunneling. Security services can be provided
      between a pair of communicating hosts, between a pair of
      communicating security gateways, or between a host and a gateway.
      ESP can provide nearly the same security services as AH, and ESP
      can also provide data confidentiality service. The main difference
      between authentication services provided by ESP and AH is the
      extent of the coverage; ESP does not protect IP header fields
      unless they are encapsulated by AH.

   $ authentication information
      (I) Information used to verify an identity claimed by or for an
      entity. (See: authentication, credential, user. Compare:
      identification information.)

      Tutorial: Authentication information may exist as, or be derived
      from, one of the following: (a) Something the entity knows (see:
      password); (b) something the entity possesses (see: token); (c)
      something the entity is (see: biometric authentication).

   $ authentication service
      (I) A security service that verifies an identity claimed by or for
      an entity. (See: authentication.)

      Tutorial: In a network, there are two general forms of
      authentication service: data origin authentication service and
      peer entity authentication service.

   $ authenticity
      (I) The property of being genuine and able to be verified and be
      trusted. (See: authenticate, authentication, validate vs. verify.)

   $ authority
      (D) /PKI/ "An entity [that is] responsible for the issuance of
      certificates." [X509]






Shirey                       Informational                     [Page 28]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Deprecated Usage: IDOCs SHOULD NOT use this term as a synonym for
      attribute authority, certification authority, registration
      authority, or similar terms; the shortened form may cause
      confusion. Instead, use the full term at the first instance of
      usage and then, if it is necessary to shorten text, use AA, CA,
      RA, and other abbreviations defined in this Glossary.

   $ authority certificate
      (D) "A certificate issued to an authority (e.g. either to a
      certification authority or to an attribute authority)." [X509]
      (See: authority.)

      Deprecated Term: IDOCs SHOULD NOT use this term because it is
      ambiguous. Instead, use the full term "certification authority
      certificate", "attribute authority certificate", "registration
      authority certificate", etc. at the first instance of usage and
      then, if it is necessary to shorten text, use AA, CA, RA, and
      other abbreviations defined in this Glossary.

   $ Authority Information Access extension
      (I) The private extension defined by PKIX for X.509 certificates
      to indicate "how to access CA information and services for the
      issuer of the certificate in which the extension appears.
      Information and services may include on-line validation services
      and CA policy data." [R3280] (See: private extension.)

   $ authorization
      1a. (I) An approval that is granted to a system entity to access a
      system resource. (Compare: permission, privilege.)

      Usage: Some synonyms are "permission" and "privilege". Specific
      terms are preferred in certain contexts:
      -  /PKI/ "Authorization" SHOULD be used, to align with
         "certification authority" in the standard [X509].
      -  /role-based access control/ "Permission" SHOULD be used, to
         align with the standard [ANSI].
      -  /computer operating systems/ "Privilege" SHOULD be used, to
         align with the literature. (See: privileged process, privileged
         user.)

      Tutorial: The semantics and granularity of authorizations depend
      on the application and implementation (see: "first law" under
      "Courtney's laws"). An authorization may specify a particular
      access mode -- such as read, write, or execute -- for one or more
      system resources.

      1b. (I) A process for granting approval to a system entity to
      access a system resource.



Shirey                       Informational                     [Page 29]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      2. (O) /SET/ "The process by which a properly appointed person or
      persons grants permission to perform some action on behalf of an
      organization. This process assesses transaction risk, confirms
      that a given transaction does not raise the account holder's debt
      above the account's credit limit, and reserves the specified
      amount of credit. (When a merchant obtains authorization, payment
      for the authorized amount is guaranteed -- provided, of course,
      that the merchant followed the rules associated with the
      authorization process.)" [SET2]

   $ authorization credential
      (I) See: /access control/ under "credential".

   $ authorize
      (I) Grant an authorization to a system entity.

   $ authorized user
      (I) /access control/ A system entity that accesses a system
      resource for which the entity has received an authorization.
      (Compare: insider, outsider, unauthorized user.)

      Deprecated Usage: IDOCs that use this term SHOULD state a
      definition for it because the term is used in many ways and could
      easily be misunderstood.

   $ automated information system
      See: information system.

   $ availability
      1. (I) The property of a system or a system resource being
      accessible, or usable or operational upon demand, by an authorized
      system entity, according to performance specifications for the
      system; i.e., a system is available if it provides services
      according to the system design whenever users request them. (See:
      critical, denial of service. Compare: precedence, reliability,
      survivability.)

      2. (O) "The property of being accessible and usable upon demand by
      an authorized entity." [I7498-2]

      3. (D) "Timely, reliable access to data and information services
      for authorized users." [C4009]

      Deprecated Definition: IDOCs SHOULD NOT use the term with
      definition 3; the definition mixes "availability" with
      "reliability", which is a different property. (See: reliability.)





Shirey                       Informational                     [Page 30]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Tutorial: Availability requirements can be specified by
      quantitative metrics, but sometimes are stated qualitatively, such
      as in the following:
      -  "Flexible tolerance for delay" may mean that brief system
         outages do not endanger mission accomplishment, but extended
         outages may endanger the mission.
      -  "Minimum tolerance for delay" may mean that mission
         accomplishment requires the system to provide requested
         services in a short time.

   $ availability service
      (I) A security service that protects a system to ensure its
      availability.

      Tutorial: This service addresses the security concerns raised by
      denial-of-service attacks. It depends on proper management and
      control of system resources, and thus depends on access control
      service and other security services.

   $ avoidance
      (I) See: secondary definition under "security".

   $ B1, B2, or B3 computer system
      (O) /TCSEC/ See: Tutorial under "Trusted Computer System
      Evaluation Criteria".

   $ back door
      1. (I) /COMPUSEC/ A computer system feature -- which may be (a) an
      unintentional flaw, (b) a mechanism deliberately installed by the
      system's creator, or (c) a mechanism surreptitiously installed by
      an intruder -- that provides access to a system resource by other
      than the usual procedure and usually is hidden or otherwise not
      well-known. (See: maintenance hook. Compare: Trojan Horse.)

      Example: A way to access a computer other than through a normal
      login. Such an access path is not necessarily designed with
      malicious intent; operating systems sometimes are shipped by the
      manufacturer with hidden accounts intended for use by field
      service technicians or the vendor's maintenance programmers.

      2. (I) /cryptography/ A feature of a cryptographic system that
      makes it easily possible to break or circumvent the protection
      that the system is designed to provide.

      Example: A feature that makes it possible to decrypt cipher text
      much more quickly than by brute-force cryptanalysis, without
      having prior knowledge of the decryption key.




Shirey                       Informational                     [Page 31]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ back up
      (I) /verb/ Create a reserve copy of data or, more generally,
      provide alternate means to perform system functions despite loss
      of system resources. (See: contingency plan. Compare: archive.)

   $ backup
      (I) /noun or adjective/ Refers to alternate means of performing
      system functions despite loss of system resources. (See:
      contingency plan).

      Example: A reserve copy of data, preferably one that is stored
      separately from the original, for use if the original becomes lost
      or damaged. (Compare: archive.)

   $ bagbiter
      (D) /slang/ "An entity, such as a program or a computer, that
      fails to work or that works in a remarkably clumsy manner. A
      person who has caused some trouble, inadvertently or otherwise,
      typically by failing to program the computer properly." [NCSSG]
      (See: flaw.)

      Deprecated Term: It is likely that other cultures use different
      metaphors for these concepts. Therefore, to avoid international
      misunderstanding, IDOCs SHOULD NOT use this term. (See: Deprecated
      Usage under "Green Book".)

   $ baggage
      (O) /SET/ An "opaque encrypted tuple, which is included in a SET
      message but appended as external data to the PKCS encapsulated
      data. This avoids superencryption of the previously encrypted
      tuple, but guarantees linkage with the PKCS portion of the
      message." [SET2]

      Deprecated Usage: IDOCs SHOULD NOT use this term to describe a
      data element, except in the form "SET(trademark) baggage" with the
      meaning given above.

   $ baked-in security
      (D) The inclusion of security mechanisms in an information system
      beginning at an early point in the system's lifecycle, i.e.,
      during the design phase, or at least early in the implementation
      phase. (Compare: add-on security.)

      Deprecated Term: It is likely that other cultures use different
      metaphors for this concept. Therefore, to avoid international
      misunderstanding, IDOCs SHOULD NOT use this term (unless they also
      provide a definition like this one). (See: Deprecated Usage under
      "Green Book".)



Shirey                       Informational                     [Page 32]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ bandwidth
      (I) The total width of the frequency band that is available to or
      used by a communication channel; usually expressed in Hertz (Hz).
      (RFC 3753) (Compare: channel capacity.)

   $ bank identification number (BIN)
      1. (O) The digits of a credit card number that identify the
      issuing bank. (See: primary account number.)

      2. (O) /SET/ The first six digits of a primary account number.

   $ Basic Encoding Rules (BER)
      (I) A standard for representing ASN.1 data types as strings of
      octets. [X690] (See: Distinguished Encoding Rules.)

      Deprecated Usage: Sometimes incorrectly treated as part of ASN.1.
      However, ASN.1 properly refers only to a syntax description
      language, and not to the encoding rules for the language.

   $ Basic Security Option
      (I) See: secondary definition under "IPSO".

   $ bastion host
      (I) A strongly protected computer that is in a network protected
      by a firewall (or is part of a firewall) and is the only host (or
      one of only a few) in the network that can be directly accessed
      from networks on the other side of the firewall. (See: firewall.)

      Tutorial: Filtering routers in a firewall typically restrict
      traffic from the outside network to reaching just one host, the
      bastion host, which usually is part of the firewall. Since only
      this one host can be directly attacked, only this one host needs
      to be very strongly protected, so security can be maintained more
      easily and less expensively. However, to allow legitimate internal
      and external users to access application resources through the
      firewall, higher-layer protocols and services need to be relayed
      and forwarded by the bastion host. Some services (e.g., DNS and
      SMTP) have forwarding built in; other services (e.g., TELNET and
      FTP) require a proxy server on the bastion host.

   $ BBN Technologies Corp. (BBN)
      (O) The research-and-development company (originally called Bolt
      Baranek and Newman, Inc.) that built the ARPANET.

   $ BCA
      (O) See: brand certification authority.





Shirey                       Informational                     [Page 33]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ BCR
      (O) See: BLACK/Crypto/RED.

   $ BCI
      (O) See: brand CRL identifier.

   $ Bell-LaPadula model
      (N) A formal, mathematical, state-transition model of
      confidentiality policy for multilevel-secure computer systems
      [Bell]. (Compare: Biba model, Brewer-Nash model.)

      Tutorial: The model, devised by David Bell and Leonard LaPadula at
      The MITRE Corporation in 1973, characterizes computer system
      elements as subjects and objects. To determine whether or not a
      subject is authorized for a particular access mode on an object,
      the clearance of the subject is compared to the classification of
      the object. The model defines the notion of a "secure state", in
      which the only permitted access modes of subjects to objects are
      in accordance with a specified security policy. It is proven that
      each state transition preserves security by moving from secure
      state to secure state, thereby proving that the system is secure.
      In this model, a multilevel-secure system satisfies several rules,
      including the "confinement property" (a.k.a. the "*-property"),
      the "simple security property", and the "tranquility property".

   $ benign
      1. (N) /COMSEC/ "Condition of cryptographic data [such] that [the
      data] cannot be compromised by human access [to the data]."
      [C4009]

      2. (O) /COMPUSEC/ See: secondary definition under "trust".

   $ benign fill
      (N) Process by which keying material is generated, distributed,
      and placed into an ECU without exposure to any human or other
      system entity, except the cryptographic module that consumes and
      uses the material. (See: benign.)

   $ BER
      (I) See: Basic Encoding Rules.

   $ beyond A1
      1. (O) /formal/ A level of security assurance that is beyond the
      highest level (level A1) of criteria specified by the TCSEC. (See:
      Tutorial under "Trusted Computer System Evaluation Criteria".)






Shirey                       Informational                     [Page 34]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      2. (O) /informal/ A level of trust so high that it is beyond
      state-of-the-art technology; i.e., it cannot be provided or
      verified by currently available assurance methods, and especially
      not by currently available formal methods.

   $ Biba integrity
      (N) Synonym for "source integrity".

   $ Biba model
      (N) A formal, mathematical, state-transition model of integrity
      policy for multilevel-secure computer systems [Biba]. (See: source
      integrity. Compare: Bell-LaPadula model.)

      Tutorial: This model for integrity control is analogous to the
      Bell-LaPadula model for confidentiality control. Each subject and
      object is assigned an integrity level and, to determine whether or
      not a subject is authorized for a particular access mode on an
      object, the integrity level of the subject is compared to that of
      the object. The model prohibits the changing of information in an
      object by a subject with a lesser or incomparable level. The rules
      of the Biba model are duals of the corresponding rules in the
      Bell-LaPadula model.

   $ billet
      (N) "A personnel position or assignment that may be filled by one
      person." [JCP1] (Compare: principal, role, user.)

      Tutorial: In an organization, a "billet" is a populational
      position, of which there is exactly one instance; but a "role" is
      functional position, of which there can be multiple instances.
      System entities are in one-to-one relationships with their
      billets, but may be in many-to-one and one-to-many relationships
      with their roles.

   $ BIN
      (O) See: bank identification number.

   $ bind
      (I) To inseparably associate by applying some security mechanism.

      Example: A CA creates a public-key certificate by using a digital
      signature to bind together (a) a subject name, (b) a public key,
      and usually (c) some additional data items (e.g., "X.509 public-
      key certificate").

   $ biometric authentication
      (I) A method of generating authentication information for a person
      by digitizing measurements of a physical or behavioral



Shirey                       Informational                     [Page 35]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      characteristic, such as a fingerprint, hand shape, retina pattern,
      voiceprint, handwriting style, or face.

   $ birthday attack
      (I) A class of attacks against cryptographic functions, including
      both encryption functions and hash functions. The attacks take
      advantage of a statistical property: Given a cryptographic
      function having an N-bit output, the probability is greater than
      1/2 that for 2**(N/2) randomly chosen inputs, the function will
      produce at least two outputs that are identical. (See: Tutorial
      under "hash function".)

      Derivation: From the somewhat surprising fact (often called the
      "birthday paradox") that although there are 365 days in a year,
      the probability is greater than 1/2 that two of more people share
      the same birthday in any randomly chosen group of 23 people.

      Birthday attacks enable an adversary to find two inputs for which
      a cryptographic function produces the same cipher text (or find
      two inputs for which a hash functions produces the same hash
      result) much faster than a brute-force attack can; and a clever
      adversary can use such a capability to create considerable
      mischief. However, no birthday attack can enable an adversary to
      decrypt a given cipher text (or find a hash input that results in
      a given hash result) any faster than a brute-force attack can.

   $ bit
      (I) A contraction of the term "binary digit"; the smallest unit of
      information storage, which has two possible states or values. The
      values usually are represented by the symbols "0" (zero) and "1"
      (one). (See: block, byte, nibble, word.)

   $ bit string
      (I) A sequence of bits, each of which is either "0" or "1".

   $ BLACK
      1. (N) Designation for data that consists only of cipher text, and
      for information system equipment items or facilities that handle
      only cipher text. Example: "BLACK key". (See: BCR, color change,
      RED/BLACK separation. Compare: RED.)

      2. (O) /U.S. Government/ "Designation applied to information
      systems, and to associated areas, circuits, components, and
      equipment, in which national security information is encrypted or
      is not processed." [C4009]

      3. (D) Any data that can be disclosed without harm.




Shirey                       Informational                     [Page 36]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Deprecated Definition: IDOCs SHOULD NOT use the term with
      definition 3 because the definition is ambiguous with regard to
      whether or not the data is protected.

   $ BLACK/Crypto/RED (BCR)
      (N) An experimental, end-to-end, network packet encryption system
      developed in a working prototype form by BBN and the Collins Radio
      division of Rockwell Corporation in the 1975-1980 time frame for
      the U.S. DoD. BCR was the first network security system to support
      TCP/IP traffic, and it incorporated the first DES chips that were
      validated by the U.S. National Bureau of Standards (now called
      NIST). BCR also was the first to use a KDC and an ACC to manage
      connections.

   $ BLACK key
      (N) A key that is protected with a key-encrypting key and that
      must be decrypted before use. (See: BLACK. Compare: RED key.)

   $ BLACKER
      (O) An end-to-end encryption system for computer data networks
      that was developed by the U.S. DoD in the 1980s to provide host-
      to-host data confidentiality service for datagrams at OSIRM Layer
      3. [Weis] (Compare: CANEWARE, IPsec.)

      Tutorial: Each user host connects to its own bump-in-the-wire
      encryption device called a BLACKER Front End (BFE, TSEC/KI-111),
      through which the host connects to the subnetwork. The system also
      includes two types of centralized devices: one or more KDCs
      connect to the subnetwork and communicate with assigned sets of
      BFEs, and one or more ACCs connect to the subnetwork and
      communicate with assigned KDCs. BLACKER uses only symmetric
      encryption. A KDC distributes session keys to BFE pairs as
      authorized by an ACC. Each ACC maintains a database for a set of
      BFEs, and the database determines which pairs from that set (i.e.,
      which pairs of user hosts behind the BFEs) are authorized to
      communicate and at what security levels.

      The BLACKER system is MLS in three ways: (a) The BFEs form a
      security perimeter around a subnetwork, separating user hosts from
      the subnetwork, so that the subnetwork can operate at a different
      security level (possibly a lower, less expensive level) than the
      hosts. (b) The BLACKER components are trusted to separate
      datagrams of different security levels, so that each datagram of a
      given security level can be received only by a host that is
      authorized for that security level; and thus BLACKER can separate
      host communities that operate at different security levels. (c)
      The host side of a BFE is itself MLS and can recognize a security
      label on each packet, so that an MLS user host can be authorized



Shirey                       Informational                     [Page 37]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      to successively transmit datagrams that are labeled with different
      security levels.

   $ blind attack
      (I) A type of network-based attack method that does not require
      the attacking entity to receive data traffic from the attacked
      entity; i.e., the attacker does not need to "see" data packets
      sent by the victim. Example: SYN flood.

      Tutorial: If an attack method is blind, the attacker's packets can
      carry (a) a false IP source address (making it difficult for the
      victim to find the attacker) and (b) a different address on every
      packet (making it difficult for the victim to block the attack).
      If the attacker needs to receive traffic from the victim, the
      attacker must either (c) reveal its own IP address to the victim
      (which enables the victim to find the attacker or block the attack
      by filtering) or (d) provide a false address and also subvert
      network routing mechanisms to divert the returning packets to the
      attacker (which makes the attack more complex, more difficult, or
      more expensive). [R3552]

   $ block
      (I) A bit string or bit vector of finite length. (See: bit, block
      cipher. Compare: byte, word.)

      Usage: An "N-bit block" contains N bits, which usually are
      numbered from left to right as 1, 2, 3, ..., N.

   $ block cipher
      (I) An encryption algorithm that breaks plain text into fixed-size
      segments and uses the same key to transform each plaintext segment
      into a fixed-size segment of cipher text. Examples: AES, Blowfish,
      DEA, IDEA, RC2, and SKIPJACK. (See: block, mode. Compare: stream
      cipher.)

      Tutorial: A block cipher can be adapted to have a different
      external interface, such as that of a stream cipher, by using a
      mode of cryptographic operation to package the basic algorithm.
      (See: CBC, CCM, CFB, CMAC, CTR, DEA, ECB, OFB.)

   $ Blowfish
      (N) A symmetric block cipher with variable-length key (32 to 448
      bits) designed in 1993 by Bruce Schneier as an unpatented,
      license-free, royalty-free replacement for DES or IDEA. [Schn]
      (See: Twofish.)






Shirey                       Informational                     [Page 38]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ brain-damaged
      (D) /slang/ "Obviously wrong: extremely poorly designed. Calling
      something brain-damaged is very extreme. The word implies that the
      thing is completely unusable, and that its failure to work is due
      to poor design, not accident." [NCSSG] (See: flaw.)

      Deprecated Term: It is likely that other cultures use different
      metaphors for this concept. Therefore, to avoid international
      misunderstanding, IDOCs SHOULD NOT use this term. (See: Deprecated
      Usage under "Green Book".)

   $ brand
      1. (I) A distinctive mark or name that identifies a product or
      business entity.

      2. (O) /SET/ The name of a payment card. (See: BCA.)

      Tutorial: Financial institutions and other companies have founded
      payment card brands, protect and advertise the brands, establish
      and enforce rules for use and acceptance of their payment cards,
      and provide networks to interconnect the financial institutions.
      These brands combine the roles of issuer and acquirer in
      interactions with cardholders and merchants. [SET1]

   $ brand certification authority (BCA)
      (O) /SET/ A CA owned by a payment card brand, such as MasterCard,
      Visa, or American Express. [SET2] (See: certification hierarchy,
      SET.)

   $ brand CRL identifier (BCI)
      (O) /SET/ A digitally signed list, issued by a BCA, of the names
      of CAs for which CRLs need to be processed when verifying
      signatures in SET messages. [SET2]

   $ break
      (I) /cryptography/ To successfully perform cryptanalysis and thus
      succeed in decrypting data or performing some other cryptographic
      function, without initially having knowledge of the key that the
      function requires. (See: penetrate, strength, work factor.)

      Usage: This term applies to encrypted data or, more generally, to
      a cryptographic algorithm or cryptographic system. Also, while the
      most common use is to refer to completely breaking an algorithm,
      the term is also used when a method is found that substantially
      reduces the work factor.






Shirey                       Informational                     [Page 39]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ Brewer-Nash model
      (N) A security model [BN89] to enforce the Chinese wall policy.
      (Compare: Bell-LaPadula model, Clark-Wilson model.)

      Tutorial: All proprietary information in the set of commercial
      firms F(1), F(2), ..., F(N) is categorized into mutually exclusive
      conflict-of-interest classes I(1), I(2), ..., I(M) that apply
      across all firms. Each firm belongs to exactly one class. The
      Brewer-Nash model has the following mandatory rules:
      -  Brewer-Nash Read Rule: Subject S can read information object O
         from firm F(i) only if either (a) O is from the same firm as
         some object previously read by S *or* (b) O belongs to a class
         I(i) from which S has not previously read any object. (See:
         object, subject.)
      -  Brewer-Nash Write Rule: Subject S can write information object
         O to firm F(i) only if (a) S can read O by the Brewer-Nash Read
         Rule *and* (b) no object can be read by S from a different firm
         F(j), no matter whether F(j) belongs to the same class as F(i)
         or to a different class.

   $ bridge
      (I) A gateway for traffic flowing at OSIRM Layer 2 between two
      networks (usually two LANs). (Compare: bridge CA, router.)

   $ bridge CA
      (I) A PKI consisting of only a CA that cross-certifies with CAs of
      some other PKIs. (See: cross-certification. Compare: bridge.)

      Tutorial: A bridge CA functions as a hub that enables a
      certificate user in any of the PKIs that attach to the bridge, to
      validate certificates issued in the other attached PKIs.

      For example, a bridge CA (BCA)                 CA1
      could cross-certify with four                   ^
      PKIs that have the roots CA1,                   |
      CA2, CA3, and CA4. The cross-                   v
      certificates that the roots            CA2 <-> BCA <-> CA3
      exchange with the BCA enable an                 ^
      end entity EE1 certified under                  |
      under CA1 in PK1 to construct                   v
      a certification path needed to                 CA4
      validate the certificate of
      end entity EE2 under CA2,           CA1 -> BCA -> CA2 -> EE2
      or vice versa.                     CA2 -> BCA -> CA1 -> EE1







Shirey                       Informational                     [Page 40]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ British Standard 7799
      (N) Part 1 of the standard is a code of practice for how to secure
      an information system. Part 2 specifies the management framework,
      objectives, and control requirements for information security
      management systems. [BS7799] (See: ISO 17799.)

   $ browser
      (I) A client computer program that can retrieve and display
      information from servers on the World Wide Web. Examples: Netscape
      Navigator and Microsoft Internet Explorer.

   $ brute force
      (I) A cryptanalysis technique or other kind of attack method
      involving an exhaustive procedure that tries a large number of
      possible solutions to the problem. (See: impossible, strength,
      work factor.)

      Tutorial: In some cases, brute force involves trying all of the
      possibilities. For example, for cipher text where the analyst
      already knows the decryption algorithm, a brute-force technique
      for finding matching plain text is to decrypt the message with
      every possible key. In other cases, brute force involves trying a
      large number of possibilities but substantially fewer than all of
      them. For example, given a hash function that produces an N-bit
      hash result, the probability is greater than 1/2 that the analyst
      will find two inputs that have the same hash result after trying
      only 2**(N/2) randomly chosen inputs. (See: birthday attack.)

   $ BS7799
      (N) See: British Standard 7799.

   $ buffer overflow
      (I) Any attack technique that exploits a vulnerability resulting
      from computer software or hardware that does not check for
      exceeding the bounds of a storage area when data is written into a
      sequence of storage locations beginning in that area.

      Tutorial: By causing a normal system operation to write data
      beyond the bounds of a storage area, the attacker seeks to either
      disrupt system operation or cause the system to execute malicious
      software inserted by the attacker.

   $ buffer zone
      (I) A neutral internetwork segment used to connect other segments
      that each operate under a different security policy.






Shirey                       Informational                     [Page 41]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Tutorial: To connect a private network to the Internet or some
      other relatively public network, one could construct a small,
      separate, isolated LAN and connect it to both the private network
      and the public network; one or both of the connections would
      implement a firewall to limit the traffic that could pass through
      the buffer zone.

   $ bulk encryption
      1. (I) Encryption of multiple channels by aggregating them into a
      single transfer path and then encrypting that path. (See:
      channel.)

      2. (O) "Simultaneous encryption of all channels of a multichannel
      telecommunications link." [C4009] (Compare: bulk keying material.)

      Usage: The use of "simultaneous" in definition 2 could be
      interpreted to mean that multiple channels are encrypted
      separately but at the same time. However, the common meaning of
      the term is that multiple data flows are combined into a single
      stream and then that stream is encrypted as a whole.

   $ bulk key
      (D) In a few published descriptions of hybrid encryption for SSH,
      Windows 2000, and other applications, this term refers to a
      symmetric key that (a) is used to encrypt a relatively large
      amount of data and (b) is itself encrypted with a public key.
      (Compare: bulk keying material, session key.)

      Example: To send a large file to Bob, Alice (a) generates a
      symmetric key and uses it to encrypt the file (i.e., encrypt the
      bulk of the information that is to be sent) and then (b) encrypts
      that symmetric key (the "bulk key") with Bob's public key.

      Deprecated Term: IDOCs SHOULD NOT use this term or definition; the
      term is not well-established and could be confused with the
      established term "bulk keying material". Instead, use "symmetric
      key" and carefully explain how the key is applied.

   $ bulk keying material
      (N) Refers to handling keying material in large quantities, e.g.,
      as a dataset that contains many items of keying material. (See:
      type 0. Compare: bulk key, bulk encryption.)

   $ bump-in-the-stack
      (I) An implementation approach that places a network security
      mechanism inside the system that is to be protected. (Compare:
      bump-in-the-wire.)




Shirey                       Informational                     [Page 42]

RFC 4949         Internet Security Glossary, Version 2       August 2007


      Example: IPsec can be implemented inboard, in the protocol stack
      of an existing system or existing system design, by placing a new
      layer between the existing IP layer and the OSIRM Layer 3 drivers.
      Source code access for the existing stack is not required, but the
      system that contains the stack does need to be modified [R4301].

   $ bump-in-the-wire
      (I) An implementation approach that places a network security
      mechanism outside of the system that is to be protected. (Compare:
      bump-in-the-stack.)

      Example: IPsec can be implemented outboard, in a physically
      separate device, so that the system that receives the IPsec
      protection does not need to be modified at all [R4301]. Military-
      grade link encryption has mainly been implemented as bump-in-the-
      wire devices.

   $ business-case analysis
      (N) An extended form of cost-benefit analysis that considers
      factors beyond financial metrics, including security factors such
      as the requirement for security services, their technical and
      programmatic feasibility, their qualitative benefits, and
      associated risks. (See: risk analysis.)

   $ byte
      (I) A fundamental unit of computer storage; the smallest
      addressable unit in a computer's architecture. Usually holds one
      character of information and, today, usually means eight bits.
      (Compare: octet.)

      Usage: Understood to be larger than a "bit", but smaller than a
      "word". Although "byte" almost always means "octet" today, some
      computer architectures have had bytes in other sizes (e.g., six
      bits, nine bits). Therefore, an STD SHOULD state the number of
      bits in a byte where the term is first used in the STD.

   $ C field
      (D) See: Compartments field.

   $ C1 or C2 computer system
      (O) /TCSEC/ See: Tutorial under "Trusted Computer System
      Evaluation Criteria".

   $ CA
      (I) See: certification authority.






Shirey                       Informational                     [Page 43]

RFC 4949         Internet Security Glossary, Version 2       August 2007


   $ CA certificate
      (D) "A [digital] certificate for one CA issued by another CA."
      [X509]

      Deprecated Definition: IDOCs SHOULD NOT use the term with this
      definition; the definition is ambiguous with regard to how the
      certificate is constructed and how it is intended to be used.
      IDOCs that use this term SHOULD provide a technical definition for
      it. (See: certificate profile.)

      Tutorial: There is no single, obvious choice for a technical
      definition of this term. Different PKIs can use different
      certificate profiles, and X.509 provides several choices of how to
      issue certificates to CAs. For example, one possible definition is
      the following: A v3 X.509 public-key certificate that has a
      "basicConstraints" extension containing a "cA" value of "TRUE".
      That would specifically indicate that "the certified public key
      may be used to verify certificate signatures", i.e., that the
      private key may be used by a CA.

      However, there also are other ways to indicate such usage. The
      certificate may have a "key Usage" extension that indicates the
      purposes for which the public key may be used, and one of the
      values that X.509 defines for that extension is "keyCertSign", to
      indicate that the certificate may be used for verifying a CA's
      signature on certificates. If "keyCertSign" is present in a
      certificate that also has a "basicConstraints" extension, then
      "cA" is set to "TRUE" in that extension. Alternatively, a CA could
      be issued a certificate in which "keyCertSign" is asserted without
      "basicConstraints" being present; and an entity that acts as a CA
      could be issued a certificate with "keyUsage" set to other values,
      either with or without "keyCertSign".

   $ CA domain
      (N) /PKI/ A security policy domain that "consists of a CA and its
      subjects [i.e., the entities named in the certificates issued by
      the CA]. Sometimes referred to as a PKI domain." [PAG] (See:
      domain.)

   $ Caesar cipher
      (I) A cipher that is defined for an alphabet of N characters,
      A(1), A(2), ..., A(N), and creates cipher text by replacing each
      plaintext character A(i) by A(i+K, mod N) for some 0

 

RFC, FYI, BCP