< draft-shirey-secgloss-v2-03.txt   draft-shirey-secgloss-v2-04.txt >
INTERNET-DRAFT R. W. Shirey INTERNET-DRAFT R. W. Shirey
Obsoletes: RFC 2828, FYI 36 BBN Technologies Obsoletes: RFC 2828, FYI 36 BBN Technologies
Expiration Date: 14 August 2006 14 February 2006 Expiration Date: 20 September 2006 20 March 2006
Internet Security Glossary, Version 2 Internet Security Glossary, Version 2
<draft-shirey-secgloss-v2-03.txt> <draft-shirey-secgloss-v2-04.txt>
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts. groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than a "work in progress." material or to cite them other than a "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html. http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). All Rights Reserved. Copyright (C) The Internet Society (2006). All Rights Reserved.
Abstract Abstract
skipping to change at page 2, line 25 skipping to change at page 2, line 25
2. Format of Entries . . . . . . . . . . . . . . . . . . . . . . 4 2. Format of Entries . . . . . . . . . . . . . . . . . . . . . . 4
2.1 Order of Entries . . . . . . . . . . . . . . . . . . . . . 4 2.1 Order of Entries . . . . . . . . . . . . . . . . . . . . . 4
2.2 Capitalization and Abbreviation . . . . . . . . . . . . . 4 2.2 Capitalization and Abbreviation . . . . . . . . . . . . . 4
2.3 Support for Automated Searching . . . . . . . . . . . . . 5 2.3 Support for Automated Searching . . . . . . . . . . . . . 5
2.4 Definition Type and Context . . . . . . . . . . . . . . . 5 2.4 Definition Type and Context . . . . . . . . . . . . . . . 5
2.5 Explanatory Notes . . . . . . . . . . . . . . . . . . . . 5 2.5 Explanatory Notes . . . . . . . . . . . . . . . . . . . . 5
2.6 Cross-References . . . . . . . . . . . . . . . . . . . . . 5 2.6 Cross-References . . . . . . . . . . . . . . . . . . . . . 5
2.7 Trademarks . . . . . . . . . . . . . . . . . . . . . . . . 6 2.7 Trademarks . . . . . . . . . . . . . . . . . . . . . . . . 6
2.8 The New Punctuation . . . . . . . . . . . . . . . . . . . 6 2.8 The New Punctuation . . . . . . . . . . . . . . . . . . . 6
3. Types of Entries . . . . . . . . . . . . . . . . . . . . . . . 6 3. Types of Entries . . . . . . . . . . . . . . . . . . . . . . . 6
3.1 Type "I": Recommended Definitions of Internet Origin . . . 6 3.1 Type "I": Recommended Definitions of Internet Origin . . . 7
3.2 Type "N": Recommended Definitions of Non-Internet Origin . 7 3.2 Type "N": Recommended Definitions of Non-Internet Origin . 7
3.3 Type "O": Other Terms and Definitions to be Noted . . . . 7 3.3 Type "O": Other Terms and Definitions to be Noted . . . . 7
3.4 Type "D": Deprecated Terms and Definitions . . . . . . . . 7 3.4 Type "D": Deprecated Terms and Definitions . . . . . . . . 8
3.5 Definition Substitutions . . . . . . . . . . . . . . . . . 8 3.5 Definition Substitutions . . . . . . . . . . . . . . . . . 8
4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 9 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 9
5. Informative References . . . . . . . . . . . . . . . . . . . . 306 5. Informative References . . . . . . . . . . . . . . . . . . . . 306
6. Security Considerations and IANA Considertions . . . . . . . . 325 6. Security Considerations and IANA Considerations . . . . . . . 325
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 325 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 325
8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 325 8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 325
9. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 325 9. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 325
1. Introduction 1. Introduction
This Glossary provides an internally consistent and self-contained This Glossary provides an internally consistent and self-contained
set of terms, abbreviations, and definitions -- supported by set of terms, abbreviations, and definitions -- supported by
explanations, recommendations, and references -- for terminology that explanations, recommendations, and references -- for terminology that
concerns information system security. The intent of this Glossary is concerns information system security. The intent of this Glossary is
skipping to change at page 3, line 44 skipping to change at page 3, line 44
o Technical Excellence o Technical Excellence
Just as Internet Standard (STD) protocols should operate Just as Internet Standard (STD) protocols should operate
effectively, ISDs should use terminology accurately, precisely, effectively, ISDs should use terminology accurately, precisely,
and unambiguously to enable standards to be implemented correctly. and unambiguously to enable standards to be implemented correctly.
o Prior Implementation and Testing o Prior Implementation and Testing
Just as STD protocols require demonstrated experience and Just as STD protocols require demonstrated experience and
stability before adoption, ISDs need to use well-established stability before adoption, ISDs need to use well-established
language. Using terms in their plainest, dictionary sense (when language; and the robustness principle for protocols -- "be
liberal in what you accept, and conservative in what you send" --
is also applicable to the language used in ISDs that describe
protocols. Using terms in their plainest, dictionary sense (when
appropriate) helps to ensure international understanding. ISDs appropriate) helps to ensure international understanding. ISDs
need to avoid using private, newly invented terms in place of need to avoid using private, newly invented terms in place of
generally accepted terms from open publications. ISDs need to generally accepted terms from open publications. ISDs need to
avoid substituting new definitions that conflict with established avoid substituting new definitions that conflict with established
ones. ISDs need to avoid using "cute" synonyms (e.g., "Green ones. ISDs need to avoid using "cute" synonyms (e.g., "Green
Book"), because no matter how popular a nickname may be in one Book"), because no matter how popular a nickname may be in one
community, it is likely to cause confusion in another. community, it is likely to cause confusion in another.
o Openness, Fairness, and Timeliness o Openness, Fairness, and Timeliness
ISDs need to avoid terms that are proprietary or otherwise favor a ISDs need to avoid terms that are proprietary or otherwise favor a
particular vendor, or that create a bias toward a particular particular vendor, or that create a bias toward a particular
security technology or mechanism over other, competing techniques security technology or mechanism over other, competing techniques
that already exist or might be developed in the future. The set of that already exist or might be developed in the future. The set of
terminology used across the set of ISDs needs to be flexible and terminology used across the set of ISDs needs to be flexible and
adaptable as the state of Internet security art evolves. adaptable as the state of Internet security art evolves.
In support of those goals, this Glossary provides guidance by marking In support of those goals, this Glossary provides guidance by marking
terms and definitions as being either endorsed or deprecated for use terms and definitions as being either endorsed or deprecated for use
in ISDs. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", in ISDs. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" are intended to be interpreted the same way as in an and "OPTIONAL" are intended to be interpreted the same way as in an
Internet Standard (i.e., as specified in RFC 2119). Other glossaries Internet Standard (i.e., as specified in RFC 2119). Other glossaries
(e.g., [Raym]) list additional terms that deal with Internet security (e.g., [Raym]) list additional terms that deal with Internet security
but have not been included in this Glossary because they are not but have not been included in this Glossary because they are not
appropriate for ISDs. appropriate for ISDs.
This Glossary is not an Internet Standard, and its guidance This Glossary is not an Internet Standard, and its guidance
represents only the recommendations of this author. However, this represents only the recommendations of this author. However, this
Glossary provides reasons for its recommendations -- particularly for Glossary provides reasons for its recommendations -- especially for
the SHOULD NOTs -- so that readers can judge for themselves whether the SHOULD NOTs -- so that readers can judge for themselves whether
to follow the guidance. to follow the guidance.
2. Format of Entries 2. Format of Entries
Section 4 presents Glossary entries in the following manner: Section 4 presents Glossary entries in the following manner:
2.1 Order of Entries 2.1 Order of Entries
Entries are sorted in lexicographic order, without regard to Entries are sorted in lexicographic order, without regard to
skipping to change at page 4, line 52 skipping to change at page 4, line 54
such as "1a" and "1b". such as "1a" and "1b".
2.2 Capitalization and Abbreviations 2.2 Capitalization and Abbreviations
Entries that are proper nouns are capitalized (e.g., "Data Entries that are proper nouns are capitalized (e.g., "Data
Encryption Algorithm"), as are other words derived from proper Encryption Algorithm"), as are other words derived from proper
nouns (e.g., "Caesar cipher"). All other entries are not nouns (e.g., "Caesar cipher"). All other entries are not
capitalized (e.g., "certification authority"). Each acronym or capitalized (e.g., "certification authority"). Each acronym or
other abbreviation that appears in this Glossary, either as an other abbreviation that appears in this Glossary, either as an
entry or in a definition or explanation, is defined in this entry or in a definition or explanation, is defined in this
Glossary, except items of common English usage, such as "e.g.", Glossary, except items of common English usage, such as "a.k.a.",
"etc.", "i.e.", "vol.", "pp.", and "U.S.". "e.g.", "etc.", "i.e.", "vol.", "pp.", and "U.S.".
2.3 Support for Automated Searching 2.3 Support for Automated Searching
Each entry is preceded by a dollar sign ($) and a space. This Each entry is preceded by a dollar sign ($) and a space. This
makes it possible to find the defining entry for an item "X" by makes it possible to find the defining entry for an item "X" by
searching for the character string "$ X", without stopping at searching for the character string "$ X", without stopping at
entries in which "X" is used in explanations. entries in which "X" is used in explanations.
2.4 Definition Type and Context 2.4 Definition Type and Context
skipping to change at page 25, line 22 skipping to change at page 25, line 22
$ authentication code $ authentication code
(D) Synonym for a checksum based on cryptography. (Compare: Data (D) Synonym for a checksum based on cryptography. (Compare: Data
Authentication Code, Message Authentication Code.) Authentication Code, Message Authentication Code.)
Deprecated Term: ISDs SHOULD NOT use this uncapitalized term as a Deprecated Term: ISDs SHOULD NOT use this uncapitalized term as a
synonym for any kind of checksum, regardless of whether or not the synonym for any kind of checksum, regardless of whether or not the
checksum is cryptographic. Instead, use "checksum", "Data checksum is cryptographic. Instead, use "checksum", "Data
Authentication Code", "error detection code", "hash", "keyed Authentication Code", "error detection code", "hash", "keyed
hash", "Message Authentication Code", "protected checksum", or hash", "Message Authentication Code", "protected checksum", or
some other recomended term, depending on what is meant. some other recommended term, depending on what is meant.
The term mixes concepts in a potentially misleading way. The word The term mixes concepts in a potentially misleading way. The word
"authentication" is misleading because the checksum may be used to "authentication" is misleading because the checksum may be used to
perform a data integrity function rather than a data origin perform a data integrity function rather than a data origin
authentication function. authentication function.
$ authentication exchange $ authentication exchange
1. (I) A mechanism to verify the identity of an entity by means of 1. (I) A mechanism to verify the identity of an entity by means of
information exchange. information exchange.
skipping to change at page 30, line 19 skipping to change at page 30, line 19
meaning given above. meaning given above.
$ baked-in security $ baked-in security
(D) The inclusion of security mechanisms in an information system (D) The inclusion of security mechanisms in an information system
beginning at an early point in the system's life cycle, i.e., beginning at an early point in the system's life cycle, i.e.,
during the design phase, or at least early in the implementation during the design phase, or at least early in the implementation
phase. (Compare: add-on security.) phase. (Compare: add-on security.)
Deprecated Term: It is likely that other cultures use different Deprecated Term: It is likely that other cultures use different
metaphors for this concept. Therefore, to avoid international metaphors for this concept. Therefore, to avoid international
misunderstanding, ISDs SHOULD NOT use this term. (See: Deprecated misunderstanding, ISDs SHOULD NOT use this term (unless they also
Usage under "Green Book".) provide a definition like this one). (See: Deprecated Usage under
"Green Book".)
$ bandwidth $ bandwidth
(I) The total width of the frequency band that is available to or (I) The total width of the frequency band that is available to or
used by a communication channel; usually expressed in Hertz (Hz). used by a communication channel; usually expressed in Hertz (Hz).
(RFC 3753) (Compare: channel capacity.) (RFC 3753) (Compare: channel capacity.)
$ bank identification number (BIN) $ bank identification number (BIN)
1. (O) The digits of a credit card number that identify the 1. (O) The digits of a credit card number that identify the
issuing bank. (See: primary account number.) issuing bank. (See: primary account number.)
skipping to change at page 31, line 40 skipping to change at page 31, line 41
elements as subjects and objects. To determine whether or not a elements as subjects and objects. To determine whether or not a
subject is authorized for a particular access mode on an object, subject is authorized for a particular access mode on an object,
the clearance of the subject is compared to the classification of the clearance of the subject is compared to the classification of
the object. The model defines the notion of a "secure state", in the object. The model defines the notion of a "secure state", in
which the only permitted access modes of subjects to objects are which the only permitted access modes of subjects to objects are
in accordance with a specified security policy. It is proven that in accordance with a specified security policy. It is proven that
each state transition preserves security by moving from secure each state transition preserves security by moving from secure
state to secure state, thereby proving that the system is secure. state to secure state, thereby proving that the system is secure.
In this model, a multilevel-secure system satisfies several rules, In this model, a multilevel-secure system satisfies several rules,
including the "confinement property" (a.k.a. the "*-property"), including the "confinement property" (a.k.a. the "*-property"),
the "simple security property", and the "tranquillity property". the "simple security property", and the "tranquility property".
$ benign $ benign
1. (N) /COMSEC/ "Condition of cryptographic data [such] that [it] 1. (N) /COMSEC/ "Condition of cryptographic data [such] that [it]
cannot be compromised by human access [to the data]." [C4009] cannot be compromised by human access [to the data]." [C4009]
2. (O) /COMPUSEC/ See: secondary definition under "trust". 2. (O) /COMPUSEC/ See: secondary definition under "trust".
$ benign fill $ benign fill
(N) Process by which keying material is generated, distributed, (N) Process by which keying material is generated, distributed,
and placed into an ECU without exposure to any human or other and placed into an ECU without exposure to any human or other
skipping to change at page 32, line 34 skipping to change at page 32, line 37
Bell-LaPadula model for confidentiality control. Each subject and Bell-LaPadula model for confidentiality control. Each subject and
object is assigned an integrity level and, to determine whether or object is assigned an integrity level and, to determine whether or
not a subject is authorized for a particular access mode on an not a subject is authorized for a particular access mode on an
object, the integrity level of the subject is compared to that of object, the integrity level of the subject is compared to that of
the object. The model prohibits the changing of information in an the object. The model prohibits the changing of information in an
object by a subject with a lesser or incomparable level. The rules object by a subject with a lesser or incomparable level. The rules
of the Biba model are duals of the corresponding rules in the of the Biba model are duals of the corresponding rules in the
Bell-LaPadula model. Bell-LaPadula model.
$ billet $ billet
(N) A position or assignment that can be filled by one system (N) A personnel position or assignment that can be filled by one
entity at a time. [JCSP1] (Compare: principal, role, user.) system entity at a time. [JCSP1] (Compare: principal, role, user.)
Tutorial: In an organization, a "billet" is a populational Tutorial: In an organization, a "billet" is a populational
position, of which there is exactly one instance; but a "role" is position, of which there is exactly one instance; but a "role" is
functional position, of which there can be multiple instances. functional position, of which there can be multiple instances.
System entities are in one-to-one relationships with their System entities are in one-to-one relationships with their
billets, but may be in many-to-one and one-to-many relationships billets, but may be in many-to-one and one-to-many relationships
with their roles. with their roles.
$ BIN $ BIN
(O) See: bank identification number. (O) See: bank identification number.
skipping to change at page 34, line 19 skipping to change at page 34, line 20
connections. connections.
$ BLACK key $ BLACK key
(N) A key that is protected with a key-encrypting key and that (N) A key that is protected with a key-encrypting key and that
must be decrypted before use. (See: BLACK. Compare: RED key.) must be decrypted before use. (See: BLACK. Compare: RED key.)
$ BLACKER $ BLACKER
(O) An end-to-end encryption system for computer data networks (O) An end-to-end encryption system for computer data networks
that was developed by the U.S. DoD in the 1980s to provide host- that was developed by the U.S. DoD in the 1980s to provide host-
to-host data confidentiality service for datagrams at OSIRM Layer to-host data confidentiality service for datagrams at OSIRM Layer
3. [Weis] (Compare: Caneware, IPsec.) 3. [Weis] (Compare: CANEWARE, IPsec.)
Tutorial: Each user host connects to its own bump-in-the-wire Tutorial: Each user host connects to its own bump-in-the-wire
encryption device called a BLACKER Front End (BFE, TSEC/KI-111), encryption device called a BLACKER Front End (BFE, TSEC/KI-111),
through which the host connects to the subnetwork. The system also through which the host connects to the subnetwork. The system also
includes two types of centralized devices: one or more KDCs includes two types of centralized devices: one or more KDCs
connect to the subnetwork and communicate with assigned sets of connect to the subnetwork and communicate with assigned sets of
BFEs, and one or more ACCs connect to the subnetwork and BFEs, and one or more ACCs connect to the subnetwork and
communicate with assigned KDCs. BLACKER uses only symmetric communicate with assigned KDCs. BLACKER uses only symmetric
encryption. A KDC distributes session keys to BFE pairs as encryption. A KDC distributes session keys to BFE pairs as
authorized by an ACC. Each ACC maintains a database for a set of authorized by an ACC. Each ACC maintains a database for a set of
skipping to change at page 52, line 32 skipping to change at page 52, line 32
verified by the public key contained in the preceding certificate; verified by the public key contained in the preceding certificate;
i.e., the private key used to sign a certificate and the public i.e., the private key used to sign a certificate and the public
key contained in the preceding certificate form a key pair that key contained in the preceding certificate form a key pair that
has previously been bound to the authority that signed. has previously been bound to the authority that signed.
The path is the "list of certificates needed to [enable] a The path is the "list of certificates needed to [enable] a
particular user to obtain the public key [or attributes] of particular user to obtain the public key [or attributes] of
another [user]." [X509] Here, the word "particular" points out another [user]." [X509] Here, the word "particular" points out
that a certification path that can be validated by one certificate that a certification path that can be validated by one certificate
user might not be able to be validated by another. That is because user might not be able to be validated by another. That is because
either the first certificate needs to be a trusted certificate or either the first certificate needs to be a trusted certificate or
the signature on the first certificate needs to be verifiable by a the signature on the first certificate needs to be verifiable by a
trusted key (e.g., a root key), but such trust is established only trusted key (e.g., a root key), but such trust is established only
relative to a "particular" (i.e., specific) user, not absolutely relative to a "particular" (i.e., specific) user, not absolutely
for all users. for all users.
$ certification policy $ certification policy
(D) Synonym for either "certificate policy" or "certification (D) Synonym for either "certificate policy" or "certification
practice statement". practice statement".
Deprecated Term: ISDs SHOULD NOT use this term as a synonym for Deprecated Term: ISDs SHOULD NOT use this term as a synonym for
skipping to change at page 67, line 16 skipping to change at page 67, line 16
(I) An organization that studies computer and network INFOSEC in (I) An organization that studies computer and network INFOSEC in
order to provide incident response services to victims of attacks, order to provide incident response services to victims of attacks,
publish alerts concerning vulnerabilities and threats, and offer publish alerts concerning vulnerabilities and threats, and offer
other information to help improve computer and network security. other information to help improve computer and network security.
(See: CSIRT, security incident.) (See: CSIRT, security incident.)
Examples: CERT Coordination Center at Carnegie-Mellon University Examples: CERT Coordination Center at Carnegie-Mellon University
(sometimes called "the" CERT); CIAC. (sometimes called "the" CERT); CIAC.
$ Computer Incident Advisory Capability (CIAC) $ Computer Incident Advisory Capability (CIAC)
(O) The centralized CSIRT of the U.S Department of Energy; a (O) The centralized CSIRT of the U.S. Department of Energy; a
member of FIRST. member of FIRST.
$ computer network $ computer network
(I) A collection of host computers together with the subnetwork or (I) A collection of host computers together with the subnetwork or
internetwork through which they can exchange data. internetwork through which they can exchange data.
Usage: This definition is intended to cover systems of all sizes Usage: This definition is intended to cover systems of all sizes
and types, ranging from the complex Internet to a simple system and types, ranging from the complex Internet to a simple system
composed of a personal computer dialing in as a remote terminal of composed of a personal computer dialing in as a remote terminal of
another computer. another computer.
skipping to change at page 78, line 53 skipping to change at page 78, line 53
in the other PKI. in the other PKI.
Second, X.509 says that two CAs in some complex, multi-CA PKI can Second, X.509 says that two CAs in some complex, multi-CA PKI can
cross-certify one another for the purpose of shortening the cross-certify one another for the purpose of shortening the
certification paths constructed by end entities. Whether or not a certification paths constructed by end entities. Whether or not a
CA may perform this or any other form of cross-certification, and CA may perform this or any other form of cross-certification, and
how such certificates may be used by end entities, should be how such certificates may be used by end entities, should be
addressed by the local certificate policy and CPS. addressed by the local certificate policy and CPS.
$ cross-domain solution $ cross-domain solution
(O) /U.S. Government/ A process or subsystem that provides a 1. (D) Synonym for "guard".
Deprecated Term: ISDs SHOULD NOT use this term as a synonym for
"guard"; this term unnecessarily (and verbosely) duplicates the
meaning of the long-established "guard".
2. (O) /U.S. Government/ A process or subsystem that provides a
capability (which could be either manual or automated) to access capability (which could be either manual or automated) to access
two or more differing security domains in a system, or to transfer two or more differing security domains in a system, or to transfer
information between such domains. (See: guard.) information between such domains. (See: domain, guard.)
$ cryptanalysis $ cryptanalysis
1. (I) The mathematical science that deals with analysis of a 1. (I) The mathematical science that deals with analysis of a
cryptographic system in order to gain knowledge needed to break or cryptographic system in order to gain knowledge needed to break or
circumvent the protection that the system is designed to provide. circumvent the protection that the system is designed to provide.
(See: cryptology.) (See: cryptology.)
2. (O) "The analysis of a cryptographic system and/or its inputs 2. (O) "The analysis of a cryptographic system and/or its inputs
and outputs to derive confidential variables and/or sensitive data and outputs to derive confidential variables and/or sensitive data
including cleartext." [I7498-2] including cleartext." [I7498-2]
skipping to change at page 84, line 20 skipping to change at page 84, line 24
2. (D) /not capitalized/ Synonym for some kind of "checksum". 2. (D) /not capitalized/ Synonym for some kind of "checksum".
Deprecated Term: ISDs SHOULD NOT use the uncapitalized form "data Deprecated Term: ISDs SHOULD NOT use the uncapitalized form "data
authentication algorithm" as a synonym for any kind of checksum, authentication algorithm" as a synonym for any kind of checksum,
regardless of whether or not the checksum is based on a hash. regardless of whether or not the checksum is based on a hash.
Instead, use "checksum", "Data Authentication Code", "error Instead, use "checksum", "Data Authentication Code", "error
detection code", "hash", "keyed hash", "Message Authentication detection code", "hash", "keyed hash", "Message Authentication
Code", "protected checksum", or some other specific term, Code", "protected checksum", or some other specific term,
depending on what is meant. depending on what is meant.
The uncapitalized term can be confused with the Data Authenticaton The uncapitalized term can be confused with the Data
Code and also mixes concepts in a potentially misleading way. The Authentication Code and also mixes concepts in a potentially
word "authentication" is misleading because the checksum may be misleading way. The word "authentication" is misleading because
used to perform a data integrity function rather than a data the checksum may be used to perform a data integrity function
origin authentication function. rather than a data origin authentication function.
$ Data Authentication Code, data authentication code $ Data Authentication Code, data authentication code
1. (N) /capitalized/ A specific U.S. Government standard [FP113] 1. (N) /capitalized/ A specific U.S. Government standard [FP113]
for a checksum that is computed by the Data Authentication for a checksum that is computed by the Data Authentication
Algorithm. Usage: a.k.a. Message Authentication Code [A9009].) Algorithm. Usage: a.k.a. Message Authentication Code [A9009].)
(See: DAC.) (See: DAC.)
2. (D) /not capitalized/ Synonym for some kind of "checksum". 2. (D) /not capitalized/ Synonym for some kind of "checksum".
Deprecated Term: ISDs SHOULD NOT use the uncapitalized form "data Deprecated Term: ISDs SHOULD NOT use the uncapitalized form "data
skipping to change at page 84, line 51 skipping to change at page 84, line 55
$ data compromise $ data compromise
1. (I) A security incident in which information is exposed to 1. (I) A security incident in which information is exposed to
potential unauthorized access, such that unauthorized disclosure, potential unauthorized access, such that unauthorized disclosure,
alteration, or use of the information might have occurred. alteration, or use of the information might have occurred.
(Compare: security compromise.) (Compare: security compromise.)
2. (O) /U.S. DoD/ A "compromise" is a "communication or physical 2. (O) /U.S. DoD/ A "compromise" is a "communication or physical
transfer of information to an unauthorized recipient." [DoD5] transfer of information to an unauthorized recipient." [DoD5]
3. (O) /U.S. Government/ A "compromise" is an "unauthorized 3. (O) /U.S. Government/ A "compromise" is an "unauthorized
disclosre of classified information." disclosure of classified information."
$ data confidentiality $ data confidentiality
1. (I) The property that data is not disclosed to system entities 1. (I) The property that data is not disclosed to system entities
unless they have been authorized to know the data. (See: Bell- unless they have been authorized to know the data. (See: Bell-
LaPadula model, classification, data confidentiality service. LaPadula model, classification, data confidentiality service.
Compare: privacy.) Compare: privacy.)
2. (D) "The property that information is not made available or 2. (D) "The property that information is not made available or
disclosed to unauthorized individuals, entities, or processes disclosed to unauthorized individuals, entities, or processes
[i.e., to any unauthorized system entity]." [I7498-2]. [i.e., to any unauthorized system entity]." [I7498-2].
Deprecated Definition: The phrase "made available" might be Deprecated Definition: The phrase "made available" might be
interpreted to mean that the data could be altered, and that would interpreted to mean that the data could be altered, and that would
confuse this term with the concept of "data integrity". confuse this term with the concept of "data integrity".
skipping to change at page 90, line 11 skipping to change at page 90, line 16
first put into service. (See: harden.] first put into service. (See: harden.]
Tutorial: A default account becomes a serious vulnerability if not Tutorial: A default account becomes a serious vulnerability if not
properly administered. Sometimes, the default identifier and properly administered. Sometimes, the default identifier and
password are well-known because they are the same in each copy of password are well-known because they are the same in each copy of
the system. In any case, when a system is put into service, any the system. In any case, when a system is put into service, any
default password should immediately be changed or the default default password should immediately be changed or the default
account should be disabled. account should be disabled.
$ defense in depth $ defense in depth
(I) An approach to constructing security architectures that uses (N) "The siting of mutually supporting defense positions designed
layered and complementary security mechanisms and countermeasures, to absorb and progressively weaken attack, prevent initial
so that if one security mechanism is defeated, one or more other observations of the whole position by the enemy, and [enable] the
mechanisms (which are "behind" or "beneath" the first mechanism) commander to maneuver the reserve." [JCSP1]
still provide protection.
Tutorial: This concept is appealing because it aligns with Tutorial: In information systems, defense in depth means
constructing a system's security architecture with layered and
complementary security mechanisms and countermeasures, so that if
one security mechanism is defeated, one or more other mechanisms
(which are "behind" or "beneath" the first mechanism) still
provide protection.
This architectural concept is appealing because it aligns with
traditional warfare doctrine, which applies defense in depth to traditional warfare doctrine, which applies defense in depth to
physical, geospatial structures. It is more difficult to apply the physical, geospatial structures; but applying the concept to
concept to logical, cyberspace structures of computer networks. logical, cyberspace structures of computer networks is more
The concept assumes that networks have a spatial or topological difficult. The concept assumes that networks have a spatial or
representation. It also assumes that there can be implemented -- topological representation. It also assumes that there can be
from the "outer perimeter" of a network, through its various implemented -- from the "outer perimeter" of a network, through
"layers" of components, to its "center" (i.e., to the subscriber its various "layers" of components, to its "center" (i.e., to the
application systems supported by the network) -- a varied series subscriber application systems supported by the network) -- a
of countermeasures that together provide adequate protection. varied series of countermeasures that together provide adequate
However, it is more difficult to map the topology of networks and protection. However, it is more difficult to map the topology of
make certain that no path exists by which an attacker could bypass networks and make certain that no path exists by which an attacker
all defensive layers. could bypass all defensive layers.
$ Defense Information Infrastructure (DII) $ Defense Information Infrastructure (DII)
(O) /U.S. DoD/ The U.S. DoD's shared, interconnected system of (O) /U.S. DoD/ The U.S. DoD's shared, interconnected system of
computers, communications, data, applications, security, people, computers, communications, data, applications, security, people,
training, and support structures, serving information needs training, and support structures, serving information needs
worldwide. (See: DISN.) Usage: Has evolved to be called the GIG. worldwide. (See: DISN.) Usage: Has evolved to be called the GIG.
Tutorial: The DII connects mission support, command and control, Tutorial: The DII connects mission support, command and control,
and intelligence computers and users through voice, data, imagery, and intelligence computers and users through voice, data, imagery,
video, and multimedia services, and provides information video, and multimedia services, and provides information
skipping to change at page 99, line 11 skipping to change at page 99, line 23
1c. (O) /security policy/ A system or collection of systems that 1c. (O) /security policy/ A system or collection of systems that
(a) belongs to a community of interest that implements a (a) belongs to a community of interest that implements a
consistent security policy and (b) is administered by a single consistent security policy and (b) is administered by a single
authority. authority.
2. (O) /COMPUSEC/ A operating state or mode of a set of computer 2. (O) /COMPUSEC/ A operating state or mode of a set of computer
hardware. hardware.
Tutorial: Most computers have at least two hardware operating Tutorial: Most computers have at least two hardware operating
modes [Gass]: modes [Gass]:
- "Privileged" mode: Also called "executive", "master", "system", - "Privileged" mode: a.k.a. "executive", "master", "system",
kernel", or "supervisor" mode. In this mode, software can kernel", or "supervisor" mode. In this mode, software can
execute all machine instructions and access all storage execute all machine instructions and access all storage
locations. locations.
- "Unprivileged" mode: Also called "user", "application", or - "Unprivileged" mode: a.k.a. "user", "application", or "problem"
"problem" mode. In this mode, software is restricted to a mode. In this mode, software is restricted to a subset of the
subset of the instructions and a subset of the storage instructions and a subset of the storage locations.
locations.
3. (O) "A distinct scope within which certain common 3. (O) "A distinct scope within which certain common
characteristics are exhibited and common rules are observed." characteristics are exhibited and common rules are observed."
[CORBA] [CORBA]
4. (O) /MISSI/ The domain of a MISSI CA is the set of MISSI users 4. (O) /MISSI/ The domain of a MISSI CA is the set of MISSI users
whose certificates are signed by the CA. whose certificates are signed by the CA.
5. (I) /Internet/ That part of the tree-structured name space of 5. (I) /Internet/ That part of the tree-structured name space of
the DNS that is at or below the name that specifies the domain. A the DNS that is at or below the name that specifies the domain. A
skipping to change at page 106, line 41 skipping to change at page 106, line 55
domain and that share the protection of a single, common, domain and that share the protection of a single, common,
continuous security perimeter. (Compare: domain.) continuous security perimeter. (Compare: domain.)
2. (D) /U.S. Government/ "Collection of computing environments 2. (D) /U.S. Government/ "Collection of computing environments
connected by one or more internal networks under the control of a connected by one or more internal networks under the control of a
single authority and security policy, including personnel and single authority and security policy, including personnel and
physical security." [C4009] physical security." [C4009]
Deprecated Definition: ISDs SHOULD NOT use this term with Deprecated Definition: ISDs SHOULD NOT use this term with
definition 2 because the definition applies to what is usually definition 2 because the definition applies to what is usually
called a "security domain". That is, a security domain is set of called a "security domain". That is, a security domain is a set of
of one or more security enclaves. one or more security enclaves.
$ encode $ encode
1. (I) Use a system of symbols to represent information, which 1. (I) Use a system of symbols to represent information, which
might originally have some other representation. Example: Morse might originally have some other representation. Example: Morse
code. (See: ASCII, BER.) (See: code, decode.) code. (See: ASCII, BER.) (See: code, decode.)
2. (D) Synonym for "encrypt". 2. (D) Synonym for "encrypt".
Deprecated Definition: ISDs SHOULD NOT use this term as a synonym Deprecated Definition: ISDs SHOULD NOT use this term as a synonym
for "encrypt"; encoding is not always meant to conceal meaning. for "encrypt"; encoding is not always meant to conceal meaning.
skipping to change at page 119, line 52 skipping to change at page 120, line 11
$ FOUO $ FOUO
(O) See: For Official Use Only. (O) See: For Official Use Only.
$ FPKI $ FPKI
(O) See: Federal Public-Key Infrastructure. (O) See: Federal Public-Key Infrastructure.
$ fraggle attack $ fraggle attack
(D) /slang/ A synonym for "smurf attack". (D) /slang/ A synonym for "smurf attack".
Deprecated Term: ISDs SHOULD NOT use this term. It is not listed Deprecated Term: It is likely that other cultures use different
in most English dictionaries, and other cultures are likely to use metaphors for this concept. Therefore, to avoid international
different metaphors for this concept. misunderstanding, ISDs SHOULD NOT use this term.
Derivation: The Fraggles are a fictional race of small humanoids Derivation: The Fraggles are a fictional race of small humanoids
(represented as hand puppets in a children's television series, (represented as hand puppets in a children's television series,
"Fraggle Rock) that live in underground caves. "Fraggle Rock") that live underground.
$ frequency hopping $ frequency hopping
(N) "Repeated switching of frequencies during radio transmission (N) "Repeated switching of frequencies during radio transmission
according to a specified algorithm." [C4009] (See: spread according to a specified algorithm." [C4009] (See: spread
spectrum.) spectrum.)
Tutorial: Frequency hopping is a TRANSEC technique to minimize the Tutorial: Frequency hopping is a TRANSEC technique to minimize the
potential for unauthorized interception or jamming. potential for unauthorized interception or jamming.
$ fresh $ fresh
skipping to change at page 127, line 44 skipping to change at page 128, line 4
Tutorial: Assume that H is a generic cryptographic hash in which a Tutorial: Assume that H is a generic cryptographic hash in which a
function is iterated on data blocks of length B bytes. L is the function is iterated on data blocks of length B bytes. L is the
length of the of hash result of H. K is a secret key of length L length of the of hash result of H. K is a secret key of length L
<= K <= B. The values IPAD and OPAD are fixed strings used as <= K <= B. The values IPAD and OPAD are fixed strings used as
inner and outer padding and defined as follows: IPAD = the byte inner and outer padding and defined as follows: IPAD = the byte
0x36 repeated B times, and OPAD = the byte 0x5C repeated B times. 0x36 repeated B times, and OPAD = the byte 0x5C repeated B times.
HMAC is computed by H(K XOR OPAD, H(K XOR IPAD, inputdata)). HMAC is computed by H(K XOR OPAD, H(K XOR IPAD, inputdata)).
HMAC has the following goals: HMAC has the following goals:
- To use available cryptographic hash functions without - To use available cryptographic hash functions without
modification, particularly functions that perform well in modification, particularly functions that perform well in
software and for which software is freely and widely available. software and for which software is freely and widely available.
- To preserve the original performance of the selected hash - To preserve the original performance of the selected hash
without significant degradation. without significant degradation.
- To use and handle keys in a simple way. - To use and handle keys in a simple way.
- To have a well-understood cryptographic analysis of the - To have a well-understood cryptographic analysis of the
strength of the mechanism based on reasonable assumptions about strength of the mechanism based on reasonable assumptions about
the underlying hash function. the underlying hash function.
- To enable easy replacement of the hash function in case a - To enable easy replacement of the hash function in case a
faster or stronger hash is found or required. faster or stronger hash is found or required.
$ honey pot $ honey pot
(D) A system (e.g., a web server) or system resource (e.g., a file (D) A system (e.g., a web server) or system resource (e.g., a file
on a server) that is designed to be attractive to potential on a server) that is designed to be attractive to potential
crackers and intruders, like honey is attractive to bears. (See: crackers and intruders, like honey is attractive to bears. (See:
entrapment.) entrapment.)
Deprecated Term: It is likely that other cultures use different Deprecated Term: It is likely that other cultures use different
metaphors for this concept. Therefore, to avoid international metaphors for this concept. Therefore, to avoid international
misunderstanding, ISDs SHOULD NOT use this term. (See: Deprecated misunderstanding, ISDs SHOULD NOT use this term (unless they also
Usage under "Green Book.") provide a definition like this one). (See: Deprecated Usage under
"Green Book.")
$ host $ host
1. (I) /general/ A computer that is attached to a communication 1. (I) /general/ A computer that is attached to a communication
subnetwork or internetwork and can use services provided by the subnetwork or internetwork and can use services provided by the
network to exchange data with other attached systems. (See: end network to exchange data with other attached systems. (See: end
system. Compare: server.) system. Compare: server.)
2. (I) /IPS/ A networked computer that does not forward IP packets 2. (I) /IPS/ A networked computer that does not forward IP packets
that are not addressed to the computer itself. (Compare: router.) that are not addressed to the computer itself. (Compare: router.)
skipping to change at page 135, line 42 skipping to change at page 135, line 52
$ informal $ informal
(N) Expressed in natural language. [CCIB] (Compare: formal, (N) Expressed in natural language. [CCIB] (Compare: formal,
semiformal.) semiformal.)
$ information $ information
1. (I) Facts and ideas, which can be represented (encoded) as 1. (I) Facts and ideas, which can be represented (encoded) as
various forms of data. various forms of data.
2. (O) /U.S. Government/ "Any knowledge that can be communicated 2. (O) /U.S. Government/ "Any knowledge that can be communicated
or documentary maerial, regardless of its physical form or or documentary material, regardless of its physical form or
characteristics, that is owned by, produced by or for, or is under characteristics, that is owned by, produced by or for, or is under
the control of the United States Government. 'Control' means the the control of the United States Government. 'Control' means the
authority of the agency that originates information, or its authority of the agency that originates information, or its
successor in function, to regulare access to the information." successor in function, to regulate access to the information."
$ information assurance $ information assurance
(N) /U.S. Government/ "Measures that protect and defend (N) /U.S. Government/ "Measures that protect and defend
information and information systems by ensuring their availability information and information systems by ensuring their availability
integrity, authentication, confidentiality, and non-repudiation. integrity, authentication, confidentiality, and non-repudiation.
These measures include providing for restoration of information These measures include providing for restoration of information
systems by incorporating protection, detection, and reaction systems by incorporating protection, detection, and reaction
capabilities." [C4009] capabilities." [C4009]
$ Information Assurance Technical Framework (IATF) $ Information Assurance Technical Framework (IATF)
skipping to change at page 169, line 34 skipping to change at page 169, line 44
misleading because the mechanism primarily serves a data integrity misleading because the mechanism primarily serves a data integrity
function rather than an authentication function. The word "code" function rather than an authentication function. The word "code"
is misleading because it implies that either encoding or is misleading because it implies that either encoding or
encryption is involved or that the term refers to computer encryption is involved or that the term refers to computer
software. software.
$ message digest $ message digest
(D) Synonym for "hash result". (See: cryptographic hash.) (D) Synonym for "hash result". (See: cryptographic hash.)
Deprecated Term: ISDs SHOULD NOT use this term as a synonym for Deprecated Term: ISDs SHOULD NOT use this term as a synonym for
"hash result"; the term unnecessarily duplicates the meaning of "hash result"; this term unnecessarily duplicates the meaning of
the other, more general term and mixes concepts in a potentially the other, more general term and mixes concepts in a potentially
misleading way. The word "message" is misleading because it misleading way. The word "message" is misleading because it
implies that the mechanism is particularly suitable for or limited implies that the mechanism is particularly suitable for or limited
to electronic mail (see: Message Handling Systems). to electronic mail (see: Message Handling Systems).
$ message handling system $ message handling system
(D) Synonym for the Internet electronic mail system. (D) Synonym for the Internet electronic mail system.
Deprecated Term: ISDs SHOULD NOT use this term, because it could Deprecated Term: ISDs SHOULD NOT use this term, because it could
be confused with Message Handling System. Instead, use "Internet be confused with Message Handling System. Instead, use "Internet
skipping to change at page 178, line 5 skipping to change at page 178, line 13
(I) See: Internet Protocol Suite. (I) See: Internet Protocol Suite.
$ Network Interface Layer $ Network Interface Layer
(I) See: Internet Protocol Suite. (I) See: Internet Protocol Suite.
$ Network Layer Security Protocol (NLSP). $ Network Layer Security Protocol (NLSP).
(N) An OSI protocol (IS0 11577) for end-to-end encryption services (N) An OSI protocol (IS0 11577) for end-to-end encryption services
at the top of OSIRM Layer 3. NLSP is derived from SP3 but is more at the top of OSIRM Layer 3. NLSP is derived from SP3 but is more
complex. (Compare: IPsec.) complex. (Compare: IPsec.)
$ National Reliability and Interoperability Council (NRIC)
(N) An advisory committee chartered by the U.S. Federal
Communications Commission (FCC), with participation by network
service providers and vendors, to provide recommendations to the
FCC for assuring reliability, interoperability, robustness, and
security of wireless, wireline, satellite, cable, and public data
communication networks.
$ Network Substrate Layer $ Network Substrate Layer
(I) Synonym for "Network Hardware Layer". (I) Synonym for "Network Hardware Layer".
$ network weaving $ network weaving
(I) A penetration technique in which an intruder avoids detection (I) A penetration technique in which an intruder avoids detection
and traceback by using multiple linked communication networks to and traceback by using multiple linked communication networks to
access and attack a system. [C4009] access and attack a system. [C4009]
$ NIAP $ NIAP
(N) See: National Information Assurance Partnership. (N) See: National Information Assurance Partnership.
skipping to change at page 181, line 20 skipping to change at page 181, line 27
$ NORA $ NORA
(O) See: no-PIN ORA. (O) See: no-PIN ORA.
$ notarization $ notarization
(I) Registration of data under the authority or in the care of a (I) Registration of data under the authority or in the care of a
trusted third party, thus making it possible to provide subsequent trusted third party, thus making it possible to provide subsequent
assurance of the accuracy of characteristics claimed for the data, assurance of the accuracy of characteristics claimed for the data,
such as content, origin, time of existence, and delivery. [I7498- such as content, origin, time of existence, and delivery. [I7498-
2] (See: digital notary.) 2] (See: digital notary.)
$ NRIC
(N) See: Network Reliability and Interoperability Council.
$ NSA $ NSA
(N) See: National Security Agency (N) See: National Security Agency
$ null $ null
(N) /encryption/ "Dummy letter, letter symbol, or code group (N) /encryption/ "Dummy letter, letter symbol, or code group
inserted into an encrypted message to delay or prevent its inserted into an encrypted message to delay or prevent its
decryption or to complete encrypted groups for transmission or decryption or to complete encrypted groups for transmission or
transmission security purposes." [C4009] transmission security purposes." [C4009]
$ NULL encryption algorithm $ NULL encryption algorithm
skipping to change at page 186, line 45 skipping to change at page 187, line 4
$ operational integrity $ operational integrity
(I) Synonym for "system integrity"; this synonym emphasizes the (I) Synonym for "system integrity"; this synonym emphasizes the
actual performance of system functions rather than just the actual performance of system functions rather than just the
ability to perform them. ability to perform them.
$ operational security $ operational security
1. (I) System capabilities, or performance of system functions, 1. (I) System capabilities, or performance of system functions,
that are needed either (a) to securely manage a system or (b) to that are needed either (a) to securely manage a system or (b) to
manage security features of a system. (Compare: operations manage security features of a system. (Compare: operations
security (OPSEC).) security (OPSEC).)
Usage: ISDs that use this term SHOULD state a definition because Usage: ISDs that use this term SHOULD state a definition because
(a) the definition provide here is general and vauge and (b) the (a) the definition provide here is general and vague and (b) the
term could easily be confused with "operations security", which is term could easily be confused with "operations security", which is
a different concept. a different concept.
Tutorial: For example, in the context of an Internet service Tutorial: For example, in the context of an Internet service
provider, the term could refer to capabilities to manage network provider, the term could refer to capabilities to manage network
devices in the event of attacks, simplify troubleshooting, keep devices in the event of attacks, simplify troubleshooting, keep
track of events that affect system integrity, help analyze sources track of events that affect system integrity, help analyze sources
of attacks, and provide administrators with control over network of attacks, and provide administrators with control over network
addresses and protocols to help mitigate the most common attacks addresses and protocols to help mitigate the most common attacks
and exploits. [R3871] and exploits. [R3871]
skipping to change at page 191, line 26 skipping to change at page 191, line 38
network. (Compare: datagram, PDU.) network. (Compare: datagram, PDU.)
$ packet filter $ packet filter
(I) See: secondary definition under "filtering router". (I) See: secondary definition under "filtering router".
$ packet monkey $ packet monkey
(D) /slang/ Someone who floods a system with packets, creating a (D) /slang/ Someone who floods a system with packets, creating a
denial-of-service condition for the system's users. (See: denial-of-service condition for the system's users. (See:
cracker.) cracker.)
Deprecated Term: To avoid international misunderstanding, ISDs Deprecated Term: It is likely that other cultures use different
SHOULD NOT use this term. (See: Deprecated Usage under "Green metaphors for this concept. Therefore, to avoid international
Book".) misunderstanding, ISDs SHOULD NOT use this term. (See: Deprecated
Usage under "Green Book".)
$ pagejacking $ pagejacking
(D) /slang/ A contraction of "Web page hijacking". A masquerade (D) /slang/ A contraction of "Web page hijacking". A masquerade
attack in which the attacker copies (steals) a home page or other attack in which the attacker copies (steals) a home page or other
material from the target server, rehosts the page on a server the material from the target server, rehosts the page on a server the
attacker controls, and causes the rehosted page to be indexed by attacker controls, and causes the rehosted page to be indexed by
the major Web search services, thereby diverting browsers from the the major Web search services, thereby diverting browsers from the
target server to the attacker's server. target server to the attacker's server.
Deprecated Term: ISDs SHOULD NOT use this contraction. The term is Deprecated Term: ISDs SHOULD NOT use this contraction. The term is
skipping to change at page 198, line 13 skipping to change at page 198, line 26
email or on a Web site, in which the perpetrator masquerades as a email or on a Web site, in which the perpetrator masquerades as a
legitimate business or reputable person. (See: social legitimate business or reputable person. (See: social
engineering.) engineering.)
Derivation: Possibly from "phony fishing"; the solicitation Derivation: Possibly from "phony fishing"; the solicitation
usually involves some kind of lure or bait to hook unwary usually involves some kind of lure or bait to hook unwary
recipients. recipients.
Deprecated Term: ISDs SHOULD NOT use this term; it is not listed Deprecated Term: ISDs SHOULD NOT use this term; it is not listed
in most dictionaries and could confuse international readers. in most dictionaries and could confuse international readers.
(See: Deprecated Usage under "Green Book.")
$ Photuris $ Photuris
(I) A UDP-based, key establishment protocol for session keys, (I) A UDP-based, key establishment protocol for session keys,
designed for use with the IPsec protocols AH and ESP. Superseded designed for use with the IPsec protocols AH and ESP. Superseded
by IKE. by IKE.
$ phreaking $ phreaking
(D) A contraction of "telephone breaking". An attack on or (D) A contraction of "telephone breaking". An attack on or
penetration of a telephone system or, by extension, any other penetration of a telephone system or, by extension, any other
communication or information system. [Raym] communication or information system. [Raym]
Deprecated Term: ISDs SHOULD NOT use this contraction; it is not Deprecated Term: ISDs SHOULD NOT use this contraction; it is not
listed in most dictionaries and could confuse international listed in most dictionaries and could confuse international
readers. readers. (See: Deprecated Usage under "Green Book.")
$ physical security $ physical security
(I) Tangible means of preventing unauthorized physical access to a (I) Tangible means of preventing unauthorized physical access to a
system. Examples: Fences, walls, and other barriers; locks, safes, system. Examples: Fences, walls, and other barriers; locks, safes,
and vaults; dogs and armed guards; sensors and alarm bells. and vaults; dogs and armed guards; sensors and alarm bells.
[FP031, R1455] [FP031, R1455]
$ piggyback attack $ piggyback attack
(I) A form of active wiretapping in which the attacker gains (I) A form of active wiretapping in which the attacker gains
access to a system via intervals of inactivity in another user's access to a system via intervals of inactivity in another user's
skipping to change at page 219, line 39 skipping to change at page 220, line 6
access), (b) isolated (i.e., it cannot be modified by other system access), (b) isolated (i.e., it cannot be modified by other system
entities), and (c) verifiable (i.e., small enough to be subjected entities), and (c) verifiable (i.e., small enough to be subjected
to analysis and tests to ensure that it is correct). to analysis and tests to ensure that it is correct).
$ reflection attack $ reflection attack
(I) An attack in which a valid data transmission is replayed to (I) An attack in which a valid data transmission is replayed to
the originator by an attacker who intercepts the original the originator by an attacker who intercepts the original
transmission. (Compare: indirect attack, replay attack.) transmission. (Compare: indirect attack, replay attack.)
$ reflector attack $ reflector attack
(D) Synonymn for "indirect attack". (D) Synonym for "indirect attack".
Deprecated Term: ISDs SHOULD NOT use this term; it could be Deprecated Term: ISDs SHOULD NOT use this term; it could be
confused with "reflection attack", which is a different concept. confused with "reflection attack", which is a different concept.
$ registered user $ registered user
(I) A system entity that is authorized to receive a system's (I) A system entity that is authorized to receive a system's
products and services or otherwise access system resources. (See: products and services or otherwise access system resources. (See:
registration, user.) registration, user.)
$ registration $ registration
skipping to change at page 225, line 45 skipping to change at page 226, line 12
$ risk management $ risk management
1. (I) The process of identifying, measuring, and controlling 1. (I) The process of identifying, measuring, and controlling
(i.e., mitigating) risks in information systems so as to reduce (i.e., mitigating) risks in information systems so as to reduce
the risks to a level commensurate with the value of the assets the risks to a level commensurate with the value of the assets
protected. (See: risk analysis.) protected. (See: risk analysis.)
2. (I) The process of controlling uncertain events that may affect 2. (I) The process of controlling uncertain events that may affect
information system resources. information system resources.
3. (O) "The total process of identifying, controlling, and 3. (O) "The total process of identifying, controlling, and
mitigating information system-Drelated risks. It includes risk mitigating information system-related risks. It includes risk
assessment; cost-benefit analysis; and the selection, assessment; cost-benefit analysis; and the selection,
implementation, test, and security evaluation of safeguards. This implementation, test, and security evaluation of safeguards. This
overall system security review considers both effectiveness and overall system security review considers both effectiveness and
efficiency, including impact on the mission and constraints due to efficiency, including impact on the mission and constraints due to
policy, regulations, and laws." [SP30] policy, regulations, and laws." [SP30]
$ risk transference $ risk transference
(I) See: secondary definition under "risk". (I) See: secondary definition under "risk".
$ Rivest Cipher #2 (RC2) $ Rivest Cipher #2 (RC2)
skipping to change at page 229, line 13 skipping to change at page 229, line 19
path. path.
3. (I) /DNS/ The base of the tree structure that defines the name 3. (I) /DNS/ The base of the tree structure that defines the name
space for the Internet DNS. (See: domain name.) space for the Internet DNS. (See: domain name.)
4. (O) /MISSI/ A name previously used for a MISSI policy creation 4. (O) /MISSI/ A name previously used for a MISSI policy creation
authority, which is not a root as defined above for general usage, authority, which is not a root as defined above for general usage,
but is a CA at the second level of the MISSI hierarchy, but is a CA at the second level of the MISSI hierarchy,
immediately subordinate to a MISSI policy approving authority. immediately subordinate to a MISSI policy approving authority.
5. (O) /UNIX/ A user account (also called "superuser") that has 5. (O) /UNIX/ A user account (a.k.a. "superuser") that has all
all privileges (including all security-related privileges) and privileges (including all security-related privileges) and thus
thus can manage the system and its other user accounts. can manage the system and its other user accounts.
$ root certificate $ root certificate
1. (I) /PKI/ A certificate for which the subject is a root. (See: 1. (I) /PKI/ A certificate for which the subject is a root. (See:
trust anchor certificate, trusted certificate.) trust anchor certificate, trusted certificate.)
2. (I) /hierarchical PKI/ The self-signed public-key certificate 2. (I) /hierarchical PKI/ The self-signed public-key certificate
at the top of a certification hierarchy. at the top of a certification hierarchy.
$ root key $ root key
(I) /PKI/ A public key for which the matching private key is held (I) /PKI/ A public key for which the matching private key is held
skipping to change at page 231, line 6 skipping to change at page 231, line 11
$ safety $ safety
(I) The property of a system being free from risk of causing harm (I) The property of a system being free from risk of causing harm
(especially physical harm) to its system entities. (Compare: (especially physical harm) to its system entities. (Compare:
security.) security.)
$ SAID $ SAID
(I) See: security association identifier. (I) See: security association identifier.
$ salami swindle $ salami swindle
(D) "Slicing off a small amount from each transaction. This kind (D) /slang/ "Slicing off a small amount from each transaction.
of theft was made worthwhile by automation. Given a high This kind of theft was made worthwhile by automation. Given a high
transaction flow, even rounding down to the nearest cent and transaction flow, even rounding down to the nearest cent and
putting the 'extra' in a bogus account can be very profitable." putting the 'extra' in a bogus account can be very profitable."
[NCSSG] [NCSSG]
Deprecated Term: It is likely that other cultures use different Deprecated Term: It is likely that other cultures use different
metaphors for this concept. Therefore, to avoid international metaphors for this concept. Therefore, to avoid international
misunderstanding, ISDs SHOULD NOT use this term. (See: Deprecated misunderstanding, ISDs SHOULD NOT use this term. (See: Deprecated
Usage under "Green Book.") Usage under "Green Book.")
$ salt $ salt
skipping to change at page 255, line 27 skipping to change at page 255, line 34
multiple, connected system components (such as separate hosts on a multiple, connected system components (such as separate hosts on a
network) after a single login at only one of the components. (See: network) after a single login at only one of the components. (See:
Kerberos.) Kerberos.)
2. (O) /Liberty Alliance/ A security subsystem that enables a user 2. (O) /Liberty Alliance/ A security subsystem that enables a user
identity to be authenticated at an identity provider -- i.e., at a identity to be authenticated at an identity provider -- i.e., at a
service that authenticates and asserts the user's identity -- and service that authenticates and asserts the user's identity -- and
then have that authentication be honored by other service then have that authentication be honored by other service
providers. providers.
Tutorial: A single sign-on subsytem typically requires a user to Tutorial: A single sign-on subsystem typically requires a user to
to log in once at the beginning of a session, and then during the log in once at the beginning of a session, and then during the
session transparently grants access by the user to multiple, session transparently grants access by the user to multiple,
separately protected hosts, applications, or other system separately protected hosts, applications, or other system
resources, without further login action by the user (unless, of resources, without further login action by the user (unless, of
course, the user logs out). Such a subsystem has the advantages of course, the user logs out). Such a subsystem has the advantages of
being user friendly and enabling authentication to be managed being user friendly and enabling authentication to be managed
consistently across an entire enterprise. Such a subsystem also consistently across an entire enterprise. Such a subsystem also
has the disadvantage of requiring all the accessed components to has the disadvantage of requiring all the accessed components to
depend on the security of the same authentication information. depend on the security of the same authentication information.
$ singular identity $ singular identity
skipping to change at page 256, line 48 skipping to change at page 257, line 4
$ SMI $ SMI
(I) See: security management infrastructure. (I) See: security management infrastructure.
$ SMTP $ SMTP
(I) See: Simple Mail Transfer Protocol. (I) See: Simple Mail Transfer Protocol.
$ smurf attack $ smurf attack
(D) /slang/ A denial-of-service attack that uses IP broadcast (D) /slang/ A denial-of-service attack that uses IP broadcast
addressing to send ICMP ping packets with the intent of flooding a addressing to send ICMP ping packets with the intent of flooding a
system. (See: fraggle attack, ICMP flood.) system. (See: fraggle attack, ICMP flood.)
Deprecated Term: It is likely that other cultures use different
Deprecated Term: ISDs SHOULD NOT use this term. It is not listed metaphors for this concept. Therefore, to avoid international
in most English dictionaries, and other cultures are likely to use misunderstanding, ISDs SHOULD NOT use this term.
different metaphors for this concept.
Derivation: The Smurfs are a fictional race of small, blue Derivation: The Smurfs are a fictional race of small, blue
creatures that were created by a cartoonist. Perhaps the inventor creatures that were created by a cartoonist. Perhaps the inventor
of this attack thought that a swarm of ping packets resembled a of this attack thought that a swarm of ping packets resembled a
gang of smurfs. (See: Deprecated Usage under "Green Book".) gang of smurfs. (See: Deprecated Usage under "Green Book".)
Tutorial: The attacker sends ICMP echo request ("ping") packets Tutorial: The attacker sends ICMP echo request ("ping") packets
that appear to originate not from the attacker's own IP address, that appear to originate not from the attacker's own IP address,
but from the address of the host or router that is the target of but from the address of the host or router that is the target of
the attack. Each packet is addressed to an IP broadcast address, the attack. Each packet is addressed to an IP broadcast address,
e.g., to all IP addresses in a given network. Thus, each echo e.g., to all IP addresses in a given network. Thus, each echo
request that is sent by the attacker results in many echo request that is sent by the attacker results in many echo
responses being sent to the target address. This attack can responses being sent to the target address. This attack can
disrupt service at a particular host, at the hosts that depend on disrupt service at a particular host, at the hosts that depend on
a particular router, or in an entire network. a particular router, or in an entire network.
$ sneaker net $ sneaker net
(D) /slang/ A process that transfers data between systems only (D) /slang/ A process that transfers data between systems only
manually, under human control; i.e., a data transfer process that manually, under human control; i.e., a data transfer process that
involves an air gap. involves an air gap.
Deprecated Term: ISDs SHOULD NOT use this term. It is not listed Deprecated Term: It is likely that other cultures use different
in most English dictionaries, and other cultures are likely to use metaphors for this concept. Therefore, to avoid international
different metaphors for this concept. misunderstanding, ISDs SHOULD NOT use this term.
$ Snefru $ Snefru
(N) A public-domain, cryptographic hash function (also called "The (N) A public-domain, cryptographic hash function (a.k.a. "The
Xerox Secure Hash Function") designed by Ralph C. Merkle at Xerox Xerox Secure Hash Function") designed by Ralph C. Merkle at Xerox
Corporation. Snefru can produce either a 128-bit or 256-bit output Corporation. Snefru can produce either a 128-bit or 256-bit output
(i.e., hash result). [Schn] (See: Khafre, Khufu.) (i.e., hash result). [Schn] (See: Khafre, Khufu.)
$ sniffing $ sniffing
(D) /slang/ Synonym for "passive wiretapping"; most often refers (D) /slang/ Synonym for "passive wiretapping"; most often refers
to capturing and examining the data packets carried on a LAN. to capturing and examining the data packets carried on a LAN.
(See: password sniffing.) (See: password sniffing.)
Deprecated Term: ISDs SHOULD NOT use this term; it unnecessarily Deprecated Term: ISDs SHOULD NOT use this term; it unnecessarily
skipping to change at page 257, line 47 skipping to change at page 258, line 4
$ SNMP $ SNMP
(I) See: Simple Network Management Protocol. (I) See: Simple Network Management Protocol.
$ social engineering $ social engineering
(D) Euphemism for non-technical or low-technology methods, often (D) Euphemism for non-technical or low-technology methods, often
involving trickery or fraud, that are used to attack information involving trickery or fraud, that are used to attack information
systems. Example: phishing. systems. Example: phishing.
Deprecated Term: ISDs SHOULD NOT use this term; it is too vague. Deprecated Term: ISDs SHOULD NOT use this term; it is too vague.
Instead, use a term that is specific with regard to the means of Instead, use a term that is specific with regard to the means of
attack, e.g., blackmail, bribery, coercion, impersonation, attack, e.g., blackmail, bribery, coercion, impersonation,
intimidation, lying, or theft. intimidation, lying, or theft.
$ SOCKS $ SOCKS
(I) An Internet protocol [R1928] that provides a generalized proxy (I) An Internet protocol [R1928] that provides a generalized proxy
server that enables client-server applications (e.g., TELNET, FTP, server that enables client-server applications (e.g., TELNET, FTP,
or HTTP; running over either TCP or UDP) to use the services of a or HTTP; running over either TCP or UDP) to use the services of a
firewall. firewall.
Tutorial: SOCKS is layered under the IPS Application Layer and Tutorial: SOCKS is layered under the IPS Application Layer and
above the Transport Layer. When a client inside a firewall wishes above the Transport Layer. When a client inside a firewall wishes
to establish a connection to an object that is reachable only to establish a connection to an object that is reachable only
through the firewall, it uses TCP to connect to the SOCKS server, through the firewall, it uses TCP to connect to the SOCKS server,
negotiates with the server for the authentication method to be negotiates with the server for the authentication method to be
used, authenticates with the chosen method, and then sends a relay used, authenticates with the chosen method, and then sends a relay
request. The SOCKS server evaluates the request, typically based request. The SOCKS server evaluates the request, typically based
on source and destination addresses, and either establishes the on source and destination addresses, and either establishes the
skipping to change at page 258, line 27 skipping to change at page 258, line 36
(O) The use of software techniques to reduce the radio frequency (O) The use of software techniques to reduce the radio frequency
information leakage from computer displays and keyboards. [Kuhn] information leakage from computer displays and keyboards. [Kuhn]
(See: TEMPEST.) (See: TEMPEST.)
$ soft token $ soft token
(D) A data object that is used to control access or authenticate (D) A data object that is used to control access or authenticate
authorization. (See: token.) authorization. (See: token.)
Deprecated Term: ISDs SHOULD NOT use this term as defined here; Deprecated Term: ISDs SHOULD NOT use this term as defined here;
the definition duplicates the meaning of other, standard terms. the definition duplicates the meaning of other, standard terms.
Instead, use "attribute certifate" or another term that is Instead, use "attribute certificate" or another term that is
specific with regard to the mechanism being used. specific with regard to the mechanism being used.
$ software $ software
(I) Computer programs (which are stored in and executed by (I) Computer programs (which are stored in and executed by
computer hardware) and associated data (which also is stored in computer hardware) and associated data (which also is stored in
the hardware) that may be dynamically written or modified during the hardware) that may be dynamically written or modified during
execution. (Compare: firmware.) execution. (Compare: firmware.)
$ SORA $ SORA
(O) See: SSO-PIN ORA. (O) See: SSO-PIN ORA.
skipping to change at page 259, line 54 skipping to change at page 260, line 12
$ SPD $ SPD
(I) See: Security Policy Database. (I) See: Security Policy Database.
$ special access program (SAP) $ special access program (SAP)
(O) /U.S. Government/ "[A kind of program that is] established for (O) /U.S. Government/ "[A kind of program that is] established for
a specific class of classified information [and] that imposes a specific class of classified information [and] that imposes
safeguarding and access requirements that exceed those normally safeguarding and access requirements that exceed those normally
required for information at the same classified level." [C4009] required for information at the same classified level." [C4009]
(See: formal access approval, SCI.) (See: formal access approval, SCI.)
Turtorial. /U.S. DoD/ "Any DoD program or activity (as authorized Tutorial. /U.S. DoD/ "Any DoD program or activity (as authorized
in [Executive Order] 12958) employing enhanced security measures in [Executive Order] 12958) employing enhanced security measures
(e.g., safeguarding, access requirements, etc.) exceeding those (e.g., safeguarding, access requirements, etc.) exceeding those
normally required for collateral information at the same level of normally required for collateral information at the same level of
classification shall be established, approved, and managed as a classification shall be established, approved, and managed as a
DoD SAP." DoD SAP."
$ SPI $ SPI
(I) See: Security Parameters Index. (I) See: Security Parameters Index.
$ SPKI $ SPKI
skipping to change at page 279, line 53 skipping to change at page 280, line 10
(I) A cryptographic key used by a device for protecting (I) A cryptographic key used by a device for protecting
information that is being transmitted between devices, as opposed information that is being transmitted between devices, as opposed
to protecting information that being is maintained in the device. to protecting information that being is maintained in the device.
(Compare: storage key.) (Compare: storage key.)
$ traffic padding $ traffic padding
(I) "The generation of spurious instances of communication, (I) "The generation of spurious instances of communication,
spurious data units, and/or spurious data within data units." spurious data units, and/or spurious data within data units."
[I7498-2] [I7498-2]
$ tranquillity property $ tranquility property
(N) /formal model/ Property of a system whereby the security level (N) /formal model/ Property of a system whereby the security level
of an object cannot change while the object is being processed by of an object cannot change while the object is being processed by
the system. (See: Bell-LaPadula model.) the system. (See: Bell-LaPadula model.)
$ transaction $ transaction
1. (I) A unit of interaction between an external entity and a 1. (I) A unit of interaction between an external entity and a
system, or between components within a system, that involves a system, or between components within a system, that involves a
series of system actions or events. series of system actions or events.
2. (O) "A discrete event between user and systems that supports a 2. (O) "A discrete event between user and systems that supports a
skipping to change at page 308, line 40 skipping to change at page 308, line 40
the Department of Defense Trusted Computer System Evaluation the Department of Defense Trusted Computer System Evaluation
Criteria in Specific Environments", CSC-STD-003-85, 25 June Criteria in Specific Environments", CSC-STD-003-85, 25 June
1985. 1985.
[CSOR] U.S. Department of Commerce, "General Procedures for [CSOR] U.S. Department of Commerce, "General Procedures for
Registering Computer Security Objects", National Institute Registering Computer Security Objects", National Institute
of Standards Interagency Report 5308, December 1993. of Standards Interagency Report 5308, December 1993.
[Daem] Daemen, J. and V. Rijmen, "Rijndael, the advanced encryption [Daem] Daemen, J. and V. Rijmen, "Rijndael, the advanced encryption
standard", in "Dr. Dobb's Journal", vol. 26, no. 3, March standard", in "Dr. Dobb's Journal", vol. 26, no. 3, March
2001, pp.137-139. 2001, pp. 137-139.
[DC6/9] Director of Central Intelligence, "Physical Security [DC6/9] Director of Central Intelligence, "Physical Security
Standards for Sensitive Compartmented Information Standards for Sensitive Compartmented Information
Facilities", DCI Directive 6/9, 18 November 2002. Facilities", DCI Directive 6/9, 18 November 2002.
[Denn] Denning, D., "A Lattice Model of Secure Information Flow", [Denn] Denning, D., "A Lattice Model of Secure Information Flow",
in "Communications of the ACM", vol. 19, no. 5, May 1976, in "Communications of the ACM", vol. 19, no. 5, May 1976,
pp. 236-243. pp. 236-243.
[Denns] Denning, D. and P. Denning, "Data Security", in "ACM [Denns] Denning, D. and P. Denning, "Data Security", in "ACM
skipping to change at page 312, line 55 skipping to change at page 312, line 55
[Ioan] Ioannidis, J. and M. Blaze, "The Architecture and [Ioan] Ioannidis, J. and M. Blaze, "The Architecture and
Implementation of Network Layer Security in UNIX", in "UNIX Implementation of Network Layer Security in UNIX", in "UNIX
Security IV Symposium", October 1993, pp. 29-39. Security IV Symposium", October 1993, pp. 29-39.
[ITSEC] "Information Technology Security Evaluation Criteria [ITSEC] "Information Technology Security Evaluation Criteria
(ITSEC): Harmonised Criteria of France, Germany, the (ITSEC): Harmonised Criteria of France, Germany, the
Netherlands, and the United Kingdom", version 1.2, U.K. Netherlands, and the United Kingdom", version 1.2, U.K.
Department of Trade and Industry, June 1991. Department of Trade and Industry, June 1991.
[JCSP1] U.S. DoD, "Dictionary of Military and Associated Terms", [JCSP1] U.S. DoD, "Dictionary of Military and Associated Terms",
Joint Chiefs of Staff, JCS Pub. 1, 1 April 1984. Joint Chiefs of Staff, JCS Pub. 1, 31 Aug 2005.
[John] Johnson, N. and S. Jajodia, "Exploring Steganography; Seeing [John] Johnson, N. and S. Jajodia, "Exploring Steganography; Seeing
the Unseen", in "IEEE Computer", February 1998, pp. 26-34. the Unseen", in "IEEE Computer", February 1998, pp. 26-34.
[Kahn] Kahn, D., "The Codebreakers: The Story of Secret Writing", [Kahn] Kahn, D., "The Codebreakers: The Story of Secret Writing",
The Macmillan Company, New York, 1967. The Macmillan Company, New York, 1967.
[Knut] Knuth, D., Chapter 3 ("Random Numbers") of Volume 2 [Knut] Knuth, D., Chapter 3 ("Random Numbers") of Volume 2
("Seminumerical Algorithms") of "The Art of Computer ("Seminumerical Algorithms") of "The Art of Computer
Programming", Addison-Wesley, Reading, MA, 1969. Programming", Addison-Wesley, Reading, MA, 1969.
skipping to change at page 313, line 53 skipping to change at page 313, line 53
[N4001] National Security Telecommunications and Information System [N4001] National Security Telecommunications and Information System
Security Committee, "Controlled Cryptographic Items", Security Committee, "Controlled Cryptographic Items",
NSTISSI No. 4001, 25 March 1985. NSTISSI No. 4001, 25 March 1985.
[N4006] ---, "Controlled Cryptographic Items", NSTISSI No. 4006, 2 [N4006] ---, "Controlled Cryptographic Items", NSTISSI No. 4006, 2
December 1991. December 1991.
[N7003] ---, "Protective Distribution Systems", NSTISSI No. 7003, 13 [N7003] ---, "Protective Distribution Systems", NSTISSI No. 7003, 13
December 1996. December 1996.
ti 3 [NCS01] National Computer Security Center, "A Guide to Understanding
[NCS01] National Computer Security Center, "A Guide to Understanding
Audit in Trusted Systems", NCSC-TG-001, 1 June 1988. (See: Audit in Trusted Systems", NCSC-TG-001, 1 June 1988. (See:
Rainbow Series.) Rainbow Series.)
[NCS03] ---, "Information System Security Policy Guideline", I942- [NCS03] ---, "Information System Security Policy Guideline", I942-
TR-003, version 1, July 1994. (See: Rainbow Series.) TR-003, version 1, July 1994. (See: Rainbow Series.)
[NCS04] ---, "Glossary of Computer Security Terms", NCSC-TG-004, [NCS04] ---, "Glossary of Computer Security Terms", NCSC-TG-004,
version 1, 21 October 1988. (See: Rainbow Series.) version 1, 21 October 1988. (See: Rainbow Series.)
[NCS05] ---, "Trusted Network Interpretation of the Trusted Computer [NCS05] ---, "Trusted Network Interpretation of the Trusted Computer
skipping to change at page 321, line 5 skipping to change at page 321, line 5
[R4158] Cooper, M., Dzambasow, Y., Hesse, P., Joseph, S., and R. [R4158] Cooper, M., Dzambasow, Y., Hesse, P., Joseph, S., and R.
Nicholas, "Internet X.509 Public Key Infrastructure: Nicholas, "Internet X.509 Public Key Infrastructure:
Certification Path Building", RFC 4158, September 2005. Certification Path Building", RFC 4158, September 2005.
[Raym] Raymond, E., ed., "The On-Line Hacker Jargon File", version [Raym] Raymond, E., ed., "The On-Line Hacker Jargon File", version
4.0.0, 24 July 1996. (See: http://www.catb.org/~esr/jargon 4.0.0, 24 July 1996. (See: http://www.catb.org/~esr/jargon
for the latest version. Also, "The New Hacker's Dictionary", for the latest version. Also, "The New Hacker's Dictionary",
3rd edition, MIT Press, September 1996, ISBN 0-262-68092-0.) 3rd edition, MIT Press, September 1996, ISBN 0-262-68092-0.)
[Roge] Rogers, H., "An Overview of the Caneware Program", in [Roge] Rogers, H., "An Overview of the CANEWARE Program", in
"Proceedings of the 10th National Computer Security "Proceedings of the 10th National Computer Security
Conference", NIST and NCSC, September 1987. Conference", NIST and NCSC, September 1987.
[RSCG] NSA, "Router Security Configuration Guide: Principles and [RSCG] NSA, "Router Security Configuration Guide: Principles and
Guidance for Secure Configuration of IP Routers, with Guidance for Secure Configuration of IP Routers, with
Detailed Instructions for Cisco Systems Routers", version Detailed Instructions for Cisco Systems Routers", version
1.0g, C4-054R-00, 20 April 2001, available at 1.0g, C4-054R-00, 20 April 2001, available at
http://www.nsa.gov. http://www.nsa.gov.
[Russ] Russell, D. et al, Chapter 10 ("TEMPEST") of "Computer [Russ] Russell, D. et al, Chapter 10 ("TEMPEST") of "Computer
Security Basics", ISBN 0-937175-71-4, 1991. Security Basics", ISBN 0-937175-71-4, 1991.
[SAML] Organization for the Advancement of Structured Information [SAML] Organization for the Advancement of Structured Information
Standards (OASIS), "Assertions and Protocol for the OASIS Standards (OASIS), "Assertions and Protocol for the OASIS
Security Assertion Markup Language (SAML)", version 1.1, 2 Security Assertion Markup Language (SAML)", version 1.1, 2
September 2003. September 2003.
[Sand] Sandhu, R. et al, "Role-Based Access Control Models", in [Sand] Sandhu, R. et al, "Role-Based Access Control Models", in
"IEEE Computer", vol. 29, no.2, February 1996, pp. 38-47. "IEEE Computer", vol. 29, no. 2, February 1996, pp. 38-47.
[Schn] Schneier, B., "Applied Cryptography Second Edition", John [Schn] Schneier, B., "Applied Cryptography Second Edition", John
Wiley & Sons, Inc., New York, 1996. Wiley & Sons, Inc., New York, 1996.
[SDNS3] U.S. DoD, NSA, "Secure Data Network Systems, Security [SDNS3] U.S. DoD, NSA, "Secure Data Network Systems, Security
Protocol 3 (SP3)", document SDN.301, Revision 1.5, 15 May Protocol 3 (SP3)", document SDN.301, Revision 1.5, 15 May
1989. 1989.
[SDNS4] ---, ---, "Security Protocol 4 (SP4)", document SDN.401, [SDNS4] ---, ---, "Security Protocol 4 (SP4)", document SDN.401,
Revision 1.2, 12 July 1988. Revision 1.2, 12 July 1988.
skipping to change at page 325, line 45 skipping to change at page 325, line 45
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE IS SPONSORED "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE IS SPONSORED
BY, THE INTERNET SOCIETY, AND THE INTERNET ENGINEERING TASK FORCE BY, THE INTERNET SOCIETY, AND THE INTERNET ENGINEERING TASK FORCE
DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL
NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY
OR FITNESS FOR A PARTICULAR PURPOSE. OR FITNESS FOR A PARTICULAR PURPOSE.
Expiration Date: 14 August 2006. Expiration Date: 20 September 2006.
 End of changes. 62 change blocks. 
95 lines changed or deleted 122 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/