Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 300
K
Glossary
Access generally refers to the right to enter or use a system and its re-
sources; to read, write, modify, or delete data; or to use software
processes or network bandwidth.
Access control is the granting or denying, usually according to a particu-
lar security model, of certain permissions to access a resource.
Access level is either the clearance level associated with a subject or the
classification level associated with an object.
ACE (access control list) refers to a list of subjects permitted to access an
object, and the access rights of each one.
ACM is the Association for Computing Machinery.
ActiveX is a set of client and server component interfaces that enables
developers to build multitier applications that use an HTML renderer
and HTTP and other Internet protocols. ActiveX is the technology
used to integrate the Internet in Windows.
Ada is a programming language that was developed, and subsequently
mandated, for DOD software projects.
Adjunct processors enable the operation of many enhanced telephone
services, such as 800 numbers and voice-menu prompts.
ADSL (asymmetric digital subscriber line) allows an upstream data flow
(i.e., from user to server) that is a fraction of the downstream data
flow, as is appropriate to support Internet services to the home and
video on demand.
ANSI is the American National Standards Institute.
300
OCR for page 301
APPENDIX K
301
API (application programming interface) is an interface provided for an
application to another program.
ARPA: See DARPA.
ARPANET (Advanced Research Projects Agency network) was a feder-
ally funded WAN that became operational in 1968 and was used for
early networking research. It evolved into the central backbone of the
Internet.
AS (autonomous system) is an Internet routing domain under the control
of one organization.
Assurance is confidence that a system design meets its requirements, or
that its implementation satisfies specifications, or that some specific
property is satisfied.
Asymmetric (or public-key) cryptography is based on algorithms that
use one key (typically a public key) to encrypt a message and a differ-
ent, mathematically related key (typically private) to decrypt a mes-
sage.
ATE (Assessment Technology Branch) is part of NASA.
ATM (asynchronous transfer mode) enables voice, data, and video to be
handled with a uniform transmission protocol. It breaks up the infor-
mation to be transmitted into short packets of data and intersperses
them with data from other sources delivered over trunk networks.
Authentication is the process of confirming an asserted identity with a
specified, or understood, level of confidence. The mechanism can be
based on something the user knows, such as a password, something
the user possesses, such as a "smart card," something intrinsic to the
person, such as a fingerprint, or a combination of two or more of
these.
Availability is the property asserting that a resource is usable or opera-
tional during a given time period, despite attacks or failures.
BAA (broad area announcement) is a form of research solicitation used
by DARPA and other federal agencies.
BCR (black/crypto/red) was a federally funded project that achieved full
end-to-end packet encryption, with full header bypass, in working
prototype form in the mid to late 1970s.
Bell and La Padula policy is a security policy prohibiting information
flow from one object to another with a lesser or incomparable classifi-
cation.
BGP (Border Gateway Protocol) is the protocol used by Internet routers
to communicate with other routers across administrative boundaries.
Biometric authentication relies on the use of unique characteristics of
individuals, such as a voiceprint or fingerprint, for authentication.
OCR for page 302
302
APPENDIX K
Blacker is an integrated set of network layer cryptographic devices de-
signed to secure military data networks.
Blue box refers to a device used to defraud the telephone company in the
1960s and 1970s. It sent network control tones over the voice path.
bps (bits per second) refers to the rate at which data are generated by a
source or transmitted over a communications channel. Measurements
are often stated in units of 103 bits per second (kilobits or kbps) or 106
bits per second (megabits or Mbps).
C++ is a programming language.
CA (certification authority) is a trusted party that creates certificates in a
secure manner.
Caneware is a certificate-based, military network encryption system for
the Internet.
CAP (complex arithmetic processor) is a digital signal processor intended
for use in a secure, multimode, programmable radio.
CCITT is the Consultative Committee on International Telephony and
Telegraphy.
CCF (central control function) is an air traffic management subsystem.
CCv2 refers to Common Criteria, version 2.
CDIS (central control function display information system) is a compo-
nent of the CCF.
CDSA (common data security architecture) is an integrated software
framework consisting of APIs designed to make computer platforms
more secure for applications such as electronic commerce.
CERT/CC (Computer Emergency Response Team/Coordination Center)
is an element of the Networked Systems Survivability Program of the
Software Engineering Institute at Carnegie Mellon University. It
keeps track of attacks on the Internet and issues advisories. CERT
advisories are available online at .
Certificate management is the overall process of issuing, storing, veri-
fying, and generally accepting responsibility for the accuracy of pub-
lic-key certificates and their secure delivery to appropriate consum
ers.
Certification is the administrative act of approving a computer system or
component for use in a particular application.
CGI (common gateway interface) is a script run by a World Wide Web
server in response to a client request.
Checksum consists of digits or bits calculated according to an algorithm
and used to verify the integrity of accompanying data.
Chinese Wall (or Brewer-Nash) model is a security policy concerned
with separating different organizational activities to conform with
legal and regulatory strictures in the financial world.
OCR for page 303
APPENDIX K
303
CIA is the Central Intelligence Agency.
CIAO (Critical Infrastructure Assurance Office) is a unit of the U.S.
government established by PDD 63.
CIC R&D (Computing, Information, and Communications Research
and Development) refers to a committee of the National Science and
Technology Council that involves about 12 federal departments and
agencies that coordinate computing and communications programs,
budgets, and review.
Ciphertext is the output of any encryption process, regardless of whether
the original digitized input was text, computer files or programs, or
graphical images.
Cleartext (or plaintext) is the input into an encryption process or output
of a decryption process.
CLEF refers to a commercially licensed evaluation facility.
Clipper chip is an escrowed encryption chip that implements the Skip-
jack algorithm to encrypt communications conducted over the public
switched network (e.g., between telephones, modems, or fax equip-
ment).
CMM (Capability Maturity Model) is used in judging the maturity of the
software processes of an organization. It was developed under the
stewardship of the Software Engineering Institute.
CMW (compartmented mode workstation) is a computer workstation
(rated at least B1 under the TCSEC) that implements both discretion-
ary (i.e., identity-based, user-directed) and mandatory (i.e., rule-
based, administratively directed) access policies.
CNN is the Cable News Network.
COCOMO (constructive cost model) is a method for estimating the cost
of the development of a software system.
COM (common object model) is an open software architecture.
Confidentiality refers to the protection of communications traffic or
stored data against interception or receipt by unauthorized third par-
ties.
Conops (concept of operations) describes the operations of a computing
system, typically in the form of scenarios.
COPS (computer oracle password security) is software that checks for
cracks, configuration errors, and other security flaws in a computer
employing the UNIX operating system.
CORBA (common object request broker architecture) is an OMG speci-
fication that provides the standard interface definition between OMG-
compliant objects.
Correctness is the property of being consistent with a specification. The
specification may stipulate, for example, that proper outputs are pro-
duced by a system for each input.
OCR for page 304
304
APPENDIX K
COTS (commercial off-the-shelf) refers to readily available commercial
technologies and systems.
Countermeasure is a mechanism that reduces or eliminates a vulnerabil-
ity.
CPU is a central processing unit.
CRISIS refers to Cryptography's Role in Securing the Information Society, a
1996 report by the CSTB.
CRL (certificate revocation list) identifies unexpired certificates that are
no longer valid; that is, the binding expressed by the certificates is not
considered to be accurate.
Cross-connect is a component of the telephone system that shunts circuits
from one wire or fiber to another.
Cryptanalysts is the study and practice of various methods to penetrate
ciphertext and deduce the contents of the original cleartext message.
Cryptographic algorithm is a mathematical procedure, often used in con-
junction with a key, that transforms input into a form that is unintel-
ligible without knowledge of a key and the algorithm.
Cryptography is the science and technology of establishing or protecting
the secrecy, authenticity, or integrity of data that might be accessed
by unauthorized parties by using a code or cipher.
CSP (Communicating Sequential Process) is a specification and pro-
gramming notation for concurrent and distributed systems.
CSTB (Computer Science and Telecommunications Board) is a unit of
the National Research Council.
CTCPEC refers to the Canadian Trusted Computer Product Evaluation
Criteria.
CUG (closed user group) is an access control concept used in X.25, frame
relay, and ATM networks to establish a non-cryptographic VPN. A
CUG is limited to a single network and network technology, man-
aged by a single administration.
DARPA is the Defense Advanced Research Projects Agency (known at
times in the past as ARPA), which is part of the DOD.
DCE (data communication equipment) refers to the devices and connec-
tions of a communications network that connect the circuit between
the data source and destination. A modem is the most common type
of DCE.
DCOM (distributed common object model) refers to an infrastructure
for components that can be systematically reused.
DON (defense data network) is a global DOD communications network
composed of MILNET, other portions of the Internet, and classified
networks.
OCR for page 305
APPENDIX K
305
Decryption is the process of transforming ciphertext into the original
message, or cleartext.
Denial of service is a form of attack that reduces the availability of a
resource.
DES (Data Encryption Standard) is the U.S. government standard (FIPS
46-1) describing a symmetric-key cryptographic algorithm.
DGSA (DOD Goal Security Architecture) is a set of specifications or
goals that support a wide range of access controls and integrity poli-
cies in an object-oriented, distributed system environment.
Digital signature is a digitized version of a written signature, typically
produced by decrypting a digest of the message being signed.
DISA is the Defense Information Systems Agency, a unit of the DOD.
DMS (Defense Messaging System) relies on the SNS guard to permit
electronic mail to flow in and out of highly sensitive enclaves and
facilitate communication with less-sensitive DMS subscribers.
DNS (Domain Name Service) is a general-purpose, distributed, repli-
cated, data-query service that is used primarily on the Internet for
translating host names into Internet addresses.
DOD is the U.S. Department of Defense.
DOE is the U.S. Department of Energy.
DOS is disk operating system, developed by Microsoft Corporation and
used widely on IBM-compatible personal computers. It contains no
protection against errant programs and no support for partitioning
the actions of one user from another.
DSP (digital signal processor) is a specialized integrated circuit used to
analyze or alter the characteristics of communications signals.
DSP (downstream service provider) is a local or regional Internet pro-
vider.
DTE (domain and type enforcement) is a fine-grained access control
mechanism.
DVRP (distance vector routing protocol) enables routers to function with-
out complete knowledge of network topology. Routers broadcast a
list of destinations and costs; each recipient adds its cost for travers-
ing its link back toward the sender and rebroadcasts the updated list
of destinations and costs (or a lower-cost path to any of those destina-
tions, if available).
Encryption is any procedure used in cryptography to convert plaintext
into ciphertext to prevent anyone but the intended recipient from
reading the data.
Escrowed Encryption Initiative is a voluntary program intended to im-
prove the security of telephone communications while also meeting
the stated needs of law enforcement.
OCR for page 306
306
APPENDIX K
ESP (Encapsulating Security Payload) is a protocol (part of the IETF
IPsec series of standards) that provides encryption and/or authenti-
cation for IP packets.
Fault tolerance is the capability of a system or component to continue
operating despite hardware or software faults. It may be expressed in
terms of the number of faults that can be tolerated before normal
. · · · .
Operahon Is ~mpa~recr.
FBI is the Federal Bureau of Investigation.
FCC is the Federal Communications Commission.
FDA is the Food and Drug Administration.
FEAL is a symmetric-key cipher developed in Japan.
FFRDC refers to federally funded research and development centers.
FGAC (fine-grained access control) enables a user or system administra-
tor to control access to small objects, methods, and procedures.
FIPS (federal information processing standards) are technical standards
published by NIST. U.S. government agencies are expected either to
purchase computer-related products that conform to these standards
or to obtain a formal waiver.
Firewall is a defensive mechanism typically deployed at the boundary
between a trusted and a mistrusted computer network.
Formal language is language that has precisely defined syntax and se-
mantics. It enables unambiguous descriptions and is often amenable
to various degrees of automated analysis.
Formal method is a mathematically based technique for describing and
analyzing hardware, software, and computing systems.
Fortezza is a PCMCIA cryptographic token for protecting data. It is a
component of the MISSI architecture.
Fortezza Initiative is a U.S. government initiative to promote and sup-
port escrowed encryption for data storage and communications.
FTP (File Transfer Protocol) is a client-server protocol that enables a user
on one computer to transfer files to and from another computer over
a TCP/IP network.
Functionality is the functional behavior of a system. Functionality re-
quirements include confidentiality, integrity, availability, authentica-
tion, and safety.
GSM (global system for mobile communications) is a standard for digi-
tal cellular communications that is being adopted by more than 60
countries.
GSSAPI (generic security services application programming interface)
is an IETF-standard application-level interface to cryptographic services.
GUI is a graphical user interface.
OCR for page 307
APPENDIX K
307
Hardware token refers to a small hardware device that contains a per-
sonal cryptographic key as well as processing capability. It is used
typically for authentication.
Hash function is a form of checksum.
HCS (High Confidence Systems) is the working group of the Committee
on CIC R&D that deals with trustworthiness.
Heisenbug refers to a transient failure that is difficult to reproduce be-
cause it is triggered by circumstances beyond the control of a tester.
Hijacking refers, in the computer context, to the impersonation of a pre-
viously authenticated entity.
HMO is a health maintenance organization.
HTML (Hypertext Markup Language) is used to represent text and other
data for posting and delivery to browsers on the World Wide Web.
HTTP (Hypertext Transfer Protocol) is the client-server TCP/IP protocol
used on the World Wide Web for the exchange of HTML documents.
IAB is the Internet Architecture Board.
ICMP (Internet Control Message Protocol) is a feature of IP that allows
for the generation of error messages, test packets, and informational
messages.
IDE is a disk interface standard.
Identification is an assertion about the identity of someone or something.
IEEE is the Institute of Electrical and Electronics Engineers.
IESG is the Internet Engineering Steering Group.
IETF (Internet Engineering Task Force) is a large, international commu-
nity of network designers, operators, vendors, and researchers who
coordinate the evolution of the Internet and resolve protocol and ar-
chitectural issues.
IISP is the Information Infrastructure Standards Panel.
IITF is the Information Infrastructure Task Force.
IMP (interface message processor) was a switching node for the ARPANET.
Infosec refers to information security.
Integrity is the property of an object meeting an a priori established set of
expectations. In the distributed system or communication security
context, integrity is more precisely defined as assurance that data
have not been undetectably modified in transit or storage.
Integrity check is a quantity derived by an algorithm from the running
digital stream of a message, or the entire contents of a stored data file,
and appended to it. Some integrity checks are cryptographically based.
IPsec (IP Security) is a suite of internetwork-layer security protocols de-
veloped for the Internet by the IETF working group.
OCR for page 308
308
APPENDIX K
IP (Internet Protocol) is a connectionless, packet-switching protocol that
serves as the internetwork layer for the TCP/IP protocol suite. IP
provides packet routing, fragmentation, and reassembly.
ISAKMP (Internet Security Association and Key Management Proto-
col) is a protocol developed by the NSA to negotiate keys for use with
data network security protocols.
ISAT (Information Science and Technology) refers to special activities
held by DARPA to address long-term issues and plans.
ISDN (integrated services digital network) is a set of communications
standards that specify how different types of information (e.g., voice,
data, video) can be transmitted in the public switched telephone net-
work.
ISO is the Information Systems Office of DARPA.
ISO is the International Organization for Standardization.
ISOC (Internet Society) is a nonprofit, professional membership organi-
zation that facilitates and supports the technical evolution of the In-
ternet; stimulates interest in and educates the scientific and academic
communities, industry, and the public about the technology, uses,
and applications of the Internet; and promotes the development of
new applications.
ISP (Internet service provider) is a company that provides other compa-
nies or individuals with access to, or presence on, the Internet. Most
ISPs also provide extra services, such as help with the design, cre-
ation, and administration of World Wide Web sites.
ISSR-lTO (Information Systems Security Research-loint Technology
Office) involves DARPA, DISA, and NSA.
ITO (Information Technology Office) is a unit of DARPA that supports
research in computing and communications.
ITSEC (Information Technology Security Evaluation Criteria) refers to
the harmonized criteria of France, Germany, the Netherlands, and the
United Kingdom.
IW-D refers to defensive information warfare.
Java is an object-oriented, distributed, architecture-neutral, portable, gen-
eral-purpose programming language.
lavaBeans is a component architecture for lava that enables the develop-
ment of reusable software components that can be assembled using
visual application-builder tools.
fDK Qava development kit) provides an environment for developing
Java programs.
VIM Qava virtual machine) is a specification for software that interprets
Java programs compiled into byte codes.
OCR for page 309
APPENDIX K
309
KDC (key-distribution center) is an online, automated provider of secret
symmetric keys.
Kernel is a small, trusted portion of a system that provides services on
which the other portions of the system depend.
Key is a value used in conjunction with a cryptographic algorithm.
Key-escrow encryption is an encryption system that enables exceptional
access to encrypted data through special data-recovery keys held ("in
escrow") by a trusted party.
KPA (key process area) refers to the most important aspects of software
processes.
LAN (local area network) is a data communications network, such as an
Ethernet, that covers a small geographical area (typically no larger
than a 1-kilometer radius), allowing easy interconnection of termi-
nals, microprocessors, and computers within adjacent buildings.
Link-State Routing Protocol enables routers to exchange information
about the possibility and cost of reaching the other networks. The
cost is based on number of hops, link speeds, traffic congestion, and
other factors, as determined by the network designer.
MD4 is a hash algorithm.
MEII (minimum essential information infrastructure) is a highly trust-
worthy communications subsystem originally envisioned for use by
NISs that control critical infrastructures.
MIB (management information base) is a database of objects accessed by
the Internet management protocols (SNMP).
MIC (message integrity code) is a value that is a complex function of both
a set of protected data and a cryptographic key. It is computed by the
sender and validated by the receiver.
MILNET is the military network that is part of the DON and the Internet.
MIME (multipurpose Internet mail extension) is a standard for multi-
part, multimedia electronic mail messages and World Wide Web
hypertext documents on the Internet.
MISSI (Multilevel Information Systems Security Initiative) is an NSA
initiative designed to provide a framework for the development of
interoperable, complementary security products.
Multics is a multiuser operating system developed in the mid-1960s by
MIT, GE, and Bell Laboratories that features elaborate access controls.
Multiplexing is the combining of several signals for transmission on a
shared medium.
MVS (multiple virtual storage) is an operating system for system 370
and its successors that supports virtual memory.
OCR for page 310
310
APPENDIX K
NASA is the National Aeronautics and Space Administration.
NCS (National Communications System) is a group of 23 federal depart-
ments and agencies that coordinates and plans systems to support
responses to crises and disasters.
NCSC (National Computer Security Center) is part of the NSA.
NES (Network Encryption System) is a certificate-based, packet network
encryption system certified by the NSA (cf., Caneware).
NIS (networked information system) integrates computing and commu-
nications systems, procedures, and users and operators.
NIST (National Institute of Standards and Technology) is a unit of the
U.S. Department of Commerce that works with industry to develop
and apply technology, measurements, and standards.
NLSP (Netware Link-State Protocol) is a protocol for the exchange of
routing information in some networks.
NLSP (Network-Layer Security Protocol) is a protocol (roughly compa-
rable to IPsec) that was developed for OSI networks but is rarely
used.
NMS (network management system) is a collection of software for man-
aging the security of the other components in the MISSI architecture.
NOC (network operations center) is a designated site that monitors and
controls the elements of a network.
Nonrepudiation is the affirmation, with extremely high confidence, of
the identity of the signer of a digital message using a digital signature
procedure. It is intended to protect against any subsequent attempt
by the signer to deny authenticity.
NPRG (National Partnership for Reinventing Government) is the
Administration's ongoing effort to make the U.S. government work
better and cost less. It was formerly known as the National Perfor-
mance Review.
NRC (Network Reliability Council) is the former name of the NRIC.
NRC (National Research Council) is the operating arm of the National
Academy of Sciences and the National Academy of Engineering.
NRIC (Network Reliability and Interoperability Council) is the new
name of the former Network Reliability Council.
NSA is the National Security Agency, which is part of the DOD.
NSF is the National Science Foundation.
NSTAC (National Security Telecommunications Advisory Committee)
provides industry advice to the Executive Branch of the U.S. govern-
ment.
Object is a hardware or software system or component (e.g., processor,
file, database) that can be accessed by a subject.
OCR for page 311
APPENDIX K
311
Object code is the "executable" code of Is and us that instructs a com-
puter on the steps to be performed.
OC-12 (optical carrier 12) is a SONET rate communications channel of
622 megabits per second.
OLE (object linking and embedding) is object-oriented software technol-
ogy.
OMG (Object Management Group) is a consortium of companies that
supports and promotes a set of standards called CORBA.
Orange Book is the common name for the DOD document that provides
criteria for the evaluation of different classes of trusted systems.
Supplementary documents extend and interpret the criteria.
ORCON (originator controlled) is a term used with very sensitive classi-
fied data to denote an access control policy in which the originator of
data must approve access.
OS (operating system) is a computer program (e.g., MS-DOS, Windows,
UNIX, Mac OS) that provides basic services for applications. Such
functions can include screen displays, file handling, and, in the fu-
ture, encryption.
OSI (open systems interconnection) refers to a seven-layer model of
network architecture and a suite of implementing protocols devel-
oped in 1978 as a framework for international standards for heteroge-
neous computer networks.
OSPF (open shortest-path first-interior) is a standard interior gateway
routing protocol for the Internet. It is a link-state routing protocol, as
distinct from a distance-vector routing protocol.
OSS (operations support system) is a computer system involved in run-
ning the telephone network.
P5 is an Intel processor chip known as a Pentium processor.
P6 is an Intel processor chip known as a Pentium Pro processor.
Packet switching is a networking technology that breaks up a message
into smaller packets for transmission and switches them to their re-
quired destination. Unlike circuit switching, which requires a con-
stant point-to-point circuit to be established, each packet in a packet-
switched network contains a destination address. Thus all packets in
a single message do not have to travel the same path. They can be
dynamically routed over the network as circuits become available or
unavailable. The destination computer reassembles the packets back
into their proper sequence.
Password is a sequence of characters presented to a system for purposes of
authentication of the user's identity or privilege to access the system.
PC is a personal computer.
OCR for page 312
312
APPENDIX K
PCC (proof-carrying code) is a security enforcement approach in which
formal, machine-checkable proof is used to establish that a software
program will not violate a particular security policy.
PCCIP is the President's Commission on Critical Infrastructure Protec-
tion.
PCMCIA is the Personal Computer Memory Card Interface Association,
an organization that specifies standards for what are now called PC
cards.
POP (pretty good privacy) is a public-key encryption-based file encryp-
tion implementation. POP enables users to exchange files or e-mail
messages with privacy and authentication.
PIN is a personal identification number and is used in much the same
manner as a password.
PKI (public-key infrastructure), as used in this report, refers to mecha-
nisms, procedures, and policies that together provide a management
framework for the deployment of public-key cryptography.
Plaintext is a synonym for cleartext.
PLI (private line interface) was a network-layer encryptor designed to
protect classified data transmitted over the ARPANET, developed
and deployed in the mid 1970s.
Privacy ensures freedom from unauthorized intrusion.
Private key is the decryption or signature generation key associated
with a given person's public key for a public-key cryptographic
system.
Protocols are formal rules describing how different parties cooperate to
share or exchange data, especially across a network.
Pseudocode is a program written using a mixture of programming lan-
guage and informal statements (e.g., plain English).
PTN is the public telephone network.
Public key is the publicly known key associated with a given subject in a
public-key cryptographic system.
Public-key certificate is a data structure, typically transmitted electroni-
cally over an information network, that establishes the relationship
between a named individual or organization and a specified public
key.
Public-key cryptography refers to algorithms that use one key to encrypt
or digitally sign data and a corresponding second key to decrypt or
validate the signature of that data.
QOS (quality of service) refers to performance guarantees offered by a
network.
R2 is the NSA unit that is responsible for information security research.
OCR for page 313
OCR for page 314
OCR for page 315
OCR for page 316
OCR for page 317
OCR for page 318
Representative terms from entire chapter:
routing protocol
APPENDIX K
313
R/3 is a software product from SAP for handling all major functions of a
commercial enterprise.
R&D is research and development.
Red Book is the common name for the DOD document containing the
trusted network interpretation of the trusted computer system evalu-
ation criteria.
Reliability is the capability of a computer, or information or telecommu-
nications system, to perform consistently and precisely according to
its specifications and design requirements, and to do so with high
confidence.
RFC (request for comments) refers to a series of numbered informational
documents and standards widely followed in the Internet commu-
nity. All Internet standards are recorded in RFCs, but not all RFCs are
standards. RFCs are issued online at
314
APPENDIX K
Secrecy is the habit or practice of maintaining privacy. It is an element of
security.
Secret key is a key used in conjunction with a secret-key or symmetric
cryptosystem.
Secret-key cryptosystem is a symmetric cryptographic process in
which both parties use the same secret key to encrypt and decrypt
messages.
Security refers to a collection of safeguards that ensure the confidentiality
of information, protect the systems) or networks used to process it,
and control access to it. Security typically encompasses secrecy,
confidentiality, integrity, and availability and is intended to ensure
that a system resists potentially correlated attacks.
Security level is either the clearance level associated with a subject or a
classification level associated with an object.
SKI is the Software Engineering Institute.
SET (secure electronic transaction) is a protocol for credit card transac-
tions over the Internet.
SFI (software fault isolation) is a security enforcement approach in which
instructions and addresses are modified so that they cannot reference
memory outside the specified regions.
Shareware is software that is offered publicly, free of charge, rather than
sold, but shareware authors usually do request payment for the freely
distributed software.
SKIPlACK is a symmetric encryption algorithm.
S/MIME (secure/multipurpose Internet mail extension) is a format for
secure Internet e-mail.
SMTP (Simple Mail Transfer Protocol) is a protocol used to transfer e-
mail over the Internet.
Snefru is a one-way hash function.
SNMP (Simple Network Management Protocol) is the Internet standard
protocol that manages nodes on an IF network.
SNS (Secure Network System) is a high-assurance guard (a component
of the MISSI architecture) for separating Top Secret enclaves from
less-sensitive network environments.
SONET (synchronous optical network) is a broadband networking stan-
dard that is generally based on ring topologies to ensure reliability.
Source code is the textual form in which a high-level-language program
is entered into a computer.
SP3 (Security Protocol at Level 3) is a network-layer encryption standard
developed in the SONS project.
Specification is a precise description of the desired behavior of a system.
APPENDIX K
315
SPKI (Simple Public-Key Infrastructure) is a scheme being developed
by an IETF working group attempting to codify SDSI into an Internet
standard.
Spoofing is the illicit, deliberate assumption of the characteristics of an-
other computer system or user, for purposes of deception.
SS7 (Signaling System 7) is a protocol suite used for communication
with, and control of, telephone central office switches and processors.
It uses out-of-band signaling.
SSL (secure socket layer) is a protocol designed to provide secure com-
munications for HTTP traffic on the Internet.
State is retained information from one transaction that is used to deter-
mine how to complete a subsequent transaction, often of a related
type.
STL (standard template library) is a component designed for systematic
reuse.
STU-III (Secure Telephone Unit III) is a standardized voice and data
telephone system capable of encryption up to top-secret level for de-
fense and civilian government purposes. STU-III operates over stan-
dard dial-up telephone lines and has been extended to cellular appli-
cations.
Subject refers, in this report, to an active entity (e.g., a user, or a process
or device acting on the user's behalf) that can make a request to per-
form an operation on an object.
Survivability is the capability to provide a level of service in adverse or
hostile conditions.
SWAT is a special weapons and tactics team.
SwIPe is a host-based IP encryptor that led to the IETF working group on
IPsec.
TCL is tool command language.
TCP (Transmission Control Protocol) is the most common transport-
layer protocol used on the Internet. It provides reliable connection-
oriented full-duplex communications, flow control, and multiplex-
~ng.
TCSEC (Trusted Computer System Evaluation Criteria) refers to criteria
for a graded system of protection contained in the DOD document
known as the Orange Book.
Telnet is a protocol that enables a user on one machine to log onto an-
other machine over a network and read the remote files.
Threat is an adversary that is both motivated and capable of exploiting a
vulnerability.
316
APPENDIX K
Tiger team refers to an organized group of people that tests security
measures by attempting to penetrate them, or, more generally, to any
official inspection team or special group called in to look at a com-
puter or communications problem.
TIU (trusted interface unit) is an Ethernet LAN data encryption prod-
uct.
Trojan horse refers to a program that, by exploiting the current user's
authorization, provides covert access to information in an object for a
user not authorized to access that object.
Trustworthiness is assurance that a system deserves to be trusted that it
will perform as expected despite environmental disruptions, human
and operator error, hostile attacks, and design and implementation
errors. Trustworthy systems reinforce the belief that they will con-
tinue to produce expected behavior and will not be susceptible to
subversion.
UDP (User Datagram Protocol) is an Internet transport protocol that pro-
vides unreliable datagram services. It adds a checksum and addi-
tional process-to-process addressing information on top of the basic
IP layer.
UNIX is a multiuser operating system developed by Bell Laboratories in
the 1970s that is widely used on the Internet and in the computer
science research community. It is much smaller and simpler than
Multics and has far fewer access controls and far less structure to
support security.
URL (uniform resource locator) specifies an Internet object, such as a file
or a newsgroup. URLs are used in HTML documents to specify tar-
gets of hyperlinks.
URP (University Research Program) is the program within NSA's R2 that
awards contracts to academic investigators for security-related re-
search.
VDM (Vienna definition method) is a formal method.
Verity is a tool used to design processors.
VGA is video graphics adapter.
VLSI (very large scale integration) refers to integrated circuits composed
of hundreds of thousands of logic elements, or memory cells.
VPN (virtual private network) is a secure connection through an other-
wise insecure network, typically the Internet.
Vulnerability is an error or weakness in the design, implementation, or
operation of a system.
VVSL is a formal method.
APPENDIX K
317
W3C (World Wide Web Consortium) is an industry consortium stan-
dards-setting body for the Web.
WAN (wide area network) is a network extending over an area greater
than 1 kilometer in diameter.
Windows NT is Microsoft's multiprogramming, multitasking, and multi-
user operating system. It has the ability to control users' access to all
system objects. Windows NT is supported on several instruction set
architectures.
Work factor is a measure of the difficulty of undertaking a brute-force test
of all possible keys against a given ciphertext and known algorithm.
WWW is the World Wide Web.
X.25 is a standard protocol suite for the DTE-DCE interface in a packet-
switched network. It was developed to describe how data passes in
and out of public data communications networks.
XEU (Xerox encryption unit) is a functionally transparent cipher unit for
protecting information on baseband LANs.
Y2K (year 2000) refers to the widespread problem of computers that are
not programmed to recognize correctly the years following 1999.
