Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Search Definitions
  • #

    credential theft

    Credential theft is a type of cybercrime that involves stealing the proof of identity of the victim, which can be either an individual or a business. Once credential theft has been successful, the attacker will have the same account privileges as the victim. Stealing credentials is the first stage in a credential-based attack.

  • A

    AAA server (authentication, authorization, and accounting)

    An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.

  • access control

    Access control is a security technique that regulates who or what can view or use resources in a computing environment.

  • access log

    An access log is a list of all the requests for individual files that people have requested from a Web site.

  • address space layout randomization (ASLR)

    Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.

  • Advanced Encryption Standard (AES)

    The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information.

  • advanced evasion technique (AET)

    An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection system

  • advanced persistent threat (APT)

    An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time.

  • adware

    Adware is any software application in which advertising banners are displayed while a program is running.

  • alternate data stream (ADS)

    An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.

  • Android WebView

    Android WebView is a component that allows Web developers to render a web page within an Android app.

  • anonymous email

    Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.

  • anonymous Web surfing (Web anonymizer, SafeWeb)

    Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.

  • anti-money laundering software (AML)

    Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued)

  • Antigen

    Sybari's Antigen is antivirus software for Lotus Domino and Microsoft Exchange.

  • antimalware (anti-malware)

    Antimalware (anti-malware) is a type of software program designed to prevent, detect and remove malicious software (malware) on IT systems, as well as individual computing devices.

  • antispoofing

    Antispoofing is a technique for countering spoofing attacks on a computer network.

  • antivirus software (antivirus program)

    Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.

  • application blacklisting

    Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only those known to contain security threats or vulnerabilities but also those that are deemed inappropriate within a given organization. Blacklisting is the method used by most antivirus programs, intrusion prevention/detection systems and spam filters.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.

  • asymmetric cryptography (public key cryptography)

    Asymmetric cryptography, also known as public-key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use.

  • ATM black box attack

    An ATM black box attack, also referred to as jackpotting, is a type of banking-system crime in which the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure.

  • attack vector

    An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome.

  • Australian Assistance and Access Bill

    The Australian Assistance and Access Bill is legislation introduced and passed in 2018 by the Parliament of Australia to support law enforcement and security agencies in their ability to collect evidence from electronic devices.

  • authentication

    Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.

  • authentication factor

    An authentication factor is a category of credential used for identity verification. The three most common categories are often described as something you know (the knowledge factor), something you have (the possession factor) and something you are (the inherence factor).

  • authentication server

    An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued)

  • authentication, authorization, and accounting (AAA)

    Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.

  • Automated Clearing House (ACH)

    Automated Clearing House (ACH) is a secure payment transfer system that connects all U.S. financial institutions.

  • Automated Fingerprint Identification System (AFIS)

    The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.

  • B

    Back Orifice

    Back Orifice is a rootkit program designed to expose the security deficiencies of Microsoft's Windows operating systems. The program's name is inspired by the name of Microsoft's BackOffice product. Created by a group of hackers called the Cult of the Dead Cow, Back Orifice allows someone at one computer to control everything on another, remote computer running Windows. (Continued)

  • backdoor (computing)

    A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.

  • backscatter body scanning

    Backscatter body scanning is an X-ray-based technology that yields a high-resolution image of a person's body beneath their clothing and reveals concealed objects... (Continued)

  • barnacle

    In a computer, a barnacle is unwanted programming, such as adware or spyware, that is downloaded and installed along with a user-requested program.

  • bastion host

    On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to screen the rest of its network from security exposure.

  • bifurcation

    In the biometric process of fingerscanning, a bifurcation is a point in a finger image at which two ridges meet.

  • bimodal IAM (bimodal identity access management)

    Bimodal identity and access management (IAM) uses two forms of credentials, internal and external, as a method of authentication.

  • BioAPI Consortium

    The BioAPI Consortium is a group of over 90 organizations whose goal is to encourage and promote the growth of biometric technology by developing an industry-wide application programming interface (API.) The consortium's API defines how a software application interacts with a biometric verification device; it is compatible with different operating systems, vendor applications, and types of biometric technologies including voice and facial recognition, iris and retina scans, signature verification, hand and earlobe geometry, and fingerprint analysis.

  • biometric authentication

    Biometric authentication is a security process that relies on the unique biological characteristics of an individual to verify that he is who is says he is. Biometric authentication systems compare a biometric data capture to stored, confirmed authentic data in a database. If both samples of the biometric data match, authentication is confirmed.

  • biometric payment

    Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.

  • biometric verification

    Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits... (Continued)

  • biometrics

    Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.

  • black hat

    Black hat refers to a hacker who breaks into a computer system or network with malicious intent. A black hat hacker may exploit security vulnerabilities for monetary gain; to steal or destroy private data; or to alter, disrupt or shut down websites and networks.

  • blended threat

    A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.  

  • block cipher

    A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.

  • Blowfish

    Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms.

  • BlueKeep (CVE-2019-0708)

    BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008.

  • bogie (bogey)

    The term bogie, also spelled bogey, refers to a false blip on a radar display.

  • bot worm

    A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that functions as a vehicle for the spread of viruses, Trojans and spam... (Continued)

  • botnet

    A botnet is a network of infected smart computing devices controlled by a common type of malware. The term botnet is derived from the words robot and network. A robot, in this context, is a malicious program that operates as an agent for a human attacker.

  • brain fingerprinting

    Brain fingerprinting is a controversial technique that is advocated as a way to identify a terrorist or other dangerous person by measuring the "brainprint" of that person when shown a particular body of writing or an image that was previously familiar (such as of a training camp or manual).

  • bridge

    A bridge is a class of network device that’s designed to connect networks at OSI Level 2, which is the data link layer of a local-area network (LAN).

  • bring your own apps (BYOA)

    Bring your own apps (BYOA) is the trend toward employee use of third-party applications and cloud services in the workplace. BYOA, like the BYOD trend towards user-owned devices in the workplace, is an example of the increasing consumerization of IT.

  • Bring Your Own Authentication (BYOA)

    Bring Your Own Authentication (BYOA) is a computing concept in which employee-owned devices are used as authentication credentials within the enterprise.

  • browser hijacker (browser hijacking)

    A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.

  • browser isolation

    Browser isolation is a cybersecurity model for web browsing that can be used to physically separate an internet user’s browsing activity from their local machine, network and infrastructure.

  • brute force attack

    Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.

  • buffer overflow

    A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow exploits may enable remote execution of malicious code or denial of service attacks.

  • buffer underflow

    Buffer underflow, also known as buffer underrun or buffer underwrite, is a threat to data that typically occurs when the temporary holding space during information transfer, the buffer, is fed at a lower rate than it is being read from.

  • Bugbear

    Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers. It is similar to an earlier virus, Klez, in terms of its invasion approach and rapid proliferation.

  • BYOI (bring your own identity)

    BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password is managed by a third party such as Facebook, Twitter, LinkedIn, Google+ or Amazon.

  • bypass

    Bypass, in general, means either to go around something by an external route rather than going through it, or the means of accomplishing that feat.

  • C

    cable modem

    A cable modem is a device that enables you to hook up your PC to a local cable TV line and receive data at about 1.5 Mbps.

  • cache cramming

    Cache cramming is a method of tricking a computer into running Java code it would not ordinarily run.

  • cache poisoning (DNS poisoning, web cache poisoning)

    Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache.

  • CALEA (Communications Assistance for Law Enforcement Act)

    CALEA (Communications Assistance for Law Enforcement Act) is a United States federal law that enables the government to intercept wire and electronic communications and call-identifying information under certain circumstances -- in particular, when it is necessary in order to protect national security.

  • CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

    A CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) is a type of challenge-response system designed to differentiate humans from robotic software programs.

  • capture

    Capture is the process or means of obtaining and storing external data, particularly images or sounds, for use at a later time.

  • card-not-present fraud (card-not-present transaction)

    Card-not-present (CNP) fraud is the unauthorized use of a payment card to conduct a card-not-present transaction when the cardholder cannot or does not physically present the card at the time of the transaction.

  • cardholder data (CD)

    Cardholder data (CD) refers to the primary account number (PAN) of a payment card belonging to a cardholder, along with any of the following data types: cardholder name, expiration date or service code (a three- or four-digit number coded onto the magnetic-stripe that specifies acceptance requirements and limitations for a magnetic-stripe-read transaction).

  • cardholder data environment (CDE)

    A cardholder data environment or CDE is a computer system or networked group of IT systems that processes, stores and/or transmits cardholder data or sensitive payment authentication data, as well as any component that directly connects to or supports this network.

  • Carnivore

    Carnivore was an Internet surveillance system developed for the U.S. Federal Bureau of Investigation (FBI) so that they could monitor the electronic transmissions of criminal suspects. Critics, however, charged that Carnivore did not include appropriate safeguards to prevent misuse and might violate the constitutional rights of the individual. The Electronic Privacy Information Center (EPIC) reported in early 2005 that the FBI had replaced Carnivore with other unspecified surveillance software from commercial sources. Such software usually includes a packet sniffer.

  • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)

    Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol that forms part of the 802.11i standard for wireless local area networks (WLANs), particularly those using WiMax technology... (Continued)

  • certificate authority (CA)

    A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically link an entity with a public key.

  • Certificate Revocation List (CRL)

    A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid and trustworthy.

  • Certified Cloud Security Professional (CCSP)

    The Certified Cloud Security Professional (CCSP) certification is intended for experienced IT professionals who have a minimum of five years of experience in the industry with three of those years being in information security and one year in one of the six CCSP domains.

  • Certified Information Security Manager (CISM)

    Certified Information Security Manager (CISM) is an advanced certification which indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program.

  • Certified Information Systems Auditor (CISA)

    The Certified Information Systems Auditor (CISA) is a certification and globally recognized standard for appraising an IT auditor's knowledge, expertise and skill in assessing vulnerabilities and instituting IT controls in an enterprise environment. 

  • Certified Information Systems Security Professional (CISSP)

    Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².

  • chaffing and winnowing

    Chaffing and winnowing are dual components of a privacy-enhancement scheme that does not require encryption.

  • challenge-response authentication

    In information security, challenge-response authentication is a type of authentication protocol where one entity presents a challenge or question, and another entity provides a valid response to be authenticated.

  • Chameleon Card

    The Chameleon Card is a programmable card in development at Chameleon Network that can represent each of the owner's credit, debit, and customer cards as required, making it unnecessary to carry all of the aforementioned.

  • CHAP (Challenge-Handshake Authentication Protocol)

    CHAP (Challenge-Handshake Authentication Protocol) is a more secure procedure for connecting to a system than the Password Authentication Procedure (PAP).

  • checksum

    A checksum is a value that represents the number of bits in a transmission message and is used by IT professionals to detect high-level errors within data transmissions.

  • Chernobyl virus

    The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.

  • cipher

    In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.

  • cipher block chaining (CBC)

    Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block).

  • ciphertext feedback (CFB)

    Ciphertext feedback (CFB) is a mode of operation for a block cipher. In contrast to the cipher block chaining (CBC) mode, which encrypts a set number of bits of plaintext at a time, it is at times desirable to encrypt and transfer some plaintext values instantly one at a time, for which ciphertext feedback is a method.

  • Cisco Certified Security Professional (CCSP)

    A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)

  • CISO (chief information security officer)

    The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.

  • CISO as a service (vCISO, virtual CISO, fractional CISO)

    A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.

  • claims-based identity

    Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions.

  • Class C2

    Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) tests.

  • click fraud (pay-per-click fraud)

    Click fraud (sometimes called pay-per-click fraud) is the practice of artificially inflating traffic statistics for online advertisements.

  • cloaking

    Cloaking is the masking of the sender's name and address in an e-mail note or distribution.

  • COBIT

    COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices.

  • cocooning

    Cocooning is the act of insulating or hiding oneself from the normal social environment, which may be perceived as distracting, unfriendly, dangerous, or otherwise unwelcome, at least for the present.

  • cold boot attack

    A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.

  • Common Body of Knowledge (CBK)

    In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.

  • Common Vulnerabilities and Exposures (CVE)

    Common Vulnerabilities and Exposures (CVE) provides unique identifiers for publicly known security threats.

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close