Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Browse Definitions
Search Definitions
  • G

    graphical password or graphical user authentication (GUA)

    A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI).

  • gray hat (or grey hat)

    Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.

  • greynet (or graynet)

    Greynet is a term for the use of unauthorized applications on a corporate network. A greynet application is a network-based program that corporate network users download and install without permission from their company's IT department.

  • grid authentication

    Grid authentication is a method of ensuring that an end user is who he claims to be by requiring him to enter values from specific cells in a grid whose content should be only accessible to him and the service provider. Because the grid consists of letters and numbers in rows and columns, the method is sometimes referred to as bingo card authentication.

  • H

    hacker

    A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.

  • hacktivism

    Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.

  • Hash-based Message Authentication Code (HMAC)

    Hash-based Message Authentication Code (HMAC) is a message authentication code that uses a cryptographic key in conjunction with a hash function.

  • HDCP (High-bandwidth Digital Content Protection)

    HDCP (High-bandwidth Digital Content Protection) is a specified method from Intel for protecting copyrighted digital entertainment content that uses the Digital Video Interface (DVI) by encrypting its transmission between the video source and the digital display (receiver).

  • Heartbleed

    Heartbleed is a vulnerability in some implementations of OpenSSL. Because OpenSSL is used by approximately 66% of all active websites on the Internet, many experts have called Heartbleed one of the worst security bugs in the history of the Internet.

  • HIDS/NIDS (host intrusion detection systems and network intrusion detection systems)

    Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of security management for computers and networks... (Continued)

  • hijacking

    Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades as one of them.

  • HIPAA business associate

    As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate is any organization or person working in association with or providing services to a covered entity who handles or discloses Personal Health Information (PHI) or Personal Health Records (PHR).

  • homomorphic encryption

    Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.  Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption.

  • honey monkey

    A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system expressly set up to attract and "trap" people who attempt to penetrate other people's computers... (Continued)

  • honeynet

    A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close