Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

  • E

    extrusion prevention

    Extrusion prevention, also called exfiltration prevention, is the practice of stopping data leaks by filtering outbound network traffic and preventing unauthorized packets from moving outside the network. In contrast, extrusion detection simply alerts the existence of a problem that should be investigated.

  • F

    false acceptance (type II error)

    False acceptance, also called a type II error, is a mistake occasionally made by biometric security systems.

  • false rejection (type I error)

    False rejection, also called a type I error, is a mistake occasionally made by biometric security systems.

  • Federal Information Security Management Act (FISMA)

    The Federal Information Security Management Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information, operations and assets.

  • federated identity management

    Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group.

  • FERPA (Family Educational Rights and Privacy Act of 1974)

    FERPA (Family Educational Rights and Privacy Act of 1974) is legislation that protects the privacy of students' personally identifiable information (PII). The act applies to all educational institutions that receive federal funds.

  • FIDO (Fast Identity Online)

    FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a non-profit organization that seeks to standardize authentication at the client and protocol layers.

  • finger vein ID

    Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data...(continued)

  • fingernail storage

    Fingernail storage is a method of writing data onto a human fingernail using a pulsed laser. The fluorescence of the nail, when exposed to ultraviolet (UV) light, is increased at points where data is written. Data can be read from the fingernail using a microscope while irradiating the nail with UV energy.

  • fingerscanning (fingerprint scanning)

    Fingerscanning, also called fingerprint scanning, is the process of electronically obtaining and storing human fingerprints.

  • firewall

    A firewall is software or firmware that prevents unauthorized access to a network.

  • Firewall Builder (Fwbuilder)

    Firewall Builder, also called Fwbuilder, is a vendor-neutral configuration and management application for firewalls that is intended primarily for Linux and that supports the OpenBSD Packet Filter, Cisco PIX Series security devices, iptables, and ipfilter.

  • footprinting

    In the study of DNA, footprinting is the method used to identify the nucleic acid sequence that binds with proteins.

  • Fortezza

    Fortezza, Italian for "fortress," is a family of security products trademarked by the US government's National Security Agency.

  • four-factor authentication (4FA)

    Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors.

  • fraud detection

    Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses. Fraud is a criminal act of deception done by unjustly claiming accomplishments or qualities for financial or personal gain.

  • FRCP Rule 41

    FRPC Rule 41 is the part of the United States Federal Rules of Criminal Procedure that covers the search and seizure of physical and digital evidence.

  • fuzz testing (fuzzing)

    Fuzz testing (fuzzing) is a technique used by ethical hackers to discover security loopholes in software, operating systems or networks by massive inputting of random data to the system in an attempt to make it crash.

  • G

    globbing

    Globbing is the process of expanding a non-specific file name containing a wildcard character into a set of specific file names that exist in storage on a computer, server, or network. A wildcard is a symbol that can stand for one or more characters. The most common wildcard symbols are the question mark (?) for a single character and the asterisk (*) for a contiguous string of characters.

  • goat

    In biometric verification, a goat is a system end-user who is refused access to the system because their biometric data pattern is outside the range recognized by the system.

  • Google Authenticator

    Google Authenticator is a security application used to verify user identities before granting access to websites and services. The application uses a two-step verification process involving two-factor authentication to make it less likely that an intruder can masquerade as an authorized user.

  • Google hacking (Google scanning or Engine hacking)

    Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet...

  • Google Play Protect

    Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.

  • Google Play services

    The Google Play services app runs in the background on Android devices and gives apps access to core functionalities such as authentication services; it should not be disabled.

  • Google Project Zero

    Google Project Zero is a security research unit within Google Inc.

  • government Trojan

    A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals by using a proven mechanism for capturing data covertly.

  • GPS jamming

    GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.

  • graphical password or graphical user authentication (GUA)

    A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI).

  • gray hat (or grey hat)

    Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.

  • greynet (or graynet)

    Greynet is a term for the use of unauthorized applications on a corporate network. A greynet application is a network-based program that corporate network users download and install without permission from their company's IT department.

  • grid authentication

    Grid authentication is a method of ensuring that an end user is who he claims to be by requiring him to enter values from specific cells in a grid whose content should be only accessible to him and the service provider. Because the grid consists of letters and numbers in rows and columns, the method is sometimes referred to as bingo card authentication.

  • H

    hacker

    A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.

  • hacktivism

    Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.

  • Hash-based Message Authentication Code (HMAC)

    Hash-based Message Authentication Code (HMAC) is a message authentication code that uses a cryptographic key in conjunction with a hash function.

  • HDCP (High-bandwidth Digital Content Protection)

    HDCP (High-bandwidth Digital Content Protection) is a specified method from Intel for protecting copyrighted digital entertainment content that uses the Digital Video Interface (DVI) by encrypting its transmission between the video source and the digital display (receiver).

  • Heartbleed

    Heartbleed is a vulnerability in some implementations of OpenSSL. Because OpenSSL is used by approximately 66% of all active websites on the Internet, many experts have called Heartbleed one of the worst security bugs in the history of the Internet.

  • HIDS/NIDS (host intrusion detection systems and network intrusion detection systems)

    Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of security management for computers and networks... (Continued)

  • hijacking

    Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades as one of them.

  • HIPAA business associate

    As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate is any organization or person working in association with or providing services to a covered entity who handles or discloses Personal Health Information (PHI) or Personal Health Records (PHR).

  • homomorphic encryption

    Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.  Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption.

  • honey monkey

    A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system expressly set up to attract and "trap" people who attempt to penetrate other people's computers... (Continued)

  • honeynet

    A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.

  • Honeynet Project

    The Honeynet Project is a non-profit volunteer organization dedicated to computer security research and information sharing.

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.

  • HSPD-7 (Homeland Security Presidential Directive No. 7)

    HSPD-7 (Homeland Security Presidential Directive No. 7) was a directive issued by U.S. President George W. Bush in December, 2003 that updated policies intended to protect the country from terrorist attacks. This directive superseded the earlier PDD-63 (Presidential Decision Directive No. 63) issued by President Clinton in May of 1998.

  • hybrid virus (multi-part or multipartite virus)

    A hybrid virus (sometimes called a multi-part or multipartite virus) is one that combines characteristics of more than one type to infect both program files and system sectors.

  • hybrid virus/worm

    A hybrid virus/worm is malicious code that combines characteristics of both those types of malware, typically featuring the virus' ability to alter program code with the worm's ability to reside in live memory and to propagate without any action on the part of the user.

  • I

    I-SPY Act -- Internet Spyware Prevention Act of 2005 (H.R. 744)

    The I-SPY Act, formally known as the Internet Spyware Prevention Act of 2005 (H.R. 744), is a bill in the U.S. Congress that would criminalize the unauthorized use of spyware, phishing, and other methods of using the Internet to obtain sensitive personal information without someone's knowledge and consent.

  • identity chaos (password chaos)

    Identity chaos (sometimes called password chaos) is a situation in which users have multiple identities and passwords across a variety of networks, applications, computers and/or computing devices.

  • identity governance

    Identity governance is the policy-based centralized orchestration of user identity management and access control.

  • identity management (ID management)

    Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with established identities.

  • identity provider

    An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of login credentials that will ensure the entity is who or what it says it is across multiple platforms, applications and networks. When a third-party website prompts end users to log in with their Google Account, for example, Google Sign-In is the identity provider.

  • identity theft

    Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.

  • IGP (Interior Gateway Protocol)

    An IGP (Interior Gateway Protocol) is a protocol for exchanging routing information between gateways (hosts with routers) within an autonomous network (for example, a system of corporate local area networks).

  • ILOVEYOU virus

    The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more seriously, the loss of every JPEG, MP3, and certain other files on the recipient's hard disk.

  • in the wild

    According to noted computer virus expert Paul Ducklin, in order for a virus to be considered in the wild, "it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users.

  • incident response

    Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident.

  • incident response plan (IRP)

    An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or corporate data security.

  • incident response team

    An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.

  • Indicators of Compromise (IOC)

    Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.

  • Information Awareness Office (IAO)

    Created in response to the terrorist attack of September 11, 2001, the Information Awareness Office (IAO) is a branch of the United States Defense Advanced Research Agency (DARPA) that aims to gather massive amounts of intelligence through electronic sources in order to help avert terrorist acts in the future.

  • information security (infosec)

    Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information.

  • information signature

    To fight terrorism, the Information Awareness Office (IAO) of the U.S. Defense Advanced Research Projects Agency (DARPA) is planning to develop a system that uses a super database of recorded online transactions and analytical programming that will identify what is referred to as the information signature of a terrorist or terrorist activity before harm can be done.

  • inherence factor

    The inherence factor, in a security context, is a category of user authentication credentials consisting of elements that are integral to the individual in question, in the form of biometric data.

  • inline network device

    An inline network device is one that receives packets and forwards them to their intended destination.

  • insecure deserialization

    Insecure deserialization is a vulnerability in which an untrusted or unknown data is used to either inflict a denial of service attack (DoS attack), execute code, bypass authentication or further abuse the logic behind an application.

  • insider threat

    Insider threat is a category of risk posed by humans who have access to an organization's physical or digital assets. Such threats are usually attributed to employees or former employees, but may also arise from third parties, including contractors, temporary workers or customers.

  • integrated risk management (IRM)

    Integrated risk management (IRM) is a set of proactive, business-wide practices that contribute to an organization's security, risk tolerance profile, and strategic decisions.

  • integrated threat management

    Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels... (Continued)

  • intelligence community

    The term intelligence community refers to government and other public agencies as well as private agencies that gather, assemble, and report information that pertains to world or national security.

  • International Data Encryption Algorithm (IDEA)

    IDEA (International Data Encryption Algorithm) is an encryption algorithm developed at ETH in Zurich, Switzerland.

  • International Information Systems Security Certification Consortium (ISC)2

    The International Information Systems Security Certification Consortium -- (ISC)2 -- is a non-profit organization that provides security training and certificates.

  • Internet Key Exchange (IKE)

    The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.

  • intrusion detection system (IDS)

    An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.

  • intrusion prevention system (IPS)

    An intrusion prevention system (IPS) is a network security and threat prevention tool.

  • inverse mapping

    Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept.

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.

  • IPsec (Internet Protocol Security)

    IPsec, also known as the Internet Protocol Security or IP Security protocol, defines the architecture for security services for IP network traffic.

  • ISSA (Information Systems Security Association)

    The Information Systems Security Association, commonly known as ISSA, is an international, nonprofit organization for information security professionals.

  • IT-ISAC (Information Technology Information Sharing and Analysis Center)

    IT-ISAC (Information Technology Information Sharing and Analysis Center) is a facility founded in January, 2001 by nineteen prominent IT industry companies (including Oracle, IBM, EDS, and Computer Sciences) to serve as a central repository for security-related information.

  • What is identity and access management? Guide to IAM

    Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.

  • J

    JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)

  • Joe job

    A Joe job is an e-mail spoofing exploit in which someone sends out huge volumes of spam that appear to be from someone other than the actual source.

  • jolt

    On the Internet, jolt is a denial of service (DoS) attack caused by a very large ICMP packet that is fragmented in such a way that the targeted machine is unable to reassemble it for use.

  • journaling file system

    A journaling file system is a fault-resilient file system in which data integrity is ensured because updates to directories and bitmaps are constantly written to a serial log on disk before the original disk log is updated.

  • juice jacking

    Juice jacking is a security exploit in which an infected USB charging station is used to compromise connected devices. The exploit takes advantage of the fact that a mobile device’s power supply passes over the same USB cable the connected device uses to sync data.

  • K

    Kaptoxa

    Kaptoxa (pronounced kar-toe-sha) is a type of point-of-sale (POS) malware designed to compromise payment information systems.

  • Kerberos

    Kerberos is the authentication protocol used by most operating systems. Each time a Windows client logs into a corporate network, Kerberos is being used to authenticate access.

  • Kermit

    Kermit is a popular file transfer and management protocol and suite of communications software programs with advantages over existing Internet protocols such as File Transfer Protocol and Telnet.

  • key

    In cryptography, a key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text, or to decrypt encrypted text.

  • key chain

    A key chain is a series of keys that can be created to help ensure secure communication between routers in a network. Authentication occurs whenever neighboring routers exchange information. Plain text authentication sends a plain text key with each message, and plain text is vulnerable to snooping. Key chains allow a rotating series of keys to be used for limited periods of time to decrease the likelihood of a compromise.

  • key fob

    A key fob is a small, programmable hardware device that provides access to a physical object. Key fobs, are used to provide one-factor authentication for objects such as doors or automobiles. They are also used as an authentication factor for objects that require two-factor or multifactor authentication, such as laptops.

  • key string

    A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network.

  • keylogger (keystroke logger or system monitor)

    A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard.

  • keystroke dynamics

    Keystroke dynamics are the patterns of rhythm and timing created when a person types...(Continued)

  • Klez

    Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.

  • knowledge factor

    The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question.

  • knowledge-based authentication (KBA)

    In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.

  • Kraken

    Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Single bots infected with Kraken malware have been recorded sending up to 500,000 spam email messages in a day. (Continued...)

  • L

    lawful interception (LI)

    Lawful interception (LI) is the legally sanctioned official access to private communications, such as telephone calls or e-mail messages.

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close