Get started

Bring yourself up to speed with our introductory content.

Data Security and Cloud Computing

  • biometric payment

    Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account. Continue Reading

  • Risk management: Implementation of baseline controls

    This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls. Continue Reading

  • Risk management references

    References for our Insider Threat Management Guide. Continue Reading

  • Risk management: Baseline management and control

    Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Threat Management Guide. Continue Reading

  • Information Security Governance Guide

    This guide provides an introduction to what information security governance and a security program are, and examines how to deploy security policies within any environment. Continue Reading

  • Definitions to Get Started

    View All Definitions

  • man in the browser

    Man in the browser refers to an emerging tactic used by hackers to commit financial fraud... (Continued)Continue Reading

  • Total Information Awareness (TIA)

    Total Information Awareness (TIA) is the name of a massive U.S. data mining project focused on scanning travel, financial and other data from public and private sources with the goal of detecting and preventing transnational threats to national ...Continue Reading

  • password synchronization

    Password synchronization is an authentication process that coordinates user passwords across various computers and computing devices so a user only has to remember a single password instead of multiple passwords for different machines or devices.Continue Reading

  • Wired Equivalent Privacy (WEP)

    Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is ...Continue Reading

  • Crash Course: Spyware

    In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge.Continue Reading

  • An introduction to Active Directory Federation Services

    Brien M. Posey discusses key features of Microsofts's Active Directory Federation Services and how it works.Continue Reading

  • SnortSnarf

    SnortSnarf is a program that was designed for use with Snort, a security program used mainly with Linux networks. SnortSnarf converts the data from Snort into Web pages. It was written in Perl by Jim Hoagland of Silicon Defense. Snort is an open ...Continue Reading

  • ping of death

    On the Internet, ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol.Continue Reading

  • brain fingerprinting

    Brain fingerprinting is a controversial technique that is advocated as a way to identify a terrorist or other dangerous person by measuring the "brainprint" of that person when shown a particular body of writing or an image that was previously ...Continue Reading

  • anonymous Web surfing (Web anonymizer, SafeWeb)

    Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.Continue Reading

  • threat modeling

    Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system...Continue Reading

  • ILOVEYOU virus

    The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more ...Continue Reading

  • ethical worm

    An ethical worm is a program that automates network-based distribution of security patches for known vulnerabilities.Continue Reading

  • The Business Model

    Continue Reading

  • block cipher

    A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.Continue Reading

  • policy server

    A policy server is a security component of a policy-based network that provides authorization services and facilitates tracking and control of files...Continue Reading

  • Introduction to COBIT for SOX compliance

    The Sarbanes-Oxley Act does not detail compliance requirements for IT, so many enterprises and auditors have adopted the standard COBIT, introduced here.Continue Reading

  • Carnivore

    Carnivore was an Internet surveillance system developed for the U.S. Federal Bureau of Investigation (FBI) so that they could monitor the electronic transmissions of criminal suspects. Critics, however, charged that Carnivore did not include ...Continue Reading

  • VLAN hopping (virtual local area network hopping)

    VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.Continue Reading

  • SOX Compliance for the Security Practitioner

    This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling SOX compliance, financial woes, internal controls, ...Continue Reading

  • Firewall Builder (Fwbuilder)

    Firewall Builder, also called Fwbuilder, is a vendor-neutral configuration and management application for firewalls that is intended primarily for Linux and that supports the OpenBSD Packet Filter, Cisco PIX Series security devices, iptables, and ...Continue Reading

  • Mytob

    Mytob is a worm used by hackers to gather personal and financial information by phishing, a form of e-mail fraud where the perpetrator sends out legitimate-looking messages that appear to come from well-known and trustworthy Web sites. Since Mytob ...Continue Reading

  • dictionary attack

    A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an ...Continue Reading

  • directory harvest attack (DHA)

    A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database.Continue Reading

  • key string

    A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network.Continue Reading

  • key chain

    A key chain is a series of keys that can be created to help ensure secure communication between routers in a network. Authentication occurs whenever neighboring routers exchange information. Plain text authentication sends a plain text key with each...Continue Reading

  • Extensible Authentication Protocol (EAP)

    The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet.Continue Reading

  • electro-optical fingerprint recognition

    Electro-optical fingerprint recognition is a biometric technology that provides for the scanning, comparison, and identification of fingerprints without the traditional need for ink and paper.Continue Reading

  • ridge

    In the biometric process of fingerscanning, a ridge is a curved line in a finger image.Continue Reading

  • minutiae

    In the biometric process of fingerscanning, minutiae are specific points in a finger image.Continue Reading

  • hybrid virus (multi-part or multipartite virus)

    A hybrid virus (sometimes called a multi-part or multipartite virus) is one that combines characteristics of more than one type to infect both program files and system sectors.Continue Reading

  • Web filter

    A Web filter is a program that can screen an incoming Web page to determine whether some or all of it should not be displayed to the user.Continue Reading

  • topsite

    A topsite is a stringently protected underground FTP server at the top of the distribution chain for pirated content, such as movies, music, games, and software.Continue Reading

  • chaffing and winnowing

    Chaffing and winnowing are dual components of a privacy-enhancement scheme that does not require encryption.Continue Reading

  • goat

    In biometric verification, a goat is a system end-user who is refused access to the system because their biometric data pattern is outside the range recognized by the system.Continue Reading

  • PUP (potentially unwanted program)

    A PUP (potentially unwanted program) is a program that may be unwanted, despite the possibility that users consented to download it.Continue Reading

  • crimeware

    Crimeware is programming that is designed to facilitate illegal online activity. The use of crimeware is primarily financially motivated.Continue Reading

  • Register of Known Spam Operations (ROKSO)

    The Register of Known Spam Operations (ROKSO) is a list of over 500 professional spammers that is maintained by the Spamhaus Project, an organization dedicated to identifying and exposing spam operators.Continue Reading

  • shoulder surfing

    Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.Continue Reading

  • dumpster diving

    Dumpster diving is looking for treasure in someone else's trash.Continue Reading

  • DSO exploit (data source object exploit)

    A data source object (DSO) exploit is a form of spyware that takes advantage of data binding to gain access to the hard drive of a computer connected to the Internet.Continue Reading

  • stealth virus

    In computer security, a stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.Continue Reading

  • Elk Cloner

    Elk Cloner was the first computer virus known to have spread in the wild.Continue Reading

  • cocooning

    Cocooning is the act of insulating or hiding oneself from the normal social environment, which may be perceived as distracting, unfriendly, dangerous, or otherwise unwelcome, at least for the present.Continue Reading

  • Quiz: Who Done IT? A Murder Mystery

    How to take the quiz: - After reading the question, click on the answer that you think is correctContinue Reading

  • P versus NP (polynomial versus nondeterministic polynomial)

    P versus NP (polynomial versus nondeterministic polynomial) refers to a theoretical question presented in 1971 by Leonid Levin and Stephen Cook, concerning mathematical problems that are easy to solve (P type) as opposed to problems that are ...Continue Reading

  • blended threat

    A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.  Continue Reading

  • Chameleon Card

    The Chameleon Card is a programmable card in development at Chameleon Network that can represent each of the owner's credit, debit, and customer cards as required, making it unnecessary to carry all of the aforementioned.Continue Reading

  • false acceptance (type II error)

    False acceptance, also called a type II error, is a mistake occasionally made by biometric security systems.Continue Reading

  • fingerscanning (fingerprint scanning)

    Fingerscanning, also called fingerprint scanning, is the process of electronically obtaining and storing human fingerprints.Continue Reading

  • false rejection (type I error)

    False rejection, also called a type I error, is a mistake occasionally made by biometric security systems.Continue Reading

  • Antigen

    Sybari's Antigen is antivirus software for Lotus Domino and Microsoft Exchange.Continue Reading

  • elliptical curve cryptography (ECC)

    Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.Continue Reading

  • security token (authentication token)

    A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service.Continue Reading

  • pseudonymous profile

    A pseudonymous profile is a collection of information about a particular computer user that identifies the user either by their computer's IP address or by a randomly-generated nickname.Continue Reading

  • trusted computing base (TCB)

    The trusted computing base (TCB) is everything in a computing system that provides a secure environment.Continue Reading

  • Klez

    Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.Continue Reading

  • deniable encryption

    Deniable encryption is a type of cryptography that allows an encrypted text to be decrypted in two or more ways, depending on which decryption key is used.Continue Reading

  • Nimda

    First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the Internet, spreading through four different methods, infecting computers containing Microsoft's Web server, Internet Information ...Continue Reading

  • network forensics

    Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.Continue Reading

  • Palladium

    Palladium is a plan from Intel, AMD, and Microsoft to build security into personal computers and servers at the microprocessor level.Continue Reading

  • CRAM (challenge-response authentication mechanism)

    CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).Continue Reading

  • Information Awareness Office (IAO)

    Created in response to the terrorist attack of September 11, 2001, the Information Awareness Office (IAO) is a branch of the United States Defense Advanced Research Agency (DARPA) that aims to gather massive amounts of intelligence through ...Continue Reading

  • cryptographic checksum

    A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.Continue Reading

  • lawful interception (LI)

    Lawful interception (LI) is the legally sanctioned official access to private communications, such as telephone calls or e-mail messages.Continue Reading

  • information signature

    To fight terrorism, the Information Awareness Office (IAO) of the U.S. Defense Advanced Research Projects Agency (DARPA) is planning to develop a system that uses a super database of recorded online transactions and analytical programming that will ...Continue Reading

  • whack-a-mole

    Whack-a-mole is the pursuit of a particular person known to have sent spam.Continue Reading

  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.Continue Reading

  • P3P (Platform for Privacy Preferences)

    P3P (Platform for Privacy Preferences) is a protocol that specifies a way to determine if a Web site's security policies meet a user's privacy requirements.Continue Reading

  • counterfeit detector pen

    A counterfeit detector pen is a felt tip pen containing an iodine solution that can be used to help identify computer-generated counterfeit bills.Continue Reading

  • voiceprint

    A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual.Continue Reading

  • inverse mapping

    Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept.Continue Reading

  • MPPE (Microsoft Point-to-Point Encryption)

    MPPE (Microsoft Point-to-Point Encryption) is a method of encrypting data transferred across Point-to-Point Protocol (PPP)-based dial-up connections or Point-to-Point Tunneling Protocol (PPTP) virtual private network (VPN) connections.Continue Reading

  • DomainKeys

    DomainKeys is an anti-spam software application in development at Yahoo that uses a form of public key cryptography to authenticate the sender's domain.Continue Reading

  • ultrasound

    Ultrasound is acoustic (sound) energy in the form of waves having a frequency above the human hearing range.Continue Reading

  • stealth

    In computing, stealth refers to an event, object, or file that evades methodical attempts to find it.Continue Reading

  • trigraph

    A trigraph is a three-character replacement for a special or nonstandard character in a text file.Continue Reading

  • link encryption (link level or link layer encryption)

    Link encryption (sometimes called link level or link layer encryption) is the data security process of encrypting information at the data link level as it is transmitted between two points within a network.Continue Reading

  • IT-ISAC (Information Technology Information Sharing and Analysis Center)

    IT-ISAC (Information Technology Information Sharing and Analysis Center) is a facility founded in January, 2001 by nineteen prominent IT industry companies (including Oracle, IBM, EDS, and Computer Sciences) to serve as a central repository for ...Continue Reading

  • bypass

    Bypass, in general, means either to go around something by an external route rather than going through it, or the means of accomplishing that feat.Continue Reading

  • voice ID (voice authentication)

    Voice ID (sometimes called voice authentication) is a type of user authentication that uses voiceprintbiometrics, voice ID relies on the fact that vocal characteristics, like fingerprints and the patterns of people's irises, are unique for each ...Continue Reading

  • Back Orifice

    Back Orifice is a rootkit program designed to expose the security deficiencies of Microsoft's Windows operating systems. The program's name is inspired by the name of Microsoft's BackOffice product. Created by a group of hackers called the Cult of...Continue Reading

  • walled garden

    On the Internet, a walled garden is an environment that controls the user's access to Web content and services.Continue Reading

  • Chernobyl virus

    The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.Continue Reading

  • in the wild

    According to noted computer virus expert Paul Ducklin, in order for a virus to be considered in the wild, "it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users.Continue Reading

  • cryptoperiod (key lifetime or a validity period)

    A cryptoperiod (sometimes called a key lifetime or a validity period) is a specific time span during which a cryptographic key setting remains in effect.Continue Reading

  • output feedback (OFB)

    In cryptography, output feedback (OFB) is a mode of operation for a block cipher.Continue Reading

  • MD4

    MD4 is an earlier version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a ...Continue Reading

  • MD2

    MD2 is an earlier, 8-bit version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a ...Continue Reading

  • decipher

    All three terms - decipher, decrypt, and decode - mean to convert ciphertext into the original, unencrypted plaintext.Continue Reading

  • server accelerator card (SSL card)

    A server accelerator card (also known as an SSL card) is a Peripheral Component Interconnect (PCI) card used to generate encryption keys for secure transactions on e-commerce Web sites.Continue Reading

  • Electronic Code Book (ECB)

    Electronic Code Book (ECB) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa.Continue Reading

  • bogie (bogey)

    The term bogie, also spelled bogey, refers to a false blip on a radar display.Continue Reading

  • crypto

    Depending on its usage, crypto can be a short form for cryptography or for encryption.Continue Reading

  • conditional access (CA)

    Conditional access (CA) is a technology used to control access to digital television (DTV) services to authorized users by encrypting the transmitted programming.Continue Reading

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close