Get started
Bring yourself up to speed with our introductory content.
Data Security and Cloud Computing
whack-a-mole
Whack-a-mole is the pursuit of a particular person known to have sent spam. Continue Reading
MICR (magnetic ink character recognition)
MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks. Continue Reading
P3P (Platform for Privacy Preferences)
P3P (Platform for Privacy Preferences) is a protocol that specifies a way to determine if a Web site's security policies meet a user's privacy requirements. Continue Reading
-
counterfeit detector pen
A counterfeit detector pen is a felt tip pen containing an iodine solution that can be used to help identify computer-generated counterfeit bills. Continue Reading
voiceprint
A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual. Continue Reading
inverse mapping
Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept.Continue Reading
MPPE (Microsoft Point-to-Point Encryption)
MPPE (Microsoft Point-to-Point Encryption) is a method of encrypting data transferred across Point-to-Point Protocol (PPP)-based dial-up connections or Point-to-Point Tunneling Protocol (PPTP) virtual private network (VPN) connections.Continue Reading
DomainKeys
DomainKeys is an anti-spam software application in development at Yahoo that uses a form of public key cryptography to authenticate the sender's domain.Continue Reading
ultrasound
Ultrasound is acoustic (sound) energy in the form of waves having a frequency above the human hearing range.Continue Reading
stealth
In computing, stealth refers to an event, object, or file that evades methodical attempts to find it.Continue Reading
-
trigraph
A trigraph is a three-character replacement for a special or nonstandard character in a text file.Continue Reading
link encryption (link level or link layer encryption)
Link encryption (sometimes called link level or link layer encryption) is the data security process of encrypting information at the data link level as it is transmitted between two points within a network.Continue Reading
IT-ISAC (Information Technology Information Sharing and Analysis Center)
IT-ISAC (Information Technology Information Sharing and Analysis Center) is a facility founded in January, 2001 by nineteen prominent IT industry companies (including Oracle, IBM, EDS, and Computer Sciences) to serve as a central repository for ...Continue Reading
bypass
Bypass, in general, means either to go around something by an external route rather than going through it, or the means of accomplishing that feat.Continue Reading
voice ID (voice authentication)
Voice ID (sometimes called voice authentication) is a type of user authentication that uses voiceprintbiometrics, voice ID relies on the fact that vocal characteristics, like fingerprints and the patterns of people's irises, are unique for each ...Continue Reading
Back Orifice
Back Orifice is a rootkit program designed to expose the security deficiencies of Microsoft's Windows operating systems. The program's name is inspired by the name of Microsoft's BackOffice product. Created by a group of hackers called the Cult of...Continue Reading
walled garden
On the Internet, a walled garden is an environment that controls the user's access to Web content and services.Continue Reading
Chernobyl virus
The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.Continue Reading
in the wild
According to noted computer virus expert Paul Ducklin, in order for a virus to be considered in the wild, "it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users.Continue Reading
cryptoperiod (key lifetime or a validity period)
A cryptoperiod (sometimes called a key lifetime or a validity period) is a specific time span during which a cryptographic key setting remains in effect.Continue Reading
output feedback (OFB)
In cryptography, output feedback (OFB) is a mode of operation for a block cipher.Continue Reading
MD2
MD2 is an earlier, 8-bit version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a ...Continue Reading
MD4
MD4 is an earlier version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a ...Continue Reading
decipher
All three terms - decipher, decrypt, and decode - mean to convert ciphertext into the original, unencrypted plaintext.Continue Reading
server accelerator card (SSL card)
A server accelerator card (also known as an SSL card) is a Peripheral Component Interconnect (PCI) card used to generate encryption keys for secure transactions on e-commerce Web sites.Continue Reading
Electronic Code Book (ECB)
Electronic Code Book (ECB) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa.Continue Reading
bogie (bogey)
The term bogie, also spelled bogey, refers to a false blip on a radar display.Continue Reading
crypto
Depending on its usage, crypto can be a short form for cryptography or for encryption.Continue Reading
conditional access (CA)
Conditional access (CA) is a technology used to control access to digital television (DTV) services to authorized users by encrypting the transmitted programming.Continue Reading
stream cipher
A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time.Continue Reading
ciphertext feedback (CFB)
Ciphertext feedback (CFB) is a mode of operation for a block cipher. In contrast to the cipher block chaining (CBC) mode, which encrypts a set number of bits of plaintext at a time, it is at times desirable to encrypt and transfer some plaintext ...Continue Reading
secret key algorithm (symmetric algorithm)
A secret key algorithm (sometimes called a symmetric algorithm) is a cryptographic algorithm that uses the same key to encrypt and decrypt data.Continue Reading
Automated Clearing House (ACH)
Automated Clearing House (ACH) is a secure payment transfer system that connects all U.S. financial institutions.Continue Reading
set
A set is a group or collection of objects or numbers, considered as an entity unto itself. SET is also an acronym for Secure Electronic Transaction.Continue Reading
Electronic Signatures in Global and National Commerce Act (e-signature bill)
The Electronic Signatures in Global and National Commerce Act (often referred to as the e-signature bill) specifies that in the United States, the use of a digital signature is as legally valid as a traditional signature written in ink on paper.Continue Reading
personal firewall (desktop firewall)
A personal firewall (sometimes called a desktop firewall) is a software application used to protect a single Internet-connected computer from intruders. Personal firewall protection is especially useful for users with "always-on" connections such as...Continue Reading
quantum cryptography
Quantum cryptography uses our current knowledge of physics to develop a cryptosystem that is not able to be defeated - that is, one that is completely secure against being compromised without knowledge of the sender or the receiver of the messages.Continue Reading
journaling file system
A journaling file system is a fault-resilient file system in which data integrity is ensured because updates to directories and bitmaps are constantly written to a serial log on disk before the original disk log is updated.Continue Reading
key
In cryptography, a key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text, or to decrypt encrypted text.Continue Reading
security identifier (SID)
In Windows NT and 2000 operating systems, the security identifier (SID) is a unique alphanumeric character string that identifies each operating system and each user in a network of NT/2000 systems.Continue Reading
executable
In computers, to execute a program is to run the program in the computer, and, by implication, to start it to run.Continue Reading
cryptology
Cryptology is the mathematics, such as number theory, and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.Continue Reading
access log
An access log is a list of all the requests for individual files that people have requested from a Web site.Continue Reading
session key
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.Continue Reading
globbing
Globbing is the process of expanding a non-specific file name containing a wildcard character into a set of specific file names that exist in storage on a computer, server, or network. A wildcard is a symbol that can stand for one or more characters...Continue Reading
stack smashing
Stack smashing is causing a stack in a computer application or operating system to overflow.Continue Reading
sudo (superuser do)
Sudo (superuser do) is a utility for UNIX- and Linux-based systems that provides an efficient way to give specific users permission to use specific system commands at the root (most powerful) level of the system. Sudo also logs all commands and ...Continue Reading
Bugbear
Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers. It is similar to an earlier virus, Klez, in terms of its invasion approach and rapid proliferation.Continue Reading
fingernail storage
Fingernail storage is a method of writing data onto a human fingernail using a pulsed laser. The fluorescence of the nail, when exposed to ultraviolet (UV) light, is increased at points where data is written. Data can be read from the fingernail ...Continue Reading
Learning guide: The five steps of baseline Bluetooth security
In this five step Learning Guide, you will learn the Bluetooth security basics, including how to protect against a Bluetooth hack or virus, how to disable Bluetooth and how to secure Bluetooth devices in the enterprise.Continue Reading
Blowfish
Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms.Continue Reading
Introduction to SNMPv3's security functionality
While SNMP is well established, inherent security gaps were only closed in the latest version of the network protocol, as explained here.Continue Reading
signature file
A signature file is a short text file you create for use as a standard appendage at the end of your e-mail notes or Usenet messages.Continue Reading
Content Scrambling System (CSS)
Content Scrambling System (CSS) is a data encryption and authentication method used to protect digital versatile disk (DVD) movies from being illegally copied, distributed, and viewed from other devices, such as computer hard drives.Continue Reading
one-time pad
In cryptography, a one-time pad is a system in which a private key generated randomly is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.Continue Reading
Melissa virus
Melissa is a fast-spreading macro virus that is distributed as an e-mail attachment that, when opened, disables a number of safeguards in Word 97 or Word 2000, and, if the user has the Microsoft Outlook e-mail program, causes the virus to be resent ...Continue Reading
vandal
A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user.Continue Reading
ROT-13
ROT-13 is the encrypting of a message by exchanging each of the letters on the first half of the alphabet with the corresponding letter in the second half of the alphabet (that is, swapping positions by 13 characters).Continue Reading
cable modem
A cable modem is a device that enables you to hook up your PC to a local cable TV line and receive data at about 1.5 Mbps.Continue Reading
virus hoax
A virus hoax is a false warning about a computer virus.Continue Reading
Kermit
Kermit is a popular file transfer and management protocol and suite of communications software programs with advantages over existing Internet protocols such as File Transfer Protocol and Telnet.Continue Reading
probe
In telecommunications generally, a probe is an action taken or an object used for the purpose of learning something about the state of the network.Continue Reading
jolt
On the Internet, jolt is a denial of service (DoS) attack caused by a very large ICMP packet that is fragmented in such a way that the targeted machine is unable to reassemble it for use.Continue Reading
International Data Encryption Algorithm (IDEA)
IDEA (International Data Encryption Algorithm) is an encryption algorithm developed at ETH in Zurich, Switzerland.Continue Reading
An introduction to SSH2
Learn about the differences between SSH1 and SSH2 and why you should consider upgrading.Continue Reading
Simplify with SIM: Evaluating security information management systems
Security information management tools are key to refining the deluge of raw data in an enterprise network into actionable intelligence. Expert Joel Snyder discusses.Continue Reading
Password security issues: How enterprise single sign-on can help
Learn how the U.S. Postal Service has reduced password security issues and improved productivity by leveraging enterprise single sign-on.Continue Reading
Honeynet security consoles and honeypot legal issues
Find out more about the honeypot legal issues in this excerpt from "Know your enemy: Learning about security threats."Continue Reading
Firewall and system logs: Using log file analysis for defense
Log analysis is the most under-appreciated, unsexy aspect of infosecurity, yet Marcus Ranum says it's one of the most important.Continue Reading
Four steps to ensure security deployment success
Security deployment will go smoother if enterprises step back, ask questions, involve everyone and lower expectations.Continue Reading
Improve security intelligence with security information sharing
Security information sharing with fellow security intelligence specialists can help enterprises learn about risks out and the methods that fight them.Continue Reading
Frank Abagnale preaches the dangers of hacking
A penitent Frank Abagnale Jr. shuns white-collar crime and fraud, and helps others understand how to guard against the dangers of hacking.Continue Reading
Opinion: It's time to teach the consequences of hacking
Hacking is becoming a national concern at the hands of high school students. Learn why it's time to teach kids about the dangers -- and consequences -- of hacking.Continue Reading
Do's and don'ts of building a forensics workstation
Elizabeth Genco explains the pros and cons of building a forensics workstation from scratch. Read now to learn what forensic tools are beneficial and which ones aren't.Continue Reading
Four computer forensics books worth investigating
Check out four computer forensics books that can help you learn the ins and outs of computer forensics technology and laws in place to manage cybercrime.Continue Reading
Information security professional: What's in a name?
Uncover the new faces of information security and explore how the industry is changing and adapting to a surge of high-tech, computer savvy information security professionals.Continue Reading
ISO 17799 implementation: Do your homework first
While ISO 17799 implementation aims to provide security best practices by outlining sets of expectations and processes for protecting data, it leaves many yearning for more.Continue Reading
Automate security with GUI shell and command line scripts
JP Vossen explains how Windows command line scripts and the GUI shell can be used to improve security.Continue Reading
Four steps to sound security vulnerability management
If you're bedeviled by swarms of alerts, you can take control by practicing good security vulnerability management with these four steps.Continue Reading
How network forensics analysis tools turn admins into detectives
Network traffic capture, sophisticated analysis and forensics capabilities make network forensics analysis tools useful in making security assumptions and allocating resources.Continue Reading
Introduction: How to strengthen authentication procedures
A discussion of strong authentication procedures.Continue Reading