Recently updated

A branching, hierarchical data structure that represents a set of potential approaches to achieving an event in which system security is penetrated or compromised in a specified way. [Moor]

See: distribution point.

Assessment of an information system against defined security criteria (for example, against the TCSEC or against a profile based on the Common Criteria). (Compare: certification.)

Adversaries may use an existing, legitimate external Web service channel as a means for sending commands to and receiving output from a compromised system. Compromised systems may leverage popular websites and social media to host command and control (C2) instructions. Those infected systems can then send the output from those commands back over that Web service channel. The return traffic may occur in a variety of ways, depending on the Web service being utilized. For example, the return traffic may take the form of the compromised system posting a comment on a forum, issuing a pull request to development project, updating a document hosted on a Web service, or by sending a Tweet.

A digitally signed list, issued by a BCA, of the names of CAs for which CRLs need to be processed when verifying signatures in SET messages. [SET2]

See: International Traffic in Arms Regulations.

Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use.

"A method of achieving confidentiality in which sensitive information is hidden by embedding it in irrelevant data." [NCS04] (Compare: steganography.)

A value that (a) is computed by a function that is dependent on the contents of a data object and (b) is stored or transmitted together with the object, for detecting changes in the data. (See: cyclic redundancy check, data integrity service, error detection code, hash, keyed hash, parity bit, protected checksum.)

Synonym for "certification hierarchy".

A generic term for any system component that involves cryptography. (See: cryptographic module.)

An Internet, IPsec, key establishment protocol [R4306] for putting in place authenticated keying material (a) for use with ISAKMP and (b) for other security associations, such as in AH and ESP.

The intentional use (by authorized users) of system resources for other than authorized purposes. Example: An authorized system administrator creates an unauthorized account for a friend. (See: misuse detection.)

The CA that issues a cross certificate to another CA. [X509] (See: cross certification.)

Adversaries may use SSL Pinning to protect the C2 traffic from being intercepted and analyzed.

A methodology used to provide fail safe, fail secure or fail soft termination and recovery of system functions. [FP039]

Adversaries may mimic common operating system GUI components to prompt users for sensitive information with a seemingly legitimate prompt. The operating system and installed applications often have legitimate needs to prompt the user for sensitive information such as account credentials, bank account information, or Personally Identifiable Information (PII). Compared to traditional PCs, the constrained display size of mobile devices may impair the ability to provide users with contextual information, making users more susceptible to this technique’s use.(Citation: Felt PhishingOnMobileDevices)

Synonym for an input parameter of a cryptographic algorithm or other process. (See: key.)

An intermediate system (interface, relay) that attaches to two (or more) computer networks that have similar functions but dissimilar implementations and that enables either one way or two way communication between the networks. (See: bridge, firewall, guard, internetwork, proxy server, router, and subnetwork.)

Adversaries may establish persistence using system mechanisms that trigger execution based on specific events. Mobile operating systems have means to subscribe to events such as receiving an SMS message, device boot completion, or other device activities.

A joint ISO/ITU T standard [I7498 1] for a seven layer, architectural communication framework for interconnection of computers in networks. (See: OSIRM Security Architecture. Compare: Internet Protocol Suite.)

Physical security measures to protect against data compromise that could occur because of emanations that might be received and read by an unauthorized party. (See: emanation, TEMPEST.)

Management procedures and constraints to prevent unauthorized access to a system. (See: "third law" under "Courtney's laws", manager, operational security, procedural security, security architecture. Compare: technical security.)

A procedure or technique to ensure that information transfers within a system are not made from one security level to another security level, and especially not from a higher level to a lower level. [Denns] (See: covert channel, confinement property, information flow policy, simple security property.)

An adversary can leverage a device’s cameras to gather information by capturing video recordings. Images may also be captured, potentially in specified intervals, in lieu of video files.

"Three dimensional space surrounding equipment that process classified and/or sensitive information within which TEMPEST exploitation is not considered practical or where legal authority to identify and/or remove a potential TEMPEST exploitation exists." [C4009] (Compare: control zone, TEMPEST zone.)

Adversaries may download and execute dynamic code not included in the original application package after installation. This technique is primarily used to evade static analysis checks and pre publication scans in official app stores. In some cases, more advanced dynamic or behavioral analysis techniques could detect this behavior. However, in conjunction with Execution Guardrails techniques, detecting malicious code downloaded after installation could be difficult.

A joint initiative of NIST and NSA to enhance the quality of commercial products for information security and increase consumer confidence in those products through objective evaluation and testing methods.

See: Elliptic Curve Digital Signature Algorithm.

See: Deprecated Usage under "Handling Restrictions field".

See: Defense Information Infrastructure.

A cryptanalysis technique in which the analyst tries to determine the key from knowledge of some plaintext ciphertext pairs (although the analyst may also have other clues, such as knowing the cryptographic algorithm).

A U.S. Government designation for information that has not been given a security classification pursuant to the criteria of an Executive Order dealing with national security, but which may be withheld from the public because disclosure would cause a foreseeable harm to an interest protected by one of the exemptions stated in the Freedom of Information Act (Section 552 of title 5, United States Code). (See: security label, security marking. Compare: classified.)

A specific U.S. Government standard [FP113] for a checksum that is computed by the Data Authentication Algorithm. Usage: a.k.a. Message Authentication Code [A9009].) (See: DAC.)

The principle that a security architecture should minimize reliance on mechanisms that are shared by many users.

A cryptographic key that (a) is used to encrypt other keys (either DEKs or other TEKs) for transmission or storage but (b) (usually) is not used to encrypt application data. Usage: Sometimes called "key encryption key".

A standard [A9062] that is the analog, in elliptic curve cryptography, of the Digital Signature Algorithm.

A TCP based, Application Layer, Internet Standard protocol (RFC 959) for moving data files from one computer to another.

See: emanations security.

To convert plaintext to ciphertext by means of a cryptographic system.

See: secondary definition under "domain".

See: extension.

Operating a system as though it began operation in a secure state, even though it cannot be proven that such a state was established (i.e., even though a security compromise might have occurred at or before the time when operation began).

Old spelling for "cracker".

See: /IKE/ under "mode".

A computer network, especially one based on Internet technology, that an organization uses for its own internal (and usually private) purposes and that is closed to outsiders. (See: extranet, VPN.)

Adversaries may leverage remote services to move between assets and network segments. These services are often used to allow operators to interact with systems remotely within the network, some examples are RDP, SMB, SSH, and other similar mechanisms. (Citation: Blake Johnson, Dan Caban, Marina Krotofil, Dan Scali, Nathan Brubaker, Christopher Glyer December 2017) (Citation: Dragos December 2017) (Citation: Joe Slowik April 2019)

A communication facility or physical medium that can sustain data communications between multiple network nodes, in the protocol layer immediately below IP. (RFC 3753)

A methodology, language, and integrated set of software tools developed at SRI International for specifying, coding, and verifying software to produce correct and reliable programs. [Cheh]

An entity to whom or to which a card has been issued.