Recently updated

Synonym for "data confidentiality".

Access control is the set of mechanisms and policies used to restrict access to resources and enforce authorization decisions.

A "one time password" is a simple authentication technique in which each password is used only once as authentication information that verifies an identity. This technique counters the threat of a replay attack that uses passwords captured by wiretapping.

Adversaries may insert, delete, or alter data in order to manipulate external outcomes or hide activity. By manipulating data, adversaries may attempt to affect a business process, organizational understanding, or decision making.

See: Common IP Security Option.

Synonym for "keying material".

The ANSI standard for a keyed hash function that is equivalent to DES cipher block chaining with IV = 0. [A9009]

A peer entity authentication method (employed by PPP and other protocols, e.g., RFC 3720) that uses a randomly generated challenge and requires a matching response that depends on a cryptographic hash of some combination of the challenge and a secret key. [R1994] (See: challenge response, PAP.)

Adversaries may execute their own malicious payloads by hijacking the way an operating system runs applications. Hijacking execution flow can be for the purposes of persistence since this hijacked execution may reoccur at later points in time.

Information in a specific representation, usually as a sequence of symbols that have meaning.

A set of security services that cooperate with audit service to detect and react to indications of threat actions, including both inside and outside attacks. (See: indicator.)

A condition of a system resource such that denial of access to, or lack of availability of, that resource would jeopardize a system user's ability to perform a primary function or would result in other serious consequences, such as human injury or loss of life. (See: availability, precedence. Compare: sensitive.)

Adversaries may attempt to hide artifacts associated with their behaviors to evade detection. Mobile operating systems have features and developer APIs to hide various artifacts, such as an application’s launcher icon. These APIs have legitimate usages, such as hiding an icon to avoid application drawer clutter when an application does not have a usable interface. Adversaries may abuse these features and APIs to hide artifacts from the user to evade detection.

"Hidden functionality within an application program, which becomes activated when an undocumented, and often convoluted, set of commands and keystrokes is entered. Easter eggs are typically used to display the credits for the development team and [are] intended to be non threatening" [SP28], but Easter eggs have the potential to contain malicious code.

An attack that attempts to interfere with the reception of broadcast communications. (See: anti jam, denial of service. Compare: flooding.)

A management official who has been designated to have the formal authority to "accredit" an information system, i.e., to authorize the operation of, and the processing of sensitive data in, the system and to accept the residual risk associated with the system. (See: accreditation, residual risk.)

Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name, location, or appearance of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.

See: secondary definition under "obstruction".

Adversaries may leverage weaknesses to exploit internet facing software for initial access into an industrial network. Internet facing software may be user applications, underlying networking implementations, an assets operating system, weak defenses, etc. Targets of this technique may be intentionally exposed for the purpose of remote management and visibility.

Continuous protection of data that flows between two points in a network, effected by encrypting data when it leaves its source, keeping it encrypted while it passes through any intermediate computers (such as routers), and decrypting it only when it arrives at the intended final destination. (See: wiretapping. Compare: link encryption.)

A technique for enhancing the effect of a cryptographic algorithm or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream. (See: CBC, CCM, CMAC, CFB, CTR, ECB, OFB.)

Adversaries may manipulate the I/O image of PLCs through various means to prevent them from functioning as expected. Methods of I/O image manipulation may include overriding the I/O table via direct memory manipulation or using the override function used for testing PLC programs. (Citation: Dr. Kelvin T. Erickson December 2010) During the scan cycle, a PLC reads the status of all inputs and stores them in an image table. (Citation: Nanjundaiah, Vaidyanath) The image table is the PLCs internal storage location where values of inputs/outputs for one scan are stored while it executes the user program. After the PLC has solved the entire logic program, it updates the output image table. The contents of this output image table are written to the corresponding output points in I/O Modules.

See: American Standard Code for Information Interchange.

A circumstance or event that may result in an authorized entity receiving false data and believing it to be true. (See: authentication.)

The functions that a CA may perform during the lifecycle of a digital certificate, including the following: Acquire and verify data items to bind into the certificate. Encode and sign the certificate. Store the certificate in a directory or repository. Renew, rekey, and update the certificate. Revoke the certificate and issue a CRL. (See: archive management, certificate management, key management, security architecture, token management.)

See: secondary definition under "attack". Compare: insider.

A rank on a hierarchical scale that judges the confidence someone can have that a TOE adequately fulfills stated security requirements. (See: assurance, certificate policy, EAL, TCSEC.)

Adversaries may cause a sustained or permanent loss of view where the ICS equipment will require local, hands on operator intervention; for instance, a restart or manual operation. By causing a sustained reporting or visibility loss, the adversary can effectively hide the present state of operations. This loss of view can occur without affecting the physical processes themselves. (Citation: Corero) (Citation: Michael J. Assante and Robert M. Lee) (Citation: Tyson Macaulay)

See: British Standard 7799.

A denial of service attack that sends an IP packet that (a) has the same address in both the Source Address and Destination Address fields and (b) contains a TCP SYN packet that has the same port number in both the Source Port and Destination Port fields.

The act or process by which a CA in one PKI issues a public key certificate to a CA in another PKI. [X509] (See: bridge CA.)

Synonym for "certificate validation" or "path validation".

The 1991 report [NRC91] of the System Security Study Committee, sponsored by the U.S. National Academy of Sciences and supported by the Defense Advanced Research Projects Agency of the U.S. DoD. It made many recommendations for industry and governments to improve computer security and trustworthiness. Some of the most important recommendations (e.g., establishing an

A property of an access protocol for a system resource whereby the resource is made equitably or impartially available to all eligible users. (RFC 3753)

Business conducted through paperless exchanges of information, using electronic data interchange, electronic funds transfer (EFT), electronic mail, computer bulletin boards, facsimile, and other paperless technologies.

An X.509 public key certificate in which the "subject" field contains the name of an institution or set (e.g., a business, government, school, labor union, club, ethnic group, nationality, system, or group of individuals playing the same role), rather than the name of an individual person or device. (Compare: persona certificate, role certificate.)

See: International Data Encryption Algorithm.

Adversaries may setup a rogue master to leverage control server functions to communicate with outstations. A rogue master can be used to send legitimate control messages to other control system devices, affecting processes in unintended ways. It may also be used to disrupt network communications by capturing and receiving the network traffic meant for the actual master. Impersonating a master may also allow an adversary to avoid detection.

See: intrusion detection system.

A user (usually a person) that accesses a system from a position that is inside the system's security perimeter. (Compare: authorized user, outsider, unauthorized user.)

Abbreviation of "internetwork".

See: policy approving authority.

Adversaries may make use of Domain Generation Algorithms (DGAs) to dynamically identify a destination domain for command and control traffic rather than relying on a list of static IP addresses or domains. This has the advantage of making it much harder for defenders to block, track, or take over the command and control channel, as there potentially could be thousands of domains that malware can check for instructions.(Citation: Cybereason Dissecting DGAs)(Citation: Cisco Umbrella DGA)(Citation: Unit 42 DGA Feb 2019)

A plan for emergency response, backup operations, and post disaster recovery in a system as part of a security program to ensure availability of critical system resources and facilitate continuity of operations in a crisis. [NCS04] (See: availability.)

An extended form of cost benefit analysis that considers factors beyond financial metrics, including security factors such as the requirement for security services, their technical and programmatic feasibility, their qualitative benefits, and associated risks. (See: risk analysis.)

Adversaries may steal data by exfiltrating it over an un encrypted network protocol other than that of the existing command and control channel. The data may also be sent to an alternate network location from the main command and control server.

A person, structure, facility, information, and records, information technology systems and resources, material, process, relationships, or reputation that has value.

Describes an information system that is trusted to contain, and maintain separation between, resources (particularly stored data) of different security levels. (Examples: BLACKER, CANEWARE, KSOS, Multics, SCOMP.)

A denial of service attack that sends a host more ICMP echo request ("ping") packets than the protocol implementation can handle. (See: flooding, smurf.)

A public key certificate issued by a CA in one PKI to a CA in another PKI. (See: cross certification.)