INTERNET

SECURITY
DICTIONARY

Vir V. Phoha

SPRINGER
INTERNET
SECURITY
DICTIONARY
V I R V . P H O H A
 Vir V. Phoha
phoha@acm.org

LIBRARY OF CONGRESS CATALOGING-IN-PUBLICATION DATA

Phoha, Vir V.
Internet security dictionary / Vir V. Phoha.
p. cm.
Includes bibliographical references and index.
ISBN 0-387-95261-6 (sc : alk. paper)
1. Computer networksSecurity measuresDictionaries.
2. InternetSecurity measuresDictionaries. I. Titles.
TK5105.59 .P56 2002
005.803dc21 2001053056

Printed on acid-free paper.

2002 SPRINGER-VERLAG NEW YORK, INC.

All rights reserved. This work may not be translated or copied in

whole or in part without the written permission of the publisher
(Springer-Verlag New York, Inc., 175 Fifth Avenue, New York, NY
10010, USA), except for brief excerpts in connection with reviews or
scholarly analysis. Use in connection with any form of information
storage and retrieval, electronic adaptation, computer software, or by
similar or dissimilar methodology now known or hereafter developed
is forbidden.
The use in this publication of trade names,
trademarks, service marks, and similar terms, even if
they are not identified as such, is not to be taken as
an expression of opinion as to whether or not they are
subject to proprietary rights.

Text design by Steven Pisano.

Manufacturing supervised by Jerome Basma.
Typeset by Impressions Book and Journal Services, Inc., Madison, WI.
Printed and bound by Edwards Brothers, Inc., Ann Arbor, MI.
Printed in the United States of America.

9 8 7 6 5 4 3 2 1

ISBN 0-387-95261-6 SPIN 10796881

Springer-Verlag New York Berlin Heidelberg

A member of BertelsmannSpringer ScienceBusiness Media GmbH
This work is dedicated to my father

KRISHAN LAL PHOHA

for his example and encouragement,

which have put me on the

path of intellectual discovery, and

to my late mother

SHANTI RANI PHOHA

for her spiritual guidance.

 CONTENTS

Preface ix

Organization and Usage xiii

Advisory Board xv

I
INTERNET SECURITY TERMS 1

I
A P P E N D I X E S

A. Commonly Used Abbreviations and Acronyms 149

B. A Select Annotated List of Security-Related RFCs Sorted by RFC Number 165

C. List of Security Standards 193

D. List of Annotated Web Resources 205

I
Bibliography 223

Index 239

vii
 PREFACE

ecent years have seen an explosive growth of the Internet. When the

R Internet passed from government and academic realms to the public sec-
tor, it brought along a laissez-faire attitude about security. Its explosive
growth, flaws in its basic structure, its facilitation of instant access to infor-
mation repositories, and its widespread availability has made it increasingly
vulnerable. There have been many malicious attempts, or attacks to exploit this
vulnerability of the Internet from all over the world; the attacks on the Internet
have kept pace with the growth of the Internet.
The natural instinct of individuals, organizations, and nations to protect
themselves against attacks and operational intrusions or upsets in the flow of
information has spawned a high level of interest, research activity, and tech-
nological developments in the Internet security field. New security protocols,
and new countermeasures against attacks that break, slow, or inconvenience
users and organizations are evolving every day. These developments constantly
introduce new terms and concepts into the Internet security vocabulary. Al-
though nascent, the field has gained sufficient maturity that its vocabulary can
begin to be standardized for common use by professionals. This dictionary is
an effort to organize and define these terms precisely and coherently.

PURPOSE AND SCOPE

The purpose of this dictionary is to provide reliable definitions and descrip-
tions of Internet security terms in clear and precise English. Designed as a tool
to bring about a common understanding of technical terms to the lay user and
the professional, the dictionary will serve as an introduction to Internet security
for the nonprofessional user who is looking for the precise meaning(s) of a
specific term or for a cursory overview of the field. This dictionary should also
serve as a reference for the security professional who is an expert in a specialized

ix
Preface
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
area and who may need to refer to precise or commonly accepted meanings of
terms.
The terms collected in this dictionary are those used by researchers, design-
ers, developers, manufacturers, vendors, system administrators, and other users
of Internet security technology. These terms were taken primarily from the
technical literature, including journal articles and magazines, books, and Re-
quests for Comments (RFCs).
This dictionary covers eight main areas: (1) authentication, including
biometrics, encryption/public key infrastructure, digital signatures, time-
stamping, and certificate management; (2) encryption; (3) network-level se-
curity, including IP, IPsec, SHTTP, and SSL; (4) firewalls and remote man-
agement; (5) Internet security policies, risk analysis, integration across
platforms, management and auditing; (6) mobile code security, Java/Active
X/scripts, and mobile agent code; (7) virus protection and intrusion detec-
tion; and (8) security in Internet commerce. Since the TCP/IP protocol is
at the heart of Internet routing, this dictionary contains many terms related
to server processes, TCP/IP, and routing as well.

FEATURES
This dictionary addresses all major aspects of Internet security technology,
provides detailed definitions and illustrations where required for clarity, gives
cross-references for easy backtracking of terms, and lists each acronym as a
separate entry with a reference to the full term it identifies. The accompanying
CD-ROM version contains a searchable PDF version of the complete dictio-
nary. Viewing the PDF file requires that the Adobe Acrobat Reader be installed
on the computer. The Adobe Acrobat Reader can be downloaded free of cost
from the Adobe Web site, http://www.adobe.com.

REVIEW PROCESS
Security experts from around the world have been consulted in both the
content and the organization of the dictionary to ensure authoritative, compre-
hensive coverage. A distinguished board of experts drawn from academia, in-
dustry, and government has reviewed the selected list of terms for comprehen-
siveness, and the description of each term for accuracy and usefulness. This board
has been carefully chosen to represent eminent researchers and leaders in Internet
security, computer science, engineering applications, and a broad spectrum of
Internet users for specialized technology developments and everyday activity.
x
 Preface
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
I plan to keep the contents of the dictionary up-to-date. Please send sug-
gestions to include important new Internet security terms or comments for
improvement to phoha@acm.org.

ACKNOWLEDGMENTS
A work of this size requires help from many people. First and foremost, I
would like to thank the Technical Advisory Board of this dictionary, especially
the chair of the board, Shashi Phoha, for taking time out of a busy schedule
to support this work. I greatly appreciate her guidance and vision in critical
junctures of this project, in particular her help in assembling an outstanding
team of experts who resolved differences in interpretations of terms among
the board members.
I am thankful for extensive feedback and discussion with many of the board
members for making the definitions precise, clear, and useful. Any omissions
and errors are mine. Acting on all the suggestions was painful but it has made
this work better. Thank you every one, this work is where it is because of
your guidance and encouragement. I would like to thank Richard Brooks,
Sandi Brown, James Chase, and John Zachry for reviewing the text of the
dictionary.
I would like to thank Wayne Yuhasz, executive editor of computer and
information science, Springer-Verlag, who saw promise in my initial ideas and
had the vision and patience to help develop this work into its present form. I
would like to acknowledge his help in improving the structure, grammar, and
style of presentation in this work. He is a consistent source of inspiration, ideas,
and encouragement. I am fortunate to have his guidance, support, and feedback.
Thank you, Wayne. This work would not have been possible without your help.
I would like to thank Wayne Wheeler, assistant editor, for excellent coop-
eration, encouragement and for answering my questions promptly.
I would like to thank Steven Pisano, senior production editor, and his team
for promptly answering my questions, for the hardwork put into copyediting
the manuscript, and for production of the book. Thanks also go to Michael
Spano and his marketing team.
I would like to thank many of my students who helped me in this work.
Most noteworthy of these is Sunil Babu. His help in pointing me to research
material from various Web sites and his and Sujeet Bhattes, help in drawing
figures is very much appreciated. Vishnu Vardhan, Aruna Borra, Wen Tian,
and many others also helped in numerous ways.
xi
 ORGANIZATION
AND USAGE

ORGANIZATION OF THE DICTIONARY

We have tried to make the organization of this dictionary clear and self-
explanatory, but a few guidelines may help the reader. This dictionary contains
terms, arranged in a strict alphabetical word order, ignoring capital letters, hy-
phens, slashes, and other forms of punctuation in the sequencing. Numbers are
ordered before the letters; thus A1 comes before Ab. Each term is followed by
a description. The descriptive text is written in American English. If a term has
more than one meaning, each is indicated by a number in parentheses, the most
common meaning being shown first.
Each acronym is listed as a separate entry with a reference(s) to the full
term(s) it identifies. Entries or organizations referred to in the description that
relate only to the United States are followed in the text by (U.S.).
Some terms contain cross-references. If a cross-referenced term is defined
elsewhere in the dictionary, it is italicized. An example follows:

Term Beyond A1
Description Determines a level of trust defined by the DOD TRUSTED COMPUTER
SYSTEM EVALUATION CRITERIA (U.S.) to be beyond the state-of-the-
art technology. Includes all the A1-level features plus additional
ones not required at the A1-level. See also the ORANGE BOOK.

Some terms in the dictionary cross-refer to other terms and parts of the
dictionary. A description of the terminology used for cross-references follows.
See also refers to another entry with a related or similar meaning, or to a term
that has additional information. Other cross-references point to figures, ap-
pendixes, and notes in the dictionary. Figures explain or add to the description

xiii
Organization and Usage
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
of a term and follow or are contained in the description of a term. Notes
contain additional information relevant to the term. Each Note follows the
entry for the term it treats. Many entries refer to the RFCs given in an appendix
or to citations in the Bibliography.
The following terminology explains the notation used to refer to figures and
notes:
See FIGURE A5 refers to the fifth figure in the section of words starting with
the letter A. If the figure is referred to from another term, then the name of
the term that contains the figure is enclosed in parentheses following the term:
See FIGURE C3 (TERM).
See NOTE refers to the note corresponding to the term given in the dictionary.
If the note is referred to from another term, then the name of the term that
contains the note is enclosed in parentheses following the term: See NOTE (HACKER).
An example follows.
bespoke A product or service that is custom made or tailored to individual needs.
Also called custom-designed software. See also COTS.
NOTE (1) Bespoke is pronounced bee-SPOHK and is more commonly used in the United
Kingdom. In the U.S. custom-made or custom-designed software is more common.
Traditionally bespoke is applied to custom-tailored clothing, but the usage has been extended
to information technology. Example usage: Dreamware software company offers bespoke
software. (2) Bespoke is a derivation from the word bespeak, which means ordering of goods;
this usage of bespeak can be traced back to 1583.

xiv

ELISA BERTINO (Italy)
Professor and Chair of Computer Science at
Dipartimento di Scienze dell Informazione,
University of Milan, Italy. Previously worked
in the Department of Computer and Infor-
mation Science of the University of Genova,
Italy, and the Italian National Research Coun-
cil in Pisa, Italy, as the Head of the Object-
Oriented Systems Group. Coauthored Object-
Oriented Database Systems: Concepts and Architecture
(Addison-Wesley International, 1993), Indexing
Techniques for Advanced Database Systems (Kluwer
Academic, 1997), Intelligent Database Systems
(Addison-Wesley International, 2001). Mem-
ber of the Advisory Board of IEEE Transactions
on Knowledge and Data Engineering and a member
of the editorial boards of several scientific jour-
nals, including ACM Transactions on Information
and System Security, IEEE Internet Computing, the
Very Large Database Systems (VLDB) Journal, the
Parallel and Distributed Database Journal, the Journal
of Computer Security, Data & Knowledge Engineering,
the International Journal of Information Technology,
and the International Journal of Cooperative Infor-
mation Systems, Science of Computer Programming.
Published over 200 research papers.
DOROTHY E. DENNING
Professor of Computer Science at George-
town University and Director of the George-
town Institute of Information Assurance,
Member of the Presidents Expert Council
Subcommittee on Encryption Policy. Served
as President of the International Association
ADVISORY BOARD
of Cryptological Research. Fellow of the
ACM. Author of Information Warfare and Security
(Addison-Wesley, 1999) and Cryptography and
Data Security (Addison-Wesley, 1982). Ph.D. in
Computer Science from Purdue University.
CSILLA FARKAS
Professor of the Department of Computer Sci-
ence and Engineering at University of South
Carolina. Her research includes database se-
curity, access control models, and security of
web-based applications. Previously worked at
George Mason University, VA, Hungarian Pe-
troleum and Gas Trust, Hungary, and River
Exploration Company, Hungary. Ph.D. in In-
formation Technology from George Mason
University.
ROBERT FILMAN
Computer Scientist at the Research Institute
for Advanced Computer Science of the NASA
Ames Research Center. Associate editor-in-
chief of IEEE Internet Computing and on the Ed-
itorial Board of the International Journal of Artificial
Intelligence Tools. Previously worked at Lockheed
Martin Missiles and Space, Intellicorp, and
Hewlett Packard Laboratories and on the fac-
ulty of Computer Science at Indiana Univer-
sity. Ph.D. (1979) from Stanford University.
DIETER GOLLMANN (UK)
Microsoft Research in Cambridge. Joined Mi-
crosoft Research in Cambridge in 1998 and is
a visiting professor with the Information Se-
curity Group at Royal Holloway. He has con-
xv
Advisory Board
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
tributed to national and European projects in puting of Complex Systems and Area Editor for
the areas of dependable communications and the Journal of Computer Science and Information.
computing. He is a member of the review Over 250 research publications.
board of a German focal research programme (DFG
STEPHEN KENT
SPP) on information security, and coeditor-in-chief
of the International Journal of Information Security to Chief Scientist, Information Security at BBN
be published by Springer-Verlag. He has served Networks. He has chaired the Privacy and Se-
on the program committees of the major Eu- curity Research Group of the Internet Re-
ropean conferences on computer security and search Task Force since its inception in 1985.
cryptography and of other international con- He is also the cochair of the Public Key In-
ferences in these areas. He has published nu- frastructure working group. He is the author
merous research papers on topics in cryptog- or coauthor of numerous publications on net-
raphy, information security, and mathematics, work security. S.M. and Ph.D. (MIT).
and is the author of a textbook Computer Security. JOHN MCLEAN
Dr.tech. (1984) from the University of Linz, Director of the Center for High Assurance
Austria. Computer Systems and Senior Scientist for In-
LI GONG formation Assurance at the Naval Research
Distinguished Engineer and Director of En- Laboratory. Adjunct Professor of Computer
gineering, Peer-to-Peer Networking, at Sun Science at the University of Maryland, the Na-
Microsystems, Inc. Suns Chief Java Security tional Cryptological School and Troisieme Cy-
Architect and Manager of the Java Soft Se- cle Romand dInformatique. Senior Research
curity and Networking Group during JDK Fellow of the University of Cambridge Centre
1.1 and 1.2 developments. He is the author for Communication Research and Chair and
of Inside Java 2 Platform Security (Addison- U.S. National Leader of the Technical Coop-
Wesley, 1999). Previously worked at the eration Program (TTCP) C4I Technical Panel
Stanford Research Institute as a research sci- on High Assurance Systems and Defensive In-
entist. Editorial board member of IEEE Internet formation Warfare. Associate editor of Distrib-
Computing. Associate editor of ACM Transactions uted Computing, Journal of Computer Security, and
on Information and System Security. Program chair ACM Transactions on Information and System Security.
of the IEEE Symposium on Security and Privacy, the Ph.D. in Philosophy in 1980 from the Uni-
ACM Conference on Computer and Communications versity of North Carolina at Chapel Hill.
Security, and the IEEE Computer Security Founda-
ALFRED MENEZES (Canada)
tions Workshop. Ph.D. from the University of
Professor, University of Waterloo and mem-
Cambridge.
ber of the managing board of the Centre for
S. SITHARAMA IYENGAR Applied Cryptographic Research. Previously
Professor and Chair of the Department of worked at Auburn University, Alabama. He
Computer Science at Louisiana State Univer- is on the editorial board of Designs, Codes, and
sity. Fellow of IEEE and Fellow of the Amer- Cryptography and an accreditation board mem-
ican Association of the Advancement of Sci- ber of Computer & Communications Security Re-
ence. Awarded the 1999 LSU-Prestigious views. His primary research interests are in el-
Distinguished Research Master Award and a liptic curve cryptography, key establishment
University Medal. Authored, coauthored, or protocols, practice-oriented provable security,
edited ten books, including one that was on and wireless security. He has published nu-
the bestseller list. Series editor of Neuro Com- merous research papers in cryptography, and

xvi

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
is coauthor of the Handbook of Applied Cryptog-
raphy and author of Elliptic Curve Public Key
Cryptosystems. Ph.D. (1992) University of Wa-
terloo, Canada.
FLEMMING NIELSON
Professor at the Technical University of Den-
mark, previously guest professor at the Max
Planck Institute of Computer Science and As-
sociate Professor at the University of Aarhus.
Site leader for the project Secure and Safe Systems
based on Static Analysis funded by the European
Union. Author of several books and numer-
ous journal and conference articles. Ph.D.
from the University of Edinburgh (1984) and
a D.Sc. from the University of Aarhus (1990).
EIJI OKAMOTO
Professor at Department of Information Sci-
ence, Toho University, Japan. Previously
worked at University of Wisconsin, Texas
A & M University, Japan Advanced Institute
of Science and Technology, and Central Re-
search Laboratories, NEC Corporation. Ed-
itor or author of eight books on information
security. Editor-in-chief of International Journal of
Information Security, General Cochair of ISC2001
and many other conferences and symposia in
information security. Ph.D. (1978) Tokyo In-
stitute of Technology.
SHASHI PHOHA
Chair of the Technical Advisory Board. Direc-
tor of Information Science and Technology
Division at the Applied Research Laboratory
and Professor of Electrical and Computer
Engineering, Pennsylvania State University.
Founder and Director of a University/Industry
consortium for establishing a National Infor-
mation Infrastructure Interoperability Testbed,
funded by DARPA. Member of the Board of
Directors of the International Consortium
CERES Global Knowledge Network, along
with representatives of thirteen other interna-
tional universities. On the Board of Directors
Advisory Board
...
...
...
of Autonomous Undersea Vehicle Technology
Consortium for International Cooperation Be-
tween Research, Technology, Industry and Ap-
plications. Panelist on the National Informa-
tion Infrastructure Standards Panel (ANSI).
(Denmark)
Author of over 150 scholarly articles and book
chapters. M.S. (1973) Cornell University,
Ph.D. (1976) Michigan State University.
ASOK RAY
Professor of Mechanical Engineering, Pennsyl-
vania State University. Previously worked at
Carnegie Mellon University, Massachusetts In-
stitute of Technology, GTE Strategic Systems,
the Charles Stark Draper Laboratory, and
MITRE. Fellow of ASME. Editor of IEEE
Transactions on Aerospace and Electronic Systems and
(Japan)
Associate editor of IEEE Transactions on Control
Systems Technology. Author of a Springer-Verlag
book, Intelligent Seam Tracking for Robotic Welding
(1993), and over 350 research publications.
JEFFREY SCHILLER
Network Manager at Massachusetts Institute
of Technology (MIT). He is a coauthor of
Kerberos cryptographic authentication system,
which is widely used in secure operating en-
vironments. He served as the manager and
principal designer of the MIT campus com-
puter network since its inception in 1984. He
is an area director for security on the Internet
Engineering Steering Group (IESG) and over-
sees security-related working groups of the In-
ternet Engineering Task Force (IETF). He is
also a founding member of the Internet Pri-
vacy Coalition.
JOHN YESBERG (Australia)
Senior Research Scientist at Australias De-
fence Science and Technology Organization,
specializing in high-assurance information se-
curity systems. Also a visiting scholar at the
University of Queenslands Software Verifi-
cation Research Centre. Ph.D. from Univer-
sity of Queensland, Australia.
xvii
 INTERNET
SECURITY
TERMS

........................................................................................................

x
 A
j
...
... B3: SECURITY DOMAINS. Additional require-
A1 The NATIONAL COMPUTER SECURITY CEN- ...
... ments involve the absence of bugs in the
TER (NCSC) of the U.S. Department of De- ...
... operating system that would allow the cir-
fense has published TRUSTED COMPUTER SYSTEM ...
... cumvention of MANDATORY ACCESS
EVALUATION CRITERIA (DoD 5200.28-STD, ...
... CONTROLS. A1: VERIFIED DESIGN has the
also referred to as the ORANGE BOOK. The ...
... highest level of trust defined in the OR-
ORANGE BOOK defines a series of security ...
... ANGE BOOK and contains formal proce-
ratings such as A1, B2, B3, C1, C2, and D. ...
... dures for the analysis of the systems de-
Here is a brief explanation of the ratings: ...
D: MINIMAL PROTECTION. This rating is given ... sign and rigorous controls on its
...
to systems that do not qualify for higher ... implementation.
...
...
ratings. C1: DISCRETIONARY SECURITY PROTEC- ... A5 A GSM standard for digital cellular
...
TION. Requirements correspond roughly to ...
... mobile telephones. A5 is a stream cipher
those expected from a classical time- ... with 64-bit keys that is used to ENCRYPT a
...
sharing system. C2: CONTROLLED ACCESS PRO- ... link from the telephone to the base station.
...
TECTION. Additional requirements for C2 ...
... See also GSM.
are access control at a per user granularity, ...
... Abstract Syntax Notation 1 An ISO
clearing of allocated memory, and auditing. ...
B1: LABELED SECURITY PROTECTION. Additional ... standard for data representation and data
...
requirements over C2 are security labels. ... structure definitions. More details of AB-
...
B2: STRUCTURED PROTECTION. Additional re- ... STRACT SYNTAX NOTATION 1 (ASN.1) may be
...
quirements of B2 over B1 include a trusted ... obtained from http://www.asn1.org/.
...
path to the user, notification of security- ...
... access The opportunity to make use of a
level changes to the user when a process ...
... resource such as a database, a program, or
started by the user changes its security ...
... a module; a part of memory; or any infor-
level. The OS should be structured so that ...
... mation system (IS) resource.
only a minimal portion of it is security ...
...
sensitive. COVERT CHANNELS must be identi- ...
... access control Governs direct access to
...
fied and their bandwidth estimated. ... information resources according to security
.

3
access control list
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
requirements. Access control consists of ... access period A segment of time, gen-
..
(1) high-level access policies and rules that ..... erally expressed in days or weeks, during
.
define permitted access and (2) control pro- ..... which access rights prevail.
...
cedures (security mechanisms) implement- ...
... access profile Associates each user with
ing these policies. ...
... a list of protected objects the user may ac-
...
access control list (1) A data structure ... cess.
...
associated with a resource (object) that ...
. access type The type of action [opera-
specifies the users (subjects) and their rights ..... tion] that is permitted on an object. Read,
...
on this resource. ACCESS CONTROL LIST (ACL) ...
... write, execute, append, modify, delete, and
is different from a CAPABILITY. (2) In an ...
... create are examples of access types.
object-oriented system, an ACL describes ...
...
how other objects can relate to its objects, ... accessible space The area within which
...
whereas CAPABILITY describes how this object ... the user is aware of all persons entering
...
can relate to other objects. ... and leaving. This area denies the opportu-
...
... nity for concealed TEMPEST surveillance,
access control mechanism A security ...
... and delineates the closest point of poten-
safeguard that enforces security rules and ...
... tial TEMPEST intercept from a vehicle. See
policies to prevent unauthorized access to ...
... also INSPECTABLE SPACE.
system resources while permitting author- ...
... accountability The process allowing for
ized accesses. Requiring a user ID and ...
... the auditing of IS activities to be traced to
password to log on to a computer system ...
.
is an example of an ACCESS CONTROL MECHA- ..... a source that may then be held responsible.
...
NISM. ... accounting legend code The numeric
...
... code used to indicate the minimum ac-
access control set A synonym for AC- ....
CESS CONTROL LIST. .... counting controls required for items of
...
... accountable COMSEC MATERIAL within the
access level Used to label the sensitivity ...
.. COMSEC MATERIAL CONTROL SYSTEM.
of data and resources. Secrecy and integrity .....
... accounting number A number assigned
levels are combined to form a label (S, I), ...
... to an item of COMSEC MATERIAL to facili-
where S defines the sensitivity level and I ...
... tate its control.
the integrity level. For example, SeaView ...
...
Model uses access level to implement ... accreditation The formal declaration by
...
both BLP and Biba security models. The ... a DESIGNATED APPROVING AUTHORITY (DAA)
.
hierarchical portion of the security level is ..... that approval is given for an IS to be oper-
...
used to identify the sensitivity of IS data .... ated in a particular security mode using a
...
and the CLEARANCE or AUTHORIZATION of ... prescribed set of safeguards. ACCREDITATION
...
users. Access level, in conjunction with ... is given only when the DAA judges that the
...
the nonhierarchical categories, forms the ... associated level of risk is acceptable.
...
sensitivity label of an object. See also CATE- ...
... accreditation package A product com-
GORY. ...
... prising a SYSTEM SECURITY PLAN (SSP) and a
...
access list Refers to a compilation of ... report documenting the basis for the AC-
users, programs, or processes and the access ..... CREDITATION decision.
.
levels and types to which each is authorized. .....
.... accrediting authority Synonymous with
...
access mode 5 ACCESS TYPE. ... DESIGNATED APPROVING AUTHORITY (DAA).
..

4
 Address Resolution Protocol
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
accuracy A security principle that keeps .... A1, the host address 138.47.18.156 is
..
.
information from being modified or other- ... bitwise ANDed with the SUBNET MASK
wise corrupted, either maliciously or acci- ....
... 255.255.255.0 to get the SUBNET ADDRESS
dentally. ACCURACY protects against forgery ..... 138.47.18.0. Subnetting allows a single
....
or tampering. See also INTEGRITY. ... network address to be shared among multi-
...
... ple subnets, each of which may be a physi-
ACL 5 ACCESS CONTROL LIST. ...
... cally distinct network. The number of sub-
...
active Denotes something that requires ... nets depends upon the choice of ADDRESS
...
action on the part of the user as opposed ... MASK. All hosts on a subnet are configured
to no action (passive). The use of ACTIVE is ..... with a same mask. See also SUBNET MASK.
.
common in a security context, for example, .....
. administrative security The manage-
a security alarm that requires a user to turn .....
.... ment of rules and procedures that result
it on is an ACTIVE restraint, whereas an air- ...
... in the protection of a computer system
bag in a car is a PASSIVE restraint. ...
... and its data. Sometimes called PROCEDURAL
...
active attack A type of attack that in- ... SECURITY.
volves altering a systems status or content, .....
for example, changing the contents of a file ..... address resolution A means for map-
.
... ping a network layer address onto a media-
or adding additional files, in contrast to a ....
... specific address, for example, mapping an
PASSIVE ATTACK like browsing. ...
... IP address to an Ethernet or token ring
...
active threat A type of threat that in- ... address.
...
volves the alterationnot simply the in- ...
... Address Resolution Protocol The IN-
terceptionof information. For example: ...
... TERNET PROTOCOL used to dynamically map
an active tap is a type of wiretapping that ...
... INTERNET ADDRESS to physical address on lo-
accesses and COMPROMISES data, usually by ...
generating false messages or control signals, .....
.
or by altering communications between le- .....
....
gitimate users. The danger of an ACTIVE ...
...
THREAT is primarily the authenticity of the ... 32 bits
...
information being transmitted. Contrast ...
... Host Address
with PASSIVE THREAT. ... e.g., 138.47.18.156
...
...
add-on security Hardware, software, or ...
...
firmware mechanisms that can be incorpo- ... 24 bits 8 bits

rated into an already operational IS to pro- ..... 1111 . . . 111111 00 . . . 00

...
vide new security benefits. Synonyms in- ...
Subnet Mask: 255.255.255.0
...
clude retrofittable security and insertible ...
...
security. ... 24 bits 8 bits
...
...
address mask Also called NETMASK. A ... Network & Subnet Host Address
... Address Part Part
bit mask used to select bits from an IPv4 ... 138.47.18 156
...
Internet address for subnet addressing. The ... Network Address: 138.47.18.0
...
mask is 32 bits long and selects the net- ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
work portion of the Internet address and ... FIGURE A1. Use of an address mask to get a subnet
...
one or more bits of the local portion. ... address.
...
Sometimes called a SUBNET MASK. In Figure ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...

5
Advanced Encryption Standard
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ..
cal area networks. It is limited to networks ..... tion superiority center of excellence de-
...
that support hardware broadcast. ... voted to offensive and defensive counter-
...
... information and information operations.
NOTE : RFC 826 outlines the details to convert ...
... (It has existed under various names since
network protocol addresses to 48-bit Ethernet ad- ...
dresses for transmission on 10 Mbit E THERNET ... 1953; see note below.) It draws on the
...
hardware. Generalization of this protocol to hardware ... technical strength from the former Air
...
other than 10 Mbit E THERNET have also been ... Force Electronic Warfare Center, the Air
...
made. ... Force Cryptologic Support Centers Securi-
...
.. ties Directorate, and Air Force Intelligence
Advanced Encryption Standard A new ....
... Command. Its mission is to explore, ap-
U.S. government encryption standard that ...
.. ply, and migrate offensive and defensive in-
supercedes DES. The ADVANCED ENCRYPTION ..... formation warfare capabilities for opera-
...
STANDARD (AES) specifies the Rijndael algo- ... tions, acquisition and testing, and provide
.
rithm with key sizes of 128, 192, and 256 ..... advanced information warfare training for
...
bits and a block size of 128 bits. ... the Air Force. See http://www.aia.af.mil/
...
... common/homepages/pa/cyberspokesman/
Advanced Research Project Agency ...
... jan/atc3.htm.
Currently called DARPA. The U.S. govern- ...
.
ment agency that funded the ARPANET. See ..... NOTE : The AFWIC has had many name changes.
...
also DEFENSE ADVANCED RESEARCH PROJECTS ... In July 1953 AFIWC was first activated as the
...
AGENCY. ... 6901st Special Communication Center. In August 1
...
... 953 it was renamed the Air Force Special Commu-
adversary (1) A person or organization ...
. nication Center and in 1975 it was redesignated the
who is an opponent, competitor, or an en- ..... Air Force Electronic Warfare Center.
...
emy who may want to destroy or disable ...
...
an (your) IS and who must be denied AC- ... ALC 5 ACCOUNTING LEGEND CODE.
...
CESS to information. (2) Someone who is ...
... alert Generally refers to a notification
trying to thwart a security system. ...
... of a computer-based threat or an attack di-
...
advisory The assessment of significant ... rected at the IS of an organization.
...
new trends or developments regarding the ...
... alternative COMSEC custodian Person
threat to the IS of an organization. This ...
... or a group designated to perform the du-
assessment may include analytical insights ...
.. ties of the COMSEC CUSTODIAN during
into trends, intentions, technologies, or tac- .....
... his/her temporary absence.
tics of adversaries. Examples include CERT ...
...
advisories. See also CERT. ... American National Standards Institute
...
.. One of several U.S. organizations that de-
AES 5 ADVANCED ENCRYPTION STANDARD. ....
... velop standards including those for com-
...
AFIWC 5 AIR FORCE INFORMATION WAR- ... puter networking and security.
...
FARE CENTER. ...
... American Standard Code for Informa-
...
Air Force Information Warfare Center ... tion Interchange A mapping between
...
The U.S. AIR FORCE INFORMATION WARFARE ... text characters and binary numbers. See also
...
CENTER (AFIWC) was activated on Septem- ... EBCDIC.
...
ber 10, 1993, to meet the need created by ...
... NOTE : UNIX and DOS-based OPERATING
the growing importance of information ... SYSTEMS , except Windows NT, use the A MERI -
...
warfare. It was created to be an informa- ... CAN S TANDARD C ODE FOR I NFORMATION
...
.

6
 attack
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
I NTERCHANGE (ASCII) for text files. Windows ... file transfer, and remote terminal connec-
...
NT uses UNICODE. ... tion.
...
...
ankle-biter A person with limited ... application program interface A set
...
knowledge or expertise related to comput- ... of calling conventions defining how a ser-
...
ers or information sciences who wants to ... vice is invoked through a software package.
...
hack into systems, for example, those who ...
...
use programs downloaded from the INTER- ... ARP 5 ADDRESS RESOLUTION PROTOCOL.
...
NET to break into systems. Also known as ...
.... ARPA 5 ADVANCED RESEARCH PROJECT
SCRIPT KIDDIE.
.... AGENCY.
...
anomaly detection model A model of ...
... ARPANET A packet-switched NETWORK
intrusion detection characterized by recog- .....
. developed in the early 1970s that was the
nizing deviations from the normal behavior .....
. primary demonstration of networking com-
(anomalous) of a process or a network. Ex- .....
. puter systems. ARPANET was decommis-
amples of anomalies include slow response .....
despite light system load, frequent ACCESS .... sioned in June 1990. The present INTERNET
... evolved from ARPANET.
to specific files, and unusual combinations ...
...
of system calls. ...
... ASCII 5 AMERICAN STANDARD CODE FOR
...
... INFORMATION INTERCHANGE.
anonymous electronic cash Electronic ...
...
cash that does not leave a trail to the per- ... ASN.1 5 ABSTRACT SYNTAX NOTATION 1.
...
son who spent it. ...
... assurance 5 INFORMATION ASSURANCE.
...
ANSI 5 AMERICAN NATIONAL STANDARDS ...
... asymmetric cryptography A CRYPTO-
INSTITUTE. ...
... GRAPHIC system where ENCRYPTION and DE-
...
antijam Measures to ensure communica- ... CRYPTION are performed using different
.
tions despite deliberate attempts to jam the ..... keys. These schemes use two mathemati-
...
transmitted information. ... cally related keys. The DECRYPTION key is
...
... hard to determine from the encryption key.
antispoof Measures and techniques to ...
... An ENCRYPTION key, or PUBLIC KEY, is made
prevent an opponent masquerading as a ...
... known, but the decryption key, or private
different identity or machine. ...
... key, is kept secret. Encryption and decryp-
...
API 5 APPLICATION PROGRAM INTERFACE. ... tion are two mathematical functions that
...
... are inverses of each other. Also called PUB-
applet A small application that is a ...
... LIC KEY CRYPTOGRAPHY. See Figure A2. See also
Java program that runs on a browser. The ...
... SECRET KEY CRYPTOGRAPHY.
Java model imposes certain security restric- .....
.
tions on applets, including inability to read ..... Athena A project conducted at the Mas-
...
or write to the local file system and to ... sachusetts Institute of Technology that de-
...
open network connections to any system ... veloped a number of interesting technolo-
...
other than the host from which the APPLET ... gies, including the KERBEROS cryptographic
...
was downloaded. ... authentication system.
...
...
application layer The topmost layer in ... attack An unauthorized intentional act
...
the TCP/IP model, providing application ... on a computer, a NETWORK, or an IS with
...
protocols for services like electronic mail, ... malicious intent.
...

7
attention character
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Asymmetric Asymmetric
Plaintext Key Ciphertext Key Plaintext
Algorithm Algorithm
(Encryption) (Decryption)

Public Key Private Key

mathematically related

.................................................... ...
...
FIGURE A2. Asymmetric key encryption. ... authentication header A field that pro-
...
.................................................... ... vides integrity and AUTHENTICATION checks
... in an INTERNET PROTOCOL packet format.
...
...
...
... authentication system The cryptosys-
...
attention character In TRUSTED COMPUT- ... tem or process used for AUTHENTICATION.
...
ING BASE (TCB) design, a character entered ...
... authenticator (1) Used to confirm the
from a terminal that tells the TCB that the ...
identity of a station, originator, or individ-
...
user wants a secure communications path ...
ual. It can be something the user has, e.g.,
...
from the terminal to some trusted code to ...
a smart card or DONGLE; something the user
...
provide a secure service for the user. ...
... knows, e.g., a password or challenge re-
...
audit To examine a record of events that ... sponse; or a physical characteristic of the
...
might have some security significance such ... user, e.g., fingerprint or a retina scan. (2) A
...
as when ACCESS to resources occurred. ... field in a message used to establish its
...
... source.
audit log 5 AUDIT TRAIL.
...
...
... authenticity A security principle that en-
...
audit record 5 AUDIT TRAIL. ... sures that a message is received in exactly
...
... the form in which it was sent. See also MES-
audit trail The chronological record of ...
... SAGE AUTHENTICATION CODE.
system activities, used to enable the recon- ...
...
struction and examination of the sequence ... authorization Permission to ACCESS a
...
of events and/or changes in an event. ... resource.
...
...
authenticate To determine that some- ... authorized vendor The manufacturer
...
thing is genuine. In the context of INTERNET ... of INFOSEC equipment authorized to pro-
...
security, to reliably determine the identity ... duce quantities in excess of contractual re-
...
of an individual or communicating party ... quirements for direct sale to eligible buy-
...
(peer entity authentication) or the source ... ers. Eligible buyers are typically U.S.
...
of a message (data origin authentication). ... government organizations or U.S. govern-
...
... ment contractors. See also AUTHORIZED VEN-
authentication The process of ...
... DOR PROGRAM.
reliably determining the identity of a ...
...
communicating party or the source of a ... Authorized Vendor Program Program
...
message. ... in which a vendor producing an INFOSEC
...
...
..

8
 availability
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

H1 H5

H2 R5 R3 H6

R1 R2
H3
R6 R4
H7
H4
H8

AS1 AS2
.................................................... ...
...
FIGURE A3. An example of a network with two au- ... automatic home agent discovery
...
tonomous systems, AS1 and AS2. ... Process by which a mobile node obtains
.................................................... ...
... the address of a home agent on its home
...
... NETWORK. This process requires the trans-
...
... mission of a registration request to the
product under contract to the NATIONAL SE- ...
... subnet broadcast address of its home
CURITY AGENCY (U.S.) is authorized to pro- ...
... NETWORK.
duce that product in numbers exceeding ...
...
the contracted requirements for direct mar- ...
... automatic remote rekeying A proce-
keting and sale to eligible buyers. Eligible ...
... dure to rekey a distant CRYPTO-EQUIPMENT
buyers are typically U.S. government orga- ...
... electronically without specific actions by
nizations or U.S. government contractors. ...
... the receiving terminal operator.
Products approved for marketing and sale ...
...
through the AUTHORIZED VENDOR PROGRAM ...
...
autonomous system Internet (TCP/IP)
are placed on the Endorsed Cryptographic ...
...
terminology for a collection of gateways
Products List. ...
...
(routers) that fall under one administrative
... entity and cooperate using a common Inte-
auto-manual system Programmable, ...
... rior Gateways Protocol. In Figure A3, R
hand-held CRYPTO-EQUIPMENT used to per- ...
... denotes a router, for example, R1 is router
form ENCODING and DECODING functions. ...
...
...
1, and H denotes a host, for example, H1
automated security monitoring The ...
...
denotes host 1.
use of automated procedures to ensure that ...
...
security controls are not circumvented. Also, ... availability Timely, reliable ACCESS to
...
the use of these tools to track actions taken ... data and information services for author-
...
by subjects suspected of misusing an IS. ... ized users.
...
..

9
 B
j
...
...
B1 5 A1. ... baseband Descriptive characteristic of
...
... any network technology that uses a single
B2 5 A1. ...
... carrier frequency and requires all stations
... attached to the NETWORK to participate in
B3 5 A1. ...
...
... every transmission. Contrast with BROAD-
backbone The primary mechanism con- ...
BAND.
...
necting a hierarchical distributed system. ...
...
All systems that are connected to an inter- ... bastion host A FIREWALL host, which acts
...
mediate system on the backbone are as- ... as an interface point to an external un-
...
sured of being connected to each other. ... trusted network. BASTION HOSTS are critical
...
This mechanism does not prevent systems ... to an organizations security. Because BAS-
...
from setting up private arrangements with ... TION HOSTS act as an interface point to
...
each other to bypass the backbone for rea- ... the outside world, they are often subject to
...
sons of cost, performance, or security. ... INTRUSION.
...
...
back door Synonymous with TRAP DOOR. ...
... BellLaPadula security model An AC-
... CESS CONTROL model that aims to protect
background authentication AUTHENTI- ...
... information CONFIDENTIALITY. ACCESS CON-
CATION that takes place automatically in ...
... TROL rules (axioms) are expressed in terms
the background when a user requests a ...
... of information (object) CLASSIFICATION,
service. The user does not have to do any- ...
... called data sensitivity, and subject authori-
thing explicitly to obtain AUTHENTICATION. ...
... zations, called subject clearance. Informa-
...
backup Copies of files, data, and pro- ... tion is allowed to flow from low security
...
grams made to facilitate recovery from fail- ... level to high security level but not in the
...
ures of primary system. ... opposite direction. See also STAR (*) PROPERTY
...
... and SIMPLE SECURITY PROPERTY.
...
banner Display on a computer screen, ...
...
printout, or an IS that shows parameters ... benign data Condition of CRYPTOGRAPHIC
...
for system or data use. ... data that cannot be COMPROMISED by human
.

11
benign environment
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
ACCESS. Data that, because it has been en- ... dress with a machine name, (2) association
...
crypted, is no longer sensitive, and cannot ... expressed in a CERTIFICATE between a public
...
be COMPROMISED by eavesdropping. It may ... key and an identity. Binding also refers to
...
also be data that does not contain any vi- ... a process of associating a specific commu-
...
ruses or other malicious code. ... nications terminal with a specific CRYPTO-
...
... GRAPHIC key or associating two related ele-
benign environment An environment ...
... ments of information.
that is not hostile and may be protected ...
...
from external hostile elements by physical, ...
... biometric device A device that AUTHENTI-
personnel, and procedural security COUN- ...
... CATES people using BIOMETRICS.
TERMEASURES. ...
...
... biometrics (1) IDENTIFICATION or AUTHENTI-
bespoke A product or service that is ....
custom made or tailored to individual .... CATION mechanisms that rely on the mea-
...
needs. Also called custom-designed soft- ... surement of an anatomical, physiological,
...
ware. See also COTS. ... or behavioral characteristic of the user,
...
... rather than knowledge or possession of in-
NOTE : (1) B ESPOKE is pronounced bee-SPOHK ...
... formation or a key. (2) Method by which
and is more commonly used in the United Kingdom. ...
... a personal characteristic such as a finger-
In the U S. custom-made or custom-designed software ...
... print, iris print, voiceprint, or face print is
is more common. Traditionally bespoke is applied to ...
... used to confirm the users identity.
custom-tailored clothing, but the usage has been ex- ...
tended to information technology. Example usage: ...
... Black (1) Refers to information that is
Dreamware software company offers BESPOKE soft- ...
... not sensitive, or no longer sensitive because
ware. (2) B ESPOKE is a derivation from the word ...
... it has been encrypted. (2) Designates areas
bespeak, which means ordering of goods; this usage of ...
... or systems where national security informa-
bespeak can be traced back to 1583. ...
... tion is not processed. For example, infor-
...
beyond A1 Indicates a level of trust de- ... mation systems and associated areas, cir-
...
fined by the DOD TRUSTED COMPUTER SYSTEM ... cuits, components, and equipment in which
.
EVALUATION CRITERIA beyond the state-of-the- ....
.... national security information is not pro-
art technology. Includes all the A1-level ... cessed. See also RED.
...
features plus additional ones not required ...
...
at the A1 level. See also A1 and the ORANGE ... block encryption Scrambling, in a re-
...
BOOK. ... versible manner, a fixed-size block of PLAIN-
...
... TEXT to generate a fixed-size block of CIPHER-
Biba model An ACCESS CONTROL model ...
... TEXT. If the total PLAINTEXT exceeds the block
that aims to protect integrity of informa- ...
tion resources against unauthorized modifi- ..... size, it is first broken into blocks. If the
... size of total PLAINTEXT or the remainder of
cations. ACCESS rights are described in ...
... the PLAINTEXT after division into blocks is
terms of integrity levels of subjects (pro- ...
... less than the block size, it must be padded.
cesses acting in behalf of the users) and ...
...
objects (information resources). Informa- ...
... boot sector virus A virus that overrides
tion is allowed to flow from high integrity ...
.... the boot sector, therefore making it appear
object to low integrity object but not in ...
... as if there is no pointer to the operating
the opposite direction. ...
... system. The usual message that appears at
...
binding Used in many senses; two of the ... power up is Missing Operating System
most common are (1) associating an IP ad- ..... or Hard Disk Not Found.
...

12
 buffer overflow
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
bot A short form of robot, it refers to .... several networks to coexist on a single ca-
..
.
a program that performs some services for ... ble. This action is usually done using fre-
.
a user. Two examples of a bot are (1) shop- ..... quency division multiplexing (FDM).
....
bots that search the Web on behalf of a ... Traffic from one network does not inter-
...
user to find products, best price for a ... fere with traffic from another, since the
...
product, etc., (2) chatterbots that simulate ... communication happens on different fre-
...
talk with human beings. ... quencies in the medium, a setup that re-
On the Web, a first part of a search en- ..... sembles the commercial radio system.
.
gine, usually called a spider or crawler, that .....
automatically searches the Web to find .... broadcast (1) A packet delivery system
...
pages and updates its database of informa- ..... in which a copy of a given packet is sent
tion about old Web sites. .... to all hosts attached to the network. (2) A
...
... transmission that does not address an indi-
...
boundary (1) A boundary is the border ... vidual recipient specifically.
...
that distinguishes a system from its envi- ...
ronment. (2) A physical, software, or hard- ..... browsing (1) Searching or looking
... through web sites. (2) An act of searching
ware barrier that limits ACCESS to a system ....
... through IS storage to locate or acquire in-
or part of a system. ...
... formation, without necessarily knowing the
...
bridge A node connected to two or more ... existence or format of the information be-
(administratively indistinguishable but phys- ..... ing sought.
....
ically distinct) subnets that automatically ...
... BSD Berkeley Software Distribution.
forwards DATAGRAMS when necessary but ...
... Term used in describing different versions
whose existence is not known to other ...
... of the Berkeley variety of the UNIX operat-
hosts. See Figure B1. Bridges can usually be ...
... ing system, as in 4.3 BSD UNIX.
made to filter packets, that is, to forward ...
...
only certain traffic. See also REPEATER, ROUTER. ... bucket brigade attack An ATTACK that
...
... is inserted between two legitimate users, re-
broadband Descriptive of a network ...
that multiplexes multiple, independent net- ..... laying their messages to each other, and
...
work carriers onto a single cable, allowing .... thereby SPOOFING each of them into think-
... ing they are talking directly to the other.
...
...
...
... buffer overflow A very common vul-
...
... nerability of programs and systems. BUFFER
Host 1 Host 1 ...
... OVERFLOW happens when input or interme-
...
... diate results exceed the buffer size. Delib-
Host 2 Bridge Host 2 ...
... erate inputs that result in BUFFER OVERFLOW
. . ...
. . ... may result in gaining root-level ACCESS to
...
. . ... system or in system crashes. Many pro-
...
Host n Host n ... gramming languages such as C and C
...
... do not check for the violation of array
...
LAN A LAN B ... boundaries into which information is being
...
.................................................... ... copied. For example, gets, strcat, and strcpy do
...
FIGURE B1. An example of a BRIDGE connecting ... not check the buffer length, so if the input
...
LAN A and LAN B. ... length is greater than the buffer length, a
...
.................................................... ... BUFFER OVERFLOW results.
..

13
bug
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
bug A flaw or an unintentional error in ... Problem [NL96]. It is a pessimistic model,
...
the functioning of a program, system, or ... allowing components (systems) to fail in
...
piece of hardware equipment. ... coordination in the least favorable way.
...
... This model allows components to fail in
...
bulk encryption ENCRYPTION of all chan- ... an arbitrary manner. Systems designed to
...
nels of a telecommunications link at the ... tolerate these faults are robust.
...
same time. This can also be achieved by ... BYZANTINE FAULT models are characterized
...
encrypting the output of a multiplexed ... by systems that can produce erroneous in-
...
communications over a link. ... puts for decisions (control) and are useful
...
... in designing systems that are fault tolerant
...
Byzantine fault A general system fault ... when some components may produce erro-
...
model inspired by the Byzantine Generals ... neous results.
...

14
 C
j
...
...
C1 5 A1. ... capability list A list associated with
...
... each subject that defines the system ob-
C2 5 A1. ...
... jects and the permissions of the subject
...
C2W 5 COMMAND AND CONTROL ... on these objects. In a capability-based sys-
... tem, ACCESS to protected objectssuch as
WARFARE. ...
...
... filesis granted if the subject possesses a
CA 5 CERTIFICATION AUTHORITY. ...
... capability for the object.
...
CAP 5 CONTROLLED ACCESS POINT. ...
... CAPI 5 CRYPTOGRAPHIC APPLICATION PRO-
...
call back A security mechanism of ... GRAMMING INTERFACE.
...
redial-in connections to a network whereby ...
... Capstone chip Microprocessor chip that
users call in, identify, request a connection, ...
... implements the ESCROWED ENCRYPTION STAN-
and hang up. The computer system then ...
... DARD (EES), a DIFFIEHELLMAN-based key ex-
calls the users back at their registered ...
... change algorithm, the DIGITAL SIGNATURE AL-
phone numbers, thus preventing ACCESS ...
... GORITHM (DSA), the SECURE HASH ALGORITHM
from attackers at other phone numbers. ...
... 1 (SHA-1), and a random number generator.
...
call sign cipher A CIPHER system used to ... See also CLIPPER CHIP.
...
ENCIPHER or DECIPHER call signs, address ...
... captive account An account on a time-
groups, and address-indicating groups. ...
... sharing system that is allowed to execute
...
canister A type of protective package ... only a specific program or a restricted set
...
used to contain and dispense keypunched ... of programs to control ACCESS to system
...
or printed tape forms. ... resources.
...
...
capability (1) A list associated with ... Carnivore An Internet surveillance tool
...
each subject that defines the system objects ... introduced by the U.S. Federal Bureau of
...
and the permissions of the subject on these ... Investigation to allow law enforcement
...
object. (2) An unforgeable token that gives ... agents to facilitate electronic surveillance in
...
the holder certain rights to an object. ... a packet-mode communications environ-
.

15
carrier sense multiple access with collision detect
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
ment. Its purpose is to intercept and col- ... BLOCK CHAINING. Since it is difficult to find
...
lect e-mail and other electronic communi- ... two messages with the same CBC RESIDUE
...
cations only when authorized by a court ... without knowing the key, CBC RESIDUE is
...
order. CARNIVORE has been renamed ... often used as an integrity-protecting CHECK-
...
DCS1000. ... SUM for a message.
...
...
NOTE : There has been a great deal of privacy con- ... CCEP 5 COMMERCIAL COMSEC
...
cern with regard to the use of C ARNIVORE , since it ... ENDORSEMENT PROGRAM.
...
may ACCESS and process a large amount of Internet ...
... CCI 5 CONTROLLED CRYPTOGRAPHIC ITEM.
traffic not targeted for surveillance through a court or- ...
der. Details of an independent technical review of ...
... CCI assembly A device embodying a
C ARNIVORE commissioned by the U.S. Department ...
... CRYPTOGRAPHIC LOGIC or other COMSEC de-
of Justice and conducted by IIT Research Institute can ...
... sign that NSA (U.S.) has approved as a
be found at http://www.usdoj.gov/jmd/publications/ ...
... CONTROLLED CRYPTOGRAPHIC ITEM (CCI). It per-
carniv_final.pdf. Sample documents about C ARNI - ...
... forms the entire COMSEC function, but de-
VORE released under the Freedom of Information Act ...
can be accessed through the Electronic Privacy Infor- ... pends upon the host equipment to operate.
...
mation Center (EPIC) Web site at http://www. ...
... CCI component Part of a CONTROLLED
epic.org/privacy/carnivore/foia_documents.html. ...
... CRYPTOGRAPHIC ITEM (CCI) that does not per-
...
carrier sense multiple access with .... form the entire COMSEC function but de-
collision detect A LAN technology for ....
.. pends upon the host equipment, or assem-
communications over a shared wire. Exam- ..... bly, to complete and operate the COMSEC
...
ples include 802.3 and Ethernet. ... function.
...
.
cascading (1) The downward flow of in- .... CCI equipment Equipment that embodies
..
formation through a range of security levels ..... a CONTROLLED CRYPTOGRAPHIC ITEM (CCI) com-
...
greater than the ACCREDITATION range of a ... ponent or CCI ASSEMBLY and performs the
.
system network or component. (2) Propaga- ..... entire COMSEC function without depen-
...
tion of controls along a path. For example, ... dence on the host equipment to operate.
.
cascading revoke follows the path of a grant .....
... CCITT 5 COMITE CONSULTATIF INTERNA-
command to revoke propagated privileges. ...
... TIONAL TELEPHONIQUE ET TELEGRAPHIQUE.
...
category A restrictive label applied to ....
limit ACCESS to CLASSIFIED or UNCLASSIFIED .... CDC 5 CERTIFICATE DISTRIBUTION CENTER.
...
information. ...
... CDSA 5 COMMON DATA SECURITY
...
catenet A network in which hosts are ... ARCHITECTURE.
..
connected to networks with varying charac- ..... Central Office of Record A federal of-
...
teristics, and the networks are intercon- ... fice that keeps records of accountable
...
nected by gateways (routers). The Internet ... COMSEC MATERIAL held by elements subject
...
is an example of a CATENET. ... to its oversight.
...
...
CAW 5 CERTIFICATION AUTHORITY ... CER 5 CRYPTOGRAPHIC EQUIPMENT ROOM.
...
WORKSTATION. ...
... CERT 5 COMPUTER EMERGENCY RESPONSE
...
CBC 5 CIPHER BLOCK CHAINING. ... TEAM.
...
...
CBC residue The last block of CIPHERTEXT ... certificate A data structure signed with a
...
when a message is encrypted using CIPHER ... PUBLIC KEY digital signature stating that a
...
.

16
 certification authority hierarchy
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
specified PUBLIC KEY belongs to someone or ...
...
something with a specified identification. .... Version
. Serial Number
See Figure C1. X.509 is a PUBLIC KEY distri- .....
.... Algorithm Identifier
bution standard. ...
... (Algorithm, Parameter)
... Issuer
Certificate Distribution Center The ...
... Period of Validity
name the DASS system gives to its online ...
(Not Before Date, Not After Date)
system that distributes certificates and user .....
... Subject
private keys. See also DISTRIBUTED AUTHENTICA- ...
... Subjects Public Key
TION SECURITY SERVICE. ...
... (Algorithm, Parameters, Public Key)
... Signature
certificate management A process to .
...
...
manage certificates, including the genera- ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
tion, storage, protection, transfer, loading, ... FIGURE C1. An example of an X.509 certificate.
... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
use, and destruction of CERTIFICATES. ...
...
...
Certificate Management Protocols ...
...
The Internet X.509 PUBLIC KEY INFRASTRUC- ...
... tion activities, and consolidating the final
TURE (PKI) CERTIFICATE MANAGEMENT PROTO- ...
... CERTIFICATION and ACCREDITATION PACKAGES.
COLS defined in RFC 2510. Protocol mes- ...
...
sages are defined for all relevant aspects of ... certification authority (1) A trusted
...
certificate creation and management. ... node that issues CERTIFICATES. A CERTIFICATE is
...
... a signed message specifying a name and a
certificate of action statement State- ...
... corresponding PUBLIC KEY, used with PUBLIC
ment attached to a COMSEC audit report ...
... KEY CRYPTOGRAPHY. (2) An agency that issues
that is used by a COMSEC CUSTODIAN ...
... digital certificates to organizations or indi-
to certify that all actions have been ...
... viduals. (3) Third level of the PUBLIC KEY IN-
completed. ...
... FRASTRUCTURE (PKI) certification management
...
certificate revocation list A digitally ... authority, which is responsible for issuing
...
signed data structure listing all the certifi- ... and revoking user certificates and exacting
...
cates issued by a given CA that have not ... compliance with the PKI (refers to U.S.
...
yet expired but have been revoked, and ... DoD PKI) policy as defined by the parent
...
hence are no longer valid. ... POLICY CREATION AUTHORITY (PCA).
...
...
certification (1) AUTHENTICATION of iden- ... certification authority hierarchy A
...
tity. (2) The practice of indicating, by the ... tree structure in which a root CERTIFICATION
...
AUTHORITY issues certificates for other subor-
issue of a certificate, that a product or sys- .....
... dinate CERTIFICATION AUTHORITIES, which may
tem has been evaluated and found to meet ...
... issue further certificates.
a set of specified security requirements. ...
... Large-scale deployment of public key
...
certification agent (1) A third party ... systems must support multiple CAs and the
...
(system) that judges AUTHENTICITY. (2) An ... relationship among them. Two common
.
individual responsible for making a techni- ..... structures for expressing this relationship
...
cal judgment of the systems compliance ... are top-down CERTIFICATION AUTHORITY HIERAR-
...
with stated requirements, identifying and ... CHY and a collection of top-down hierar-
...
assessing the risks associated with operat- ... chies. A diagrammatic representation of
...
ing the system, coordinating the certifica- ... these two structures is given in Figure C2.
...

17
certification authority hierarchy
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

CA1

CA2 CA3

CA4 Bob

Alice
(a)

(A) (B)

CA1 CA1

CA2 CA3 CA2 CA3

CA4 Bob CA4 John CA5

Anita
Alice

CA1 CA1

CA2 CA3 CA2 CA3

CA4 Mary CA4 CA5

Robert Bill Tom

(C) (D)
(b)
.................................................................................................................
FIGURE C2. Certificate hierarchy. (a) An example of a certificate hierarchy. In this figure rectangles represent
subscribers, and ovals represent CAs. (b) Completely connected islands-of-trust schema connecting four islands of
trust (A), (B), (C), and (D).
.................................................................................................................

18
 challengeresponse
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
Following the convention in Internet ... NOTE : This terminology is used mainly in the U S.
...
security, Figure C2 (a) uses the names Al- .... DoD and is not widely used outside the DoD envi-
ice and Bob to explain the concept of CER- .... ronment.
...
...
TIFICATION AUTHORITY HIERARCHY. Alice and ... certification package Product of the
...
Bob are the users who have been issued ... CERTIFICATION effort documenting the de-
...
CERTIFICATES. In the figure rectangles repre- ... tailed results of CERTIFICATION activities.
...
sent subscribers, and ovals represent CAs. ...
An arrow between two CAs means that the ..... certification test and evaluation Soft-
.... ware and hardware security tests and evalu-
source CA has certified the destination CA ...
... ation conducted during the development of
to issue certificates (e.g., CA4 has certified ...
... an IS.
the public key of Alice). The certification ...
...
path between Alice and Bob goes through ...
... certified TEMPEST technical authority
CA4 and CA2. ...
An experienced, technically qualified U.S.
To overcome the problem of the entire .....
.... government employee who has met estab-
Internet population trusting one central ...
... lished certification requirements in accor-
CA, the Internet trust mechanism is devel- ...
... dance with NSTISSC-approved criteria
oping as islands of trust, where each ...
... and has been appointed by a U.S. govern-
community, based on geographic location ...
ment department or agency to fulfill CTTA
and other requirements, trusts a particular .....
.... responsibilities.
CA, so that there is a root CA for each ...
...
community and these root CAs cross- ... CFB 5 CIPHER FEEDBACK.
...
certify each other. Figure C2 (b) shows ...
... CGI 5 COMMON GATEWAY INTERFACE.
a completely connected islands-of-trust ...
schema connecting (A), (B), (C), and (D). .....
.... challenge Information given to an entity
This arrangement allows certification ... so that it can cryptographically process the
...
paths between pair of subscribers and is ... informationusing a secret quantity it
...
applicable to large-scale public-key ... knowsand return the result (called the
...
applications such as secure e-mail and ... response). This exercises purpose is to
...
e-commerce. ... prove knowledge of the secret quantity
...
The root authority that issues certifi- ... without revealing it to an eavesdropper.
...
cates is also called the IPRA (INTERNET POL- ... This process is known as CHALLENGE
...
ICY REGISTRATION AUTHORITY) and registers ... RESPONSE AUTHENTICATION.
...
certification authorities known as POLICY ...
...
CREATION AUTHORITY (PCA). IPRA certifies ... NOTE : Although CHALLENGE now refers to a
...
only PCAs and not CAs or users. PCAs ... CRYPTOGRAPHIC process, it previously referred to
... a cryptic process by which two people (e.g., spies)
have their own policy of issuing certifi- ...
... would AUTHENTICATE each other.
cates. ...
...
... challenge and reply authentication A
...
certification authority workstation ... prearranged procedure in which a subject
...
A workstation that is used to issue CERTIFI- ... requests the AUTHENTICATION of another and
...
CATES. Usually it is a COMMERCIAL OFF-THE- ... the latter establishes its validity with a cor-
...
SHELF (COTS) workstation with a trusted ... rect reply.
...
operating system and special-purpose ap- ...
plication software that is used to issue cer- ..... challengeresponse In this type of AU-
...
tificates. ... THENTICATION, a user responds (usually by
...

19
Chaos Computer Club
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Message arrived without

Message
errors if the checksums match

Compare the calculated

Calculate the checksum
checksum and the one sent
of the message
by message

Send the message Recalclulate the

along with the checksum checksum of the message

Computer A Computer B

checksum Message

.................................................... ...
...
FIGURE C3. An example of the use of CHECKSUM ... check word CIPHERTEXT generated by
...
in MESSAGE INTEGRITY. ... CRYPTOGRAPHIC LOGIC to detect failures in
.................................................... ...
... CRYPTOGRAPHY.
...
...
...
...
Chernobyl packet An IP Ethernet DATA-
performing some calculation) to a CHAL- ...
...
GRAM that passes through a GATEWAY be-
LENGE (usually a numeric, unpredictable ...
...
tween two SUBNETS and has the source and
one) to AUTHENTICATE his/her identity. ...
...
the destination addresses as the broadcast
...
...
addresses. This type of packet results in a
Chaos Computer Club A loosely knit ...
...
broadcast storm. Also called KAMIKAZE
organization centered in Germany that ...
...
PACKET.

made news by staging some high-profile ...

...
break-ins into computer networks. ... CIK 5 CRYPTO-IGNITION KEY.
...
...
... CIPE 5 CRYPTO IP ENCAPSULATION.
checksum A small fixed-length quantity ...
...
computed as a function of an arbitrary- ...
... cipher Any CRYPTOGRAPHIC system or
length message. A CHECKSUM is computed ...
... CRYPTOSYSTEM in which PLAINTEXT is con-
by the sender of a message, recomputed, ...
... cealed by transposing the letters or num-
and checked by the recipient of a message ...
... bers or substituting other letters or num-
to detect data corruption. Originally, the ...
... bers according to a key or by rearranging
term CHECKSUM meant the specific integrity ...
... the PLAINTEXT or by all of the above.
check consisting of adding all the numbers ...
...
together and throwing away carries. Usage ...
...
cipher block chaining A method of us-
has extended the definition to include more ...
...
ing a BLOCK ENCRYPTION scheme for encrypt-
complex noncryptographic functions such ...
...
ing an arbitrary-size message. Figure C4
as CRCs, which detect hardware faults ...
...
explains CIPHER BLOCK CHAINING (CBC). In
with high probability, and CRYPTOGRAPHIC ...
...
this figure, vector IV is a random number
functions such as MESSAGE DIGESTS, which ...
...
generated and sent along with the message.
can withstand attacks from clever attackers. ...
...
This vector is used as an INITIALIZATION VEC-
See Figure C3. ...
...
TOR for the first PLAINTEXT message block B1

20
 classification
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Plaintext Block

Bi : Plaintext Block
B1 B2 B3 BN
Ci : Ciphertext Block
IV
IV: Initialization Vector

Encrypt Encrypt Encrypt Encrypt

C1 C2 C3 CN

Ciphertext Block
.................................................... ...
...
FIGURE C4. An example of cipher block chaining. ... circuit-level gateway Ensures the valid-
.................................................... ... ity of TCP and UDP sessions by creating a
...
... handshake between communicating parties
...
... and passing packets through until the end
...
... of the session. A type of FIREWALL.
...
(CIPHERTEXT for block 1). A block is 64 bits ...
... CIX 5 COMMERCIAL INTERNET EXCHANGE.
long. CIPHERTEXT for block i, Ci, is XORed ...
with PLAINTEXT for block i 1, Bi, before be- ...
... ClarkWilson model An integrity
ing run through an ENCRYPTION ALGORITHM. ...
... model for COMPUTER SECURITY policy de-
...
cipher feedback A method of using a ... signed for a commercial environment (see
...
BLOCK ENCRYPTION scheme for ENCRYPTING a ... [DC87]). It addresses such concepts such
...
message of arbitrary size. Figure C5 shows ... as NONDISCRETIONARY ACCESS CONTROL, privi-
...
CIPHER FEEDBACK. ... lege separation, and LEAST PRIVILEGE.
...
...
ciphertext Enciphered information. In ... classification The hierarchical portion
...
Figure C6, the encoding algorithm right- ... of a sensitivity label. The CLASSIFICATION is
...
shifts the PLAINTEXT by two letters to pro- ... a single level in a stratified set of levels.
...
duce CIPHERTEXT. A becomes D, B becomes ... For example, in a military environment,
...
E, C becomes G, and so on, Y becomes B, ... each of the sensitivity levels Unclassified,
...
and Z becomes C. In the figure PLAINTEXT ... Confidential, Secret, and Top Secret is less
...
HELLO is enciphered to CIPHERTEXT ... sensitive than the level above it. When in-
...
KHOOR. ... cluded in a sensitivity label in a system
...
... supporting MANDATORY ACCESS CONTROLS, a
ciphertext autokey CRYPTOGRAPHIC LOGIC ...
... CLASSIFICATION is used to limit ACCESS to
that uses previous CIPHERTEXT to generate a ...
... those cleared at that level.
KEY STREAM. ...
... Figure C7 gives an approximate com-
...
ciphony A process of enciphering audio ... parison of security CLASSIFICATIONS of vari-
...
information that results in ENCRYPTED ... ous countries. For more details refer to
...
speech. ... [ISP97].
...
.

21
classified
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Plaintext Block

Bi : Plaintext Block
B1 B2 B3 BN
Ci : Ciphertext Block

IV: Initialization Vector

IV Encrypt Encrypt Encrypt Encrypt

C1 C2 C3 CN

Ciphertext Block
.................................................... ...
...
FIGURE C5. An example of cipher feedback. ... der, or by the Atomic Energy Act of 1954
.................................................... ...
... (U.S.), as amended, to require protection
...
... against unauthorized disclosure and is
... marked to indicate its CLASSIFIED status.
...
...
...
H E L L O Plaintext
...
...
clearance (1) Represents an AUTHORIZA-
...
...
TION for a user to be granted access to a
... CLASSIFIED INFORMATION. (2) Represents the
...
Encode
Encode the plaintext ...
...
sensitivity level (the CLASSIFICATION and the
using an algorithm ... categories) associated with a user in a sys-
...
...
...
tem supporting MANDATORY ACCESS CON-
Ciphertext ... TROLS. A user with a particular CLEARANCE
K H O O R ...
after encoding ... can typically read only information with a
...
.................................................... ...
...
sensitivity label equal to or lower than the
FIGURE C6. An example illustrating CIPHERTEXT. ... users CLEARANCE and write only informa-
....................................................
...
...
...
tion with the same sensitivity label.
...
... NOTE : A persons CLEARANCE is permission to
...
... access information CLASSIFIED at that level. It rep-
...
... resents reliance placed in that person after background,
classified An adjective describing infor- ...
... character, and other checks made by a security author-
mation that a government does not want ..
... ity. In some operating system environments ( for ex-
...
divulged for national security reasons. ... ample, MLS), a subject (process) with a particular
...
There are various types of CLASSIFICATION, ... CLEARANCE may only read information with a
...
including Confidential, Secret, and Top Se- ... CLASSIFICATION level equal to or lower than the
... CLEARANCE , and may only write information at
cret. See also CLASSIFICATION. ...
... the same CLASSIFICATION of the subjects CLEAR -
...
classified information Information that ... ANCE . A user with a CLEARANCE of, say, TS is
...
has been determined pursuant to Executive ... usually able to create a process (subject) with a lower
...
Order 12958 (U.S.) or any predecessor or- ... CLEARANCE , say S, to create a file at the S level.
..

22
 code
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

Country Security Classification

U.S. Top Secret Secret Confidential Other

Australia Top Secret Secret Confidential Restricted
Canada Top Secret Secret Confidential Restricted
France Tres Secret Secret Defense Confidentiel Diffusion Restreinte
Germany Streng Geheim Geheim Vs-Vertaulich
India Top Secret Secret Confidential Restricted
Japan Kimitsu Gokuhi Hi Toriatsukaichui
New Zealand Top Secret Secret Confidential Restricted
Russia Cobeoweh-ho Cekpetho
United Kingdom Top Secret Secret Confidential Restricted

.................................................... ...
... clientserver model A common way to
FIGURE C7. Approximate comparison of security ...
... describe network services and the model
classifications of various countries. ...
.................................................... ... user process of those services. See Figure
...
... C8. Examples include the name-server/
...
... name-resolver paradigm of the DOMAIN name
clearing The removal of data from an ...
...
... system and file-server/file-client relation-
IS,its storage devices, and other peripheral ...
... ships such as NETWORK FILE SYSTEM (NFS) and
devices with storage capacity in such a way ...
that the data may not be reconstructed us- ... diskless hosts. See also NETWORK FILE SYSTEM.
...
ing common systems capabilities (i.e., key- ...
... CLNP 5 CONNECTIONLESS NETWORK
board strokes); however, the data may be ...
... PROTOCOL.
reconstructed using laboratory methods. ...
...
... closed security environment An envi-
Cleared media may be reused at the same ...
... ronment providing sufficient ASSURANCE
CLASSIFICATION level or at a higher level. ...
... that applications and equipment are pro-
Overwriting is one method of CLEARING. ...
... tected against the introduction of malicious
cleartext A message that is not EN- ...
... logic during an IS life cycle. Closed secu-
CRYPTED. See also PLAINTEXT. ...
... rity is based upon a systems developers,
...
... operators, and maintenance personnel hav-
client Something (usually a process) that ...
... ing sufficient CLEARANCES, AUTHORIZATION,
accesses a service (from another process, ...
... and CONFIGURATION CONTROL.
also referred to as a server) by communi- ...
cating with it over a computer network. ...
... CMCS 5 COMSEC MATERIAL CONTROL
...
... SYSTEM.
Clipper Shorthand for CLIPPER CHIP and ...
for the U.S. governments policy regarding ...
... CMP 5 CERTIFICATE MANAGEMENT
the use of this chip. ...
... PROTOCOLS.
...
...
Clipper chip The hardware implementa- ... CMS 5 CRYPTOGRAPHIC MESSAGING
...
tion of the ESCROWED ENCRYPTION STANDARD. ... SYNTAX.
...
The chip was designed by the U.S. NA- ...
... COCOM 5 COORDINATING COMMITTEE
TIONAL SECURITY AGENCY (NSA) and origi- ...
... FOR MULTILATERAL EXPORT CONTROLS.
nally used in a telephone security device ...
...
manufactured by AT&T. The chip is no ... code (1) (COMSEC) System of commu-
...
longer manufactured. ... nication in which arbitrary groups of
..

23
code book
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Server Request Client

Response

Network Network
Protocol Protocol
Stack Stack

Network Media

.................................................... ...
...
FIGURE C8. A simple clientserver model. ... pile and vulnerable to malicious reverse en-
...
.................................................... ... gineering attacks.
...
...
... NOTE : A transformation C, from a program P to a
...
words, letters, numbers, or symbols replace ... program Q is an OBFUSCATION transformation
...
other words, phrases, letters, or numbers ... [CC98], if (1) both P and Q have same observable
...
for concealment or brevity. (2) A system ... behavior except for non-termination and error-
... termination. Q may have side effects not observable by
of symbols that make up a CIPHERTEXT. ...
... user such as creating files, sending messages over the
(3) Also refers to a system of instructions ...
... Internet and also P and Q may have different per-
that makes up a software source, or execut- ...
... formance characteristics; and (2) the transformation
able information. ...
... C makes Q more obscure, complex, or unreadable
...
code book A document containing ... than P ( for metrics of complexity see [SH81],
... [ JM93], [TM76], [WH81]). Colberg [CC98]
PLAINTEXT and code equivalents in a system- ...
... defines four measures of the quality of an OBFUS -
atic arrangement, or a technique of ma- ...
... CATION transformation, potency, resilience, stealth,
chine ENCRYPTION using a word substitution ...
... and cost. Potency measures how obscure Q is made by
technique. ...
... C, resilience measures ability to withstand attacks from
...
code group A group of letters, numbers, ... automatic deobfuscators, stealth measures how obfuscated
...
or both in a code system used to represent ... CODE blends with the rest of the program, and cost
... measures the time and space increase because of obfus-
a PLAINTEXT word, phrase, or sentence. ...
... cation.
...
code obfuscation A CODE transforma- ...
...
tion technique to prevent malicious reverse ... code signing CODE SIGNING is used to
...
engineering of CODE. In this technique, ... verify the source of a program. A secure
...
original CODE is converted to an equivalent ... hashing algorithm is used on the code to
...
CODE that is functionally identical to the ... be executed providing a compact code SIG-
...
original CODE but is more difficult to de- ... NATURE. This SIGNATURE is encrypted using
...
compile and reverse engineer. In general, ... the private key of a vendor. CODE is re-
...
CODE OBFUSCATION is applied to MOBILE CODE ... trieved with the SIGNATURE. The SIGNATURE
...
executables because they are isomorphic ... is decrypted using the vendors PUBLIC KEY.
...
(similar in form and function) to the ... If the HASH value and decrypted SIGNATURE
...
source CODE. This ensures platform inde- ... are identical, the CODE has not been tam-
...
pendence but makes them easy to decom- ... pered with. This provides CODE accessed
...

24
 Common Criteria
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
via the INTERNET to be treated as shrink- .... commercial off-the-shelf A readily
..
.
wrapped software. Active X from Micro- ... available commercial product (software)
soft uses this technique to verify software .... that is not developed to particular govern-
...
... ment or industry specifications or for a
INTEGRITY [BS00]. ...
... particular project.
... See also BESPOKE.
code vocabulary A set of PLAINTEXT ...
...
words, numerals, phrases, or sentences for ...
... Comite Consultatif International Tele-
which code equivalents are assigned in a ... phonique et Telegraphique It is now
...
code system. ... called INTERNATIONAL TELECOMMUNICATIONS
...
... UNION (ITU), standard organization domi-
COI 5 COMMUNITY OF INTEREST. ...
... nated by European telephone companies
...
... known as PTTs, where PTT stands for
cold start A procedure for initially key- ...
... Postal, Telephone, and Telegraph Author-
ing CRYPTO-EQUIPMENT. ...
... ity. Comite Consultatif International Tele-
...
command and control warfare This ... phonique et Telegraphique (CCITT) pub-
...
term refers to both offensive and defensive ..... lished standards for computer networking,
operations and is an example of informa- .... including the X.400 series of documents
...
tion operations in military settings and ... concerning electronic mail and the X.500
...
information warfare. It involves the use of ... series of documents concerning directory
...
electronic warfare, military deception, and ... services.
...
psychological operations to adversely ...
...
affect enemy command and control while ...
... Common Criteria The COMMON CRITERIA
protecting friendly command and control ...
... for Information Technology Security Eval-
capabilities. ...
... uation referred to as COMMON CRITERIA
...
... (now it has an equivalent standard
command authority An individual who ...
... ISO/IEC 15408) is a multipart standard
is responsible for the appointment of user ...
... to be used as a basis of evaluation of secu-
representatives for a department, agency, ...
... rity properties of IT products and services.
or organization and their key ordering ...
... It is described in three parts. Part 1 pro-
privileges. ...
... vides an introduction and general model.
...
Commercial COMSEC Endorsement ... Part 2 provides security and functional re-
...
Program Relationship between NSA ... quirements. Part 3 contains security ASSUR-
..
(U.S.) and industry in which NSA provides ..... ANCE requirements. The COMMON CRITERIA
... combines ideas from its various predeces-
the COMSEC expertise (i.e., standards, al- ...
... sors (see NOTE below).
gorithms, evaluations, and guidance) and ...
. It covers IT security measures and per-
industry provides design, development, and .....
... mits comparison of independent security
production capabilities to produce a Type 1 ...
.
or Type 2 product. Products developed un- ..... evaluations. The COMMON CRITERIA is de-
.
der the CCEP may include modules, subsys- ..... signed to serve as a guide for the develop-
... ment of products or systems with IT secu-
tems, equipment, systems, and ancillary ...
... rity functions and for the procurement of
devices. ...
... commercial products and systems with IT
...
Commercial Internet Exchange An ... security functions. It also addresses protec-
...
industry organization for Internet service ... tion of information from unauthorized dis-
...
providers. ... closure, modification, or loss of use.
...
.

25
common data security architecture
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
COMMON CRITERIA defines seven Evalua- ... common gateway interface A method
..
tion Assurance Levels (EAL): EAL1, func- ..... or convention to pass a Web users request
...
tionally tested; EAL2, structurally tested; ... between a web server and an application
...
EAL3, methodically tested and checked; ... program and to receive data back that is
...
EAL4, methodically designed, tested, and ... forwarded to the user. Because the gateway
...
reviewed; EAL5, semiformally designed ... is consistent, a programmer may write a
...
and tested; EAL6, semiformally verified ... COMMON GATEWAY INTERFACE (CGI) program
...
designed and tested; EAL7, formally veri- ... in a number of different languages, such as
...
fied designed and tested. An EAL is a ... C, C, Java, PERL (Practical Extrac-
...
package consisting of ASSURANCE compo- ... tion and Reporting Language). For exam-
...
nents that represent a point on the COM- ... ple, Microsofts Active Server Pages (ASP),
...
MON CRITERIA predefined ASSURANCE scale. ... Java Server Pages, and Servlets are alterna-
More details about COMMON CRITERIA can ..... tives to CGI.
...
be obtained from http://csrc.nist.gov/cc/ ...
...
or http://www.commoncriteria.org. ...
... communications cover The concealing
...
NOTE : The origins of the C OMMON C RITERIA ... or altering of characteristic communica-
...
can be traced to the T RUSTED C OMPUTER S YS - ... tions patterns to hide information that
TEM E VALUATION C RITERIA (TCSEC) devel- ...
... could be of value to an ADVERSARY.
oped (1980) in the United States. The C OMMON ...
...
C RITERIA merges ideas from the following predeces- ...
... communications deception Deliberate
sors. The I NFORMATION T ECHNOLOGY S E - ...
... transmission, retransmission, or alteration
CURITY E VALUATION CRITERIA (ITSEC) ...
version 1.2 published (1991) by the European Com- ... of communications to mislead an ADVER-
...
mission and based on the joint efforts of France, Ger- ... SARYS interpretation of the communica-
...
many, the Netherlands, and the United Kingdom. The ... tions. See also IMITATIVE COMMUNICATIONS DECEP-
...
Canadian Trusted Computer Product Evaluation ... TION and MANIPULATIVE COMMUNICATIONS
...
Criteria (CTCPEC) version 3.0 (1993) combined ... DECEPTION.
the ITSEC and TCSEC approaches. The U.S. pub- ...
...
lished the draft Federal Criteria for Information ...
...
Technology Security version 1.0 (1993) that com- .... communications profile An analytic
bined North American and European concepts for .... model of communications associated with
...
evaluation criteria. Building on these efforts, C OM - ... an organization or activity. The model is
...
MON C RITERIA was developed. C OMMON CRI- ... prepared from a systematic examination of
...
TERIA (v1.0) was published in 1996, and C OM - ... communications content and patterns, the
MON C RITERIA version 2.0 was published in ...
... functions they reflect, and the COMMUNICA-
1998. C OMMON C RITERIA version 2.1 is now ...
... TIONS SECURITY measures applied.
available for use. ...
...
...
common data security architecture A ...
... communications security COMMUNICA-
set of specifications of APIs to define a ...
... TIONS SECURITY (COMSEC). The measures
comprehensive approach to security service ...
... and controls taken to deny unauthorized
and security management for computer- ...
persons information derived from telecom-
based security applications initiated by Intel .....
... munications and to ensure the AUTHENTICITY
Corporation. ...
... of such telecommunications. COMMUNICA-
...
common fill device One of a family of ... TIONS SECURITY includes CRYPTOSECURITY,
...
devices developed to read in, transfer, or ... TRANSMISSION SECURITY, EMISSION SECURITY, and
...
store keys. ... PHYSICAL SECURITY of COMSEC MATERIAL.
...

26
 computer security subsystem
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
community of interest A group of peo- .... destruction of information-processing re-
..
.
ple with a common interest without any ... sources.
regard to geographical boundaries. This ....
... computer cryptography The use of a
term usually refers to groups of people ...
... CRYPTO-ALGORITHM program by a computer
who pursue their meetings or form com- ...
... to AUTHENTICATE or encrypt/decrypt infor-
munities through chat rooms, mailing lists, .....
... mation.
and discussion servers on the Internet. ...
...
... Computer Emergency Response Team
compartmentalization A nonhierarchi- ...
... It plays a major role in awareness, re-
cal grouping of sensitive information used ...
... sponse, and prevention activities related to
to control access to data more finely than ...
... computer and network security and issues
with hierarchical security CLASSIFICATION ...
... alerts and advisories. COMPUTER EMERGENCY
alone. ...
... RESPONSE TEAM (CERT) was established in
compartmented mode (1) In COMPART- ...
... 1988 by the ADVANCED RESEARCH PROJECTS
MENTED MODE, the IS is trusted to prevent a
...
... AGENCY (ARPA) in response to the Internet
user without formal access to a given com- ..... Worm incident (1988). CERT is located at
...
partment from accessing any information ... Carnegie Mellon University and has vari-
...
in that compartment that is stored within ... ous international centers. See also INTERNET
...
the IS. See also MULTILEVEL MODE. ... WORM.
...
(2) INFOSEC mode of operation ...
... computer forensics Relates to the col-
wherein each user with direct or indirect ...
... lection, preservation, and analysis of
access to a system, its peripherals, remote ...
... computer-related criminal evidence.
terminals, or remote hosts has all of the ...
...
following: (a) a valid security CLEARANCE ... Computer Oracle and Password
... System UNIX security status checker.
for the most restricted information pro- ...
... Checks various files and software configu-
cessed in the system; (b) formal access ap- ...
.
proval and signed nondisclosure agreements ..... rations to see whether they have been com-
... promised (edited to plant a Trojan horse
for that information which to a user is to ...
... or back door) and checks to see that files
have access; and (c) a valid NEED-TO-KNOW ...
... have the appropriate modes and permis-
for information that is to be accessed. ...
... sions set to maintain the integrity of a se-
...
compromise (1) Circumvent security ... curity level (makes sure that file permis-
...
measures in order to acquire unauthorized ... sions do not leave themselves open to
...
access to information or system resources. ... ATTACK or access).
(2) A state in which the security objectives .....
...
of the information system are not main- ... computer security Measures and con-
...
tained. ... trols that ensure the CONFIDENTIALITY, INTEG-
...
... RITY, and AVAILABILITY of IS assets including
compromising emanations Uninten- ...
... hardware, software, firmware, and informa-
tional signals that if intercepted and ana- ...
. tion being processed, stored, and commu-
lyzed would disclose the information trans- .....
... nicated.
mitted, received, handled, or otherwise ...
...
processed by information systems equip- .... computer security incident 5
ment. See also TEMPEST. ... INCIDENT.
...
...
computer abuse The intentional or ... computer security subsystem Hard-
....
reckless misuse, alteration, disruption, or ... ware or software designed to provide COM-
...

27
COMSEC
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
PUTER SECURITY features in a larger system ... COMSEC equipment Equipment de-
...
environment. ... signed to provide security to telecommuni-
...
... cations by converting information to a
COMSEC 5 COMMUNICATIONS SECURITY. ...
... form unintelligible to an unauthorized in-
...
COMSEC account Administrative entity, ... terceptor and, subsequently, by recovering
...
identified by an account number, used to ... such information to its original form for
.
maintain ACCOUNTABILITY, custody, and con- ..... authorized recipients; also, equipment de-
...
trol of COMSEC MATERIAL. ... signed specifically to aid in, or as an essen-
...
... tial element of, the conversion process.
COMSEC account audit Examination of ...
...
the holdings, records, and procedures of a ... COMSEC facility Space used for generat-
...
COMSEC ACCOUNT ensuring that all ac- ... ing, storing, repairing, or using COMSEC
...
countable COMSEC MATERIAL is properly ... MATERIAL.
...
handled and safeguarded. ...
... COMSEC incident 5 INCIDENT.
...
COMSEC aid COMSEC MATERIAL that as- ...
.
sists in securing telecommunications and is ..... COMSEC insecurity A COMSEC INCIDENT
... that has been investigated, evaluated, and
required in the production, operation, or ...
.
maintenance of COMSEC systems and their ..... determined to have jeopardized the security
.
components. COMSEC keying material, call ..... of COMSEC MATERIAL or the secure trans-
... mission of information.
sign/frequency systems, and supporting ...
...
documentation, such as operating and ... COMSEC manager Person who manages
...
maintenance manuals, are examples of ... the COMSEC resources of an organization.
...
COMSEC AIDS. ...
... COMSEC material Item designed to se-
...
COMSEC boundary Definable perimeter ... cure or AUTHENTICATE telecommunications.
...
encompassing all hardware, firmware, and ... COMSEC MATERIAL includes, but is not lim-
...
software components performing critical ... ited to, key, equipment, devices, docu-
...
COMSEC functions, such as key generation ... ments, firmware, or software that embodies
...
and key handling and storage. ... or describes CRYPTOGRAPHIC LOGIC and other
...
... items that perform COMSEC functions.
COMSEC chip set A collection of U.S. ...
...
NSA-approved microchips. ... COMSEC material control system
...
COMSEC control program Computer .... Logistics and accounting system through
....
instructions or routines controlling or af- ... which COMSEC MATERIAL marked
...
fecting the externally performed functions ... CRYPTO is distributed, controlled, and
.
of key generation, key distribution, message ..... safeguarded. Included are the COMSEC cen-
...
ENCRYPTION/DECRYPTION, or AUTHENTICATION. ... tral offices of record, cryptologic depots,
...
. and COMSEC ACCOUNTS. COMSEC MATERIAL
COMSEC custodian A person designated ....
. other than key may be handled through the
by a proper authority to be responsible for .....
. COMSEC MATERIAL CONTROL SYSTEM.
the receipt, transfer, accounting, safeguard- .....
...
ing, and destruction of COMSEC MATERIAL ... COMSEC modification 5 INFORMA-
...
assigned to a COMSEC ACCOUNT. ... TION SYSTEM SECURITY EQUIPMENT MODIFICATION.
...
...
COMSEC end-item Equipment or com- ... COMSEC module Removable compo-
...
bination of components ready for use in a ... nent that performs COMSEC functions in
...
COMSEC application. ... telecommunications equipment or systems.
...

28
 contamination
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
COMSEC monitoring The act of listen- .... cape from the environment in which it is
..
.
ing to, copying, or recording transmissions ... allowed to reside.
of ones own official telecommunications ....
...
to analyze the degree of security. ... confinement channel 5 COVERT
...
... CHANNEL.
COMSEC profile Statement of COMSEC ...
...
measures and materials used to protect a ... confinement property Synonymous
...
given operation, system, or organization. ... with STAR (*) PROPERTY.
...
...
COMSEC survey Organized collection of .... connectionless The model of intercon-
...
COMSEC and communications information .... nection in which communication takes
relative to a given operation, system, or or- ..... place without first establishing a connec-
...
ganization. ... tion. Sometimes called a DATAGRAM. Exam-
...
... ples include UDP and ordinary postcards.
COMSEC system data Information re- ...
. Figure C9 shows that packets with the
quired by COMSEC EQUIPMENT or system to ..... same source and destination (A to D) may
...
enable it to properly handle and control ...
... take different routes.
KEY. ...
... Packets 1 and 3 are routed by switch 1
...
COMSEC training Teaching of skills re- ... through link 3, and packet 2 through link
...
lating to COMSEC accounting, use of ... 7. Switch 2 then routes packets 1 and 3 to
...
COMSEC AIDS, or installation, use, mainte- ... switch 3 through link 5. Switch 3 then di-
...
nance, and repair of COMSEC EQUIPMENT. ... verts packets 3, 1 , 2 to destination D in
...
... the order of their arrival. Contrast this
concept of operations Document de- ...
... with a CONNECTION - ORIENTED system where
tailing the method, act, process, or effect ...
... the packets will take the same route for
of using an IS. ...
... same source and destination.
...
confidentiality The property of not be- ...
... Connectionless Network Protocol An
ing divulged to unauthorized parties. A ...
... OSI standard network layer protocol for
CONFIDENTIALITY service assists in the preven- ...
... sending data through a computer network.
tion of disclosure of information to unau- ...
...
thorized parties. ... connection-oriented The model of in-
...
configuration control The process of .... terconnection in which communication
.... proceeds though three well-defined phases:
controlling modifications to hardware, ...
... connection establishment, data transfer,
firmware, software, and documentation to ...
... and connection release. Examples include
ensure that an IS is protected against im- ...
... X.25, Internet TCP, and ordinary telephone
proper modifications prior to, during, and ...
... calls. In Figure C10 a virtual connection is
after system implementation. ...
... established from node A to node D
...
configuration management Manage- ... through links 1, 3, 5, 6 as highlighted by a
...
ment of security features and ASSURANCES ... thick line in the figure. All data transfer
...
through the control of changes made to ... for a particular session is through this link
...
hardware, software, firmware, documenta- ... until the connection is released.
tion, test, test fixtures, and test documenta- .....
...
tion throughout the life cycle of an IS. ... CONOP 5 CONCEPT OF OPERATIONS.
...
...
confinement Not allowing information ... contamination The introduction of data
...
of a certain security CLASSIFICATION to es- ... of one security CLASSIFICATION or security
...

29
contingency key
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Switch 2
4

3
1
5 1
3
3
1 6
7
A 2 3
3 2 1 1
2 D

Switch 3
Packet Switch 1 2

B
Host
.................................................... ...
...
FIGURE C9. A CONNECTIONLESS network. ... words, trusted host RLOGIN, and password
...
.................................................... ... capture by network snooping. Two local
...
... netsone a secure segment with an AU-
...
... THENTICATION service and the other a nonse-
category into data of a lower security CLAS- ...
cure segmentcommunicate with each
...
SIFICATION or different security category. ...
... other via a CAP. The CAP is essentially a
Typically an undesirable situation. When ...
router with additional functionality to de-
...
sensitive information is inadvertently trans- ...
tect incoming connection requests, inter-
...
ferred onto an insufficiently secure system, ...
cept the user AUTHENTICATION process, and
...
for example secret information copied onto ...
invoke the AUTHENTICATION server.
...
an UNCLASSIFIED computer that might be ...
...
connected to the Internet, this would con- ... controlled access protection The C2
...
taminate the UNCLASSIFIED computer. ... level of protection described in the TRUSTED
...
... COMPUTER SYSTEM EVALUATION CRITERIA (OR-
contingency key Key held for use under ...
... ANGE BOOK). Its major characteristics are
specific operational conditions or in sup- ...
... individual ACCOUNTABILITY, AUDIT, ACCESS
port of specific CONTINGENCY PLANS. ...
... CONTROL, and OBJECT REUSE.
...
...
contingency plan Plan maintained for ... controlled cryptographic item Secure
...
emergency response, backup operations, ... telecommunications or information-
...
and postdisaster recovery for an IS, to en- ... handling equipment, or associated CRYPTO-
...
sure the availability of critical resources ... GRAPHIC COMPONENT, that is UNCLASSIFIED but
...
and to facilitate the continuity of opera- ... governed by a special set of control re-
...
tions in an emergency situation. ... quirements. Such items are marked CON-
...
... TROLLED CRYPTOGRAPHIC ITEM
...
controlled access point Provides a net- ... or, where space is limited, CCI.
...
work mechanism intended to reduce the ...
...
risk of password guessing, probing for ... controlled security mode 5 MULTI-
...
well-known accounts with default pass- ... LEVEL SECURITY.
..

30
 costbenefit analysis
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

Switch
4

5
3

1 6
A 7

B
Host
.................................................... ...
...
FIGURE C10. A CONNECTION-ORIENTED network. ... ated random components from which both
...
.................................................... ... terminals of a secure circuit construct a
...
... TRAFFIC ENCRYPTION KEY or a KEY ENCRYPTION
...
... KEY for use on that circuit.
controlled sharing A condition existing ...
when ACCESS CONTROL is applied to all users ...
... cooperative remote rekeying Synony-
and components of an IS. ...
... mous with MANUAL REMOTE REKEYING.
...
controlled space Three-dimensional ...
... Coordinating Committee for Multi-
space surrounding IS equipment within ... lateral Export Controls International
...
which unauthorized persons are denied un- ... forum for coordinating export control
...
restricted access and are either escorted by ... regulations on technology of military signif-
...
authorized persons or are under continuous ... icance, including CRYPTOGRAPHY. COORDINAT-
...
physical or electronic surveillance. ... ING COMMITTEE FOR MULTILATERAL EXPORT CON-
...
... TROLS (COCOM) was dissolved in 1994,
controlling authority Official responsi- ...
... but the coordination of export regulations
bility for directing the operation of a CRYP- ...
... has continued under the WASSENAAR AR-
TONET and for managing the operational use
...
... RANGEMENT, which was established in 1996.
and control of keying material assigned to ...
... See also WASSENAAR ARRANGEMENT.
the CRYPTONET. ...
...
... COPS 5 COMPUTER ORACLE AND PASS-
conversation key A temporary encryp- ...
... WORD SYSTEM.
tion key issued to communicating entities ...
...
by an Authentication Service. ... COR 5 CENTRAL OFFICE OF RECORD.
...
...
cookies Information about Web site vis- ... correctness proof A mathematical proof
...
itors created by Web sites and stored on ... of consistency between a specification and
...
the visitors computers. ... its implementation.
...
...
...
cooperative key generation Electroni- ... costbenefit analysis The assessment
...
cally exchanging functions of locally gener- ... of the cost of providing protection or se-
..

31
COTS
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
curity commensurate with the risk and ... manipulation affects the real response time
...
magnitude of asset loss or damage. ... observed by the second process.
...
...
COTS 5 COMMERCIAL OFF-THE-SHELF. ... cracker A person who breaks security
...
... controls for criminal pursuits. Although
countermeasure A COUNTERMEASURE is ....
. not in general use, this term is common
the action, device, procedure, technique, or .....
. among computer professionals and acade-
other measure that reduces the vulnerability .....
.... micians.
of an IS. ...
...
... CRC 5 CYCLIC REDUNDANCY CODE.
covert channel A mechanism or a chan- ...
...
nel not intended for information transfer ... CRC-32 A particular CRC that produces a
...
could be used for that purpose. For exam- ... 32-bit output.
...
ple, dynamically creating and deleting files ...
... credentials Secret information used to
to transmit 0 or 1 bit information. Re- ...
... prove ones identity or AUTHORIZATION in an
quires two active agents, one at high and ...
... AUTHENTICATION exchange.
one at low security level, and an encoding ...
...
schema. See also OVERT CHANNEL and EXPLOIT- ... criteria Definitions of properties and
...
ABLE CHANNEL. ... constraints to be met by system functional-
...
... ity and ASSURANCE.
covert channel analysis Assessment of ...
...
the degree to which covert channels could ... critical infrastructures Those physical
...
be used to contravene the security policy ... and information-based systems essential to
...
of a system. Typically, this will identify ... the minimum operations of the economy
...
both the channels themselves and the in- ... and government.
...
formation transfer rates that could be ...
... CRL 5 CERTIFICATE REVOCATION LIST.
achieved. ...
...
... cryptanalysis The process of finding
covert storage channel The transmis- ...
... weaknesses or flaws in CRYPTOGRAPHIC
sion of information by modulating the ca- ...
... algorithms.
pacity (or other attribute) of a storage re- ...
...
source. The transmitter creates files on a ... crypto-alarm Circuit or device that de-
...
disk of different sizes or file names. The ... tects failures or aberrations in the logic or
...
receiver (who is forbidden from receiving ... operation of CRYPTO-EQUIPMENT. A CRYPTO-
...
information from the transmitter) is able ... ALARM may inhibit transmission or may
to determine the amount of free disk space ..... provide a visible and/or audible alarm.
...
left, or the name of the file, or other at- ...
...
tributes, without reading the contents of ... crypto-algorithm A short form of
...
the file itself. COVERT STORAGE CHANNELS ... cryptographic algorithm. Well-defined
.
typically involve a finite resource (e.g., sec- ..... procedure or sequence of rules or steps or
...
tors on a disk) that is shared by two sub- ... a series of mathematical equations used to
...
jects at different security levels. ... describe CRYPTOGRAPHIC processes such as
...
... ENCRYPTION, DECRYPTION, KEY GENERATION, AU-
covert timing channel COVERT CHANNEL ...
... THENTICATION, SIGNATURES, etc.
in which one process signals information ...
...
to another process by modulating its own ... crypto-ancillary equipment Equip-
...
use of system resources (e.g., central pro- ... ment designed specifically to facilitate effi-
...
cessing unit time) in such a way that this ... cient or reliable operation of CRYPTO-EQUIP-
...

32
 Crypto IP Encapsulation
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
MENT, without performing CRYPTOGRAPHIC .... functions. An example of software imple-
.... mentation is RSAs BSAFE, and an exam-
functions itself. ...
... ple of hardware implementation is the
...
crypto-equipment Equipment that em- ...
... FORTEZZA CARD. See also FORTEZZA CARD.
bodies CRYPTOGRAPHIC LOGIC. ...
...
... cryptographic equipment room
cryptographic Pertaining to, or con- ...
... Controlled-access room in which CRYPTO-
nected with, CRYPTOGRAPHY. ...
... SYSTEMS are located.
...
...
cryptographic application program- ... cryptographic initialization A function
ming interface CRYPTOGRAPHIC APPLICA- ...
... used to set the state of CRYPTOGRAPHIC LOGIC
TION PROGRAMMING INTERFACE (CAPI) specifies ...
... prior to KEY GENERATION, ENCRYPTION, or
an interface to a library of functions for ...
.. other operating mode.
security and CRYPTOGRAPHY services. It sepa- .....
... cryptographic logic The embodiment
rates CRYPTOGRAPHIC routines from applica- ...
.
tions so if needed software can be exported ..... of one or more CRYPTO-ALGORITHMS along
.
without any security services implemented, ..... with alarms, checks, and other processes
... essential to the effective and secure perfor-
and may later be linked by the user to the ...
... mance of the CRYPTOGRAPHIC PROCESS(ES).
local security services. CAPIs can be imple- ....
mented as CRYPTOGRAPHIC module interfaces, ..... Cryptographic Messaging Syntax A
...
authentication service interfaces, or at a ... general syntax as outlined in RFC 2315
...
different level of abstraction. Examples of ... for data that may have CRYPTOGRAPHY ap-
...
CAPIs include RSA Laboratories Cryptoki .... plied to it, such as digital signatures and
(PKCS #11), NSAs (U.S.) Fortezza, In- ....
... digital envelopes.
ternet GSS-API (see RFC 1508). ...
...
... cryptographic randomization Func-
...
cryptographic checksum A one-way ... tion that randomly determines the transmit
...
function that calculates a unique finger- ... state of CRYPTOGRAPHIC LOGIC.
...
print of a message (or a file). This pro- ...
... cryptography (1) Art or science con-
vides an integrity check with the property ...
... cerning the principles, means, and methods
that it is very hard to find a valid CHECK- ...
... for rendering plain information unintelligi-
SUM for a message unless the SECRET KEY is ...
... ble and for restoring encrypted information
known. The data in the message is sent ...
. to intelligible form. (2) The subject area
along with the CHECKSUM and at destination ..... that deals with mathematical techniques re-
...
the CHECKSUM is recomputed. Any tamper- ...
... lated to aspects of information security
ing of data is likely to result in a different ...
... such as CONFIDENTIALITY, AUTHENTICATION,
CHECKSUM. It provides a probabilistic proof ...
... DATA INTEGRITY, and NONREPUDIATION.
that the data was not tampered with. ...
...
... crypto-ignition key Device or electronic
cryptographic component Hardware ...
... key used to unlock the secure mode of
or firmware embodiment of CRYPTOGRAPHIC ...
... CYPTO-EQUIPMENT.
LOGIC. For example, a modular assembly, ...
...
printed wiring assembly, or a microcircuit ... Crypto IP Encapsulation A project to
...
may implement CRYPTOGRAPHIC LOGIC. ... build encrypting IP routers that route en-
...
... crypted UDP packets whose purpose is to
...
cryptographic engine Hardware or ... securely connect subnets over an insecure
...
software implementation of CRYPTOGRAPHIC ... transit network. The purpose of IPSEC and
..

33
cryptology
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
CIPE are the same. However, CIPE is not ... cryptosystem review Examination
...
very flexible in functionality as compared ... of a CRYPTOSYSTEM by the CONTROLLING AU-
...
to IPsec. See also INTERNET PROTOCOL SECURITY. ... THORITY, ensuring its adequacy of design
...
... and content, continued need, and proper
cryptology (1) Field encompassing both ...
... distribution.
CRYPTOGRAPHY and CRYPTANALYSIS. (2) The ...
...
area of making and breaking schemes used ... cryptosystem survey Management
...
for achieving CRYPTOGRAPHIC goals such as ... technique in which the actual holders of a
...
CONFIDENTIALITY, AUTHENTICATION, DATA INTEG- ... CRYPTOSYSTEM express opinions on the sys-
...
RITY, and NONREPUDIATION. See also CRYPTOGRA- ... tems suitability and provide usage infor-
...
PHY and CRYPTANALYSIS. ... mation for technical evaluations.
...
...
cryptonet Stations holding a common ... CSMA/CD 5 CARRIER SENSE MULTIPLE
...
key. ... ACCESS WITH COLLISION DETECT.
...
...
... CT&E 5 CERTIFICATION TEST AND
cryptoperiod Time span during which a ...
... EVALUATION.
key setting remains in effect. ...
...
... CTTA 5 CERTIFIED TEMPEST TECHNICAL
cryptosecurity Component of COMSEC ...
... AUTHORITY.
resulting from the provision of technically ...
...
sound CRYPTOSYSTEMS and their proper use. ... cybercrud Mostly useless computer-
...
... generated gibberish that people either ig-
cryptosynchronization The process by ...
... nore or are intimidated and annoyed by.
which a receiving decrypting instance of ...
...
CRYPTOGRAPHIC LOGIC attains the same inter- ... cybersquatting Registering a domain
...
nal state as the transmitting encrypting ... name that is a trademark of another person
...
logic. ... or company with the hope that the original
...
... owner will pay money to retain the domain
cryptosystem Associated INFOSEC ...
.
items interacting to provide a single means ..... rights.
...
of ENCRYPTION or DECRYPTION. ... cybervandalism The electronic defac-
...
... ing of an existing Web page or site.
cryptosystem assessment Process of ....
establishing the exploitability of a CRYPTO- ....
... cyclic redundancy check Error-
SYSTEM, normally by reviewing the transmit-
...
... checking mechanism that checks data
ted traffic protected or secured by the sys- ...
... integrity by computing a polynomial-
tem under study. ...
... algorithm-based CHECKSUM.
...
...
cryptosystem evaluation Process ... cyclic redundancy code Code produced
of determining vulnerabilities of a CRYPTO- ..... by CYCLIC REDUNDANCY CHECK. See also CYCLIC
...
SYSTEM. ... REDUNDANCY CHECK.
...
..

34
 D
j
...
...
D 5 A1. ... where the resulting aggregate has higher
...
DAA 5 DESIGNATED APPROVING ... sensitivity to security than the highest
...
AUTHORITY. ... sensitivity of the individual component.
...
... DATA AGGREGATION is best illustrated by
DAC 5 DISCRETIONARY ACCESS CONTROLS. ...
... looking at the aggregation of credit card
...
daemon process A PROCESS that runs ... purchases by an individual. Knowing a sin-
...
continuously in the background on a com- ... gle purchase by a credit card is not very in-
...
puter with no associated user, waiting for ... teresting or useful, but knowing a complete
... historical pattern about what, how, and
some event to occur or some condition to ...
... when a person buys things could be very
be true. DAEMON PROCESSES can provide ser- ...
... valuable.
vices and perform administrative functions. ...
...
Also called DEMON PROCESS. ...
data-driven attack An ATTACK that is
...
...
dangling threat Set of properties about ... triggered by the presence of a certain (pos-
...
the external environment for which there is ... sibly innocuous/inconspicuous) pattern in
...
no corresponding vulnerability and there- ... the data supplied to a program.
...
fore no implied risk. ...
... Data Encryption Standard CRYPTO-
dangling vulnerability Set of proper- ...
... GRAPHIC ALGORITHM designed for the protec-
ties about the internal environment for ...
... tion of UNCLASSIFIED data and published by
which there is no corresponding threat and, ...
... the NATIONAL INSTITUTE OF STANDARDS AND
therefore, no implied risk. ...
... TECHNOLOGY (U.S.) in FEDERAL INFORMATION
...
DARPA 5 DEFENSE ADVANCED RESEARCH ... PROCESSING STANDARD (FIPS) Publication 46.
...
PROJECTS AGENCY. ... The same binary key is used for ENCRYPTION
...
... and DECRYPTION. See also ADVANCED ENCRYP-
DASS 5 DISTRIBUTED AUTHENTICATION ...
... TION STANDARD.
SECURITY SERVICE. ...
... Figure D1 shows three stages: an initial
...
data aggregation The compilation of ... permutation stage, 16 steps of encryption,
...
individual data systems and data elements ... and a final permutation stage. Each of the
.

35
datagram
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

56 Bit Key

Generate Generate
round 1 round 16
keys keys

64 Bit Output
64 Bit Input

Round 1 Round 16

Initial Final
Permutation Permutation
.................................................... ...
... Corrobora-
FIGURE D1. An illustration of DES. ... data origin authentication
.................................................... ... tion that the source of data is as claimed.
...
...
... data security The protection of data
...
... from unauthorized (accidental or inten-
16 steps operates on 48 of the 56 bits of ...
... tional) modification, destruction, disclo-
the DATA ENCRYPTION STANDARD (DES) key. ...
... sure, or denial of service.
...
NOTE : FIPS Publication 46-3 (October 1999) ...
specifies two CRYPTOGRAPHIC algorithms, the ... data transfer device Fill device de-
...
D ATA E NCRYPTION S TANDARD (DES) and ... signed to securely store, transport, and
...
the Triple Data Encryption Standard (TDEA). ... transfer electronically both COMSEC and
...
Details of FIPS 46-3 and these standards are ... TRANSEC keys, designed to be backward
...
available at http://csrc.nist.gov/publications/fips/ ... compatible with the previous generation
fips46-3/fips46-3.pdf. ...
... of COMSEC common fill devices, and
...
datagram 5 INTERNET DATAGRAM. ... programmable to support modern mission
...
... systems.
data integrity Condition when data is ...
...
unchanged from its source to destination. ... DCE 5 DISTRIBUTED COMPUTING
...
... ENVIRONMENT.
data link layer The OSI layer that is re- ...
... DDoS 5 DISTRIBUTED DENIAL OF SERVICE.
sponsible for data transfer across a single ...
...
physical connection, or series of bridged ...
...
decertification The revocation of the
connections, between two network entities. ...
...
CERTIFICATION of an IS item or equipment for
See also ISO OSI. ...
...
cause.
.

36
 dependability
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
decipher To DECRYPT. To transform CI- .... Defense Information Infrastructure
....
PHERTEXT to PLAINTEXT. Deciphering is a nar- ... Connects U.S. DoD mission support, com-
...
rower term than decrypting. ENCIPHERMENT ... mand and control, and intelligence com-
...
specifically uses a CIPHER, whereas ENCRYP- ... puters. It is an interconnected system of
... computers, communications, data applica-
TION can use any means of concealment of ...
... tions, people, training, and other support
data. ...
... structures serving the DoDs needs.
...
decode To convert encoded text to ...
...
PLAINTEXT. ... degaussing Procedure that reduces the
...
... magnetic flux to virtually zero by applying
decryption To undo the ENCRYPTION ...
... a reversing magnetic field. Also called
process. ...
... demagnetizing.
...
dedicated mode IS security mode of ...
... delegated accrediting authority 5
operation wherein each user with direct or ...
... DESIGNATED APPROVING AUTHORITY.
indirect access to the system, its peripher- ...
...
als, remote terminals, or remote hosts has ... delegated development program
...
all of the following: (a) valid security ... INFOSEC program in which the director
...
CLEARANCE for all information within the ... of the NATIONAL SECURITY AGENCY delegates,
...
system; (b) formal access approval and ... on a case-by-case basis, the development
...
signed nondisclosure agreements for all ... and/or production of an entire telecommu-
...
the information stored and/or processed ... nications product, including the INFOSEC
...
(including all compartments, subcompart- ... portion, to a lead department or agency.
...
ments, and/or special access programs); ...
..
and (c) a valid need-to-know for all infor- ..... delegation Giving some of your rights
... to another person or process.
mation contained within the IS. When in ....
dedicated security mode, a system is specif- ..... demon dialer A system that can be pro-
...
ically and exclusively dedicated to and ... grammed to repeatedly dial the same
.
controlled for the processing of one partic- ..... phone number or a list of phone numbers.
...
ular type or CLASSIFICATION of information, ...
.
either for full-time operation or for a spec- ..... demon process 5 DAEMON PROCESS.
...
ified period of time. ...
... denial of service attack An ATTACK
...
default classification Temporary CLASSI- ... made on a computer system that denies a
...
FICATION reflecting the highest CLASSIFICATION ... victims access to a particular service. The
..
being processed in an IS. DEFAULT CLASSIFICA- ..... victim may be a single server, multiple
...
TION is included in the caution statement ... servers, a router, or a network of comput-
...
affixed to an object. ... ers. Examples of DENIAL OF SERVICE (DOS)
...
... ATTACK include e-mail bombing and TCP
Defense Advanced Research Projects ...
... SYN flooding, where an intruder sends a
Agency A central research and develop- ...
... sequence of connection requests, that are
ment organization for the Department of ...
... TCP messages with SYN bit set to the tar-
Defense (DoD). This U.S. government ...
... get system to overflow the available buffer
agency funded ARPANET. More details ...
... space.
about DEFENSE ADVANCED RESEARCH PROJECTS ...
...
AGENCY (DARPA) are available at http:// ... dependability Defined with respect to
...
www.darpa.mil. ... some set of properties, a measure of how
...

37
dependence
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
or whether a system can satisfy those ... and above (as defined in the Orange Book,
...
properties. ... U.S. Department of Defense TRUSTED COM-
...
... PUTER SYSTEM EVALUATION CRITERIA, DoD
dependence A subject is said to depend ...
... 5200.28-STD), whose primary purpose is
on an object if the subject may not work ...
... to define and describe the properties of a
properly unless the object (possibly an- ...
... system. As it relates to TCSEC, design
other subject) behaves properly. One sys- ...
... documentation provides an explanation of
tem may depend on another system. ...
... how the security policy of a system is
...
depot maintenance 5 FULL ... translated into a technical solution via the
...
MAINTENANCE.
... TRUSTED COMPUTING BASE (TCB) hardware,
...
... software, and firmware.
derf Unauthorized and malicious use of ...
...
a terminal or a console that has been left ... dial back Synonymous with CALL BACK.
...
unattended and a user has not logged off ...
... dictionary attack An attempt to break a
from a terminal or the console. ...
... system or guess a password or a key by us-
...
... ing a dictionary of common keys.
DES 5 DATA ENCRYPTION STANDARD. ...
...
... DiffieHellman key exchange A
descriptive top-level specification ...
... method of establishing a shared key over
TOP-LEVEL SPECIFICATION written in a natural ...
. an insecure medium. This public-key algo-
language (e.g., English), an informal design .....
... rithm was first published in a seminal pa-
notation, or a combination of the two. DE- ...
... per [WD76b] by W. Diffie and M.E.
SCRIPTIVE TOP-LEVEL SPECIFICATION, required for ...
... Hellman. This algorithm depends for its
a class B2 or B3 (as defined in the ORANGE ...
... effectiveness on the difficulty of computing
BOOK, DEPARTMENT OF DEFENSE TRUSTED COM- ...
... discrete logarithms. A typical scenario us-
PUTER SYSTEM EVALUATION CRITERIA, DOD ...
... ing DIFFIEHELLMAN KEY EXCHANGE is given in
5200.28-STD) information system, com- ...
... Figure D2 (a), and an outline of the algo-
pletely and accurately describes a TRUSTED ...
... rithm is given in Figure D2 (b). Because
COMPUTING BASE. See also FORMAL TOP-LEVEL SPECI- ...
... XA and XB are private, a potential attacker
FICATION. ...
... has only p, , YA , and YB , and the attacker
...
designated accrediting authority 5 ... has to take discrete logarithms to find the
...
DESIGNATED APPROVING AUTHORITY. ... key.
...
... digest A unique message fingerprint gen-
designated approving authority Offi- ...
... erated using a mathematical hash function.
cial with the authority to formally assume ...
... Synonyms are HASH, MESSAGE HASH, and
responsibility for operating a system at an ...
... MESSAGE DIGEST.
acceptable level of risk. This term is syn- ...
...
onymous with DESIGNATED ACCREDITING AU- ... Digital Millennium Copyright Act DIGI-
...
THORITY and DELEGATED ACCREDITING AUTHORITY. ... TAL MILLENNIUM COPYRIGHT ACT (DMCA) im-
...
... plements the two World Intellectual Prop-
design controlled spare part Part or ...
.. erty Organizations (WIPO) treaties, the
subassembly for COMSEC EQUIPMENT or de- .....
. WIPO copyright treaty and the WIPO
vice with an NSA (U.S.) controlled design. .....
... Performances and Phonograms Treaty. It
...
design documentation Set of docu- ... was signed into law on October 28, 1998.
...
ments, required for TRUSTED COMPUTER SYS- ... DMCA provides provisions related to the
...
TEM EVALUATION CRITERIA (TCSEC) classes C1 ... circumvention of copyright protection sys-
...

38
 Digital Millennium Copyright Act
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
User A User B

Generate random Generate random

XA  p XB  p

(1)

XA
YB
 XB mod p
YA
YA
 mod p
YB

(2)
XA XB
K
(YB ) mod p K
(YA ) mod p

(a)

User A and User B wish to exchange key

Global Public Key

There are two publicly known numbers, a prime number p and an integer .
< p and is a primitive element of p.

User A Key Generation

User A selects a private key XA XA < p

Calculate Public key YA YA = XA mod p

User B Key Generation

User A selects a private key XB independent of A XB < p

Calculate Public key YB YB = XB mod p

Each side keeps the X value private and makes the Y value publicly
available to the other side. Both A and B now compute key K (see below),
and this key K is identical for both users.

Generation of Secret Key by User A and User B

User A Secret Key User B Secret Key
K = (YB ) XA mod p K = (YA ) XB mod p

(b)
.................................................................................................................
FIGURE D2. (a) A protocol showing use of DiffieHellman key exchange. (b) DiffieHellman algorithm.
.................................................................................................................

39
Digital Music Access Technology
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ..
tems, fair use in a digital environment, and ..... matical scheme while electronic signatures refer to
... schemes linking documents to a (legal) person.
online service provider (OSP) liability. It ...
.
creates two new prohibitions in Title 17 of ..... Digital Signature Algorithm A public-
...
the U.S. code related to circumvention of ...
... key algorithm developed by the National
technological measures used by copyright ...
... Security Agency (U.S.) and based on the
owners to protect their work and on tam- ...
... ElGamal signature scheme for producing a
pering with copyright management infor- ...
. digital signature.
mation. It adds civil remedies and criminal .....
...
penalties for violations. ... Digital Signature Standard A U.S.
.
The bill provides exceptions to prohibi- ..... government standard based on the DSA,
.
tions in the bill for law enforcement, intel- ..... RSA, and ECDSA.
...
ligence, and other governmental activities, ...
... DII 5 DEFENSE INFORMATION
and there are six additional exceptions: ...
... INFRASTRUCTURE.
nonprofit, library, archive and educational ...
...
institution exception, reverse engineering, ...
... directory service A service provided on
encryption research, protection of minors, ...
... a computer network that allows one to
personal privacy, and security testing. ...
... look up addresses (and perhaps other in-
...
... formation such as CERTIFICATES) based on
NOTE : The U.S. Copyright Office Summary of the ...
Digital Millennium Copyright Act of 1998 is avail- ... names or other attributes.
...
able from http://lcweb.loc.gov/copyright/legislation/ ...
... direct shipment Shipment of COMSEC
dmca.pdf. This memorandum provides an overview of ...
... MATERIAL directly from NSA (U.S.) to user
the laws provisions and briefly summarizes each of ...
... COMSEC ACCOUNTS.
the five titles of the DMCA. ...
...
... disaster recovery plan 5 CONTIN-
...
Digital Music Access Technology The ... GENCY PLAN.
...
DIGITAL MUSIC ACCESS TECHNOLOGY (DMAT) ...
...
is a trademark for products that were de- ... discrete logarithm problem A discrete
...
veloped with SDMI specifications. ... logarithm is the inverse arithmetic opera-
...
... tion of modular exponentiation, that is,
.
digital signature A block of data that is .... finding x where ax b modulo n. Public
...
appended to a message and used to ensure ... key CRYPTOSYSTEMS use the fact that modu-
...
message originator authenticity, integrity, ... lar exponentiation is a computationally
...
and to provide NONREPUDIATION. Signature ... easy problem, and finding x (discrete log-
...
creation takes as its input the message and .... arithm) is a computationally hard prob-
a private signature key and generates a sig- ..... lem. The DiffieHellman algorithm uses
...
nature. The verification algorithm takes as .... discrete logarithms to define public and
its input the message (unless a scheme with ..... private key pairs.
...
message recovery is used), the signature, ....
... discretionary access controls ACCESS
and a public verification key, and returns ...
... CONTROL model, where access rights to the
an accept/reject answer. ...
... system resources are defined for each user
...
NOTE : The common explanation of signing as en- ... of the system. Most commonly used form
...
cryption with the private key is misleading and ... is ownership based, where the owner of a
...
would at best fit RSA signatures. A convention is ... resource can decide who can access this re-
...
emerging whereby digital signatures refer to the mathe- ... source and at what mode. Outside the
...

40
 DNS spoofing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

Login certificate, A, authenticator

Node 1 Timestamp encrypted by Node 1 Node 2

Public Encryption key (if mutual
authentication)

- A is the encrypted signed Public Key for Node 1

.................................................... ...
... Distributed Computing Environment
FIGURE D3. Illustration of a DASS ...
...
AUTHENTICATION. ... A group of programs and protocols stan-
.................................................... ... dardized by the Open Software Founda-
...
... tion built atop a cryptographically pro-
...
... tected REMOTE PROCEDURE CALL protocol.
...
military environment, they are usually sim- ...
...
ply referred to as ACCESS CONTROLS. ... distributed denial of service A DENIAL
...
... OF SERVICE ATTACK that is simultaneously ac-
distinguished name Globally unique ...
... tivated from many different points on a
identifier representing an individuals ...
... network. These points of origin may be
identity. ...
... geographically widespread. The combined
...
Distributed Authentication Security ... effect of these attacks is potentially more
...
Service DISTRIBUTED AUTHENTICATION SECU- ... devastating than a DENIAL OF SERVICE ATTACK.
...
RITY is a PUBLIC KEY-based AU-
SERVICE (DASS) ...
THENTICATION protocol developed at Digital ... DMAT 5 DIGITAL MUSIC ACCESS
...
Equipment Corporation and documented ... TECHNOLOGY.
...
...
in RFC 1507. See Figure D3. ... DMCA 5 DIGITAL MILLENNIUM COPYRIGHT
...
DASS is an architecture; the actual ... ACT.
...
product name based on DASS is SPX (pro- ...
... DNS 5 DOMAIN NAME SYSTEM.
nounced SPHINX). In the DASS architecture, ...
...
a certification hierarchy follows a naming ...
... DNSSEC The protocol DNSSEC provides
hierarchy. One CA is responsible for one ...
... security extensions to the DNS to assure
or more nodes in the naming hierarchy. A ...
... data integrity or AUTHENTICATION. DNSSEC
CA may sign for parents and children may ...
... provides data integrity and authentication
also cross certify, allowing one CA to sign ... services to security-aware resolvers or ap-
...
a certificate for another CA. ... plications through the use of CRYPTOGRAPHIC
...
DASS uses X.509 syntax for certificates ...
... digital signatures. Security can be provided
and uses a CERTIFICATE DISTRIBUTION CENTER ... even through non-security-aware DNS serv-
...
(CDC) for the distribution of certificates. ...
... ers in many cases. See RFC 2065 for more
This system stores certificates and en- ...
... details of this protocol.
crypted private keys. To get the encrypted ...
...
private keys, a password-based AUTHENTICA- ... DNS spoofing Assuming the DNS name
...
TION exchange is required. ... of another machine with malicious intent.
...

41
DoD Trusted Computer System Evaluation Criteria
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
User
www.LaTech.edu
2
1
www.LaTech.edu
Name Server Web browser
138.47.18.167
4
3 (a)

TCP

IP

Louisiana Techs
Root Server DNS Server
.edu LaTech.edu
A DNS
Request for
(b)
www.latech.edu
User
Internet
www.LaTech.edu
Web Server
.................................................... ...
...
FIGURE D4. An example illustrating DOMAIN ... Domain Name System The naming
...
NAME SYSTEM. ... convention defined in RFC 1003. DOMAIN
.................................................... ...
... NAME SYSTEM names are often referred to as
...
... Internet addresses of Internet names. In
...
... Figure D4, a user types in a Web site ad-
DNS SPOOFING may be done by either cor- ... dress through a browser. The browser then
...
rupting the cache of a system or by com- ... engages the name server to translate this
...
promising the DNS of a valid DOMAIN. ... Web site name into a host address. The
...
... numbers 1 through 4 show the sequence
DoD Trusted Computer System Evalua- ...
...
tion Criteria Document containing the ... of steps before the address goes to the
...
basic requirements and evaluation classes ... TCP/IP protocol. This procedure is fol-
...
for assessing the degrees of effectiveness of ... lowed for each session of requests, re-
...
hardware and software security controls ... sponses, and transfers.
...
built into an IS. This document, DoD ...
... NOTE : For security extensions to DNS, see
5200.28 STD, is frequently referred to as ...
... DNSSEC.
the ORANGE BOOK. ...
...
...
domain In the Internet, a part of the ... dominate Term used to compare IS se-
...
naming hierarchy. Syntactically, an internet ... curity levels. Security level S1 is said to
...
system domain name consists of names ... dominate security level S2 if the hierarchi-
...
(labels) separated by periods (dots), e.g., ... cal CLASSIFICATION of S1 is greater than or
...
tundra.mpk.ca.us. ... equal to that of S2 and the nonhierarchical
...

42
 dynamic web page
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
categories of S1 include all those of S2 as ... Transferring in the reverse direction is
...
a subset. ... called uploading. This view assumes the
...
... network at the top and the individual com-
dongle A hardware component that typi- ....
... ponent at the bottom.
cally attaches to a PCs parallel port (on a ....
...
Macintosh computer it attaches to the ... drop accountability Procedure under
ADB port) to control access to an applica- ..... which a COMSEC ACCOUNT custodian ini-
...
tion on a computer. .... tially receipts for COMSEC MATERIAL and
...
... then provides no further accounting for it
DoS 5 DENIAL OF SERVICE ATTACK. ...
... to its central office of record. Local AC-
...
DOS Disk Operating System (as in MS- ... COUNTABILITY of the COMSEC MATERIAL may
...
DOS for personal computers). ... continue to be required. See also ACCOUNTING
...
... LEGEND CODE.
dotted decimal notation The syntactic ...
representation of a 32-bit integer that con- ..... DSA 5 DIGITAL SIGNATURE ALGORITHM.
....
sists of four 8-bit numbers written in base ...
... DSS 5 DIGITAL SIGNATURE STANDARD.
10 with periods separating them. Used to ...
represent IP addresses in the Internet, such ..... DTD 5 DATA TRANSFER DEVICE.
....
as 192.67.67.20. ...
... dynamic web page Contents in a DY-
...
download To transfer information such ... NAMIC WEB PAGE are based on a users re-
...
as a file or data over a network from a re- ... quest and can be dynamically generated by
mote system to a local device, usually disk. ..... a program, for example by a CGI script.
...
..

43
 E
j
...
...
eavesdrop Passive attack where the at- ... and repository, and (5) collaborative partner
...
tacker listens in on a conversation without ... agreements. For more details, see the infor-
...
the knowledge or consent of the communi- ... mation at http://www.ebXML.org.
cating parties. ...
...
... ECB 5 ELECTRONIC CODE BOOK.
...
EBCDIC 5 EXTENDED BINARY CODE DECI- ...
... ECC 5 ELLIPTIC CURVE CRYPTOGRAPHY.
MAL INTERCHANGE CODE. ...
...
... ECDSA 5 ELLIPTIC CURVE DIGITAL SIGNA-
ebXML A set of specifications initiated ...
... TURE ALGORITHM.
by the United Nations (UN/CEFACT) ...
...
and OASIS to provide an electronic busi- ... ECHELON A commonly used term, very
...
ness framework. These specifications are ... hot in European politics, refers to an auto-
...
the forerunner of the EDI (Electronic Data ... mated global interception and relay system
...
Interchange) standard. These specifica- ... supposed to be operated by the intelligence
...
tions are meant for global use and are ... agencies of the United States, the United
...
based on public standards like HTTP, ... Kingdom, Canada, Australia, and New
...
TCP/IP, MIME, UML, and XML. EBXML ... Zealand. There is no official confirmation
...
is a programming language and is ... of the existence of ECHELON, and the fol-
...
computing-platform-independent. ... lowing information is speculative. A secret
...
These specifications are modular, and ... listening agreement, called UKUSA (UK-
...
each specification set can be implemented ... USA), assigns parts of the globe to each
...
as stand-alone and individually or may ... participating agency. It is suggested that
...
be combined in many ways by businesses ... ECHELON is capable of intercepting and
...
and organizations following the EBXML ... processing many types of transmissions
...
standard. ... throughout the globe and may intercept as
...
The technical specifications of EBXML ... many as 3 billion communications every
...
consist of five main areas: (1) business pro- ... day, including phone calls, e-mail messages,
...
cesses and information model, (2) company ... Internet downloads, satellite transmissions,
...
profile, (3) messaging services, (4) registry ... and so on (Kevin Poulsen, Echelon Re-
.

45
EDE
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
vealed, ZDTV, June 9, 1999). More de- ... electronic wallet Software that pro-
..
tails are available at http://www.aclu.org/ ..... cesses, stores, and provides access to card-
...
echelonwatch/. ... holders financial information, including
...
... credit card data and digital account IDs.
EDE 5 ENCRYPT/DECRYPT/ENCRYPT. ...
...
... electronic warfare Use and control of
EES 5 ESCROW ENCRYPTION STANDARD. ...
... electromagnetic spectrum for military pur-
...
EGP 5 EXTERIOR GATEWAY PROTOCOL. ... poses to conduct warfare or ATTACK or de-
...
... fend against an ADVERSARY.
EKMS 5 ELECTRONIC KEY MANAGEMENT ...
... ElGamal A PUBLIC KEY CRYPTOGRAPHIC sys-
SYSTEM. ...
... tem whose security depends on the diffi-
...
electronically generated key A key ... culty of computing discrete logarithms. It
...
generated by the mechanical or electronic ... is best known for its method of computing
..
introduction of a seed key into a COMSEC ..... DIGITAL SIGNATURES, though the specification
.
device. The desired key is produced by us- ..... includes a technique for encryption as well.
...
ing the seed key and a software algorithm ... Named after its inventor Taher ElGamal.
...
contained in the device. ...
... elliptic curve cryptography PUBLIC KEY
...
electronic code book A method of us- .... CRYPTOGRAPHY systems whose security is
.
ing a block encryption scheme to encrypt a ..... based on the intractability of the ELLIPTIC
...
large message. It is the most straightfor- ... CURVE DISCRETE LOGARITHM problem.
...
ward method, consisting of independently ... elliptic curve digital signature
...
ENCRYPTING each PLAINTEXT block. ... algorithm The elliptic curve analogue of
...
... DSA that has been standardized by ANSI,
Electronic Digital Signature Act 5 ...
... IEEE, and NIST.
E-SIGN ACT. ...
...
... elliptic curve discrete logarithm A
Electronic Signature Directive A Euro- ...
. computationally harder variant of the dis-
pean Union (EU) directive stipulating that .....
... crete logarithm problem. Systems that use
electronic signatures should become as le- ...
... ELLIPTIC CURVE DISCRETE LOGARITHM can use
gally valid as handwritten signatures. The ...
... smaller key sizes to provide the same level
directive is being implemented in the na- ...
... of computational security as systems based
tional laws of EU member states. ...
... on the discrete logarithm problem.
...
Electronic Key Management System ...
... emanations Electrical and electromag-
The U.S. governments group of systems ...
... netic signals emitted from electrical equip-
being developed to automate electronic key ...
... ment and transmitted through the air or
generation, distribution, use, destruction, ...
. another conductor. Also called EMISSIONS.
etc., and to manage other COMSEC MATERIAL. .....
... embedded computer Computer system,
...
electronic messaging services ... usually a microprocessor-based component,
...
Interpersonal messaging services meeting ... that is part of a larger special-purpose sys-
...
specific requirements that make them ap- ... tem. For example, airplanes, cars, GPS re-
...
propriate for conducting official govern- ... ceivers, and videocassette recorders contain
...
ment business. ... embedded computer systems.
...
...
electronic signature 5 DIGITAL ... embedded cryptographic system
...
SIGNATURE. ... CRYPTOSYSTEM whose task is to perform a
...
.

46
 entity
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
function that is a crucial element of a ... on the resulting CIPHERTEXT, and finally EN-
...
larger system or subsystem. ... CRYPT the result with either the first key
...
... used or a third key. This method has the
embedded cryptography CRYPTOGRA- ...
... advantage that it is backward compatible
PHY engineered into a system that is not ...
... with systems using only one key, by using
typically CRYPTOGRAPHIC. ...
... three copies of the same key.
...
emissions 5 EMANATIONS. ...
... encryption algorithm Series of steps
...
emissions security Protection designed ... that uses a key to transform the data so
...
to deny unauthorized persons information ... that the original data is rendered unintelli-
...
derived from the interception and analysis ... gible to anyone without the appropriate DE-
...
of COMPROMISING EMANATIONS from com- ... CRYPTION key.
...
puters, monitors, printers, and other infor- ..... end-item accounting Accounting for all
...
mation technologies. ...
... the accountable components of a COMSEC
...
encapsulating security payload A ... EQUIPMENT configuration by a single short
.
part of the IPsec virtual private networking ..... title.
...
protocol used to provide AUTHENTICATION, ...
... endorsed for unclassified crypto-
CONFIDENTIALITY, or integrity in an IP data- ... graphic item Unclassified CRYPTOGRAPHIC
...
gram packet. See RFC 2406. See also INTER- ... EQUIPMENT that has a U.S. government clas-
...
NET PROTOCOL SECURITY. ... sified CRYPTOGRAPHIC LOGIC and is endorsed
...
... by the NSA (U.S.) for the protection of
encapsulation The technique used by ...
... national security information. See also TYPE 2
layered protocols in which a layer adds ...
... product.
header or trailer information to the data. ...
...
For example, a packet would contain a ... endorsement NSA (U.S.) approval of a
..
header from the physical layer, followed by ..... commercially developed product to safe-
...
a header from the network (IP), followed ... guard national security information.
.
by a header from the transport layer (TCP), .....
... end system A system that contains ap-
followed by the application protocol data. ...
... plication processes capable of communicat-
...
encipher To ENCRYPT. To transform ... ing through all seven layers of TCP/IP pro-
...
PLAINTEXT into CIPHERTEXT using an algorithm ... tocols. Equivalent to Internet host.
...
and secret key. See Figure C5 (cipher ...
... end-to-end encryption A type of EN-
feedback). ...
... CRYPTION in which a message is ENCRYPTED
...
encode To convert PLAINTEXT to CIPHERTEXT. ... from point of origin to point of destina-
...
.. tion. See Figure E1.
encrypt To scramble information so that ....
..
only someone knowing the appropriate key ..... end-to-end security Securing informa-
...
can obtain the original information ... tion in an IS from point of origin to point
...
(through DECRYPTION). ... of destination.
...
...
encrypt/decrypt/encrypt A method of ... entity OSI terminology for a layer proto-
...
making a secret key scheme more secure ... col machine. An entity within a layer per-
...
using multiple keys. The technique is to ... forms the functions of the layer within a
...
first ENCRYPT the message with one key, ... single computer system, accessing the layer
...
then do a DECRYPTION with a different key ... entity below and providing services to the
...

47
entrapment
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Node 1 Node 2 Node 3 Node 4

P P
E1 D1
Link 1 Link 2 Link 3

.................................................... ...
...
FIGURE E1. End-to-end encryption. ... contracts and consent to receiving records
.................................................... ...
... over the Internet. Some notices, such as
...
... evictions, health insurance lapses, etc., must
...
... still come in the form of paper. The legis-
...
layer entity above at local service access ... lation does not prescribe any particular
...
points. ... technology to verify an electronic signature;
...
... security protocols can be as simple as a
entrapment Deliberate insertion of flaws ...
... password or may consist of emerging new
in an IS for the purpose of detecting sabo- ...
... technologies, such as thumbprint scanners.
tage attempts. ...
... This act will advance e-commerce by fi-
...
environment Conglomeration of exter- ... nalizing sales via computers. For example,
...
nal factors that affect the development, ... consumers who shop online for a new car
...
operation, and maintenance of an IS. ... or a home mortgage can seal the deal over
...
... their computers.
EPL 5 EVALUATED PRODUCTS LIST. ...
...
... ESP 5 ENCAPSULATING SECURITY PAYLOAD.
erasure Process intended to render ...
...
stored data irretrievable by normal means. ...
... Ethernet A widely used local area net-
... work technology invented at the Xerox
escrow To hold something in safe- ...
...
keeping. ... Corporation Palo Alto Research Center.
... The medium is a passive coaxial cable and
...
Escrow Encryption Standard U.S. ... uses CSMA/CD access technology. Ethernet
...
government standard for telephone com- ...
... now refers to the whole family of IEEE
munications specifying the Skipjack EN- ...
... 802 standards: thin Ethernet, thick Ether-
CRYPTION algorithm and support for the ... net, wireless Ethernet, fast Ethernet.
...
LAW ENFORCEMENT ACCESS FIELD (LEAF). The ...
...
LEAF allows DECRYPTION in government- ... Euclidean algorithm An algorithm to
...
authorized wiretaps. ... find the GREATEST COMMON DIVISOR of two
...
... numbers. It can also be used to compute
escrow service An independent party ...
... multiplicative inverses in modular arith-
who keeps something (usually an auction ...
... metic.
buyers payment) until the buyer receives ...
...
the appropriate item from the seller. ..
... Evaluated Products List Equipment,
... hardware, software, and/or firmware evalu-
E-Sign Act The U.S. Federal Electronic ...
... ated by the NATIONAL COMPUTER SECURITY
Signature in Global and National Com- ...
... CENTER (NCSC) in accordance with DoD
merce Act, gives the electronic signature and ...
... (U.S.) TCSEC and found to be technically
Internet-conveyed record the same legal ...
... acceptable.
standing as a pen-and-paper document. To ...
...
be legally binding, this act requires con- ...
... NOTE : Many countries maintain EPLs, for exam-
sumers to agree to electronically signed ... ple the latest EPL for Defense Signal Directorate of
...
..

48
 extraction resistance
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
Australia is available at http://www.dsd.gov.au/ ... tem that takes a single message addressed
...
infosec/aisep/EPL.html. The U.S. EPL by vendor ... to a distribution list and turns it into
...
and by class are available at http://www.radium. ... many mail messages to the individual
ncsc.mil/tpep/epl/. The United Kingdom list of ...
... recipients.
evaluated products is available at http://www.itsec. ...
...
gov.uk/. ...
... export Information transfer from one
...
event An occurrence that might affect .... system to another, usually from a trusted
the performance of an IS. .... to an untrusted system.
...
...
EW 5 ELECTRONIC WARFARE. ... Extended Binary Code Decimal Inter-
...
... change Code A code developed by IBM
executive state An operational state of ...
.... for encoding letters, numerals, and punctu-
an IS in which certain privileged instruc- ...
... ation marks as numbers. Now rendered al-
tions may be executed. Synonymous with ...
... most obsolete by ASCII and UNICODE.
SUPERVISOR STATE. ...
...
... Exterior Gateway Protocol A reach-
exercise key Key whose sole function is ...
... ability routing protocol used by gateways
to safeguard communications transmitted ...
... in a two-level internet. EXTERIOR GATEWAY
through the air during military or orga- ...
... PROTOCOL (EGP) is used in the Internet
nized civil training exercises. ...
... core system. See also GATEWAY.
...
exploitable channel Channel in which ...
...
it is possible to violate the security policy ... External Data Representation A stan-
...
of an IS and that can be used or detected ... dard for machine-independent data struc-
...
outside of the TRUSTED COMPUTING BASE. See ... tures developed by Sun Microsystems.
...
also COVERT CHANNEL. ... Similar to ASN.1.
...
...
exploder (1) A system to expand an ... extraction resistance Capability of
...
item (usually many items are combined to ... CRYPTO-EQUIPMENT or secure telecommunica-
...
form a single item) into its components. ... tions equipment to resist efforts to extract
...
(2) Component of an electronic mail sys- ... a key.
...
.

49
 F
j
...
...
fail safe Property of a system in which ... also applies to biometric AUTHENTICATION and
...
any failure will leave the system in a safe ... other measurement processes. In AUTHENTICA-
...
state. The system may not operate, but it ... TION, a FALSE NEGATIVE means that a legiti-
will not be in an unsafe state. When hard- ...
... mate user is not AUTHENTICATED correctly.
ware or software failure is detected, pro- ...
...
... false positive (1) In INTRUSION DETEC-
grams and processing systems are automati- ...
... TION, when a system falsely issues an ALERT,
cally protected. ...
... treating a legitimate action as a system in-
fail secure Property of a system in ...
... trusion. (2) In BIOMETRIC authentication,
which any failure will leave the system in a ...
... when a user is wrongly accepted as legiti-
secure state. The system may not operate, ...
... mate.
but it will not be in an insecure state. ...
...
... NOTE : In BIOMETRIC authentication, a false
fail soft Selective termination of affected ...
... positive is worse than a false negative because it means
unnecessary processing when it has been ...
... that a person has been positively AUTHENTICATED
determined that hardware or software is ... who should not have been.
...
about to fail. ...
...
... Federal Information Processing
failure access Unauthorized access ... Standard One of a series of U.S. gov-
...
to data after the failure of hardware or ... ernment documents developed by NIST
...
software. ... specifying a standard of various aspects of
...
... data processing, including the DATA ENCRYP-
failure control Method of detecting ...
... TION STANDARD (DES) and the ADVANCED EN-
when hardware or software is about to fail ...
... CRYPTION STANDARD (AES).
and providing FAIL SAFE or FAIL SOFT recovery. ...
...
...
false negative (1) In INTRUSION DETEC- ... Federal Internet Exchange Points FED-
...
TION,when a system does not issue an ALERT ... ERAL INTERNET EXCHANGE POINT (FIX)
is a BGP
...
on intrusion because based on the internal ... peering point between federal (U.S.) and
...
monitoring procedures, the intrusion action ... commercial networks. Used by the U.S.
...
appears to be nonintrusive. (2) The term ... government to exchange data primarily
.

51
fetch protection
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ..
from the military network and NASA Sci- ..... firewall Systems that act as a GATEWAY
...
ence net to the Internet. ... between two networks to enforce an access
...
... policy. This may be hardware or software
fetch protection Restriction provided by ...
... to enforce a boundary between networks.
IS hardware to prevent one users program ...
... The purpose of a firewall is to prevent un-
from gaining access to data in another ...
... authorized access to networks and com-
users segment of storage. ...
... puter systems.
...
file protection Collection of processes ...
... firmware A program recorded in perma-
and procedures that prohibit unauthorized ...
access, CONTAMINATION, elimination, modifi- ..... nent or semipermanent computer memory.
.
cation, or destruction of a file or any of its ..... FIRST 5 FORUM OF INCIDENT RESPONSE
...
contents. ... AND SECURITY TEAMS.
...
...
file security Method of limiting access ... fishbowl A monitoring technique in
...
to computer files to authorized users only. ... which a user under surveillance is con-
...
... tained and isolated in a system to gain in-
File Transfer Protocol The Internet ...
... formation about the user. See also HONEY POT.
protocol used to transfer files between ...
...
hosts. FILE TRANSFER PROTOCOL (FTP) is an ...
... FIX 5 FEDERAL INTERNET EXCHANGE
application-level protocol, which uses two ...
... POINTS.
parallel TCP connections: (1) control con- ...
...
nection and (2) data connection, for file ... fixed COMSEC facility COMSEC FACILITY
...
transfer. Control connection is used to ... in an immobile structure or on a ship.
...
send control information between the two ...
... flaming Sending a nasty message across
hosts. A data connection is established ...
... the Internet.
only when the user requests a file transfer ...
...
to and from the server. See Figure F1. ... flaw Error in an IS that may allow a
...
... breach of security.
fill device COMSEC device that transfers ...
...
or stores a key in electronic form or that ... flaw hypothesis methodology System
...
inserts a key into CRYPTO-EQUIPMENT. ... analysis and penetration technique in
...
... which a list of hypothetical flaws is created
filter (1) To sift through messages or ...
data. For example, filters are applied at the ..... based on the analysis of the specification
... and documentation for an IS. This list is
IP layer to block any kind of traffic from ...
.
or to an IP address. (2) Software that auto- ..... prioritized on the basis of the estimated
.
matically blocks e-mail messages sent from ..... probability that a flaw exists, on the ease
... of removing the flaw, and on the amount
preset addresses or about certain subjects. ...
... of control or compromise the removal
...
fingerprint system A BIOMETRIC system ... would provide. This list is used to perform
...
in which a fingerprint pattern is matched ... penetration testing of a system.
...
with a stored pattern or a template for ...
...
AUTHENTICATION. ... flooding Insertion of a large quantity of
...
. data that may result in a denial of service.
FIPS 5 FEDERAL INFORMATION PROCESSING ....
... In Figure F2, node A sends packets to all
STANDARD. ...
... lines that it is connected to (node B and
...
FIREFLY Protocol of key management ... node D) in an uncontrolled fashion. The
...
based on PUBLIC KEY CRYPTOGRAPHY. ... excess packets result in a DENIAL OF SERVICE
...

52
 formal top-level specification
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

FTP Client FTP Server

Application Application

Port Port
Port Port 20 21

Data Connection

Control Connection
....................................................
...
FIGURE F1. An example of an FTP session. ...
....................................................
...
... B G
...
...
...
...
ATTACK by clogging the lines and draining ...
...
the resources of nodes B and D. ... C
... A E
...
fork bomb A piece of code that recur- ...
...
sively spawns (forks) copies of itself. It ...
... F
very quickly proliferates to so many copies ... Data Packets D
...
that all the system resources are consumed. ... Nodes
...
... ....................................................
...
formal (1) Having a strict mathematical ... FIGURE F2. A is flooding both B and D with packets.
...
or logical basis. (2) Following a specific set ... ....................................................
...
of rules. ...
...
...
formal access approval Documented ...
...
approval by a data owner, which allows ...
...
formal security policy model A state-
others access to a particular category of ...
...
ment of a security policy that is mathemat-
information. ...
...
ically precise. Typically, a formal security
...
...
model defines what it means to be secure,
formal development methodology ... the initial state of the system, and how the
...
Development (of software) strategy that ... system changes state. In order for a system
...
meets design specifications. ... to be shown to be secure, the initial state
...
... and all possible subsequent states must be
formal proof A mathematical argument ...
... proven to remain secure.
that logically justifies each proof step and ...
...
proves a theorem or set of theorems. These ... formal top-level specification Top-
...
formal proofs provide A1 and beyond A1 ... level specification written in a FORMAL
...
assurance under the DOD TRUSTED COMPUTER ... mathematical language so that theorems
...
SYSTEM EVALUATION CRITERIA (ORANGE BOOK). ... can be hypothesized and formally proven.
...
.

53
formal verification
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
8 16 16 8
Beginning Ending
Header Body CRC
Sequence Sequence

.................................................... ...
...
FIGURE F3. An example of an HDLC frame. ... aim is to foster cooperation and coordina-
.................................................... ...
... tion in incident prevention, to prompt
...
... rapid reaction to incidents, and to promote
...
... information sharing among members and
formal verification Using FORMAL ...
the community at large. More informa-
...
PROOFS to show how the formal specifica- ...
tion is available at http://www.first.org.
...
tion of a system and a formal policy model ...
...
(design verification) or the formal specifi- ... fragmentation The process in which an
...
cation and its high-level program imple- ... IP DATAGRAM is broken into smaller pieces
...
mentation (implementation verification) are ... to fit the requirements of a given physical
...
compliant. ... network. The reverse process is termed reas-
...
... sembly. See also MAXIMUM TRANSMISSION UNIT.
form factor The outward appearance of ...
...
a function, for instance the number and ... frame The unit of transmission in a data
...
size of the input and the number and size ... link layer protocol. It consists of a data
...
of the outputs. In computing, this fre- ... link layer header followed by a packet. Fig-
...
quently refers to the shape and size of a ... ure F3 gives an example of an HDLC
...
piece of hardware; e.g., the form factor of a ... (High-Level Data Link Control) frame.
...
CD-ROM drive may be 5.25 inch drive ...
frequency hopping Repeated switching
...
bay compatible. ...
of frequencies to prevent unauthorized
...
...
FORTEZZA card A low-cost CRYPTO- ... interception or jamming during radio
...
GRAPHIC hardware implementation for digital ... transmission.
...
signature and encryption services for the ...
front-end security filter Security filter
...
desktop. The FORTEZZA crypto card was ...
kept separate from the rest of an IS to
...
developed by the U.S. NATIONAL SECURITY ...
protect system integrity. Synonymous with
...
AGENCY (NSA) and implements the key es- ...
... FIREWALL.
crow mechanism outlined in Federal Infor- ...
...
mation Processing Standard (FIPS)-185. ... FTP 5 FILE TRANSFER PROTOCOL.
...
The NSA will no longer implement the ...
full maintenance Complete diagnostic
...
FIPS and will implement the transition to ...
repair, modification, replacement and over-
...
key recovery. The FORTEZZA technology ...
haul of INFOSEC equipment, also known
...
provides CONFIDENTIALITY, AUTHENTICATION, ...
as DEPOT MAINTENANCE (U.S.). See also LIMITED
...
message integrity, and NONREPUDIATION. ...
MAINTENANCE.
...
Many commercial implementations of the ...
...
FORTEZZA card are now available. ... functional proponent 5 NETWORK
...
... SPONSOR.
Forum of Incident Response and ...
...
Security Teams This is a group of secu- ... functional testing A segment of security
...
rity practioners from government, commer- ... testing in which it is shown whether adver-
...
cial, and academic organizations who re- ... tised security mechanisms of an IS will
...
spond to COMPUTER SECURITY INCIDENTS. Its ... work under operational conditions.
..

54
 G
j
...
...
gateway A node connected to two or ... (Version 2) GSS-API definition is available
...
more administratively distinct networks ... in RFC 2078.
...
and/or SUBNETS to which hosts send DATA- ... GSS-API is also a part of the Open
...
GRAMS to be forwarded. The original Inter- ... Group Common Environment Specifica-
...
net term for what is now called ROUTER, or, ... tion. Complementary API, such as GSS-
...
more precisely, IP ROUTER. In modern us- ... IDUP specifies store-and-forward messag-
...
age, the terms gateways and application ... ing, negotiation facility for selection of a
...
gateways refer to systems that translate ... common mechanism shared between peers,
...
from some native format to another. Ex- ... and of individual underlying GSS-API
...
amples include X.400 to/from RFC 822 ... mechanisms. More details of GSS-IDUP
electronic mail gateways. See also ROUTER. ...
... are available in RFC 2479.
...
...
GCD 5 GREATEST COMMON DIVISOR. ...
... Global System for Mobile
...
Generic Security Service Application ... Communications GLOBAL SYSTEM FOR MO-
...
Programming Interface GENERIC SECU- ... BILECOMMUNICATIONS (GSM) is an open,
...
RITYSERVICE APPLICATION PROGRAMMING INTER- ... non-proprietary mobile telephone system
...
FACE (GSS-API) is a CRYPTOGRAPHIC APPLICA- ... that uses digital technology and time divi-
...
TION PROGRAMMING INTERFACE that specifies ... sion multiple access transmission methods
...
how applications, for example, communica- ... to provide international roaming capability.
...
tion protocols can securely handle session ... The same phone number can be contacted
...
communication, including AUTHENTICATION, ... seamlessly in more than 170 countries us-
...
data integrity, and data CONFIDENTIALITY. ... ing GSM. Addition of GSM satellite roam-
...
The GSS-API insulates applications from ... ing provides service access to areas where
...
the specifics of underlying mechanisms ... terrestrial coverage is not available.
...
making them portable. For example, ...
...
GSS-API implementations are built on ... NOTE : In 1982 the Conference of European Posts
...
varied secret-key and public-key technolo- ... and Telegraphs (CEPT) formed a study group called
...
gies. More information of the current ... the Groupe Special Mobile (GSM) to study and de-
.

55
granularity
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
velop a panEuropean public land mobile system. In ... greatest common divisor The largest
...
1989, the European Telecommunication Standards ... integer that evenly divides each of a set of
...
Institute (ETSI) took up the responsibilities of GSM ... integers.
and published (1990) the phase I of the GSM speci- ...
...
fications. Commercial service was started in mid- ... group A set of users in a system, each of
...
1991 and its use expanded. In addition to Europe, ... which might be given certain access rights
...
the standard is common to South Africa, Australia, ... by a security system.
...
and many Middle and Far East countries have chosen ...
... GSM 5 GLOBAL SYSTEM FOR MOBILE
GSM. The acronym GSM now stands for Global ...
System for Mobile telecommunications. More informa- ... COMMUNICATIONS.
...
tion about GSM in North America can be found at ...
... GSS-API 5 GENERIC SECURITY SERVICE
http://www.gsm-pcs.org/. Other information about ...
... APPLICATION PROGRAMMING INTERFACE.
GSM can be found at GSM association site at ...
...
http://www.gsmworld.com. ... guard Limits information exchange be-
...
... tween systems. A guard can be a special-
...
granularity The smallest level of clarity. ... ized type of firewall, typically designed to
The granularity of an ACCESS CONTROL MECH- ..... connect between two SYSTEM HIGH networks
....
ANISM refers to the smallest unit for which ... operating at different CLASSIFICATIONS or
...
individual ACCESS CONTROLS can be set. In a ... compartments. For example, a guard be-
...
database system, the ACCESS CONTROL granu- ... tween a secret network and a confidential
...
larity may be at the record level, or for a ... network will ensure that no secret infor-
more richly featured database, the GRANULAR- ..... mation is transmitted to the confidential
....
ITY may be at the individual field level. ... network.
...
..

56
 H
j
...
...
hacker (1) Someone who plays with ... hard copy key Printed key lists,
...
computers for the intellectual CHALLENGE. ... punched or printed key tapes, programma-
...
(2) Somebody who enjoys learning the de- ... ble read-only memories (PROM), or other
...
tails of systems and to stretch the capabili- ... physical material for keying.
...
ties of systems as opposed to people who ...
... hardwired key A key that is perma-
prefer to learn the necessary minimum to ...
... nently installed.
work on a system. (3) Someone who pene- ...
trates security controls or explores comput- ...
... hash A one-way function that takes an
ers and networks with malicious intent. ...
... arbitrary-sized input and yields a fixed-size
...
NOTE : Some writers ascribe definition (3) to the ... output. A HASH function is one-way if it is
...
term CRACKER , so that the term HACKER applies ... computationally infeasible to find an input
...
only to people with no malicious intent, although now ... that yields a given output. A HASH function
...
hacker and cracker are used interchangeably. ... is collision-free if no two inputs have the
...
... same output. A HASH function is collision-
hacking Unauthorized, possibly mali- ...
... resistant if it is computationally infeasible,
cious attempts to bypass the security mech- ...
... given one input, to find a second input
anisms of computer systems and networks. ...
... such that both have the same output. Hash
See note (HACKER). ...
... functions generally need to be collision-
...
hacking run HACKING that continues for ... resistant. Synonym DIGEST. See Figure H1.
...
more than a 12-hour period. It usually ... Figure H1 explains the operations of a
...
continues outside normal working hours. ... HASH function. An input message M is bro-
...
... ken into separate predetermined fixed-sized
handprint system A security system ...
... blocks M1, M2, . . . , MN. The HASH of M
that requires a handprint pattern to be ...
... is the result of the application of a trans-
matched with a stored pattern. ...
... formation, usually a compression function
...
handshaking procedures The dialogue ... U on each block of M. An initial value H0
...
that allows two ISs to synchronize, iden- ... is concatenated with M1, and the function
...
tify, and AUTHENTICATE each other. ... U is applied to produce H1. The process
.

57
hashing
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Message Block
Initial Value

Hash Function Output Value

(a)

Message (M)

M1 M2 MN

Initial Value H1 H2 HN
H0 Hash Function Hash Function Hash Function

(b)
.................................................... ...
FIGURE H1. Illustration of hashing. ... An ISs highest secu-
... high water mark
.................................................... ... rity level.
...
...
...
... hoax virus Warnings for viruses that do
...
... not exist. These warnings are usually trans-
Hi U (Mi Hi-1) is repeated on all the ...
... mitted through e-mail messages that are
blocks Hi . See also DIGEST. ...
... forwarded many times and contain pleas
...
NOTE : Hash functions are usually not keyed, where ... for the receiver to forward the warning to
...
as MACs based on hash functions are usually keyed, ... others.
...
e.g., HMAC. ...
... honey pot An IS environment specifi-
...
hashing Computing a HASH TOTAL. ... cally constructed to lure hackers or crack-
...
... ers into attacking it, for the purpose of
hash total The value computed on data ...
... identifying them and observing them in ac-
for finding errors or evidence of manipula- ...
... tion. This environment is generally isolated
tion. See also CHECKSUM. ...
... from the rest of the network (or system)
...
hashword The memory address where ... to prevent accidental damage. This term
...
HASH TOTAL is contained. ... was introduced in Cheswick and Bellovins
...
... book FIREWALL AND INTERNET SECURITY
high-risk environment Location or ...
...
geographic area where an information sys- ... [WRC94].
...
tems security equipment is not secure. ...
... hop A direct communication channel be-
...
header Control information at the be- ... tween two computers. In a complex com-
...
ginning of a message, segment, datagram, ... puter network a message might take many
...
packet, or block of data. ... hops between its source and destination.
...
...
high-threat environment 5 HIGH-RISK
... host (1) A computer in an internetwork
...
ENVIRONMENT.
... environment that has access to other com-
...
.

58
 human safety
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
puters on the Internet. Hosts are the pri- ... terminals and workstations may be con-
...
mary computers connected to the net- ... nected, and the host is used as a provider
...
work, which besides contributing to the ... of services.
..
network load perform operations like run- .....
ning user programs, compilers, and text ....
... human safety A necessary feature of a
editors. (2) In a mainframe environment a ..... system to preserve personal and collective
host is a mainframe computer to which ....
... safety.
...
.

59
 I
j
...
...
IA 5 INFORMATION ASSURANCE. ... operability for public-key technology. It
...
... covers such areas as key agreements, en-
IAB 5 INTERNET ARCHITECTURE BOARD. ...
... cryption, and signatures.
...
IANA 5 INTERNET ASSIGNED NUMBER ... IEEE 1363 defines three categories of
...
AUTHORITY. ... public-key cryptographic algorithms: dis-
...
... crete logarithm, elliptic curves, and integer
ICMP 5 INTERNET CONTROL MESSAGE ...
... factorization. It also covers keys and pa-
PROTOCOL. ...
... rameters in hybrid systems.
...
IDEA 5 INTERNATIONAL DATA ENCRYPTION ...
... NOTE : IEEE 1363 became a standard in the year
ALGORITHM. ...
... 2000. For more information about this standard, see:
... http://grouper.ieee.org/groups/1363/index.html.
identification An ISs method of recog- ...
...
nizing an entity. ... IESG 5 INTERNET ENGINEERING STEERING
...
... GROUP.
identity token A physical object, such as ...
...
a smart card or metal key, that AUTHENTI- ...
... IETF 5 INTERNET ENGINEERING TASK
CATES identity. ...
... FORCE.
...
identity validation Tests that an infor- ...
... IFCC 5 INTERNET FRAUD COMPLAINT
mation system uses to identify users or ...
... CENTER.
resources. ...
...
IDIOT 5 INTRUSION DETECTION IN OUR
...
...
IGP 5 INTERIOR GATEWAY PROTOCOL.
...
TIME. ... IKE 5 INTERNET KEY EXCHANGE.
...
...
IEEE 5 INSTITUTE OF ELECTRICAL AND ELEC- ...
IMAP vulnerability A buffer overflow
...
TRONICS ENGINEERS. ...
... vulnerability that exists in some implemen-
...
IEEE 1363 standard for public-key ... tations of IMAP (Internet Message Access
...
cryptography This standard aims to ... Protocol) that allows an attacker to execute
...
provide a common framework and inter- ... arbitrary code.
.

61
imitative communications deception
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
imitative communications deception ... individual accountability (1) The posi-
...
Deception effected by an ADVERSARYs tele- ... tive association of a users identity with the
..
communications signals being injected with ..... time, method, and degree of access to an
...
deceptive messages or signals. See also COM- ... IS. (2) An association of a users identity
...
MUNICATIONS DECEPTION and MANIPULATIVE ... with certain actions performed on an IS.
...
COMMUNICATIONS DECEPTION. ... For example, there may be individual ac-
...
... countability for an e-mail sent, even if not
impersonation (1) A form of SPOOFING. ...
. for the actual login.
(2) Pretending to be an authorized user to .....
...
gain access to a system. Synonymous with ... inference channel Indirect information
...
MASQUERADING. .... flow channel by which CLASSIFIED INFORMA-
...
implant An electronic device or the ... TION can be inferred from UNCLASSIFIED data
...
modification of electronic equipment in ... and metadata, e.g., database dependencies,
...
order to intercept information-bearing ... statistical correlation, etc.
...
emissions. ...
... information assurance Ensuring the
...
implementation A mechanism (in soft- ... availability, integrity, AUTHENTICATION, CONFI-
..
ware, hardware, or both) for correctly real- ..... DENTIALITY, and NONREPUDIATION of informa-
... tion and information systems by incorpo-
izing a specified design. ...
... rating protection, detection, and reaction
...
import The transfer of information from ... capabilities to restore information systems.
.
one system to another; usually refers to in- .....
... information assurance red team A
formation transfer from an untrusted sys- ...
... team that acts like an ADVERSARY to expose
tem to a trusted system. ...
... and exploit an ISs vulnerabilities to see
...
inadvertent disclosure When an unau- ... how the security posture can be improved.
...
thorized person unintentionally is granted ...
... information environment Individuals,
access to information. ...
... organizations, or systems that collect, pro-
...
Ina Jo The System Development Corpo- ... cess, or disseminate information, along
rations specification and verification meth- ..... with the information itself.
...
odology, based on a nonprocedural state- ...
...
transition specification language, Ina Jo, ... information flow chart A diagram that
.
which incorporates user-supplied invariants ..... indicates the flow of information within a
.
to formally demonstrate that security prop- ..... system. Frequently used to access the po-
...
erties are met. ... tential for covert channels within a system.
...
... INFORMATION FLOW CHARTS are helpful in en-
incident An assessed event that could or ...
... suring that IS information transfers are
does adversely affect an IS. ...
... made only from a lower security level ob-
...
incomplete parameter checking A ... ject to an object of a higher security level.
...
system flaw caused by the failure of the ...
... information label Label used in com-
operating system to completely check all ...
... partmented mode workstations for describ-
parameters for ACCURACY and consistency, ...
... ing a particular item (subject or object), for
and which makes the system vulnerable to ...
... example, a file, a window, or a process. An
penetration. ...
... INFORMATION LABEL is similar to a SENSITIVITY LA-
...
indicator An expected action taken by ... BEL, except that INFORMATION LABEL: 1. Provide
...
an ADVERSARY to prepare for an ATTACK. ... additional information of how the item may
..

62
 inspectable space
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
be managed, for example, it may be labeled ... forming functions such as key generation,
...
Eyes Only, Company Proprietary, or ... key distribution, message encryption, DE-
..
Public; 2. Represent the sensitivity of the ..... CRYPTION, AUTHENTICATION, or those mecha-
.
information whereas SENSITIVITY LABEL provides ..... nisms necessary to satisfy security policy,
....
access marking, such as read or read-and- ... labeling, identification, or ACCOUNTABILITY.
...
write; 3. Automatically change as the con- ... information system security manager
tent of the items changes, whereas SENSITIVITY .....
... Head of COMPUTER SECURITY matters.
LABEL do not automatically change with ...
...
change in content. ... information system security officer
...
... The person responsible for ensuring the se-
information level The security level im- ...
... curity of an information system from de-
plied by the CLASSIFICATION and categories ...
... sign through disposal. Synonymous with
on an information label. ...
... SYSTEM SECURITY OFFICER.
...
information operations (1) Operations ...
... information system security product
that exploit or adversely affect an ADVER- ...
... A security-related item, technique, or ser-
SARYS information content and systems
...
... vice of an information system.
while protecting ones own. (2) Defending .....
... Information Technology Security Eval-
ones own information and ISs, while at- ...
... uation Criteria Harmonized criteria de-
tempting to affect the information and ISs ...
... veloped jointly by European nations to
of adversaries. ...
... specify 6 levels of ASSURANCE. Becoming
...
information system The entire infra- ... obsolete due to the adoption of the COM-
...
structure, organization, personnel, and ... MON CRITERIA.
...
components for the collection, processing, ...
... information warfare Information
storage, transmission, display, dissemina- ...
... operations in times of conflict and war to
tion, and disposition of information. ...
... promote specific actions to deny, exploit,
...
information system security The pro- ... corrupt, or destroy an enemys information
...
tection of information systems against un- ... and its functions.
..
authorized access to or modification of in- ..... INFOSEC 5 INFORMATION SYSTEM
...
formation, whether in storage, processing, ... SECURITY.
...
or transit, and against the denial of service ...
... initialization vector A number used by
to authorized users, including those mea- ...
... the CBC, OFB, and CFB ENCRYPTION tech-
sures necessary to detect, document, and ...
... niques to initialize the first round. Subse-
counter such threats. ...
... quent rounds use the results of earlier
...
information system security equip- ... rounds.
...
ment modification The modification of ...
. initialize (1) To set the state of a system
any fielded hardware, firmware, software, or .....
. to its initial configuration. (2) To set the
portion thereof, under NSA (U.S.) CONFIG- .....
... state of a CRYPTOGRAPHIC LOGIC process be-
URATION CONTROL. There are three classes of ...
... fore key generation, encryption, or any
modifications: mandatory (to include hu- ...
. other operating mode.
man safety); optional/special mission mod- .....
...
ifications; and repair actions. These classes ... inspectable space The three-
...
apply to elements, subassemblies, equip- .... dimensional space surrounding equipment
...
ment, systems, and software packages per- ... that processes CLASSIFIED and/or sensitive
..

63
Institute of Electrical and Electronics Engineers
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ..
information within which TEMPEST exploi- ..... integrity check value A value such as a
...
tation is not considered practical or where ... CHECKSUM, DIGEST, or DIGITAL SIGNATURE that
...
the legal authority to identify and/or re- ... can be used to detect (unauthorized) modi-
...
move a potential TEMPEST exploitation ex- ... fications made to an IS that might breach
...
ists. Synonymous with ZONE OF CONTROL. ... its INTEGRITY.
...
...
Institute of Electrical and Electronics ... interface (1) Common boundary where
Engineers The INSTITUTE OF ELECTRICAL AND ...
... interactions occur between independent
ELECTRONICS ENGINEERS (IEEE) is a profes- ...
.. systems. (2) A part of the boundary
sional society for the advancement of elec- ..... around a system through which it interacts
...
trical and information technology and sci- ... with its environment, which may include
...
ences. It also develops standards including ... other systems.
...
those for networks and security. More in- ...
... interface control document Technical
formation about IEEE is available at ...
... design document that species an interface
http://www.ieee.org ...
... and identifies the authorities and responsi-
...
integrated services digital network ... bilities for ensuring its correct operation.
...
INTEGRATED SERVICES DIGITAL NETWORKS (ISDN) ...
.
combine voice and digital network services ..... interim approval A temporary AUTHORI-
... ZATION to process information in an IS
in a single medium, making it possible to ...
.
offer customers digital data services as well ..... on the basis of a preliminary security eval-
... uation.
as voice connections through a single ...
.
wire. The standards that define ISDN are ..... Interior Gateway Protocol The proto-
...
specified by CCITT/ITU. ... col used to exchange ROUTING information
...
In Figure I1, the circuit switched, ... between collaboration routers in the Inter-
...
packet switched, dedicated point-to-point, ... net. RIP and OSPF are examples of INTERIOR
.
and call services are brought together at an ..... GATEWAY PROTOCOL (IGP).
...
ISDN switch and accessed by a user ...
through a common terminal. ISDN includes ..... intermediary Something that facilitates
.

two levels of services: the basic rate inter- .... communication between parties that wish
...
face and primary rate interface. Basic rate ... to communicate.
...
interface is meant for home and small ...
... intermediate system A system that is
businesses, and primary rate interface is ...
... not an end system but that serves instead
meant for large-volume users. Both of these ..... to relay communications between end sys-
services include a number of B and D ....
... tems. See also REPEATER, BRIDGE, and ROUTER.
channels. Each B-channel (B stands for ...
...
bearer) carries data, voice, and other ser- ... International Data Encryption
... Algorithm A secret-key CRYPTOGRAPHIC
vices, and D-channel (D stands for delta) ...
... scheme developed at the Institute for Sig-
carries control and signaling information. ...
... nal and Information Processing of the
...
integrity A condition in which data (or ... Swiss Federal Institute of Technology, Zu-
...
a system itself) has not been modified or ... rich, by James Massey and Xuejia Lai. See
..
corrupted without AUTHORIZATION. A system ..... Figure I2. IDEA encrypts a 64-bit block of
...
protects the integrity of data if it prevents .... PLAINTEXT into a 64-bit block of CIPHERTEXT
...
unauthorized modification, as opposed to ... using a 128-bit key. The 128-bit key is ex-
...
protecting the CONFIDENTIALITY of data, ... panded into 52 16-bit keys, K1, K2, . . . ,
...
which prevents unauthorized disclosure. ... K52 by chopping off 16 bits from left of
..

64
 International Data Encryption Algorithm
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

Packet Switched Service

Point-to-Point Service
Terminal ISDN ISDN Terminal
Equipment Switch Circuit Switched Service Switch Equipment

Common Channel
Signaling Service

Services

.................................................................................................................
FIGURE I1. ISDN architecture.
.................................................................................................................

128 Bit Key

Key Key Key

Expansion Expansion Expansion

K1 K2 K3 K4 K5 K6 K 49 K 50 K 51 K 52
Iteration 17
Iteration 1

Iteration 2

64 Bit Plaintext 64 Bit Ciphertext

.................................................................................................................
FIGURE I2. Illustration of International Data Encryption Algorithm.
.................................................................................................................

65
International Organization for Standardization
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
the 128 bit key. The INTERNATIONAL DATA ... of defense services and defense technolo-
...
ENCRYPTION ALGORITHM (IDEA) is performed ... gies. Designations of defense articles and
...
in 17 iterations: Odd-numbered iterations ... defense services are based primarily on
...
use four keys, while even-numbered itera- ... whether an article or service is deemed to
...
tions use two keys. The procedure gener- ... be inherently military in character. There
...
ates the ENCRYPTED text over 17 iterations. ... has been some controversy about applica-
...
... bility of INTERNATIONAL TRAFFIC IN ARMS REGU-
International Organization for ...
... LATIONS (ITAR) to sending encryption pro-
Standardization INTERNATIONAL ORGANI- ...
... grams outside the U.S. Encryption
ZATION FOR STANDARDIZATION (ISO) is a feder- ...
... programs are treated as defense technology,
ation of national standards organizations ...
... and so their export in electronic form (for
from countries around the world. Estab- ...
... example, through e-mail or through the
lished in 1947, ISO is located in Geneva, ...
.. Web) may violate ITAR.
Switzerland, and is a nongovernmental orga- .....
... Details of ITAR can be found at
nization with a mission to promote the de- ...
... http://www.epic.org/crypto/export_
velopment of worldwide standards and re- ...
... controls/itar.html.
lated activities. ISO develops and publishes ...
... Archives related to ITAR and export of
international standards. More details about ...
... encryption technology can be found at the
ISO can be found at http://www.iso.ch. ...
... Electronic Frontier Foundation Web site at
...
NOTE : There is a lack of correspondence between the ... http://www.eff.org/pub/Privacy/ITAR_
...
name International Organization for Standards and ... export.
...
its short form ISO (not IOS). The word ISO is ...
derived from Greek isos, which means equal. Isos ... internet An internet is a collection of
...
is the root of terms such as isometric and ison- ... networks tied into a network using an inter-
...
omy. The line of thinking from equal to stan- ... net protocol. In general internet refers to
...
dard led to the choice of ISO as the name of the ... any internet, and Internet (with a capital
...
organization. ... I) to the global Internet (see Figure I3(a)).
...
... The Internet is a conglomeration of au-
ISO is used around the world and thus ...
... tonomous systems (AS), each of which is
avoids many acronyms resulting from the ...
... under the control of a single administrative
translation of International Organization ...
.
for Standardization into different interna- ..... unit and whose structure is transparent
... from the outside. As an example, a large
tional languages, such as IOS in English ...
... corporations network may be organized as
and OIN (Organisation Internationale de ...
Normalisation) in French. ..... an AS. Figure I3(b) shows a typical rout-
...
... ing structure between two ASs within the
...
International Telecommunications ... Internet.
Union An international organization that ...
..
deals with standardization activities related ..... Internet Activities Board 5 INTERNET
.
to global communications networks. It was ..... ARCHITECTURE BOARD.
...
earlier called COMITE CONSULTATIF INTERNA- ...
...
TIONAL TELEPHONIQUE ET TELEGRAPHIQUE ... Internet address In IPv4, a 32-bit ad-
...
(CCITT). See also CCITT. ... dress assigned to hosts using TCP/IP. See
...
... DOTTED DECIMAL NOTATION.
International Traffic in Arms ...
...
Regulations The collection of laws in ... NOTE : IPv6 provides 128-bit addresses. Whereas
...
the United States that regulate the export ... IPv4 which is currently the most used protocol uses
...

66
 Internet Control Message Protocol
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

Backbone Service Provider

ISP

user user Backbone Service Provider

Peering
point

Backbone Service Provider

Internet
Large Service
Corporation Internet
Provider Service
(ISP) Provider
(ISP)
user user user user
(a) user user

AS1 AS2
Host 1A Exterior Exterior Host 2A
Gateway1 EGP Gateway2
RIP RIP

Host 1B (b) Host 2B

.................................................... ...
... Activities Board. Earlier history of Internet Activities
FIGURE I3. Conceptual idea of the Internet. ...
.................................................... ... Board is not traceable from public records. A snapshot
...
... of the IAB in 1990, and a short history, are given
...
... in RFC 1160.
...
32 bit addresses. IPv6 provides mechanisms for ...
...
smooth transition for hosts and routers to dynamically ... Internet Assigned Number Authority
tunnel IPv6 packets over IPv4 routing infrastructure. ...
... A group organized through the Internet
...
... Society for maintaining assigned numbers
Internet Architecture Board The tech- ...
... relating to the Internet Protocol suite.
nical body that oversees the development ...
... Details of INTERNET ASSIGNED NUMBER AU-
of the Internet suite of protocols and man- ...
... THORITY (IANA) are available at http://
agement. It has two subcommittees: IETF ...
... www.iana.org.
(INTERNET ENGINEERING TASK FORCE) and IRTF ...
...
(INTERNET RESEARCH TASK FORCE). INTERNET AR- ...
... Internet Control Message Protocol
CHITECTURE BOARDs (IAB) charter is given in ...
... The protocol used to handle errors and
RFC 2850. More information is available ...
... control messages at the IP layer. INTERNET
at http://www.iab.org. ...
... CONTROL MESSAGE PROTOCOL (ICMP) is used
...
NOTE : The IAB was set up in 1983 when the ... from GATEWAYS to host, and between hosts
...
Internet was still in its infancy as a U.S. government ... to report errors and make routing sugges-
...
research project; at that time it was called the Internet ... tions. ICMP is actually part of the IP proto-
...

67
internet datagram
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
col. Details of the protocol are given in ... Internet Fraud Complaint Center The
...
RFC 792. ... INTERNET FRAUD COMPLAINT CENTER (IFCC) (of
...
... U.S.) is a joint operation of the U.S. Fed-
NOTE : RFC 1885 gives the specifications of Inter- ...
... eral Bureau of Investigation (FBI) and the
net Control Message Protocol (ICMPv6) for the In- ...
... U.S. National White Collar Crime Center
ternet Protocol Version 6 (IPv6). ...
... (NW3C) with a purpose to address fraud-
...
internet datagram The unit of data ex- ... ulent activities over the Internet. IFCC of-
..
change between a pair of internet modules. ..... fers a central repository for complaints re-
...
... lated to Internet fraud; collects and
Internet Engineering Steering Group ...
... maintains fraud complaint information to
The executive committee of the INTERNET ...
... help in preventive and investigative efforts;
ENGINEERING TASK FORCE (IETF). A steering ...
... provides mechanisms for reporting fraud
committee that oversees the activities of ...
... on the Internet; and directs Internet fraud
the IETF. More information about INTERNET ...
... complaints to the appropriate law enforce-
ENGINEERING STEERING GROUP (IESG) is avail- ...
... ment and regulatory agencies. For law en-
able at http://www.ietf.org/iesg.html ...
... forcement and regulatory agencies it pro-
...
... vides services and statistical data of current
Internet Engineering Task Force A ...
... fraud trends and other information. This
standards body whose focus is protocols ...
... Web site (see below) contains recent
for use in the Internet. Its publications are ...
... trends and analytical reports and can be
called Internet RFCs (REQUEST FOR COM- ...
... used to file a fraud complaint. For more
MENTS). More information about INTERNET ...
... details see http://www.ifccfbi.gov.
ENGINEERING TASK FORCE (IETF) is available ...
...
at http://www.ietf.org ... internet key exchange A part of the
...
... IPSEC virtual private networking protocol
internet fragment A portion of the ...
... for CRYPTOGRAPHIC key exchange and man-
data exchanged between a pair of Internet ...
... agement, described in RFC 2409.
nodes. ...
...
This ensures that IP DATAGRAMS can fit ...
. Internet Network Information Center
inside one packet on any network topology .....
. Authority that administers and assigns In-
and that packets are fragmented when they .....
.... ternet domains and network addresses.
are too big to go over a given network. ...
... More information about INTERNET NETWORK
Ethernet can accept packets up to 1,500 ...
... INFORMATION CENTER (INTERNIC) is available
bytes long, while FDDI can accept those ...
... at http://www.internic.net/index.html.
up to 4,500 bytes long. ...
...
In Figure I4, H1 sends a 1,400-byte ... Internet Policy Registration Authority
...
packet to H2. If we assume that the maxi- ... Internet authority that registers policies for
...
mum transmission of the physical network ... CAs. INTERNET POLICY REGISTRATION AUTHORITY
...
of H1, which may be a point-to-point net- ... (IPRA) certifies only PCAs and not CAs or
...
work, is 512 bytes (where R1 is located), ... users. PCAs have their own policy of issuing
...
the packet is fragmented into three packets ... certificates. See also POLICY CREATION AUTHORITY
...
of sizes 512, 512, and 376. Routers R2 ... and CERTIFICATION AUTHORITY HIERARCHY.
and R3 (for example, they may be a part of .....
...
an Ethernet or an FDDI physical network) ... internetwork private line interface
...
do not fragment the packets any further. .... Interface that provides secure connections
...
The three packets are assembled at H2. ... between a host and a predetermined set of
..

68
 Internet Security Association and Key Management Protocol
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

R4 R6

R5

H1 H2
R1 R2 R3

H 1400 H 512 H 512 H 1400

H 512 H 512

H 376 H 376
.................................................... ...
FIGURE I4. Illustration of Internet fragmentation. ...
... ment IPsec. Details of IPv6 are available at
.................................................... ...
... http://www.ipv6.org.
...
...
...
...
internet protocol security A VIRTUAL PRI-
...
...
VATE NETWORKING (VPN) protocol standard
corresponding hosts through a network ...
...
that can be used to provide NONREPUDIA-
CRYPTOGRAPHIC unit.
... TION, data integrity and privacy, AUTHENTI-
...
... CATION, and replay protection over public
Internet Protocol Standard protocol for ...
...
...
IP networks such as the Internet.
the transmission of data in packet-switched ...
communications networks and their inter- ... NOTE : The security architecture for IP is defined
...
connected systems. INTERNET PROTOCOL is ... in IPsec, the security architecture for IP. Details of
...
given in RFC 791. ... IPsec are given in RFC 2401. IPsec provides two
...
... security mechanisms (1) The IP AUTHENTICA -
Internet Protocol Next Generation ...
... TION HEADER (AH) described in RFC 2402
INTERNET PROTOCOL NEXT GENERATION (IPNG) ... and (2) The IP encapsulating security payload
...
is a new version of the Internet Protocol ... (ESP) described in RFC 2406.
...
designed by IETF as a successor to IPv4. It ...
...
is assigned IP version number 6 and is ... Internet Relay Chat An Internet service
...
called IPv6. Implementations of IPv6 are ... that allows real-time text-based communi-
...
available for many operating systems. The ... cation with other users in Internet loca-
...
overall goal of IPv6 is to create an archi- ... tions called chat rooms.
...
tectural framework that enables the Inter- ...
... Internet Research Task Force One of
net to grow to a system with millions of ...
... the task forces of the IAB, the group re-
interconnections to IPv6 from IPv4 and ...
... sponsible for the research and development
minimal disruption to existing systems. ...
... of the INTERNET PROTOCOL suite. More infor-
In addition to various new features, ...
... mation is available at http://www.irtf.org
IPv6 increases the size of Internet ad- ...
...
dresses from 32 bits to 128 bits, thus in- ...
... Internet Security Association and Key
creasing the number of available network ... Management Protocol Provides a ge-
...
and host IP addresses. ... neric framework for key management.
...
IPng-compliant systems must imple- ... INTERNET SECURITY ASSOCIATION AND KEY
...
..

69
Internet worm
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
MANAGEMENT PROTOCOL (ISAKMP) is exten- ... IPRA 5 INTERNET POLICY REGISTRATION
...
sible in that it is not limited to specific ... AUTHORITY.
...
CRYPTOGRAPHIC algorithms or protocols and ...
..
hence offers more flexibility with regard to ..... IPsec 5 INTERNET PROTOCOL SECURITY.
....
use than Photuris or SKIP protocols. De- ... IP splicing A method for attacking or in-
...
tails of ISAKMP are given in RFC 2408. ... tercepting an established TCP/IP connec-
...
... tion. Usually, this type of ATTACK occurs af-
Internet worm A program written by ...
... ter AUTHENTICATION of the users is complete
Robert Morris Jr. that replicated itself ...
... and the attacker assumes the role of a le-
from machine to machine on the Internet ...
... gitimate user.
in 1988 and clogged the network. ...
...
... IP spoofing One machine on the Inter-
InterNIC 5 INTERNET NETWORK INFOR- ...
... net masquerading as another machine by
MATION CENTER. INTERNIC administers and ...
... using the latters IP address.
assigns Internet domains and network ...
...
addresses. ...
... IPv6 5 INTERNET PROTOCOL NEXT
...
intruder 5 CRACKER. ... GENERATION.
...
...
intrusion (1) An act in which an ADVER- ... IRC 5 INTERNET RELAY CHAT.
...
SARY gains access to a system in violation ...
... iron box A setup to trap hackers and
of its security objectives. (2) Acts that ...
... keep them on the system (or network)
COMPROMISE the integrity, CONFIDENTIALITY, ...
... long enough to trace their origin. The
or availability of networks and systems. ...
... setup usually provides bait files to keep
...
intrusion detection The science or art ... the intruders interest.
dealing with the detection of intrusion into .....
...
networks or computer systems, and of .... IRTF 5 INTERNET RESEARCH TASK FORCE.
...
mechanisms that perform such services. ...
... IS 5 INFORMATION SYSTEM.
...
Intrusion Detection in Our Time A sys- ...
... ISAKMP 5 INTERNET SECURITY ASSOCIA-
tem of intrusion detection that uses ...
... TION AND KEY MANAGEMENT PROTOCOL.
pattern-matching techniques. ...
...
... ISDN 5 INTEGRATED SERVICES DIGITAL
IO 5 INFORMATION OPERATIONS. ...
... NETWORK.
...
IP 5 INTERNET PROTOCOL. ...
...
... ISO 5 INTERNATIONAL ORGANIZATION FOR
IP datagram The fundamental unit of ...
... STANDARDIZATION.
information passed across the Internet and ...
...
the unit of end-to-end transmission in IP ... ISO OSI The seven-layer OSI (OPEN SYS-
...
protocol that contains the source and des- ... TEMS INTERCONNECT) model proposed by ISO
...
tination address, along with data and a ... has provided a conceptual framework for
...
number of fields that define such things as ... understanding networks. See Figure I5.
...
the length of the DATAGRAM, the header ...
... NOTE : ISO 7498 describes the ISO OSI model.
CHECKSUM, and a flag to say whether the ...
... ISO 7498 part 2 defines security architecture but is
DATAGRAM can be fragmented. ...
... superseded by ISO/IEC 10745 and ITU-T
...
IPng 5 INTERNET PROTOCOL NEXT ... X.803 Upper Layers Security Model, ISO/IEC
...
GENERATION. ... 13594 and ITU-T X.802 Lower Layers Security
..

70
 IV
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

ISO-OSI
Model TCP/IP Model Protocols Used
Telnet, FTP, DNS,
Application
SMTP, TFTP, HTTP

Presentation Application

Session

Transport Transmission TCP, UDP

Network Internet IP

Ethernet, X.25, SLIP,

Host to
Data link PPP, IEEE 802.3,
Network
IEEE 802.5

Physical

.................................................... ...
FIGURE I5. Comparison of the ISO model and the
... 5
... ISSO INFORMATION SYSTEM SECURITY
...
TCP/IP model. ... OFFICER.
.................................................... ...
... ITAR 5 INTERNATIONAL TRAFFIC IN ARMS
...
... REGULATIONS.
...
Model, and ISO/IEC 101811 and ITU-T ...
... ITSEC 5 INFORMATION TECHNOLOGY
X.810 Security Frameworks, Part 1: Overview. ...
... SECURITY EVALUATION CRITERIA.
...
ISS 5 INFORMATION SYSTEM SECURITY. ... ITU 5 INTERNATIONAL TELECOMMUNICA-
...
... TIONS UNION.
ISSM 5 INFORMATION SYSTEM SECURITY ...
...
MANAGER. ...
...
IV 5 INITIALIZATION VECTOR.
...

71
 J
j
...
...
Java sandbox A mechanism that con- ...
...
fines the scope of Java APPLET actions ac- ... Java Application
...
cording to rules defined in a security ...
...
model. ... JVM
...
...
Java Virtual Machine Software that ...
...
provides a virtual machine on which Java ...
software can be executed. See Figure J1. ... OS
...
...
...
JIVA 5 JOINT INTELLIGENCE VIRTUAL ...
... Hardware
ARCHITECTURE. ...
...
...
Joint Intelligence Virtual Architecture ... ....................................................
...
A system designed by the U.S. government ... FIGURE J1. Conceptual Representation of the Java
...
with a purpose to provide modernization ... Virtual Machine (JVM).
... ....................................................
of intelligence analytical processes and ...
...
methodologies. The goal of JOINT INTELLI- ...
...
GENCE VIRTUAL ARCHITECTURE (JIVA) is to pro- ...
... and 3-D representations. For details
vide a single database of knowledge by ...
... of JIVA see http://www.fas.org/irp/
combining inputs from various agencies to ...
... program/core/jiva.htm.
create an intelligence tool to create virtual ...
...
intelligence by using full-motion video ... JVM 5 JAVA VIRTUAL MACHINE.
...

73
 K
j
...
...
kamikaze packet 5 CHERNOBYL ... key backup 5 KEY ESCROW.
...
PACKET. ...
...
... keyboard attack 5 ATTACK.
KDC 5 KEY DISTRIBUTION CENTER. ...
...
...
KEK 5 KEY ENCRYPTION KEY. ... key card A paper card consisting of a
...
... pattern of punched holes that establishes a
Kerberize To enhance an application to ...
key for a specific CRYPTONET at a specific
...
use KERBEROS for AUTHENTICATION and/or ...
time.
...
ENCRYPTION. ...
...
...
Kerberos A DES-based AUTHENTICATION ... key distribution center An online
...
system developed at Massachusetts Insti- ... trusted intermediary that has a master key
...
tute of Technology (U.S.) as part of Proj- ... for all principals and that generates CON-
...
VERSATION KEYS between principals when
ect ATHENA and subsequently incorporated ...
...
into a growing collection of commercial ... requested.
...
products. Detailed specifications of KER- ... Key distribution can be implemented in
...
BEROS are given in Internet RFC 1510. See ... various ways. In the following illustration
...
Figure K1. ... we use a scenario based on [GP79] and de-
...
... picted in Figure K2. Suppose user A wants
key A quantity used in CRYPTOGRAPHY to ...
... to start a communication session with user
or DECRYPT information. This may ...
ENCRYPT
... B. We assume that user A shares a secret
be a set of symbols, letters, numbers, or ...
... key KA and user B shares a secret key KB
characters that are used to encrypt or de- ...
... with the KEY DISTRIBUTION CENTER (KDC). The
crypt a text or a message. ...
... following steps take place:
...
... (1) A sends a message Message_of_A_
key archive 5 KEY ESCROW. ...
... to_KDC (ID(A), ID(B), N1) to KDC
...
key-auto-key A form of CRYPTOGRAPHIC ... that contains identification of A (for exam-
...
LOGICthat uses a previous key to create a ... ple, IP address), identification of B, and a
...
new key. ... NONCE N1.
.

75
key distribution center
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Kerberos

Ticket
Authentication
Granting
Server
et Server
k
Tic

Request for Ticket

Granting Ticket

Granting Ticket
ver
S er
or et

Ticket
tf ick
es rT
qu rv
e
Re Se

Request for Service

Client Response from Server Server

....................................................
FIGURE K1. Kerberos authentication menchanism.
....................................................

KDC

(1)
(2)

(3)
(4)
User A User B
(5)
(6)
.................................................... ...
...
FIGURE K2. Figure explaining key distribution ... crypted using KB. So, the message from
... KDC to A is
center. ...
.................................................... ...
...
... Message_from_KDC_to_A Encrypt_
... using_KA [(KS, Message_of_A_to_KDC),
...
...
...
Encrypt_using_KB(Ks, ID(A))].
...
... (3) User A then forwards the item in-
(2) KDC responds with a message that ...
... tended for B (Encrypt_using_KB[(KS , ID(A))])
is encrypted using the key of A. The mes- ...
... to B. So, user B now decrypts the message
sage contains items for both A and B. For ...
... using its own key KB and knows the ses-
A, it has a session key KS and the original ...
... sion key KS.
message, and for B it has a session key ... Now both user A and user B have a
...
and identity of A. Both of these are en- ... session key and can start communicating.
...
..

76
 key updating
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
To ensure against a replay attack and ... struction, distribution, and revocation of
...
to AUTHENTICATE, the next two steps are .... a key.
....
performed. ...
... key pair A public key and its corre-
(4) Using the session key KS user B ...
... sponding private key for use in PUBLIC KEY
sends a nonce N2 to A. ...
CRYPTOGRAPHY.
(5) User A performs a function, for ex- .....
....
ample, adding 1, and sends it to B. ... key production key A key that acti-
...
(6) Now users A and user B can start ... vates a key-stream generator to produce
...
communicating. ... other electronically generated keys.
...
...
key encryption key Key for encryption ... key stream A sequence of symbols pro-
or decryption of another key, which is used ..... duced in a machine or auto-manual CRYPTO-
...
for secure transmission or storage. .... SYSTEM that combine with PLAINTEXT to pro-
...
... duce CIPHERTEXT, control transmission
key escrow A system that provides ...
... security processes, or produce keys.
backups of encryption keys so that data ...
...
can be decrypted if the primary copy of ... keystroke monitoring Recording every
...
the key used to encrypt the data is not ... keystroke of the user (and usually every
...
available. KEY ESCROW can be used for ... character of response). A form of AUDIT
...
schemes that give access (under court or- ... TRAIL software or a specialized device usu-
...
der) to law enforcement agencies and KEY ... ally does this monitoring.
...
RECOVERY for schemes that give access to ...
... keystroke system A system that com-
owners who have lost their key. Other ...
... pares a pattern of keystrokes with a stored
terms are KEY ARCHIVE, KEY BACKUP, and data ...
... pattern to determine whether there is a
recovery system. ...
... match.
...
keying material A physical or magnetic ...
key recovery 5 KEY ESCROW
key, code, or piece of AUTHENTICATION infor- .....
...
mation. Also known as key material or .... key tag Information for the identifica-
...
keymat. ... tion of certain types of electronic keys.
...
...
key list A printed list, pad, or printed ... key tape A punched or magnetic tape
...
tape of a series of key settings for a spe- ... containing a key. A printed key in tape
...
cific CRYPTONET. ... form is referred to as a KEY LIST.
...
...
key management The supervision and ... key updating A CRYPTOGRAPHIC process
...
control of the generation, storage, use, de- ... for modifying a key; it cannot be reversed.
..

77
 L
j
...
...
label 5 SECURITY LABEL. ... multiple TELNET sessions to log on to a sys-
...
... tem to avoid a trace. See Figure L1.
labeled security protections Mecha- ...
...
nisms of a TRUSTED COMPUTING BASE (TCB) ... least privilege A property of an IS by
...
in which access control decisions are made ... which users or subjects are given only the
...
on the basis of SENSITIVITY LABELS and CLEAR- ... minimum access (or privileges) necessary to
...
ANCES. ... perform particular authorized tasks. This
...
... limits the potential for damage resulting
laboratory attack An ATTACK by which ...
... from accidental, erroneous, or malicious
information from data storage media is ob- ...
... unauthorized use of an IS.
tained by using advanced signal recovery ...
...
equipment in a laboratory setting. ... letter bomb Malicious software, usually
...
... a LOGIC BOMB, distributed via electronic
Law Enforcement Access Field The ...
... mail. Typically such software is not exe-
field that must be transmitted by one CLIP- ...
... cuted until the mail message is read, or
PER CHIP to the CLIPPER CHIP at the other end ...
... when an attachment is opened.
of the conversation. Without it, the receiv- ...
...
ing CLIPPER will refuse to DECRYPT the con- ...
... level of protection The extent to which
versation. The LAW ENFORCEMENT ACCESS ...
... ISS and networks must be protected based
FIELD (LEAF) enables law enforcement to de- ...
... on risk, threat, vulnerability, system inter-
crypt the conversation, after a court order ...
... connectivity considerations, and INFORMA-
to obtain the sending CLIPPERS unique key. ...
... TION ASSURANCE needs. Typically the levels
The LEAF field was also used in capstone ...
... of protection are 1. Basic: IS and net-
chips. ...
... works requiring the implementation of
...
LEAF 5 LAW ENFORCEMENT ACCESS FIELD ... standard minimum-security COUNTERMEA-
...
... SURES. 2. Medium: IS and networks requir-
...
leapfrog attack Using one system to ... ing the layering of additional safeguards
...
get a user ID and password to get to an- ... above the standard minimum-security COUN-
...
other system. This also includes the use of ... TERMEASURES. 3. High: IS and networks
.

79
life-cycle assurance
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

A
Telnet Client Telnet from A to B using session A

B
Telnet to A Telnet from B to C
Session C
using session B
Session B
Session A
C

User Terminal Attempts to get

User ID and Password
of other systems
.................................................... ...
... link encryption In a communications
FIGURE L1. Use of multiple telnet sessions for a ...
... system, the encryption of information
leapfrog attack. ...
.................................................... ... between NODES. Contrast with END-TO-END
...
...
... ENCRYPTION.
...
...
requiring the most stringent protection and ... list-oriented A type of computer protec-
...
rigorous security COUNTERMEASURES. ... tion where every protected object has a list
...
... of all subjects with AUTHORIZATION to access
life-cycle assurance The ASSURANCE ...
... it. See also TICKET-ORIENTED.
that a trusted system is designed, devel- ...
...
oped, and maintained based on controlled ... LMD/KP 5 LOCAL MANAGEMENT
...
standards. In the ORANGE BOOK, these AS- ... DEVICE/KEY PROCESSOR.
...
SURANCES include security testing, design ...
... local address The address of a host
specification and verification, CONFIGURA- ...
within a network. The actual mapping of
...
TION MANAGEMENT, and trusted distribution. ...
... an Internet local address onto the host ad-
...
limited maintenance Maintenance con- ... dresses in a network is quite general, allow-
...
sisting only of fault isolation, removal, and ... ing for many-to-one mappings.
...
the replacement of plug-in assemblies in ...
... local authority An organization that
INFOSEC equipment. In LIMITED MAINTE- ...
... generates and signs user certificates.
NANCE, soldering or unsoldering is usually ...
...
prohibited. See also FULL MAINTENANCE. ... Local Management Device/Key
... Processor An EKMS platform that gener-
line conditioning The elimination of in- ...
... ates a key for authorized users and pro-
advertent signals or noise produced or ...
... vides automated management of COMSEC
transported on a telecommunications or in- ...
... MATERIAL.
formation system signal, power, control, ...
...
indicator, or other external interface line. ... lock and key protection system
...
... Protection system in which a key or pass-
line conduction Inadvertent signals or ...
... word must be matched with a specific ac-
noise produced or transported on a tele- ...
... cess requirement.
communications or information system sig- ...
...
nal, power, control, indicator, or other ex- ... logical completeness measure A way
...
ternal interface line. ... of determining how effectively and to
...
.

80
 low probability of intercept
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
what extent a set of security and access ... long title The descriptive title of a
...
control mechanisms meets security specifi- .... COMSEC item.
cations. ....
...
... low probability of detection The re-
...
logic bomb Resident computer program ... sult of efforts to hide or disguise inten-
...
that causes an unauthorized act to occur ... tional electromagnetic transmissions.
...
when certain states of an IS are reached. ...
... low probability of intercept The result
...
login A method of being identified and ... of efforts to prevent the interception of in-
...
AUTHENTICATED by a computer system. ... tentional electromagnetic transmissions.

81
 M
j
...
...
MAC 5 MANDATORY ACCESS CONTROL; ... curity risks if they are not removed before
...
MESSAGE AUTHENTICATION CODE; MEDIA ACCESS ... live implementation.
...
CONTROL LAYER. ...
... maintenance key A key intended for
...
magnetic remanence After a magnetic ... in-shop use.
...
medium has been cleared, the magnetic ...
... malicious applets Small application
representation of residual information left ...
... programs that are downloaded and exe-
on the medium. See also CLEARING. ...
... cuted automatically to perform an unau-
...
mail bomb An ATTACK in which many
... thorized function on an IS.
...
...
messages are sent to a particular address in ... malicious code Software or firmware
...
order to exceed the mail recipients mail ... that has the ability to perform an unautho-
...
limit, thereby causing the system to crash ... rized function on an IS. This software may
...
or malfunction. ... be intentionally left in a system for mali-
...
... cious purposes. Examples include VIRUSES,
mail gateway A machine that connects ...
... TROJAN HORSES, LOGIC BOMBS, and TRAP
two or more electronic mail systems and ...
... DOORS.
transfers messages between them. Some- ...
...
times the mapping and translation can be ...
... malicious host For some mobile agent
quite complex, and generally it requires a ...
... applications, an agent may contain sensitive
store-and-forward scheme whereby the ...
... information. In which case, it may be nec-
message is received from the system com- ...
... essary to protect the agent from its execu-
pletely before it is transmitted to the next ...
... tion environment. In these situations, the
system after suitable translation. ...
... host computer is referred to as a MALICIOUS
... HOST [WJ00].
...
maintenance hook Special instructions ...
...
(TRAP DOORS) in software that are designed ... malicious logic Hardware, software, or
...
for easy maintenance and additional feature ... firmware that has the ability to perform an
...
development, but which can be serious se- ... unauthorized function on an IS.
.

83
mandatory access control
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
mandatory access control A method ... maximum transmission unit The larg-
...
of restricting access to objects containing ... est possible unit of data that can be sent
...
sensitive information. Also the formal AU- ... on a given PHYSICAL MEDIUM. For example,
...
THORIZATION of subjects to access this sensi- ... the MTU of the Ethernet is 1,500 bytes.
...
tive information. See also DISCRETIONARY AC- ... See also FRAGMENTATION.
...
CESS CONTROLS. ...
... MD2 Message digest algorithm docu-
...
mandatory modification An NSA ... mented in RFC 1319. See also HASH and
...
(U.S.) required change to a COMSEC ... MESSAGE DIGEST.
...
END-ITEM that must be completed and re- ...
... MD4 Message digest algorithm docu-
ported by a specific date. See also OPTIONAL ...
... mented in RFC 1320. See also HASH and
MODIFICATION. ...
... MESSAGE DIGEST.
...
manipulative communications ....
... MD5 Message digest algorithm docu-
deception The deceptive alteration or ...
simulation of friendly telecommunications. ..... mented in RFC 1321. See also HASH and
... MESSAGE DIGEST.
See also COMMUNICATIONS DECEPTION and IMI- ....
TATIVE COMMUNICATIONS DECEPTION. ....
... media access control layer A sublayer
...
manual cryptosystem CRYPTOSYSTEM in ... of the OSI data link control layer, defined
..
which no CRYPTO-EQUIPMENT or auto-manual ..... in IEEE 802.
...
devices are used to perform the CRYPTO- ... mediation The interposition of an AC-
...
GRAPHIC processes. ... CESS CONTROL MECHANISM between a subject
...
... and an object. An arbiter positioned in the
manual remote rekeying The electri- ....
cal rekeying of distant CRYPTO-EQUIPMENT, .... middle determines whether or not to allow
...
requiring specific actions by the receiving ... a subject to perform a given operation on a
...
terminal operator. ... specified object.
...
...
masquerader An unauthorized user ... memory scavenging The collection of
...
who exploits a legitimate users account by ... residual information from data storage.
...
impersonating an authorized user with ...
... MenezesQuVanstone key agree-
means such as guessing a password, inter- ... ment scheme The MenezesQu
...
cepting communications, or using mali- ... Vanstone scheme (1995) is a variant of
...
cious code. ... the DiffieHellman algorithm; here, in-
...
... stead of one publicprivate key pair, each
masquerading Form of SPOOFING. ...
... party contributes two publicprivate key
...
master crypto-ignition key A key de- ... pairs and uses its own two key pairs, the
...
vice with electronic logic and circuits that ... other partys two public keys, and some
...
enables the addition of more operational ... agreed-upon parameters to decide on a
...
CIKS to a keyset (maximum of seven) any ... shared secret key.
...
time after the completion of the fill proce- .....
... message The unit of transmission in a
dure. The master CIK can be made only as ...
... transport layer protocol. In particular, a
the first CIK during the fill procedure. ...
... TCP segment of a message. A message
..
material symbol A communications cir- .... consists of a transport protocol header fol-
.
cuit identifier used for supplying more key ..... lowed by the application protocol data. To
...
cards. ... be transmitted end-to-end through the In-
...

84
 mobile node
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
... MLI 5 MULTILEVEL INTEGRITY.
Hashing ...
Function
...
Fixed Length ... MLS 5 MULTILEVEL SECURITY.
Message ...
Message Digest
...
...
... MNCRS 5 MOBILE NETWORK COMPUTER
.................................................... ...
... REFERENCE SPECIFICATIONS.
FIGURE M1. Message digest. ...
.................................................... ...
... mobile code Program that can execute
...
... on remote locations without any modifica-
...
... tion in the code. A MOBILE CODE may travel
ternet, a message must be encapsulated in- ...
... and execute from one machine to anther
side a datagram. ...
... on a network during its lifetime. Some sys-
...
NOTE : The above is a specific definition. The term ... tems that create and execute MOBILE CODE
...
MESSAGE is also used in SMTP and other messaging ... are ActiveX, Java, JavaScript, VBScript,
contexts. ...
... Microsoft Word macros, and PostScript.
...
message authentication code Data ... Mobile code can run on multiple platforms
...
that allows a receiver to verify an AUTHENTI- ..... such as UNIX and Microsoft Windows.
... The mobile code interpreter (or the virtual
CATED message. The received message ...
... machine) is now a part of Web browsers.
matches the sent message. ...
... Because of security concerns, many forms
...
message digest The result of applying ... of mobile code platforms run an untrusted
...
an irreversible function that takes an ... code in a secure fashion. See also JAVA SAND-
.
arbitarary-sized input and produces a fixed- ..... BOX and JAVA VIRTUAL MACHINE.
...
size output. Also called hash value. See ...
...
Figure M1. See also DIGEST. ... Mobile Network Computer Reference
... Specifications These specifications ex-
...
message externals Information exter- ... tend the concept a NETWORK COMPUTER to de-
...
nal to the text of a message, such as the ... fine a mobile network computer (MNC).
...
header or trailer. ...
...
... mobile node A NODE that changes its
message hash 5 DIGEST. ...
... point of attachment to the Internet as part
...
message indicator The sequence of ... of its normal use.
...
bits transmitted over a communications ... In mobile IP, a ROUTER named as a
...
system whose purpose is to synchronize ... home agent is located on the home net-
...
CRYPTO-EQUIPMENT. Some OFF-LINE CRYPTOSYS- ... work of the mobile host (node). The mo-
...
TEMS, such as the KL-51 and one-time pad .
... bile host has a permanent IP address, with
... the same network address as the network
systems, establish DECRYPTION starting points ...
... address of the home network. Other hosts
by using message indicators. ...
... on the Internet use this permanent address.
...
Milnet The U.S. Department of Defense ... A foreign agent is located on the network
...
spinoff of the ARPAnet. ... to which the mobile host attaches.
...
... Both the home and foreign agent ad-
MIME 5 MULTIPURPOSE INTERNET MAIL ...
... vertise their presence on the networks to
EXTENSIONS. ...
... which they are attached. The mobile host
...
mimicking Form of SPOOFING, also ... registers itself with the foreign agent of
...
synonymous with IMPERSONATION or ... the network to which it attaches. This
...
MASQUERADING. ... foreign agent in turn contacts the home
...
.

85
mockingbird
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Sending
Host

Home Foreign
Agent Agent Mobile
Internet Host

(2)

Home
Network

Foreign Mobile
Agent Host
(1)

.................................................... ...
FIGURE M2. Mobile node.
...
... or other reasoning about the policy or the
.................................................... ...
... system.
...
...
... modem Short for modulator/
...
agent of the mobile host and provides the ... demodulator. It converts digital signals
...
home agent a care-of address. Now the ... from a computer to an analog form to
...
hosts on the Internet can contact the mo- ... transmit over a communication medium
...
bile host through its home agent (which ... that may connect to a network or the In-
...
has the same network number) and has a ... ternet (usually a phone line; see NOTE be-
...
care-of address. When the mobile host at- ... low) and converts an analog signal that has
...
taches itself to a new network, the whole ... come over a communication medium to
...
process is repeated. Thus, for long-lived ... digital form so that it can be processed by
...
applications, the mobility of the host has ... a computer. See Figure M3.
...
no effect. Figure M2 shows this scenario, ...
... NOTE : In addition to modems that connect a com-
with one sending host, and the mobile ...
... puter to a phone network there are other types of mo-
host goes first from its home network to a ...
dems such as cable TV modems and fiber modems.
...
new network (identified as step (1)). It ...
...
then moves to a new network, and the ... mode of operation (1) The conditions
...
whole process is repeated (identified as ... under which an IS operates based on the
..
step (2)). ... sensitivity of information processed and
...
... the CLEARANCE levels, formal access approv-
mockingbird A program that mimics ...
... als, and the need-to-know of its users.
the behavior of legitimate user(s) or a sys- ...
... There are four authorized modes of opera-
tem but can perform malicious activities at ...
... tion for processing or transmitting infor-
the instigation of a user or a process. ...
... mation: dedicated mode, system-high
...
model A representation of a policy or a ... mode, compartmented/partitioned mode,
...
system design that can be used for analysis ... and multilevel mode. (2) There are also
...

86
 multihost-based auditing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

Internet

Telephone
Computer Modem Modem Computer
Digital Analog
Network Analog Digital
Signals Signals Signals Signals

....................................................
FIGURE M3. Modem.
....................................................

H1 H1

H2 H2
Router Internet Router
H3

Network A Network B
....................................................
...
FIGURE M4. Multicast. ...
only a subset of all possible destinations. It
...
.................................................... ...
... identifies a group of interfaces such that a
...
... packet sent to a multicast address is deliv-
...
... ered to all of the interfaces in the group.
...
modes of operation for encryption: ECB, ... In Figure M4, host H2 on network A is
...
CBC, CFB, and OFB. ... multicasting to hosts H1 and H3 on net-
...
... work B. See also BROADCAST.
monitoring The recording of relevant ...
...
information about each operation per- ... multihomed host A computer con-
...
formed on an object by a subject. It is re- ... nected to more than one physical data
...
tained in an AUDIT TRAIL for further analysis. ... link. The data links may or may not be
...
... attached to the same network. A host is
MQV 5 MENEZESQ UV ANSTONE KEY ...
... said to be multihomed if it has multiple
AGREEMENT SCHEME. ...
... IP addresses.
...
MTU 5 MAXIMUM TRANSMISSION UNIT. ...
... multihost-based auditing The auditing
...
multicast A special form of broadcast ... or detecting of intrusion that includes data
...
where copies of a packet are delivered to ... from multiple hosts.
...

87
multilevel device
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
multilevel device A device that main- ... to which they have access; and (c) all users
...
tains and separates data of different secu- ... are on a need-to-know basis for the infor-
...
rity levels. ... mation to which they have access.
...
...
... multilevel security Information is CLAS-
multilevel integrity An integrity policy ...
... SIFIED at different levels of security. Infor-
whose use depends on the order of multi- ...
... mation access is permitted according to
level integrity labels. ...
... ACCESS CONTROL policies.
...
multilevel mode An INFOSEC mode ...
... Multipurpose Internet Mail Extensions
of operation wherein all the following ...
... A set of specifications to link and transfer
statements are true about the users who ...
.. nontext files with Internet e-mail and other
have direct or indirect access to the system, .....
. IP applications including Usenet news.
its peripherals, remote terminals, or remote .....
...
hosts: (a) Not all users have a valid secu- .... mutual suspicion A condition where
rity CLEARANCE for all the information pro- ...
... two ISs must rely upon each other to per-
...
cessed in the IS; (b) all users have the ... form a service, but neither IS trusts the
...
proper security CLEARANCE and appropriate ... other to properly protect the data they are
formal access approval for that information ..... sharing.
...
.

88
 N
j
...
...
Nak attack 5 NEGATIVE ACKNOWLEDG- ... National Security Agency The U.S.
...
MENT ATTACK. ... government agency responsible for protect-
...
... ing U.S. communications and producing
name resolution The process of map- ... foreign intelligence information. Estab-
...
ping a name to the corresponding address. ... lished by a presidential directive in 1952 as
...
See also DNS. ...
a separately organized agency within the
...
...
... Department of Defense.
National Computing Security Center ...
Founded in 1981 as DoDs Computer Se- ...
... National Security Information Infor-
curity Center, it is now a part of the U.S. ...
... mation that in accordance with Executive
NATIONAL SECURITY AGENCY (NSA). It was ...
... Order 12958 or any predecessor order
renamed NATIONAL COMPUTER SECURITY CEN- ...
... requires protection against unauthorized
TER (NCSC) in 1985. NCSC evaluates
...
... disclosure.
computing equipment to ensure that estab- ...
...
... National Security System Any tele-
lishments processing CLASSIFIED or other ...
... communications or information system op-
sensitive material are using trusted com- ...
... erated by the U.S. government that (1) in-
puter systems and components. This ...
... volves intelligence activities; (2) involves
agency developed the TRUSTED COMPUTER SYS- ...
... CRYPTOLOGIC activities related to national se-
TEM EVALUATION CRITERIA (TCSEC) and the ...
... curity; (3) involves command and control
TRUSTED NETWORK INTERPRETATION ENVIRON- ...
... of military forces; (4) involves equipment
MENT GUIDELINE (TNIEG). ...
... that is an integral part of a weapon or
...
National Institute for Standards and ... weapons system; or (5) is critical to the di-
...
Technology The U.S. government orga- ... rect fulfillment of military or intelligence
...
nization that develops standards for U.S. ... missions and does not include a system
...
federal government use. More information ... that is to be used for routine administra-
...
about the NATIONAL INSTITUTE FOR STANDARDS ... tive and business applications (including
...
AND TECHNOLOGY (NIST) is available at ... payroll, finance, logistics, and personnel
...
http://www.nist.gov. ... management applications). (Title 40
.

89
NC
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
U.S.C. Section 1452, Information Tech- ... consists of nodes interconnected via chan-
..
nology Management Reform Act of 1996.) ..... nels; the nodes implement the functionality
...
... of the subnet by interfacing the hosts to
NC 5 NETWORK COMPUTER. ...
... the network and providing a means of
...
NCRP 5 NETWORK COMPUTER REFERENCE ... passing messages between them.
...
SPECIFICATION. ...
... Network Basic Input Output System
...
NCSC 5 NATIONAL COMPUTING SECURITY .... The standard interface to networks on
CENTER. ...
... IBM PC and compatible systems.
...
need-to-know The need to access, ...
... network computer A lightweight, ubiq-
know of, or possess specific information ...
... uitous, extensible, secure, and easy to ad-
essential to the completion of official du- ...
... minister system that ensures universality by
ties. A person or an object is provided as ...
... using technologies like HTTP, HTML, and
much information as is essential to per- ...
... Java.
form a given task precisely. ...
...
... network computer reference
negative acknowledgment attack A ...
. specification Specifications that address
type of ATTACK that exploits the vulnerabil- .....
... requirements of new mobile computing
ity of those operating systems that do not ...
... devices.
handle asynchronous interrupts well and ...
.
leave the system unprotected during such a ..... NOTE : At the time of writing this dictionary these
...
time. ... specifications are still being worked on by a consor-
...
... tium of leading industry members in computing.
NetBIOS 5 NETWORK BASIC INPUT OUT- ...
...
PUT SYSTEM. ... Network File System A distributed file
...
... system developed by Sun Microsystems
netiquette A combination of the words ...
... that allows a set of computers to coopera-
net and etiquette. A general code of con- ...
... tively access each others files in a transpar-
duct for sending and receiving e-mail and ...
... ent manner.
for general use of the Internet. ...
...
... network front end A device that
netmask Also known as SUBNET MASK, ...
... enables a computer system to attach to a
ADDRESS MASK. See also ADDRESS MASK. ...
... network.
network A collection of two or more ...
...
...
interconnected computers. IS combined ... network information center A NET-
...
with a group of interconnected network ... WORK INFORMATION CENTER (NIC) provides
...
nodes. See Figure N1. ... network information and support to end
...
Typically, a network consists of hosts ... users and administrators. Originally, there
...
that are interconnected via a communica- ... was only one NIC, located at SRI Inter-
...
tion subnet. Hosts are the primary com- ... national (U.S.) and tasked to serve the
puters connected to the network; they con- ..... ARPANET community. Many regional and
...
tribute to the network load and may ... midlevel networks have established such
...
perform functions not directly related to ... centers to serve the local networking com-
...
networking, such as running users pro- ... munity. There are NICs of local, regional,
.
grams. Typically, hosts are identified at the ..... and national networks all over the world.
.
highest level of the protocol hierarchy by a ..... Such centers provide user assistance, docu-
...
human user. The communications subnet ... ment service, training, and much more.
...

90
 network security officer
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

(A)

(B)
Host Host
Node
Node Host Host
Node
Node
Node
Node Node

Node Host Node

Node

Host
Host Host
(C)
Host

Node Node

Node

Node Node
Host

.................................................... ...
FIGURE N1. Network. Here ovals (A), (B), and (C) ...
... network reference monitor A method
individually represent a network, and all three com- ...
... of ACCESS CONTROL in which all access to
bined are also a network. ... objects within a network by subjects within
...
.................................................... ...
... the network is mediated by an abstract ma-
... chine. See also REFERENCE MONITOR.
...
...
...
... network security The protection of
...
NOTE : SRI International is located at Menlo Park, ... networks and their services that ensure that
...
California (U.S.). In May 1997, Stanford Research ... the network performs its critical functions
...
Institute officially became SRI International. Details ... correctly and without harmful side effects.
...
about SRI International are available at http:// ... It prohibits unauthorized modification, de-
www.sri.com. ...
... struction, or disclosure.
...
network layer The OSI layer that is ...
...
responsible for routing, switching, and ... network security architecture The
...
subnetwork access across the entire OSI ... subset of network architecture concerned
...
environment. ... with security-relevant issues.
...
...
network level firewall In this type of ... network security officer The individ-
...
FIREWALL,protection is provided by examin- ... ual in charge of network security. See also
...
ing packets at the INTERNET PROTOCOL layer. ... INFORMATION SYSTEM SECURITY OFFICER.
...
.

91
network sponsor
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
network sponsor The individual or or- ... dom number. It is possible to introduce
..
ganization that must state the networks se- ..... security weaknesses by using a nonce with
.
curity policy, design the necessary network ..... the wrong properties.
...
security architecture, and ensure that the ...
... noncompromisability A systems ability
policy is enforced. The vendor is usually ...
the sponsor for COMMERCIAL OFF-THE-SHELF .... to withstand COMPROMISE.
...
...
systems (COTS). The project manager or ... noncooperative remote rekeying 5
system administrator is usually the sponsor ..... AUTOMATIC REMOTE REKEYING.
....
for a fielded network system. ...
... nondiscretionary access controls
...
network system A system based on ... Same as MANDATORY ACCESS CONTROLS.
...
a clear security architecture and design. It ...
... nondiscretionary security A set of
is made up of many interconnected com- ...
... U.S. DoD policies restricting access to an
ponents. ...
... item of information based on a CLEARANCE
...
network trusted computing base ... level equal to or greater than the CLASSIFI-
partition All of the protection mecha- ...
... CATION associated with the item that
nisms within a network, including hard- ...
... should satisfy the access categorys set
ware, firmware, and software, which com- ...
... restrictions.
bine to enforce a security policy. See ...
...
TRUSTED COMPUTING BASE.
... nonrepudiation The property of a
...
... scheme achieved through CRYPTOGRAPHIC
...
network weaving Different unautho- ... methods in which the recipient is able to
...
rized communication networks linked to- ... prove to a third party that data has been
...
gether to avoid detection and trace-back ... sent by the sender or received by the re-
...
while accessing an IS. ... ceiver. This property protects against the
...
... sender denying having sent the message
NFS 5 NETWORK FILE SYSTEM. ...
... and the receiver denying having received
..
NIC (1) 5 NETWORK INFORMATION CEN- .... the message. The sender is provided with
...
TER. (2) Many people use NIC as an acro- ... a proof of delivery and receiver is assured
...
nym for Network Interface Card. ... of senders identity. Nonrepudiation as a
...
... CRYPTOGRAPHIC property must not be con-
NIST 5 NATIONAL INSTITUTE FOR STAN- ...
... fused with a legal guarantee.
DARDS AND TECHNOLOGY. ...
... NONREPUDIATION of origin provides
...
node A computer in the Internet work ... proof of data (message) being sent by the
...
environment on which internet protocol ... sender; NONREPUDIATION of transmission
...
services are available. ... provides proof of data (message) trans-
...
... mission, and NONREPUDIATION of delivery
no-lone zone Area, room, or space that ...
... provides proof of receipt of the data
when staffed must contain two or more ...
... (message) by the recipient. See ISO
appropriately cleared individuals who must .....
... 74982.
remain within each others sight. See also ...
...
TWO-PERSON INTEGRITY. ... nonsecret encryption 5 PUBLIC KEY
...
... CRYPTOGRAPHY.
nonce A quantity that any user of a pro- ...
...
tocol uses only once, for example, a time- ... nontamperability A systems ability to
...
stamp, a sequence number, or a large ran- ... withstand tampering.
...

92
 null
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
NSA 5 NATIONAL SECURITY AGENCY. .... null Meaningless letter, letter symbol, or
....
... CODE GROUP within an encrypted message
NSI 5 NATIONAL SECURITY INFORMATION. ...
... that delays or prevents its DECRYPTION or
...
NTCB 5 NETWORK TRUSTED COMPUTING ... completes encrypted groups for transmis-
...
BASE PARTITION. ... sion or transmission security purposes.
.

93
 O
j
...
...
OASIS 5 ORGANIZATION FOR THE ... to pass small volumes of low-sensitivity
...
ADVANCEMENT OF STRUCTURED INFORMATION ... information.
...
STANDARDS. ...
... one-time cryptosystem A CRYPTOSYSTEM
obfuscation 5 CODE OBFUSCATION.
...
... employing a key used only once.
...
obfuscator A tool to do automatic CODE ...
...
OBFUSCATION. ...
...
one-time pad An encryption method
...
...
where a long string known only to the
object An active or passive entity that ...
...
sender and the receiver is used as the key
stores or receives information. Gaining ac- ...
...
for ENCRYPTION and DECRYPTION. This ex-
cess to an object means also gaining access ...
...
tremely simple encryption method is secure
to the information it contains. ...
...
for keeping a message confidential if the
object reuse The reassignment and reuse ... string used is truly random, known only to
...
of a storage medium that contains one or ... the communicating parties, at least as long
...
more objects after it has been made certain ... as the PLAINTEXT, and never reused.
...
that the storage medium is free of residual ...
...
data. ... NOTE : Some have referred to a one-time pad as a
... key distribution mechanism rather than an encryption
...
OFB 5 OUTPUT FEEDBACK MODE. ... method, because many different algorithms can be used,
...
... as long as the conditions above are met.
off-line cryptosystem CRYPTOSYSTEM in ...
...
which ENCRYPTION and DECRYPTION are sepa- ...
... one-time tape Punched paper tape that
rate from the transmission and reception ...
... provides key streams on a one-time basis in
functions. ...
... certain machine CRYPTOSYSTEMS.
...
one-part code A systematically ordered ...
...
code of PLAINTEXT elements and their accom- ... one-to-one mapping A function that
...
panying CODE GROUPS in which one listing ... assigns an output value to each input value
...
serves for both encoding and decoding. ... in such a way that each input maps to ex-
...
These codes are normally small and used ... actly one output.
.

95
online cryptosystem
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
online cryptosystem A CRYPTOSYSTEM in ... operational code A code mainly con-
...
which ENCRYPTION and DECRYPTION are per- ... sisting of words and phrases appropriate
...
formed in conjunction with the transmit- ... for general communications use.
...
ting and receiving functions. ...
... operational data security The protec-
...
online server Something that provides a ... tion of data from either unintentional, un-
...
service and is generally available on the ... authorized, or intentional modification,
...
network. ... destruction, or disclosure during input,
...
... processing, storage, transmission, or output
open A system, specification, or an item ...
developed with details available to the pub- ..... operations.
.
.
lic. For example, an open Internet working ..... operational key A key used for over-
...
protocol will allow independent Internet ... the-air protection of operational informa-
...
working implementations based on docu- ... tion or for the production or secure elec-
...
mentation alone, and there are no patent, ... trical transmission of key streams.
...
copyright, or trade secret impediments to ...
... operational waiver The authority for
its deployment. Examples of open systems ...
the continued use of unchanged COMSEC
include OSI seven-layer architecture for in- .....
.... END-ITEMS until a required change is com-
terconnection of computer systems. ...
... pleted.
open security environment An envi- ...
... operations security The process of
ronment that does not provide adequate ...
... controlling and protecting UNCLASSIFIED ge-
protection against the loss of CONFIDENTIAL- ...
... neric activities to deny unauthorized per-
ITY, INTEGRITY, or AVAILABILITY.
...
... sons information about capabilities and/or
...
Open Shortest Path First A protocol ... intentions.
...
standard IGP for the Internet. See also IGP. ...
... OPSEC 5 OPERATIONS SECURITY.
..
Open Software Foundation An organi- ....
... optional modification An NSA (U.S.)
zation founded as an industry consortium ...
... approved change not necessary for universal
to develop and license open software. It is ...
... implementation by all holders of a COM-
best known for OSF/1, a UNIX variant, ...
... SEC END-ITEM. This class of modification re-
and DCE, a family of protocols centered ...
... quires all of the engineering/doctrinal con-
on a secure RPC and distributed file ...
... trol of required change but is usually
system. ...
... separate from security, safety, TEMPEST, or
...
open storage The storage of CLASSIFIED ... reliability.
...
INFORMATION in a container that is not ap- ...
. ORA 5 ORGANIZATIONAL REGISTRATION
proved by the General Services Administra- .....
... AUTHORITY.
tion, in an unoccupied accredited facility. ...
...
Open System Interconnect The name ... Orange Book 5 TRUSTED COMPUTER
...
of computer networking standards ap- ... SYSTEM EVALUATION CRITERIA (TCSEC).
...
proved by ISO. See also ISO OSI. ... organizational maintenance Limited
...
... maintenance that a user organization com-
operating system A group of programs ...
... pletes.
that directly control the hardware of a ...
...
computer and on which all of the com- ... Organizational Registration Authority
...
puters other running programs are depen- ... Branch of the PKI that AUTHENTICATES users
...
dent. ... identities and organizational affiliations.
...
.

96
 overwrite procedure
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
Organization for the Advancement of .... pad by iteratively encrypting the previous
.
.
Structured Information Standards ... block, staring with an IV.
...
ORGANIZATION FOR THE ADVANCEMENT OF ....
STRUCTURED INFORMATION STANDARDS (OASIS) .... overrun In the security community, the
... term OVERRUN means that security is COM-
uses public standards such as XML and ...
... PROMISED. A common goal is to minimize
SGML to develop industry specifications ...
... the damage done if a single node in a sys-
that are interoperable. OASIS is a non- ...
... tem is overrun and secrets are revealed.
profit, international consortium and its ...
...
members include organizations and indi- ... overt channel Communications path de-
...
viduals who use these standards. For more ... signed for the authorized transfer of data
..
details, see the information at http://www. ..... in a computer system or network. See also
...
oasis-open.org. ... COVERT CHANNEL.
...
...
OSF 5 OPEN SOFTWARE FOUNDATION. ... over-the-air key distribution The dis-
...
... tribution of electronic keys by way of OVER-
OSI 5 OPEN SYSTEM INTERCONNECT. ...
... THE-AIR REKEYING, OVER-THE-AIR KEY TRANSFER, or
...
... COOPERATIVE KEY GENERATION.
OSPF 5 OPEN SHORTEST PATH FIRST. ...
...
... over-the-air key transfer The elec-
OTAR 5 OVER-THE AIR REKEYING. ...
... tronic distribution of keys without altering
...
out of band Mechanism different from ... the traffic encryption key used on the se-
...
the regular transmission of data. An out- ... cured communications path over which the
...
of-band mechanism for key distribution ... transfer is completed.
...
would be something other than sending ...
... over-the-air rekeying The alteration of
messages across the network, for example, ...
.. a traffic encryption key or a transmission
by having people talk on the phone to each ..... security key in remote CRYPTO-EQUIPMENT by
.
other or to give each other pieces of paper ..... sending the new key directly to the remote
...
or floppies that contain keys. ... CRYPTO-EQUIPMENT over the secured commu-
...
... nications path.
output feedback mode A method of ....
turning a secret key block CIPHER into a .... overwrite procedure Writing patterns
...
stream CIPHER. OUTPUT FEEDBACK (OFB) effec- ..... of data over data stored on a magnetic
.
tively generates a pseudo-random one-time ..... medium.
...

97
 P
j
...
...
P2P 5 PEER-TO-PEER. ...
...
...
P3P 5 PLATFORM FOR PRIVACY PREFER- ... Organizational
... Internet
ENCES PROJECTS. ... Network
...
... Packet
PAA 5 POLICY APPROVING AUTHORITY. ... Filter
...
... ....................................................
packet A packet is the unit of data ...
passed across the interface between the In- ... FIGURE P1. Packet filter.
...
... ....................................................
ternet layer and the link layer. It includes ...
...
an IP header and data. A packet may be a ...
...
complete IP datagram or a fragment of an ...
... pad Additional bits added to a message
IP datagram. ...
... to make it a desired length, for instance, an
...
packet filter A type of FIREWALL in which ... integral number of bytes. This meaning of
...
each packet is examined based on local se- ... pad is not related to the word pad as in
...
curity policy and is accepted or rejected. ... the phrase one-time pad.
...
See Figure P1. ...
... parity Bit(s) that can identify any altera-
...
packet filtering A technique generally ... tion of a block of data.
...
incorporated into ROUTERS to control and ...
... partitioned security mode An IS secu-
divert the flow of PACKETS based on prede- ...
... rity mode of operation in which all person-
termined characteristics such as origin or ...
... nel have the CLEARANCE for all information
destination of packets, or by the type of ...
... handled by an IS, but not all personnel have
service being offered by a network. This ...
... formal access approval and NEED-TO-KNOW.
technique may limit protocol-specific pack- ...
...
ets to one segment of the network. ... passive Does not require action on the
...
... part of a user.
packet sniffer A program or a process ...
...
that captures and displays the contents of ... passive attack This type of ATTACK does
...
IP packets on a network. ... not result in any system state change or a
.

99
passive threat
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ..
change in data; it only monitors or records ..... dresses of the connected computers. Users
...
system state or data. ... use the same program on each machine to
...
... connect to each others machines and share
passive threat A threat in which infor- ...
... each others resources and files. A typical
mation is intercepted but not altered. Pas- ...
... application program with these features is
sive threats can be dangerous because the ...
... Napster, which allows people to share mu-
information may be secret. Contrast with ...
... sic, usually via MP3 files through P2P net-
ACTIVE THREAT. ...
... works over the Internet.
...
passphrase Sequence of characters that ...
... PEM 5 PRIVACY ENHANCED MAIL.
is too long to be a password and is thus ...
....
turned into a shorter virtual password by ... penetration The deceptive bypassing of
...
the password system. ... a systems security mechanisms.
...
...
passwd Password checker that replaces ... penetration testing Security testing in
...
/bin/passwd on a UNIX system, offers ... which authorized evaluators who are famil-
...
enhanced logging, and keeps users from ... iar with a systems design and implementa-
...
selecting passwords that can be easily ... tion try to bypass its security features.
...
guessed. ...
...
... per-call key Unique traffic encryption
password A supposedly secret string ...
... key generated automatically by certain se-
used to prove ones identity, ...
... cure telecommunications systems to access
...
password sniffing Eavesdropping to ... single voice or data transmissions. See also
capture passwords, which can then be used ..... COOPERATIVE KEY GENERATION.
...
to masquerade as a legitimate user. ....
... perimeter-based security Protecting a
...
path The sequence of gateways that at a ... network by providing security at all entry
...
given moment all the IP datagrams going ... and exit points to the network.
...
from a particular source host to a particu- ...
... periods processing Processing in which
lar destination host will traverse. A path is ...
... different levels of CLASSIFIED and UNCLASSI-
unidirectional; it is not unusual to have ...
... FIED information cannot be processed at the
different paths in the two directions be- ...
... same time. All information from one pro-
tween a given host pair. ...
... cessing period must be cleared before an-
...
PCA 5 POLICY CREATION AUTHORITY. ... other processing period begins.
...
...
PCT 5 PRIVATE COMMUNICATION ... permission One type of subjectobject
...
TECHNOLOGY. ... interaction. Also referred to as consent,
...
... typically consent for a particular user to
PDS 5 PROTECTED DISTRIBUTION SYSTEM. ...
... access a particular object in some well-
...
PDU 5 PROTOCOL DATA UNIT. ... defined way.
...
...
peer entity authentication Corroborat- ...
... permutation A method of encryption
ing the identity of the entity one is con- ...
... where parts of the message are rearranged.
nected to. ...
... Encryption by permutation is not very se-
...
peer-to-peer A network with typically ... cure by itself, but it can be used in combi-
geographically distributed nodes, temporar- ..... nation with substitution to build powerful
.
ily built on the Internet through the IP ad- ..... ciphers like DES.
...

100
 phreaker
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Input

0 1 2 3 4 5 6 7

1 0 1 1 0 1 1 1

0 1 0 1 1 1 1 1

1 5 4 0 6 3 7 2

Output
....................................................
...
FIGURE P2. Permuter. ... allowed execution of subsequent com-
...
.................................................... ... mands with privileges of the user running
...
... the Web server.
...
permuter CRYPTO-EQUIPMENT device that ... Lack of proper parsing and validation
...
changes the order in which the contents ... of input data could trick this program into
...
of a shift register are used in various ... executing arbitrary code. For example, in
...
nonlinear combining circuits. Figure P2 ... UNIX, including meta characters, e.g.,
...
shows a permutation of 10110111 to ... \ / ! etc. in the input could result
...
01011111. ... in escaping out to a shell and allowing exe-
...
... cution of arbitrary code.
personal identification number Short ...
... PHF attacks were common in 1996
sequence of digits used as a pass phrase. ...
... and 1997.
...
pest program A program with harmful ...
... phf vulnerability Named after an exam-
and generally unexpected side effects. Ex- ...
... ple cgi-bin script often distributed with ear-
amples are Trojan horses, logic bombs, vi- ...
... lier versions of several Web servers and
ruses, and malicious worms. ...
... commonly used to display the /etc/passwd
...
PGP 5 PRETTY GOOD PRIVACY. ... file. This vulnerability lets an intruder exe-
...
... cute arbitrary commands with the privileges
phage A program that maliciously modi- ...
... of the Web server.
fies another program or data by propagat- ...
...
ing a virus or a Trojan horse. ... photuris A key exchange protocol that
...
... uses long-term keys to AUTHENTICATE session
PHF A CGI script that came as a part of ...
... keys.
earlier versions of Apache Web server and ...
...
NCSA HTTPD. The original version of ... phreaker A person who manipulates a
...
PHF accepted newline characters (%0a) and ... system to make telephone calls at others
...
..

101
physical layer
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
expense without their knowledge or con- ... verb: ping host X to see if it is up! and
...
sent. ... also as a noun: I sent it a ping but it
...
... didnt respond.
physical layer The OSI layer that pro- ...
...
vides the means to activate and use physi- ... ping of death A large ICMP packet sent
...
cal connection for bit transmission. In ... to overflow the remote hosts buffer, caus-
..
plain terms, the physical layer provides the ..... ing the remote host to reboot or hang.
...
procedures for transferring a single bit ....
... PKCS 5 PUBLIC-KEY CRYPTOGRAPHY
across a PHYSICAL MEDIUM. ...
... STANDARD.
...
physical medium Any means in the ...
PKI 5 PUBLIC KEY INFRASTRUCTURE.
physical world for transferring signals be- .....
....
tween OSI systems. Considered to be out- .. PKZIP Software package for data com-
.
side the OSI Reference Model, and there- ..... pression and backup from PKware, Inc.
....
fore sometimes referred to as Layer 0. ...
... plaintext Unencrypted information.
The physical connector to the medium ...
can be considered as defining the physical ..... Platform for Internet Control Selection
....
layer, i.e., the bottom of the OSI Refer- ... These are specifications to mark the Inter-
...
ence Model. ... net content with labels (metadata) that de-
...
... fine and categorize the content. Filtering
physical network interface A physical ...
... software can use these labels to block ac-
interface to a connected network having a ...
... cess to certain data. This also facilitates
link-layer address. Multiple physical net- ...
works on a single host may share the same ..... CODE SIGNING privacy and parents and
... teachers control over the display of and
link-layer address, but the address must be ....
... access to Internet content.
unique for different hosts on the same ...
...
physical network. ... Platform for Privacy Preferences
... Projects This is an emerging standard
...
physical security The protection of ... defined by W3C that covers Web sites
...
computer systems, related buildings, and ... privacy policies. These policies, which are
...
equipment from intrusion and natural and ... also available in a machine-readable form
...
environmental hazards. Also the ACCESS ... (on the Web site), include how a Web site
...
CONTROL of computer systems and facilities ... handles personal information of its users.
through the use of locks, keys, and admin- .....
... P3P-enabled Web browsers can compare
istrative measures. ...
... users privacy preferences with a Web sites
...
PICS 5 PLATFORM FOR INTERNET CONTROL ... P3P, thereby giving choice and information
...
SELECTION. ... to a user. P3P1.0 specifications are now
...
... available from the World Wide Web Con-
piggyback Using somebody elses legiti- ...
... sortium (W3C) web site at http://www.
mate connection to obtain unauthorized ...
... w3c.org.
connection to a system. ...
...
... plausible deniability A situation in
PIN 5 PERSONAL IDENTIFICATION NUMBER. ...
... which events are structured such that
...
ping Package Internet groper. A program ... someone can claim not to have known or
.
used to test the reachability of destinations ..... done something, and no proof exists to the
.
by sending them an ICMP echo request and ..... contrary. The term is usually used by a
...
waiting for a reply. The term is used as a ... person or persons who arrange the struc-
...

102
 Pretty Good Privacy
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
ture of events for this purpose. See also ... applications use dynamically assigned port
...
NONREPUDIATION. .... numbers.
....
...
playback Unauthorized resending of a ... port scan A procedure to probe target
...
legitimate recorded message. ... computers by sending data packets to ports
...
... to see the network services offered.
Point-to-Point Protocol The successor ...
...
to SLIP, POINT-TO-POINT PROTOCOL (PPP) pro- ... positive control material A collective
vides router-to-router and host-to-network ..... term that refers to a sealed AUTHENTICATOR
....
connections over both synchronous and ... system, permissive action link, coded
...
asynchronous circuits. See also SLIP. ... switch system, positive enable system, or
...
... nuclear command and control documents,
policy An expression of the intent of a ...
... material, or devices.
systems owner or operator within which ...
...
the system should operate. For example, a ... PostScript A write-only programming
security policy describes the owners intent ..... language created by Adobe Systems, Inc. to
...
for the AUTHENTICATION, ACCESS CONTROLS, .... describe printed pages.
...
etc., for a system. There are also specific ...
PPP 5 POINT-TO-POINT PROTOCOL.
types of policies for CONFIDENTIALITY, safety, .....
...
INTEGRITY, etc. .... preauthentication A method requiring
...
... a user to prove knowledge of a password
Policy Approving Authority The pri- ...
... before access is given to sensitive informa-
mary level of the U.S. DoD PKI Certifica- ...
tion that is encrypted with that password.
tion Management Authority. It is responsi- .....
.... This makes it more difficult for an ADVER-
ble for the approval of the security policy ...
... SARY to use an off-line password guessing
of each PCA. ...
... ATTACK.
NOTE : P OLICY A PPROVING A UTHORITY ...
...
(PAA) and P OLICY C REATION A UTHORITY ... preproduction model A version of
...
(PCA) are PKI terms used within a restricted con- ... INFOSEC equipment that uses standard
...
text, e.g., some U.S. and Canadian government ... parts and whose form, design, and perfor-
...
PKIs. ... mance may not be completely evaluated.
...
... Also called BETA MODELS.
Policy Creation Authority The second ...
...
level of the US DoD PKI Certification ... presentation layer The OSI layer that
...
Management Authority. It is responsible ... determines how application information is
...
for the formulation of the security policy ... represented while in transit between two
...
under which it and its subordinate CAs ... systems.
...
will issue public key certificates. Also ...
... Pretty Good Privacy A strong encryp-
known as a Policy Certification Authority. ...
... tion system for e-mail and file security that
See note (POLICY APPROVING AUTHORITY). ...
... uses a combination of public key and se-
...
port A logical transport protocol end- ... cret key encryption. Created by Philip
...
point on a host. A single host may trans- ... Zimmerman [PRZ95], a computer scien-
...
mit or receive information on a number ... tist from Boulder, Colorado. The operation
...
of different ports. Different applications ... of PRETTY GOOD PRIVACY (PGP) consists of
...
may be associated with different ports. ... five functions: digital signatures, message
...
Sometimes an application may use the ... encryption, compression, e-mail compati-
...
same well-known port number. Other ... bility, and segmentation. PGP now uses
..

103
principal
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

IkJJjklz;
This is PLAJkc
a message This is vkikkkK
This is from Phoha a message KDBfpa
a message from Phoha s[Zvmk.
from Phoha Signature Signature MAMS

(1) (2) (6) (7) (8)

IkJJjklz;
PLAJkc This is
vkikkkK This is a message
KDBfpa a message from Phoha This is
s[Zvmk. from Phoha a message
MAMS Signature Signature from Phoha

(3) (4) (5) (9) (10) (11)

(a) (b)
.................................................... ...
FIGURE P3. PGP.
...
... key; in (10) this file is decompressed and
.................................................... ...
... has both the signature and plaintext mes-
...
... sage. In (11) signature is verified using
...
... senders RSA public key.
DiffieHellman and DSA as well as or in- ...
...
stead of RSA. ... principal A user or the collection of
...
Figure P3 shows an example of how ... processes in a computer working on that
...
PGP works. Part (a) of the figure shows the ... users behalf. Similar to subject; PRINCIPAL is
...
process before the message is transmitted, ... a generic term used by the security com-
...
and part (b) shows the process after the ... munity to include both people and com-
...
message is received. ... puter systems.
Part (a): In (1) a digital signature ...
...
... print suppression Hides characters to
(MD5/RSA) using senders private key is ...
... ensure PRIVACY. Typically used while a user
appended to the file containing plaintext ...
... types in a password.
message This is a message from Phoha. ...
...
In (2) this file is compressed; in (3) this ...
... privacy Protection from the unautho-
compressed file is encrypted with one- ...
... rized disclosure of data. Security purists
time session key using IDEA; in (4) using ...
... use CONFIDENTIALITY for this and use privacy
receivers public key, an encrypted copy ...
... to refer to the protection of personal infor-
of session key is added; in (5) this file is ...
... mation; privacy legislation consists of laws
converted to ASCII armor format. This ...
... requiring government and business to jus-
converted file is then sent over the ...
... tify which data they keep about people,
network. ...
... and to tell people what information those
Part (b): In (6) the ASCII file is re- ...
... organizations are storing about them.
ceived; in (7) ASCII armor is removed; in ...
...
(8) one-time IDEA session key is recovered ... NOTE : The usage has not standardized; sometimes,
...
using receivers private key; in (9) the file ... privacy refers to a lower grade of CONFIDENTIAL -
...
is decrypted using one-time IDEA session ... ITY , used merely to protect personal information,
..

104
 proprietary information
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
rather than national security CLASSIFIED INFOR - ... probe An attempt to obtain information
...
MATION . ... about an IS or its users.
...
...
Privacy Enhanced Mail IETFs specifica- ...
... process Generally, a sequential locus of
tions for secure electronic mail. PRIVACY ...
... control, as in the execution of a virtual
ENHANCED MAIL (PEM) provides mecha- ...
... processor. It may take place on different
nisms to support encryption, AUTHENTICA- ...
... processors or on a single processor, but
TION and integrity of e-mail messages in ...
... with only a single execution point at any
the Internet. The IETF specification for ... one time.
.
PEM cover (1) the format of messages that ....
...
use PEM, (2) a hierarchy of certification ... production model The final mechanical
...
authorities, (3) a set of CRYPTOGRAPHIC al- ... and electrical form of INFOSEC equipment.
...
gorithms, (4) message formats for re- ...
...
questing and revoking certificates. PEM ... promiscuous mail server A server that
...
specifies a tree structure hierarchy of CAs ... sends e-mail over the Internet without con-
...
for key distribution and uses RSA public ... firming information on either the sender or
...
key technology for encryption and AU- ... recipient.
...
THENTICATION. More details are available in ...
... promiscuous mode Refers to a setting
RFC 1421, RFC 1422, RFC 1423, and ...
... of an Ethernet interface that allows it to ac-
RFC 1424. ...
... cept all information regardless of whether it
...
privacy system A commercial encryp- ... is addressed to its address. In contrast, in
...
tion system that can protect against a ca- ... normal mode, such an interface accepts only
...
sual listener, but does not provide protec- ... information that is specifically addressed to
...
tion from a technically competent ... that interface or that is broadcast.
...
cryptanalytic ATTACK. ...
... proof-carrying code CODE that has
..
Private Communication Technology A .... built-in methods to statically check and en-
..
protocol that provides session-level security ..... sure that code conforms with security poli-
...
and is very similar to the SECURE SOCKET ... cies. This is an active area of research and
...
LAYER PROTOCOL of Netscape. ... the term is generally used in the context of
...
... MOBILE CODE.
private key The quantity in PUBLIC KEY ...
...
CRYPTOGRAPHY that must be kept secure. ... proprietary information Material and
...
... information developed by a company per-
NOTE : A private key is generally associated with a ...
user, and this user is responsible for maintaining its ... taining to the companys products, busi-
...
CONFIDENTIALITY . ... ness, or activities. Examples are financial
...
... information; data or statements; trade se-
privileged access A specific user, pro- ...
.. crets, product research and development;
cess, or computers AUTHORIZATION to access .....
... existing and future product designs and
a computers resource(s). ...
... performance specifications; marketing plans
...
privileged user A user of a computer ... or techniques; schematics; client lists; com-
...
who has been given more privileges than ... puter programs; processes; and know-how
...
normal users, usually to perform system ... that have been clearly identified and prop-
...
management functions. A privileged user ... erly marked by the company as proprietary
...
may be authorized to bypass the normal ... information, trade secrets, or company
...
access control mechanism. ... confidential information.
...

105
protected communications
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
protected communications Telecom- ... protocol A system of rules governing the
...
munications protected by TYPE 2 products ... syntax, transmission, and sequencing of
...
or data encryption standard equipment. See ... different messages that allow systems to
...
also TYPE 2 product. ... exchange information.
...
...
protected distribution system A wire ...
... protocol data unit This is OSI termi-
line or fiber-optic distribution system that ...
... nology for packet. A PROTOCOL DATA UNIT
transmits CLASSIFIED national security infor- ...
.. (PDU) is a data object exchanged by proto-
mation that is unencrypted through an area ..... col machines within a given layer. PDUs
...
of lesser CLASSIFICATION or control. ... consist of both protocol control informa-
...
... tion (PCI) and user data.
protected subsystem A program that ...
...
can run at a higher level of privilege than ...
... protocol layer Within an overall com-
the user of the program is entitled to, be- ...
.... munications process, a set of component
cause it has very structured interfaces that ...
... processes each of which provides specific
will not allow for anything but security- ...
... functions and communicates with adjacent
safe operations. ...
... layers.
...
protection philosophy The overall de- ...
.
sign of an IS that describes each of the ISs ..... protocol model A conceptual model
... that describes how to communicate within
protection mechanisms. A combination of ...
... a network.
formal and informal techniques that prove ...
...
that the security mechanisms can suffi- ...
... prowler A program to periodically clean
ciently enforce the security policy. ...
... up system resources. It may erase core files
...
protection ring One of a hierarchy of an .... and other temporary files that are left be-
...
ISs select modes that provides certain ac- ... hind by users and take up space.
.
cess rights to authorized user programs and .....
... proxy The mechanism whereby one sys-
processes for a given mode. ...
... tem fronts for another system in re-
...
protective packaging Packaging tech- .... sponding to protocol requests. PROXY sys-
niques for COMSEC MATERIAL that protect ....
... tems are used in network management to
against penetration, show whether penetra- ..... avoid having to implement full protocol
tion has occurred or was attempted, and ....
... stacks in simple devices such as modems.
prevent premature viewing or copying of ...
... In Figure P4 the dotted line indicates a
KEYING MATERIAL.
...
... virtual connection between an external cli-
...
. ent and a server. The connection between
protective technologies Special tamper- ....
. the external client and the proxy is called
evident features and materials for detecting .....
. the external connection, and the connec-
tampering and preventing attempts to COM- .....
... tion between the proxy and the server is
PROMISE, modify, penetrate, extract, or sub- ...
... called an internal connection.
stitute information-processing equipment ...
... Proxy servers also act as go-betweens
and keying material. ...
... for unknown protocols. For example, an
...
protective technology/package ... FTP proxy server may accept requests from
...
incident Any penetration, such as a crack ... a Web browser that does not have FTP im-
...
or cut, of INFOSEC protective technology ... plemented and transfer FTP requests to an
...
or packaging. ... FTP server.
...

106
 Public Key Cryptography Standard
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
External client
on the network Local Server

Proxy

External Internal
connection (a) connection

HTTP Request (FTP) FTP Request

HTTP FTP FTP
Browser Proxy Server
HTTP Response (FTP) FTP Reply

(b)
.................................................... ...
...
FIGURE P4. Proxy. ... ple a persons identity) to a public key or
.................................................... ...
... some other attribute.
...
...
... public key cryptography 5
...
... ASYMMETRIC CRYPTOGRAPHY.
...
proxy ARP A technique by which one ...
... Public Key Cryptography Standard A
machine, usually a ROUTER, answers ARP re- ...
... series of documents produced and distrib-
quests intended for another machine. By ...
... uted by RSA Data Security, Inc., propos-
faking its identity, the ROUTER accepts re- ...
... ing techniques for using public key CRYPTO-
sponsibility for routing PACKETS to the ...
... GRAPHIC algorithms in a safe and
real destination. PROXY ARP allows a site ...
... interoperable manner. PKCS provides stan-
to use a single IO address with two physi- ...
... dards for RSA encryption, DiffieHellman
cal networks. Subnetting would normally ...
... key agreement, extended certificate syntax,
be a better solution. ...
... CRYPTOGRAPHIC message syntax, private key
...
public cryptography Knowledge of ...
...
information syntax, certification request
CRYPTOGRAPHY within the public domain, in ...
...
syntax, selected attributes, CRYPTOGRAPHIC
contrast to CRYPTOGRAPHY that is CLASSIFIED. ...
...
token interface, and personal information
... exchange syntax.
public key The quantity in PUBLIC KEY ...
... PKCS is a collection of 12 documents,
CRYPTOGRAPHY that may be safely divulged. ...
...
...
PKCS#1 through PKCS#12, and PKCS
public key certificate A digitally signed ...
...
also provides two supplementary docu-
message that binds an identifier (for exam- ...
...
ments: (1) An Overview of the PKCS
.

107
Public Key Infrastructure
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
Standards and (2) A Laymans Guide to a ... make use of PUBLIC KEY CRYPTOGRAPHY for se-
...
Subset of ASN.1, BER, and DER. ... curing information. Typically, a PKI needs
...
... to include at least one CERTIFICATE AUTHORITY,
Public Key Infrastructure (1) A set of ...
.. a certificate practice statement, a directory,
standards for user AUTHENTICATION and data .....
... a means for storing private keys, policies
transfer. It is emerging as a de facto stan- ...
... on the use of keys (for signature and/or
dard to integrate security for e-business ...
. encryption), policy on the AUTHENTICATION
digital content and processes as well as for .....
... of subjects (prior to issuing a certificate),
files and documents. It is based on ASYM- ...
... and a CERTIFICATE REVOCATION LIST. A repre-
METRIC CRYPTOGRAPHY and uses public and ...
... sentative usage of PKI in this context may
private digital keys and digital signatures ...
... be we need to build a PKI.
for the secure transmission of data and ...
...
user AUTHENTICATION. (2) The framework ... purging (1) An erasure technique that
...
responsible for issuing, maintaining, and .... makes it difficult for an ADVERSARY to re-
revoking PUBLIC KEY CERTIFICATES. (3) A set of ..... cover stored information. (2) The use of a
...
policies, procedures, hardware, and soft- .... LABORATORY ATTACK to make it impossible to
...
ware that enable various applications to ... recover stored information.
...

108
 Q
j
...
...
QoS 5 QUALITY OF SERVICE. ... nel causes an unavoidable disturbance. This
...
quality of service A data prioritization ... premise is based on the principle that mea-
...
at the network layer of the OSI model, ... suring a quantum system in general dis-
...
bandwidth reservation, control of jitter, la- ... turbs it and yields incomplete information
...
tency, error rates, or other attributes that ... about its state before the measurement
...
results in guaranteed throughput rates. ... (Heisenbergs uncertainty principle). This
...
... principle is used to build a CRYPTOGRAPHIC
quadrant Technology that provides reli- ...
system for the distribution of a secret ran-
...
able protection of CRYPTO-EQUIPMENT from ...
dom CRYPTOGRAPHIC key between two par-
...
tamper attacks, by ensuring that as soon as ...
ties initially sharing no secret information.
...
any tampering is detected, all sensitive data ...
The system can be combined with classical
...
and logic are destroyed. ...
CRYPTOGRAPHIC techniques such as the one-
...
...
quantum cryptography Originally ... time-pad to allow the parties to communi-
...
started in the 1970s by Stephen Wiesner ... cate securely. An introduction and more
...
[SW83], it builds on the premise that any ... details about QUANTUM CRYPTOGRAPHY are
...
ATTACK on a quantum communication chan- ... available in [PW89], [BBE92].
...
..

109
 R
j
...
...
Rainbow Series A set of publications ... RCP A UNIX command for copying a
...
produced by the NCSC containing inter- ... file across a network.
...
pretations of ORANGE BOOK requirements ...
... read A fundamental operation in an IS,
for trusted systems. Documents contained ...
... the only result of which is information
in Rainbow Series are available at http:// ...
... flow from an object to a subject.
www.radium.ncsc.mil/tpep/library/ ...
rainbow/. ... read access An AUTHORIZATION to read
...
... information in an IS.
...
randomizer Analog or digital producer ...
... realm A KERBEROS term for all of the
of random, unbiased, and usually indepen- ...
... principals served by a particular KDC.
dent bits. Used for key generation, to pro- ...
...
vide a starting state for a key generator, ... real-time reaction An immediate re-
...
and many other functions. ... sponse to the detection and diagnosis of an
...
RARP 5 REVERSE ADDRESS RESOLUTION
... attempted penetration, resulting in the pre-
...
PROTOCOL.
... vention of unauthorized access.
...
...
RAT 5 REMOTE ACCESS TROJAN.
... recovery procedures The procedures
...
... needed for the restoration of an ISS data
...
RBAC 5 ROLE-BASED ACCESS CONTROL. ... files and computational capability after a
...
RC2 A proprietary secret key encryption ... system failure.
...
...
scheme marketed by RSA Security. It is a ... Red Descriptive term for information
...
block encryption scheme with 64-bit ... systems and associated areas, circuits,
...
blocks and a varying length key. ... components, and equipment that are pro-
...
... cessing (unencrypted) national security in-
RC4 A proprietary secret key encryption ...
... formation.
scheme marketed by RSA Security. It is a ...
...
stream encryption algorithm that effectively ... Red/Black concept Electrical and elec-
...
produces an unbounded length pseudo- ... tronic circuits, components, equipment,
...
random stream from a varying length key. ... and systems that handle national security
.

111
Red Book
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
information (RED) in electrical form, and ... rial with the prefix U.S. is intended for
..
those that handle non-national-security in- ..... U.S. use only.
...
formation (BLACK) in the same form. ...
... remanence (1) Residual information
..
Red Book 5 TRUSTED NETWORK INTERPRE- .... left on a storage medium after it has been
...
TATION ENVIRONMENTAL GUIDELINE (TNIEG). .... cleared. (2) A physical property of materi-
...
... als relating to the amount of magnetism
Red Queen principle A basic premise ...
... left in the material after a magnetizing field
of information warfare, it states that a ...
system must continue to evolve (be devel- ..... is removed. See also MAGNETIC REMANENCE
.... and CLEARING.
oped) to maintain its competitive advan- ...
...
tage relative to the evolution of its ene- ... NOTE : The Rainbow Series has a book on Data
...
mies. The term is due to L. van Valen ... Remanence, which defines remanence as the residual
(1973) and is drawn from Lewis Carrolls ..... physical representation of data which has in some way
....
Red Queen in THROUGH THE LOOKING ... been erased (http://www.radium.ncsc.mil/tpep/
... library/rainbow/NCSC-TG-025.2.html).
GLASS, who observed, Now, here, you ...
...
see, it takes all the running you can do, ... remote access Trojan A Trojan horse
...
to keep in the same place. ... that remotely accesses other computer sys-
...
... tems over a network or over the Internet.
Red signal Any electronic emission ...
...
(e.g., PLAINTEXT, KEY, key stream, subkey ...
Remote File System A distributed file
stream, initial fill, or control signal) whose .....
... system, similar to NFS, developed by
recovery would reveal national security ....
... AT&T and distributed with their UNIX
information. ...
... System V operating system. See also NFS.
...
red team 5 INFORMATION ASSURANCE ...
... remote procedure call A paradigm for
RED TEAM; TIGER TEAM. ...
... distributed program execution. Software is
...
reference monitor A system component ... executed on a client machine until the pro-
...
responsible for the mediation of all access ... gram makes a call to a procedure that is to
to objects by subjects. All data accesses are ..... be executed on a remote server. Parameters
...
performed through the reference monitor, .... for that procedure are transmitted across
...
which cannot be bypassed. See Figure R1. ... the network to the server, which executes
...
... the procedure and returns the results to the
reference validation mechanism Part ...
... client. The client is then able to continue
of a TRUSTED COMPUTER SYSTEM that controls ...
... its execution.
access between subjects and objects and ...
...
whose correct operation is crucial to the ... remote rekeying A method of rekeying
...
protection of the systems data. ... a distant piece of CRYPTO-EQUIPMENT. See also
...
... AUTOMATIC REMOTE REKEYING and MANUAL RE-
reflection attack An ATTACK where mes- ...
... MOTE REKEYING.
sages received from a source are replayed ...
...
back to it. ...
... repair action An NSA (U.S.) approved
...
release prefix A prefix added to the ... change to a COMSEC END-ITEM that does
...
short title of U.S.produced keying mate- ... not affect the original characteristics of the
rial to show that it has foreign releasability. ..... end-item and is provided for optional ap-
...
Material with the prefix A can be re- ... plication by holders. Repair actions are
...
leased to specific allied nations, and mate- ... limited to minor electrical and/or mechan-
...

112
 residue
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Audit File

Reference Monitor (policy)

Subjects Objects

Security Kernel
Database
.................................................... ....
... sages is mounting some sort of security
FIGURE R1. Reference monitor. ...
.................................................... ... ATTACK.
...
...
...
... repudiation Denial of a transmission or
...
... receipt of a message.
...
ical improvements to enhance operation, ...
maintenance, or reliability. They do not re- ..... Requests for Comments The document
.... series, begun in 1969, that describes the
quire an identification label, marking, or ...
... Internet suite of protocols and related ex-
control but must be fully documented by ...
... periments. Not all REQUESTS FOR COMMENTS
changes to the maintenance manual. ...
... (RFC) describe Internet standards, but all
...
repeater A device that propagates elec- ... Internet standards are written up as RFCS.
...
trical signals from one cable to another ...
...
without making routing decisions or pro- ... NOTE : RFC S are available from
... http://www.ietf.org.
viding packet filtering. See Figure R2. In ...
...
OSI terminology, a repeater is a physical ...
reserve keying material A key kept in
layer intermediate system. See also BRIDGE and .....
... reserve to meet unforeseen needs. See also
ROUTER. ...
... CONTINGENCY KEY.
...
replay attacks Attacks that use previ- ...
...
ously recorded transactions between two ... residual risk Risks remaining after the
...
valid protocol entities to initiate a new ... application of security measures.
...
transaction. ...
... residue Data left in storage after the
...
replaying Storing and retransmitting ... completion of information processing
..
messages. The word is usually used to im- ..... operations but before there has been any
.
ply that the entity doing the replay of mes- ..... DEGAUSSING or OVERWRITING.
..

113
resource encapsulation
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Optical Fiber Interface

Computer To/from the Computer

Copper Wire

Details of Interface

Fiber

Optical receiver Signal regenerator Optical transmitter

(photodiode) (LED)
.................................................... ...
FIGURE R2. A repeater connected to a computer
...
... revocation Taking back privileges, either
through fiber cable.
... from a person or an entity such as a pro-
...
.................................................... ... cess that is no longer trusted.
...
...
...
... RFC 5 REQUESTS FOR COMMENTS.
resource encapsulation The reference ...
...
monitors mediation of access to an IS re- ...
... RFS 5 REMOTE FILE SYSTEM.
source that is protected and that a subject ...
...
cannot directly access. Satisfies the require- ... Rijndael The Rijndael (pronounced
...
ment for accurate auditing or resource ... rhine-dahl) algorithm is a secret key al-
...
usage. ... gorithm created by Belgian cryptographers
...
... Joan Daemon and Vincent Rijmen. It uses
retina system A biometric system in ...
...
which a retina blood vessel pattern must ... keys of size 128, 192, and 256 bits. This
... algorithm will serve as the ADVANCED EN-
be matched with a stored pattern to gain ...
... CRYPTION STANDARD (AES) for all U.S. federal
access. ...
...
... agencies.
retrovirus A type of virus that maintains ...
...
internal bookkeeping to stay dormant until ... NOTE : Details of the technical reference of R IJN -
...
the backup and other auxiliary storage are ... DAEL are given in [JD00] and [JD01]. For many
... downloads and more details about R IJNDAEL , visit
also infected, making recovery difficult. ...
... the web site http://www.esat.kuleuven.ac.be/
Reverse Address Resolution Protocol ...
... rijmen/rijndael.
The Internet protocol that a diskless host ...
...
uses to find its Internet address at startup. ...
... RIP 5 ROUTING INFORMATION PROTOCOL.
REVERSE ADDRESS RESOLUTION PROTOCOL ...
...
(RARP) maps a physical address to an In- ...
...
RIPE-MD-160 A MESSAGE digest algo-
ternet address. See also ADDRESS RESOLUTION ...
...
rithm. This is a 160-bit CRYPTOGRAPHIC
PROTOCOL. ...
...
hash function, designed by Hans Dobber-

114
 RSA
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
tin, Antoon Bosselaers, and Bart Preneel. ... Role-Based Access Control ACCESS
...
This hash function is intended as a secure ... CONTROL model, where accesses to system
..
replacement for the 128-bit hash functions ..... resources are defined in terms of roles,
....
MD4, MD5, and RIPEMD. RIPE-MD-160 ... privileges, sessions, and user-role, role-
is a strengthened version of RIPEMD and ..... privileges assignments. Within a session a
.... user activates certain roles and the corre-
is tuned for 32 bit processors. RIPEMD ...
was developed in the framework of the EU ..... sponding privileges.
....
project RIPE (RACE Integrity Primitives ...
... rootkit Rootkits are software suites that
Evaluation, 19881992). See also HASH, MES- ...
... substitute Trojans for commonly used op-
SAGE DIGEST, MD4, and MD5. ...
... erating system binaries, thereby allowing
...
risk The probability that a particular se- ... malicious BACK-DOOR entry to a system. A
...
curity system vulnerability will be ex- ... ROOTKIT typically has four types of tools:
...
ploited. ... (1) Trojans, (2) BACK-DOORS, (3) network
...
... interface eavesdropping tools (sniffers),
.
risk analysis A process of analyzing and .... and (4) log cleaners that cover the tracks.
...
examining the impact, severity, and the .... Examples of UNIX rootkit components
...
likelihood/frequency of particular risks. ... are altered versions of LOGIN, netstat, ps
...
Compare with RISK ASSESSMENT. Both RISK ... (Trojan), intetd (BACK DOOR), etc. In
...
ANALYSIS and RISK ASSESSMENT are separate ... Windows NT, a ROOTKIT may patch the
...
phases of a risk management process. ... NT kernel to usurp system calls to hide a
...
... process, registry entry, or Trojan execut-
risk assessment An analysis of threats ...
... able file, or redirect calls to Trojan func-
to and vulnerabilities of an IS and the po- ...
... tions. See also TROJAN HORSE.
tential effect of the loss of information or ...
..
capabilities of a system in order to identify ..... router A system responsible for making
.
appropriate and cost-effective COUNTERMEA- ..... decisions about which of the several paths
...
SURES. ... internetwork traffic may follow. A ROUTER
...
... may be implemented in hardware, software,
risk index The difference between the ....
. or a combination of both. To do this, it
minimum level of CLEARANCE needed for the .....
.... uses a routing protocol to gain information
AUTHORIZATION of IS users and the maxi- ...
... about the network, and a set of algorithms
mum sensitivity (e.g., CLASSIFICATION and ...
... to choose the best route based on several
categories) of the systems data. ...
... criteria known as routing metrics. See
...
NOTE : This is a concept derived from the yellow ... Figure R3. In OSI terminology, a router is
...
book of the Rainbow Series, applicable to U.S. defense ... a network layer intermediate system. See also
...
systems processing CLASSIFIED INFORMATION . ... GATEWAY, BRIDGE, and REPEATER.
...
...
risk management A process in which ... Routing Information Protocol An INTE-
...
an information systems security risks are ... RIOR GATEWAY PROTOCOL (IGP) supplied with
...
minimized to a level proportional to the ... Berkeley UNIX.
...
value of the assets protected. ...
...
... RPC 5 REMOTE PROCEDURE CALL.
...
rlogin A UNIX command for logging ...
into a machine across the network. A short ..... RSA A public key cryptographic algo-
...
form of remote login. .... rithm named for its inventors R. Rivest,
..

115
RSADSI
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Host A Host B
Application Router Application
Transport Transport
Network Network Network
Link Link Link
Physical Physical Physical
Flow
of data

Network 1 Network 2
(Ethernet) (FDDI)

Host Router Host

C B

A E
D
.................................................... ...
...
FIGURE R3. Router. ... RSADSI An abbreviation for RSA Data
...
.................................................... ... Security, Inc., the company that held the
...
... RSA patent.
...
... NOTE : (1) RSADSI no longer exists. It is now
...
... called RSA Security. (2) The patent for RSA has
A. Shamir, and L. Adleman. The algorithm ...
... already expired, and the technology is available pub-
can be used for encryption and digital sig- ...
... licly. The company released the algorithm publicly a
natures. The security of this algorithm re- ...
... week or so before the patent expired.
lies on the difficulty of calculating the fac- ...
...
tors of large numbers. The algorithm was ... rsh The UNIX remote shell command
...
patented in 1983, but the patent has now ... that executes a secured command on a
...
expired, and so the algorithm is freely ... specified machine across a network. Short
...
available. ... form of remote shell.
...

116
 S
j
...
...
S2ML 5 SECURITY SERVICES MARKUP ... sist of the users name or some other user-
...
LANGUAGE. ... specific information.
...
...
SA 5 SECURITY ASSOCIATION; SYSTEM ... sample key A key used only for off-
...
ADMINISTRATOR. ... the-air demonstration.
...
...
... sandbox An area of a network or a
safeguarding statement A statement ...
... computer system in which programs are al-
affixed to a computer output or printout ...
... lowed to run with limited privileges and
that states the highest CLASSIFICATION being ...
... have no access and rights to certain system
processed at the time the product was pro- ...
... resources or areas. For example, a Java APP-
duced and requires control of the product, ...
... LET confined to a sandbox environment may
at that level, until the determination of the ...
... not have access to the hard disk. (See JAVA
true CLASSIFICATION by an authorized person. ...
... SANDBOX). An isolated segment of a net-
Synonymous with BANNER. ...
... work used for testing is another example
...
safeguards 5 SECURITY SAFEGUARDS. ... of a sandbox environment.
...
...
... sanitize The permanent removal of in-
salt A user-specific value cryptographi- ...
... formation, including all CLASSIFIED labels,
cally combined with that users password. ...
... markings, and activity logs, from media.
Salt serves several purposes. It makes the ...
...
hash of two users passwords different ... SATAN 5 SECURITY ADMINISTRATOR TOOL
...
even if their passwords are the same. It ... FORANALYZING NETWORKS.
...
also means that an intruder cannot pre- ...
... scavenging Acquiring data from object
compute hashes of a few thousand ...
... residue.
guessed passwords and compare that list ...
...
against a stolen database of hashed pass- ... scratch pad store A short-term storage
...
words. The salt can be a random number ... of keys to guard against tampering, disclo-
that is stored, in the clear, along with the ...
... sure, and unauthorized use in crypto-
hash of the users password or it will con- ...
... equipment.
.

117
script kiddies
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..

Symmetric Symmetric
Plaintext Encryption Ciphertext Decryption Plaintext
Algorithm Algorithm

Secret Key

.................................................... ...
...
FIGURE S1. Secret key cryptography. ... Secure Digital Music Initiative A con-
.................................................... ... sortium of companies and organizations
...
... with an aim to develop an open framework
...
... for storing, playing, and distributing digital
script kiddies A slang term used for ...
... music and to prevent the distribution of il-
hackers who use tools written by others to ...
... legal copies of music. At present there are
attack systems because they themselves lack ...
... more than 200 members in this consor-
the technical knowledge and skills to write ...
... tium representing consumer electronics, In-
their own tools. ...
... ternet service providers, information tech-
...
SDMI 5 SECURE DIGITAL MUSIC INITIATIVE. ... nology, telecommunications, security
...
... technology, and the music industry. It also
secrecy Protects information from ...
... provides specifications for portable devices.
people with unauthorized access. See also ...
... For more details see the information at
CONFIDENTIALITY.
...
... http://www.sdmi.org.
...
secret (1) (noun) A quantity known only ...
...
to principals that can be used for AUTHENTI- ... secure hash algorithm A specification
...
CATION and encryption of information flow
... for a secure hash algorithm in which a
...
between them. (2) (adjective) A label ap- ... condensed message representation, called a
...
plied to CLASSIFIED INFORMATION whose unau- ... MESSAGE DIGEST, can be generated.
...
thorized disclosure may cause serious dam- ...
... Secure Hypertext Transfer Protocol
age to individual, organizational, or ...
... Developed within the Internet standards
national security. ...
... process, this protocol defines the security
...
secret key The information that is used ... additions to the HTTP protocol. This pro-
...
for both the ENCRYPTION of data and its ... tocol is an application-level protocol
...
subsequent DECRYPTION. Typically, a method ... (TCP/IP four-layer model and OSI seven-
...
needs to be used for sharing this secret key ... layer model) and adds encryption and AU-
...
between the parties who encrypt and de- ... THENTICATION to World Wide Web com-
...
crypt the data. ... munications. See RFC 2660.
..
...
...
secret key cryptography Also known ... NOTE : S-HTTP is now virtually obsolete.
...
as SYMMETRIC CRYPTOGRAPHY. A scheme in ... HTTPS (HTTP using SSL) is currently the most
...
which the same key is used for ENCRYPTION ... dominant protocol for protecting Web traffic, and the
...
and DECRYPTION. See Figure S1. ... TLS (T RANSPORT L AYER S ECURITY ) protocol is
... being developed (RFC 2817, RFC 2818).
...
secure communications Telecommuni- ...
...
cations secured by TYPE 1 (U.S.) products ... Secure Socket Layer Protocol First in-
...
and/or PROTECTED DISTRIBUTION SYSTEMS. ... troduced in 1994 by Netscape (U.S.), us-
...

118
 security kernel
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

SSL SSL, Change

SSL Alert HTTP
Handshake Cipher Spec
Protocol
Protocol Protocol

SSL Record Protocol

TCP

IP

.................................................... ...
...
FIGURE S2. Secure Socket Layer Protocol stack. ... rules of utilization of security services for
...
.................................................... ... secure communication between these enti-
...
... ties. The contract must be shared and
...
... agreed by all involved entities. See RFC
...
ing a combination of PUBLIC-KEY and SYMMET- ... 2408. (2) Security parameters that control
...
RIC CRYPTOSYSTEMS to provide CONFIDENTIALITY, ... the agreementssuch as cryptographic al-
...
DATA INTEGRITY, and AUTHENTICATION of server ... gorithms and key strengthsbetween the
...
and client, it provides security services just ... endpoints in an IPsec tunnel.
...
above the TCP layer. See Figure S2. ...
security controls Hardware, firmware,
...
...
secure state A condition of an informa- ... or software features that allow only auth-
...
tion system in which objects can be ac- ... orized subjects to access resources within
...
cessed only by authorized subjects in an ... an IS.
...
authorized manner. ...
... security fault analysis An analysis of
...
secure subsystem A subsystem contain- ... the potential (hardware) faults that may
...
ing its own implementation of the refer- ... occur in a device, and the effects that such
...
ence monitor concept for those resources it ... faults may have on system security.
...
controls. A secure subsystem may rely on ...
... Security Features Users Guide A man-
other controls and the base operating sys- ...
... ual that explains the functions of a specific
tem for the control of subjects and the ...
... systems security mechanisms.
more primitive system objects. ...
...
... security filter An IS trusted subsystem in
...
Security Administrator Tool for ... which security policy is enforced on the
Analyzing Networks SECURITY ADMINIS- ...
... data passing through it.
TRATOR TOOL FOR ANALYZING NETWORKS ...
...
(SATAN), is a network security analyzer ... security flaw An error in an IS in which
...
designed by Dan Farmer and Wietse Ve- ... the protection mechanism may be weaker
...
nema of Sun Microsystems (U.S.). This is ... than expected, by-passable, or faulty.
...
a freeware program to help find computer ...
... security inspection A process to assess
and network system vulnerabilities. SATAN ...
... whether an IS, including its mechanisms,
version 1.0 was released in 1995. ...
... policies, procedures, and practices, meets
...
... its security requirements.
security association (1) A relationship ...
...
between entities represented by a set of in- ... security kernel The part of an operat-
...
formation or a contract that describes the ... ing system responsible for the enforcement
..

119
security label
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
of security. Usually used in the context of ... an IS, system component, subsystem, or
...
an operating system constructed with such ... network.
...
functions partitioned from the rest of the ...
... security requirements Statements de-
OS to minimize the chances of security- ...
... scribing the security properties that a sys-
relevant bugs. ...
... tem must have in order to be acceptable.
...
...
security label A label containing infor- ... security requirements baseline The
...
mation describing a subjects or objects ... minimum security requirements for an IS.
...
sensitivity, such as its hierarchical CLASSIFI- ...
... security safeguards The protective
CATION (CONFIDENTIAL, SECRET, ...
... measures and controls required to meet
TOP SECRET) and any applicable non- ...
... security requirements. Examples include
hierarchical security categories (e.g., sensi- ...
tive compartmented information or critical ..... security features, management constraints,
...
nuclear weapon design information). ... personnel security, and security of physical
...
... structures, areas, and devices. See also ACCRED-
NOTE : In Australian defense (which is similar to ...
... ITATION.
U.S., U.K., and Canada) a label may consist of ...
...
five parts: (1) the CLASSIFICATION (Unclassified, ... Security Services Markup Language
...
Restricted, Confidential, Secret, or Top Secret), ... A common language for companies to
...
(2) any compartment/category, (3) any releasability ... share information about transactions and
(e.g., Australian Government Access Only-equiv ...
... end users. An XML-based security services
NOFORN) (4) any caveat (e.g., commercial in con- ...
... technical committee formed by OASIS is
fidence, medical in confidence), (5) any handling in- ...
... charged with defining S2ML.
structions (e.g., handle via XX channels only). ...
...
... security specification The detailed de-
security model A precise statement con- ...
... scription of an ISS required safeguards.
taining a systems security rules. The key ...
...
defining characteristic of a model in com- ... security test and evaluation The ex-
.
parison to a security policy is that a model ..... amination and analysis of a systems safe-
...
is an abstraction. See also SECURITY POLICY. ... guards to determine their adequacy.
...
...
security net control station A manage- ... seed key A key for commencing an up-
...
ment system that supervises the execution ... dating or key generation process.
...
of network security policy. ...
... segment The unit of end-to-end trans-
...
... mission in the TCP protocol. A segment
security perimeter A boundary that ...
... consists of a TCP header followed by an
contains all of an ISs accredited compo- ...
... application data. A segment is transmitted
nents and devices, excluding separately ac- ...
... by encapsulation inside an IP DATAGRAM.
credited components. ...
...
... self-authentication The AUTHENTICATION
security policy As defined in the OR- ...
... of all of a secure communications systems
ANGE BOOK, security policy is the set of ...
.. transmissions.
laws, rules, and practices that regulate how .....
.
an organization manages, protects, and dis- ..... self/group/public controls The cate-
... gorizing of the access control of files. The
tributes sensitive information. ...
... owner determines what file permissions he
...
security range The range of the highest ... or she (self) will have, what permissions a
...
to lowest security levels allowed in or on ... group of users will have, and what permis-
...
.

120
 S-HTTP
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
sions the rest of the world (public) will ... lookup, file storage, or printing. See also
...
have. Typical permissions include read, ... CLIENT SERVER MODEL.
...
write, and execute. ...
... session The set of transactions that is
...
self-synchronizing An ENCRYPTION ... exchanged while a transmission channel is
...
scheme in which if some CIPHERTEXT is gar- ... open.
..
bled by the addition, deletion, or modifica- .....
... session hijacking An intruder taking
tion of information, some of the message ....
will be garbled at the receiver, but at some ..... over a connection after the original source
... has been AUTHENTICATED.
point in the message stream following the ....
...
CIPHERTEXT modification the message will DE- ... session key A key used to encrypt a
...
CRYPT properly. ... single message, communications stream, or
...
... session.
sensitive information Information that ...
...
if misused or modified could unfavorably ... session layer The OSI layer that pro-
affect the national interest or corporate in- .....
... vides the pathway for dialogue control be-
terest or the privacy of individuals. ...
... tween end systems.
...
sensitivity label A label that contains ...
... SFUG 5 SECURITY FEATURES USERS GUIDE.
information from the security label(s) of a ...
...
subject and an object and is used by the ... SGML 5 STANDARD GENERALIZED MARKUP
...
TRUSTED COMPUTING BASE (TCB) to make MAN- ... LANGUAGE.
...
DATORY ACCESS CONTROL decisions. ...
... SHA 5 SECURE HASH ALGORITHM.
...
separation of duty (1) A condition in ...
...
which some critical operations require the ... shared key A key shared only by the
...
cooperation of at least two different peo- ... encrypter and decrypter in a shared key
...
ple. For example, separation of duty exists ... (symmetric) CRYPTOSYSTEM. See also SECRET KEY.
...
in a bank vault that has two combination ...
NOTE : In a multicast or a conferencing protocol
...
locks if no employee knows the combina- ... a key may be shared by a group of more than two
...
tion for both locks. The principle is that ... people.
...
the system will be robust against a single ...
... shielded enclosure A room or con-
corrupt officer, and the likelihood of two ...
... tainer which has a boundary that resists the
officers being corrupt is acceptably low. ...
... transmission of electromagnetic radiation.
(2) Several individuals being assigned ...
... The shielding may be employed to prevent
security-related tasks and granted the least ...
... the leakage of sensitive emanations from
number of privileges necessary to carry ...
... the inside, or to prevent delicate systems
them out. ...
... from interference, jamming, or other AT-
...
Serial line IP An Internet protocol used ... TACK originating outside the enclosure.
.
to run IP over serial lines such as telephone .....
.
circuits of RS-232C cables interconnecting ..... short title A combination of letters and
.
two systems. SERIAL LINE IP (SLIP) is now be- ..... numbers used to identify certain COMSEC
...
ing replaced by PPP. See also POINT-TO-POINT ... MATERIALS to make handling, accounting,
...
PROTOCOL. See also RFC 1055. ... and controlling them easier.
...
...
server Some resource available on a net- ... S-HTTP 5 SECURE HYPERTEXT TRANSFER
.
work to provide some service such as name ..... PROTOCOL.
...

121
sign
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
User B
User A
SMTP SMTP
User Agent Sender's Mail Server Receiver's Mail Server

.................................................... ...
...
FIGURE S3. Simple Mail Transfer Protocol. ... a network, standardized by the IETF. De-
.................................................... ...
... tails of SIMPLE MAIL TRANSPORT PROTOCOL
...
... (SMTP) are given in RFC 821. See
...
... Figure S3.
...
...
sign The use of a private key to generate ... Simple Network Management
...
a digital signature. ... Protocol A protocol for controlling sys-
...
... tems across a network standardized by the
Signaling System 7 A telephone proto- ...
IETF. Details of SIMPLE NETWORK MANAGE-
...
col with three basic functions: (1) supervis- ...
MENT PROTOCOL (SNMP) are given in RFC
...
ing, (2) alerting, and (3) addressing. Super- ...
... 1157.
vising relates to monitoring the status of a ...
...
circuit, alerting refers to indications of an ... simple security property A property in
...
incoming call, and addressing relates to ... the Bell and LaPadula security model that
...
routing and destination signals over a net- ... holds if subjects operating at a given secu-
...
work in dial tone or in the form of digital ... rity level are prevented from reading ob-
...
data. ... jects that have a higher security level. This
...
... is sometimes described as no read up. In
signals security All COMSEC and elec- ...
... the model, subjects are able to read objects
tronic security. ...
... that have an equal or lower (read down)
...
signature A quantity associated with a ... security level.
...
message that only someone with knowledge ...
...
of the signers PRIVATE KEY could have calcu- ... Simple Watcher A program that goes
...
lated, but which can be verified to be asso- ... through the LOG data generated by vari-
...
ciated to the signers PUBLIC KEY (if the mes- ... ous security programs, in particular sys-
...
sage is intact). See DIGITAL SIGNATURE. ... log. It is capable of responding to high-
...
... priority events while continuously
...
signature detection An intrusion detec- ... monitoring the LOG in real time.
...
tion technique that recognizes an ATTACK ...
... single-level device An IS device that is
based on known characteristics or signa- ...
... not trusted to maintain the separation of
tures. ...
... data with different security levels.
...
Simple Key Exchange for Internet ...
Protocols Uses PUBLIC KEY CERTIFICATESto ...
... NOTE : A device may be able to maintain the sep-
exchange symmetric keys between two sys- ...
... aration reliably, but if it is not required to, or if it
tems. More details of Simple Key Ex- ... is not trusted to, then it is effectively a single-level
...
change for Internet Protocols (SKIP) are ... device.
...
available at http://www.skip-vpn.org. ...
...
... single-point keying A means of distrib-
...
Simple Mail Transport Protocol A ... uting keys from a single fill point to multi-
...
protocol for sending electronic mail across ... ple, local CRYPTO-EQUIPMENT or devices.
...

122
 spread spectrum
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
SKIP 5 SIMPLE KEY EXCHANGE FOR INTER- .... of the fulfillment of all baseline functional
....
NET PROTOCOLS. ... performance, operational, and interface
...
... requirements.
SKIPJACK A SECRET KEY ENCRYPTION algo- ...
...
rithm developed by NSA (U.S.) using 64- ... source (1) The origin. (2) Also, the
bit blocks and 80-bit keys. It is embedded ..... name of a field in various networking pro-
.
in CLIPPER and CAPSTONE CHIPS. It was origi- ..... tocols, such as IP, which holds the name or
...
nally CLASSIFIED SECRET but has since .... address of the source.
...
been declassified and published. ...
... spam (1) To flood a person, newsgroup,
...
SLIP 5 SERIAL LINE IP. ... or a bulletin board with many unwanted
...
... messages. (2) To overflow buffers with a
smart card A credit-card-sized object ...
large stream of data.
used for AUTHENTICATION that contains non- .....
...
volatile storage and computational power. .... special mission modification Required
...
Some smart cards are capable of perform- ... or optional modification, relating only to a
...
ing CRYPTOGRAPHIC operations on the card. ... specific mission, purpose, or operational or
...
ISO/IEC 7816 standard contains smart ... environmental need.
...
card specifications. ...
... specification A technical description of
...
SMI 5 STRUCTURE OF MANAGEMENT ... a systems intended behavior, which may
...
INFORMATION. ... help develop the implementation and pro-
...
... vide a basis for testing the resulting system.
SMTP 5 SIMPLE MAIL TRANSFER PROTOCOL. ...
...
... speech privacy Disguising speech
smurf A DENIAL-OF-SERVICE ATTACK in which ...
... through fixed-sequence permutations or
many PINGS (ICMP echo request packets) ...
.
are broadcast to the network. The source ..... voice/speech inversion so that if it is over-
... heard, it will not be understood.
field is set to the victims IP address. Any ...
...
machines that respond will transmit to the ... spiders Software that examines and re-
...
victim, overloading its network interface. ... cords the contents of new files by travers-
...
... ing the World Wide Web.
sniffer (1) A program that attaches itself ...
...
to a computer system and records the first ... split knowledge Knowledge that is
.
few keystrokes (usually 128) of people log- ..... separated among different individuals or
.
ging in. It then typically transmits this data, ..... teams so that no one individual or team
...
which may contain password and login in- ... will have access to all of the separated
.
formation, back to the hacker. (2) Programs ..... data. See also SEPARATION OF DUTY.
...
that monitor traffic on the Internet. ...
...
... spoofing Use by an unauthorized indi-
SNMP 5 SIMPLE NETWORK MANAGEMENT ...
... vidual of legitimate identification and au-
PROTOCOL. ...
... thentication (I&A) data to impersonate a
.
SOCKS A circuit-level proxy used to pro- .... legitimate user, that is, to appear to have a
...
tect against application-layer traffic types ... different identity from ones own. Syno-
...
such as HTTP, FTP, TELNET, etc. ... nyms are IMPERSONATE and MASQUERADE. See
...
... also IP SPOOFING.
software system test and evaluation ...
...
process Process that plans, develops, and ... spread spectrum A transmitted signals
...
documents the quantitative demonstration ... bandwidth that is considerably greater than
...

123
SPS
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ..
the frequency content of the original infor- ..... storage object An object in which in-
...
mation. Frequency hopping, direct se- ... formation can be stored (or written) and
...
quence spreading, time scrambling, and ... subsequently retrieved (or read).
.
combinations of these techniques are forms .....
... stream encryption An ENCRYPTION algo-
of spread spectrum. ...
.... rithm that ENCRYPTS and DECRYPTS messages
...
SPS 5 SCRATCH PAD STORE. ... of arbitrary size.
...
...
SRA 5 SUBREGISTRATION AUTHORITY. ... strong A CRYPTOGRAPHIC algorithm is said
...
... to be strong if it is computationally infea-
SS 7 5 SIGNALING SYSTEM 7. ...
... sible to crack, usually assuming that the at-
...
SSL 5 SECURE SOCKET LAYER PROTOCOL. ... tacker has knowledge of the algorithm it-
...
... self, and possibly some known or chosen
...
Standard Generalized Markup ... PLAINTEXT.
Language An international standard ...
...
(metalanguage) for representing text in ... strong authentication An AUTHENTICA-
...
electronic format in a device-and system- ... TION where someone eavesdropping on the
...
independent format. ... AUTHENTICATION exchange does not gain suf-
...
... ficient information to impersonate the
...
star (*) property BELLL APADULA SECURITY ... principal in a subsequent AUTHENTICATION.
...
MODEL rule that prohibits write downs. ...
That is, a subject operating at one security ..... structure of management information
... The rules used to define the objects that
level is not allowed to write to an object ....
with a lower level. Write ups are permit- ..... can be accessed via a network management
... protocol.
ted. Also called CONFINEMENT PROPERTY. ....
...
... subject A person, process, or device that
start-up KEK Common KEY ENCRYPTION ...
... transports information among objects or
KEY held by a group of potential communi- ...
.
cating entities and used to establish ad hoc ..... changes information to the system state.
...
tactical networks. ... subject security level Sensitivity label(s)
...
... of the objects to which the subject has
state machine An abstraction or model ...
... both read and write access. The CLEARANCE
of a system, comprising inputs, outputs, ...
... level of a subjects user must always
and internal (state) memory. At any ...
... be higher than the security level of the
time, the output is dependent on the cur- ...
..
rent state (or a combination of the current ..... subject.
.
state and the current inputs), and the next ..... subnet One of the set of hardware net-
.
state is a function of the current state and ..... works that compose an IP network. Host
...
the inputs. This abstraction is one of the ... addresses on a given subnet share an IP net-
...
most common ways to describe computer ... work number with hosts on all other SUB-
...
systems, components, and protocols. ... NETS of that IP network, but the local-
...
... address part is divided into subnet-number
state variable Represents either an ISS ...
... and host-number fields to indicate which
state or a system resources state. ...
... SUBNET a host is on. A particular division of
...
steganography Means by which two or .... the local-address part is not assumed; this
.
more parties may employ subliminal or in- ..... could vary from network to network. See
...
visible communication. ... Figure S4.
...

124
 superuser
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Subnet Mask: 255.255.255.128
Subnet Number: 138.47.34.0

138.47.34.1 138.47.34.15

Router Host
2 3

Subnet Mask: 255.255.255.128 138.47.34.130

Subnet Number: 138.47.34.128

138.47.34.129 138.47.34.129

Host Router Host

1 1 2

138.47.33.1 138.47.33.14

Subnet Mask: 255.255.255.0

Subnet Number: 138.47.33.0
.................................................... ...
... substitution An ENCRYPTION algorithm
FIGURE S4. Subnet implementation example. ...
.................................................... ... where a ONE-TO-ONE MAPPING is performed
...
... on a fixed-size block, for example, where
...
... each letter of the alphabet has an enci-
...
... phered equivalent. Substitution ciphers are
...
subnet field The bit field in an Internet ... not very secure unless the block size is
...
address denoting the SUBNET number. The ... large, and they cannot be combined with
...
bits making up this field are not necessarily ... permutation ciphers in a series of rounds
...
contiguous in the address. ... to build strong ciphers like DES.
...
...
subnet mask The designation of which ...
... subversion A COMPROMISE that under-
bits in the Internet DOTTED DECIMAL NOTA- ...
... mines integrity.
TION of address form the SUBNET number. ...
...
Also known as netmask. See ADDRESS ... superencryption Process of ENCRYPTING
...
MASK. ... already encrypted information. Occurs
...
subnet number A number identifying a ... when a message that has been encrypted
...
SUBNET within a network. ... off-line is transmitted over a secured, on-
...
... line circuit, or when information encrypted
subnetwork A collection of end systems ...
... by the originator is multiplexed onto a
and intermediate systems under the control ...
... communications trunk, which is then bulk
of a single administrative DOMAIN and util- ...
... encrypted.
izing a single network access protocol. Ex- ...
...
amples include private X.25 networks and ... supersession The replacement of a
...
a collection of bridged LANs. See SUBNET. ... COMSEC AID by a different edition.
...
...
subregistration authority The individ- ... superuser An operating system concept
...
ual in charge of the DISTINGUISHED NAME ...
...
in which an individual is allowed to cir-
process. ...
...
cumvent ordinary security mechanisms. For

125
supervisor state
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
instance, the system manager must be able ... system development methodologies
...
to read everyones files for doing backups. ... Methodologies for managing the complex-
...
... ity of system development. Development
supervisor state Synonymous with EX- ...
... methodologies include software engineering
ECUTIVE STATE. (Usually the executive state ...
.. aids and high-level design analysis tools.
or the supervisor state refers to the state of .....
...
an operating system.) ... system high The highest security level
...
... of an IS.
suppression measure A measure to re- ...
...
duce or stop COMPROMISING EMANATIONS in ... system high mode An IS security mode
...
an IS. ... of operation in which all users of the IS
...
... have all of the following: (1) valid security
surrogate access 5 DISCRETIONARY ...
... CLEARANCE for all information within an IS;
ACCESS CONTROLS. ...
... (2) formal access approval and signed non-
...
SWATCH 5 SIMPLE WATCHER. ... disclosure agreements for all the informa-
...
... tion stored and/or processed (including all
syllabary List of individual letters, com- .... compartments, subcompartments, and/or
...
binations of letters, or syllables, with their ... special access programs); and (3) valid
...
equivalent CODE GROUPS, used for spelling ... NEED-TO-KNOW for some of the information
...
out words or proper names that are not in ... contained within the IS.
...
a codes vocabulary. A SYLLABARY may also ...
... system indicator A distinguishing sym-
be a spelling table. ...
... bol or group of symbols in an off-line EN-
...
syllabify To break a word into syllables ... CRYPTED message that identify the specific
..
in order that each might be processed sepa- ..... CRYPTOSYSTEM or KEY used in the ENCRYPTION.
...
rately in some way. ...
... system integrity An attribute of an
...
symmetric cryptography SECRET KEY ... IS when its function is unaffected by any
...
CRYPTOGRAPHY. Called symmetric because ... sort of unauthorized manipulation of the
...
the same key is used for encryption and ... system.
...
DECRYPTION. ...
... system low An ISS lowest security level.
..
SYN A packet that synchronizes sequence .... system profile A detailed security
...
numbers between two session endpoints ...
... description of an ISS general operating en-
during the initiation of a TCP session. ...
... vironment.
...
SYN/ACK An acknowledgement package ... system security A systems determined
...
to a TCP SYN request. ... degree of security, as a result of an evalua-
...
... tion of all of the system elements and
system administrator An individual ....
who installs and maintains an information .... INFOSEC countermeasures.
...
system, utilizes the IS effectively, provides ...
... system security engineering The ef-
adequate security parameters, and imple- ...
... fort to provide a system with optimal se-
ments established INFOSEC policies and ...
... curity and survivability throughout its life
procedures. ...
... cycle.
...
...
system assets Any software, hardware, ... system security evaluation A RISK AS-
data, or administrative, physical, communi- ..... SESSMENT of a system to discover its vulner-
.
cations, or personnel resource within an IS. ..... abilities and possible security threats.
...

126
 system security plan
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
system security management plan .... system security officer Synonymous
.... with INFORMATION SYSTEM SECURITY OFFICER.
A formal document fully describing the ...
...
responsibilities for meeting system secu- ... system security plan A formal docu-
...
rity requirements for planned security ... ment fully describing the system security
tasks. ... requirements for planned security tasks.
...
..

127
 T
j
...
...
tampering Altering the proper function- ... users of one host to log into a remote host
...
ing of equipment through unauthorized ... and interact as normal terminal users of
...
modification. ... that host. In Figure T1, the TELNET client
...
TCB 5 TRUSTED COMPUTING BASE. ... software communicates with the TELNET
...
... server on a remote machine through TCP.
TCP 5 TRANSMISSION CONTROL ...
... TEMPEST The investigating, studying,
PROTOCOL. ...
... and controlling of COMPROMISING EMANA-
...
TCP segment The unit of data ex- ... TIONS from IS equipment.
...
changed between TCP modules. ...
...
...
TEMPEST test A laboratory test to evalu-
TCSEC 5 DOD TRUSTED COMPUTER SYSTEM ... ate the nature of compromising emanations
...
EVALUATION CRITERIA. ... associated with an IS.
...
telecommunications The preparation, ...
... TEMPEST zone A specific area of a facil-
transmission, communication, or related ...
... ity for operating equipment with appropri-
processing of information (writing, images, ...
... ate TEMPEST characteristics (TEMPEST ZONE
sounds, or other data) by electrical, electro- ...
... assignment).
magnetic, electromechanical, electrooptical, ...
...
... test key Key to test COMSEC EQUIPMENT
or electronic means. ...
... or systems.
telecommunications and automated ...
... TFTP 5 TRIVIAL FILE TRANSFER PROTOCOL.
information systems security Types of ...
...
security that are superseded by INFORMATION ... TGT 5 TICKET-GRANTING TICKET.
...
SYSTEM SECURITY. ...
... threat Any event that is potentially
...
telecommunications security Security ... harmful to an IS through unauthorized ac-
...
related to telecommunications systems. See ... cess, destruction, disclosure, modification
...
also INFORMATION SYSTEM SECURITY. ... of data, and/or denial of service.
...
...
telnet The virtual terminal protocol in ... threat analysis The analysis of the im-
...
the Internet suite of protocols. Allows the ... pact or severity of a threat on the security
.

129
threat assessment
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Telnet
Host Commands Remote Server

Application
Terminal Telnet Telnet protocol server program on the
client on the server side server side

Terminal TCP Application

TCP/IP TCP/IP
driver driver

OS OS

.................................................... ...
...
FIGURE T1. Architecture of a telnet session. ... ticket-granting ticket A KERBEROS data
...
.................................................... ... structure that is really a ticket to the KEY
...
... DISTRIBUTION CENTER. The purpose is to allow
...
... a users workstation to forget a users long-
...
of the system, of its likelihood or fre- ... term SECRET KEY soon after the user logs in.
...
quency, and possibly other factors such as ...
the skills or resources that would be re- ... tiger team A group of people hired by
...
quired by an attacker to implement the ... an organization to defeat its own security
...
threat. See RISK ANALYSIS. ... systems so that the organization can learn
...
... the systems weaknesses. See also RED TEAM.
...
threat assessment The determination ...
... time bomb A resident computer pro-
of whether the level of threat determined ...
... gram in which an unauthorized act occurs
by the THREAT ANALYSIS is acceptable. See also ...
... at a set time.
RISK ASSESSMENT. ...
...
...
threat monitoring The analysis, assess- ... time-compliance date The deadline for
...
ment, and review of information collected ... the completion of a mandatory modifica-
...
to locate system events that possibly violate ... tion to a COMSEC END-ITEM to retain ap-
...
system security. ... proval for operational use.
...
...
ticket A data structure constructed by a ... time-dependent password A password
...
trusted intermediary to enable an AUTHENTI- ... that is valid only at certain times.
...
CATION. ...
... tinkerbell program Programs that issue
...
ticketed-oriented Each subject main- ... warnings when traffic enters a network
...
tains a list of TICKETS, which are unforgeable ... from a particular address or from a partic-
...
bit patterns. Each subject has one ticket for ... ular user.
...
each object it is authorized to access. See ...
...
also LIST-ORIENTED. ... TLS 5 TRANSPORT LAYER SECURITY.
..

130
 Transmission Control Protocol
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
TNIEG 5 TRUSTED NETWORK INTERPRETA- .... traffic encryption key A key that EN-
....
TION ENVIRONMENTAL GUIDELINE. ... CRYPTS PLAINTEXT, superencrypts previously
...
... encrypted text, and/or DECRYPTS CIPHERTEXT.
token (1) An AUTHENTICATION sequence. ...
Contrast with KEY ENCRYPTION KEY. Similar
(2) A physical item for identification, usu- .....
... to SESSION KEY.
ally an electronic device that can be in- ....
...
serted in a door or a computer system to ... traffic-flow security (1) Security mea-
...
gain access. ... sures and techniques that prevent traffic
...
... analysis. (2) Hiding valid messages in an
token authenticator A pocket-sized ...
ONLINE CRYPTOSYSTEM or secure communica-
computer used in a CHALLENGE RESPONSE au- .....
.... tions system.
thentication scheme. The AUTHENTICATION ...
...
sequences are called TOKENS. ... traffic padding The addition of false
...
... communications or data units to conceal
top-level specification System behavior ...
... the amount of real data units being sent.
described at an abstract level, for example, ...
a functional specification that omits all im- ..... training key A cryptographic key for
...
plementation details. .... training.
...
...
topology A network configuration ... tranquility Degree of change of security
that describes the connection of its nodes. ..... levels of objects and subjects while an IS is
....
Examples include bus, ring, and star ... processing an operation. Strong tranquility
...
topologies. ... means that no change is allowed. Weak
...
... tranquility allows changes during an opera-
totient function The number of positive ...
... tion if the resulting state does not violate
integers less than n that are relatively prime ...
... security requirements.
to n. ...
...
... transaction (1) The set of exchanges
TPI 5 TWO-PERSON INTEGRITY. ...
... required for one message to be transmitted
...
Traditional COMSEC Program A pro- ... to one or more recipients. (2) Sequence
gram in which NSA (U.S.) controls the de- ..... of tasks needed to be completed for an
...
velopment and, sometimes, the production .... operation.
...
of INFOSEC items. This includes the AU- ...
... transceiver Transmitterreceiver. The
THORIZED VENDOR PROGRAM. The NSA must ...
... physical device that connects a host inter-
approve any changes to the INFOSEC end- ...
... face to a local area network such as Ether-
items used in products developed and/or ...
... net. Ethernet transceivers contain electron-
produced by these programs. ...
... ics that apply signals to a systems cables
...
traffic analysis (1) That part of eaves- ... and sense collisions. See Figure T2.
...
dropping concerned with the analysis of ...
... TRANSEC 5 TRANSMISSION SECURITY.
which parties are communicating and the ...
...
volumes and timings of those communica- ... transmission channel A communica-
...
tions, rather than the contents of the mes- ... tion path between a sender and a receiver
...
sages themselves. Some encryption systems ... for the exchange of data and commands.
do not protect users against traffic analysis, .....
...
even though all the content may be en- ... Transmission Control Protocol The
.
crypted. (2) The study of communications ..... major transport protocol in the Internet
...
patterns. ... suite of protocols providing reliable,
...

131
transmission security
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Controller (internal)

Transceiver cable

Core Vampire tap

Transceiver
.................................................... ...
... Transport Layer Security A protocol
FIGURE T2. Transceiver. ...
.................................................... ... that provides CONFIDENTIALITY and INTEGRITY
...
... services between two communicating appli-
...
... cations. It was based on the SECURE SOCKET
...
...
CONNECTION-ORIENTED, full-duplex streams. ... LAYER PROTOCOL (SSL) developed by Net-
...
TRANSMISSION CONTROL PROTOCOL (TCP) ... scape. See RFC 2246.
...
specifications were given in RFC 793. See ... transport service Any reliable stream-
...
Figure T3. ... oriented data communication service; for
...
In Figure T3, packets have an IP ad- ... example, TCP.
...
dress (1) that may be fragmented and ...
transposition cipher A CIPHER that rear-
...
passed on through the network interface ...
... ranges the order of encrypted characters
(2). See also USER DATAGRAM PROTOCOL, INTER- ...
... but does not change the actual characters.
NET FRAGMENT. ...
... trap door (1) A hidden software mecha-
...
transmission security A component of ...
... nism triggered to circumvent system secu-
COMSEC resulting from the use of meth- ... rity measures. May be a legitimate tech-
...
ods other than CRYPTANALYSIS to protect ...
... nique that allows users to access source
transmissions from interception and exploi- ...
... code directly by bypassing lengthy log-on
tation. ...
... routines. (2) In CRYPTOGRAPHY, a secret that
... allows to invert a TRAP DOOR FUNCTION. See
transport layer The layer in the OSI ...
...
reference model that is responsible for re- ... also TRAP DOOR FUNCTION.
...
liable end-to-end data transfer between ...
...
trap door function A function that ap-
end systems. In the Internet protocol ...
...
pears irreversible but that has a secret
suite, TCP and UDP are TRANSPORT LAYER ...
...
method that, if known, allows someone to
protocols. ...
...
reverse the function.

132
 trusted facility management
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

Application

TCP UDP

Packets
IP (1) IP Address

Network Interface (2)

Hardware

....................................................
...
FIGURE T3. A conceptual view of TCP/IP ...
trusted (1) Refers to components that
...
architecture. ...
... are not controlled by the security policy
.................................................... ...
... and can violate its rules. (2) Refers to
...
... TRUSTWORTHY components that are expected
...
... not to violate the security policy. (3) A re-
trashing (1) Deleting and possibly over- ...
... liable principle.
writing an object with pseudo-random data ...
...
to prevent object reuse. Usage: Trash the ... trusted applet An APPLET that has full
...
file. (2) Physically searching the garbage ... access to system resources on a client
...
for useful information about the target site, ... computer.
...
such as manuals, internal memos, and other ...
... trusted computer system An IS capa-
proprietary information. ...
... ble of simultaneously processing a range of
...
tripwire A program that counts the ... CLASSIFIED or sensitive information.
...
bytes in files, hashes of file contents and ...
...
permissions and issues a warning when ... trusted computer system evaluation
... criteria 5 DOD TRUSTED COMPUTER SYS-
there is a change. ...
... TEM EVALUATION CRITERIA.
...
...
Trivial File Transfer Protocol A simple ...
file transfer protocol built on UDP. Details ... trusted computing base All of a com-
...
of TRIVIAL FILE TRANSFER PROTOCOL (TFTP) are ... puter systems protection mechanisms re-
...
given in RFC 1350. ... sponsible for enforcing a security policy.
...
...
... trusted distribution The distribution
Trojan horse A piece of code embedded ...
... of TRUSTED COMPUTING BASE (TCB) hardware,
in a useful program for a malicious purpose, ...
... software, and firmware components in
for instance, to steal information. Usually ...
... which the TCB is protected from modifi-
the term Trojan horse is used rather than ...
... cation.
VIRUS when the offending code does not at- ...
...
tempt to replicate itself into other programs. ...
... trusted facility management
...
trust (1) A reliance on a systems ability ... Administrative procedures, roles, functions,
...
to meet its specifications or live up to its ... privileges, and databases used for secure
...
expectations. (2) Reliance by one principal ... system configuration, administration, and
...
on another. ... operation.
...

133
trusted facility manual
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
trusted facility manual A document ... or other security-critical information to the
...
describing a trusted facilitys operational ... user. The crtl-alt-del secure attention se-
...
requirements, security environment hard- ... quence on some Microsoft operating sys-
..
ware and software configurations and inter- ..... tems initiates a trusted path facility.
...
face and all security procedures, measures, ...
... trusted process A process that is able to
and CONTINGENCY PLANS. ...
... circumvent the system security policy and
...
trusted guard A computer system that ... operates only as intended.
...
enforces a certain guard policy, such as ...
. trusted recovery Risk-free recovery
preventing the flow of pest programs from ..... after a system failure.
.
an untrusted system to a trusted system. See .....
...
also GUARD. ... trusted server A server that is TRUST-
...
... worthy and helps in network AUTHENTICA-
trusted identification forwarding An ...
... TION.
identification method used in IS networks ...
...
in which an authorized user attempting to ... trusted software Software that has been
...
connect to a receiving host can be verified ... produced in a way that makes one confi-
...
by the sending host through the transmis- ... dent that there are no TROJAN HORSES in the
...
sion of authentication information. ... code.
...
... trusted subject A process that is al-
trusted intermediary A third party ...
... lowed to bypass security rules. For exam-
such as KDC or CA that permits two ....
parties to AUTHENTICATE without the prior .... ple, an administrative process, running in
...
configuration of keys between those two ... behalf of the system administrator, is al-
...
parties. A trusted intermediary may also ... lowed to bypass BLP rules.
...
be used for additional functions such as ...
... trusted system (1) A system that is as-
key distribution, contrast, or payment ...
... sessed (typically through a formal evalua-
negotiation. ...
... tion process) to be able to withstand
...
trusted network A network that is ... threats and that is or can be relied on to
...
within a FIREWALL. ... do so. (2) A system designed, developed,
...
... and evaluated in accordance with ORANGE
Trusted Network Interpretation ...
... BOOK criteria.
Environmental Guideline Evaluation ...
...
CRITERIA that define the certification criteria ... trusted third party 5 TRUSTED
...
for trusted networks. Also referred to as ... INTERMEDIARY.
...
the RED BOOK. ... trustworthy An attribute describing a
...
... system that meets (or has been shown to
trusted path A secure method for com- ...
... meet) its specifications, particularly in the
municating with a TRUSTED COMPUTING BASE. ...
... areas of reliability, quality, and security.
Untrusted (potentially malicious) software ...
...
cannot masquerade as the TRUSTED COMPUT- ... TSEC 5 TELECOMMUNICATIONS SECURITY.
...
ING BASE (TCB) to the user, or as the user to ...
.. TSEC nomenclature A method for iden-
the TCB. A user would use the trusted path .....
... tification of the type and purpose of cer-
to initiate a login, logout, change of secu- ....
... tain items of COMSEC MATERIAL.
rity level, or other security-critical event. ...
...
The TCB uses the trusted path to indicate ... tunneling Technology enabling one net-
...
the security, current security state or level, ... works data to be sent through another
..

134
 type 4 algorithm
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
networks connections by the encapsulation .... incorrect or unauthorized security proce-
..
.
of a network protocol within PACKETS car- ... dures related to a task, who must present
....
ried by the second network. ... when certain COMSEC keying material for
...
... storage and handling is accessed. See also NO-
Turing test A test proposed (1950) by ...
... LONE ZONE.
Alan Turing (British computer scientist) ...
...
for testing whether a computer has ... type 1 An NSA (U.S.) approved CLASSI-
...
achieved artificial human intelligence. The ... FIED or CONTROLLED CRYPTOGRAPHIC ITEM for
.
test was that a person would communicate ..... securing CLASSIFIED and sensitive U.S. gov-
.
by keyboard with either the computer or a ..... ernment information. The term refers only
.
human, and if the tester couldnt tell which ..... to products. TYPE 1 products contain classi-
...
was the human and which was the com- ... fied NSA algorithms and are available to
...
puter, then the computer had passed the ... U.S. government users, their contractors,
...
TURING TEST. ... and federally sponsored non-U.S. govern-
...
... ment activities subject to export restric-
NOTE : Turings philosophy of machine and mind ...
... tions in accordance with INTERNATIONAL
appeared in the paper C OMPUTING M ACHINERY ...
... TRAFFIC IN ARMS REGULATIONS.
AND I NTELLIGENCE published in the philosophical ...
...
journal M IND in 1950. ... type 2 NSA (U.S.) approved UNCLASSIFIED
...
... cryptographic equipment, assembly, or
two-part code A code made up of an ...
... component for national security systems
encoding section, in which the vocabulary ...
... use as defined in Title 40 U.S.C. Section
items (with their associated CODE GROUPS) ...
... 1452.
are arranged in a systematic order, and a ...
...
decoding section, in which the CODE ... type 3 algorithm CRYPTOGRAPHIC algo-
...
GROUPS (with their associated meanings) are ... rithm that protects unclassified SENSITIVE in-
...
arranged in a different systematic order. ... formation or commercial information. It is
...
... registered by the (U.S.) NATIONAL INSTITUTE
two-person control At least two au- ...
... OF STANDARDS AND TECHNOLOGY (NIST) and
thorized individuals, each capable of de- ...
... published as a (U.S.) FEDERAL INFORMATION
tecting incorrect and unauthorized proce- ...
... PROCESSING STANDARD (FIPS).
dures of a task and each familiar with ...
...
established security and safety require- ... type 4 algorithm Unclassified CRYPTO-
...
ments, who constantly survey and control ... GRAPHIC algorithm, registered by the (U.S.)
...
POSITIVE CONTROL MATERIAL. ... NATIONAL INSTITUTE OF STANDARDS AND TECH-
...
... NOLOGY (NIST), but not published as a
...
two-person integrity At least two au- ... (U.S.) FEDERAL INFORMATION PROCESSING
thorized persons, each capable of detecting ..... STANDARD (FIPS).
...
.

135
 U
j
...
... UNIX A popular multiprogramming op-
UA 5 USER AGENT. ...
... erating system, developed at Bell Laborato-
UDP 5 USER DATAGRAM PROTOCOL. ...
... ries in 1969 by Ken Thompson and Den-
...
UDP datagram A UDP DATAGRAM is the ...
... nis Ritchie.
unit of end-to-end transmission in the UDP ...
... NOTE : UNIX is not an acronym. In 1970
protocol. ...
...
...
Brian Kernighan suggested the name Unix in a
UN/CEFACT A United Nations organi- ... somewhat treacherous pun on Multics [DMR79].
...
zation headquartered in Geneva that deals ...
with worldwide technical developments
...
...
untrusted process (1) An untrusted
and policy in the trade facilitation and
...
...
process is one that even if it attempts to
electronic business.
...
...
do the wrong thing, cannot breach the sys-
...
...
tem security. See the note below. (2) A
unclassified Information that is not ... process that has not been evaluated, and it
...
CLASSIFIED,meaning it does not require pro- ... is unknown whether it adheres to a partic-
...
tection from unauthorized disclosure. ... ular security policy.
...
Unicode Called Unicode Worldwide ...
... NOTE : A trusted process is one that can be relied
Character Standard is a method of setting ...
... on and that is presumably TRUSTWORTHY . When
up binary codes for text or script charac- ...
... one develops a system one has to work out which parts
ters. This system can display, process, and ... can be left untrusted (the more the better). The aim is
...
interchange written characters from differ- ... to have the smallest possible trusted kernel.
...
ent world languages. At present UNICODE ...
... updating An automatic or manual CRYP-
standard provides distinct code for 34,168 ...
... TOGRAPHIC process that modifies the state of
languages derived from 24 language scripts. ...
... a COMSEC key, equipment, device, or sys-
More details about Unicode are available ...
... tem. This modification is irreversible.
at http://www.unicode.org. ...
...
...
NOTE : U NICODE also supports several characters ... U.S.-controlled facility A controlled-
...
used in many classical and historical texts written in ... access base or building run by the U.S.
...
different languages. ... government.
.

137
U.S.-controlled space
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ..
U.S.-controlled space U.S. government- ..... user partnership program A U.S. gov-
...
controlled room or floor within a non- ... ernment program in which the NSA (U.S.)
...
U.S.-controlled facility. ... and a U.S. government agency work to-
...
... gether to develop secure IS equipment in-
usenet An Internet service that started as ...
... corporating NSA-approved CRYPTOGRAPHY.
a bulletin board and has expanded to in- ...
... The result is that national security infor-
clude thousands of sites providing service ...
... mation in the users specific application is
worldwide. ...
... safeguarded by the authorized product or
...
user A person or process that is author- ... system.
...
ized to access an IS. ...
... user profile (1) Information about a
...
user agent (1) A user agent is any soft- .... user. In the context of intrusion detection,
ware that retrieves and processes informa- ..... a profile generally includes historical pat-
.
tion from web sites for users. Examples of ..... terns of use, against which current patterns
.
user agent include web browsers, plug-ins, ..... of use can be compared to decide whether
...
and media players. (2) A user agent is a .... the current action is an intrusion. (2) Pat-
...
commonly used term in e-mail and web ... terns of a users activity that track abnor-
... mal behavior.
architecture and refers to a layer of soft- ...
ware that insulates the user from the vaga- .....
... user representative A member of an
ries of that architecture. User agents de- ....
organization who is authorized to order
scribed in X.400 and X.500 protocols not .....
... COMSEC keying material, interface with
only make things simpler for user but also ...
... the keying system, provide information to
perform specific functions as described in ....
... key users, and ensure that the correct type
the protocols. ...
... of key is ordered.
...
User Datagram Protocol A transport ...
... UUCP UNIX to UNIX Copy Program.
protocol in the INTERNET suite of protocols. ...
... A protocol used for communication be-
USER DATAGRAM PROTOCOL (UDP), like TCP, ...
... tween consenting UNIX systems.
uses IP for delivery; however, unlike TCP, ...
...
UDP provides for the exchange of DATA- ... uudecode A UNIX utility for reversing
...
GRAMS without acknowledgment or guaran- ... the effect of UUENCODE.
...
teed delivery. ...
... uuencode A UNIX utility for encoding
...
user ID An ISS method of identifying a ... arbitrary binary data as printable characters
specific user by a unique symbol or charac- ..... by encoding six bits of binary data per
...
ter string. ... character.
...

138
 V
j
...
...
vaccine A program that searches for and ... verify a signature Perform a CRYPTO-
...
removes virus in a computer system. Some- ... GRAPHIC calculation using a message, a
...
times a vaccine can restore previously in- ... signature, and a PUBLIC KEY to determine
fected files to their original state. In other ...
... whether the signature was generated by
cases, a file may be irreparable. ...
... someone knowing the corresponding
...
... PRIVATE KEY signing the message.
validation The process by which one or ...
...
more departments or agencies and their ... virtual password An IS password com-
...
contractors establish joint usage of an IS ... puted from a PASSPHRASE that fills the re-
...
through the application of specialized secu- ... quirements for password storage (e.g., 64
...
rity tests and evaluation procedures, tools, ... bits).
...
and equipment. ...
... virtual private network A protected IS
...
van Eck monitoring Using low levels of ... link that uses tunneling, security controls
...
electromagnetic emissions from a device to ... (see INFORMATION ASSURANCE), and endpoint
...
monitor the activity of a computer or ... address translation so that to the user
...
other electronic device. Named after Dutch ... it seems as if there is a dedicated line be-
...
scientist Wim van Eck. ... tween nodes.
...
...
NOTE : Details of VAN E CK MONITORING are ... virus A piece of a computer program
...
available in the original paper [WVE85] by Wim ... that replicates by embedding itself in
...
van Eck. ... other programs. When those programs
...
... are run, the virus is invoked again and
variant A code symbol that has the same ...
... spread further.
equivalent as one or more other
PLAINTEXT ...
...
code symbols. ... NOTE : Eugene Spafford wrote in a technical report
...
... [ES91], that the first published use of the word
...
verified design A design that has been ... VIRUS was by David Gerrod in his science fiction
...
modeled mathematically and formally ... short stories which were later expanded and published
...
proved to comply with a security policy. ... in the book When Harlie Was One [GD72].
.

139
voice system
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
This book described a program named VIRUS that ... This dissertation is a mathematical treat-
...
would randomly dial the phone until it found another ... ment of computer viruses and contains for-
...
computer, then break into that system and infect it ... mal definition of a virus and many proofs
with a copy of itself. The inventor planned a program ...
... related to virus defense.
VACCINE that could cure VIRUS, but the plan re- ...
...
sults in disaster, because noise on a phone line causes ... voice system A biometric system in
...
the VIRUS to mutate so VACCINE is no longer ... which a vocal pattern must be matched
...
effective. ... with a stored pattern to gain access.
...
...
Fred Cohen first used the term COMPUTER ... VPN 5 VIRTUAL PRIVATE NETWORK.
...
VIRUS in a formal way at University of ...
... vulnerability An exploitable weakness in
Southern California [CF84]. According to ...
... an IS, system security procedures, design,
him: We define a computer virus as a ...
.. internal controls, or implementation.
program that can infect other programs by .....
...
modifying them to include a possibly ... vulnerability assessment The system-
.
evolved copy of itself. In his Ph.D. disser- ..... atic examination of an IS or product to
...
tation [CF85], he credits his adviser, L. ... gauge the effectiveness of its security
.
Adleman, with originating the terminology. ..... system.
...

140
 W
j
...
...
Wassenaar Arrangement The Wasse- ... State controls the export of conventional
...
naar Arrangement is an international agree- ... arms.
...
ment among 33 cofounding nations on ex- ... The U.S. government controls the
port controls for conventional arms and ...
... export of CRYPTOGRAPHIC products under
dual-use goods and technologies. By pro- ...
... the Wassenaar arrangement. See http://
viding greater visibility of arms and dual- ...
... www.bxa.doc.gov/Wassenaar/ for more
use technology exports, the agreement ...
... details and a list of items in the Dual-Use
aims to ensure regional and international ...
... List.
peace, security, and stability. Member ...
...
countries must control their export ...
... WinNuke A form of ATTACK that affects
policies to conform to the Wassenaar ...
... only computers running Windows NT
agreement. The agreement received final ...
... 3.51 or Windows NT 4. Rather than re-
approval in July 1996 and started opera- ...
... turning an error code for bad data in the
...
tions in September 1996. The Wassenaar ... TCP header, it sends NT to the Blue Screen
...
Arrangement is headquartered in Vienna, ... of Death (BSOD).
...
and plenary meetings are held at least once ...
...
a year. ... wiretapping Electronic eavesdropping
...
The Dual-Use List, or Basic List ... on communications. Taps may be ACTIVE
...
(Tier 1), consists of a Sensitive List ... or PASSIVE. They can be implemented with
...
(Tier 2) and a Very Sensitive List (Tier ... hardware devices or software. See also ACTIVE
...
2 subset), and includes such items as ... THREAT and PASSIVE THREAT.
...
stealth technology materials and high- ...
...
powered computers. Countries are to use ... work factor An estimate of the compu-
...
extreme vigilance in exports of these ... tational resources required to defeat a given
...
technologies. ... CRYPTOGRAPHIC system.
...
The U.S. Department of Commerce ...
...
controls the export of dual-use goods and ... worm A self-contained program that
...
technologies, and the U.S. Department of ... replicates by running copies of itself, usu-
.

141
worm attack
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
ally on different machines across a com- ... write To send information from a sub-
...
puter network. ... ject to an object. The basic function in an
...
... IS. See also ACCESS TYPE.
worm attack An ATTACK in which a ...
...
worm acts in an unexpected way, possibly ... write access Permission to write to an
...
making use of security vulnerabilities or ... object in an IS.
...
causing denials of service. ...
...
.

142
 X
j
...
...
X.400 A CCITT (ITU) standard for elec- ... provides measures to secure data in com-
...
tronic mail. ... municating open systems by providing se-
...
... curity services in each layer of the ISO ref-
X.500 A CCITT (ITU) standard for direc- ...
... erence model. It also provides appropriate
tory services. ...
... security mechanisms that can be used to
...
X.509 A CCITT (ITU) standard for secu- ... implement services. For more information
...
rity services within the X.500 directory ser- ... refer to Security Architecture for Open
...
vices framework. ... Systems Interconnection for CCITT Appli-
...
... cations (Recommendation X.800), CCITT,
X.800 A CCITT (ITU) standard and a sup- ...
... Geneva, 1991.
plement to the ISO reference model that ...
...
provides the OSI security architecture. It ... XDR 5 EXTERNAL DATA REPRESENTATION.
...

143
 Y
j
...
... The current name is NIS (Network Information
Yellow Pages A directory service part of ...
... Services).
Sun Microsystems distributed environment. ...
...
NOTE : This name is now deprecated because of a ...
...
YP 5 YELLOW PAGES.
legal threat from publishers of telephone directories. ...
...
.

145
 Z
j
...
...
zero fill The filling of empty storage ... is not executing a wait system call. In
...
locations in an IS with the character ... this case the kernel releases the resources
...
representing zero. ... such as memory, associated files allocated
... to the zombie process but keeps its exit
...
zeroize To remove the key from a ...
... status. (2) Multiple processes on multiple
CRYPTO-EQUIPMENT or fill device. ...
... hosts that perform DENIAL OF SERVICE ATTACK
...
zero knowledge proof A scheme in ... (DOS) simultaneously. DISTRIBUTED DENIAL OF
...
which one principal can demonstrate ... SERVICE (DDOS) attacks can occur when
...
knowledge of a secret to another princi- ... multiple sites simultaneously perform a
...
pal, without actually divulging the secret ... DOS attack on the same victim. To con-
...
itself. ... struct these attacks, an intruder may plant
...
... multiple processes on multiple hosts. These
zombie (1) UNIX processes that termi- ...
... processes, called zombies, all perform the
nate leaving status information in the sys- ...
... DOS attack simultaneously.
tem [WS93]. For example, a child process ...
...
that has terminated but its parent PROCESS ... zone of control An inspectable space.
...

147
 COMMONLY USED
ABBREVIATIONS
AND ACRONYMS

........................................................................................................

APPENDIX

x
 ...
...
...
ACL Access Control List ...
...
AKMC Automated Key Management
...
ACO Access Control Officer ... Center
...
ADM Advanced Development Model ...
...
AKMS Automated Key Management
...
ADP Automated Data Processing ... System
...
AE Application Entity ...
...
ALC Accounting Legend Code
...
... AMS 1. Auto-Manual System
AES Advanced Encryption Standard ...
... 2. Autonomous Message Switch
AFIWC Air Force Information Warfare ...
...
... ANDVT Advanced Narrowband Digital
Center ...
... Voice Terminal
AH Authentication Header ...
...
... ANSI American National Standards
AIG Address Indicator Group ...
...
...
Institute
AIN Advanced Intelligence Network ...
... AOSS Automated Office Support
AIRK Area Interswitch Rekeying Key ...
...
...
Systems
AIS Automated Information System ...
APC Adaptive Predictive Coding
...
AISS Automated Information Systems ...
...
...
API Application Program Interface
Security ...
APU Auxiliary Power Unit
...
...
AJ Anti-Jamming ... ARL Authority Revocation List
...
AK Automatic Remote Rekeying ...
... ARP Address Resolution Protocol
...
AKDC Automatic Key Distribution ... ARPA Advanced Research Project
...
Center ...
... Agency
...
AKD/RCU Automatic Key Distribution/ ...
...
ARPANET Advanced Research Projects
...
Rekeying Control Unit ... Agency Network
.

151
Commonly Used Abbreviations and Acronyms
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
...
ASCII American Standard Code for ... CAW Certificate Authority Workstation
...
Information Interchange ... CBC Cipher Blocking Chaining
...
...
ASN1 Abstract Syntax Notation 1 .... CC Common Criteria
...
ASPJ Advanced Self-Protection Jammer ... CCA Cardholder Certification Authority
....
ASSIST Program Automated ... CCEP Commercial COMSECT
...
...
Information System Security Incident ... Endorsement Program
...
Support Team .... CCI Controlled Cryptographic Item
.
...
ASU Approval for Service User ... CCITT Comite Consultatif International
....
ATM Asynchronous Transfer Mode ... Telephonique et Telegraphique
...
...
AUTODIN Automatic Digital Network ... CCO Circuit Control Officer
...
AV Auxiliary Vector ... CDC Certificate Distribution Center
...
...
AVP Authorized Vendor Program ... CDR Certificate Decoder Ring
...
... CDS Cryptographic Device Services
BCA Brand Certification Authority ...
...
... CDSA Common Data Security
BCI Brand CRL Identifier ...
...
...
Architecture
BER Basic Encoding Rule ...
... CEOI Communications Electronics
BIN Bank Identification Number ...
...
...
Operating Instruction
BSD Berkeley Software Distribution ...
... CEPR Compromising Emanation
...
C2 1. Command and Control ... Performance Requirement
...
...
2. Controlled Access Protection ... CER 1. Cryptographic Equipment
...
C2W Command and Control Warfare ... Room 2. Communications Equipment
...
...
C3 Command, Control, and ... Room
...
Communications ... CERT Computer Security Emergency
...
...
C3I Command, Control, Communications ... Response Team
...
and Intelligence ... CESG Communications Electronics
...
...
C4 Command, Control, ... Security Group
...
Communications, and Computers ... CFB Cipher Feedback
...
...
CA 1. Controlling Authority ... CFD Common Fill Device
...
2. Cryptanalysis 3. COMSEC Account ... CGI Common Gateway Interface
...
...
4. Command Authority 5. Certification ... CHAP Challenge Handshake
...
Authority ...
...
Authentication Protocol
...
CALEA Communications Assistance for ... CIAC Computer Incident Advisory
...
Law Enforcement Act ...
...
Capability
...
CAP Controlled Access Point ... CIK Cryptographic Ignition Key
...
CAPI Cryptographic Application ... CIP Crypto-Ignition Plug
...
...
Programming Interface ... CIPSO Common IP Security Option
..

152
 Commonly Used Abbreviations and Acronyms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
...
CIRK Common Interswitch Rekeying ... CRC Cyclic Redundancy Code
...
Key ... CRC CRC with 32-bit output
...
...
CIRT Computer Security Incident .... CRL Certificate Revocation List
...
Response Team ... CRP COMSEC Resources Program
....
CIX Commercial Internet Exchange ... (Budget)
...
...
CK Compartment Key ... CRS Certificate Request Syntax
...
CKG Cooperative Key Generation ... CSE Communications Security
...
...
CKL Compromised Key List ... Element
...
CLMD COMSEC Local Management ... CSIRT Computer Security Incident
...
...
Device ... Response Team
...
CLNP Connectionless Network ... CSM Certificate Services Manager
...
...
Protocol ... CSMA Carrier Sense Multiple Access
...
CMCS COMSEC Material Control ... with Collision Detect
...
...
System ... CSS 1. Central Security Service
...
CMS Cryptographic Message Syntax ... 2. COMSEC Subordinate Switch
...
...
CNCS Cryptonet Control Station ... 3. Constant Surveillance Service
...
CND Computer Network Defense ... (Courier) 4. Continuous Signature
...
...
CNK Cryptonet Key ... Service (Courier) 5. Coded Switch
...
COCOM Coordinating Committee for ... System
...
...
Multilateral Export Controls ... CSOR Computer Security Objects
...
COI Community of Interest ... Register
...
...
COMINT Communications Intelligence ... CSP Cryptographic Security Provider
...
COMPUSEC Computer Security ... CSSM Common Security Services
...
...
COMSEC Communications Security ... Manager
...
CONOP Concept of Operations ... CSSO Contractor Special Security
...
...
COPS Computer Oracle and Password ... Officer
...
System ... CSTVRP Computer Security Technical
...
...
COR 1. Central Office of Record ... Vulnerability Report Program
...
(COMSEC) 2. Contracting Officer ... CT&E Certification Test and
.
...
Representative ... Evaluation
...
...
COTS Commercial off-the-shelf ... CTAK Cipher Text Auto-Key
...
CPS 1. COMSEC Parent Switch ... CTCPEC Candian Trusted Computer
...
...
2. Certification Practice Statement .... Product Evaluation Criteria
...
CPU Central Processing Unit ... CTTA Certified TEMPEST Technical
....
CRAM Challenge Response ... Authority
...
...
Authentication Mechanism ... CUP COMSEC Utility Program
..

153
Commonly Used Abbreviations and Acronyms
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
...
DAA Designated Approving Authority ... DoD TCSEC Department of Defense
...
DAC Discretionary Access Control ... Trusted Computer System Evaluation
...
...
DAMA Demand Assigned Multiple ... Criteria
...
Access ... DOI Domain Of Interpretation
...
...
DAP Directory Access Protocol ... DOS 1. Denial of Service Attack
...
DARPA Defense Advanced Research ... 2. Disk Operating System
...
...
Projects Agency ... DLED Dedicated Loop Encryption
...
DASS Distributed Authentication ... Device
...
...
Security Service ... DMA Direct Memory Access
...
DCID Director Central Intelligence ... DMAT Digital Music Access Technology
...
...
Directive ... DMS Defense Message System
...
DCE Distributed Computing .... DN Distinguished Name
....
Environment ... DNS Domain Name System
...
...
DCS 1. Defense Communications System ... DPL Degausser Products List (a section
...
2. Defense Courier Service ...
...
in the INFOSEC Products and Services
...
DCSP Design Controlled Spare ... Catalogue)
...
Part(s) ... DSA Digital Signature Algorithm
...
...
DDoS Distributed Denial of Service ... DSN Defense Switched Network
...
Attack ... DSS Digital Signature Standard
...
...
DDI Deputy Director of Operations, ... DST Digital Signature Trust
...
NSA/CSS ... DSVT Digital Subscriber Voice Terminal
...
...
DDS Dual Driver Service (courier) ... DTLS Descriptive Top-Level
...
DDT Deputy Director of Technology, ... Specification
...
...
NSA/CSS ... DTD Data Transfer Device
...
DEA Data Encryption Algorithm ... DTS Diplomatic Telecommunications
...
...
DEK Data Encryption Key ... Service
...
DER Distinguished Encoding Rule ... DUA Directory User Agent
...
...
DES Data Encryption Standard ...
...
DIB Directory Information Base ... EAM Emergency Action Message
...
...
DII Defense Information Infrastructure ... EBCDIC Extended Binary Code Decimal
...
DISN Defense Information System ... Interchange Code
...
...
Network ... ebXML E-business XML standard
...
DITSCAP DoD Information Technology ... ECB Electronic Code Book
...
...
Security Certification and Accreditation ... ECC Elliptic Curve Cryptography
...
Process ... ECCM Electronic Counter-
...
...
DN Distinguished Name ... Countermeasures
..

154
 Commonly Used Abbreviations and Acronyms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
...
ECDSA Elliptic Curve Digital Signature ... EUCI Endorsed for Unclassified
...
Algorithm ... Cryptographic Information
...
...
ECM Electronic Countermeasures .... EV Enforcement Vector
...
ECPL Endorsed Cryptographic Products ... EW Electronic Warfare
....
List (a section in the INFOSEC, ...
...
...
Information System Security Products and ... FDDI Fiber Distributed Data Interface
...
Services Catalogue) ... FDIU Fill Device Interface Unit
...
...
EDAC Error Detection and Correction ... FIPS Federal Information Processing
...
EDE Encrypt/Decrypt/Encrypt ... Standard
...
...
EDESPL Endorsed Data Encryption ... FIRST Forum Of Incident Response and
...
Standard Products List ...
...
Security Teams
...
EDI Electronic Data Interchange ... FIX Federal Internet Exchange Points
...
EDM Engineering Development ... FOCI Foreign Owned, Controlled, or
...
...
Model ... Influenced
...
EES Escrowed Encryption Standard ... FOIA Freedom of Information Act
...
...
EFD Electronic Fill Device ... FOUO For Official Use Only
...
EFTO Encrypt For Transmission Only ... FPKI Federal Public Key Infrastructure
...
...
EGADS Electronic Generation, ... FSRS Functional Security Requirements
...
Accounting and Distribution System ...
...
Specification
...
EGP Exterior Gateways Protocol ... FSTS Federal Secure Telephone Service
...
EKMS Electronic Key Management ... FTP File Transfer Protocol
...
...
System ... FTS Federal Telecommunications System
...
ELINT Electronic Intelligence ... FTAM File Transfer Access Management
...
...
ELSEC Electronic Security ... FTLS Formal Top-Level Specification
...
E Model Engineering Development ...
...
...
Model ... GASSP Generally Accepted Systems
...
EMSEC Emission Security ... Security Principles
...
...
EPL Evaluated Products List (a section ... GCA Geopolitical Certificate Authority
...
in the INFOSEC Products and Services ... GCCS Global Command and Control
...
...
Catalogue) ... System
...
ERTZ Equipment Radiation TEMPEST ... GCD Greatest Common Divisor
...
...
Zone ... GETS Government Emergency
...
ESP Encapsulating Security Payload ... Telecommunications Service
...
...
ETL Endorsed Tools List ... GPS Global Positioning System
...
ETPL Endorsed TEMPEST Products ... GSM Global System for Mobile
...
...
List ... Communications
..

155
Commonly Used Abbreviations and Acronyms
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
...
GSS-API Generic Security Service ... IESG Internet Engineering Steering
...
Application Program Interface ... Group
...
...
GTS Global Telecommunications Service ... IETF Internet Engineering Task Force
...
GWEN Ground Wave Emergency ... IFCC Internet Fraud Complaint Center
...
...
Network ... (U.S.)
...
... IFF Identification, Friend or Foe
...
...
HDM Hierarchical Development .... IFFN Identification, Friend, Foe, or
...
Methodology ... Neutral
....
HMAC Hashed Message Authentication ... IGP Interior Gateway Protocol
...
...
Code ... IIRK Interarea Interswitch Rekeying
...
HTML Hypertext Markup Language ... Key
...
...
HTTP Hypertext Transfer Protocol ... IK Interswitch Rekeying Key
...
HUS Hardened Unique Storage ... IKE Internet Key Exchange
...
...
HUSK Hardened Unique Storage Key ... ILS Integrated Logistics Support
...
... IMAP Internet Message Access
...
...
IA Information Assurance ... Protocol
...
I & A Identification and Authentication ... INFOSEC Information System Security
...
...
IAB Internet Activity Board ... InterNIC Internet Network Information
...
IANA Internet Assigned Number ... Center
...
...
Authority ... IO Information Operations
...
IBAC Identity Based Access Control ... IOB Intelligence Oversight Board (The
...
...
ICANN Internet Corporationn for ... U.S. Presidents)
...
Assigned Names and Numbers ... IOTP Internet Open Trading Protocol
...
...
ICMP Internet Control Message Protocol ... IP Internet Protocol
...
ICRL Indirect Certificate Revocation List ... IPM Interpersonal Messaging
...
...
ICU Interface Control Unit ... IPNG Internet Protocol Next Generation
...
IDEA International Data Encryption ... IPRA Internet Policy Registration
...
...
Algorithm ... Authority
...
IDES Intrusion Detection Expert System ... IPsec Internet Protocol Security
.
...
IDIOT Intrusion Detection In Our Time ... IPSO Internet Protocol Security Option
...
...
IDM Intrusion Detection Model ... IR Information Ratio
...
IDS Intrusion Detection System ... IRC Internet Relay Chat
...
...
IEEE Institute of Electrical and .... IRTF Internet Research Task Force
...
Electronics Engineers ... IS Information System
....
IEMATS Improved Emergency Message ... ISAKMP Internet Security Association
...
...
Automatic Transmission System ... and Key Management Protocol
..

156
 Commonly Used Abbreviations and Acronyms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
...
ISDN Integrated Services Digital ... KMID Key Management Identification
...
Network ... Number
...
...
ISO International Organization for .... KMODC Key Management Ordering and
...
Standardization ... Distribution Center
....
ISOC Internet Society ... KMP Key Management Protocol
...
...
ISS 1. Information System Security ... KMPDU Key Management Protocol
...
2. Internet Security Systems 3. Internet ...
...
Data Unit
...
Security Scanner ... KMS Key Management System
...
ISSA Information System Security ... KMSA Key Management System
...
...
Association ... Agent
...
ISSM Information System Security ... KMUA Key Management User Agent
...
...
Manager ... KP Key Processor
...
ISSO Information System Security ... KPK Key Production Key
...
...
Officer ... KSOS Kernelized Secure Operating
...
IT Information Technology ... System
...
...
ITAR International Traffic in Arms ... KVG Key Variable Generator
...
Regulation ...
...
...
ITSEC Information Technology Security ... LCMS Local COMSEC Management
...
Evaluation Criteria ...
...
Software
...
ITU International Telecommunications ... LDAP Lightweight Directory Access
...
Union ...
...
Protocol
...
IV Initialization Vector ... LEAD Low-Cost Encryption/
...
...
...
Authentication Device
JVM Java Virtual Machine ...
... LEAF Law Enforcement Access Field
JIVA Joint Intelligence Virtual ...
... LKG Loop Key Generator
Architecture ...
...
... LMD Local Management Device
JSIWC Joint Service Information ...
... LMD/KP Local Management
Warfare Command ...
...
... Device/Key Processor
...
KAK Key-Auto-Key ... LME Layer Management Entry
.
...
KDC Key Distribution Center ... LMI Layer Management Interface
...
...
KEA Key Exchange Algorithm ... LOCK Logical CoProcessing Kernel
...
KEK Key Encryption Key ... LOD Legion Of Doom
...
...
KG Key Generator .... LPC Linear Predictive Coding
...
KMASE Key Management Application ... LPD Low Probability of Detection
....
Service Element ... LPI Low Probability of Intercept
...
...
KMC Key Management Center ... LRA Local Registraion Authority
..

157
Commonly Used Abbreviations and Acronyms
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
...
LRIP Limited Rate Initial Preproduction ... MSE Mobile Subscriber Equipment
...
LSI Large Scale Integration ... MSP Message Security Protocol
...
...
.... MTU Maximum Transmission Unit
...
MAC 1. Mandatory Access Control ... Multics Multiplexed Information and
....
2. Media Access Control ...
...
Computing Service
...
MAN Metropolitan Area Network ... MVTO Multiversion Timestamp
...
MATSYM Material Symbol ... Ordering
...
...
MCA Merchant Certification Authority ...
...
MCCB Modification/Configuration ... NACAM National COMSEC Advisory
...
...
Control Board ... Memorandum
...
MCG Meta-Certificate Group ... NACSI National COMSEC Instruction
...
...
MCTL Military Critical Technology List ... NACSIM National COMSEC
...
MDC Manipulation Detection Code ... Information Memorandum
...
...
MEECN Minimum Essential Emergency ... NAK Negative Acknowledge
...
Communications Network ... NAT Network Address Translator
...
...
MEP Management Engineering Plan ... NC Network Computer
...
MER Minimum Essential Requirements ... NCCD Nuclear Command and Control
...
...
MHS Message Handling System ... Document
...
MI Message Indicator ... NCRP Network Computer Reference
...
...
MIB Management, Information Base ... Specification
...
MIC Message Integrity Code ... NCS 1. National Communications
...
...
MIJI Meaconing, Intrusion, Jamming, ... System 2. National Cryptologic School
...
and Interface ...
...
3. Net Control Station
...
MIME Multipurpose Internet Mail ... NCSA National Computer Security
...
Extensions ...
...
Association
...
MINTERM Miniature Terminal ... NCSC National Computer Security
...
MISSI Multilevel Information Systems ... Center
...
...
Security Initiative ... NFS Network File System
...
MLI Multilevel Integrity ... NIAP National Information Assurance
...
...
MLS Multilevel Security ... Partnership
...
MNCKS Mobile Network Computer ... NIC Network Information Center
...
...
Reference Specifications ... NISAC National Industrial Security
...
MOSS MIME Object Security Service ... Advisory Committee
...
...
MQV MenezesQuVanstone key ... NIST National Institute of Standards and
...
agreement scheme ...
...
Technology
...
MRT Miniature Receiver Terminal ... NKSR Nonkernel Security Related
..

158
 Commonly Used Abbreviations and Acronyms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
...
NLZ No-Lone Zone ... NTISSAM National Telecommunications
...
NOIC National Organization of Internet ... and Information Systems Security
...
...
Commerce .... Advisory/Information Memorandum
...
NSA National Security Agency ... NTISSD National Telecommunications
....
NSAD Network Security Architecture ... and Information Systems Security
...
...
and Design ... Directive
...
NSCID The National Security Council .... NTISSI National Telecommunications
.
...
Intelligence Directive ... and Information Systems Security
....
NSD National Security Directive ... Instruction
...
...
NSDD National Security Decision ... NTISSP National Telecommunications
...
Directive ...
...
and Information Systems Security Policy
...
NSEP National Security Emergency ... NW3C National White Collar Crime
...
Preparedness ...
...
Center (U.S.)
...
NSI National Security Information ...
...
NSM Network Security Monitor ... OASIS Organization for the Advance-
...
...
NSO Network Security Officer ... ment of Structured Information
...
NSTAC National Security ... Standards
...
...
Telecommunications Advisory ... OADR Originating Agencys
...
Committee ...
...
Determination Required
...
NSTISSAM National Security ... OCSP Online Certificate Status Protocol
...
Telecommunications and Information ... OFB Output Feedback Mode
...
...
Systems Security Advisory/Information ... OID Object Identifier
...
Memorandum ... OPCODE Operations Code
...
...
NSTISSC National Security ... OPSEC Operations Security
...
Telecommunications and Information ... OPUS Obvious Password Utility System
...
...
Systems Security Committee ... ORA Organizational Registration
...
NSTISSD National Security ... Authority
...
...
Telecommunications and Information ... OSF Open Software Foundation
...
Systems Security Directive ... OSI Open System Interconnect
...
...
NSTISSI National Security ... OSPF Open Short Path First
...
Telecommunications and Information ... OTAD Over-the-Air Key Distribution
...
...
Systems Security Policy ... OTAR Over-the-Air Key Rekeying
...
NTCB Network Trusted Computing ... OTAT Over-the-Air Key Transfer
...
...
Base ... OTP 1. One-Time Pad
...
NTIA National Telecommunications ... 2. One-Time Password
...
...
and Information Administration ... OTT One-Time Tape
..

159
Commonly Used Abbreviations and Acronyms
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
...
P2P Peer-to-peer ... P Model Preproduction Model
...
P3P Platform for Privacy Preferences ... PNEK Post-Nuclear Event Key
...
...
Projects .... POP3 Post Office Protocol, version 3
...
PAA Policy Approving Authority ... PPP Point to Point Protocol
....
PAAP Peer Access Approval ... PPL Preferred Products List (a section
...
...
PAE Peer Access Enforcement ... in the INFOSEC Products and Services
...
PAL Permissive Action Link .
.... Catalogue)
...
PAN Primary Account Number ... PPTP Point to Point Tunneling Protocol
....
PAP Password Authentication Protocol ... PRBAC Partition Rule-Based Access
...
...
PC Personal Computer ... Control
...
PCA Policy Creation Authority ... PROM Programmable Read-Only
...
...
PCI Private Communication Technology ... Memory
...
PCMCIA Personal Computer Memory ... PROPIN Proprietary Information
...
...
Card International Association ... PSL Protected Services List
...
PCZ Protected Communications Zone ... PWDS Protected Wireline Distribution
...
...
PDR Preliminary Design Review ... System
...
PDS 1. Protected Distribution Systems ...
...
...
2. Practices Dangerous to Security ... QoS Quality of Service
...
PDU Protocol Data Unit ...
...
...
PEM Privacy Enhanced Mail ... RA Registration Authority
...
PES Positive Enable System ... RACE Rapid Automatic Cryptographic
...
...
PFS Public Key Forward Secrecy ... Equipment
...
PGP Pretty Good Privacy ... RADIUS Remote Authentication Dial-In
...
...
PICA Platform Independent ... User Service
...
Cryptography ... RAMP Rating Maintenance Program
...
...
PICS Platform for Internet Control ... RARP Reverse Address Resolution
...
Selection ...
...
Protocol
...
PIN Personal Identification Number ... RAT Remote Access Trojan
...
PKA Public Key Algorithm ... RBAC Role Based Access Control
...
...
PKC Public Key Cryptography ... RC2 Rivest Cipher 2
..
PKCS Public Key Cryptography Standard .... RC4 Rivest Cipher 4
...
...
PKI Public Key Infrastructure ... RCP UNIX command
...
PKIX-CMP Internet X.509 Public Key ... RFC Requests For Comments
...
...
Infrastructure Certificate Management ... RFS Remote Procedure Call
...
Protocols ... RIP Routing Information Protocol
...
...
PKSD Programmable Key Storage Device ... RPC Remote Procedure Call
..

160
 Commonly Used Abbreviations and Acronyms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
...
RSA RivestShamirAldeman Algorithm ... SHS Secure Hash Standard
...
RQT Reliability Qualifications Tests ... SHTTP Secure HyperText Transfer
...
...
.... Protocol
...
S2ML Security Services Markup ... SI Special Intelligence
....
Language ... SIGSEC Signals Security
...
...
SA Systems Administrator ... SIGINT Signals Intelligence
...
SABI Secret and Below Interoperability ... SISS Subcommittee on Information
...
...
SAID Security Association Identifier ... Systems Security
...
SAO Special Access Office ... SKIP Simple Key Exchange for Internet
...
...
SAP 1. System Acquisition Plan ... Protocols
...
2. Special Access Program ... SLIP Serial Line Interface Protocol (now
...
...
SARK SAVILLE Advanced Remote ... PPP)
...
Keying ... SMI Structure of Management
...
...
SASL Simple Authentication and ... Information
...
Security Layer ... SMIME Secure MIME
...
...
SATAN Security Administrator Tool ... SMTP Simple Mail Transport Protocol
...
for Analyzing Networks ... SMU Secure Mobile Unit
...
...
SBU Sensitive But Unclassified ... SNMP Simple Network Management
...
SCA Subordinate Certification ... Protocol
...
...
Authority ... SPK Single Point Key(ing)
...
SCI Sensitive Compartmented ... SPI Security Parameters Index
...
...
Information ... SPS Scratch Pad Store
...
SCIF Sensitive Compartmented ... SRA Sub-Registration Authority
...
...
Information Facility ... SRR Security Requirements Review
...
SDE Secure Data Exchange ... SS 7 Signaling System 7
...
...
SDMI Secure Digital Music Initiative ... SSI Server Side Include
...
SDNRIU Secure Digital Net Radio ... SSL Secure Socket Layer Protocol
...
...
Interface Unit ... SSO 1. System Security Officer
...
SDNS Secure Data Network System ... 2. Special Security Officer
...
...
SDR System Design Review ... ST&E Security Test and Evaluation
...
SET Secure Electronic Transaction ... STE Secure Terminal Equipment
...
...
SFA Security Fault Analysis ... STS Subcommittee on
...
SFUG Security Features Users Guide ... Telecommunications Security
...
...
SGML Standard Generalized Markup ... STT Secure Transaction Technology
...
Language ... STU Secure Telephone Unit
...
...
SHA Secure Hash Algorithm ... SWATCH Simple Watcher
..

161
Commonly Used Abbreviations and Acronyms
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
...
TA Traffic Analysis ... TNI Trusted Network Interpretation
...
TAC Terminal Access Controller ... TNIEG Trusted Network Interpretation
...
...
TACTED Tactical Trunk Encryption .... Environment Guideline
...
Device ... TPC Two-Person Control
....
TAG TEMPEST Advisory Group ... TPEP Trusted Products Evaluation
...
...
TAISS Telecommunications and ... Program
...
Automated Information Systems .... TPI Two-Person Integrity
.
...
Security ... TPM Trust Policy Manager
....
TCB Trusted Computing Base ... TRANSEC Transmission Security
...
...
TCD Time Compliance Data ... TRB Technical Review Board
...
TCP Transmission Control Protocol ... TRI-TAC Tri-Service Tactical
...
...
TCMM Trusted Capability Maturity ... Communications System
...
Model ... TSCM Technical Surveillance
...
...
TCSEC DoD Trusted Computer System ... Countermeasures
...
Evaluation Criteria ... TSEC Telecommunications Security
...
...
TD Transfer Device ... TSIG Trusted Systems Interoperability
...
TDEA Triple Data Encryption ... Group
...
...
Algorithm ... TSK Transmission Security Key
...
TED Trunk Encryption Device ... TSR Terminate and Stay Resident
...
...
TEK Traffic Encryption Key ... TTP Trusted Third Party
...
TEP TEMPEST Endorsement Program ...
...
...
TEMPEST Telecommunications ... UA User Agent
...
Electronics Material Protected from ... UDP User Data Protocol
...
...
Emanating Spurious Transmissions ... UIRK Unique Interswitch Rekeying
...
TESS The Exponential Encryption ... Key
...
...
System ... UIS User Interface System
...
TFM Trusted Facility Manual ... UN/CEFACT United Nations Center
...
...
TFS Traffic Flow Security ... for Trade Facilitation and Electronic
...
TFTP Trivial File Transfer Protocol .
... Business
...
TGS Ticket-Granting Server ... UPP User Partnership Program
...
...
TGT Ticket-Granting Ticket ... URI Uniform Resource Identifier
...
TIS Trusted Information Systems ... URL Uniform Resource Locator
...
...
TLS 1. Top-Level Specification ... URN Uniform Resource Name
...
2. Transport Layer Security ... USDE Undesigned Signal Data
...
...
TLSP Transport Layer Security ... Emanations
...
Protocol .
... UUCP UNIX to UNIX Copy
...

162
 Commonly Used Abbreviations and Acronyms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
...
VAN Value Added Network ... WIPO World Intellectual Property
...
VPN Virtual Private Network ... Organization
...
...
V Model Advanced Development Model .... WWW World Wide Web
...
VMS Virtual Memory System ...
.... XDM/X Model Experimental
VPN Virtual Private Network ...
...
VST VINSON Subscriber Terminal
... Development Model/Exploratory
...
... Development Model
VTT VINSON Trunk Terminal ...
...
... XDR External Data Representation
...
W3 World Wide Web (WWW) ...
...
W3C World Wide Web Consortium ... YP Yellow Pages
...
..

163
 A SELECT ANNOTATED LIST
OF SECURITY-RELATED RFCS
SORTED BY RFC NUMBER

........................................................................................................

APPENDIX

x
 his list contains select security-related Internet Request for Comments

T (RFCs) arranged in increasing order of RFC number. The RFC citations

given below contain the information necessary for a reader to identify, at
a quick glance, specific details of an RFC. The reader may use this information
to further examine an RFC. The RFCs may be obtained in a number of ways:
using HTTP, FTP, or e-mail from the IETF Web site at
http://www.ietf.org
In addition, there are many mirror sites from which RFCs can be obtained.
RFC citations appear in the following format:
Author(s), RFC #: Title of RFC. Date of Issue, Number of Pages, [Status: sss]
[Obsoletes RFC #].
Annotation.

Key to citations: # is the RFC number. Obsoletes RFC # refers to other RFCs
that this one replaces; the Status field sss gives the documents current status.
Many RFCs are obsoleted by new RFCs, this list provides only the new
RFC and identifies the most recent RFC it obsoletes.

167
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
D.L. Mills, RFC 1004: A Distributed-Protocol Authentication Scheme, April
1987, 8 p. [Status: Experimental].
This RFC discusses authentication problems in the Internet and proposes mediated access-
control and authentication procedures as solution to these problems.

S. Kent, RFC 1108: Security Options for the Internet Protocol, 1991 Novem-
ber, 17 p. [Status: Historic], [Obsoletes RFC 1038].
This RFC documents the Internet options of the U.S. Department of Defense Basic Security Op-
tion and the top-level description of the Extended Security Option for use on the Department of
Defense common user data networks.

J. Reynolds, RFC 1135: The Helminthiasis of the Internet, December 1989, 33

p. [Status: Informational].
This RFC provides information about the infection, infestation, decay, and compromise of the
Internet by worms, viruses, and other forms of malicious attacks; it also contains methods to rid
the Internet of such infestations.

R. Fougner, RFC 1170: Public Key Standards and Licenses, January 1991, 2 p.
[Status: Informational].
This RFC contains a statement about issuing of exclusive sublicensing rights to some patents to
Public Key Partners.

C. Mills, D. Hirsh, and G. Ruth, RFC 1272: Internet accounting: background,

November 1991, 19 p. [Status: Informational].
This RFC provides information about the Internet Accounting Architecture including methods to
provide semantics to measure network utilization, syntax, and data reporting.

R.D. Pethia, S. Crocker, and B.Y. Fraser, RFC 1281: Guidelines for the Secure
Operation of the Internet, November 1991, 10 p. [Status: Informational].
This RFC provides a set of guidelines to aid in the secure operation of the Internet.

B. Kaliski, RFC 1319: The MD2 Message-Digest Algorithm, April 1992, 17 p.

[Status: Informational].
This RFC describes the MD2 Message-Digest Algorithm.

R. Rivest, RFC 1320: The MD4 Message-Digest Algorithm, April 1992, 20 p.

[Status: Informational].
This RFC describes the MD4 Message Digest Algorithm.

168
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
R. Rivest, RFC 1321: The MD5 Message-Digest Algorithm, April 1992, 21 p.
[Status: Informational].
This RFC describes the MD5 Message Digest Algorithm.

B. Lloyd, W. Simpson, RFC 1334: PPP Authentication Protocols, October

1992, 16 p. [Status: Standards Track].
This RFC defines the Password Authentication Protocol and the Challenge-Handshake Authenti-
cation Protocol for authentication.

J. Galvin, K. McCloghrie, and J. Davin, RFC 1352: SNMP Security Protocols,

July 1992, 41 p. [Status: Historic].
This RFC defines the protocols to support security services like data integrity, data origin au-
thentication, and data confidentiality in context with the SNMP specification and SNMP ad-
ministrative model.

J. Curran and A. Marine, RFC 1355: Privacy and Accuracy Issues in Network
Information Center Databases, August 1992, 4 p. [FYI 15], [Status: Informa-
tional].
This RFC sets operational and administrative framework and guidelines for public Network In-
formation Center (NIC) databases.

D. Borman, RFC 1411: Telnet Authentication: Kerberos Version 4, January

1993, 4 p. [Status: Experimental].
This RFC describes telnet authentication using Kerberos version 4.

K. Alagappan, RFC 1412: Telnet Authentication: SPX, January 1993, 4 p.

[Status: Experimental].
This RFC describes telnet authentication using SPX protocol.

M. St. Johns, RFC 1413: Identification Protocol, February 1993, 8 p. [Status:

Standards Track], [Obsoletes RFC 912, RFC 931].
This RFC describes means to determine the identity of a user of a particular TCP connection.

M. St. Johns and M. Rose, RFC 1414: Identification MIB, February 1993, 7 p.
[Status: Standards Track].
This RFC defines an MIB for use in identifying the users associated with the TCP connections.

J. Linn, RFC 1421: Privacy enhancement for Internet electronic mail:

Part I: Message encryption and authentication procedures, February 1993,

169
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
42 p. [Status: Standards Track], [Obsoletes RFC 989, RFC 1040 and RFC
1113].
This RFC describes message encryption and authentication to provide PEM services for e-mail.

S.T. Kent and J. Linn, RFC 1422: Privacy enhancement for Internet electronic
mail: Part II: Certificate-based key management, February 1993, 32 p., 9 Ref.
[Status: Standards Track], [Obsoletes RFC 1114].
This RFC describes certificate-based key management for e-mail transfer through the Internet.

D. Balenson, RFC 1423: Privacy enhancement for Internet electronic mail: Part
III: Algorithms, modes, and identifiers, February 1993, 14 p., 14 Ref. [Status:
Standards Track], [Obsoletes RFC 1115].
This RFC deals with cryptographic algorithms, modes, and identifiers for Privacy Enhanced
Mail (PEM) within the context of the Internet.

B. Kaliski, RFC 1424: Privacy Enhancement for Internet Electronic Mail: Part
IV: Key Certification and Related Services, February 1993, 9 p., 3 Ref. [Status:
Standards Track].
This RFC discusses key certification, certificate revocation list storage, and CRL retrieval for PEM.

J. Galvin and K. McCloghrie, RFC 1446: Security Protocols for version 2 of

the Simple Network Management Protocol (SNMPv2), April 1993, 51 p.
[Status: Historic].
This RFC discuses Security Protocols for version 2 of the Simple Network Management Protocol.

D. Eastlake, RFC 1455: Physical Link Security Type of Service, May 1993,
6 p. [Status: Experimental].
This RFC documents defines a Physical Link Security Type of Service experimental protocol. It
adds to the types of services described in RFC 1349.

R. Housley, RFC 1457: Security Label Framework for the Internet, May 1993,
14 p. [Status: Informational].
This RFC presents a security-labeling framework for the Internet.

F. Kastenholz, RFC 1472: The Definitions of Managed Objects for the Secu-
rity Protocols of the Point-to-Point Protocol, June 1993, 12 p. [Status: Stan-
dards Track].
This RFC describes, for point-to-point protocols, the details of managed objects for security pro-
tocols management on subnetwork interfaces.

170
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
C. Finseth, RFC 1492: An Access Control Protocol, Sometimes Called
TACACS, July 1993, 21 p. [Status: Informational].
This RFC describes an access control protocol, TACACS.

C. Kaufman, RFC 1507: DASS: Distributed Authentication Security Service,

September 1993, 119 p. [Status: Experimental].
This RFC describes DASS that provides authentication services in a distributed environment to
offer greater security and flexibility.

J. Kohl and C. Neumann, RFC 1510: The Kerberos Network Authentication

Service (V5), September 1993, 112 p. [Status: Standards Track].
This RFC describes the underlying concept and model of the Kerberos Network Authentication
System and specifies version 5 of Kerberos protocol.

J. Linn, RFC 1511: Common Authentication Technology Overview, September

1993, 2 p. [Status: Informational].
This RFC gives an overview of current authentication technology and discusses related service
interfaces as well as protocols.

E. Gavron, RFC 1535: A Security Problem and Proposed Correction with

Widely Deployed DNS Software, October 1993, 5 p. [Status: Informational].
This RFC discusses errors and flaw in some current distributed name resolver clients and sug-
gests corrections using DNS.

R. Braden, D. Clark, S. Crocker, and C. Huitema, RFC 1636: Report of IAB

Workshop on Security in the Internet Architecture (February 810, 1994),
June 1994, 52 p., 0 Ref. [Status: Informational].
This RFC documents Internet architecture workshop report on security issues in the Internet ar-
chitecture. The workshop was held on February 810, 1994 at USC Information Sciences In-
stitute.

N. Haller and R. Atkinson, RFC 1704: On Internet Authentication, October

1994, 17 p., 35 Ref. [Status: Informational].
This RFC discusses various authentication technologies and suggests the type of authentication
suitable for use in protocols and applications on the Internet.

R. Hidden, RFC 1710: Simple Internet Protocol Plus White Paper, October
1994, 23 p., 17 Ref. [Status: Informational].
This RFC describes the Simple Internet Protocol plus (SIPP), which is considered to be the next
version of Internet Protocol by IETF.

171
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
J. Myers, RFC 1731: IMAP4 Authentication Mechanisms, December 1994,
6 p. [Status: Standards Track].
This RFC describes identification and authentication mechanisms for IMAP4 protocol. It in-
cludes authentication of a user to IMAP4 server and mechanisms to provide secure interac-
tions.

J. Myers, RFC 1734: POP3 AUTHentication command, December 1994, 5 p.

[Status: Standards Track].
This RFC describes the optional POP3 AUTH command for authentication to the server and
optional negotiation of protection mechanism for interaction between client and server.

D. Eastlake, 3rd, S. Crocker, and J. Schiller, RFC 1750: Randomness Recom-

mendations for Security, December 1994, 25 p. [Status: Informational].
Many passwords, cryptographic security keys, and similar security objects use items that re-
quire random numbers. This RFC describes the problems associated with using traditional
pseudo random number generating techniques to generate random numbers that are used in
these items.

D. McDonald, RFC 1751: A Convention for Human-Readable 128-bit Keys,

December 1994, 15 p. [Status: Informational].
This RFC provides a convention for 128-bit cryptographic keys that makes it easier for humans
to read and remember these keys.

N. Haller, RFC 1760: The S/KEY One-Time Password System, February

1995, 12 p. [Status: Informational].
This RFC describes Bellcores S/KEY* One-Time Password system that provides protection
against passive attacks on authentication subsystem.

Rubin, RFC 1805: Location-Independent Data/Software Integrity Protocol,

June 1995, 6 p. [Status: Informational].
This RFC describes a protocol to add integrity assurance to software or data that may be dis-
tributed across the Internet with the help of a trusted third party.

H. Danisch RFC 1824: The Exponential Security System TESS: An Identity-

Based Cryptographic Protocol for Authenticated Key-Exchange, August 1995,
21 p., 14 Ref. [Status: Informational].
This RFC describes the details of identity-based systems for the secure authenticated exchange
and distribution of cryptographic keys and generation of signatures.

172
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
P. Metzger, W. Simpson, RFC 1828: IP Authentication using Keyed MD5,
August 1995, 5 p. [Status: Standards Track].
This RFC describes the use of MD5 algorithm in IP Authentication Header to provide integrity
and authentication for IP datagrams.

P. Karn, P. Metzger, W. Simpson, RFC 1829: The ESP DES-CBC Transform,

August 1995, 10 p, [Status: Standards Track].
This RFC describes the use of DES-CBC security transform to provide confidentiality for IP data-
grams using IP Encapsulating Security Payload (ESP).

J. Galvin, S. Murphy, S. Crocker, N. Freed, RFC 1847: Security Multiparts for

MIME: Multipart/Signed and Multipart/Encrypted, October 1995, 11 p.-
[Status: Standards Track].
This RFC describes how security services provided by other protocols may be applied to the
MIME body parts by defining signed and encrypted subtypes of the MIME multipart content
type. This results in security for both single and multipart messages.

S. Crocker, N. Freed, J. Galvin, S. Murphy, RFC 1848: MIME Object Security

Services, October 1995, 48 p. [Status: Standards Track].
This RFC describes MIME Object Security Services (MOSS) between the sender and receiver
at the application layer. This protocol applies digital signature (using public key cryptography)
and encryption services (using symmetric key) to MIME objects. This protocol provides mecha-
nisms to support many public key management schemes.

P. Karn, P. Metzger, W. Simpson, RFC 1851: The ESP Triple DES Trans-
form, September 1995, 11 p. [Status: Experimental].
This RFC describes the use of triple DES-CBC algorithm to provide IP datagram payload pro-
tection under ESP.

P. Metzger, W. Simpson, RFC 1852: IP Authentication using Keyed SHA,

September 1995, 6 p. [Status: Experimental].
This RFC describes Authentication Header use of keyed Secure Hash Algorithms (SHA).

W. Simpson, RFC 1853: IP in IP Tunneling, October 1995, 8 p., 9 Ref.

[Status: Informational].
This document discusses techniques, such as those used in Amateur Packet Radio network to
build a large mobile network, for connecting IP Protocol/Payload number 4 Encapsulation to
IP Security and other protocols. The techniques are valid when the source and the destination
application may have different capabilities and policies.

173
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
G. Ziemba, D. Reed, P.Traina, RFC 1858: Security Considerations for IP Frag-
ment Filtering, October 1995, 10 p. [Status: Informational].
This RFC describes two methods of attacks that use IP fragmentation to disguise TCP packets
from IP filters and presents methods to prevent these attacks.

J. Myers, M. Rose, RFC 1864: The Content-MD5 Header Field, October

1995, 4 p, 3 Ref. [Status: Standards Track], [Obsoletes RFC 1544].
This RFC specifies how the MD5 algorithm may be used as an integrity check for MIME mail
by using an optional header field, Content-MD5, which can be used as a message integrity
check (MIC). This MIC can be used to verify that the data sent and the received decoded data
are the same.

N. Berge, RFC 1875: UNINETT PCA Policy Statements, December 1995, 10

p. [Status: Informational].
This RFC describes the policy statements submitted by the UNINETTPCA.

G. Waters, Editor, RFC 1910: User-based Security Model for SNMPv2, Feb-
ruary 1996, 44 p. [Status: Experimental].
This RFC describes a User-based Security Model for SNMPv2. This model provides mecha-
nisms to achieve SNMP administrative-framework-defined level of security for protocol interac-
tions.

M. Leech et al., RFC 1928: SOCKS Protocol Version 5, March 1996, 9 p.

[Status: Standards Track].
This RFC describes a SOCKS Protocol Version 5 that extends the SOCKS Protocol version 4 to
include UDP, IPv6 addresses, and provision of strong authentication schemes.

M. Leech, RFC 1929: Username/Password Authentication for SOCKS V5,

March 1996, 2 p. [Status: Standards Track].
This RFC describes a protocol for username/password authentication in the initial socks con-
nection setup for SOCKS Version 5.

S. Bellovin, RFC 1948: Defending Against Sequence Number Attacks, May

1996, 6 p. [Status: Informational].
This RFC describes a modification to the existing TCP implementations that should be useful
against IP spoofing attacks.

A. Ballardie, RFC 1949: Scalable Multicast Key Distribution, May 1996, 18 p.

[Status: Experimental].

174
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
This RFC describes how the Core Based Tree (CBT) multicast protocol, which provides explicit
mechanisms for security, for example its mechanisms for secure joining of CBT group tree can
be used to provide a scalable solution to the multicast key distribution problem.

P. McMahon, RFC 1961: GSS-API Authentication Method for SOCKS Ver-

sion 5, June 1996, 9 p. [Status: Standards Track].
This RFC specifies the SOCKS V5 GSS-API authentication protocol for initial SOCKS connec-
tion. It also discusses how a GSS-API may be used to provide integrity, authentication, and
optional confidentiality under SOCKS.

J. Linn, RFC 1964: The Kerberos Version 5 GSS-API Mechanism, June 1996,
20 p. [Status: Standards Track].
This RFC describes issues such as elements of protocols and procedures for interoperability for
implementing GSS-API peers on top of Kerberos Version 5.

G. Meyer, RFC 1968: The PPP Encryption Control Protocol (ECP), June
1996, 11 p. [Status: Standards Track].
This RFC discusses Encryption Control Protocol (ECP) and negotiation of encryption algo-
rithm(s) over PPP link after a connection has been established. Note that different method of
encryption may be negotiated in each direction of the link for considerations, such as speed,
cost, memory, etc.

K. Sklower, RFC 1969: The PPP DES Encryption Protocol (DESE),

G. Meyer, June 1996, 10 p. [Status: Informational].
This RFC describes the methods for encryption of PPP encapsulated packets using DES.

IAB and IESG, RFC 1984: IAB and IESG Statement on Cryptographic Tech-
nology and the Internet, August 1996, 5 p. [Status: Informational].
This RFC contains a statement by IAB and IESG to encourage policies by governments to pro-
vide access to uniform strong cryptographic technology for all Internet users in all countries.

D. Atkins, W. Stallings, and P. Zimmermann, RFC 1991: PGP Message Ex-

change Formats, August 1996, 21 p. [Status: Informational].
This RFC describes the PGP v 2.x message exchange formats. It describes the format of mes-
sages that have been encrypted and/or signed with PGP.

M. Elkins, RFC 2015: MIME Security with Pretty Good Privacy (PGP),
October 1996, 8 p. [Status: Standards Track].
This RFC describes the ways to use PGP to provide privacy and authentication using MIME.

175
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
C. Adams, RFC 2025: The Simple Public-Key GSS-API Mechanism (SPKM),
October 1996, 45 p. [Status: Standards Track].
This RFC describes mechanisms to be used by peer protocols, who implement a GSS-API using
a Simple Public-key mechanism instead of using a symmetric key infrastructure.

R. Baldwin, R. Rivest, RFC 2040: The RC5, RC5-CBC, RC5-CBC-Pad, and

RC5-CTS Algorithms, October 1996, 29 p. [Status: Informational].
This RFC describes four ciphers, the RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS with clarity
and enough details to ensure interoperability between different implementations.

C. Rigney, A. Rubens, W. Simpson, S. Willens, RFC 2058: Remote Authenti-

cation Dial In User Service (RADIUS), January 1997, 64 p. [Status: Standards
Track].
This RFC describes Remote Authentication Dial In User Service (RADIUS) Protocol. The details
of authentication, authorization, and configuration information of connection between a Net-
work Access Server as a client and a RADIUS Server are given.

C. Rigney, RFC 2059: RADIUS Accounting, January 1997, 25 p. [Status:

Informational].
This RFC describes delivery of accounting information in a RADIUS Protocol.

F. Baker, R. Atkinson, RFC 2082: RIP-2 MD5 Authentication, January 1997,

12 p. [Status: Standards Track].
This RFC proposes that RIP-2 use keyed MD5 as a standard authentication algorithm but the
authentication mechanism of RIP-2 be kept as algorithm independent.

G. Bossert, S. Cooper, W. Drummond, RFC 2084: Considerations for Web

Transaction Security, January 1997, 6 p. [Status: Informational].
This RFC discusses Web transaction security. It contains details of security services such as
confidentiality, integrity, user authentication, and authentication of servers/services as exten-
sions to HTTP or as separate protocol on top of HTTP.

M. Oehler, R. Glenn, RFC 2085: HMAC-MD5 IP Authentication with Re-

play, Prevention, February 1997, 6 p. [Status: Standards Track].
This RFC describes mechanisms to prevent replay attacks using keyed-MD5 transform based
on HMAC-MD5 along with IP Authentication Header.

J. Myers, RFC 2086: IMAP4 ACL extension, January 1997, 8 p. [Status: Stan-
dards Track].

176
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
This RFC describes the ACL extension of the IMAP4 that allows manipulation of an access con-
trol list.

H. Harney, C. Muckenhirn, RFC 2093: Group Key Management Protocol

(GKMP) Specification, July 1997, 23 p. [Status: Experimental].
This RFC proposes Group Key Management Protocol (GKMP) that cooperatively creates keys
between more than two protocol entities within a group and distributes grouped symmetric
keys among communicating peers on the Internet.

H. Harney, C. Muckenhirn, RFC 2094: Group Key Management Protocol

(GKMP) Architecture, July 1997, 22 p. [Status: Experimental].
This RFC describes architecture for managing grouped cryptographic keys among peer proto-
cols for multicast communication.

H. Krawczyk, M. Bellare, R. Canetti, RFC 2104: HMAC: Keyed-Hashing for

Message Authentication, February 1997, 11 p. [Status: Informational].
This RFC describes a protocol HMAC: Keyed-Hashing for Message Authentication for mes-
sage authentication which is a MAC mechanism based on cryptographic hashing functions.

C. Adams, RFC 2144: The CAST-128 Encryption Algorithm, May 1997,

15 p. [Status: Informational].
This RFC describes a DES like Substitution-Permutation Network (SPN) cryptosystem, CAST-
128 encryption algorithm.

S. Murphy, M. Badger, B. Wellington, RFC 2154: OSPF with Digital Signa-

tures, June 1997, 29 p. [Status: Experimental].
This RFC describes extensions to OSPF protocol. These extensions add features such as digital
signatures to Link State Data and certification for router data. The RFC also lists LSA process-
ing, key management in addition to details of transition from OSPF v2.

Gwinn, RFC 2179: Network Security For Trade Shows, July 1997, 10 p.
[Status: Informational].
This RFC is a set of guidelines to assist vendors and participants in trade shows for protection
against network and system attacks.

B. Fraser, RFC 2196: Site Security Handbook Editor, September 1997, 75 p.

[Status: Informational], [Obsoletes: 1244].
This RFC contains guidelines and recommendations to develop policies and procedures for se-
curity of sites and systems that are connected to the Internet.

177
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
P. Cheng, R. Glenn, RFC 2202: Test Cases for HMAC-MD5 and HMAC-
SHA-1, September 1997, 9 p. [Status: Informational].
This RFC provides two sets of test cases and the corresponding results to be used as confor-
mance tests for HMAC-MD5 and HMAC-SHA-1 implementations.

M. Eisler, A. Chiu, L. Ling, RFC 2203: RPCSEC_GSS Protocol Specification,

September 1997, 23 p. [Status: Standards Track].
This RFC describes RPCSEC_GSS security protocol that allows RPC protocols to access the
GSS-API.

J. Myers, RFC 2222: Simple Authentication and Security Layer (SASL), Octo-
ber 1997, 27 p. [Status: Standards Track].
This RFC describes a procedure to add authentication to connection-based protocols. If negoti-
ated it adds a new security layer between the protocol and the connection.

M. Horowitz, S. Lunt, RFC 2228: FTP Security Extensions, October 1997,

27 p. [Status: Standards Track].
This RFC provides authentication, integrity, and confidentiality as security extensions to the FTP
protocol and introduces new optional commands as well as new class of reply types for pro-
tected replies.

R. Atkinson, RFC 2230: Key Exchange Delegation Record for the DNS,
November 1997, 11 p. [Status: Informational].
This RFC describes the syntax of key exchange record and methods to delegate key exchange
services to different nodes through secure DNS.

C. Newman, RFC 2245: Anonymous SASL Mechanism, November 1997, 5 p.

[Status: Standards Track].
This RFC describes anonymous access by a client of a server within SASL framework. The RFC
includes a grammar and an example access scenario.

P. Ferguson, D. Senie, RFC 2267: Network Ingress Filtering: Defeating Denial

of Service Attacks which employ IP Source Address Spoofing, January 1998,
10 p. [Status: Informational].
This RFC discusses a method for using traffic filtering to allow valid source IP addresses from
input links to routers to prevent DoS attacks.

R. Rivest, RFC 2268: A Description of the RC2(r) Encryption Algorithm,

March 1998, 11 p. [Status: Informational].

178
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
This RFC describes a secret key block encryption algorithm RC2 as a proposed replacement
for DES. The algorithm has 64-bit input and 64-bit output blocks and a key size of up to 128
bytes.

U. Blumenthal, B. Wijnen, RFC 2274: User-based Security Model (USM) for

version 3 of the Simple Network Management Protocol (SNMPv3), January
1998, 76 p. [Status: Standards Track], [Obsoletes: 2264].
This RFC describes the user-based security model for SNMP which includes procedure for pro-
viding SNMP message-level security and an MIB for remote management.

B. Wijnen, R. Presuhn, K. McCloghrie, RFC 2275: View-based Access Control

Model (VACM) for the Simple Network Management Protocol (SNMP) Jan-
uary 1998, 36 p. [Status: Proposed Standard], [Obsoletes: 2265].
This RFC describes the View-based Access Control Model for the SNMP architecture, which
include procedures for controlling access to management information and an MIB for remote
management.

L. Blunk, J. Vollbrecht, RFC 2284: PPP Extensible Authentication Protocol

(EAP), March 1998, 15 p. [Status: Proposed Standard].
This RFC describes the PPP Extensible Authentication Protocol (EAP) to authenticate multi-
protocol datagrams over point-to-point links.

J. Kapp, RFC 2286: Test Cases for HMAC-RIPEMD160 and HMAC-

RIPEMD128, February 1998, 7 p. [Status: Informational].
This RFC provides two sets of test cases and the corresponding results to be used as confor-
mance tests for HMAC-RIPEMD160 and HMAC-RIPEMD128 implementations.

N. Haller, C. Metz, P. Nesser, M. Straw, RFC 2289: A One-Time Password

System, February 1998, 25 p. [Status: Draft Standard], [Obsoletes: 1938].
This RFC describes an authentication method that uses a secret pass-phrase from a user to gen-
erate a sequence of one-time passwords. This method is not vulnerable to replay attacks be-
cause the secret pass-phrase does not cross the network for authentication.

S. Dusse, P. Hoffman, B. Ramsdell, L. Lundblade, L. Repka, RFC 2311:

S/MIME Version 2 Message Specification, March 1998, 37 p. [Status:
Informational].
This RFC describes specifications and protocols for adding cryptographic signature and en-
cryption services to MIME messages.

179
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
S. Dusse, P. Hoffman, B. Ramsdell, J. Weinstein, RFC 2312: S/MIME Ver-
sion 2 Certificate Handling, March 1998, 20 p. [Status: Informational].
This RFC describes the procedures used by S/MIME to manage certificates.

B. Kaliski, RFC 2315: PKCS #7: Cryptographic Message Syntax Version 1.5,
March 1998, 32 p. [Status: Informational].
This RFC describes syntax for data that may need to be encrypted such as in digital signatures
and digital envelops.

S. Bellovin, RFC 2316: Report of the IAB Security Architecture Workshop,

April 1998, 9 p. [Status: Informational].
This RFC contains a report of the IAB security architecture workshop that was held with goals
to define security architecture for the Internet and identify current areas of strength, weakness
and to provide guidance.

N. Brownlee, E. Guttman, RFC 2350: Expectations for Computer Security

Incident Response, June 1998, 38 p. [Status: Best Current Practice].
This RFC outlines expectations and framework for presenting the important subjects related to
incident response from Computer Security Incident Response Teams (CSIRTs). It also provides
formal templates and completed examples of information for presenting reports to users.

G. Montenegro, V. Gupta, RFC 2356: Suns SKIP Firewall Traversal for

Mobile IP, June 1998, 24 p. [Status: Informational].
This RFC describes traversal of mobile IP through a SKIP firewall. The document lists support
required at firewall mobile IP home agent and mobile IP node and also methods for a mobile
IP node to access past a SKIP firewall to construct a secure channel into its home network.

D. McDonald, C. Metz, B. Phan, RFC 2367: PF_KEY Key Management API,

Version 2, July 1998,68 p. [Status: Informational].
This RFC describes the PF_KEY Key Management API, Version 2 which can be used for IP Se-
curity and other network security services.

S. Kent, R. Atkinson, RFC 2401: Security Architecture for the Internet Proto-
col, November 1998, 66 p. [Status: Standards Track], [Obsoletes: 1825].
This RFC describes the architecture of IPsec compliant systems including the high level descrip-
tion of IPsec and methods to provide security services such as access control, connectionless
integrity, data origin authentication, rejection of replayed packets, and confidentiality for traf-
fic at the IP layer.

180
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
S. Kent, R. Atkinson, RFC 2402: IP Authentication Header, November 1998,
22 p. [Status: Standards Track], [Obsoletes: 1826].
This RFC describes the structure, fields, format, and other details of the IP Authentication
Header (AH). The AH provides integrity and data origin authentication for IP datagrams.

C. Madson, R. Glenn, RFC 2403: The Use of HMAC-MD596 within ESP

and AH, November 1998, 7 p. [Status: Standards Track].
This RFC describes the use of the HMAC algorithm and the MD5 algorithm, to provide the
data origin authentication and integrity protection for IPsec ESP and IPsec AH.

C. Madson, R. Glenn, RFC 2404: The Use of HMAC-SHA-196 within ESP

and AH, November 1998, 7 p. [Status: Standards Track].
This RFC describes the use of the HMAC algorithm and the SHA-1 algorithm, to provide the
data origin authentication and integrity protection for IPsec ESP and IPsec AH.

C. Madson, N. Doraswamy, RFC 2405: The ESP DES-CBC Cipher Algorithm

With Explicit IV, November 1998, 10 p. [Status: Standards Track].
This RFC describes the DES Cipher algorithm in Cipher Block Chaining Mode, with an explicit
IV, to provide confidentiality under IPsec Encapsulating Security Payload.

S. Kent, R. Atkinson, RFC 2406: IP Encapsulating Security Payload (ESP),

November 1998, 22 p. [Status: Standards Track], [Obsoletes: 1827].
This RFC describes the IP Encapsulating Security Payload (ESP) protocol that provides many
security services such as confidentiality, data origin authentication, connectionless integrity, an
anti-replay service for IPv4 and IPv6.

D. Piper, RFC 2407: The Internet IP Security Domain of Interpretation for

ISAKMP, November 1998, 32 p. [Status: Standards Track].
This RFC describes the Internet IP Security DOI (IPSEC DOI) for ISAKMP. Related protocols us-
ing ISAKMP in a DOI negotiate security associations, choose security protocols and share
many other important functions and attributes.

D. Maughan, M. Schertler, M. Schneider, J. Turner, RFC 2408: Internet Secu-

rity Association and Key Management Protocol (ISAKMP), November 1998,
86 p. [Status: Standards Track].
This RFC describes the Internet Security Association and Key Management Protocol (ISAKMP)
protocol for key management, authentication, and security association for secure communica-
tion in an internet environment.

181
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
D. Harkins, D. Carrel, RFC 2409: The Internet Key Exchange (IKE), Novem-
ber 1998, 41 p. [Status: Standards Track].
This RFC describes a hybrid protocol that uses parts of Oakley and SKEME to get authenti-
cated keying material for use with ISAKMP, IPsec ESP and AH.

R. Glenn, S. Kent, RFC 2410: The NULL Encryption Algorithm and Its Use
With IPsec, November 1998, 6 p. [Status: Standards Track].
This RFC describes the NULL encryption algorithm, to help IPsec ESP provide authentication
and integrity for IP datagrams.

B. Kaliski, J. Staddon, RFC 2437: PKCS #1: RSA Cryptography Specifications

Version 2.0, October 1998,39 p. [Status: Informational], [Obsoletes: 2313].
This RFC describes specifications for implementing the RSA algorithm in computer and commu-
nication systems. The description includes cryptographic primitives, encryption schemes, signa-
ture schemes, and ASN.1 syntax.

C. Newman, RFC 2444: The One-Time-Password SASL Mechanism, October

1988, 7 p. [Status: Standards Track], [Updates: 2222].
This RFC describes the One-Time-Password (OTP) SASL mechanism to formally integrate OTP
into SASL enabled protocols. The OTP, by giving only one-time password is useful for authenti-
cation when a client or a server is untrusted, such as a client application in a publicly avail-
able computer or an Internet kiosk.

R. Pereira, R. Adams, RFC 2451: The ESP CBC-Mode Cipher Algorithms,

November 1998, 14 p. [Status: Standards Track].
This RFC describes application of CBC-mode cipher algorithms to encrypt the IP datagram
payload for the IPsec ESP Protocol.

E. Baize, D. Pinkas, RFC 2478: The Simple and Protected GSS-API Negotia-
tion Mechanism, December 1988, 18 p. [Status: Standards Track].
This RFC describes a simple and protected security negotiation mechanism between GSS-API
peers.

C. Adams, RFC 2479: Independent Data Unit Protection Generic Security Ser-
vice Application Program Interface (IDUP-GSS-API), December 1988, 70 p.
[Status: Informational].
This RFC describes the Independent Data Unit Protection Generic Security Service Application
Program Interface (IDUP-GSS-API), which provides data origin authentication with data integ-
rity, data confidentiality with data integrity, and support for non-repudiation services.

182
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
N. Freed, RFC 2480: Gateways and MIME Security Multiparts, January 1999,
6 p. [Status: Standards Track].
This RFC discusses the problems of using MIME security multiparts and gateways to connect to
non-MIME environments and provides specifications for gateway behavior that should solve
these problems.

P. Hoffman, RFC 2487: SMTP Service Extension for Secure SMTP over TLS,
January 1999, 8 p. [Status: Standards Track].
This RFC describes an extension to the SMTP service to provide secure SMTP communication
using TLS between SMTP client and server.

E. Guttman, L. Leong, G. Malkin, RFC 2504: Users Security Handbook, Feb-

ruary 1999, 33 p. [Status: Informational].
This RFC contains guidelines for users to keep their data, computers, and networks secure.

C. Adams, S. Farrell, RFC 2510: Internet X.509 Public Key Infrastructure Cer-
tificate Management Protocols, March 1999, 72 p. [Status: Standards Track].
This RFC describes the Internet X.509 Public Key Infrastructure (PKI) Certificate Management
Protocols. It contains details of data structures used for PKI management messages, functions
done in PKI management, and a simple protocol for transporting PKI messages.

M. Myers, C. Adams, D. Solo, D. Kemp, RFC 2511: Internet X.509 Certificate

Request Message Format, March 1999, 25 p. [Status: Standards Track].
This RFC describes the details and the syntax of the Internet X.509 Certificate Request Mes-
sage Format.

P. Karn, W. Simpson, RFC 2521: ICMP Security Failures Messages, March

1999, 7 p. [Status: Experimental].
This RFC specifies message format and error procedures for ICMP security failures messages
when using IP security protocols.

P. Karn, W. Simpson, RFC 2523: Photuris: Extended Schemes and Attributes,

March 1999, 19 p. [Status: Experimental].
This RFC provides Extensible Exchange Schemes and authentication attributes for implementa-
tion of Photuris.

S. Chokhani, W. Ford, RFC 2527: Internet X.509 Public Key Infrastructure

Certificate Policy and Certification Practices Framework, March 1999, 45 p.
[Status: Informational].

183
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
This RFC establishes an outline of Certificate Policy and Certification Practices in Internet
X.509 Public Key Infrastructure. This outline contains guidelines to include topics in preparing
certificate policy definition or a certification practice statement.

R. Housley, W. Polk, RFC 2528: Internet X.509 Public Key Infrastructure

Representation of Key Exchange Algorithm (KEA) Keys in Internet X.509
Public Key Infrastructure Certificates, March 1999, 9 p. [Status: Informational].
This RFC outlines the format and semantics of fields of Key Exchange Algorithm keys in the
Internet X.509 public key infrastructure certificates.

D. Eastlake, RFC 2537: RSA/MD5 KEYs and SIGs in the Domain Name
System (DNS), March 1999, 6 p. [Status: Standards Track].
This RFC describes a standard method for storage of RSA keys and RSA/MD5 based signa-
tures in the DNS.

D. Eastlake, RFC 2539: Storage of DiffieHellman Keys in the Domain Name

System (DNS), March 1999, 7 p. [Status: Standards Track].
This RFC describes a standard method for storage of DiffieHellman keys in the DNS.

D. Eastlake, RFC 2540: Detached Domain Name System (DNS) Information,

March 1999, 6 p. [Status: Experimental].
This RFC defines a standard format for representing information retrieved such as public cryp-
tographic keys from DNS for archival purposes.

D. Eastlake, RFC 2541: DNS Security Operational Considerations, March

1999, 7 p. [Status: Informational].
This RFC discusses various operational aspects of DNS security such as security of high-level
zones; and lifetime, size, and storage for keys and signatures used for the KEY and SIG DNS
resource records.

J. Myers, RFC 2554: SMTP Service Extension for Authentication, March

1999, 11 p. [Status: Standards Track].
This document describes an SMTP service extension [ESMTP] for authentication and an op-
tional negotiation for a security layer for protocol interactions.

M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams, RFC 2560: X.509

Internet Public Key Infrastructure Online Certificate Status ProtocolOCSP,
June 1999, 23 p. [Status: Standards Track].
This RFC describes a protocol that helps applications determine the status of a certificate from
a server without requiring CRLs.

184
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
U. Blumenthal, B. Wijnen, RFC 2574: User-based Security Model (USM) for
version 3 of the Simple Network Management Protocol (SNMPv3), April
1999, 86 p. [Status: Draft Standard], [Obsoletes 2274].
This RFC describes the User-based Security Model (USM) for SNMP version 3, provision of
SNMP message level security, and a MIB for remotely managing the parameters of this USM.

M. Allman, S. Ostermann, RFC 2577: FTP Security Considerations, May

1999, 8 p. [Status: Informational].
This RFC contains suggestions for improving security of FTP servers.

R. Finlayson, RFC 2588: IP Multicast and Firewalls, May 1999, 12 p. [Status:

Informational].
This document discusses how firewall handles IP Multicast traffic that includes issues like sur-
rounding the traversal of IP Multicast traffic across a firewall.

C. Newman, RFC 2595: Using TLS with IMAP, POP3 and ACAP, June
1999, 15 p. [Status: Standards Track].
This RFC describes use of TLS with IMAP, POP 3, and ACAP for secure communication.

J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence, P. Leach, A. Luotonen,

and L. Stewart, RFC 2617: HTTP Authentication: Basic and Digest Access
Authentication, June 1999, 34 p. [Status: Draft Standard], [Obsoletes: 2069].
This RFC describes basic and digest access authentication methods within the HTTP authentica-
tion framework.

B. Aboba, G. Zorn, RFC 2618: RADIUS Authentication Client MIB, June

1999, 14 p. [Status: Standards Track].
This RFC describes extensions to the Management Information Base (MIB) for use with network
management protocols. These extensions help IP based management stations manage RADIUS
authentication client.

G. Zorn, B. Aboba, RFC 2619: RADIUS Authentication Server MIB, June

1999, 16 p. [Status: Standards Track].
This RFC describes extensions to the Management Information Base (MIB) for use with network
management protocols. These extensions help IP based management stations manage RADIUS
authentication server.

B. Aboba, G. Zorn, RFC 2620: RADIUS Accounting Client MIB, June 1999,
13 p. [Status: Informational].

185
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
This RFC describes extensions to the Management Information Base (MIB) for use with network
management protocols. These extensions help IP based management stations manage RADIUS
account client.

G. Zorn, B. Aboba, RFC 2621: RADIUS Accounting Server MIB, June 1999,
15 p. [Status: Informational].
This RFC describes extensions to the Management Information Base (MIB) for use with network
management protocols. These extensions help IP based management stations manage RADIUS
account servers.

M. Eisler, RFC 2623: NFS Version 2 and Version 3 Security Issues and the
NFS Protocols Use of RPCSEC_GSS and Kerberos V5, June 1999, 19 p.
[Status: Standards Track].
This RFC describes NFS security issues, functioning of NFS over Kerberos v5 using
RPCSEC_GSS, and how the Version 2 and Version 3 of the NFS use RPCSEC_GSS.

V. Smyslov, RFC 2628: Simple Cryptographic Program Interface (Crypto

API), June 1999, 30 p. [Status: Informational].
This RFC describes a simple application program interface to cryptographic functions so as to
separate cryptographic libraries from applications.

E. Rescorla, A. Schiffman, RFC 2659: Security Extensions For HTML, August

1999, 4 p. [Status: Experimental].
This RFC describes security extensions to HTML for embedding S-HTTP negotiation parameters
related to cryptographic enhancements.

M. Blaze, J. Feigenbaum, J. Ioannidis, A. Keromytis, RFC 2704: The

KeyNote Trust-Management System Version 2, September 1999, 37 p.
[Status: Informational].
This RFC describes version 2 of the KeyNote trust-management system.

P. Srisuresh, RFC 2709: Security Model with Tunnel-mode IPsec for NAT
Domains, October 1999, 11 p. [Status: Informational].
This RFC describes a security model by which IP Network Address Translator devices recog-
nize tunnel-mode IPsec security.

Medvinsky, M. Hur, RFC 2712: Addition of Kerberos Cipher Suites to Trans-

port Layer Security (TLS), October 1999, 7 p. [Status: Standards Track].
This document proposes addition of Kerberos Cipher Suites to the TLS protocol.

186
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
B. Aboba, D. Simon, RFC 2716: PPP EAP TLS Authentication Protocol,
October 1999, 24 p. [Status: Experimental].
This RFC document describes the way EAP-TLS provides TLS mechanisms within EAP.

C. Villamizar, C. Alaettinoglu, D. Meyer, S. Murphy, RFC 2725: Routing Pol-

icy System Security, December 1999, 41 p. [Status: Standards Track].
This RFC document suggests an authentication and authorization model to assure integrity of
data in a routing policy system.

J. Zsako, RFC 2726: PGP Authentication for RIPE Database Updates, Decem-
ber 1999, 11 p. [Status: Standards Track].
This RFC suggests PGP authentication of the updates to the RIPE database.

J. Linn, RFC 2743: Generic Security Service Application Program Interface

Version 2, Update 1, January 2000, 101 p. [Status: Standards Track], [Obso-
letes 2078].
This RFC describes update 1 of GSS-API version 2.

J. Wray, RFC 2744: Generic Security Service API Version 2: C-bindings, Janu-
ary 2000, 101 p. [Status: Standards Track], [Obsoletes: 1509].
This RFC describes GSS-API C language bindings.

C. Alaettinoglu, C. Villamizar, R. Govindan, RFC 2754: RPS IANA Issues,

January 2000, 7 p. [Status: Informational].
This RFC describes RPSL objects in the IRR and lists operations required from IANA.

A. Chiu, M. Eisler, B. Callaghan, RFC 2755: Security Negotiation for

WebNFS, January 2000, 12 p. [Status: Informational].
This RFC document describes protocol for security negotiation between WebNFS client and
WebNFS server.

R. Zuccherato, RFC 2785: Methods for Avoiding the Small-Subgroup Attacks

on the DiffieHellman Key Agreement Method for S/MIME, March 2000,
11 p. [Status: Informational].
This RFC describes methods to avoid Small-Subgroup attacks on the DiffieHellman Key
Agreement Method for S/MIME.

M. St. Johns, RFC 2786: DiffieHellman USM Key Management Information

Base and Textual Convention, March 2000, 20 p. [Status: Experimental].

187
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
This RFC describes an experimental part of the DiffieHellman USM Key Management Infor-
mation Base and textual conventions to do DiffieHellman key exchange for use with network
management protocols.

K. Davidson, Y. Kawatsura, RFC 2802: Digital Signatures for the v1.0 Internet
Open Trading Protocol (IOTP), April 2000, 29 p. [Status: Informational].
This RFC describes the details of the computation and verification of digital signatures in ver-
sion 1.0 of the Internet Open Trading Protocol (IOTP).

M. Nystrom, RFC 2808: The SecurID(r) SASL Mechanism, April 2000, 11 p.

[Status: Informational].
This RFC defines an SASL authentication mechanism using hardware token card or its software
implementation. This RFC uses SecurID, a hardware token card produced by RSA Securities Inc.

R. Khare, S. Lawrence, RFC 2817: Upgrading to TLS Within HTTP/1.1,May

2000,1 p. [Status: Standards Track], [Updates: 2616].
This RFC describes the use of Upgrade mechanism in HTTP/1.1 to start Transport Layer Secu-
rity (TLS) connection over an existing TCP connection by using the same port 80 instead of
port 443 used for HTTPS.

E. Rescorla, RFC 2818: HTTP Over TLS, May 2000, 7 p. [Status:

Informational].
This RFC describes the functioning of HTPP/TLS. It describes how HTTP protocol may be used
on top of TLS protocol to provide secure connection(s).

R. Shirey, RFC 2828: Internet Security Glossary, May 2000, 212 p. [Status:
Informational].
This RFC contains definition and description of Internet security terms with a purpose to pro-
vide standardization and comprehensibility for writing in Internet security and Internet Stan-
dards documents.

M. Wahl, H. Alvestrand, J. Hodges, R. Morgan, RFC 2829: Authentication

Methods for LDAP, May 2000, 16 p. [Status: Standards Track].
This RFC describes suggested and recommended seurity combinations for authentication in
LDAP implementations.

J. Hodges, R. Morgan, M. Wahl, RFC 2830: Lightweight Directory Access

Protocol (v3): Extension for Transport Layer Security, May 2000, 12 p.
[Status: Standards Track].

188
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
This RFC describes the Start Transport Layer Security in initiation of connection in an LDAP
association.

P. Leach, C. Newman, RFC 2831: Using Digest Authentication as a SASL

Mechanism, May 2000, 27 p. [Status: Standards Track].
This RFC describes methods to use HTTP Digest Authentication as SASL mechanism to authenti-
cation, for example on Web, mail, LDAP, etc.

J. Kabat, M. Upadhyay, RFC 2853: Generic Security Service API Version 2:

Java Bindings, June 2000, 96 p. [Status: Standards Track].
This RFC describes the Java bindings of GSS-API.

Keromytis, N. Provos, RFC 2857: The Use of HMAC-RIPEMD-16096

within ESP and AH, June 2000, 7 p. [Status: Standards Track].
This RFC describes how the HMAC algorithm and the RIPEMD-160 algorithm together may be
used to authenticate under IPSEC protocol.

R. Bush, D. Karrenberg, M. Kosters, R. Plzak, RFC 2870: Root Name Server

Operational Requirements, June 2000, 10 p. [Status: Best Current Practice],
[Obsoletes: 2010].
This RFC provides recommendations for operation of the root name servers.

H. Prafullchandra, J. Schaad, RFC 2875: DiffieHellman Proof-of-Possession

Algorithms, July 2000, 23 p. [Status: Standards Track].
This RFC describes two proof-of-possession algorithms to generate an integrity check value
using DiffieHellman algorithm.

B. Kaliski, RFC 2898: PKCS #5: Password-Based Cryptography Specification

Version 2.0, September 2000, 34 p. [Status: Informational].
This RFC document contains a republication of PKCS #5: Password-Based Cryptography
Specification Version 2.0. This RFC adds security consideration section to the above docu-
ment. Note that PKCS series of documents are produced by the RSA Laboratories.

Eastlake, RFC 2931: DNS Request and Transaction Signatures (SIG (0) s),
September 2000, 10 p. [Status: Standards Track], [Updates: 2535].
This RFC describes minor changes to the Domain Name System SIG Resource Records that are
used to digitally sign DNS requests and transactions/responses.

T. Tso, editor, J. Altman, RFC 2941: Telnet Authentication Option, Septem-

ber 2000, 15 p. [Status: Standards Track], [Obsoletes: 1416].

189
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
This RFC describes a telent authentication option that can be used to decide whether to use
encryption and forwarding of credentials for authentication, and to negotiate an authentica-
tion type and mode among the connecting points.

N. Freed, RFC 2979: Behavior of and Requirements for Internet Firewalls,

October 2000, 7 p. [Status: Informational].
This RFC contains guidelines to make Internet firewalls consistent and interoperable among
various implementations.

C. Adams, RFC 2984: Use of the CAST-128 Encryption Algorithm in CMS,

October 2000, 6 p. [Status: Standards Track].
This RFC document describes methods to incorporate CAST-128 encryption algorithm into the
S/MIME Cryptographic Message Syntax (CMS). The CAST-128 encryption algorithm is an
additional algorithm within CMS for symmetric content and key encryption.

M. Nystrom, B. Kaliski, RFC 2985: PKCS#9: Selected Object Classes and At-
tribute Types Version 2.0, November 2000, 42 p. [Status: Informational].
This RFC document contains a republication of PKCS #9: Certification Request Syntax Specifi-
cation v2.0. This RFC adds security consideration section to the above document. Note that
PKCS series of documents are produced by the RSA Laboratories.

M. Nystrom, B. Kaliski, RFC 2986: PKCS#10: Certification Request Syntax

Specification Version 1.7, November 2000, 14 p. [Status: Informational], [Ob-
soletes: 2314].
This RFC document contains a republication of PKCS #10: Certification Request Syntax Spec-
ification v1.7. This RFC adds security consideration section to the above document. Note that
PKCS series of documents are produced by the RSA Laboratories.

H. Ohta, M. Matsui, RFC 2994: A Description of the MISTY1 Encryption

Algorithm, November 2000, 10 p. [Status: Informational].
This RFC describes an encryption algorithm including key scheduling and data randomizing
for a 128-bit key, 64-bit block, secret-key cryptosystem MISTY1. The algorithm uses variable
number of rounds for encryption.

B. Wellington, RFC 3007: Secure Domain Name System (DNS) Dynamic Up-
date, November 2000, 9 p. [Status: Standards Track], [Obsoletes: 2137], [Up-
dates: 2535, 2136].
This RFC describes methods that use secure communication and authentication to do DNS dy-
namic updates securely.

190
 Annotated List of Security-Related RFCs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
B. Wellington, RFC 3008: Domain Name System Security (DNSSEC) Signing
Authority, November 2000, 7 p. [Status: Standards Track], [Updates: 2535].
This RFC document revises Domain Name System Security (DNSSEC) Signing Authority model
to simplify the secure resolution process. A major change is that in a secure zone, zone data
must sign the zone key.

T. Killalea, RFC 3013: Recommended Internet Service Provider Security Ser-

vices and Procedures, November 2000, 13 p. [Status: Best Current Practice].
This RFC is a set of guidelines and recommendations from IETF and describe best current prac-
tices related to security. These guidelines and recommendations are for Internet Service Provid-
ers (ISPs) and the Internet users.

G. Pall, G. Zorn, and RFC 3078: Microsoft Point-To-Point Encryption

(MPPE) Protocol, March 2001,12 p. [Status: Informational].
This RFC document describes the Microsoft Point-to-Point Encryption (MPPE) including, the use
of RSA C4 algorithm to provide data confidentiality, MPPE Key Change Algorithm, and
change of session keys.

G. Zorn, RFC 3079: Deriving Keys for use with Microsoft Point-to-Point En-
cryption (MPPE), March 2001, 21 p. [Status: Informational].
This RFC document describes the derivation of initial MPPE session keys to encrypt PPP packets
over point-to-point links. The session keys are changed frequently and the frequency of change
is negotiated between the communicating parties.

K. Chan, J. Seligson, D. Durham, S. Durham, S. Gai, K. McCloghrie, S. Her-

zog, F. Reichmeyer, R. Yavatkar, and A. Smith, RFC 3084: COPS Usage
for Policy Provisioning (COPS-PR), March 2001, 34 p. [Status: Standards
Track].
This document describes the Common Open Policy Service (COPS) protocol that includes mes-
sage formats and objects that carry the modeled policy data to support policy provisioning. It
makes no assumption about the underlying policy data model being communicated.

E. Lewis, RFC 3090: DNS Security Extension Clarification on Zone Status,

March 2001, 11 p. [Status: Standards Track].
This RFC updates sections of RFC 2535 by defining the criteria to designate a zone as a se-
cure zone. This definition is independent of the underlying key algorithm used.

R. Braden, L. Zhang, RFC 3097: RSVP Cryptographic Authentication

Updated Message Type Value, April 2001, 4 p. [Status: Standards Track].

191
Annotated List of Security-Related RFCs
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
This RFC memo suggests an updated message type value in RSVP Cryptographic Authentica-
tion by changing the message type of the challenge and integrity response messages in RFC
2747.

D. Eastlake 3rd, RFC 3110: RSA/SHA-1 SIGs and RSA KEYs in the Do-
main Name System (DNS), May 2001, 7 p. [Status: Standards Track].
This RFC defines a new DNS signature algorithm to produce RSA/SHA1 SIG resource records
and RSA KEY resource records.

192
 LIST OF
SECURITY
STANDARDS

........................................................................................................

APPENDIX

x
 ...
...
...
ANSI STANDARDS ... ANSI X9.23
...
... American National Standard for Financial
...
ANSI X3. 92 ...
...
Institution Message Encryption, American
American National Standard for Data En- ...
... Bankers Association, 1988.
cryption Algorithm (DEA), American Na- ...
...
... ANSI X9.24
tional Standards Institute, 1981. ...
... Draft Proposed American National Stan-
ANSI X3.105 ...
... dard for Retail Key Management, American
American National Standard for Informa- ...
... Bankers Association, 1988.
...
tion SystemsData Link Encryption, Ameri- ...
...
can National Standards Institute, 1983. ... ANSI X9.26
...
... American National Standard for Financial
ANSI X3.106 ...
... Institution Sign-On Authentication for Wholesale
American National Standard for Informa- ...
...
...
Financial Transaction, American Bankers As-
tion SystemsData Encryption Algorithm- ...
... sociation, 1990 (Revised).
Modes of Operation, American National ...
Standards Institute, 1983. ...
... ANSI X9.30
...
ANSI X9.17 ... Working Draft: Public Key Cryptography Us-
...
American National Standard for Financial ...
...
ing Irreversible Algorithms for the Financial Services
... Industry, American Bankers Association,
Institution Key Management (Wholesale), ...
... August 1994.
American Bankers Association, 1985 ...
...
(Revised). ...
... ANSI X9.31
...
ANSI X9.19 ...
...
Working Draft: Public Key Cryptography Us-
American National Standard for Retail ... ing Reversible Algorithms for the Financial Services
...
Message Authentication, American Bankers As- ... Industry, American Bankers Association,
...
...
sociation, 1985. ... March 1993.
.

195
List of Security Standards
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
ANSI X9.8 ... and H.323, Generic Functional Protocol
...
...
American National Standard for Personal ... for the Support of Supplementary Services
...
Information Number (PIN) Management and Se- ... (June 2000).
...
curity, American Bankers Association, ...
... ECMA-308
1982. ...
... Corporate Telecommunication Networks,
...
ANSI X9.9 ... Signalling Interworking between QSIG and
..
American National Standard for Financial ..... H.323, Call Transfer Supplementary Ser-
...
Institution Message Authentication (Whole- ... vices (June 2000).
...
sale), American Bankers Association, ...
...
1986. (Revised) ... ECMA-309
...
... Corporate Telecommunication Networks,
...
... Signalling Interworking between QSIG and
...
ECMA STANDARDS ... H.323, Call Diversion Supplementary Ser-
...
(BLUE COVER) ... vices (June 2000).
...
...
...
ECMA-106 ...
...
Private Telecommunication Networks ... F I P S S T A N D A R D S
..
(PTN), Signalling Protocol at the S Refer- .....
...
ence Point, Circuit Mode Basic Services ...
.. FIPS PUB ZZZ
(SSIG-BC), 3rd edition (December 1993). ..... Advanced Encryption Standard (AES).
...
...
ECMA-151 ...
... FIPS PUB 112
Data Compression for Information Inter- ...
... Password Usage, 1985 May 30.
change, Adaptive Coding with Embedded ...
...
Dictionary, DCLZ Algorithm (June 1991). ..... FIPS PUB 196
...
... Entity Authentication Using Public Key
ECMA-205 ...
. Cryptography, 1997 February 18.
Commercially Oriented Functionality Class .....
...
for Security Evaluation (COFC) (Decem- ... FIPS PUB 46
...
ber 1993). ... Data Encryption Standard (DES), January
...
... 1997.
ECMA-206 ...
...
Association Context Management includ- ...
... FIPS PUB 463
ing Security Context Management (Decem- ..... Data Encryption Standard (DES), 1999
...
ber 1993) ... October 25.
...
...
ECMA-219 ...
.. FIPS PUB 81
Authentication and Priviledge Attribute Se- ..... DES Modes of Operation.
....
curity Application with Related Key Dis- ...
.
tribution Functions, Parts 1, 2, and 3, 2nd ..... FIPS PUB 113
...
edition (March 1996). ... Computer Data Authentication.
...
...
ECMA-307 ... FIPS PUB 1401
..
Corporate Telecommunication Networks, ..... Security Requirements For Cryptographic
...
Signalling Interworking between QSIG ... Modules.
...

196
 List of Security Standards
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
FIPS PUB 171 .
.
... ISO/IEC DIS 101813
...
Key Management Using ANSI X9.17. ... Information technology, Open Systems In-
...
... terconnection, Security frameworks in open
FIPS PUB 1801 ...
... systems, Part 3: Access control.
Secure Hash Standard (SHS). ...
...
...
... ISO/IEC DIS 101814
FIPS PUB 181 ...
... Information technology, Open Systems In-
Automated Password Generator (APG). ...
... terconnection, Security frameworks in
...
FIPS PUB 185 ... Open Systems, Part 4: Nonrepudiation.
...
Automated Password Generator (APG). ...
... ISO/IEC DIS 101815
...
FIPS PUB 186 ...
... Information technology, Security frame-
...
Digital Signature Standard (DSS). ... works in open systems, Part 5: Confidenti-
...
... ality.
FIPS PUB 1862 ...
...
Automated Password Generator (APG). ... ISO/IEC DIS 101816
...
...
... Information technology, Security frame-
...
... works in open systems, Part 6: Integrity.
ISO STANDARDS ...
...
... ISO/IEC DIS 101817
...
... Information technology, Open Systems In-
ISO 74982:1989 ...
.
Information processing systems, Open Sys- ..... terconnection, Security Frameworks for
...
tems Interconnection, Basic Reference ... Open Systems: Security Audit Framework.
...
Model, Part 2: Security Architecture. ...
... ISO/IEC 10745:1995
...
... Information technology, Open Systems In-
ISO/IEC 101647:1992 ...
.
Information technology, Open Systems In- ..... terconnection, Upper layers security model.
.
terconnection, Systems Management: Secu- .....
... ISO/IEC DIS 115861
rity alarm reporting function. ...
... Information technology, Open Systems
...
ISO/IEC 101648:1993 ... Interconnection, Generic Upper Layers
...
Information technology, Open Systems In- ..... Security, Part 1: Overview, Models and
.
terconnection, Systems Management: Secu- ..... Notation.
....
rity audit trail function. ...
... ISO/IEC DIS 115862
...
ISO/IEC DIS 101811 ... Information technology, Open Systems In-
..
Information technology, Open Systems In- ..... terconnection, Generic Upper Layers Secu-
...
terconnection, Security Frameworks for ... rity, Part 2: Security Exchange Service Ele-
...
Open Systems: Overview. ... ment (SESE) Service Specification.
...
...
...
ISO/IEC DIS 101812 ... ISO/IEC DIS 115863
.
Information technology, Open Systems In- ..... Information technology, Open Systems In-
...
terconnection, Security Frameworks for ... terconnection, Generic Upper Layers Secu-
...
Open Systems, Part 2: Authentication ... rity, Part 3: Security Exchange Service Ele-
...
Framework. ... ment (SESE) Protocol Specification.
...
.

197
List of Security Standards
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
ISO/IEC DIS 115864 ... Part 3: Entity authentication using a public
...
Information technology, Open Systems In- ..... key algorithm.
..
terconnection, Generic Upper Layers Secu- .....
... ISO/IEC 97984:1995
rity, Part 4: Protecting Transfer Syntax ...
... Information, Security techniques, Entity
Specification. ...
... authentication, Part 4: Mechanisms using a
...
ISO/IEC DIS 115865 ... cryptographic check function.
...
Information technology, Open Systems In- .....
. ISO/IEC 9979:1991
terconnection, Generic Upper Layers Secu- .....
... Data cryptographic techniques, Procedures
rity: Security Exchange Service Element ...
... for the registration of cryptographic algo-
Protocol Implementation Conformance ...
... rithms.
Statement (PICS) Proforma. ...
...
...
... ISO/IEC 10116:1991
ISO/IEC DIS 115866 ...
... Information technology, Modes of opera-
Information technology, Open Systems In- ...
... tion for an n-bit block cipher algorithm.
terconnection, Generic Upper Layers Secu- ...
...
rity: Protecting Transfer Syntax Implemen- ... ISO/IEC 101181:1994
...
tation Conformance Statement (PICS) ... Information technology, Security tech-
...
...
Proforma. ... niques, Hash-functions, Part 1: General.
...
...
ISO/IEC 9796:1991 ... ISO/IEC 101182:1994
...
Information technology, Security tech- ... Information technology, Security tech-
...
niques, Digital signature scheme giving ... niques, Hash-functions, Part 2: Hash-
...
message recovery. ... functions using an n-bit block cipher
...
... algorithm.
...
ISO/IEC 9797:1994 ...
...
Information technology, Security tech- ... ISO/IEC DIS 117702
...
niques, Data integrity mechanism using a ... Information technology, Security tech-
...
cryptographic check function employing a ... niques, Key management, Part 2: Mecha-
...
block cipher algorithm. ... nisms using symmetric techniques.
...
...
ISO/IEC 97981:1991
... ISO/IEC DTR 133351
...
...
Information technology, Security tech- ... Information technology, Guidelines for the
niques, Entity authentication mechanisms, .... management of IT security, Part 1: Con-
...
...
Part 1: General model. ... cepts and models for IT security.
...
...
ISO/IEC 97982:1994 ... ISO/IEC DTR 133352
...
Information technology, Security tech- ... Information technology, Guidelines for the
...
niques, Entity authentication, Part 2: ... management of IT security, Part 2: Plan-
...
Mechanisms using symmetric encipherment ..... ning and managing IT security.
....
algorithms. ...
... ISO/IEC DTR 133353
...
ISO/IEC 97983:1993 ... Information technology, Guidelines for the
...
Information technology, Security tech- ... management of IT security, Part 3: Tech-
...
niques, Entity authentication mechanisms, ... niques for the management of IT security.
...
.

198
 List of Security Standards
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
ISO/IEC DIS 14980 .
.
... ISO/IEC 10118
...
Information technology, Code of practice ... Information Technology, Security Techniques: Hash
...
for information security management. ... Functions, Part 1: General and Part 2: Hash
...
... Functions Using an n-Bit Block Cipher Al-
ISO DIS 10118a ...
.. gorithm, International Organization for
Information Technology, Security Techniques: .....
... Standardization, 1993.
Hash Functions, International Organization ...
...
for Standardization, 1989 (Draft). ... ISO/IEC 9796
...
... Information Technology, Security Tech-
ISO DIS 10118b
...
... niques: Digital Signature Scheme Giving Message
Information Technology, Security Techniques: .....
... Recovery, International Organization for
Hash Functions, International Organization ...
... Standardization, Jul 1991.
for Standardization, April 1991 (Draft). ...
...
... ISO/IEC 9797
ISO DIS 8730 ...
... Data Cryptographic Techniques, Data In-
Banking: Requirements for Message Authentication ..... tegrity Mechanism Using a Cryptographic Check
...
(Wholesale), Association for Payment .... Function Employing a Block Cipher Algorithm,
...
Clearing Services, London, July 1987. ...
... International Organization for Standardiza-
...
ISO DIS 87311 ... tion, 1989.
...
Banking:-Approved Algorithms for Message Au- ...
... ISO/IEC JTC1/SC 21
thentication, Part 1: DEA, Association for ...
... ISO/IEC JTC1/SC 21, Amendment 1 to
...
Payment Clearing Services, London, 1987. ... ISO/IEC 95948:1995, Information Technol-
...
... ogy, Open Systems Interconnection, The Directory:
ISO DIS 87312 ...
... Authentication Framework, AMENDMENT 1:
Banking:-Approved Algorithms for Message Au- ...
... Certificate Extensions.
thentication, Part 2: Message Authenticator ...
...
Algorithm, Association for Payment ... ISO/IEC 8825
...
Clearing Services, London, 1987. ... ISO/IEC 8825: Information Technology-Open
...
...
ISO DIS 8732
... Systems Interconnection-Specification of ASN.1
...
... Encoding Rules, 1987 (also ITU-T X.690
Banking:-Key Management (Wholesale), ...
Association for Payment Clearing Services, ..... series Recommendations).
.
...
London, Dec 1987. ... ISO/IEC 95948
...
... ISO/IEC 95948: Information Technology,
ISO N179 ...
... Open Systems Interconnection, The Directory, Au-
AR Fingerprint Function, working docu- ...
... thentication Framework, 1988 (revised 1993)
ment, ISO-IEC/JTC1/SC27/WG2, In- ...
... (also ITU-T Recommendation X.509).
...
ternational Organization for Standardiza- ...
...
tion, 1992. ...
... I T U S T A N D A R D S
...
ISO N98 ...
...
Hash Functions Using a Pseudo Random Algo- ... [X.273]
..
rithm, working document, ISO-IEC/JTC1/ ..... Recommendation X.273, Information
..
SC27/WG2, International Organization for ..... technology, Open Systems Interconnection,
...
Standardization, 1992. ... Network layer security protocol (9).
...

199
List of Security Standards
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
[X.274] ...
... I E E E 1 3 6 3 S T A N D A R D
...
Recommendation X.274, Information ...
.
technology, Telecommunication and infor- ..... IEEE P1363:
...
mation exchange between systems, trans- ... Standard Specifications for Public Key
...
port layer security protocol (6). ... Cryptography.
...
...
[X.736] ...
...
Recommendation X.736, Information ... R A I N B O W S E R I E S
..
technology, Open Systems Interconnection, .....
... CSC-STD-00285
Systems management: Security alarm re- ...
... DoD Password Management Guideline, 12
porting function (6). ...
... April 1985.
...
[X.736 SUMMARY] ...
... CSC-STD-00485
Summary of Recommendation X.736, In- ...
...
formation technology, open systems inter- ... Technical Rational Behind CSC-STD-
...
... 00385: Computer Security Requirements,
connection, systems management: security ...
... Guidance for Applying the DoD TCSEC
alarm reporting function (1). ...
... in Specific Environments, 25 June 1985.
...
[X.740] ...
... NTISSAM COMPUSEC/187
Recommendation X.740, Information ...
.. Advisory Memorandum on Office Auto-
technology, Open Systems Interconnection, .....
... mation Security Guidelines.
systems management: security audit trail ...
...
function (6). ... NCSC-TG-004
...
... Glossary of Computer Security Terms, 21
[X.800] ...
.. October 1988.
Recommendation X.800, Security architec- .....
.
ture for Open Systems Interconnection for ..... NCSC-TG-005
...
CCITT applications (6). ... Trusted Network Interpretation (TNI) of
...
... the Trusted Computer System Evaluation
[X.802] ...
.. Criteria (TCSEC), [Red Book] 1987.
Recommendation X.802, Information tech- .....
...
nology, Lower layers security model (2). ... NCSC-TG-009
...
... Computer Security Subsystem Interpreta-
[X.803] ...
... tion of the TCSEC 16 September 1988.
Recommendation X.803, Information .....
... NCSC-TG-010
Technology, Open Systems Interconnec- ...
... A Guide to Understanding Security Mod-
tion, Upper layers security model (2). ...
...
... eling in Trusted Systems, October 1992.
...
... NCSCTG-011
ATM NETWORKING ...
...
STANDARDS ... Trusted Network Interpretation Environ-
...
... ments Guideline, August 1990.
...
BICI ...
... NCSC-TG-017
Broadband Intercarrier Interface. ...
... A Guide to Understanding Identification
...
PNNI ... and Authentication in Trusted Systems,
...
Public Network-to-Network Interface. ... September 1991.
...
.

200
 List of Security Standards
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
NCSC-TG-020-A .
.
... O T H E R N C S C
...
Trusted UNIX Working Group (TRU- ...
... P U B L I C A T I O N S
SIX) Rationale for Selecting Access Con- ...
...
trol List Features for the UNIX System, ...
... C1 Technical Report 001
7 July 1989. ...
... Technical Report, Computer Viruses: Pre-
...
NCSC-TG-021 ... vention, Detection, and Treatment, 12
...
Trusted Database Management System In- ..... March 1990.
....
terpretation of the TCSEC (TDI), April ...
... C Technical Report 7991
1991. ...
... Technical Report, Integrity in Automated
...
NCSC-TG-022 ... Information Systems, September 1991.
.
A Guide to Understanding Trusted Recov- .....
... C Technical Report 3292
ery in Trusted Systems, 30 December ...
...
1991. ... The Design and Evaluation of INFOSEC
...
... systems: The Computer Security Contribu-
NCSC-TG-023 ...
... tion to the Composition Discussion, June
A Guide to Understanding Security Test- ...
... 1992.
ing and Test Documentation in Trusted ...
...
Systems. ... C Technical Report 11191
...
...
NCSC-TG-024 Vol 1/4 ... Integrity-Oriented Control Objectives:
...
A Guide to Procurement of Trusted Sys- ... Proposed Revisions to the TCSEC, Octo-
...
tems: An Introduction to Procurement Ini- ..... ber 1991.
....
tiators on Computer Security Require- ... NCSC Technical Report 002
...
ments, December 1992. ... Use of the TCSEC for Complex, Evolving,
...
...
NCSC-TG-024 Vol 3/4 ... Mulitpolicy Systems.
...
A Guide to Procurement of Trusted Sys- ...
... NCSC Technical Report 003
tems: Computer Security Contract Data ...
.. Turning Multiple Evaluated Products Into
Requirements List and Data Item Descrip- .....
... Trusted Systems.
tion Tutorial, 28 February 1994. ...
...
... NCSC Technical Report 004
NCSC-TG-026 ...
... A Guide to Procurement of Single Con-
A Guide to Writing the Security Features ...
.. nected Systems, Language for RFP Specifi-
Users Guide for Trusted Systems, Septem- .....
... cations and Statements of Work, An Aid
ber 1991. ...
... to Procurement Initiators, Includes Com-
...
NCSC-TG-027 ...
... plex, Evolving, and Multipolicy Systems.
A Guide to Understanding Information ...
...
System Security Officer Responsibilities ... NCSC Technical Report 005 Volume 1/5
...
for Automated Information Systems, May ... Inference and Aggregation Issues In Secure
...
... Database Management Systems.
1992. ...
...
...
NCSC-TG-028 ... NCSC Technical Report 005 Volume 2/5
.
Assessing Controlled Access Protection, 25 ..... Entity and Referential Integrity Issues In
...
May 1992. ... Multilevel Secure Database Management.
...

201
List of Security Standards
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
NCSC Technical Report 005 Volume 3/5 ... CEC91
...
...
Polyinstantiation Issues In Multilevel ... Commission of the European Communi-
...
Secure Database Management Systems. ... ties. Information Technology Security Evaluation
...
NCSC Technical Report 005 Volume 4/5
... Criteria (ITSEC), Version 1.2, 1991.
...
...
Auditing Issues In Secure Database Man- ...
... CEC93
agement Systems. ...
... Commission of the European Communi-
...
NCSC Technical Report 005 Volume 5/5 ... ties. Information Technology Security Evaluation
...
Discretionary Access Control Issues In ... Manual (ITSEM), 1993.
...
High Assurance Secure Database Manage- ...
...
ment Systems. ... CSSC
...
... Canadian System Security Centre. The Ca-
...
... nadian Trusted Computer Product Evaluation Cri-
PUBLIC KEY ...
...
CRYPTOGRAPHIC ... teria, Version 3.0e, 1993.
...
...
STANDARD (PKCS) ... DoD 5200.28-STD
...
...
PKCS #1: ... Department of Defense (DoD) Trusted Computer
...
RSA Encryption and Signature. ... System Evaluation Criteria (TCSEC), [Orange
...
... Book], DoD 5200.28-STD, December
PKCS #3: ...
... 1985.
DiffieHellman Key Agreement. ...
...
...
PKCS #5: ... DoD 5200.28-STD
...
Password-based Encryption. ... U.S. Department of Defense. DoD Trusted
...
... Computer System Evaluation Criteria, (Orange
PKCS #6: ...
...
Extended Certificate Syntax. ... Book) DoD 5200.28-STD, 1985.
...
...
PKCS #7: ... DoD 5220.22-M
...
Cryptographic Message Syntax. ...
... U.S. Department of Defense. Industrial Secu-
...
PKCS #8: ... rity Manual for Safeguarding Classified Informa-
...
Private Key Information Syntax. ... tion, DoD 5220.22-M, June 1987.
...
...
PKCS #9: ...
... CFR 120130
Selected Attribute Syntaxes. ...
... Department of State, International Traffic in
...
PKCS #10: ... Arms Regulations (ITAR), 22 CFR 120
...
Certificate Request Syntax. ... 130, Office of Munitions Control, Nov
...
... 1989.
PKCS #11: ...
...
Abstract Token Interface API. ...
... DoT85
...
...
OTHER DOCUMENTS ... Department of the Treasury, Criteria and
...
... Procedures for Testing, Evaluating, and Certifying
...
CCEB ... Message Authentication Decisions for Federal E.F.T
..
Common Criteria for Information Technology Secu- ..... Use, Department of Treasury, 1 May
...
rity Evaluation, Version 2.0. May 1998. ... 1985.
...

202
 List of Security Standards
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
.
DoT86 ... Book3: Formal Protocol Definition, Version 1.0,
.
...
Department of the Treasury, Electronic Funds ... May 31, 1997.
..
and Securities Transfer Policy, Message Authentication .....
...
and Enhanced Security, Order No. 10609, ... SHS92
...
Department of Treasury, 2 Oct 1986. ... Proposed Federal Information Processing
...
... Standard for Secure Hash Standard, Fed-
NIST92 ...
... eral Register, v.57, n. 21,31 Jan 1992, pp.
National Institute of Standards and Tech- ...
.. 37473749.
nology & National Security Agency. Federal .....
..
Criteria for Information Technology Security, Ver- ..... TRU87 X800
...
sion 1.0, 1992. ...
... Secure Architecture for Open Systems Interconnec-
...
SET Book 3 ... tion for CCITT Applications (Recommendation
...
SET, Secure Electronic Transaction Specification ... X.800), CCITT, Geneva, 1991.
...
.

203
 LIST OF
ANNOTATED
WEB RESOURCES

........................................................................................................

APPENDIX

x
 he following collection of World Wide Web resources may interest the

T reader. I have consulted many of these sites while searching for the most
appropriate and up-to-date description of terms, and if a site seemed to
me to have potential value for the reader, I have included it in this list. The
sites are of diverse origin, from government, nonprofit organizations, and com-
mercial organizations, and they include both U.S. and international sites.
This list is by no means complete; the Web is a vast and dynamic place,
and any list will be obsolete in a short time. However, I believe this list has
staying power because many sites in the list are stable and generic, such as
www.cert.org, www.ietf.org, www.ieee.org. These URLs will not change fre-
quently, and this list of resources is quite comprehensive.
This listing is organized as follows: it is sorted alphabetically, and the name
of the resource is given in bold letters, followed by a brief description of the
contents of the site. Following these is the URL of the site. These URLs were
active at the date of this writing.

207
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
A brief history of codes and ciphers used in the Second World War
This Web site was created by Tony Sales, and it describes the history, science, and engineering
of cryptanalysis in World War II. It contains links to Enigma, original World War II docu-
ments such as the German manual for the naval use of Enigma, technical lectures by Tony
Sales, links related to Bletchley Park, including the Bletchley Park Cryptographic Dictionary,
and many other sources of historical interest.
http://www.codesandciphers.org.uk/

ACM special interest group on security audit and control

This is the home page of the special interest group on security audit and control of the
Association of Computing Machinery (ACM). ACM is the oldest and perhaps most widely
known computer science professional organization. The Web page of the special interest group
is home to many security resources.
http://www.acm.org/sigsac/#top

Advanced Computing Systems Association (USENIX)

This Web site of USENIX (Advanced Computing Systems Association) has links to various
sources of information and conferences.
http://www.usenix.org/

American National Standards Institute

This is the official Web site of the American National Standards Institute and contains access
to information on the ANSI Federation and the latest national and international standards and
related activities.
http://www.ansi.org/

An Introduction to Secure Socket Layer (SSL)

This Web site, maintained by Netscape Corporation, contains introduction, resources, and
documentation related to the Secure Sockets Layer (SSL) protocol. SSL is used on the World
Wide Web for authenticated and encrypted communication between clients and servers.
http://developer.netscape.com/docs/manuals/security/sslin/index.htm

Canadian Communications Security Establishment

This Web site is maintained by the Communications Security Establishment (CSE) of the
Canadian government with a purpose to provide information technology security (ITS) solu-
tions to the government of Canada. It has links to Canadian Common Criteria Scheme, in-
formation technology educational resources, and various other information.
http://www.cse.dnd.ca/

208
 List of Annotated Web Resources
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Cipher, An IEEE electronic newsletter of the Technical Committee on Security and
Privacy (IEEE/CS)
This Web site contains Cipher, IEEEs electronic newsletter of the Technical Committee on
Security and Privacy (IEEE/CS) and provides a past-issue archive, cipher book reviews, cipher
news briefs, a cipher readers guide to literature, and other information.
http://www.ieee-security.org/cipher.html

Common Criteria for IT Security Evaluation (CC)

This is NISTs Web site on the Common Criteria Project for IT security evaluation (CC)
and contains various CC-related documents. It also contains links to official CC Project
Web site at http://www.commoncriteria.org and the NIAP Web site at http://niap.nist.gov.
http://csrc.ncsl.nist.gov/cc

Common Data Security Architecture

This Web site is maintained by Intel and has information about Intel Common Data Security
Architecture (CDSA) including downloads, documentation, FAQs, technical information,
adopters, and specifications.
http://www.intel.com/ial/security/index.htm

Computer Emergency Response Team (CERT), Australia

This is the official site of Australian CERT. Although regional in nature, it contains a list of
downloadable security-related software and links to many technical reports, security contacts,
and other valuable information.
http://www.auscert.org.au/

Computer Emergency Response Team (CERT), Coordination Center

This is the official Web site of CERT. In addition to containing security advisories, alerts,
and incident notes, this site is a good source of technical papers and information about Internet
security. It also contains CERT statistics, current intruder trends, and many reports issued by
CERT staff related to security. A very good site, I highly recommend it for regular browsing.
http://www.cert.org/

Computer Society Institute

This Web site is maintained by the Computer Security Institute. It has links to security archives,
technical reports, news, and a host of other resources.
http://www.gocsi.com/

Cyptography organization
This Web site is maintained by Michael Paul Johnson and contains North American Cryptog-
raphy archives. In addition, it contains links to various cryptographic resources and sites.
http://cryptography.org/

209
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Cryptographic policies of countries
Crypto law survey by Bert-Jaap Koops. This page contains reports that analyze cryptographic
policies of different countries. An excellent and information-filled report with good analysis.
http://cwis.kub.nl/frw/people/koops/lawsurvy.htm

Draft of UNCITRAL Model Law for electronic commerce: issues and solutions
An article that explains proposal Draft UNCITRAL Model Law for electronic commerce and
deals with the legal issues related to the law. Written by Richard Hill and Ian Walden, this
article was published in the March 1996 issue of The Computer Lawyer.
http://www.batnet.com/oikoumene/arbunc.html

Electronic Frontier Foundation

This Web site is maintained by the Electronic Frontier Foundation (EFF), a nonprofit, non-
partisan organization with a purpose to protect fundamental civil liberties, including privacy
and freedom of expression in the arena of computers and the Internet. This site contains links
to some excellent resources and discussions.
http://www.eff.org/

European Committee for Standardization

The Web site of the European Committee for Standardization, responsible for voluntary
technical harmonization in Europe in conjunction with worldwide bodies and European part-
ners. This body also develops procedures for mutual recognition and conformity assessment
to standards. Contains information on where to obtain European standards.
http://www.cenorm.be/

Federation of American Scientists (FAS)

This Web site of the Federation of American Scientists contains papers, discussions, and
important links to a variety of topics including military analysis, special weapons, and intelli-
gence.
http://www.fas.org/

Forum of Incident Response and Security Teams

This is the official Web site of FIRST and contains information about FIRST, recent events,
conferences, contacts, and other information.
http://www.first.org/

IEEE Computer Society, Security and Privacy Section

Maintained by IEEE computer Society, this Web site provides publications center, commu-
nities, standards, career services center, and information about education and certifications.
http://www.computer.org/cspress/catalog9.htm#sec-priv

210
 List of Annotated Web Resources
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
IEEE Computer Society Technical Committee on Security and Privacy
This Web site, maintained by IEEE Computer Society Technical Committee on Security and
Privacy (TCSP), provides links to Cipher, the TCSP electronic newsletter, upcoming confer-
ences, TCSP contacts, and various reports of the society.
http://www.ieee-security.org/index.html

IEEE Standard Specifications for Public-Key Cryptography

This is the official Web site for IEEE P1363 (IEEE has now adopted it as a standard) home
page maintained by IEEE and contains Standard Specifications for Public-Key Cryptography.
The complete IEEE 1363 and other draft documents are available through this Web site.
http://grouper.ieee.org/groups/1363/

IETF Working group on Authenticated Firewall Traversal

This Web site contains a general introduction to the IETF working group on authenticated
firewall traversal.
http://www.ietf.cnri.reston.va.us/html.charters/aft-charter.html

IETF Working group on Common Authentication Technology

This Web site contains a general introduction to the IETF working group on authentication
technology.
http://www.ietf.cnri.reston.va.us/html.charters/cat-charter.html

IETF Working group on Intrusion Detection Exchange Format

This Web site contains a general introduction to the IETF working group on intrusion-
detection exchange format.
http://www.ietf.cnri.reston.va.us/html.charters/idwg-charter.html

IETF Working group on IP Security Protocol

This Web site contains a general introduction to the IETF working group on IP security
protocol.
http://www.ietf.cnri.reston.va.us/html.charters/ipsec-charter.html

IETF Working group on IP Security Policy

This Web site contains a general introduction to the IETF working group on IP security
policy.
http://www.ietf.cnri.reston.va.us/html.charters/ipsp-charter.html

IETF Working group on IP Security Remote Access

This Web site contains a general introduction to the IETF working group on IP security
remote access.
http://www.ietf.cnri.reston.va.us/html.charters/ipsra-charter.html

211
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
IETF Working group on Kerberized Internet Negotiation of Keys
This Web site contains a general introduction to the IETF working group on kerberized
Internet negotiation of keys.

http://www.ietf.cnri.reston.va.us/html.charters/kink-charter.html

IETF Working group on Kerberos WG

This Web site contains a general introduction to the IETF working group on Kerberos WG.

http://www.ietf.cnri.reston.va.us/html.charters/krb-wg-charter.html

IETF Working group on Multicast Security

This Web site contains a general introduction to the IETF working group on multicast security.

http://www.ietf.cnri.reston.va.us/html.charters/msec-charter.html

IETF Working group on an Open Specification for Pretty Good Privacy

This Web site contains a general introduction to the IETF working group on an open spec-
ification for pretty good privacy.
http://www.ietf.cnri.reston.va.us/html.charters/openpgp-charter.html

IETF Working group on One Time Password Authentication

This Web site contains a general introduction to the IETF working group on one time
password authentication.
http://www.ietf.cnri.reston.va.us/html.charters/otp-charter.html

IETF Working group on Public-Key Infrastructure (X.509)

This Web site contains a general introduction to the IETF working group on Public-Key
Infrastructure (X.509)
http://www.ietf.cnri.reston.va.us/html.charters/pkix-charter.html

IETF Working group on Securely Available Credentials

This Web site contains a general introduction to the IETF working group on securely available
credentials.

http://www.ietf.cnri.reston.va.us/html.charters/sacred-charter.html

IETF Working group on Secure Shell

This Web site contains a general introduction to the IETF working group on secure shell.

http://www.ietf.cnri.reston.va.us/html.charters/secsh-charter.html

212
 List of Annotated Web Resources
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
IETF Working group on S/MIME Mail Security
This Web site contains a general introduction to the IETF working group on S/MIME mail
security.
http://www.ietf.cnri.reston.va.us/html.charters/smime-charter.html

IETF Working group on Secure Network Time Protocol

This Web site contains a general introduction to the IETF working group on secure network
protocol.
http://www.ietf.cnri.reston.va.us/html.charters/stime-charter.html

IETF Working group on Security Issues in Network Event Logging

This Web site contains a general introduction to the IETF working group on security issues
in network event logging.
http://www.ietf.cnri.reston.va.us/html.charters/syslog-charter.html

IETF Working group on Transport Layer Security

This Web site contains a general introduction to the IETF working group on transport layer
security.
http://www.ietf.cnri.reston.va.us/html.charters/tls-charter.html

IETF Working group on Web Transaction Security

This Web site contains a general introduction to the IETF working group on Web transaction
security.
http://www.ietf.cnri.reston.va.us/html.charters/wts-charter.html

IETF Working group on XML Digital Signatures

This Web site provides a general introduction of XML digital signatures.
http://www.ietf.cnri.reston.va.us/html.charters/xmldsig-charter.html

Information about cryptology and encryption challenges

This is the official Web site of RSA Security (the organization that developed the RSA
algorithm) and is an excellent source of information related to information security in general
and cryptography in particular. In addition to security-related news, it contains information
about RSA conferences and contains pointers to RSA products and services.
http://www.rsa.com

Information about prime numbers

This page contains detailed links to information about prime numbers.
http://www.utm.edu/research/primes/

213
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Information about Secure Socket Layer (SSL)
This site is maintained by Netscape Corporation and contains draft SSL 3.0 specifications. The
Web page also contains links to additional information to aid implementation of SSL 3.0.
http://www.netscape.com/eng/ssl3

Information on Certification and Public Key infrastructure

This Web site of commercial vendors Entrust and Verisign contains good information related
to Internet security, certification, and public key infrastructure.
http://www.entrust.com
http://verisign.com

Information on IBMs Remote Access Control Facility

This site contains information about IBMs Remote Control Access Control Facility (RACF)
Software. This software is available for both the OS/390 and Z/OS operating systems. This
site contains links to a PDF file OS/390 Security Server Introduction, a good source of information
related to access control in operating systems.
http://www-1.ibm.com/servers/eserver/zseries/zos/racf/

Information on Microsofts Security

This is the Microsoft Web site related to security. It contains links to important resources for
security developers, security bulletins, and security-related columns.
http://microsoft.com/security

Information on Multics
This Web site is a good source of information about the Multics operating system. In addition
to containing a list of documents related to Multics, it contains a history of Multics, and the
name and links to Web pages of people who contributed to Multics. There are 1411 names,
510 mail addresses, 109 home pages. It also contains links to a collection of 15 select technical
papers about Multics.
http://www.multicians.org/multics.html

Information on Internet Protocol Version 6 (IPv6)

These Web site provides general information on IPv6, including IPv6 specifications and the
latest news and links.
http://www.ipv6.org/
Another good source for information on IPv6 is the Sun Microsystems site at
http://playground.sun.com/pub/ipng/html/ipng-main.html

214
 List of Annotated Web Resources
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Information related to Public Key Infrastructure
This page contains links to various sites and documents, related to Public Key Infrastructure
(PKI) and extensive links to Certification Authorities (CAs) licensed by various agencies. An
excellent source of information related to CAs.
http://www.pki-page.org/

Information Security Forum

This Web site is maintained by Information Security Forum (previously known as European
Security Forum). The Information Security Forum meets the demand for business-based so-
lutions to information security problems.
http://www.securityforum.org

Information Systems Security Association

The Web site of the Information Systems Security Association (ISSA), a nonprofit interna-
tional organization of information security professionals and practitioners, provides education
forums, publications, and peer-interaction opportunities.
http://www.issa-intl.org/

Information Security Solutions Europe

This Web site is maintained by the European Forum for Electronic Business. The link below
is of the Information Security Solutions Europe (ISSE) conference, which presents the latest
developments and concerns for IT Security, including Encryption, Data Protection, Biometrics,
Business Models for Trusted Services, Risk Management, PKI, Smart Cards, Digital Signatures,
Legal Issues.
http://www.eema.org/isse/

INFOSEC publication, European Commission

This site is published by INFOSEC, DG Information Society of the European Commission,
and contains detailed information and links related to European Trust Services (ETS) and
various other reports. The site also contains common criteria (now an international standard
IS 15408), which supersedes Information Technology Security Evaluation Criteria (ITSEC).
In addition, a report of a recent evaluation of ETS is also available at
http://www.cordis.lu/infosec/src/ets.htm.
http://www.cordis.lu/infosec/home.html

Infosyssec, The security portal for Information System Security Professionals

An excellent resource on information security. This Web site contains links to security-related
standards, reports, general interest articles, and many other resources.
www.infosyssec.net/infosyssec/secstan1.htm

215
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
Institute of Information Security
This Web site is maintained by the Institute of Information Security and provides a forum
to discuss security-related issues and links to extensive resources, newsletters, education, and
archives.
http://www.instis.com/

International Association for Cryptologic Research

The official Web site of the International Association for Cryptologic Research (IACR), this
site contains information about IACR publications, conferences, membership, etc.
http://www.iacr.org/iacr/

(The) International PGP Home Page

This Web site is maintained for the promotion of PGP use and has many mirror sites around
the world. A very good source for documentation, download, FAQ, Internet links, language,
products, and services related to PGP.
http://www.pgpi.org/

International Organization for Standardization

The official site of the International Organization for Standardization (ISO), this site contains
detailed history and news about ISO9000, and other important information.
http://www.iso.ch/

International Telecommunication Union

This is the home page of the International Telecommunication Union (ITU) and contains
links and information related to telecommunication technology, regulations and standards
information. Publications can be purchased through the ITU Publications Online subscription
service.
http://www.itu.int/home/index.html

Internet Research Task Force

The home page of the Internet Research Task Force (IRTF) provides an overview of IRTF
and links to the Internet Engineering Task Force (IETF) and Internet Society (ISOC). The
IRTF is managed by the IRTF Chair in consultation with the Internet Research Steering
Group (IRSG).
http://www.irtf.org/

Introduction to Cryptographic Standards

This site is a pointer to an article by Richard Ankney that introduces cryptographic standards.
http://chacs.nrl.navy.mil/ieee/cipher/standards/cipher-crypto-stds.html

216
 List of Annotated Web Resources
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Introduction to Elliptic Curve Cryptography
This Web site is maintained by Integrated Sciences Incorporated, and the page (see the address
below) contains an excellent (though general) introduction to elliptic curve cryptography. The
concepts are explained with graphs, and the site also contains links to research papers and other
sources related to password verification.
http://world.std.com/dpj/elliptic.html

Java Cryptography Architecture

This server is maintained by Sun Microsystems and contains detailed technical information on
Java cryptography architecture, API specifications, and reference.
http://java.sun.com/products/jdk/1.1/docs/guide/security/CryptoSpec.html

Keyed hash functions for message authentication

The site for IBM research contains pointers to some excellent papers. A list of papers related
to keyed hash functions for message authentication are available at
http://www.research.ibm.com/security/keyed-md5.html.

List of all RFCs

This site is the IETF repository for Internet Requests for Comments (RFCs). The RFCs can
be obtained by RFC number. The site also contains a complete index of RFCs. The site itself
does not have an index or search feature, but these features are available at the RFC Editor
Web page.
http://ietf.org/rfc.html

National Institute of Standards and Technology (NIST)

This site contains information about a variety of computer security issues, products, and
research of concern to federal agencies, industry, and users. This site is run and maintained by
NISTs Computer Security Division as a service to the computer security and IT community.
http://csrc.ncsl.nist.gov/

National Cryptologic Museum

This is the official Web site of the National Cryptologic Museum and is maintained by the
National Security Agency.
http://www.nsa.gov/museum/

National Security Agency

This is the official Web site of the U.S. National Security Agency (NSA).
http://www.nsa.gov

217
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
National Security Institutes Security Resource Net
The National Security Institutes Web site is an excellent resource for Internet security. This
site contains industry and product news, computer alerts, travel advisories, a calendar of events,
a directory of products and services, and access to an extensive virtual security library.
http://nsi.org/

Navys Center for High Assurance Computing Systems

This is the home page of the Center for High Assurance Computer Systems, within the
Information Technology Division of the Naval Research Laboratory. The Center for High
Assurance Computing Systems conducts interdisciplinary research and development in security-
related systems. This site contains links to government and security-related Web servers; of
particular interest are downloadable copies of High Assurance Workshop Reports.
http://chacs.nrl.navy.mil/main_fra.html.

NISTs Advanced Encryption Standard (AES) Development Effort

This Web site contains a Draft Federal Information Processing Standard (FIPS) for the AES
for public review and comment. The site also contains important links including links to pages
for public comments to the Rijndael (AES) algorithm, an AES discussion forum, and archived
AES home pages.
http://csrc.nist.gov/encryption/aes/

NISTs Computer Security Publications

This is an excellent site that contains links to the NIST computer security resources clearing-
house Web server, Rainbow series publications, FIPS, special publications, interagency reports,
ITL bulletins, POSIX, and other miscellaneous resources.
http://csrc.ncsl.nist.gov/publications.html

PKCS set of documents

The Web site of RSA Security contains documents PKCS#1 through PKCS#11 for download.
Here is a list of document names and the corresponding URL.
ftp://ftp.rsa.com/pub/pkcs/ps/

PKCS #1: RSA Encryption and Signature

This Web site contains an introduction to the RSA encryption standard.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-1.ps

PKCS #3: DiffieHellman Key Agreement

Introduction to the DiffieHellman key agreement standard.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-3.ps

218
 List of Annotated Web Resources
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
PKCS #5: Password-based Encryption
Introduction to password-based encryption standards.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-5.ps

PKCS #6: Extended Certificate Syntax

Introduction to extended certificate syntax standards.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-6.ps

PKCS #7: Cryptographic Message Syntax

ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-7.ps

PKCS #8: Private Key Information Syntax

Introduction to private key information syntax.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-8.ps

PKCS #9: Selected Attribute Syntaxes

Introduction to selected attribute syntaxes.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-9.ps

PKCS #10: Certificate Request Syntax

Introduction to certificate request syntax.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-10.ps

PKCS #11: Abstract Token Interface API

Introduction to abstract token interface API.
ftp://ftp.rsa.com/pub/pkcs/ps/pkcs-11.ps

Quantum Cryptography
This paper by Gilles Brassard, of McGill University, provides an extensive annotated bibli-
ography of papers on quantum cryptography and related topics.
http://www.cs.mcgill.ca/crepeau/CRYPTO/Biblio-QC.html

Rainbow Series Library

This Web site contains a listing and links to the documents in the Rainbow series. Documents
are available in text, postscript, and PDF format. It also contains a postscript gzip archive.
www.radium.ncsc.mil/tpep/library/rainbow/

Resource for Computer Threat and Vulnerability

This site is maintained by Internet Security Systems and contains excellent information and
literature about computer threats and vulnerabilities, news about latest vulnerabilities, patches,

219
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
and other information. The security alerts and virtual library are extensive and useful. The
search options on the main page provide capabilities to search by product, platform, and
months.

http://xforce.iss.net/

Resource on Mac-Crypto (Macintosh Cryptography)

This Web site provides Macintosh Crypto Web resources and contains links to past crypto
conferences of 2001, 1998, 1997, 1996.

http://www.vmeng.com/mc/

SANS Institute
This is the Web site of the SANS (System Administration, Networking, and Security) Institute,
a cooperative research and training organization. It contains excellent resources related to
Internet security.

http://www.sans.org/

Secure Electronic Marketplace for Europe

This Web site is maintained by Secure Electronic Marketplace for Europe (SEMPER) and the
Web site http://www.semper.org/sirene/ maintained by SIRENE (SIcherheit in REchner-
NEtzen / Security in Computer Networks) and an excellent source of information and standards
in computer network security. SIRENE is a loosely collaborating group of researchers from
different organizations with a common interest in security and privacy. Information on electronic
commerce, payment systems, and security is available at

http://www.semper.org/sirene/outsideworld/ecommerce.html#syst
http://www.semper.org/

Security-related news and information

This site is an on-line news service organized by SC Magazine and a global security portal.
Key links associated with a reported news item direct the reader to further relevant sources of
information.

http://www.infosecnews.com/

Simple Key management for Internet Protocols (SKIP)

This Web site contains information about SKIP: Simple Key management for Internet Pro-
tocols, including technical specifications, the latest news and items about SKIP, interoperati-
bility testing, and technical papers.

http://skip.incog.com/

220
 List of Annotated Web Resources
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...
Software Industry Issues: Digital Signatures
This Web site is maintained by Software Industry organization. The URL of the page given
below contains comprehensive information about digital signature laws, reference material,
commercial sites, vendor CPSs, and other encryption and privacy information.
http://www.softwareindustry.org/issues/1digsig.html#sl

SRI technical report on UNIX security

This site contains the Stanford Research Institute (SRI) report Improving the Security of
Your UNIX System by David A. Curry. The report has some very useful information related
to security of UNIX systems.
www.sri.ucl.ac.be/SRI/documents/unix-secure

The IETF Security Area

This Web page represents the security area of the IETF. This page contains links to Security
Area Working Group Web pages and other status information related to security.
http://web.mit.edu/network/ietf/sa/

The UK ITSEC scheme

This is the official Web site of the UK Information Technology Security Evaluation & Cer-
tification Scheme and contains a good description of assurance levels for software products
and guidelines in achieving them. The site also has a list of certified products, a collection
documents, and latest news releases.
http://www.itsec.gov.uk/

Theory and practice related to random number generation

This server is maintained by a team of mathematicians and computer scientists led by Peter
Hellekalek at the University of Salzburgs mathematics department and contains links to tests,
literature, news, and software related to random number generation.
http://random.mat.sbg.ac.at/

Useful Resources on ASN.1

This Web site maintained by OSS Nokalava, a New Jersey, USA-based company, contains
excellent information about ASN.1 including questions and answers, glossary, and reference
books.
http://www.oss.com/asn1/index.html

U.S. federal guidelines for searching and seizing computers

This site is maintained by EPIC and contains U.S. federal guidelines for searching and seizing
computers. EPIC has made an analysis of this document, available from http://cpsr.org

221
List of Annotated Web Resources
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
/cpsr/privacy/epic/guidelines_analysis.txt. A printed version appears in the Bureau of Na-
tional Affairs publication Criminal Law Reporter, Vol. 56, No. 12 (December 21, 1994).
http://www.epic.org/security/computer_search_guidelines.txt

Virus Bulletin
This is the home page of the Virus Bulletin and contains information on developments in the
field of computer viruses and antivirus products.
http://www.virusbtn.com/

Web site of Internet Engineering Task Force

This is the official Web site of the Internet Engineering Task Force (IETF). It contains a host
of information related to IETF purpose and mission, activities, working groups, etc. In addition
it contains links to Internet drafts and Internet Request for Comments.
http://www.ietf.org

Workshop on Selected Areas in Cryptography (SAC)

This Web site contains information on workshops on Selected Areas in Cryptography (SAC)
and has links and papers of SAC 99 through SAC 94.
http://adonis.ee.queensu.ca:8000/sac/

World Wide Web Consortium

The official site of World Wide Web Consortium (W3C) contains W3C news and links
to information about W3C technologies. W3C develops specifications, guidelines, software,
and tools to use the full potential of the Web for information, commerce, communication, and
collective understanding. An excellent site to keep up to date related to Web standards and
technologies.

222
 BIBLIOGRAPHY

hy add a bibliography to a dictionary? Internet security is passing

W from its adolescence to adulthood. Its literature is rich and is

growing every day. The goal of preparing this bibliography is to
stress the importance of some excellent references available as books, techni-
cal reports, research papers, and government documents. A separate list pro-
vides published standards and RFCs.
This bibliography does not document the evolutionary or historical record
of Internet security; it is also not an attempt to cite the works of established
researchers or specific organizations. Several of these documents were refer-
enced while I formulated the most appropriate description of a term. For any-
thing that was unclear I consulted with the experts on the Technical Advisory
Committee to come up with the final description. Some valuable references
may not be explicitly cited in the description of terms, but these are listed in
the bibliography due to their relevance and inherent importance to the field
of Internet security. An interested reader should scan through these titles for
references of interest.

BOOKS

AJM93 A.J. Menezes. Elliptic Curve Public Key Cryptosystem, Kluwer Academic Publishers,
Boston, 1993.
AJM97 A.J. Menezes, P.C. Van Oorschot, and S.A. Vanstone. Handbook of Applied Cryptog-
raphy. CRC Press, Boca Raton, FL, 1997.
AK81 A. Konheim. Cryptography: A Primer, John Wiley & Sons, 1981.
AR97 A. Rubin, D. Geer, and M. Ranum. Web Security Sourcebook. Wiley, New York,
1997.
AT87 A. Tanenbaum. Operating Systems: Design and Implementation, Prentice Hall, Engle-
wood Cliffs, NJ, 1987.

223
Bibliography
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
AT88 A. Tanenbaum. Computer Networks, Prentice Hall, Englewood Cliffs, NJ, 1988.
BP91 B. Plattner, C. Lanz, H. Lubich, M. Muller, T. Walker. X.400 Message Handling:
Standards, Interworking, Applications, Addison-Wesley, Reading, MA, 1991.
BS00 B. Schneier, Secrets and Lies, Wiley, New York, 2000.
BS96 B. Schneier. Applied Cryptography: Protocols, Algorithms, and Source Code in C, Wiley,
New York, 1996.
CK95 C. Kaufman, R. Perlman, and M. Speciner. Network Security: Private Communications
in a Public World, Prentice Hall, Englewood Cliffs, NJ, 1995.
CM82 C. Meyer and S. Matyas. Cryptography: A New Dimension in Computer Data Security,
Wiley, New York, 1982.
CO91 T. Cormen, C. Leiserson, and R. Rivest, Introduction to Algorithms, MIT Press,
Cambridge, MA, 1991.
CP89 C. Pfleeger. Security in Computing, Prentice Hall, Englewood Cliffs, NJ, 1989.
CP97 C. Pfleeger. Security in Computing. Prentice Hall, Englewood Cliffs, NJ, 1997.
CS89 C. Stoll. The Cuckoos Egg: Tracing a Spy Through the Maze of Computer Espionage, Dou-
bleday, New York, 1989.
CS91 C. Sandler, T. Badgett, and L. Lefkowitz. VAX Security, Wiley, New York, 1991.
DA97 D. Atkins, P. Buis, C. Hare, R. Kelley, C. Nachenberg, A.B. Nelson, P. Philips,
T. Ritchey, T. Sheldon, and J. Snyder. Internet Security. New Riders, Indianapolis,
IN, 2nd edition, 1997.
DAC92 D.A. Curry. Unix System Security. Addison-Wesley, Reading, MA, 1992.
DC95 D. Chapman and E. Zwicky. Building Internet Firewalls, OReilly & Associates, Inc.,
Sebastopol, CA, 1995.
DC00 D. Comer. Internetworking with TCP/IP, Volume I: Principles, Protocols and Architecture.
Prentice Hall, Englewood Cliffs, NJ, 2000.
DD89 D. Davies and W. Price. Security for Computer Networks. Wiley, New York, 1989.
DED82 D.E. Denning and E.R. Dorothy. Cryptography and Data Security, Addison-Wesley,
Reading, MA, 1982.
DEK69 D.E. Knuth., The Art of Computer Programming: Seminumerical Algorithms, Volume 2,
Addison-Wesley, Reading, MA, 1969.
DF92 D. Ferbrache. A Pathology of Computer Viruses. Springer-Verlag, London, 1992.
DG99 D. Gollmann. Computer Security. Wiley, New York, 1999.
DK67 D. Kahn. The Codebreakers: The Story of Secret Writing, Macmillan, New York, 1967.

224
 Bibliography
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

DP93 D. Piscitello and A.L. Chapin. Open Systems Networking: TCP/IP and OSI, Addison-
Wesley, Reading, MA, 1993.
DR91 D. Russel, and G.T. Gangemi. Computer Security Basics, OReilly & Associates, Inc.,
Sebastopol, CA, July 1991.
DWD84 D.W. Davies and W.L. Price. Security for Computer Networks, Wiley, New York,
1984.
FC94 F. Cohen. A Short Course on Computer Viruses. Wiley, New York, 1994.
GM97 G. McGraw and E.W. Felten. Java Security. Wiley, New York, 1997.
GD72 Gerrold, David, When Harlie Was One, Ballantine Books, New York, 1972. The
first edition.
HFG56 H.F. Gaines. Crypatnalysis, Dover, New York, 1956.
JAC89 J.A. Cooper. Computer and Communications Security: Strategies for the 1990s, McGraw-
Hill, New York, 1989.
JF99 J. Feghhi, J. Feghhi and P. Williams. Digital Certificates: Applied Internet Security.
Addison-Wesley, Reading, MA, 1999.
JM94 J. McLean. Security models. In J. Marciniak, editor, Encyclopedia of Software Engi-
neering. Wiley, New York, 1994.
JS89 J. Seberry and J. Pieprzyk. Cryptography: An Introduction to Computer Security, Prentice
Hall, Englewood Cliffs, NJ, 1989.
MG88 M. Gasser. Building a Secure Computer System, Van Nostrand Reinhold, New York,
1988.
NL96 N. Lynch, Distributed Algorithms, Morgan Kauffman, San Francisco, 1996.
PRZ95 P.R. Zimmerman. The Official PGP Users Guide, MIT Press, Cambridge, MA,
1995.
RF91 R. Farrow. UNIX System Security: How to Protect Your Data and Prevent Intruders,
Addison-Wesley, Reading, MA, 1991
RP92 R. Perlman. Interconnections: Bridges and Routers, Addison-Wesley, Reading, MA,
1992.
RS97a R. Summers. Secure Computing: Threats and Safeguards, McGraw-Hill, New York,
1997.
RS97b R. Smith. Internet Cryptography. Addison-Wesley, Reading, MA, 1997.
RSA97 RSA Data Security, Inc. Government Encryption Standard DES Takes a Fall.
RSA Data Press Release, June 17, 1997.
SB96 S. Bradner and A. Mankin. IPng: Internet Protocol Next Generation. Addison-Wesley,
Reading, MA, 1996.

225
Bibliography
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
SG96 S. Garfinkel and G. Spafford. Practical Unix & Internet Security. OReilly & Associ-
ates, Sebastopol, CA, 2nd edition, 1996.
SG97 S. Garfinkel and G. Spafford. Web Security & Commerce. OReilly and Associates,
Cambridge, MA, 1997.
SL84 S. Levy. Hackers: Heroes of the Computer Revolution, Doubleday, New York, 1984.
ST92 Bruce Sterling, The Hacker Crackdown: Law and Disorder on the Electronic Frontier, Ban-
tam Books, New York, 1992.
TB91 T. Beth, M. Frisch, and G. Simmons, eds. Public Key Cryptography: State of the Art
and Future Directions. Springer-Verlag, New York, 1991.
TM92 T. Madron. Network Security in the 90s: Issues and Solutions for Managers, Wiley, New
York, 1992.
WC94 W. Cheswick and S. Bellovin. Firewalls and Internet Security: Repelling the Wily Hacker.
Addison-Wesley, Reading, MA, 1994.
WF94 W. Ford. Computer Communications Security: Principles, Standard Protocols, and Techniques,
Prentice Hall, Englewood-Cliffs, NJ, 1994.
WF97 W. Ford and M. Baum. Secure Electronic Commerce: Building the Infrastructure for Digital
Signatures and Encryption, Prentice Hall, Englewood Cliffs, NJ, 1997.
WJ00 W. Jansen and T. Karygiannis, NIST Special Publication 80019Mobile Agent Security.
WRC94 W.R. Cheswick and S.M. Bellovin. Firewall and Internet Security. Addison-Wesley,
Reading, MA, 1994.
WS93 W. Stevens, Advanced Programming in the Unix Environment, Addison-Wesley, Read-
ing, MA, 1993.
WS94 W. Stevens. TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley, Reading,
MA, 1994.

CONFERENCE PROCEEDINGS AND JOURNALS

AB82 A. Birrell, R. Needham, and M. Schroeder. Grapevine: An exercise in distributed

computing, Communications of the ACM, Vol 25 #4, April 1992.
ADB86 A.D. Birrell, B.W. Lampson, R.M. Needham, and M.D. Schroeder. A global
authentication service without global trust, Proceedings of the 1986 IEEE Symposium
on Security and Privacy, IEEE Computer Society Press, Oakland, CA, April 1986,
pp. 223230.
AJ97 A. Jurisic and A. Menezes. Elliptic curves and cryptography. Dr. Dobbs Journal,
April 1997.
AR97 A. Rubin. An experience teaching a graduate course in cryptography. Cryptologia,
April 1997.

226
 Bibliography
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

AS88 A. Shimizu and S. Miyaguchi. Fast data encipherment algorithm FEAL, Advances
in Cryptography-Eurocrypt 87, Lecture Notes in Computer Science, Vol 304,
Springer-Verlag, Berlin, 1988.
BAL91 B.A. LaMacchia and A.M. Odlyzko. Computation of discrete logarithms in
prime fields, Designs, Codes, and Cryptography, 1, 1991, pp. 4662.
BBE92 Bennett, C.H., G. Brassard, and A. K. Ekert. Quantum cryptography, Scientific
American, October 1992, pp. 5057.
BD89 B. Den Boer. Cryptanalysis of FEAL, Advances in Cryptology-Eurocraft 88, Lecture
Notes in Computer Science, Vol 330, Springer-Verlag, Berlin, 1989.
BD92 B. Den Boer and A. Bosselaers. An Attack on the last two rounds of MD4,
Advances in CryptologyCRYPTO 91 Proceedings, Springer-Verlag, Berlin, 1992,
pp. 194203.
BL73 B. Lampson. A note on the confinement problem, Communications of the ACM, Vol
16 #10, October 1973, pp. 613615.
BL74 B. Lampson. Protection, ACM Operating Systems Review, Vol 8 #1, January 1974,
pp. 1824.
BL91 B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distrib-
uted systems: theory and practice, Proceedings of the 13th ACM Symposium on Operating
System Principles, October 1991.
BSK88 B.S. Kaliski, R. Rivest, and A. Sherman. Is the data encryption standard a
group? (results of cycling experiments on DES), Journal of Cryptology, Vol 1,
1988, pp. 336.
CB93 C. Boyd. Multisignatures revisited, Cryptography and Coding III, M.J. Ganley, ed.,
Clarendon Press, Oxford, 1993, pp. 2130.
CC98 Christian Collberg, Clark Thomborson, and Douglas Low. Manufacturing cheap,
resilient, and stealthy opaque constructs. In SIGPLAN-SIGACT POPL98. ACM
Press, San Diego, CA, January 1998.
CCITT Recommendations X. 509: The Directory: Authentication Framework, 1989. CCITT Blue
Book, Volume VIII, Fascicle VIII.8.
CEL94 C.E. Landwehr, A.R. Bull, J.P. McDermott, and W.S. Choi. A taxonomy of
computer program security flaws, with examples. ACM Computing Surveys, 26 (3),
1994.
CF84 Cohen, Fred, Computer viruses: theory and experiments, Proceedings of the 7th
National Computer Security Conference, pp. 240263, 1984.
CI90 C. IAnson and C. Mitchell. Security defects in CCITT recommendation X.509:
the directory authentication framework. Computer Communications Review, April
1990.

227
Bibliography
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
CN97 C. Nachenberg. Computer virusantivirus corevolution. Communications of the
ACM, January 1997.
CS48 C. Shannon. A mathematical theory of communication, Bell System Journal, Vol 27,
1948, pp. 379423 and 623656.
DB85 D. Baleson. Automated distribution of cryptographic keys using the financial in-
stitution key management standard, IEEE Communications, Vol 23 #9, September
1985, pp. 4146.
DC87 D.R. Clark and D.R. Wilson. A comparison of commercial and military com-
puter security policies. Proceedings of the 1987 IEEE Symposium on Security and Privacy,
pp. 184194, 1987.
DC94 D. Coppersmith. The data encryption standard (DES) and its strength against
attacks. IBM Journal of Research and Development, May 1994.
DCF89 D.C. Feldmeier and P.R. Karn. UNIX password securityten years later,
Advances in CryptologyCRYPTO 89 Proceedings, Springer-Verlag, Berlin.
DD84 D. Davis, R. Ihaka, and P. Fenstermacher. Cryptographic randomness from air
turbulence in disk drives, Advances in CryptologyCRYPTO 94, Lecture Notes in
Computer Science #839, Springer-Verlag, New York, 1984.
DEB96 D.E. Bell and L.J. LaPadula. Mitre technical report 2547 (secure computer sys-
tem): Volume II. Journal of Computer Security, 4 (2/3) pp. 239263, 1996.
DED76 D.E. Denning. A lattice model of secure information flow, Communications of the
ACM, Vol 19 #5, May 1976, pp. 236243.
DED81 D.E. Denning and G.M. Sacco. Timestamps in key distribution protocols, Com-
munications of the ACM, Vol 24 #8, August 1981, pp. 533536.
DED88 D.E. Denning, T.F. Lunt, R.R. Schell, W.R. Shockley, and M. Heckman. The
SeaView security model. In Proceedings of the 1988 IEEE Symposium on Security and
Privacy, pp. 218233, 1988.
DF90 D. Framer and E.H. Spafford. The COPS security checker system. In The Summer
Usenix Conference, Anaheim, CA, 1990.
DF92 D. Ferraiolo and R. Kuhn. Role-based access controls, Proceedings Volume II, 15th
National Computer Security Conference, 1992.
DFCB D.F.C. Brewer and M.J. Nash. The Chinese wall security policy. In Proceedings of
the 1989 IEEE Symposium on Security and Privacy, pp. 206214, 1989.
DMR79 Dennis M. Ritchie. The evolution of the Unix time-sharing system. Language Design
and Programming Methodology Conference, Sydney, Australia, September 1979. The con-
ference proceedings were published as Language Design and Programming Methodology,
Lecture Notes in Computer Science #79, Springer-Verlag, New York, 1980. Re-
printed in AT&T Bell Laboratories Technical Journal 63 No. 6 Part 2, October 1984,
pp. 15771593.

228
 Bibliography
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

DO87 D. Otway and O. Rees. Efficient and timely authentication, Operating Systems
Review, Vol 21 #1, January 1987, pp. 810.
DSS91 Proposed federal information processing standard for digital signature standard
(DSS), Federal Register, v. 56, n. 169, 30 Aug 1991, pp. 4298042982.
DSS94 Approval of federal information processing standards publication 186, digital
signature standard (DSS), Federal Register, v. 58, n. 96, 19 May 1994, pp. 26208
26211.
EB91 E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems,
Journal of Cryptology, Vol 4 #1, 1991, pp. 372.
EB92 E. Biham and A. Shamir. Differential cryptanalysis of Snefru, Khafre, REDOC-
II, LOCI, and Lucifer, Advances in CryptologyCRYPTO 91 Proceedings, Springer-
Verlag, Berlin, 1992.
EB93 E. Biham and A. Shamir. Differential cryptanalysis of the full 16-round DES,
Advances in CryptologyCRYPTO 92 Proceedings, Springer-Verlag, Berlin, 1993.
FH73 F. Hapgood. The computer hackers, Harvard Magazine, October 1973, pp. 2629
and 46.
FIPS92 Proposed reaffirmation of federal information processing standard (FIPS) 461,
data encryption standard (DES), Federal Register, v. 57, n. 177, 11 Sep 1992,
p. 41727.
FIPS94 Proposed revision of federal information processing standard (FIPS) 180, secure
hash standard, Federal Register, v. 59, n. 131, 11 July 1994, pp. 3531735318.
GB90 G. Brassard and C. Crepeau. Sorting out zero-knowledge, Advances in Cryptology
EUROCRYPT 89 Proceedings, Springer-Verlag, New York, 1990, pp. 181191.
GP79 G. Popek and C. Kline. Encryption and secure computer networks. ACM Comput-
ing Surveys, December 1979.
HSJ91 H.S. Javitz and A. Valdes. The SRI IDES statistical anomaly detector. In Proceed-
ings of the 1991 IEEE Symposium on Research in Security and Privacy, pp. 316326,
1991.

HV89 H. Vaccaro and G. Liepins. Detection of anomalous computer session activity.

Proceedings of the IEEE Symposium on Research in Security and Privacy, May 1989.
JA92 J. Adam. Virus threats and countermeasures. IEEE Spectrum, August 1992.
JAG82 J.A. Goguen and J. Meseguer. Security policies and security models. In Proceedings
of the 1982 IEEE Symposium on Security and Privacy, pp. 1120, 1982.
JB93 J. Boyar, C. Lund, and R. Peralta. On the communication complexity of zero-
knowledge proofs, Journal of Cryptology, v. 6, n. 2, 1993, pp. 6585.

229
Bibliography
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
JD00 J. Daemen and V. Rijmen, The block cipher Rijndael, Smart Card Research and
Applications, LNCS 1820, J.-J. Quisquater and B. Schneier, eds., Springer-Verlag,
New York, 2000, pp. 288296.
JD01 J. Daemen and V. Rijmen. Rijndael, the advanced encryption standard. Dr. Dobbs
Journal, Vol 26, No. 3, March 2001, pp. 137139.
JGS88 J.G. Steiner, C. Neuman, and J.I. Schiller. Kerberos: an authentication service for
open network systems, Proceedings of the USENIX Winter Conference, February 1988,
pp. 191202.
JJT91 J.J. Tardo and K. Algappan. SPX: global authentication using public key certif-
icates, Proceedings of the 1991 IEEE Symposium on Security and Privacy, May 1991,
pp. 232244.
JK97 J. Kephart, G. Sorkin, D. Chess, and S. White. Fighting computer viruses. Scien-
tific American, November 1997.
JL90 J. Linn. Practical authentication for distributed computing, IEEE Symposium on Se-
curity and Privacy, Oakland, CA, May 1990.
JM87 J. McLean. Reasoning about security models. In Proceedings of the 1987 IEEE Sym-
posium on Security and Privacy, pp. 123131, 1987.
JM90 J. McLean. The specification and modeling of computer security. IEEE Computer,
23 (1) pp. 916, January 1990.
JM93 John C. Munson and Taghi M. Kohshgoftaar. Measurement of data structure
complexity. Journal of Systems Software, 20:217225, 1993.
KI93 K. Ilgun. USTAT: a real-time intrusion detection system for UNIX. Proceedings, 1
993 IEEE Computer Society Symposium on Research in Security and Privacy, May 1993.
LB86 L. Blum, M. Blum, and M. Shub. A simple unpredictable pseudo-random num-
ber generator, SIAM Journal on Computing, Vol 15 #2, 1986.
LG88 L. Guillou and J. Quisquater. A practcal zero-knowledge protocol fitted to
security microprocessor minimizing both transmission and memory, Advances in
CryptologyEUROCRYPT 88, Springer-Verlag, Berlin, 1988.
LG97 L. Gong, M. Mueller, H. Prafullchandra, and L. Schemers. Going beyond the
sandbox: an overview of new security architecture in the Java Development
Kit 1.2. In USENIX Symposium on Internet Technologies and Systems, Monterey, CA,
December 1997.
LL81 L. Lamport. Password authentication with insecure communication, Communica-
tions of the ACM, Vol 24 #11, November 1981, pp. 770772.
MA87 M. Abrams, S. Jajodia, and H. Podell,. eds. Information Security: An Integrated Collec-
tion of Essays. IEEE Computer Society Press, Los Alamitos, CA, 1995.

230
 Bibliography
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

MB90 M. Burrows, M. Abadi, and R.M. Needham. A logic of authentication, ACM

Transactions on Computer Systems, Vol 8 #1, February 1990, pp. 1836.
MB94 M. Blaze. Protocol failure in the escrowed encryption standard, Proceedings of the
Second ACM Conference on Computer and Communications Security, November 1994.
MB96 M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. Proceedings
of IEEE Symposium on Security and Privacy, May 1996, pp. 164173.
MEH78 M.E. Hellman. An overview of public-key cryptography, IEEE Transactions on
Communications, Vol 16 #6, November 1978, pp. 2432.
MEH79 M.E. Hellman. DES will be totally insecure within ten years, IEEE Spectrum, Vol
16, 1979, pp. 3239.
MEH81 M.E. Hellman and R.C. Merkle. On the security of multiple encryption, Commu-
nications of the ACM, Vol 24, 1981, pp. 465467.
MG89 M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed
system security architecture, Proceedings of the 12th National Computer Security Confer-
ence, NIST/NCSC, October 1989, pp. 305319.
MG90 M. Gasser and E. McDermott. An architecture for practical delegation in a dis-
tributed system, 1990 Symposium on Security and Privacy.
MOR80 M.O. Rabin. Probabilistic algorithm for primality testing, Journal of Number Theory,
Vol 12, 1980, pp. 128138.
MS83 M. Schroeder, A. Birrell, and R. Needham. Experience with Grapevine: the
growth of a distributed system, ACM Transactions on Computer Systems, Vol 2 #1,
February 1984.
NAT91 National Research Council, System Security Study Committee, Computers at Risk:
Safe Computing in the Information Age, National Academy Press, Washington, D.C.,
1991.
NIST91 National Institute of Standards and Technology, Glossary of Computer Security Ter-
minology. NISTIR4659, 1991.
NK87 N. Koblitz. Elliptic curve cryptosystems, Mathematics of Computation, 48(177),
1987, pp. 203209.
PD90 P. Denning, ed. Computers Under Attack: Intruders, Worms, and Viruses, ACM Press,
Addison-Wesley, Reading, MA, 1990.
PJ95 P. Janson and G. Tsudik. Secure and minimal protocols for authenticated key
distribution, Computer Communications Journal, 1995.
PW89 P. Wallich, Quantum cryptography, Scientific American, May 1989, pp. 2830.
RB93 R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung.
Systematic design of a family of attack-resistant authentication protocols,
IEEE Journal on Selected Areas in Communications, Vol 11 #5, June 1993, pp. 679
693.

231
Bibliography
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
RH94 R. Hauser, P. Janson, R. Molva, G. Tsudik, and E. Van Herreweghen. Robust
and secure password/ key change method, Proc. of the Third European Symposium on
Research in Computer Security (ESORICS), Lecture Notes in Computer Science,
Springer-Verlag, Berlin, November 1994, pp. 107122.
RJA98 R.J Anderson and F.A.P. Petticolas. On the limits of stenography. IEEE Journal on
Selected Areas in Communications, 16 (4) pp. 474481, February 1998.
RJR84 R.R. Jueneman, S.M. Matyas, and C.H. Meyer. Message authentication with ma-
nipulation detection codes, Proceedings of the 1983 Symposium on Security and Privacy,
IEEE Computer Society Press, 1984, pp. 3354.
RKT93 R.K. Thomas and R.S. Sandhu. A kernelized architecture for multilevel secure
object-oriented databases supporting write-up. Journal of Computer Security, 2 (2, 3)
pp. 231275, February 1993.
RL94 R. Lee and J. Israel. Understanding the role of identification and authentication in
NetWare 4, Novell Application Notes, Vol 5 #10, October 1994, pp. 2751.
RLR78 R.L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signa-
tures and public-key cryptosystems, Communications of the ACM, Vol 21 #2, Feb-
ruary 1978, pp. 120126.
RLR90 R.L. Rivest. The MD4 message digest algorithm. Proceedings, CRYPTO 90, August
1990, Springer-Verlag, New York, 1990.
RLR91 R.L. Rivest. The MD4 message digest algorithm, Advances in Cryptology-CRYPTO
90 Proceedings, Lecture Notes in Computer Science 537, Springer-Verlag, New
York, 1991, pp. 303311.
RLR94 R.L. Rivest. The RC5 encryption algorithm. Proceedings, Second International Workshop
on Fast Software Encryption, December 1994, Springer-Verlag, New York, 1995.
RLR95 R.L. Rivest. The RC5 encryption algorithm. Dr. Dobbs Journal, January 1985.
RM78 R. Merkle. Secure communication over insecure channels, Communications of the
ACM, Vol 21, April 1978, pp. 294299.
RM79 R. Morris and K. Thompson. Password security: a case history, Communications of
the ACM, Vol 22, November 1979, pp. 594597.
RM90 R. Merkle. A fast software one-way hash function, Journal of Cryptology, Vol 3 #1,
1990, pp. 4358.
RM92 R. Molva, G. Tsudik, E. Van Herreweghen, and S. Zatti. KryptoKnight authen-
tication and key distribution system, European Symposium on Research in Computer
Security, 1992, pp. 155174.
RM97 R. MacGregor, C. Ezvan, L. Liguori, and J. Han. Secure Electronic Transactions: Credit
Card Payment on the Web in Theory and Practice. IBM RedBook SG24497800,
1997. Available at www.redbooks.ibm.com/SG244978.

232
 Bibliography
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

RMD178 R.M. Davis. The data encryption standard in perspective, IEEE Communications So-
ciety Magazine, Vol 1 #6, 1978, pp. 59.
RMN78 R.M. Needham and M.D. Schroeder. Using encryption for authentication in
large networks of computers. Communications of the ACM, 21 (12) pp. 993999,
1978.
RMN87 R.M. Needham and M.D. Schroeder. Authentication revisited, Operating Systems
Review, Vol 21 #1, January 1987, p. 7.
RO97 R. Oppliger. Internet security: firewalls and beyond. Communications of the ACM,
May 1997.
RRJ85 R.R. Jueneman, S.M. Matyas, and C.H. Meyer. Message authentication, IEEE
Communications, Vol 23 #9, September 1985, pp. 2940.
RS77 R. Solovay and V. Strassen. A fast Monte-Carlo test for primality, SIAM Journal
on Computing, Vol 6., March 1977, pp. 8485.
RSS 96 R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-based access
control models. IEEE Computer, 29 (2) pp. 3847, February 1996.
RSS93 R.S. Sandhu. Lattice-based access control models. IEEE Computer, 26 (11)
pp. 919, November 1993.
SA83 S. Akl. Digital Signatures: a tutorial survey. Computer, February 1983.
SAB94 S.A Brands. Untraceable off-line cash in wallet with observers, Advances in
CryptologyCRYPTO 93, Springer-Verlag, New York, 1994, pp. 302, 318.
SC92 S. Chokhani. Trusted product evaluations. Communications of the ACM, 35 (7)
pp. 6476, July 1992.
SF93 S. Fumy and P. Landrock. Principles of key management. IEEE Journal on Selected
Areas in Communications, June 1993.
SF97 S. Forrest, S. Hofmeyr, and A. Somayaji. Computer immunology. Communications
of the ACM, October 1997.
SGS92 S.G. Stubblebine and V.D. Gligor. On message integrity in cryptographic proto-
cols, IEEE Symposium on Research on Security and Privacy, Oakland, CA, May 1992,
pp. 85104.
SGS93 S.G. Stubblebine and V.D. Gligor. Protecting the integrity of privacy-enhanced
electronic mail with DES-based authentication codes, PSRG Workshop on Network
and Distributed Systems Security, San Diego, CA, February 1993.
SH81 Sallie Henry and Dennis Kafura. Software structure metrics based on informa-
tion flow. IEEE Transactions on SoftwareEngineering, 7(5):510518, September 1981.
SM88 S. Miyaguchi, A. Shiraishi, and A. Shimizu. Fast data encryption algorithm
Feal-8, Review of Electrical Communications Laboratories, Vol 36 #4, 1988, pp. 433
437.

233
Bibliography
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
SMB89 S.M. Bellovin. Security Problems in the TCP/IP protocol suite. ACM Computer
Communications Review, 19 (2) pp.3248, April 1989.
SMB90 S.M. Bellovin and M. Merrit. Limitations of the Kerberos authentication system,
Computer Communications Review, Vol 20 #5, October 1990, pp. 119132.
SMB92a S.M. Bellovin and M. Merrit. Encrypted key exchange: password-based protocols
secure against dictionary attacks, Proceedings of the IEEE Computer Society Symposium on
Research in Security and Privacy, Oakland, CA, May 1992, pp. 7284.
SMB92b S.M. Bellovin. There be dragons, UNIX Security Symposium III, Baltimore, MD,
September 1992, pp. 116.
SMB93 S.M. Bellovin and M. Merrit. Augmented encrypted key exchange, Proceedings of
the First ACM Conference on Computer and Communications Security, November 1993,
pp. 244250.
SMB94 S.M. Bellovin and W. Cheswick. Network firewalls. IEEE Communications Magazine,
September 1994.
SS91 S. Snapp et al. A system for distributed intrusion detection. Proceedings,
COMPCON Spring 91, 1991.
SW83 S. Wiesner, Conjugate coding, Sigact News, Vol 15, No. 1, 1983, pp. 7888;
original manuscript written circa 1970.
TE85 T. ElGamal. A public key cryptosystem and a signature scheme based on discrete
logarithms, IEEE Transactions on Information Theory, Vol 31, 1985, pp. 469472.
TFL90 T.F. Lunt, D.E. Denning, R.R. Schell, M. Heckman, and W.R. Shockley. The
SeaView security model. IEEE Transactions on Software Engineering, 16 (6) pp. 593
607, 1990.
TM76 T. J. McCabe. A complexity measure. IEEE Transactions on Software Engineering, 2(4)
pp. 308320, December 1976.
TM97 T. Markham. Internet security protocol. Dr. Dobbs Journal, June 1997.
UF87 U. Fiege, A. Fiat, and A. Shamir. Zero knowledge proofs of identity, Proceedings of
the ACM Symposium on the Theory of Computing, ACM Press, New York, 1987,
pp. 210217.
VP96 Vir V. Phoha, Rajesh C. Phoha, and Marvin Rosenstein. Control issues in net-
work security. Annual Review of Communications 1996 vol. 49 pp. 617622.
VP98 Vir V. Phoha and Aaron W. Lingbeck. Denial-of-service attacks on the Internet.
Annual Review of Communications 1998, vol. 52 pp. 691693.
VP00 Vir V. Phoha. Internet vulnerabilities: exploitation of BIND and named vulnera-
bilities involving buffer overflows. Annual Review of Communications 2000 vol. 53
pp. 696699.

234
 Bibliography
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

VV V. Varadharajan. A security reference model for a distributed object system and

its application, Proceedings, 15th National Computer Security Conference, 1992.
WD76a W. Diffie and M.E Hellman. A critique of the proposed Data Encryption Stan-
dard, Communications of the ACM, vol 19 #3, 1976, pp. 164165.
WD76b W. Diffie and M.E. Hellman. New directions in cryptography, IEEE Transactions
on Information Theory, Vol 22 #6, 1976, pp. 644654.
WD77 W. Diffie and M.E. Hellman. Exhaustive cryptanalysis of the NBS Data Encryp-
tion Standard, Computer, Vol 10 #6, 1977, pp. 7484.
WD79 W. Diffie and M.E. Hellman. Privacy and authentication: an introduction to
cryptography, Proceedings of the IEEE, Vol 67 #3, March 1979, pp. 397427.
WD88 W. Diffie. The first ten years of public-key cryptography, Proceedings of the IEEE,
Vol 7 #5, May 1988, pp. 560577.
WF95 W. Ford. Advances in public-key certificate standards. ACM SIGSAC Review, July
1995.
WH81 Warren A. Harrison and Kenneth I. Magel. A complexity measure based on
nesting level. SIGPLAN Notices, 16(3), pp. 6374, 1981.
WVE85 Wim van Eck. Electromagnetic radiation from video display units: an eavesdrop-
ping risk? Computers & Security 4, 1985, pp 269286. Elsevier Science Publishers
B.V. North-Holland.
YD86 Y. Desmedt and A.M. Odlyzko. A chosen text attack on the RSA cryptosystem
and some discrete logarithm schemes, Advances in CryptologyCRYPTO 85 Proceed-
ings, Vol 218 of Lecture Notes in Computer Science, Springer-Verlag, Berlin,
1986, pp. 516521.

TECHNICAL REPORTS

ADB84 A.D. Birrell. Secure Communication Using Remote Procedure Calls, CSL-TR 842,
Xerox Corporation, Palo Alto Research Center, September 1984.
AS81 A. Shamir. On the Generation of Cryptographically Strong Pseudo-Random Sequences,
Department of Applied Mathematics, The Weizmann Institute of Science,
Rehovot, Israel, 1981
BSK93 B.S. Kaliski and S.A.Burton. Laymans Guide to a Subset of ASN.1, BER and DER,
Technical Note, revised November 1, 1993.
CF85 Cohen, Fred, Computer Viruses, Ph.D. Dissertation, University of Southern Califor-
nia, 1985.
DEB73a D.E. Bell and L.J. LaPadula. Secure Computer Systems: Mathematical Foundations, Report
ESD-TR-73275, MITRE Corp., Bedford, MA, 1973.

235
Bibliography
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
...
..
DEB73b D.E. Bell, and L.J. LaPadula. Secure Computer Systems: A Mathematical Model, Report
MTR-2547, MITRE Corp., Bedford, MA, 1973.
DEB74a D.E. Bell and L.J. LaPadula. Secure Computer Systems: Mathematical Foundations and
Model, M74244, MITRE Corp., Bedford, MA, October 1974.
DEB74b D.E. Bell and L.J. LaPadula. Secure Computer Systems: A Refinement of the Mathe-
matical Model, Report ESD-TR-73278, MITRE Corp., Bedford, MA, 1974.
DEB76 D.E. Bell and L.J. LaPadula. Secure Computer Systems: Unified Exposition and Multics
Interpretation, Report ESD-TR-75306, MITRE Corp., Bedford, MA, 1976
ECMAa European Computer Manufacturers Association. Commercially-Oriented Functionality Class
for Security Evaluation (COFC). Technical Report ECMA 205, December 1993.
ECMAb European Computer Manufacturers Association. Secure Information Processing Versus
the Concept of Product Evaluation. Technical Report ECMA TR/64, December
1993.
EHS88 E.H. Spafford. The Internet Worm Program: An Analysis, Purdue Technical Report
CSC-TR-823, Purdue University, November 1988.
ES91 Eugene H. Spafford, The Internet Worm Incident, Purdue Technical Report CSD-
TR-933, West Lafayette, IN 479072004, 1991. Also available from cite-
seer.nj.nec.com/spafford91internet.html.
HE92 H. Eberle. A High-Speed DES Implementation for Network Applications, Digital Systems
Research Center, Technical Report #90, Palo Alto, CA, September 1992.
ISP97 DoD 5200.1-R, Information Security Program January 1997. (Appendix F: Equivalent
Foreign Security Classifications: contains equivalent security classifications of many
countries). Also available from http://www.fas.org/irp/doddir/dod/5200-
1r/appendix_f.htm.
KJB77 K.J. Biba. Integrity Considerations for Secure Computer Systems, ESD-TR-76372,
USAF Electronic Systems Division, Bedford, MA, April 1977.
MG76 M. Gasser. A Random Word Generator for Pronounceable Passwords, Mitre Corp, Bed-
ford, MA, Report MTR-3006, November 1976.
MOR79 M.O. Rabin. Digitized Signatures and Public Key Function as Intractable as Factorization,
MIT Laboratory for Computer Science, Technical Report 212, January 1979
OG96 The Open Group, Generic Cryptographic Service API (GCS-API), 1996.
RP88 R. Perlman. Network Layer Protocols with Byzantine Robustness, MIT Laboratory for
Computer Science Technical Report #429, October 1988.
SM87 S. Miller, B. Neuman, J. Schiller, and J. Saltzer. Kerberos Authentication and Authori-
zation System, Project Athena Technical Plan, Section E.2.1, MIT Project Athena,
Cambridge, MA, December 1987.

236
 Bibliography
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
...
...

SM88 S. Miller, B. Neumann, J. Schiller, and J. Saltzer. Kerberos Authentication and Authori-
zation System. Section E.2.1, Project Athena Technical Plan, MIT Project Athena, Cam-
bridge, MA. 27 October 1988.

WEB ARTICLES

CPS Certification Practices Statement, verisign, 1996.

http://www.verisign.com/repository/cps
CS96 C. Semeria. Internet Firewalls and Security. 3ComCorp., 1996.
http://www.3com.com
GB94 G. Brassard. A Bibliography of Quantum Cryptography.
http://www.cs.mcgill.ca/crepeau/CRYPTO/Biblio-QC.html

237
 INDEX

...
...
A ... accuracy 5, 62
...
... ACL 5
A1 3, 11, 12, 15, 35, 53 ...
... active 5, 26, 32, 95, 99, 141
A5 3 ...
... active attack 5
Abstract Syntax Notation 1 3 ...
... active threat 5, 99, 141
...
access 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 15, 16, 21, ...
... add-on security 5
22, 34, 27, 30, 33, 34, 35, 37, 40, 41, 43, ...
... address mask 5, 90, 125
46, 47, 51, 52, 53, 56, 58, 61, 62, 64, 70, ...
... administrative security 5
79, 79, 80, 83, 84, 86, 88, 90, 91, 95, 99, ...
... address resolution 5, 7, 111, 114, 234
...
100, 102, 103, 106, 111, 112, 114, 115, 117, ...
... Address Resolution Protocol 5, 7, 111, 114,
118, 119, 120, 121, 123, 124, 125, 126, ...
... 151, 234
130, 132, 133, 138, 140, 142 ...
... Advanced Encryption Standard 6, 51, 66, 114,
access control 3, 4, 154, 156, 158, 11, 12, 21, ...
... 151
22 30, 35, 40, 56, 79, 81, 83, 84, 88, 91, ...
... Advanced Research Project Agency 6, 7, 152
...
102, 103, 111, 115, 120, 121, 126 ... adversary 6, 26, 46, 62, 70, 103, 108
...
access control list 4, 151 ...
advisory 6, 12, 158, 233
...
access control mechanism 4, 56, 81, 84 ...
... AES 6, 51, 114, 151
access control set 4 ...
... AFIWC 6, 151
...
access level 4 ... Air Force Information Warfare Center 6, 151
...
access list 4 ... ALC 5
...
access mode 4 ...
... alert 6, 27, 51
access period 4 ...
... alternative COMSEC custodian 6
...
access profile 4 ... American National Standards Institute 6, 151
...
access type 4, 142 ... American Standard Code for Information
...
accessible space 4 ... Interchange 6
...
accountability 4, 28, 30, 43, 62, 63 ...
... ankle-biter 7
...
accounting legend code 4, 43, 151 ... anomaly detection model 7
...
accounting number 4 ... anonymous electronic cash 7
...
accreditation 4, 16, 17, 120, 154 ... ANSI 7, 46, 151
...
accreditation package 4, 17 ... antijam 7, 151
...
...
accrediting authority 4, 37, 38 ... antispoof 7
..

239
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
API 7, 26, 151 ... B
...
applet 7, 73, 83, 117, 133 ...
...
... B1 3, 11
application layer 7 ...
... B2 3, 11, 38
application program interface 7, 7, 151 ...
... B3 3, 11, 38
ARP 7, 107, 151 ...
... backbone 11
ARPA 7, 27, 151 ...
... back door 11, 27, 115
ARPANET 6, 7, 37, 85, 90, 151 ...
...
ASCII 7, 49, 104, 152 ... background authentication 11
...
... backup 11, 30, 75, 77, 102, 114, 126
ASN.1 7, 49, 108 ...
... banner 11, 117
assurance 7, 23, 29, 32, 53, 61, 62, 63, 80, ...
... baseband 11
112, 139, 230 ...
... bastion host 11
asymmetric cryptography 7, 107 ...
... Bell-La Padula security model 11
Athena 7, 75 ...
...
attack 5, 6, 7, 13, 15, 20, 27, 35, 37, 38, 41, ... benign data 11
...
43, 45, 46, 53, 58, 62, 70, 75, 79, 83, 89, ... benign environment 12
...
... bespoke 12, 25
90, 99, 101, 103, 104, 108, 112, 113, 118, ...
... beyond A1 12, 53
121, 123, 141, 154 ...
... Biba model 12
attention character 8 ...
... binding 12, 48
audit 8, 17, 28, 30, 77, 87 ...
...
audit log 8 ... biometric device 12
...
audit record 8 ... biometrics 12
...
audit trail 8, 77, 87 ... Black 12, 111
...
... block encryption 12, 20, 21, 46, 111
authenticate 8, 12, 19, 27, 28, 51, 57, 61, 77, ...
... boot sector virus 12
81, 85, 96, 101, 121, 134 ...
... bot 13
authentication 7, 8, 11, 17, 19, 28, 30, 32, 33, ...
...
35, 36, 41, 51, 54, 62, 63, 69, 70, 75, 77, ... boundary 13, 28, 52, 64, 120, 121
...
83, 85, 103, 108, 118, 120, 123, 124, 130, ... bridge 13, 36, 64, 113, 115, 125
...
134, 154, 156, 157 ... broadband 11, 13
...
authentication header 8 ... broadcast 6, 9, 13, 20, 87, 106, 123
...
... browsing 5, 13
authentication system 7, 8, 75 ...
... BSD 13, 152
authenticator 8, 103, 131 ...
...
authenticity 5, 8, 17, 26, 40 ... bucket brigade attack 13
...
authorization 4, 8, 11, 23, 32, 64, 64, 80, 84, ... buffer overflow 13, 61
...
106, 111, 115 ... bug 3, 14, 120
...
authorized vendor 8, 9, 131 ... bulk encryption 14
...
Authorized Vendor Program 8, 131, 152 ... Byzantine fault 14
...
auto-manual system 9, 151 ...
...
...
automated security monitoring 9 ...
...
automatic home agent discovery 9 ...
... C
automatic remote rekeying 9, 92, 112, 151 ...
...
autonomous system 9 ... C1 3, 15, 38
...
availability 9, 27, 30, 62, 70, 96 ... C2 3, 15, 30, 111, 152
...
.

240
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
C2W 15, 152 .
.
... certification authority hierarchy 17, 68
...
CA 15, 17, 41, 103, 104, 134, 152 ... certification authority workstation 16, 19
...
CAP 15, 30, 152 ... certification package 19
...
call back 15, 38 ... certification test and evaluation 19, 34, 153
...
call sign cipher 15 ... certified TEMPEST technical authority 19, 34,
...
canister 15 ... CFB 19, 63, 87, 152
...
...
capability 4, 15 ... CGI 19, 26, 43, 101, 152
...
capability list 15 ... challenge 8, 19, 57, 131
...
CAPI 15, 33 ... challenge and reply authentication 19
...
Capstone chip 15, 123 ... challenge-response 19, 131
...
captive account 15 ... Chaos Computer Club 20
...
Carnivore 15 ... checksum 16, 20, 33, 34, 58, 64, 70
...
carrier sense multiple access with collision de- ... check word 20
...
...
tect 16, 34, 153 ... Chernobyl packet 20
...
cascading 16 ... CIK 20, 84, 152
...
category 4, 16, 30, 53, 92, 120 ... CIPE 20, 34
...
catenet 16 ... cipher 3, 15, 16, 19, 20, 21, 24, 37, 97, 125,
...
CAW 16, 152 ... 131, 132, 152, 153
...
CBC 16, 20, 63, 87, 152 ... cipher block chaining 16, 20
...
...
CBC residue 16 ... cipher feedback 19, 21, 47, 152
...
CCEP 16, 25, 152 ... ciphertext 12, 16, 20, 21, 37, 47, 64, 77, 121
...
CCI 16, 30, 152 ... ciphertext autokey 21, 153
...
CCI assembly 16 ... ciphony 21
...
CCI component 16 ... circuit-level gateway 21
...
CCI equipment 16 ... CIX 21, 153
...
CCITT 16, 25, 64, 66, 143, 152 ... Clark-Wilson model 21
...
CDC 16, 41, 152 ...
... classification 11, 21, 22, 27, 29, 37, 42, 56,
...
CDSA 16, 152 ... 63, 92, 106, 115, 117, 120
...
Central Office of Record 16, 31, 43 ... classified 16, 22, 47, 62, 63, 88, 89, 96, 100,
...
CER 16, 152 .... 104, 106, 107, 115, 117, 118, 123, 133,
CERT 6, 16, 27, 152 .... 135, 137
...
certificate 12, 16, 17, 23, 32, 40, 41, 80, 103, ... classified information 22, 62, 96,
... 104, 115,
...
107, 122, 152, 153 ... 118
...
Certificate Distribution Center 16, 17, 41 ... clearance 4, 11, 22, 23, 27, 37, 79, 86, 88, 92,
...
certificate management 17, 23 ... 99, 115, 124, 126
...
Certificate Management Protocols 17, 23 ... clearing 3, 23, 83, 112
...
certificate of action statement 17 ... cleartext 23
...
certificate revocation list 17, 32, 108, 153 ... client 23, 23, 106, 107, 112, 119, 121, 129
...
certification 15, 16, 19, 17, 34, 36, 41, 103, ... Clipper 15, 23, 79, 123
...
...
108, 134, 152, 153, 154 ... Clipper chip 15, 23, 79
...
certification agent 17 ... client-server model 23
...
certification authority 15, 16, 17, 103, 152 ... CLNP 23, 153
...

241
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
closed security environment 23 ... computer forensics 27
...
... Computer Oracle and Password System 27, 31,
CMCS 23, 153 ...
...
CMP 23 ... 153
...
CMS 23 ... computer security 21, 27, 48, 54, 63, 89, 152,
...
COCOM 23, 31, 153 ... 153, 158
...
code 4, 6, 7, 8, 12, 23, 24, 32, 34, 43, 45, 46, ... computer security incident 27, 54, 153 .
...
49, 53, 61, 77, 83, 84, 85, 90, 93, 95, 96, ... computer security subsystem 27
...
101, 102, 103, 106, 126, 132, 133, 134, ... COMSEC 4, 6, 16, 17, 23, 26, 28, 28, 29, 34,
...
135, 137, 139, 141, 151, 153, 154, 158, 159 ... 36, 38, 40, 43, 46, 47, 52, 84, 96, 106, 112,
...
... 121, 125, 129, 130, 131, 132, 134, 137,
code book 24, 45, 46, 154 ...
...
code group 24, 93, 95, 126, 135 ... 152, 153, 158
...
code obfuscation 24 .
... COMSEC account 28, 29, 40, 43, 152
... COMSEC account audit 28
code signing 24 ...
...
code vocabulary 25 ... COMSEC aid 28, 29, 125
...
COI 25, 153 ... COMSEC boundary 28
...
... COMSEC chip set 28
cold start 25 ...
... COMSEC control program 28
command and control warfare 15, 25, 152 ...
... COMSEC custodian 6, 17, 28
command authority 25, 152 ...
... COMSEC end-item 28, 84, 96, 96, 130
Commercial COMSEC Endorsement ...
...
Program 16, 25 ... COMSEC equipment 28, 29, 38, 47, 129
...
... COMSEC facility 28, 52
Commercial Internet Exchange 21, 25 ...
... COMSEC incident 28
commercial off-the-shelf 25, 32 ...
... COMSEC insecurity 28
Comite Consultatif International Telephonique ...
... COMSEC manager 28
et Telegraphique 16, 25 ...
... COMSEC material 4, 16, 23, 26, 28, 40, 43,
Common Criteria 25, 63 ...
... 46, 80, 106, 121, 134
...
common data security architecture 16, 26, 152 ... COMSEC material control system 4, 23, 28,
...
common fill device 26, 36, 152 ...
... 153
common gateway interface 19, 26, 152 ...
... COMSEC modification 28
communications cover 26 ...
... COMSEC module 28
communications deception 26, 62, 84 ...
... COMSEC monitoring 29
...
communications profile 26 ... COMSEC profile 29
...
communications security 26, 28, 153 ... COMSEC survey 29
...
community of interest 25, 27, 153 ... COMSEC system data 29
...
compartmentalization 27 ...
.... COMSEC training 29
compartmented mode 27, 62 .... concept of operations 29, 153
...
compromise 5, 11, 27, 52, 70, 92, 97, 107, ... confidentiality 11, 27, 29, 33, 47, 54, 62, 64,
...
125 ... 70, 96, 103, 104, 118, 119, 132
...
compromising emanations 27, 47, 126, 129 ... configuration control 23, 29, 63, 158
...
computer abuse 27 ...
... configuration management 29, 80
...
computer cryptography 27 ... confinement 29
...
Computer Emergency Response Team 16, 27 ... confinement channel 29
...

242
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
confinement property 29, 124 .
.
... crypto-ancillary equipment 32
...
connectionless 23, 29, 29, 153 ... crypto-equipment 9, 25, 32, 49, 52, 84, 85,
...
Connectionless Network Protocol 23, 29, 153 ... 97, 101, 109, 112, 117, 122, 147
...
connection-oriented 29, 132 ... cryptographic 7, 9, 11, 16, 19, 20, 21, 23, 28,
...
CONOP 29, 153 ... 30, 33, 35, 41, 47, 54, 61, 63, 64, 69, 75,
...
contamination 29, 52 .
. 77, 84, 92, 107, 115, 117, 119, 123, 124,
....
...
contingency key 30, 113 ... 131, 135, 137, 139, 141, 152, 155, 160
...
contingency plan 30, 40, 134 ... cryptographic application programming inter-
...
controlled access point 15, 30, 152 ... face 15, 33
...
controlled access protection 3, 30, 152 .
... cryptographic checksum 33
.
controlled cryptographic item 16, 30, 135, 152 ..... cryptographic component 30, 33
...
controlled security mode 30 ... cryptographic engine 33
...
controlled sharing 31 ... cryptographic equipment room 16, 33, 152
...
controlled space 31, 138 ... cryptographic initialization 33
...
controlling authority 31, 34, 152 ... cryptographic logic 16, 20, 21, 28, 33, 47, 63,
...
...
conversation key 31, 75 ... 75
...
cookies 31 ... Cryptographic Messaging Syntax 23, 33
...
cooperative key generation 31, 97, 100, 153 ... cryptographic randomization 33
...
cooperative remote rekeying 31 ... cryptography 7, 17, 20, 27, 31, 33, 45, 46, 52,
...
Coordinating Committee for Multilateral Ex- ... 61, 75, 77, 92, 102, 106, 107, 118, 126,
...
port Controls 23, 31, 153 ... 132, 138, 154, 160
...
COPS 31, 153 ... Crypto IP Encapsulation 20, 33
...
...
COR 31, 153 ... crypto-ignition key 20, 33, 84, 152
...
correctness proof 31 ... cryptology 34
...
cost-benefit analysis 31 ... cryptonet 31, 34, 75, 77, 153
...
COTS 12, 19, 32, 92, 153 .... cryptoperiod 34
...
countermeasure 32, 79, 115, 126, 154 ... cryptosecurity 26, 34
...
covert channel 3, 29, 32, 49, 62, 97 ... cryptosynchronization 34
...
covert channel analysis 32 ... cryptosystem 8, 20, 33, 34, 40, 46, 77, 84, 85,
...
covert storage channel 32 ... 95, 96, 119, 121, 126, 131
...
covert timing channel 32 ... cryptosystem assessment 34
...
cracker 32, 57, 58, 70 ... cryptosystem evaluation 34
...
...
CRC 20, 32, 153, 153 ... cryptosystem review 34
...
CRC-32 32 ... cryptosystem survey 34
...
credentials 32 ... CSMA/CD 34, 48
...
criteria 12, 19, 30, 32, 38, 42, 53, 63, 71, 89, ... CT&E 34, 153
...
96, 115, 129, 133, 134, 134 154, 162 ... CTTA 19, 34, 153
...
critical infrastructures 32 ... cybercrud 34
...
CRL 32, 153 ... cybersquatting 34
...
...
cryptanalysis 32, 34, 132, 152 ... cybervandalism 34
...
crypto-alarm 32 ... cyclic redundancy check 34
...
crypto-algorithm 27, 32, 33 ... cyclic redundancy code 32, 34, 153
...

243
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
D ... depot maintenance 38, 54
...
... derf 38
...
D 3, 35 ...
... DES 6, 36, 38, 51, 75, 125, 154
DAA 4, 35, 154 ...
... descriptive top-level specification 38, 154
DAC 35, 154 ...
... designated accrediting authority 38
daemon process 35, 37 ...
... designated approving authority 4, 35, 37, 38,
dangling threat 35 ...
... 154
dangling vulnerability 35 ...
... design controlled spare part 38, 154
...
DARPA 6, 35, 37, 154 ...
... design documentation 38
DASS 17, 35, 41, 154 ...
.... dial back 38
data aggregation 35 .... dictionary attack 38
data-driven attack 35 ...
... Diffie-Hellman key exchange 38
...
Data Encryption Standard 35, 38, 51, 106, ... digest 20, 38, 57, 58, 64, 84, 85, 118
...
154 ...
... Digital Millennium Copyright Act 38, 41
datagram 13, 20, 29, 36, 47, 54, 55, 58, 68, ...
... Digital Music Access Technology 40, 41, 154
70, 85, 99, 100, 120, 132, 137, 138 ...
... digital signature 15, 16, 33, 40, 41, 43, 45, 46,
data integrity 33, 34, 36, 41, 69, 119 ...
... 54, 64, 104, 108, 116, 122, 154
data link layer 36, 54 ...
... Digital Signature Algorithm 15, 40, 43, 45, 46,
...
data origin authentication 36 ... 154
...
data security 16, 26, 36, 96, 107, 116, 152 ...
... Digital Signature Standard 40, 43, 154
data transfer device 36, 43, 154 ...
... DII 40, 154
DCE 36, 96, 154 ...
... directory service 25, 40, 143, 145
DDoS 36, 154, 147 ...
... direct shipment 40
decertification 36 ...
... disaster recovery plan 40
...
decipher 15, 37 ... discrete logarithm problem 40, 46, 46
...
decode 37 ... discretionary access controls 35, 40, 92
...
decryption 28, 32, 34, 35, 37, 47, 48, 77, 85, ... distinguished name 4
... 1, 125
93, 95, 96, 118, 126 ...
... Distributed Authentication Security Service 17,
dedicated mode 37, 87 ...
... 35, 41, 154
default classification 37 ...
... Distributed Computing Environment 36, 41
.
Defense Advanced Research Projects Agency 6, .... distributed denial of service 36, 41, 147, 154
....
35, 37, 154 ... DMAT 40, 41, 154
..
Defense Information Infrastructure 37, 40, 154 .... DMCA 38, 41
...
degaussing 37, 113 ... DNS 41, 89, 154
...
delegated accrediting authority 37, 38 ...
.... DNSSEC 41
delegated development program 37 .... DNS spoofing 41
...
delegation 37 ... DoD Trusted Computer System Evaluation
...
demon dialer 37 ... Criteria 12, 42, 53, 129, 133, 162
...
demon process 35, 37 ... domain 3, 23, 34, 42, 68, 70, 107, 125, 154
...
denial of service attack 37, 41, 43, 52, 147 ...
... Domain Name System 23, 41, 42, 154
...
dependability 37 ... dominate 25, 42
...
dependence 16, 38 ... dongle 8, 43
...

244
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
.
.
DoS 37, 43, 147 ... embedded cryptography 47
...
DOS 6, 43 ... emissions 47, 62, 139
...
dotted decimal notation 43, 66 ... emissions security 47
...
download 7, 43, 83, 114 ... encapsulating security payload 47, 48, 155
...
drop accountability 43 ... encapsulation 20, 33, 47, 114, 120, 135
...
DSA 15, 40, 43, 46, 104, 154 ... encipher 15, 21, 37, 47, 125
...
...
DSS 43, 154 ... encode 37, 47
...
DTD 43, 154 ... encrypt 3, 12, 23, 27, 33, 41, 46, 46, 47, 64,
...
dynamic web page 43 ... 75, 76, 77, 93, 103, 104, 106, 111, 118,
...
... 121, 124, 125, 126, 131, 132, 155
...
... encrypt/decrypt/encrypt 46, 47, 155
...
... encryption algorithm 21, 47, 48, 61, 64, 111,
E ...
... 123, 124, 125, 156
...
eavesdrop 12, 19, 45, 100, 115, 124, 131, ...
... end-item accounting 47
141 ...
... endorsed for unclassified cryptographic item 47
EBCDIC 6, 45, 154 ...
... endorsement 16, 25, 47, 152, 162
ebXML 45, 154 ...
.... end system 47, 64, 121, 125, 132
ECB 45, 87, 154 ...
... end-to-end encryption 47, 80
ECC 45, 154 ...
... end-to-end security 47
ECDSA 40, 45, 155 ...
... entity 9, 28, 47, 61, 95, 113, 167
...
ECHELON 45 ... entrapment 48
...
EDE 46, 155 ... environment 12, 13, 15, 19, 21, 22, 23, 27, 29,
...
EES 15, 46, 155 ...
... 35, 36, 41, 48, 58, 62, 64, 89, 91, 92, 96,
EGP 46, 49, 155 ...
... 102, 112, 117, 123, 126, 131, 134, 145,
EKMS 46, 80, 155 ...
... 154, 162
electronically generated key 46, 77 ...
... EPL 48, 49, 155,
...
electronic code book 45, 46, 154 ... erasure 48, 108
...
Electronic Digital Signature Act 46 ... escrow 15, 23, 46, 48, 54, 75, 77, 155
...
Electronic Signature Directive 46 ... Escrow Encryption Standard 46, 48, 155
...
Electronic Key Management System 46, 155 ...
... escrow service 48
electronic messaging services 46 ...
... E-Sign Act 46, 48
electronic signature 46 ...
... ESP 48, 155
...
electronic wallet 46 ... Ethernet 5, 6, 16, 20, 48, 68, 84, 106, 131,
...
electronic warfare 6, 46, 49, 155, 25, ... Euclidean algorithm 48
...
ElGamal 40, 46 ... Evaluated Products List 48, 155
...
elliptic curve cryptography 45, 46, 154 ... Event 8, 35, 49, 62, 103, 122, 129, 130, 134,
...
elliptic curve digital signature algorithm 45, 46, .... 160
...
155 ... EW 49, 155
...
elliptic curve discrete logarithm 46 ... executive state 49, 126
...
emanations 27, 46, 121, 126, 129, 162 ...
... exercise key 49
...
embedded computer 46 ... exploitable channel 32, 49
...
embedded cryptographic system 46 ... exploder 49
...

245
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
export 23, 31, 49, 66, 135, 141, 153 ... formal 3, 4, 27, 37, 38, 53, 62, 84, 86, 88,
...
Extended Binary Code Decimal Interchange ... 99, 106, 126, 127, 134, 139, 155
...
...
Code 45, 49, 154 ... formal access approval 27, 37, 53, 86, 88, 99,
...
Exterior Gateway Protocol 46, 49 ... 126
...
External Data Representation 49, 143, 163 .
... formal development methodology 53
...
extraction resistance 49 ... formal proof 53
...
... formal security policy model 53
...
... formal top-level specification 38, 53, 155
...
F ... formal verification 54
...
... form factor 54
...
fail safe 51 ...
... FORTEZZA card 33, 54
fail secure 51 ...
... Forum of Incident Response and Security
fail soft 51 ...
... Teams 52, 54
failure access 51 ...
... fragmentation 54, 84
failure control 51 ...
... frame 45, 54, 61, 69, 70, 108, 143
...
false negative 51 ... frequency hopping 54,
... 124
false positive 51 ...
... front-end security filter 54
Federal Information Processing Standard 35, ...
... FTP 52, 54, 107, 123, 155
51, 52, 54, 135, 155 ...
.... full maintenance 38, 54, 80
Federal Internet Exchange Points 51, 52, 155 ...
... functional proponent 54
fetch protection 52 ...
... functional testing 54
file protection 52 ...
...
file security 52, 104 ...
...
File Transfer Protocol 52, 54, 129, 133, 155, ...
...
... G
162 ...
...
fill device 26, 36, 52, 147, 152, 155 ... gateway 9, 16, 19, 20, 21, 26, 46, 49, 52, 55,
...
filter 52 ... 61, 64, 67, 83, 100, 115, 115, 152, 155, 156
...
fingerprint system 52 .
.... GCD 55, 155
FIPS 35, 36, 52, 54, 135, 155 .... Generic Security Service Application
...
FIREFLY 52 ... Programming Interface 55, 56
...
...
firewall 11, 21, 54, 56, 58, 91, 99, 134 ... Global System for Mobile Communications
.
firmware 5, 27, 28, 29, 33, 38, 48, 52, 63, 83, ..... 55, 56
...
92, 119, 133 ... granularity 3, 56
...
FIRST 52 ... greatest common divisor 48, 56, 155
...
fishbowl 52 ... group 6, 15, 23, 26, 41, 46, 54, 56, 61, 67,
...
FIX 52, 155 ... 69, 87, 90, 93, 95, 96, 120, 121, 123, 124,
...
...
fixed COMSEC facility 52 .... 126, 130, 135, 151, 156, 162
flaming 52 ... GSM 3, 55, 56
...
...
flaw 14, 32, 48, 52, 62, 119 ... GSS-API 55, 56
flaw hypothesis methodology 52 .... GSS-IDUP 55
...
...
flooding 37, 52 ... guard 4, 4, 28, 28, 47, 49, 56, 79, 117, 120,
...
fork bomb 53 ... 134, 138
...

246
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
H .
.
... IESG 61, 68, 156
...
... IETF 61, 67, 69, 122, 156
hacker 57, 58, 70, 118, 123 ...
... IFCC 61
hacking 57 ...
... IGP 61, 64, 96, 115, 156
hacking run 57 ...
... IKE 61, 156
...
handprint system 57 ... IMAP vulnerability 61
...
handshaking procedures 57 ...
... imitative communications deception 26, 62, 84
hard copy key 57 ...
... impersonation 62, 85
hardwired key 57 ...
... implant 62
hash 15, 38, 57, 58, 84, 85, 115, 117, 118, ...
... implementation 3, 23, 29, 31, 33, 54, 62, 69,
121, 133, 161 ...
... 79, 83, 96, 100, 119, 123, 131, 140
...
hashing 58 ... import 62
...
hash total 58 ... inadvertent disclosure 62
...
hashword 58 ...
... Ina Jo 62
header 8, 47, 54, 58, 70, 84, 99, 120, 141 ...
... incident 27, 28, 52, 54, 62, 107, 152, 153
high-risk environment 58 ...
... incomplete parameter checking 62
high-threat environment 58 ...
... indicator 62, 80, 85, 126, 151, 158
...
high water mark 58 ... individual accountability 30, 62
...
hoax virus 58 ... inference channel 62
...
honey pot 52, 58 ...
... information assurance 7, 61, 62, 79, 112, 139,
hop 54, 58, 124 ...
.. 156
host 5, 7, 9, 11, 13, 16, 23, 27, 30, 37, 42, 47, ..... information assurance red team 62, 112
..
52, 55, 58, 66, 68, 80, 85, 87, 90 100, 102, .... information environment 62
...
103, 114, 124, 129, 131, 134 ...
... information flow chart 62
human safety 59, 63 ...
... information label 62
...
... information level 63
...
... information operations 6, 25, 63, 70, 156
...
... information system 3, 6, 12, 25, 27, 28, 38,
I ...
... 58, 61, 63, 70, 71, 80, 89, 91, 111, 115,
...
IA 61 ...
... 119, 126, 127, 129, 151, 154, 156, 158,
IAB 61, 67, 69, 156 ...
... 159, 161
IANA 61, 67, 156 ...
... information system security 28, 63, 71, 91,
...
ICMP 61, 67, 102, 123, 156 ... 129, 151, 155, 156, 158, 159, 161
...
IDEA 61, 64, 104, 156 .... information system security equipment modifi-
identification 12, 17, 61, 63, 75, 77, 101, 102, ....
... cation 63, 28
...
113, 123, 131, 134, 134, 156, 156, 157, 160 ... information system security manager 63, 71,
...
identity token 61 ... 157
...
identity validation 61 ... information system security officer 63, 71, 91,
...
IDIOT 61, 156 ... 157
...
IEEE 46, 48, 61, 156 ... information system security product 63, 155
...
IEEE 1363 standard for public-key ... Information Technology Security Evaluation
...
cryptography 61 ... Criteria 63, 71
...
..

247
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
information warfare 6, 25, 63, 112, 151, 157 ... Internet Control Message Protocol 61, 67, 156
...
INFOSEC 8, 27, 34, 37, 49, 54, 63, 88, 103, ... internet datagram 36, 68
...
...
106, 107, 126, 131, 154, 155, 156, 160 ... Internet Engineering Steering Group 61, 68,
...
initialization vector 20, 63, 71, 157 ... 156
...
initialize 63 ... Internet Engineering Task Force 61, 68, 156
...
inspectable space 4, 63, 147 ... internet fragment 68, 132
...
Institute of Electrical and Electronics Engi- ... Internet Fraud Complaint Center 68
...
neers 61, 64, 156 ... internet key exchange 61, 68, 156
...
...
integrated services digital network 64, 70, 157 ... Internet Network Information Center 68, 70,
...
integrity 4, 5, 8, 12, 16, 20, 21, 25, 27, 33, ... 156
...
34, 36, 40, 41, 47, 54, 62, 64, 69, 70, 85, ... Internet Policy Registration Authority 19, 68,
...
88, 92, 96, 103, 119, 125, 126, 131, 132, ... 70, 156
...
135, 158, 162 ... internetwork private line interface 68
...
integrity check value 64 ... Internet Protocol 5, 8, 52, 66, 67, 69, 70, 91,
...
interface 7, 11, 19, 26, 64, 68, 80, 87, 90, 99, ... 92, 114, 121, 122, 123, 132, 156, 161
...
...
102, 106, 108, 115, 123, 131, 132, 134, ... Internet Protocol Next Generation 69, 70, 156
...
138, 151, 152, 155, 156, 157, 158, 161, ...
...
162 ... internet protocol security 47, 69, 70, 156
...
interface control document 64 ... Internet Relay Chat 69, 70, 156
...
interim approval 64 ... Internet Research Task Force 67, 69, 70, 156
...
Interior Gateway Protocol 61, 64, 115, 156 ... Internet Security Association and Key Manage-
...
intermediary 64, 75, 130, 134 ... ment Protocol 69, 70, 156
...
...
intermediate system 11, 64, 113, 115, 125 ... Internet worm 27, 70
...
International Data Encryption Algorithm 61, ... InterNIC 68, 70, 156
...
64, 156 ... intruder 37, 70, 101, 117, 121
...
International Organization for Standardiza- .... intrusion 7, 11, 51, 61, 70, 88, 102, 122, 138,
...
tion 66, 70, 157 ... 156, 158
...
International Telecommunications Union 25, ... intrusion detection 7, 51, 61, 70, 122, 138,
...
66, 71, 157 ... 156
...
International Traffic in Arms Regulations 66, .
... Intrusion Detection in Our Time 61, 70, 156
...
71 .... IO 70, 107, 156
...
internet 5, 7, 8, 9, 16, 19, 17, 21, 25, 27, 29, ... IP 5, 7, 12, 20, 33, 42, 43, 45, 47, 52, 54, 55,
...
36, 42, 48, 47, 49, 52, 55, 58, 61, 64, 66, ... 67, 68, 69, 70, 75, 85, 87, 88, 99, 100,
...
67, 68, 70, 75, 80, 85, 86, 88, 90, 91, 92, ... 120, 121, 123, 124, 132, 138, 156
...
96, 99, 100, 102, 106, 112, 113, 114, 115, .
... IP datagram 70, 99, 100, 120, 47, 54, 68
.
...
118, 121, 122, 123, 125, 129, 131, 132, ... IPng 69, 70, 156
...
138, 153, 155, 156 ... IPRA 19, 70, 156
...
Internet Activities Board 66, 67 ... IPsec 47, 68, 70
...
Internet address 5, 42, 66, 69, 114, 125 ... IP splicing 70
...
Internet Architecture Board 61, 66, 67 ... IP spoofing 70, 123
...
Internet Assigned Number Authority 61, 67, ... IPv6 66, 69, 70
...
... IRC 70,
156 ... 156
..

248
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
iron box 70 .
.
... keyboard attack 75
...
IRTF 67, 70, 156 ... key card 75, 84
...
IS 70, 79, 81, 83, 86, 88, 90, 92, 99, 106, ... key distribution center 75, 75, 151, 157
...
111, 114, 119, 120, 122, 124, 126, 129 ... key encryption key 75, 77, 124
...
ISAKMP 70, 156, 70 ... key escrow 54, 75, 77
...
ISDN 64, 70, 157 ... key list 57, 77
...
...
ISO 3, 66, 70, 96, 123, 143, 157 ... key management 46, 52, 69, 70, 77, 167
...
ISO OSI 36, 70 ... keying material 28, 31, 77, 107, 112, 113, 135,
...
ISS 71, 157 ... 138
...
ISSM 71, 157 ... key pair 40, 77, 84
...
ISSO 71, 157 ... key production key 77, 157
...
ITAR 66, 71, 157 ... key stream 2
... 1, 77, 95, 96, 112, 112
...
ITSEC 71 ... keystroke monitoring 77
...
ITU 25, 64, 71, 143, 157 ... keystroke system 77
...
IV 20, 71, 97 ... key recovery 77
...
... key tag 77
...
... key tape 57, 77
...
... key updating 77
J ...
...
...
Java sandbox 73, 85, 117 ...
...
Java Virtual Machine 73, 85, 157 ...
...
...
JIVA 73, 157 ... L
...
Joint Intelligence Virtual Architecture 73, 157 ...
...
JVM 73, 157 ... label 3, 4, 16, 21, 22, 42, 62, 79, 88, 102,
...
... 113, 117, 118, 120, 121, 124
...
... labeled security protections 79
...
... laboratory attack 79, 108
K ...
... Law Enforcement Access Field 48, 79, 157
...
kamikaze packet 20, 75 ... LEAF 48, 79, 157
...
KDC 75, 75, 111, 130, 134, 157 ... leapfrog attack 79
...
...
KEK 75, 124, 157 ... least privilege 21, 79
...
Kerberize 75 ... letter bomb 79
...
Kerberos 7, 75, 111, 130 ... level of protection 30, 79
...
key 6, 7, 12, 16, 17, 20, 25, 28, 28, 30, 31, ... life-cycle assurance 80
...
32, 33, 35, 38, 40, 46, 46, 47, 49, 52, 54, ... limited maintenance 54, 80, 96
...
57, 61, 63, 64, 68, 69, 75, 77, 79, 80, 83, ... line conditioning 80
...
...
87, 92, 96, 97, 100, 101, 106, 107, 111, ... line conduction 80
...
112, 113, 114, 117, 120, 121, 123, 126, ... link encryption 80
...
129, 131, 134, 137, 139, 147, 167 ... list-oriented 80, 130
...
key archive 75, 77 ... LMD/KP 80, 157
...
key-auto-key 75, 157 ... local address 80
...
key backup 75, 77 ... local authority 80
...
..

249
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
Local Management Device/Key Processor 80, ... memory scavenging 84
...
...
157 ... Menezes-Qu-Vanstone key agreement
...
lock and key protection system 80 ... scheme 84, 87, 158
...
logical completeness measure 80 ... message 5, 8, 12, 13, 16, 17, 20, 21, 23,
...
logic bomb 79, 81, 83, 101 ... 28, 37, 38, 46, 47, 49, 52, 54, 57, 58, 61,
...
login 4, 62, 81, 115, 129, 134 ... 63, 67, 75, 79, 83, 84, 84, 90, 92, 95, 97,
...
long title 81 ... 99, 103, 104, 107, 112, 113, 118, 121, 123,
...
...
low probability of detection 81 ... 1 24, 125, 126, 131, 139, 167
...
low probability of intercept 81, 157 ... message authentication code 8, 85, 83
...
... message digest 20, 38, 84, 85, 115, 118
...
... message externals 85
...
... message hash 85
...
M ...
... message indicator 85, 158
...
... Milnet 85
MAC 58, 83, 158 ...
... MIME 45, 85, 158
magnetic remanence 83, 112 ...
... mimicking 85
mail bomb 83 ...
... MLI 85, 158
mail gateway 55, 83 ...
...
maintenance hook 83 ... MLS 22, 85, 158
...
maintenance key 83 ... MNCRS 85
...
... mobile code 24, 85, 106
malicious applets 83 ...
... Mobile Network Computer Reference
malicious code 12, 83, 84 ...
... Specifications 85, 158
malicious host 83 ...
...
malicious logic 23, 83 ... mobile node 9, 85
...
mandatory access control 3, 21, 22, 84, 92, ... mockingbird 86
...
... model 4, 7, 11, 12, 21, 23, 26, 29, 29, 40, 45,
121, 158 ...
... 53, 70, 73, 86, 102, 103, 106, 107, 109,
mandatory modification 84, 130, 158 ...
... 11 5, 118, 120, 121, 122, 124, 132, 139,
manipulative communications deception 26, ...
...
62, 84 ... 1 43, 167
...
manual cryptosystem 77, 84 ... modem 86, 107
...
manual remote rekeying 31, 84, 112 ... mode of operation 27, 37, 86, 88, 99, 126
...
masquerader 84 ... monitoring 9, 29, 51, 52, 77, 87, 122, 122,
...
... 130, 139
masquerading 7, 70, 84, 85 ...
...
master crypto-ignition key 84 .... MQV 86, 158
... MTU 84, 87, 158
material symbol 84, 158 ...
maximum transmission unit 54, 84, 87, .... multicast 87, 121
...
...
158 ... multihomed host 87
...
MD2 84 ... multihost-based auditing 87
...
MD4 84, 115 ... multilevel device 88
...
MD5 84, 104, 115 ... multilevel integrity 85, 88
...
media access control layer 83, 84 ... multilevel mode 27, 87, 88
...
mediation 84, 112, 114 ...
... multilevel security 30, 85, 88, 158
..

250
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
Multipurpose Internet Mail Extensions 85, 88, .
.
... network level firewall 91
...
158 ... network reference monitor 91
...
mutual suspicion 88 ... network security 27, 91, 119, 120, 159
...
... network security architecture 91, 159
...
... network security officer 91, 159
...
... network sponsor 54, 92
N ...
...
... network system 92, 119, 161
Nak attack 89 ...
... network trusted computing base partition 92,
name resolution 89 ...
... 93
National Computing Security Center 89, 90 ...
... network weaving 92
National Institute for Standards and ...
... NFS 23, 92, 112, 158
Technology 89, 92 ...
... NIC 68, 70, 90, 92
...
National Security Agency 9, 23, 37, 40, 54, ...
... NIST 51, 89, 92, 135, 158
89, 93, 159 ...
... node 9, 13, 17, 29, 41, 52, 55, 68, 80, 85, 90,
National Security Information 12, 47, 89, 93, ...
.... 92, 97, 100, 131, 139
106, 111, 138, 159 ...
... no-lone zone 92, 135, 159
National Security System 89, 135 ...
... nonce 75, 77, 92
NC 90, 158 ...
... noncompromisability 92
NCRP 90, 158 ...
... noncooperative remote rekeying 92
NCSC 3, 48, 89, 90, 111, 112, 158 ...
... nondiscretionary access controls 92
...
need-to-know 27, 37, 99, 126 ...
... nondiscretionary security 92
negative acknowledgment attack 89, 90 ...
... nonrepudiation 33, 54, 69, 92
NetBIOS 90 ...
... nonsecret encryption 92
netiquette 90 ...
... nontamperability 92
netmask 5, 90, 125 ...
... NSA 23, 25, 28, 38, 40, 47, 54, 63, 84, 89,
network 5, 7, 9, 11, 13, 16, 20, 23, 29, 30, ...
... 93, 96, 112, 123, 131, 135, 138, 154, 159
...
33, 36, 37, 40, 41, 43, 47, 48, 52, 54, 56, ...
... NSI 93
57, 58, 64, 66, 68, 69, 70, 79, 80, 85, 86, ...
... NTCB 93
87, 89, 90, 90, 91, 93, 96, 97, 99, 100, ...
... null 93
102, 103, 104, 107, 109, 111, 112, 115, ...
...
116, 117, 119, 120, 121, 122, 123, 124, ...
...
...
125, 130, 131, 132, 134, 139, 140, 142, ...
... O
145, 167 ...
...
Network Basic Input Output System 90 ... OASIS 45, 95, 120
...
network computer 85, 90, 158 ... obfuscation 24, 95
...
network computer reference specification 85, ... obfuscator 95
...
90, 158 ... object 4, 11, 12, 15, 27, 30, 37, 38, 61, 62,
...
Network File System 90, 92, 158 ... 70, 80, 84, 87, 90, 91, 95, 100, 107, 111,
...
...
network front end 90 ... 112, 117, 119, 120, 121, 122, 123, 124, 130,
...
network information center 68, 70, 90, 92, ... 131, 133, 142
...
156, 158 .
... object reuse 95
...
network layer 5, 29, 91, 109, 115 ... OFB 63, 87, 95, 97
...

251
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
off-line cryptosystem 85, 95 ... P
...
one-part code 95 ...
...
... P2P 99, 100
one-time cryptosystem 95 ...
... P3P 99, 102
one-time pad 85, 95, 97, 99 ...
... PAA 99
one-time tape 95 ...
... packet 8, 13, 15, 20, 21, 29, 33, 47, 52, 54,
one-to-one mapping 95, 125 ...
... 58, 64, 67, 68, 69, 87, 91, 99, 102, 103,
online cryptosystem 96, 131 ...
...
.
... 1 07, 113, 123, 126, 135
online server 96
... packet filter 99, 113
open 7, 27, 41, 70, 79, 96, 97, 121, 143 ...
... packet filtering 99,
... 113
open security environment 96 ...
... packet sniffer 99
Open Shortest Path First 96, 97 ...
... pad 77, 85, 95, 99, 117, 124
Open Software Foundation 41, 96, 97 ...
open storage 96 .... parity 99
...
... partitioned security mode 99
Open System Interconnect 96, 97 ...
... passive 5, 45, 48, 95, 99, 141
operating system 3, 6, 12, 13, 19, 22, 43, 62, ...
... passive attack 5, 45, 99
69, 90, 96, 112, 115, 119, 125, 134, 137 ...
... passive threat 5, 100, 141
operational code 96 ...
...
operational data security 96 ... passphrase 100, 139
...
operational key 96 ... passwd 100, 101
...
... password 4, 8, 27, 30, 31, 38, 41, 48, 79, 80,
operational waiver 96 ...
... 84, 99, 103, 104, 117, 123, 130, 139
operations security 96 ...
... password sniffing 100
OPSEC 96 ...
... path 8, 16, 19, 96, 97, 100, 115, 121, 131,
optional modification 84, 96, 123 ...
...
ORA 96 ... 134
...
Orange Book 96 .
... PCA 19, 17, 100, 103
... PCT
organizational maintenance 96 ... 100
...
Organizational Registration Authority 96 ... PDS 100
...
Organization for the Advancement of Struc- .... PDU 100, 107
.... peer entity authentication 100
tured Information Standards 95, 97 ...
... peer-to-peer 99,
OSF 96, 97 ... 100
...
OSI 29, 36, 47, 70, 91, 96, 97, 102, 103, 107, ... PEM 100, 1 04
...
109, 113, 115, 118, 121, 132, 143 ... penetration 52, 62, 100, 106, 107, 111
...
OSPF 64, 97 ... penetration testing 52, 100
...
OTAR 97 ... per-call key 100
...
... perimeter-based security 100
out of band 97 ...
... periods processing
output feedback mode 95, 97 ... 100
...
overrun 97 ... permission 8, 15, 22, 27, 100, 120, 133,
...
overt channel 32, 97 ... 142
...
over-the-air key distribution 97 ... permutation 100, 123, 125
...
over-the-air key transfer 97 ... permuter 101
...
over-the-air rekeying 97 ... personal identification number 101, 102
...
overwrite procedure 97 ... pest program
... 101, 134
..

252
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
PGP 101, 104 .
.
... privacy 16, 66, 69, 99, 100, 101, 102, 104,
...
phage 101 ... 121, 123
...
PHF 101 ... Privacy Enhanced Mail 100, 105
...
phf vulnerability 101 ... privacy system 105
...
photuris 70, 101 ... Private Communication Technology 100, 105
...
...
phreaker 101 ... private key 17, 40, 41, 77, 84, 104, 106, 108,
...
physical layer 47, 102, 113 ... 122, 139
...
physical medium 102 ... privileged access 105
...
physical network interface 102 ... privileged user 105
...
physical security 26, 102 ... probe 103, 105
...
PICS 102 ... process 3, 4, 7, 8, 9,
... 12, 16, 17, 19, 21, 22,
...
piggyback 102 ... 27, 29, 30, 32, 33, 34, 35, 37, 45, 46, 46,
...
PIN 102 ... 47, 51, 52, 54, 57, 62, 63, 64, 77, 80, 84,
...
ping 102, 123 .... 86, 88, 89, 96, 104, 106, 107, 108, 111,
...
ping of death 102 ... 113, 115, 117, 118, 119, 120, 123, 124, 125,
...
PKCS 102, 107 ... 126, 129, 131, 133, 134, 135, 137, 139, 147
...
PKI 17, 17, 96, 102, 103 ... production model 105
...
...
PKZIP 102 ... promiscuous mail server 105
...
plaintext 24, 102 ... promiscuous mode 105
...
Platform for Internet Control Selection 102 ... proof-carrying code 105
...
Platform for Privacy Preferences Projects 99, ... proprietary information 105
...
102 ... protected communications 106
...
...
plausible deniability 102 ... protected distribution system 100, 106, 118
...
playback 103 ... protected subsystem 106
...
Point-to-Point Protocol 103, 121 ... protection philosophy 106
...
policy 19, 17, 21, 23, 32, 38, 49, 52, 53, 63, ... protection ring 106
...
68, 70, 86, 88, 92, 99, 100, 103, 106, 119, ... protective packaging 106
...
...
120, 126, 133, 134, 137, 139 ... protective technologies 106
...
Policy Approving Authority 99, 103 ... protective technology/package incident 106
...
Policy Creation Authority 19, 17, 100, 103 ... protocol 5, 7, 8, 9, 17, 23, 29, 41, 46, 47, 48,
...
port 43, 103 ... 49, 52, 54, 61, 64, 66, 68, 69, 70, 84, 90,
...
port scan 103 ... 92, 96, 99, 100, 101, 103, 104, 107, 111,
...
...
positive control material 103, 135 .... 113, 114, 115, 118, 120, 121, 122, 123, 124,
PostScript 103 ... 125, 129, 131, 132, 135, 137, 138
...
...
PPP 103, 103, 121 ... protocol data unit 100, 106
....
preauthentication 103 ... protocol layer 91, 106
...
preproduction model 103 ... protocol model 106
...
presentation layer 103 ... prowler 106
...
Pretty Good Privacy 101, 103 ... proxy 106, 107, 123
...
principal 75, 104, 111, 124, 133, 147 ... proxy ARP 107
...
...
print suppression 104 ... public cryptography 107
..

253
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
public key 7, 12, 16, 17, 40, 46, 46, 52, 77, ... release prefix 112
...
84, 92, 102, 103, 104, 106, 107, 115, 122, ... remanence 83, 112
...
...
139 ... remote access Trojan 111, 112
...
public key certificate 103, 107, 108, 122 ... Remote File System 112, 114
...
public key cryptography 7, 17, 46, 52, 77, 92, ... remote procedure call 41, 112, 115
...
106, 107 ... remote rekeying 9, 31, 84, 92, 112
...
Public-Key Cryptography Standard 102, 107 ... repair action 63, 112
...
Public Key Infrastructure 17, 102, 108 ... repeater 64, 113, 115
...
...
purging 108 ... replay attacks 113
...
... replaying 113
...
... repudiation 33, 40, 54, 62, 69, 92, 113
...
Q ... Requests for Comments 113, 114
...
... reserve keying material 113
QoS 109 ...
... residual risk 113
quality of service 109 ...
... residue 16, 113, 117
quadrant 109 ...
...
quantum cryptography 109 ... resource encapsulation 114
...
... retina system 114
...
... retrovirus 114
...
... Reverse Address Resolution Protocol 111, 114
R ...
... revocation 17, 32, 36, 77, 108, 114
...
Rainbow Series 111, 112, 115 ... RFC 6, 17, 33, 41, 55, 67, 69, 75, 84, 113,
...
randomizer 111 ... 114, 118, 119, 121, 122, 132, 133
...
RARP 111, 114 ...
... RFS 114
RAT 111 ...
... Rijndael 6, 114
RBAC 111 ...
... RIP 64, 114
...
RC2 111 .... RIPE-MD-160 114
RC4 111 ...
... risk 4, 17, 30, 32, 35, 38, 58, 79, 83, 113,
...
RCP 111 ... 115, 126, 130, 134
...
read 22, 32, 57, 111, 121, 122, 124, 126 ... risk analysis 115, 130
...
read access 111 ... risk assessment 115, 126, 130
...
real-time reaction 111 ... risk index 115
...
realm 111 ... risk management
... 115
recovery procedures 111 ...
... rlogin 30, 115
...
Red 12, 62, 111, 130 ... Role-Based Access Control 111, 115
...
Red/Black concept 111 ... rootkit 115
...
Red Book 112, 134 ... router 9, 13, 16, 30, 33, 37, 55, 64, 67, 68,
...
Red Queen principle 112 ... 85, 99, 103, 107, 113, 115
...
Red signal 112 ... Routing Information Protocol 114, 115
...
red team 62, 112, 130 ... RPC 96, 115
...
reference monitor 91, 112, 114, 119 ...
... RSA 33, 40, 104, 104, 107, 111, 115
...
reference validation mechanism 112 ... RSADSI 116
...
reflection attack 112 ... rsh 116
...

254
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
S .
.
... security net control station 120
...
... security perimeter 120
S2ML 117, 120 ...
... security policy 21, 32, 38, 49, 53, 63, 92, 99,
SA 117 ...
... 103, 106, 119, 120, 133, 134, 137, 139
safeguarding statement 117 ...
... security range 120
safeguards 4, 79, 117, 120, 120 ...
...
... security requirements 3, 17, 119, 120, 127, 131
salt 117 ...
... security requirements baseline 120
sample key 117 ...
... security safeguards 120
sandbox 73, 117 ...
... Security Services Markup Language 117, 120
sanitize 117 ...
... security specification 81, 120
SATAN 117, 119 ...
... security test and evaluation
... 139
scavenging 84, 117 ...
... seed key 46, 120
scratch pad store 117, 124 ...
... segment 4, 30, 52, 54, 58, 84, 99, 117, 120,
script kiddies 118 ...
... 129
SDMI 40, 118 ...
... self-authentication 120
secrecy 4, 118 ...
...
secret 7, 19, 21, 22, 30, 32, 47, 56, 64, 75, ... self/group/public controls 120
...
84, 96, 97, 100, 104, 106, 111, 114, 118, ... self-synchronizing 121
...
... sensitive information 27, 30, 63, 84, 103, 120,
120, 121, 123, 126, 132, 147, ...
... 121, 133, 135
secret key 7, 33, 47, 47, 64, 75, 84, 97, 104, ...
... sensitivity label 4, 21, 22, 62, 79, 121, 124
111, 114, 118, 121, 123, 126 ...
...
secret key cryptography 7, 118, 126 ... separation of duty 121, 123
...
secure communications 8, 118, 120, 131 ... Serial line IP 121, 123
...
... server 23, 26, 27, 30, 37, 41, 52, 96, 101,
Secure Digital Music Initiative 118 ...
... 106, 107, 112, 119, 121, 129, 134
secure hash algorithm 15, 118, 121 ...
... session 12, 21, 29, 42, 52, 75, 77, 79, 101,
Secure Hypertext Transfer Protocol 118, 121 ...
...
Secure Socket Layer Protocol 104, 118, 124 ... 104, 115, 121, 125, 131
...
secure state 51, 119 . session hijacking 121
....
.. session key 76, 77, 101, 104, 121, 131
.
secure subsystem 119 ...
Security Administrator Tool for Analyzing .... session layer 121
...
... SFUG 121
Networks 117, 119 ...
...
security association 69, 70, 117, 119 ... SGML 97, 121
...
security controls 9, 32, 42, 57, 119, 139 ... SHA 15, 121
...
security fault analysis 119 ... shared key 38, 121
...
Security Features Users Guide 119, 121 ... shielded enclosure 121
...
... short title 47, 112, 121
security filter 54, 119 ...
...
security flaw 119 ... S-HTTP 118, 121
...
security inspection 119 ... sign 15, 28, 41, 122
...
security kernel 119 ... Signaling System 7 122, 124
...
security label 3, 79, 120, 121 ... signals security 122
...
security model 4, 11, 53, 70, 73, 120, 122, ... signature 15, 16, 24, 32, 33, 40, 41, 43, 45,
...
...
124 ... 46, 54, 61, 64, 104, 108, 116, 122, 139
..

255
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
signature detection 122 ... steganography 124
...
Simple Key Exchange for Internet Proto- ... storage object 124
...
...
cols 123 ... stream encryption 111, 124
...
Simple Mail Transport Protocol 85 ... strong 104, 124, 125, 131
...
Simple Network Management Protocol 123 ... strong authentication 124
...
simple security property 11 ... structure of management information 123, 124
...
Simple Watcher 126 ... subject 4, 9, 11, 12, 15, 16, 19, 22, 32, 33, 38,
...
single-level device 122 ... 52, 62, 79, 80, 84, 87, 91, 100, 104, 108,
...
...
single-point keying 122 ... 111 , 112, 114, 119, 121, 122, 124, 130, 131,
...
SKIP 70, 122, 123 ... 134, 135, 142
...
SKIPJACK 48, 123 ... subject security level 124
...
SLIP 103, 121, 123 ... subnet 5, 9, 13, 20, 33, 55, 90, 124, 125
...
smart card 8, 61, 123 ... subnet field 125
...
SMI 123 ... subnet mask 5, 90, 125
...
SMTP 85, 123 ... subnet number 125
...
...
smurf 123 ... subnetwork 91, 125
...
sniffer 99, 115, 123 ... subregistration authority 124, 125
...
SNMP 122, 123 ... substitution 24, 125
...
SOCKS 123 ... subversion 125
..
software system test and evaluation process 123 ..... superencryption 125
...
source 19, 24, 29, 36, 58, 70, 100, 121, 123, ... supersession 125
...
124, 132 ... superuser 125
...
spam 123 ... supervisor state 49, 126
...
special mission modification 63, 123 ... suppression measure 126
...
...
specification 25, 31, 38, 40, 45, 52, 53, 62, ... surrogate access 126
...
68, 75, 80, 85, 88, 90, 96, 97, 102, 106, ... SWATCH 126
...
120, 123, 131, 132, 133, 134 ... syllabary 126
...
speech privacy 123 ... syllabify 126
...
spiders 123 ... symmetric cryptography 118, 126
...
split knowledge 123 ... SYN 37, 126
...
spoofing 13, 41, 70, 84, 123 ... SYN/ACK 126
...
spread spectrum 123 ... system administrator 92,
... 117, 126, 134
...
SPS 124 ... system assets 126
...
SRA 124 ... system development methodologies 126
...
SS 7 124 ... system high 126
...
SSL 118, 124, 132 ... system high mode 126
...
Standard Generalized Markup Language 121, ... system indicator 126
...
124 ... system integrity 54, 126
...
star (*) property 124 ... system low 126
...
...
start-up KEK 124 ... system profile 126
...
state machine 124 ... system security 4, 63, 119, 126, 127, 130, 132,
...
state variable 124 ... 134, 137, 140
...

256
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
system security engineering 126 .
.
... token 5, 61, 108, 131
...
system security evaluation 126 ... token authenticator 131
...
system security management plan 127 ... top-level specification 38, 53, 131
...
system security officer 63, 127 ... topology 68, 131
...
system security plan 4, 127 ... totient function 131
...
... TPI 131
...
...
... Traditional COMSEC Program 131
...
T ... traffic analysis 131
...
... traffic encryption key 31, 97, 100, 131
tampering 5, 92, 107, 129 ...
... traffic-flow security 131
TCB 8, 38, 79, 121, 129, 133, 134 ...
... traffic padding 131
TCP 7, 9, 21, 29, 37, 42, 45, 47, 52, 66, 70, ...
... training key 131
...
84, 118, 120, 126, 129, 132, 138, 141 ... tranquility 131
...
TCP segment 84, 129 ...
... transaction 113, 120, 121, 131
TCSEC 38, 48, 89, 96, 129 ...
.. transceiver 131
telecommunications 25, 28, 30, 37, 49, 62, 66, .....
... TRANSEC 36, 131
71, 80, 84, 89, 100, 106, 118, 129, 134 ...
.. transmission channel 121, 131
telecommunications and automated information ..... Transmission Control Protocol 129, 131
...
systems security 129 ...
... transmission security 26, 77, 93, 97, 131, 132
telecommunications security 129, 134 ...
... transport layer 47, 84, 118, 130, 132
telnet 79, 123, 129 ...
... Transport Layer Security 118, 130, 132
TEMPEST 4, 19, 27, 34, 64, 96, 129 ...
... transport service 132
...
TEMPEST Test 129 ... transposition cipher 132
...
TEMPEST Zone 129 ... trap door 83, 132
...
test key 129 ...
... trap door function 132
TFTP 129, 133 ...
... trashing 133
TGT 129 ...
... tripwire 133
threat 5, 6, 35, 58, 63, 79, 99, 115, 126, 129, ...
... Trivial File Transfer Protocol 129, 133
...
130, 141, 145 ... Trojan horse 83, 101, 112, 115, 133, 134
...
threat analysis 129, 130 ... trust 3, 12, 19, 22, 30, 38, 133, 134
...
threat assessment 130 ... trusted 133
...
threat monitoring 130 ... trusted applet
... 133
ticket 80, 129, 130 ...
... trusted computer system 3, 12, 30, 42, 53, 89,
ticketed-oriented 130 ...
... 96, 112, 129, 133
...
ticket-granting ticket 129, 130 ... trusted computer system evaluation criteria 3,
...
tiger teams 112, 130 ... 12, 38, 42, 53, 89, 96, 129, 133
...
time bomb 130 ... trusted computing base 8, 38, 49, 92, 93, 121,
...
time-compliance date 130 ... 129, 133, 134
...
time-dependent password 130 ... trusted distribution 80, 133
...
tinkerbell program 130 ...
... trusted facility management 133
...
TLS 118, 130 ... trusted facility manual 134
...
TNIEG 89, 112, 131 ... trusted guard 134
...

257
Index
.... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
...
... ...
.. ...
trusted identification forwarding 134 ... usenet 88, 138
...
trusted intermediary 75, 130, 134, 134 ... user 3, 4, 5, 8, 9,
... 11, 12, 13, 17, 19, 22, 23,
...
trusted network 11, 89, 112, 131, 134 ... 25, 26, 27, 30, 35, 37, 38, 40, 42, 43, 52,
...
Trusted Network Interpretation Environmental ... 51, 56, 59, 61, 62, 64, 69, 75, 77, 79, 80,
...
Guideline 134 .
... 84, 86, 88, 90, 92, 96, 99, 100, 101, 102,
...
trusted path 3, 134 ... 103, 104, 107, 108, 115, 117, 123, 124,
...
trusted process 134, 137 ... 125, 126, 129, 130, 132, 134, 135, 137,
...
trusted recovery 134 ... 138, 139
...
trusted server 134 .
.
... user agent 137, 138
...
trusted software 134 ... User Datagram Protocol 132, 137, 138
...
trusted subject 134 ... user ID 4, 79, 138
...
trusted system 49, 80, 111, 134 ... user partnership program 138
...
trusted third party 134 ... user profile 138
...
trustworthy 133, 134, 137 ... user representative 25,
... 138
...
TSEC 134 ... UUCP 138
...
TSEC nomenclature 134 ... uudecode 138
...
tunneling 134, 139 ... uuencode 138
...
Turing test 135 ...
...
two-part code 135 ...
...
two-person control 135 ... V
...
...
two-person integrity 92, 131, 135 ... vaccine 139
...
type 1 25, 118, 135 ... validation 61, 101, 112, 139
...
type 2 25, 47, 106, 135 ...
... van Eck Monitoring 139
type 3 algorithm 135 ...
... variant 46, 84, 96, 139
type 4 algorithm 135 ...
... verified design 3, 139
...
... verify a signature 139
...
... virtual password 100, 139
...
U ... virtual private network 47, 68, 139, 140
...
...
UA 137 ... virus 12, 58, 83, 101, 114, 133, 139
...
UDP 21, 29, 33, 132, 137, 138 ... voice system 140
...
UDP datagram 137 ... VPN 69, 140
...
... vulnerability 13, 32, 35, 61, 79, 90, 101, 115,
UN/CEFACT 45, 137 ...
... 140
unclassified 16, 21, 30, 35, 47, 96, 100, 120, ...
... vulnerability assessment 140
135, 137 ...
...
Unicode 7, 49, 137 ...
...
UNIX 6, 13, 27, 85, 96, 100, 101, 111, 112, ...
...
115, 116, 137, 138 ... W
...
...
untrusted process 137 ... Wassenaar Arrangement 31, 141
...
U.S.-controlled facility 137 ... WinNuke 141
...
U.S.-controlled space 138 ... wiretapping 5, 141
...
updating 77, 120, 137 ... work factor 141
...
.

258
 Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
...
... ....
... ..
... Y
worm 27, 70, 101, 141 .
.
...
worm attack 142 ...
... Yellow Pages 145
write 4, 7, 22, 26, 103, 118, 121, 124, 142 ...
... YP 145
write access 124, 142 ...
...
...
...
...
...
... Z
X ...
...
...
X.400 25, 55, 138, 143 ... zero fill 147
...
X.500 25, 138, 143 ... zeroize 147
...
X.509 17, 41, 143 ... zero knowledge proof 147
...
X.800 143 ... zombie 147
...
XDR 143 ... zone of control
... 147
.

259