Home Computer Security

              
 

      Glossary


This section contains definitions of terms used throughout this booklet. Unless otherwise stated, the definitions come from the Webopedia Online Dictionary for Computer and Internet Terms.


 
ARPAnet The precursor to the Internet, ARPAnet was a large wide-area network created by the United States Defense Advanced Research Project Agency (ARPA). Established in 1969, ARPAnet served as a testbed for new networking technologies, linking many universities and research centers. The first two nodes that formed the ARPAnet were UCLA and the Stanford Research Institute, followed shortly thereafter by the University of Utah.
attack An action conducted by an adversary, the attacker, on a potential victim. (From the glossary of State of the Practice of Intrusion Detection Technologies.)
backdoor Also called a trapdoor. An undocumented way of gaining access to a program, online service or an entire computer system. The backdoor is written by the programmer who creates the code for the program. It is often only known by the programmer. A backdoor is a potential security risk.
backup Copy of files and programs made to facilitate recovery, if necessary. (From the National Information Systems Security (INFOSEC) Glossary.)
brute force Refers to a programming style that does not include any shortcuts to improve performance, but instead relies on sheer computing power to try all possibilities until the solution to a problem is found. A classic example is the traveling salesman problem (TSP). Suppose a salesman needs to visit 10 cities across the country. How does one determine the order in which cities should be visited such that the total distance traveled is minimized? The brute force solution is simply to calculate the total distance for every possible route and then select the shortest one. This is not particularly efficient because it is possible to eliminate many possible routes through clever algorithms.

Although brute force programming is not particularly elegant, it does have a legitimate place in software engineering. Since brute force methods always return the correct result -- albeit slowly -- they are useful for testing the accuracy of faster algorithms. In addition, sometimes a particular problem can be

bug An error or defect in software or hardware that causes a program to malfunction. According to folklore, the first computer bug was an actual bug. Discovered in 1945 at Harvard, a moth trapped between two electrical relays of the Mark II Aiken Relay Calculator caused the whole machine to shut down.
CD-ROM Pronounced see-dee-rom, abbreviation of Compact Disc-Read-Only Memory. A type of optical disk capable of storing large amounts of data -- up to 1GB, although the most common size is 650MB (megabytes). A single CD-ROM has the storage capacity of 700 floppy disks, enough memory to store about 300,000 text pages.

CD-ROMs are stamped by the vendor, and once stamped, they cannot be erased and filled with new data. To read a CD, you need a CD-ROM player. All CD-ROMs conform to a standard size and format, so you can load any type of CD-ROM into any CD-ROM player. In addition, CD-ROM players are capable of playing audio CDs, which share the same technology.

CD-ROMs are particularly well-suited to information that requires large storage capacity. This includes color large software applications, graphics, sound, and especially video.

cable modem A modem designed to operate over cable TV lines. Because the coaxial cable used by cable TV provides much greater bandwidth than telephone lines, a cable modem can be used to achieve extremely fast access to the World Wide Web. This, combined with the fact that millions of homes are already wired for cable TV, has made the cable modem something of a holy grail for Internet and cable TV companies.

There are a number of technical difficulties, however. One is that the cable TV infrastructure is designed to broadcast TV signals in just one direction - from the cable TV company to people's homes. The Internet, however, is a two-way system where data also needs to flow from the client to the server. In addition, it is still unknown whether the cable TV networks can handle the traffic that would ensue if millions of users began using the system for Internet access.

Despite these problems, cable modems that offer speeds up to 2 Mbps are already available in many areas.

download To copy data (usually an entire file) from a main source to a peripheral device. The term is often used to describe the process of copying a file from an online service or bulletin board service (BBS) to one's own computer. Downloading can also refer to copying a file from a network file server to a computer on the network.

In addition, the term is used to describe the process of loading a font into a laser printer. The font is first copied from a disk to the printer's local memory. A font that has been downloaded like this is called a soft font to distinguish it from the hard fonts that are permanently in the printer's memory.

The opposite of download is upload, which means to copy a file from your own computer to another computer.

dsl modem Refers collectively to all types of digital subscriber lines, the two main categories being ADSL and SDSL. Two other types of xDSL technologies are High-data-rate DSL (HDSL) and Very high DSL (VDSL).

DSL technologies use sophisticated modulation schemes to pack data onto copper wires. They are sometimes referred to as last-mile technologies because they are used only for connections from a telephone switching station to a home or office, not between switching stations.

xDSL is similar to ISDN inasmuch as both operate over existing copper telephone lines (POTS) and both require the short runs to a central telephone office (usually less than 20,000 feet). However, xDSL offers much higher speeds - up to 32 Mbps for downstream traffic, and from 32 Kbps to over 1 Mbps for upstream traffic.

e-commerce Conducting business on-line. This includes, for example, buying and selling products with digital cash and via Electronic Data Interchange (EDI).
e-mail Short for electronic mail, the transmission of messages over communications networks. The messages can be notes entered from the keyboard or electronic files stored on disk. Most mainframes, minicomputers, and computer networks have an e-mail system. Some electronic-mail systems are confined to a single computer system or network, but others have gateways to other computer systems, enabling users to send electronic mail anywhere in the world. Companies that are fully computerized make extensive use of e-mail because it is fast, flexible, and reliable.

Most e-mail systems include a rudimentary text editor for composing messages, but many allow you to edit your messages using any editor you want. You then send the message to the recipient by specifying the recipient's address. You can also send the same message to several users at once. This is called broadcasting.

Sent messages are stored in electronic mailboxes until the recipient fetches them. To see if you have any mail, you may have to check your electronic mailbox periodically, although many systems alert you when mail is received. After reading your mail, you can store it in a text file, forward it to other users, or delete it. Copies of memos can be printed out on a printer if you want a paper copy.

All online services and Internet Service Providers (ISPs) offer e-mail, and most also support gateways so that you can exchange mail with users of other systems.

Usually, it takes only a few seconds or minutes for mail to arrive at its destination. This is a particularly effective way to communicate with a group because you can broadcast a message or document to everyone in the group at once.

Although different e-mail systems use different formats, there are some emerging standards that are making it possible for users on all systems to exchange messages. In the PC world, an important e-mail standard is MAPI. The CCITT standards organization has developed the X.400 standard, which attempts to provide a universal way of addressing messages. To date, though, the de facto addressing standard is the one used by the Internet system because almost all e-mail systems have an Internet gateway.

Another common spelling for e-mail is email.

encryption The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as cipher text.

There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.

files A collection of data or information that has a name, called the filename. Almost all information stored in a computer must be in a file. There are many different types of files: data files, text files, program files, directory files, and so on. Different types of files store different types of information. For example, program files store programs, whereas text files store text.
firewall A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

There are several types of firewall techniques:

 

  • Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.

     

  • Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.

     

  • Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.

     

  • Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.

In practice, many firewalls use two or more of these techniques in concert.

A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.

hard disk A magnetic disk on which you can store computer data. The term hard is used to distinguish it from a soft, or floppy, disk. Hard disks hold more data and are faster than floppy disks. A hard disk, for example, can store anywhere from 10 megabytes to several gigabytes, whereas most floppies have a maximum storage capacity of 1.4 megabytes.

A single hard disk usually consists of several platters. Each platter requires two read/write heads, one for each side. All the read/write heads are attached to a single access arm so that they cannot move independently. Each platter has the same number of tracks, and a track location that cuts across all platters is called a cylinder. For example, a typical 84 megabyte hard disk for a PC might have two platters (four sides) and 1,053 cylinders.

In general, hard disks are less portable than floppies, although it is possible to buy removable hard disks.

heuristics Of or relating to exploratory problem-solving techniques that utilize self-educating techniques (as the evaluation of feedback) to improve performance. (From Merriam-Webster Online.)
Internet A global network connecting millions of computers. More than 100 countries are linked into exchanges of data, news and opinions.

Unlike online services, which are centrally controlled, the Internet is decentralized by design. Each Internet computer, called a host, is independent. Its operators can choose which Internet services to use and which local services to make available to the global Internet community. Remarkably, this anarchy by design works exceedingly well.

There are a variety of ways to access the Internet. Most online services, such as America Online, offer access to some Internet services. It is also possible to gain access through a commercial Internet Service Provider (ISP).

The Internet is not synonymous with World Wide Web.

instant messaging A type of communications service that enables you to create a private chat room with another individual. Typically, the instant messaging system alerts you whenever somebody on your private list is online. You can then initiate a chat session with that particular individual.

There are several competing instant messaging systems. Unfortunately, there's no standard, so anyone you want to send instant messages to must use the same instant messaging system that you use.

intruder An adversary who is conducting or has conducted an intrusion or attack against a victim host, site, network or organization. Since the label of intruder is assigned by the victim of the intrusion and is therefore contingent on the victim’s definition of encroachment, there can be no ubiquitous categorization of actions as being intrusive or not. From the victim’s viewpoint, an intruder is usually an entity (person or organization) that has successfully attacked the victim. It is unclear whether one who conducts an unsuccessful attack is an intruder. If an intrusion is required to be an intruder, then it seems that all intruders are attackers, but all attackers are not necessarily intruders. (From the glossary of State of the Practice of Intrusion Detection Technologies.)
media Objects on which data can be stored. These include hard disks, floppy disks, CD-ROMs, and tapes.
operating system The most important program that runs on a computer. Every general-purpose computer must have an operating system to run other programs. Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers.

For large systems, the operating system has even greater responsibilities and powers. It is like a traffic cop -- it makes sure that different programs and users running at the same time do not interfere with each other. The operating system is also responsible for security, ensuring that unauthorized users do not access the system.

Operating systems can be classified as follows:

 

  • multi-user : Allows two or more users to run programs at the same time. Some operating systems permit hundreds or even thousands of concurrent users.

     

  • multiprocessing : Supports running a program on more than one CPU.

     

  • multitasking : Allows more than one program to run concurrently.

     

  • multithreading : Allows different parts of a single program to run concurrently.

     

  • real time: Responds to input instantly. General-purpose operating systems, such as DOS and UNIX, are not real-time.

Operating systems provide a software platform on top of which other programs, called application programs, can run. The application programs must be written to run on top of a particular operating system. Your choice of operating system, therefore, determines to a great extent the applications you can run. For PCs, the most popular operating systems are DOS, OS/2, and Windows, but others are available, such as Linux.

As a user, you normally interact with the operating system through a set of commands. For example, the DOS operating system contains commands such as COPY and RENAME for copying files and changing the names of files, respectively. The commands are accepted and executed by a part of the operating system called the command processor or command line interpreter. Graphical user interfaces allow you to enter commands by pointing and clicking at objects that appear on the screen.

packet A piece of a message transmitted over a packet-switching network. See under packet switching. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.
password A secret series of characters that enables a user to access a file, computer, or program. On multi-user systems, each user must enter his or her password before the computer will respond to commands. The password helps ensure that unauthorized users do not access the computer. In addition, data files and programs may require a password.

Ideally, the password should be something that nobody could guess. In practice, most people choose a password that is easy to remember, such as their name or their initials. This is one reason it is relatively easy to break into most computer systems.

patch A temporary fix to a program bug. A patch is an actual piece of object code that is inserted into (patched into) an executable program.
port In TCP/IP and UDP networks, an endpoint to a logical connection. The port number identifies what type of port it is. For example, port 80 is used for HTTP traffic. Also see Well-Known TCP Port Numbers in the Quick Reference section of Webopedia..
processor A silicon chip that contains a CPU. In the world of personal computers, the terms microprocessor and CPU are used interchangeably. At the heart of all personal computers and most workstations sits a microprocessor. Microprocessors also control the logic of almost all digital devices, from clock radios to fuel-injection systems for automobiles.

Three basic characteristics differentiate microprocessors:

 

  • Instruction set: The set of instructions that the microprocessor can execute.

     

  • bandwidth : The number of bits processed in a single instruction.

     

  • clock speed : Given in megahertz (MHz), the clock speed determines how many instructions per second the processor can execute.

In both cases, the higher the value, the more powerful the CPU. For example, a 32-bit microprocessor that runs at 50MHz is more powerful than a 16-bit microprocessor that runs at 25MHz.

In addition to bandwidth and clock speed, microprocessors are classified as being either RISC (reduced instruction set computer) or CISC (complex instruction set computer).

program An organized list of instructions that, when executed, causes the computer to behave in a predetermined manner. Without programs, computers are useless.

A program is like a recipe. It contains a list of ingredients (called variables) and a list of directions (called statements) that tell the computer what to do with the variables. The variables can represent numeric data, text, or graphical images.

There are many programming languages -- C, C++, Pascal, BASIC, FORTRAN, COBOL, and LISP are just a few. These are all high-level languages. One can also write programs in low-level languages called assembly languages, although this is more difficult. Low-level languages are closer to the language used by a computer, while high-level languages are closer to human languages.

Eventually, every program must be translated into a machine language that the computer can understand. This translation is performed by compilers, interpreters, and assemblers.

When you buy software, you normally buy an executable version of a program. This means that the program is already in machine language -- it has already been compiled and assembled and is ready to execute.

risk possibility of loss or injury (From Merriam-Webster Online).
sniffing A program and/or device that monitors data traveling over a network. Sniffers can be used both for legitimate network management functions and for stealing information off a network. Unauthorized sniffers can be extremely dangerous to a network's security because they are virtually impossible to detect and can be inserted almost anywhere. This makes them a favorite weapon in the hacker's arsenal.

On TCP/IP networks, where they sniff packets, they're often called packet sniffers.

social engineering Social engineering is the art and science of getting people to comply to your wishes. It is not a way of mind control, it will not allow you to get people to perform tasks wildly outside of their normal behavior and it is far from foolproof. (From http://packetstorm.decepticons.org/docs/social-engineering/aaatalk.html)
spoofing Unauthorized use of legitimate Identification and Authentication data, however, it was obtained, to mimic a subject different from the attacker. Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing. (From the National Information Systems Security (INFOSEC) Glossary.)
virus A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.

Since 1987, when a virus infected ARPANET, a large network used by the Defense Department and many universities, many antivirus programs have become available. These programs periodically check your computer system for the best-known types of viruses.

Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.

virus signature A unique string of bits, or the binary pattern, of a virus. The virus signature is like a fingerprint in that it can be used to detect and identify specific viruses. Anti-virus software uses the virus signature to scan for the presence of malicious code.
vulnerability A feature or combination of features of a system that allows an adversary – the intruder – to place the system – your home computer – in a state that is both contrary to the desires of the people responsible for the system – you! – and increases the risk (probability or consequence) of undesirable behavior in or of the system. A feature of combination of features of a system that prevents the successful implementation of a particular security policy for that system. A program with a buffer that can be overflowed with data supplied by the invoker will usually be considered a vulnerability. A telephone procedure that provides private information about the caller without prior authentication will usually be considered to have a vulnerability.
worm A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down. Also see virus.
Copyright 2002 Carnegie Mellon University