| Glossary |
|
This section contains definitions of terms used throughout this
booklet. Unless otherwise stated, the definitions come from the
Webopedia Online Dictionary for Computer
and Internet Terms. |
|
| ARPAnet | The precursor to the Internet, ARPAnet was a large wide-area network created by the United States Defense Advanced Research Project Agency (ARPA). Established in 1969, ARPAnet served as a testbed for new networking technologies, linking many universities and research centers. The first two nodes that formed the ARPAnet were UCLA and the Stanford Research Institute, followed shortly thereafter by the University of Utah. |
| attack | An action conducted by an adversary, the attacker, on a potential victim. (From the glossary of State of the Practice of Intrusion Detection Technologies.) |
| backdoor | Also called a trapdoor. An undocumented way of gaining access to a program, online service or an entire computer system. The backdoor is written by the programmer who creates the code for the program. It is often only known by the programmer. A backdoor is a potential security risk. |
| backup | Copy of files and programs made to facilitate recovery, if necessary. (From the National Information Systems Security (INFOSEC) Glossary.) |
| brute force |
Refers to a
programming style that does not include any shortcuts to improve
performance, but instead relies on sheer computing power to try all
possibilities until the solution to a problem is found. A classic example is
the traveling salesman problem (TSP). Suppose a salesman needs to
visit 10 cities across the country. How does one determine the order in
which cities should be visited such that the total distance traveled is
minimized? The brute force solution is simply to calculate the total
distance for every possible route and then select the shortest one. This is
not particularly efficient because it is possible to eliminate many possible
routes through clever
algorithms.
Although brute force programming is not particularly elegant, it does have a legitimate place in software engineering. Since brute force methods always return the correct result -- albeit slowly -- they are useful for testing the accuracy of faster algorithms. In addition, sometimes a particular problem can be |
| bug | An error or defect in software or hardware that causes a program to malfunction. According to folklore, the first computer bug was an actual bug. Discovered in 1945 at Harvard, a moth trapped between two electrical relays of the Mark II Aiken Relay Calculator caused the whole machine to shut down. |
| CD-ROM |
Pronounced see-dee-rom, abbreviation of Compact Disc-Read-Only
Memory. A type of
optical disk
capable of storing
large amounts of data
-- up to 1GB, although the most common size is 650MB (megabytes).
A single CD-ROM has the
storage capacity
of 700 floppy
disks, enough
memory to store about 300,000
text pages.
CD-ROMs are stamped by the vendor, and once stamped, they cannot be erased and filled with new data. To read a CD, you need a CD-ROM player. All CD-ROMs conform to a standard size and format, so you can load any type of CD-ROM into any CD-ROM player. In addition, CD-ROM players are capable of playing audio CDs, which share the same technology. CD-ROMs are particularly well-suited to information that requires large storage capacity. This includes color large software applications, graphics, sound, and especially video. |
| cable modem |
A modem
designed to operate over cable TV lines. Because the
coaxial cable
used by cable TV provides much greater
bandwidth than
telephone lines, a cable modem can be used to achieve extremely fast access
to the World
Wide Web. This, combined with the fact that millions of homes are
already wired for cable TV, has made the cable modem something of a holy
grail for Internet and cable TV companies.
There are a number of technical difficulties, however. One is that the cable TV infrastructure is designed to broadcast TV signals in just one direction - from the cable TV company to people's homes. The Internet, however, is a two-way system where data also needs to flow from the client to the server. In addition, it is still unknown whether the cable TV networks can handle the traffic that would ensue if millions of users began using the system for Internet access. Despite these problems, cable modems that offer speeds up to 2 Mbps are already available in many areas. |
| download |
To copy
data (usually an
entire file) from a
main source to a
peripheral
device. The term is often used to describe the process of copying a file
from an online
service or
bulletin board service (BBS) to one's own
computer.
Downloading can also refer to copying a file from a
network
file server to a
computer on the network.
In addition, the term is used to describe the process of loading a font into a laser printer. The font is first copied from a disk to the printer's local memory. A font that has been downloaded like this is called a soft font to distinguish it from the hard fonts that are permanently in the printer's memory. The opposite of download is upload, which means to copy a file from your own computer to another computer. |
| dsl modem |
Refers collectively to all types of digital subscriber
lines, the two main categories being
ADSL and
SDSL. Two other types of
xDSL technologies are High-data-rate DSL (HDSL) and Very high DSL
(VDSL).
DSL technologies use sophisticated modulation schemes to pack data onto copper wires. They are sometimes referred to as last-mile technologies because they are used only for connections from a telephone switching station to a home or office, not between switching stations. xDSL is similar to ISDN inasmuch as both operate over existing copper telephone lines (POTS) and both require the short runs to a central telephone office (usually less than 20,000 feet). However, xDSL offers much higher speeds - up to 32 Mbps for downstream traffic, and from 32 Kbps to over 1 Mbps for upstream traffic. |
| e-commerce | Conducting business on-line. This includes, for example, buying and selling products with digital cash and via Electronic Data Interchange (EDI). |
|
Short for electronic mail, the transmission of
messages over
communications
networks. The messages can be notes entered from the
keyboard or
electronic files
stored on
disk. Most
mainframes,
minicomputers,
and computer
networks have an e-mail
system. Some
electronic-mail systems are confined to a single
computer
system or network, but others have
gateways to other
computer systems, enabling
users to send
electronic mail anywhere in the world. Companies that are fully computerized
make extensive use of e-mail because it is fast, flexible, and reliable.
Most e-mail systems include a rudimentary text editor for composing messages, but many allow you to edit your messages using any editor you want. You then send the message to the recipient by specifying the recipient's address. You can also send the same message to several users at once. This is called broadcasting. Sent messages are stored in electronic mailboxes until the recipient fetches them. To see if you have any mail, you may have to check your electronic mailbox periodically, although many systems alert you when mail is received. After reading your mail, you can store it in a text file, forward it to other users, or delete it. Copies of memos can be printed out on a printer if you want a paper copy. All online services and Internet Service Providers (ISPs) offer e-mail, and most also support gateways so that you can exchange mail with users of other systems. Usually, it takes only a few seconds or minutes for mail to arrive at its destination. This is a particularly effective way to communicate with a group because you can broadcast a message or document to everyone in the group at once. Although different e-mail systems use different formats, there are some emerging standards that are making it possible for users on all systems to exchange messages. In the PC world, an important e-mail standard is MAPI. The CCITT standards organization has developed the X.400 standard, which attempts to provide a universal way of addressing messages. To date, though, the de facto addressing standard is the one used by the Internet system because almost all e-mail systems have an Internet gateway. Another common spelling for e-mail is email. |
|
| encryption |
The translation of
data into a secret
code. Encryption is the most effective way to achieve data
security. To
read an encrypted
file, you must have access to a secret
key or
password that enables you to
decrypt
it. Unencrypted data is called
plain text;
encrypted data is referred to as
cipher text.
There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption. |
| files | A collection of data or information that has a name, called the filename. Almost all information stored in a computer must be in a file. There are many different types of files: data files, text files, program files, directory files, and so on. Different types of files store different types of information. For example, program files store programs, whereas text files store text. |
| firewall |
A system designed to prevent unauthorized
access to or from
a private network.
Firewalls can be implemented in both
hardware and
software, or a
combination of both. Firewalls are frequently used to prevent unauthorized
Internet users
from accessing private networks connected to the Internet, especially
intranets.
All messages entering or leaving the intranet pass through the firewall,
which examines each message and blocks those that do not meet the specified
security
criteria.
There are several types of firewall techniques:
In practice, many firewalls use two or more of these techniques in concert. A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted. |
| hard disk |
A magnetic disk
on which you can store
computer
data. The term
hard is used to
distinguish it from a soft, or floppy, disk. Hard disks hold more
data and are faster than
floppy disks.
A hard disk, for example, can store anywhere from 10
megabytes to
several gigabytes,
whereas most floppies have a maximum
storage capacity
of 1.4 megabytes.
A single hard disk usually consists of several platters. Each platter requires two read/write heads, one for each side. All the read/write heads are attached to a single access arm so that they cannot move independently. Each platter has the same number of tracks, and a track location that cuts across all platters is called a cylinder. For example, a typical 84 megabyte hard disk for a PC might have two platters (four sides) and 1,053 cylinders. In general, hard disks are less portable than floppies, although it is possible to buy removable hard disks. |
| heuristics | Of or relating to exploratory problem-solving techniques that utilize self-educating techniques (as the evaluation of feedback) to improve performance. (From Merriam-Webster Online.) |
| Internet |
A global
network connecting millions of
computers. More
than 100 countries are linked into exchanges of
data, news and
opinions.
Unlike online services, which are centrally controlled, the Internet is decentralized by design. Each Internet computer, called a host, is independent. Its operators can choose which Internet services to use and which local services to make available to the global Internet community. Remarkably, this anarchy by design works exceedingly well. There are a variety of ways to access the Internet. Most online services, such as America Online, offer access to some Internet services. It is also possible to gain access through a commercial Internet Service Provider (ISP). The Internet is not synonymous with World Wide Web. |
| instant messaging |
A type of communications service that enables you to create a private
chat room with
another individual. Typically, the instant messaging system alerts you
whenever somebody on your private list is online. You can then initiate a
chat session with that particular individual.
There are several competing instant messaging systems. Unfortunately, there's no standard, so anyone you want to send instant messages to must use the same instant messaging system that you use. |
| intruder | An adversary who is conducting or has conducted an intrusion or attack against a victim host, site, network or organization. Since the label of intruder is assigned by the victim of the intrusion and is therefore contingent on the victim’s definition of encroachment, there can be no ubiquitous categorization of actions as being intrusive or not. From the victim’s viewpoint, an intruder is usually an entity (person or organization) that has successfully attacked the victim. It is unclear whether one who conducts an unsuccessful attack is an intruder. If an intrusion is required to be an intruder, then it seems that all intruders are attackers, but all attackers are not necessarily intruders. (From the glossary of State of the Practice of Intrusion Detection Technologies.) |
| media | Objects on which data can be stored. These include hard disks, floppy disks, CD-ROMs, and tapes. |
| operating system |
The most important
program that
runs on a
computer. Every
general-purpose computer must have an operating system to run other
programs. Operating systems perform basic tasks, such as recognizing
input from the
keyboard, sending
output to the
display screen,
keeping track of files
and directories
on the disk, and
controlling
peripheral devices such as
disk drives and
printers.
For large systems, the operating system has even greater responsibilities and powers. It is like a traffic cop -- it makes sure that different programs and users running at the same time do not interfere with each other. The operating system is also responsible for security, ensuring that unauthorized users do not access the system. Operating systems can be classified as follows:
Operating systems provide a software platform on top of which other programs, called application programs, can run. The application programs must be written to run on top of a particular operating system. Your choice of operating system, therefore, determines to a great extent the applications you can run. For PCs, the most popular operating systems are DOS, OS/2, and Windows, but others are available, such as Linux. As a user, you normally interact with the operating system through a set of commands. For example, the DOS operating system contains commands such as COPY and RENAME for copying files and changing the names of files, respectively. The commands are accepted and executed by a part of the operating system called the command processor or command line interpreter. Graphical user interfaces allow you to enter commands by pointing and clicking at objects that appear on the screen. |
| packet | A piece of a message transmitted over a packet-switching network. See under packet switching. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams. |
| password |
A secret series of
characters that
enables a user to
access a
file,
computer, or
program. On
multi-user
systems, each user
must enter his or her password before the computer will respond to
commands. The
password helps ensure that unauthorized users do not access the computer. In
addition, data files
and programs may require a password.
Ideally, the password should be something that nobody could guess. In practice, most people choose a password that is easy to remember, such as their name or their initials. This is one reason it is relatively easy to break into most computer systems. |
| patch | A temporary fix to a program bug. A patch is an actual piece of object code that is inserted into (patched into) an executable program. |
| port | In TCP/IP and UDP networks, an endpoint to a logical connection. The port number identifies what type of port it is. For example, port 80 is used for HTTP traffic. Also see Well-Known TCP Port Numbers in the Quick Reference section of Webopedia.. |
| processor |
A silicon
chip that contains a
CPU. In the world of
personal
computers, the terms microprocessor and CPU are used
interchangeably. At the heart of all personal computers and most
workstations
sits a microprocessor. Microprocessors also control the logic of almost all
digital
devices, from
clock radios to fuel-injection
systems for
automobiles.
Three basic characteristics differentiate microprocessors:
In both cases, the higher the value, the more powerful the CPU. For example, a 32-bit microprocessor that runs at 50MHz is more powerful than a 16-bit microprocessor that runs at 25MHz. In addition to bandwidth and clock speed, microprocessors are classified as being either RISC (reduced instruction set computer) or CISC (complex instruction set computer). |
| program |
An organized list of
instructions
that, when executed,
causes the computer
to behave in a predetermined manner. Without programs, computers are
useless.
A program is like a recipe. It contains a list of ingredients (called variables) and a list of directions (called statements) that tell the computer what to do with the variables. The variables can represent numeric data, text, or graphical images. There are many programming languages -- C, C++, Pascal, BASIC, FORTRAN, COBOL, and LISP are just a few. These are all high-level languages. One can also write programs in low-level languages called assembly languages, although this is more difficult. Low-level languages are closer to the language used by a computer, while high-level languages are closer to human languages. Eventually, every program must be translated into a machine language that the computer can understand. This translation is performed by compilers, interpreters, and assemblers. When you buy software, you normally buy an executable version of a program. This means that the program is already in machine language -- it has already been compiled and assembled and is ready to execute. |
| risk | possibility of loss or injury (From Merriam-Webster Online). |
| sniffing |
A program and/or device that monitors data traveling over a
network. Sniffers
can be used both for legitimate
network
management functions and for stealing information off a network.
Unauthorized sniffers can be extremely dangerous to a network's security
because they are virtually impossible to detect and can be inserted almost
anywhere. This makes them a favorite weapon in the
hacker's arsenal.
On TCP/IP networks, where they sniff packets, they're often called packet sniffers. |
| social engineering | Social engineering is the art and science of getting people to comply to your wishes. It is not a way of mind control, it will not allow you to get people to perform tasks wildly outside of their normal behavior and it is far from foolproof. (From http://packetstorm.decepticons.org/docs/social-engineering/aaatalk.html) |
| spoofing | Unauthorized use of legitimate Identification and Authentication data, however, it was obtained, to mimic a subject different from the attacker. Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing. (From the National Information Systems Security (INFOSEC) Glossary.) |
| virus |
A program or piece of
code that is loaded
onto your computer without your knowledge and runs against your wishes.
Viruses can also replicate themselves. All
computer viruses
are manmade. A simple virus that can make a
copy of itself over
and over again is relatively easy to produce. Even such a simple virus is
dangerous because it will quickly use all available
memory and bring
the system to a
halt. An even more dangerous type of virus is one capable of transmitting
itself across
networks and bypassing
security
systems.
Since 1987, when a virus infected ARPANET, a large network used by the Defense Department and many universities, many antivirus programs have become available. These programs periodically check your computer system for the best-known types of viruses. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs. |
| virus signature | A unique string of bits, or the binary pattern, of a virus. The virus signature is like a fingerprint in that it can be used to detect and identify specific viruses. Anti-virus software uses the virus signature to scan for the presence of malicious code. |
| vulnerability | A feature or combination of features of a system that allows an adversary – the intruder – to place the system – your home computer – in a state that is both contrary to the desires of the people responsible for the system – you! – and increases the risk (probability or consequence) of undesirable behavior in or of the system. A feature of combination of features of a system that prevents the successful implementation of a particular security policy for that system. A program with a buffer that can be overflowed with data supplied by the invoker will usually be considered a vulnerability. A telephone procedure that provides private information about the caller without prior authentication will usually be considered to have a vulnerability. |
| worm | A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down. Also see virus. |
| Copyright 2002
Carnegie Mellon University |