Glossary

Access: The ability and the means necessary to approach, to store or retrieve data, to communicate with, or to make use of any resource of an electronic system.
Access Control: The restriction to authorised persons only of admittance to data in any manner, or to the use of any resources in a computer system. It involves the use of protective countermeasures against unauthorised admittance to, or disclosure of, data.
Accidental Threat: The threat of unintentional damage to the system. is may be caused through incorrect use of the system or through natural phenomena such as floods or fires.
Accountabi1ity: The requirement that a system user accounts for, or is made liable for, his or her actions.
Accreditation: The official authorisation that is granted to an electronic system to process sensitive inforrnation in its operational environment, based upon comprehensive security evaluation of the system's configuration, and of the system's procedural, administrative, physical, personnel, and communications security control.
Active Threat: A potential breach in security, the nature of which, should it materialise, would cause actual damage or alteration to the computer, hardware, software or data.
Active Wlretapping: The attaching of an unauthorised device, such as a computer terminal, to a communications circuit for the purpose of obtaining access to data through the generation of false messages or control signals, or by altering communications of legitimate users.
Administrative Security: The management constraints, operational procedures, accountability procedures, and supplemental controls established to provide an acceptable level of protection for sensitive data. Synonymous with procedural security.
Applications Program: Any program that is specific to the particular role that a given computer performs within a given organisation and makes a direct contribution to performing that role. For example, where a computer handles a company's finances a payroll program would be an applications program. By contrast, an operating system or a software tool may both be essential to the effective use of the computer system, but neither makes a direct contribution to meeting the end-user's eventual needs.
Attack: A threat carried out, possibly in a successful manner.
Audit: To conduct the independent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, and to recommend any indicated changes in controls, policy, or procedures.
Audit Events: Logged data items, which are especially recorded for auditing purposes and are used as auditing information.
Audit Trail: A chronological record of system activities which is sufficient to enable the reconstruction, review and examination of the sequence of environments and activities surrounding or leading to each event in the path of a transaction from its inception to output of final results.
Authentication: The verification of a claimed identity.
Authorisation: The granting to a user, a program, or a process the right of access.
Availability: Availability reflects a system's ability to stay running.
Back-office: Description of the section of an organisation which does not have any direct contact with the organisation's customers. For example, a head offfice where internal policy decisions are made and administrative work is carried out would be regarded as a back-offfice environment.
Backup: Duplicates of hardware and software elements which are available in an emergency.
Bridge: A device that interconnects two networks and whose presence is usually invisible to network users (as distinct from a gateway, whose presence is generally visible) .
Business Process Owner: An individual who has the responsibility for a management process in support of a business function.
Central Mainame: A mainframe of any type, which constitutes the centre of a DP-network and to which all other components of the network are connected.
Cerfication: The technical evaluation, made as part of and in support of the accreditation process, that establishes the extent to which a particular computer system or network design and implementation meet a pre-specified set of security requirements.
Channel: A path along which signals can be sent, e.g. data channel, output channel.
Checksum: In data processing and data communications, the summation of a set of data items associated with the set for checking purposes. The data items are either numerals, bits or other character strings regarded as numerals for the purpose of the calculation.
Cipher System: It includes the algorithms, the hardware (and soware if applicable), the key management and the rules of use.
Ciphertet: Unintelligible text or signals produced through the use of cryptographic systems.
Circuit Switching: In data communications, a method in which a connection is established on demand and maintained between data stations in order to allow the exclusive use of a data circuit until the connection is released.
Communication: The process of transferring information by various media from one point, person or device to another.
Communication Security: All processes involved by the requirements for confidentiality authentication and integrity of message exchange.
Communication System: Any system where by a source of information is enabled to convey that information, with due regard for efficiency and reliabilib, to a destination. Such a system may contain more than one source and/or more than one destination, in which case it is called a communication network.
Compromise: An unauthorised disclosure or loss of sensitive information.
Computer: A device which performs pre-specified computations on any valid set of input data and delivers results within defined levels of accuracy. A term is used for electronic digital computer.
Computer Netvorks: A computer network is a network for interconnecting computer systems to allow the fast and easy flow of data between the systems and users of the systems. Computer networks have evolved from the development in data communications and computers.
Computer System: A collection of hardware, firmware, software, sufficient to establish the processing of information.
Confidentialty: A concept which applies to data. It is the status accorded to data which has been agreed upon between the person or organisation furnishing the data and the organisation receiving it, and which describes the degree of protection to be provided.
Configuration Management: The management of an inventory, configuration conditions, lists all hardware and software system components, in order to provide audit evidence.
Console: An interactive terminal connected to a computer or electronic system usually for the purposes of administration.
Contingeny Plan: Plan for making recovery as rapid as possible with minimal disruption, in the event of a disaster.
Controlled Access: Synonym for access control.
Countermeasures: The methods of any type (e.g. physical, procedural, hardware, software, personnel) employed to counteract a threat to the system.
Cryptographic Checkfunction: Information which is derived by performing a cryptographic process on the data unit. The derivation of the checkfunction may be performed in one or more steps and is a result of a mathematical functions of the key and a data unit. It is usually used to check the integrity of a data unit.
Cryptography: The protection of a message so as to render it unintelligible to other than authorised recipients. Many techniques are known for the conversion of the original message, known as plain text, into its encrypted form, known as cipher, ciphertext, or code.
Customer-facing: The part of an organisation which directly interfaces with its clients. An example of this would be a bank's branch office where the cashier comes into direct contact with customers.
Data: Information with a specific physical presentation.
Data Integrity: The state that exists when computerised data is the same as that in the source and has not been exposed to accidental or malicious alterations or destruction.
Data Origin Authentication: The corroboration that the source of data received is as claimed.
Data Security: The science and study of methods of protecting data in computer and communications systems against unauthorised disclosure, transfer, modifications or destruction whether accidental or intentional.
Database Administration: The realisation of centralised planning and control within a database system.
Deliberate Threat: The threat of a person or persons consciously and willingly attacking the computer system (synonym to Intentional Threat) .
Denial of Service: The prevention of authorised access to system assets or the delaying of time-critical operations.
Dial Back: A procedure established for positively identifying a terminal dialling into a computer system by disconnecting the calling terminal and re-establishing the connection by the computer system's dialling the telephone number of the calling terminal.
Digital Signature: Part of a message which authenticates the source and the contents of the message.
Eavesdropping: The unauthorised interception of information-bearing emanations through the use of methods other than wiretapping.
Ecrypption: A method of protecting data by enciphering or encoding it in order to change it from plain text into an unintelligible form. Text thus becomes unreadable and cannot be understood. Encryption can be used as a countermeasure to combat unauthorised attempts to read files or to intercept communications.
Encryption Algorithm: A set of mathematically expressed rules for rendering information unintelligible by effecting a series of transformations through the use of variable elements controlled by the application of a key to the normal representation of the information. Synonymous with privacy transformation.
Exclusive LAN: A LAN with restricted authorised users, within secure BT premises, and not connected to any other network.
Formal proof: A complete and convincing mathematical argument, presenting the full logical justification for each proof step, for the truth of a theorem or a set of theorems. The formal verification process uses formal proofs to show the truth of certain properties of formal specification and for showing that computer programs satisfy their specifications.
Formal Security Policy Model: A mathematically precise statement of a security policy. To be adequately precise, such a model must represent the initial state of a system, the way in which the system progresses from one state to another, and a definition of a "secure" state of the system. To be acceptable as a basis for a Trusting Computing Base, the model must be supported by a formal proof that if the initial state for the system satisfies the definition of a "secure" state and if all assumptions required by the model hold, then all future states of the system will be secure.
Formal Top-level Specification (FTLS): A Top-Level Specification that is written in a formal mathematical language to allow theorems showing the correspondence of the system specification to its formal requirements to be hypothesised and formally proven.
Formal Verification: The process of using formal proofs to demonstrate the consistency (design verification) between a formal specification or a system and a formal security policy model or (implementation verification) between the formal specification and its program implementation.
Game: Software specifically for recreational purposes.
Gateway: A device that interconnects two networks, and whose presence is usually visible to network users (as distinct from a bridge, whose presence is generally not visible) .
Hacker: In computing, a computing enthusiast. The term is normally applied to people who take a delight in experimenting with system hardware, software and communication systems. Recently the term has been associated with those who misuse computers for the purpose of nuisance, espionage, or fraud.
Integrity: See system integrity and data integrity.
Integrity Level: An integrity level is assigned to information (object), on the basis of possible widespread security damage caused by information sabotage.
Interface: In electronics, a shared boundary between two related devices or components defined for the purpose of specifying the type and form of signals passing between them.
Key Lock: A physical lock used to secure an electronic system.
Key Management: In cryptography, keys are required for encipherment and authentication. These procedures provide no security when the keys have been handled incorrectly. Key management implies the effective creation, storage, transmission, installation and eventual destruction of keys.
Link Encryption: The transfer of an encrypted message across a system where the message is decrypted and re-encrypted after each stage of its journey. Typically, link encryption is used in a switched communication network where the message is decrypted at each switching node to read the routing information prior to re-encryption and onward transmission via the appropriate switch outlet.
Local Area Network: In data communications, a high bandwidth bidirectional communications network which operates over a limited geographic area, typically on an office building or a college campus.
Logging: The recording of processes, including initial parameters, to allow a detailed view into the activities of a system.
Logic Bomb: A program segment which, during execution, performs unwanted changes to programs and/or data.
Logical Security: Collection of measures which protect the value of system data and the ways in which the data is used.
Logical Ihreat: The possibility of destruction alteration or monitoring of software or data It would be realised by logical manipulation within the system rather than by a physical attack.
Mainframe: In computing, a term normally applied to a large general purpose computer installation serving a major section of an organisation or institution.
Masuerade: The pretence by an entity to be a different entity in order to gain unauthorised access to resources.
Message: A collection of data to be moved as a logical entity within an information network.
Multi-user System: A system which allows the simultaneous execution of a number of jobs by timesharing.
Multilevel Secure: A class of system containing information with different sensitivities that simultaneously permits access by users with different security authorisations and needs-to-know, but prevents users from obtaining access to information for which they lack authorisation.
Need-to-know: An administrative action certifying that a given individual requires access to specified privacy marked information in order to perform his assigned duties. The combination of an authorisation and a need-to-know constitutes the necessary and sufficient conditions for granting access to privacy marked information.
Network: See computer networks.
Network Management: In communications, the systematic procedures necessary to plan organise and control an evolving communication network with optimum costs and performance
Non repudiation: Characteristic of an authentication process that enables a third party to ensure that a message has been sent and received without modification or duplication.
Office System: Computer-based systems to enhance the effectiveness and productivity of people who work in offices.
One time password: A password that is used only once. Usually a list exists that is successively exhausted.
One-way Function: A function is said to be "one-way" if the problem of finding its inverse is computationally unfeasible.
One-way Encryption: An method of encryption that employs a one-way function.
Operating System (OS): The set of software products that jointly controls the system resources and the processes using these resources on a computer system.
Packet Assembler/Disassembler (PAD): In packet switching networks, a device that converts the character stream, suitable for a simple terminal, to packets and vice versa.
Password: Ordered set of alphanumeric characters the knowledge of which is used to authenticate an entity.
Passive threat: A potential breach of security, the occurrence of which would not change the state of the system. Hardware, software, data etc. would remain unaltered. Ihe breach would normally take the form of people reading files without changing them.
Passive Wlretapping: The monitoring and or recording of data while the data is being transmitted over a communications link.
Penetration Testing: The testing of an operational system for security weaknesses while attempting to override system privileges.
Physical Security: The use of locks, guards, badges, and similar administrative measures to control access to the computer and related equipment, and the measures required for the protection of the structures housing the computer, related equipment and their contents from damage by accident, fire, environmental hazards, crime, vandalism, industrial espionage, and so on.
Plain text: Data which exists in an unenciphered form.
Privacy: Privacy is a concept which applies to an individual. It is the right of an individual to decide what information is shared with others.
Privacy marking: Privacy markings are used to identify information which requires a level of protection above that of information available to the general public (see the information Securiy Code).
Process (task): A stream of activity. A process is defined by its code, i.e. the ordered set of machine instructions defining the actions that the process is to take, the contents of its workspace, i.e. the set of data values that it can read, write, and manipulate, and its process descriptor, which defines the current status of any resources that are allocated to the process.
Program: A set of statements that can be submitted as a unit to some computer system and used to direct the behaviour of that system.
Protocol: In data communications, a formally specified set of conventions governing the format and control of inputs and outputs between two communicating systems.
Reliability: Reliability reflects the ability to perform an intended function accurately within a specific time.
Repudiation: Denial by one of the entities involved in a communication of having participated in all or part of the communication.
Resource: In a system, any function, device, or data collection that may be allocated to users or programs.
Risk: The potential danger of loss to an organisation as, for example, that resulting from the misuse of its computer, usually involving an assessed balance between threat and vulnerability. This may involve unauthorised disclosure, unauthorised modification, and/or loss of information resources, as well as the authorised but incorrect use of a computer. Risk can be measured to some extent by performing risk analysis.
Risk Analysis (RA): A comprehensive concept for defining and analysing threats to, and vulnerabilities of, computer system assets and capabilities, and for supplying management with information suitable for a decision in order to optimise investment in security countermeasures.
Security: See Administrative Security; Communications Security; Logical Security; Physical Security; Traffic Flow Security.
Security Model: A security model defines the security rules that every implementation must enforce. It may reflect the demands of a general security policy on a particular application environment. A security model can act as a basis both for users to understand system operation and for system design. It is stated formally and used as a basis for formal specification proofs. The security model rigorously defines system security.
Security Policy: The set of laws, rules, and practices regulating how an organisation, computer system manages, protects, and distributes sensitive information.
Security-Relevant Events: All occurrences which alter the status of sensitive data and/or can be determined as extraordinary. They involve the action of security functions.
Segregation of Duties: Part of orderly data processing. llle practice demands that functions, such as programming, operating and controlling are performed by different people in order to enhance mutual control.
Sensitive Information: Information that, as determined by a competent authority, must be protected because its unauthorised disclosure, alteration, loss, or destruction will cause perceivable damage to someone or something.
Sensitivity: See Confidentiality.
Sensitivity Labe1: A piece of information representing the security level of an object and that describes the sensitivity of the data in the object. Sensitivity labels are used to mediate access according to an access policy.
System Integrity: The state that exists when there is complete assurance that under all conditions an lT system is based on the logical correctness and reliability of the operating system, the logical completeness of the hardware and software that implement the protection mechanisms, and data integrity.
System: The composite of hardware, software, users and data to fulfil all or part of a business process.
System Administrator: An administrator of an electronic system, responsible for the day to day operation.
System Supplier: Those who supply software and perhaps hardware components for the purposes of constructing a system often to a specific set of end-user written requirements.
TEMPEST: The study and control of spurious electronic signals emitted from electronic equipment.
Terminal: A data input and/or output device that is connected to a controlling processor to which it is subservient and usually remote. There are a very wide range of terminal types.
Terminal Identity TID: In computing, a terminal identification code enabling a computer to recognise a terminal uniquely.
Threat: A potential violation of the security of the system.
Threat Analysis: An important step carried out in Risk Analysis in order to determine the possible threat in a computer installation which may affect the organisation.
Top Level Specification (TLS): A non-procedural description of system behaviour at the most abstract level. Typically, a functional specification that omits all information details.
Traffic Flow Security: The protection that results from those features in some crypto-equipment that conceal the presence of valid messages on a communications circuit, usually by causing the circuit to appear busy at all times, or by encrypting the source and destination addresses of valid messages.
Trap Door: A hidden software or hardware mechanism that permits system protection mechanisms to be circumvented. It is activated in some non-apparent manner (e.g., special "random" key sequence at a terminal) .
Trojan Horse: A computer program with an apparently or actually useful function that contains additional (hidden) functions that surreptitiously exploit the legitimate authorisation of the invoking process to the detriment of security.
Trusted Computing Base (TCB): The totality of protection mechanisms within a computer system - including hardware, firmware, and software - the combination of which is responsible for enforcing a security policy. It creates a basic protection environment and provides additional user services required for a trusted computer system. The ability of a trusted computing base to correctly enforce a security policy depends solely on the mechanisms within the TCB and on the correct input by system administrative personnel of parameters (e.g., a user's clearance) related to the security policy.
User: Any person who interacts directly with a computer system.
User Identity (UID): In computing, a user identification code enabling a computer to recognise an individual uniquely.
Vendor: An individual or company who supplies generic components used in the construction of systems.
Verification (Validation): The process of comparing two levels of system specification for proper correspondence (e.g., security policy model with Top-Level Specification. TLS with source code, or source code with object code). This process may or may not be automated.
virus: A program segment that can 'infect' other programs by modifying them to indude a possibly evolved copy of itself With the infection property, a virus can spread throughout a computer system or network using the authorisations of every user using it to infect their programs. Every program that gets infected may also act as a virus and thus the infection grows.
Vulnerability: A design, implementation, or operation flaw that may be exploited by a threat; the flaw causes the computer system or application to operate in a fashion different from its published specifications, and to result in destruction or misuse of equipment or data.
Wide Area Network: Two types of WAN have to be distinguished. The first type connects different networks and the second type connects distant located devices of any kind.
Wire Tapping: To cut or tap a communication channel to intercept a message.
Worm: A program segment that can propagate throughout a computer system or network, using the authorisation of the user using it, to delete other programs and data. The name of the threat is caused by the ability of the worms to change host program, thereby propagating.
X.25: The CCITT standard interface protocol for packet switching networks that defines the message structure required by data terminal equipment (DTE) to interface to a public packet network conforming to CClTT standards. The X25 standard layer, the link layer, and the network (or packet) layer. Iese three levels conform to the lower three layers of the ISO seven-layer reference model for open system interconnection.