frame results from the CPAN

Amethyst
emanations => See compromising emanations.
embedded system => A system that performs or controls a function, either in whole or in part, as an integral element of a larger system or subsystem.
emergency plan => Synonymous with contingency plan.
emission security => The protection resulting from all measures taken to deny unauthorized persons information of value that might be derived from intercept and from an analysis of compromising emanations from systems=2E
encryption => The process of making information indecipherable to protect it from unauthorized viewing or use, especially during transmission or storage. Encryption is based on an algorithm and at least one key. Even if the algorithm is known, the in...
end user => A person in contact with a target of evaluation who makes use only of its operational capability.
end to end encryption => The protection of information passed in a telecommunications system by cryptographic means, from point of origin to point of destination.
ETL => Endorsed Tools List - The list of formal verification tools endorsed by the NCSC for the development of systems with high levels of trust=2E
environment => (1) All entities - users, procedures, conditions, objects, AISs (automated information systems), and other IT (information technology) products - that interact with (affect the development, operation, and maintenance of) an IT product....
erasure => A process by which a signal recorded on magnetic media is removed. Erasure is accomplished in two ways: (1) by alternating current erasure, by which the information is destroyed by applying an alternating high and low magnetic field to the...
evaluation => Technical assessment of a component's, product's, subsystem's, or system's security properties that establishes whether or not the component, product, subsystem, or system meets a specific set of requirements. Note: Evaluation is a term...
evaluation assurance => Source of IT product assurance based on the kind and intensity of the evaluation analysis performed on the product.
ealuation assurance Component => Fundamental building block, specifying the type and the rigor of required evaluation activities, from which evaluation assurance requirements are assembled.
evaluation assurance package => Grouping of evaluation assurance components assembled to ease specification and common understanding of the type and the rigor of re- quired evaluation activities.
evaluation assurance requirements => Requirements in a protection profile which address both the type and the rigor of activities that must occur during product evaluation.
evaluation criteria => A set of requirements defining the conditions under which an evaluation is performed. These requirements can also be used in specification and development of systems and products.
evaluator => the independent person or organisation that performs an evaluation.
evaluator actions => a component of the evaluation criteria for a particular phase or aspect of evaluation, identifying what the evaluator must do to check the information supplied by the sponsor of the evaluator, and the additional activities he mus...
evaluators => Individuals or groups responsible for the independent assessment of IT product security (e.g., product evaluators, system security officers, system certifiers, and system accreditors).
executive state => (1) One of several states in which a system may operate and the only one in which certain privileged instructions may be executed. Such instructions cannot be executed when the system is operating in other (for example, user) state...
explain => Give required information and show that it satisfies all relevant requirements.
exploitable channel => Covert channel that is usable or detectable by subjects external to the AIS's trusted computing base and can be used to violate the AIS's technical security policy. (See covert channel.)
external security controls => Measures which include physical, personnel, procedural, and administrative security requirements and a separate certification and accreditation process that govern physical access to an IT product. <br><br>Note: These me...
fail safe => Pertaining to the automatic protection of programs and/or processing systems to maintain safety when a hardware or software failure is detected in a system.
fail soft => Pertaining to the selective termination of affected nonessential processing when a hardware or software failure is detected in a system.
failure access => An unauthorized and usually inadvertent access to data resulting from a hardware or software failure in the system.
failure control => The methodology used to detect and provide fail-safe or fail-soft recovery from hardware and software failures in a system.
family => Grouping of related components that all address the same type of
fault => A condition that causes a device or system component to fail to perform in a required manner.
fetch protection => (1) A system-provided restriction to prevent a program from accessing data in another user's segment of storage. (2) The aggregate of all processes and procedures in a system designed to inhibit unauthorized access, contamination,...
file protection => The aggregate of all processes and procedures in a system designed to inhibit unauthorized access, contamination, or elimination of a file.
file security => The means by which access to computer files is limited to authorized users only.
flaw => An error of commission, omission, or oversight in a system that allows protection mechanisms to be bypassed.
flaw hypothesis methodology => A system analysis and penetration technique where specifications and documentation for the system are analyzed and then flaws in the system are hypothesized.  The list of hypothesized flaws is then prioritized on the ba...
formal => Based upon precise and unambiguous syntax and semantics. -  Human user - A person who interacts with the TOE.
formal development methodology => A collection of languages and tools that enforces a rigorous method of verification.  This methodology uses the Ina Jo specification language for successive stages of system development, including identification and ...
formal model of security policy => an underlying model of security policy expressed in a formal style, i.e. an abstract statement of the important principles of security that a TOE will enforce. 
formal proof => A complete and convincing mathematical argument, presenting the full logical justification for each proof step, for the truth of a theorem or set of theorems.  The formal verification process uses formal proofs to show the truth of ce...
formal specification => Statement about a product made using the restricted syntax and grammar of a formal reasoning system and a set of terms that have been precisely and uniquely defined of specified. Note: The formal statement should be augmented ...
FTLS => Formal Top-Level Specification - A Top-Level Specification that is written in a formal mathematical language to allow theorems showing the correspondence of the system specification to its formal requirements to be hypothesized and formally p...
formal verification => The process of u sing formal proofs to demonstrate the consistency (design verification) between a formal specification of a system and a formal security policy model or (implementation verification) between the formal specific...
formal access approval => Documented approval by a data owner to allow access to a particular category of information.
formal security policy model => A mathematically precise statement of a security policy.  To be adequately precise, such a model must represent the initial state of a system, the way in which the system progresses from one state to another, and a def...
security filter => A security filter, which could be implemented in hardware or software, that is logically separated from the remainder of the system to protect the system's integrity.
functional component => Fundamental building block, specifying what an IT product must be capable of doing, from which functional protection requirements are assembled.
functional package => Grouping of functional components assembled to ease specification and common understanding of what an IT product is capable of doing.
functional protection requirements => Requirements in a protection profile which address what conforming IT products must be capable of doing.
functional testing => The portion of security testing in which the advertised features of a system are tested for correct operation.
functional unit => a functionally distinct part of a basic component.
functionality => The totality of functional properties of a TOE that contributes to security.
functionality class => a predefined set of complementary security enforcing functions capable of being implemented in a Target of Evaluation.
general-purpose system => A computer system that is designed to aid in solving a wide variety of problems.
generic threat => Class of threats with common characteristics pertaining to vulnerabilities, agents, event sequences, and resulting misfortunes=2E
global requirements => Those which require analysis of the entire system and for which separate analysis of the individual TCB (trusted computing base) subsets does not suffice.
granularity => Relative fineness or coarseness to which an access control mechanism or oth- er IT product aspect can be adjusted. Note: Protection at the file level is considered course granularity, whereas protection at the field level is considered...
group => Named collection of user identifiers.
gypsy verification environment => An integrated set of tools for specifying, coding, and verifying programs written in the Gypsy language, a language similar to Pascal which has both specification and programming features.  This methology includes an...
handshaking procedure => A dialogue between two entities (e.g., a user and a computer, a computer and another computer, or a program and another program) for the purpose of identifying and authenticating the entities to one another.
hierarchical decomposition => the ordered, structured reduction of a system or a component to primitives.
hierarchical development methodology => A methodology for specifying and verifying the design programs written in the Special specification language. The tools for this methodology include the Special specification processor, the Boyer-Moore theorem ...
host => any computer-based system connected to the network and containing the necessary protocol interpreter software to initiate network access and carry out information exchange across the communications network. This definition encompasses typical...
identification => The process that enables recognition of an entity by a system, generally by the use of unique machine-readable user names.
impersonating => Synonymous with spoofing.
implementation => a phase of the Development Process wherein the detailed specification of a Target of Evaluation is translated into actual hardware and software.
individual accountability => The ability to associate positively the identity of a user with the time, method, and degree of access to a system.
informal => Expressed in natural language.
informal specification => Statement about (the properties of) a product made using the gram- mar, syntax, and common definitions of a natural language (e.g., English). >Note: While no notational restrictions apply, the informal specification is also ...
information protection policy => Set of laws, rules, and practices that regulate how an IT product will, within specified limits, counter threats expected in the product's assumed operational environment.
ISSO => Information System Security Officer  -  The person responsible to the DAA for ensuring that security is provided for and implemented throughout the life cycle of an AIS from the beginning of the concept development plan through its design, de...
ITSEC => Information Technology Security Evaluation Criteria - European security evaluation criteria for targets of evaluation (TOE).
information flow control => A procedure to ensure that information transfers within a system are not made from a higher security level object to an object of a lower security level.  See covert channel, simple security property, star property (*-prop...
information processing standard => A set of detailed technical guidelines used to establish uniformity to support specific functions and/or interoperability in hardware, software, or telecommunications development, testing, and/or operation.
information protection policy => Set of laws, rules, and practices that regulate how an IT (information technology) product will, within specified limits, counter threats expected in the product's assumed operational environment.
IT => Information Technology - An international term for an information system, which consists of one or more automated information systems (AISs) or computer systems and communications systems.
integrity => a) The property that information or resources are not improperly affected.	b) The  property  that  assumptions  about  the  known  or expected  state  of information or resources remain true.
integrity policy => a security policy to prevent unauthorized users from modifying, viz., writing, sensitive information. See also Security Policy.
interdiction => See denial of service - DOS.
internal security controls => Mechanisms implemented in the hardware, firmware, and soft- ware of an IT product which provide protection for the IT product.
internal subject => a subject which is not acting as direct surrogate for a user. A process which is not associated with any user but performs system-wide functions such as packet switching, line printer spooling, and so on. Also known as a daemon or...
interoperability => The ability of computers to act upon information received from one another.
isolation => The containment of subjects and objects in a system in such a way that they are separated from one another, as well as from the protection controls of the operating system.
IT Security => The state of security in an IT system.
IT System => A specific IT installation, with a particular purpose and operational environment.
key management => A method of electronically transmitting, in a secure fashion, a secret key for use with a secret key cryptographic system. Key management can be used to support communications privacy. This method can be accomplished most securely w...
key escrow system => An electronic means of reconstructing a secret key (for secret key encryption) or a private key (for public key encryption)=2E The reconstructed key can then be used in a process to decrypt a communication.
key => A long string of seemingly random bits used with cryptographic algorithms to create or verify digital signatures and encrypt or decrypt messages and conversations. The keys must be known or guessed to forge a digital signature or decrypt an en...
label => see Security Label and Sensitivity Label.
lattice => A partially ordered set for which every pair of elements has a greatest lower bound and a least upper bound.
least privilege => The principle that requires that each subject be granted the most restrictive set of privileges needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, erro...
limited access => Synonymous with access control.
list oriented => A computer protection system in which each protected object has a list of all subjects authorized to access it.  Compare ticket-oriented.
local requirements => Those for which separate analysis of the individual TCB (trusted computing base) subsets suffices to determine compliance for the composite TCB. (See the trusted database interpretation of the Trusted Computer System Evaluation ...
lock and key protection system => A protection system that involves matching a key or password with a specific access requirement.
logic bomb => A resident computer program that triggers the perpetration of an unauthorized act when particular states of the system are realized.
loophole => An error of omission or oversight in software or hardware that permits circumventing the system security policy.
*-property => (Star Property) - A Bell-LaPadula security model rule allowing a subject write access to an object only if the security level of the subject is dominated by the security level of the object.  Also known as the Confinement Property.
star property => A Bell-LaPadula security model rule allowing a subject write access to an object only if the security level of the subject is dominated by the security level of the object.  Also known as the Confinement Property.
machine user => A  machine,  group  of  machines  or  other  logical  entity outside  of  the  TOE  with interacts with the TOE.
magnetic remanence => A measure of the magnetic flux density remaining after removal of the applied magnetic force.  Refers to any data remaining on magnetic storage media after removal of the power.
maintenance hook => Special instructions in software to allow easy maintenance and additional feature development.  These are not clearly defined during access for design specification.  Hooks frequently allow entry into the code at unusual points or...
malicious logic => Hardware, software, or firmware that is intentionally included in a system for an unauthorized purpose; e.g., a Trojan horse.
mandatory access control => A means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of ...
masquerading => Synonymous with spoofing.
mechanism => Operating system entry point or separate operating system support program that performs a specific action or related group of actions.
metadata => (1) Data referring to other data; data (such as data structures, indices, and pointers) that are used to instantiate an abstraction (such as "process," "task," "segment," "file," or "pipe"). (2) A special database, also referred to as a d...
mimicking => Synonymous with spoofing.
modes of operation => A description of the conditions under which an AIS functions, based on the sensitivity of data processed and the clearance levels and authorizations of the users.
multilevel device => A device that is used in a manner that permits it to simultaneously process data of two or more security levels without risk of compromise.  To accomplish this, sensitivity labels are normally stored on the same physical medium a...
multilevel secure => A class of system containing information with different sensitivities that simultaneously permits access by users with different security clearances and needs-to- know, but prevents users from obtaining access to information for ...
multilevel security mode => the mode of operation that allows two or more classification levels of information to be processed simultaneously within the same system when some users are not cleared for all levels of information present. Compare Dedica...
mutually suspicious => The state that exists between interacting processes (subsystems or programs) in which neither process can expect the other process to function securely with respect to some property. 
NCSC => National Computer Security Center - Originally named the DoD Computer  Security Center, the NCSC is responsible for encouraging the widespread availability of trusted computer systems throughout the Federal Government.
NSDD 145 => National Security Decision Directive 145 - Signed by President Reagan on l7 September l984, this directive is entitled "National Policy on Telecommunications and Automated Information Systems Security." It provides initial objectives, pol...
NTISSD => National Telecommunications and Information System Security Directives - NTISS Directives establish national-level decisions relating to NTISS policies, plans, programs, systems, or organizational delegations of authority. NTISSDs are promu...
NTISSI => National Telecommunications and Information Systems Security Advisory Memoranda/ Instructions - NTISS Advisory Memoranda and Instructions provide advice, assistance, or information of general interest on telecommunications and systems secur...
need to know => (1) Access to, or knowledge or possession of, specific information required to carry out official duties. (2) The necessity for access to, knowledge of, or possession of specific information required to carry out official duties.
network architecture => the set of layers and protocols (including formats and standards that different hardware/software must comply with to achieve stated objectives) which define a Network.
network component => a network subsystem which is evaluatable for compliance with the trusted network interpretations, relative to that policy induced on the component by the overall network policy.
network connection => A network connection is any logical or physical path from one host to another that makes possible the transmission of information from one host to the other. An example is a TCP connection. But also, when a host transmits an IP ...
network reference monitor => an access control concept that refers to an abstract machine that mediates all access to objects within the network by subjects within the network.
network security => the protection of networks and their services from unauthorized modification, destruction, or disclosure. Providing an assurance that the network performs its critical functions correctly and there are no harmful side-effects. Inc...
network security architecture => a subset of network architecture specifically addressing security-relevant issues.
network sponsor => the individual or organization that is responsible for stating the security policy enforced by the network, for designing the network security architecture to properly enforce that policy, and for ensuring that the network is imple...
network system => a system which is implemented with a collection of interconnected network components. A network system is based on a coherent security architecture and design.
NTCB => Network trusted computing base - the totality of protection mechanisms within a network system -- including hardware, firmware, and software -- the combination of which is responsible for enforcing a security policy. (See also Trusted Computi...
network front end => A device that implements the necessary network protocols, including security-related protocols, to allow a computer system to be attached to a network.
nondiscretionary access control => Means of restricting access to objects based largely on administrative actions. (See mandatory access control=2E)
normal operation => Process of using a system.
object => A passive entity that contains or receives information. Access to an object potentially implies access to the information it contains.  Examples of objects are:  records, blocks, pages, segments, files, directories, directory trees, and pro...
object reuse => The reassignment and reuse of a storage medium (e.g., page frame, disk sector, magnetic tape) that once contained one or more objects.  To be securely reused and assigned to a new subject, storage media must contain no residual data (...
open security environment => An environment that includes those systems in which at least one of the following conditions holds true: (l) Application developers (including maintainers) do not have sufficient clearance or authorization to provide an a...
operating procedure => a set of rules defining correct use of a Target of Evaluation.
operation => the process of using a Target of Evaluation.
operational documentation => the information produced by the developer of a Target of Evaluation to specify and explain how customers should use it.
OPSEC => Operations Security - An analytical process by which the U.S. Government and its supporting contractors can deny to potential adversaries information about capabilities and intentions by identifying, controlling, and protecting evidence of t...
orange book => Alternate name for DoD Trusted Computer Security Evaluation Criteria.
OSI => The International Organization for Standardization provides a framework for defining the communications process between systems. This framework includes a network architecture, consisting of seven layers. The architecture is referred to as the...
output => Information that has been exported by a TCB.
overt channel => an overt channel is a path within a network which is designed for the authorized transfer of data.
overwrite procedure => A stimulation to change the state of a bit followed by a known pattern.  See magnetic remanence.
owner => User granted privileges with respect to security attributes and privileges affecting specific subjects and objects.
package => A set of components combined together to satisfy a set of identified objectives.
partial order => A relation that is symmetric (a is related to a), transitive (if a is related to b and b is related to c, then a is related to c), and antisymmetric (if a is related to b and b is related to a, then a and b are identical.)
partitioned security mode => A mode of operation wherein all personnel have the clearance but not necessarily formal access approval and need-to-know for all information contained in the system.  Not to be confused with compartmented security mode.
passive => (1) A property of an object or network object that it lacks logical or computational capability and is unable to change the information it contains. (2) Those threats to the confidentiality of data which, if realized, would not result in a...
password => Protected/private character string used to authenticate an identity or to authorize access to data.
penetration => the successful violation of a protected system.
penetration testing => tests performed by an evaluator on the Target of Evaluation in order to confirm whether or not known vulnerabilities are actually exploitable in practice.
penetration signature => The characteristics or identifying marks that may be produced by a penetration.
penetration study => A study to determine the feasibility and methods for defeating controls of a system.
periods processing => The processing of various levels of sensitive information at distinctly different times.  Under periods processing, the system must be purged of all information from one processing period before transitioning to the next when th...
permissions => A description of the type of authorized interactions a subject can have with an object.  Examples include: read, write, execute, add, modify, and delete.
personnel security => The procedures established to ensure that all personnel who have access to sensitive information have the required authority as well as appropriate clearances.
physical security => The application of physical barriers and control procedures as preventive measures or countermeasures against threats to resources and sensitive information.
piggyback => Gaining unauthorized access to a system via another user's legitimate connection.  See between-the-lines entry.
plaintext => See cleartext.
PPL => Preferred Products List - A list of commercially produced equipments that meet TEMPEST and other requirements prescribed by the National Security Agency. This list is included in the NSA Information Systems Security Products and Services Catal...
primitive => An ordering relation between TCB subsets based on dependency (see "depends" above). A TCB subset B is more primitive than a second TCB subset A (and A is less primitive than B) if (a) A directly depends on B or (b) a chain of TCB subsets...
print suppression => Eliminating the displaying of characters in order to preserve their secrecy; e.g., not displaying the characters of a password as it is keyed at the input terminal.
privacy => (1) the ability of an individual or organization to control the collection, storage, sharing, and dissemination of personal and organizational information. (2) The right to insist on adequate security of, and to define authorized users of,...
private key =>  The undisclosed key in a matched key pair - private key and public key - that each party safeguards for public key cryptography.
privilege => Special authorization that is granted to particular users to perform security rel- evant operations.
privileged instructions => A set of instructions (e.g., interrupt handling or special computer instructions) to control features (such as storage protection features) that are generally executable only when the automated system is operating in the ex...
procedural security => Synonymous with administrative security.
process => a program in execution. It is completely characterized by a single current execution point (represented by the machine state) and address space.
producers =>  Providers of IT (information technology) product security (for example, product vendors, product developers, security analysts, and value-added resellers).
product => A package of IT software and/or hardware, providing functionality designed for use or incorporation within a multiplicity of systems.
product rationale => a description of the security capabilities of a product, giving the necessary information for a prospective purchaser to decide whether it will help to satisfy his system security objectives.
production =>  the process whereby copies of the Target of Evaluation are generated for distribution to customers.
profile => Detailed security description of the physical structure, equipment component, lo- cation, relationships, and general operating environment of an IT product or AIS. (See Protection Profile.) 
profile assurance => Measure of confidence in the technical soundness of a protection profile.
proprietary information => Information that is owned by a private enterprise and whose use and/or distribution is restricted by that enterprise. <br><br>Note: Proprietary information may be related to the company's products, business, or activities, ...
protection philosophy => An informal description of the overall design of a system that delineates each of the protection mechanisms employed.  A combination (appropriate to the evaluation class) of formal and informal techniques is used to show that...
PP => Protection Profile - A  combination  of  security  requirements including  assurance  and  functional requirements with associated rationale and target environment
protection ring =>  One of a hierarchy of privileged modes of a system that gives certain access rights to user programs and processes authorized to operate in a given mode. 
protocols => A set of rules and formats, semantic and syntactic, that permits entities to exchange information.
pseudoflaw => An apparent loophole deliberately implanted in an operating system program as a trap for intruders.
public key cryptography => Cryptography using two matched keys (or asymmetric cryptography) in which a single private key is not shared by a pair of users. Instead, users have their own key pairs. Each key pair consists of a matched private and publi...
purge =>  The removal of sensitive data from an AIS, AIS storage device, or peripheral device with storage capacity, at the end of a processing period. This action is performed in such a way that there is assurance proportional to the sensitivity of ...
rating => a measure for the assurance that may be held in a Target of Evaluation, consisting of a reference to its security target, an evaluation level established by assessment of the correctness of its implementation and consideration of its effect...
RC2 => (Rivest Cipher 2 ): Two secret key encryption systems that are implemented in mass-market software. These systems are proprietary and are marketed by RSA Data Security, Inc. RC2 and RC4 can be used with various key lengths, such as 40 bits or ...
read => A fundamental operation that results only in the flow of information from an object to a subject.
read access => Permission to read information.
ROM => Read-Only Memory - A storage area in which the contents can be read but not altered during normal computer processing.
real time => The actual time in which something, such as the communication of information, takes place.
recovery procedures => The actions necessary to restore a system's computational capability and data files after a system failure.
refinements => Requirement in a protection profile taken to a lower level of abstraction than the component on which it is based. Note: The refinement of a component requirement is necessary when multiple environment-specific requirements must be ass...
reliability => The probability of a given system performing its mission adequately for a specified period of time under the expected operating conditions.
requirements => Phase of the Development Process wherein the top level definition of the functionality of the system is produced.
residual risk => The portion of risk that remains after security measures have been applied.
residue => Data left in storage after processing operations are complete, but before degaussing or rewriting has taken place.
resource => anything used or consumed while performing a function. The categories of resources are: time, information, objects (information containers), or processors (the ability to use information). specific examples are: CPU time; terminal connect...
restricted area => Any area to which access is subject to special restrictions or controls for reasons of security or safeguarding of property or material.
risk => The expected loss due to, or impact of, anticipated threats in light of system vulner- abilities and strength or determination of relevant threat agents.
risk analysis => The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards.  Risk analysis is a part of risk management.  Synonymous with risk assessment.
risk index => The disparity between the minimum clearance or authorization of system users and the maximum sensitivity (e.g., classification and categories) of data processed by a system.  See CSC-STD-003-85 and CSC-STD-004-85 for a complete explanat...
risk management => The total process of identifying, controlling, and eliminating or minimizing uncertain events that may affect system resources. It includes risk analysis, cost benefit analysis, selection, implementation and test, security evaluati...
( run in 0.768 second using v1.01-cache-2.11-cpan-df04353d9ac )