Glossary
B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z 

Algorithm
A set of ordered steps for solving a problem, such as a mathematical formula or the instructions in a program. a sequence of steps to solve a problem. In Internet security, an algorithm is the series of steps used in encryption that are involved in making a transparently understandable message into an unintelligible series of symbols.

Always-on Connections
High bandwidth connections to the Internet such as DSL (digital subscriber line), cable or ISDN (Integrated Services Digital Network) that provide high-speed, high capacity network connections that may be left on at all times without incurring extra subscription costs or disrupting other services, such as telephone or television service. Always-on connections have two important characteristics that increase security vulnerability. Firstly, because they are always on, they are always available for potential attackers to access. Secondly, always-on connections have static or unchanging IP addresses, making it easier for an attacker to return to previously compromised systems.

Anti-virus program
A piece of software that is installed on a personal computer that searches a hard disk and/or incoming files for viruses and removes any that are found.

Application
A computer program, also known as software, that allows users to perform specific functions. Examples of applications include word processing, database operations, e-mail, etc..

Application Level Gateway
A firewall system that inspects and filters data at the application level. Application level firewalls often re-address traffic so that outgoing traffic appears to have originated from the firewall, rather than the internal host.

Asymmetrical Encryption
A system of encryption that requires the use of both public and private keys. Asymmetrical encryption is considered more secure than symmetrical encryption.

Attachment
A file such as a text file, a graphics file or an HTML file, that is attached to, and then sent along with, an email message. In Internet security, applications are a concern because viruses are often transmitted in e-mail attachments. When the attachments are opened and executed, the virus is then released into the victim computer.

Attack
Any attempt to gain unauthorized access to data by knowingly circumventing security controls on a computer or a network. The attack may be perpetrated in order to view, modify or steal data without authorization or to control a computer in order to stage further attacks against a third-party system.

Audit
An audit refers to a series of steps used to gather information. A security audit is the process of testing whether or not an organization's security processes are in place and secure. Audits should be included as part of an organization's security strategy.

Authentication:
User authentication is the process of requesting information from users, to verify that they are who they say they are as a prerequisite to allowing access to resources in a system. The most common type of authentication asks for a user name and a password. Others require digital certificates or biometric information.



 

Privacy Statement
Copyright 2010, SecurityFocus