29 August 2019

Information Security: Firewall (Definitions)

"A device or program that blocks outsiders from accessing a computer connected to the Internet. Some firewalls also monitor data traffic outbound from a computer or network." (Andy Walker, "Absolute Beginner’s Guide To: Security, Spam, Spyware & Viruses", 2005)

"Software or devices that examine network traffic so that it may restrict access to network resources to unauthorized users." (Tom Petrocelli, "Data Protection and Information Lifecycle Management", 2005)

"A network security system used to monitor and restrict external and internal traffic." (Robert McCrie, "Security Operations Management" 2nd Ed., 2006)

"A firewall is part of a computer network or system that is designed to block unauthorized access over communications lines." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"A system level networking filter that restricts access based on, among other things, IP address. Firewalls form a part of an effective network security strategy. See Firewalls." (MongoDb, "Glossary", 2008)

"A piece of software that filters incoming and outgoing network traffic and stops messages that violate the rules that define allowable traffic." (Jan L Harrington, "Relational Database Design and Implementation" 3rd Ed., 2009)

"A computer system placed between the Internet and an internal subnet of an enterprise to prevent unauthorized outsiders from accessing internal data." (Paulraj Ponniah, "Data Warehousing Fundamentals for IT Professionals", 2010)

"A combination of specialized hardware and software set up to monitor traffic between an internal network and an external network (i.e. the Internet). Its primary purpose if for security and is designed to keep unauthorized outsiders from tampering with or accessing information on a networked computer system." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"Hardware and software that blocks outsiders from accessing your data and creates a secure environment for your data while permitting those with authorization, such as employees, to access information as needed." (Gina Abudi & Brandon Toropov, "The Complete Idiot's Guide to Best Practices for Small Business", 2011)

"System or group of systems that enforces an access-control policy between two networks." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"A device that is used to control access between two networks. Typically used when connecting a private network to the Internet as a way of protecting and securing the internal network from threats, hackers, and others. Also used when connecting two private networks (e.g., supplies, partners, etc.)." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"A network access control system that uses rules to block or allow connections and data transmission between a private network and an untrusted network, such as the Internet." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"A form of protection that allows one network to connect to another network while maintaining some amount of protection." ( Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Software or hardware designed to control traffic. A network-based firewall is typically hardware, and it controls traffic in and out of a network. A host-based firewall is software installed on individual systems and it controls traffic in and out of individual systems." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A a network security measure designed to filter out undesirable network traffic." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A gateway machine and its software that protects a network by filtering the traffic it allows" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"A security barrier on your computer or network that controls what traffic is allowed to pass through." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"Software that blocks hackers from accessing a computer by closing unnecessary services and ports." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"A network device designed to selectively block unauthorized access while permitting authorized communication to devices within a subnetwork." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

Information Security: Data Leak/Loss Prevention (Definitions)

"Attempts to prevent the loss of confidentiality of sensitive information by limiting the use of confidential information only for authorized purposes." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"A feature that protects data on laptops by enabling file-level authentication and secure erase options in the event that a laptop is lost or stolen." (CommVault, "Documentation 11.20", 2018)

"A set of technologies and inspection techniques used to classify information content contained within an object—such as a file, an email, a packet, an application or a data store - while at rest (in storage), in use (during an operation), or in transit (across a network). DLP tools also have the ability to dynamically apply a policy—such as log, report, classify, relocate, tag, and encrypt - and/or apply enterprise data rights management protections." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The actions that organizations take to prevent unauthorized external parties from gaining access to sensitive data." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"Data loss prevention (DLP; also known as data leak prevention) is a computer security term referring to systems that identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination, and so on) and with a centralized management framework. Systems are designed to detect and prevent unauthorized use and transmission of confidential information." (Robert F Smallwood, "Information Governance for Healthcare Professionals", 2018)

 "A capability that detects and prevents violations to corporate policies regarding the use, storage, and transmission of sensitive data. Its purpose is to enforce policies to prevent unwanted dissemination of sensitive information." (Forrester)

"A systems ability to identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage) through deep packet content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination, etc.), within a centralized management framework. Data loss prevention capabilities are designed to detect and prevent the unauthorized use and transmission of NSS information." (CNSSI 4009-2015 CNSSI 1011)

"Data loss protection (DLP) describes a set of technologies and inspection techniques used to classify information content contained within an object - such as a file, email, packet, application or data store - while at rest (in storage), in use (during an operation) or in transit (across a network). DLP tools are also have the ability to dynamically apply a policy - such as log, report, classify, relocate, tag and encrypt - and/or apply enterprise data rights management protections." (Gartner)

"Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer." (TechTarget) [source]

"Data loss prevention (DLP) makes sure that users do not send sensitive or critical information outside the corporate network. The term describes software products that help a network administrator control the data that users can transfer." (proofpoint) [source]

28 August 2019

Information Security: Data Breach (Definitions)

[data loss:] "Deprivation of something useful or valuable about a set of data, such as unplanned physical destruction of data or failure to preserve the confidentiality of data." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"The unauthorized disclosure of confidential information, notably that of identifying information about individuals." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"A failure of an obligation to protect against the release of secure data." (Janice M Roehl-Anderson, "IT Best Practices for Financial Managers", 2010)

"The release of secure information to an untrusted environment. Other terms for this occurrence include unintentional information disclosure, data leak, and data spill." (Craig S Mullins, "Database Administration", 2012)

"The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information." (Olivera Injac & Ramo Šendelj, "National Security Policy and Strategy and Cyber Security Risks", 2016)

"An incident in which sensitive, protected or confidential data has been viewed, stolen or used by an unauthorized body." (Güney Gürsel, "Patient Privacy and Security in E-Health", 2017)

[data leakage:] "The advertent or inadvertent sharing of private and/or confidential information." (Shalin Hai-Jew, "Beware!: A Multimodal Analysis of Cautionary Tales in Strategic Cybersecurity Messaging Online", 2018)

"A security incident involving unauthorized access to data." (Boaventura DaCosta & Soonhwa Seok, "Cybercrime in Online Gaming", 2020)

"An incident where information is accessed without authorization." (Nathan J Rodriguez, "Internet Privacy", 2020)

"A process where large amounts of private data, mostly about individuals, becomes illegally available to people who should not have access to the information." (Ananda Mitra & Yasmine Khosrowshahi, "The 2018 Facebook Data Controversy and Technological Alienation", 2021)

"This refers to any intentional or unintentional leak of secure or private or confidential data to any untrusted system. This is also referred to as information disclosure or data spill." (Srinivasan Vaidyanathan et al, "Challenges of Developing AI Applications in the Evolving Digital World and Recommendations to Mitigate Such Challenges: A Conceptual View", 2021) 

"When the information is stolen or used without consent of the system’s owner, the data stolen may cover confidential information like credit cards or passwords." (Kevser Z Meral, "Social Media Short Video-Sharing TikTok Application and Ethics: Data Privacy and Addiction Issues", 2021)

[data loss:] "The exposure of proprietary, sensitive, or classified information through either data theft or data leakage." (CNSSI 4009-2015)

27 August 2019

Information Security: Data Privacy (Definitions)

"Right of an individual to participate in decisions regarding the collection, use, and disclosure of information personally identifiable to that individual." (Reima Suomi, "Telework and Data Privacy and Security", 2008)

"Current United States laws provide protection to private data, including students’ performance data. Online distance education environments need to address privacy issues though design of courses and security features built into record keeping systems." (Gregory C Sales, "Preparing Teachers to Teach Online", 2009)

"Personal data should not be automatically available to other persons or organizations. Even if data have been processed, each individual should be able to exercise his or her right to control access to data and related information." (Astrid Gesche, "Adapting to Virtual Third-Space Language Learning Futures", 2009)

"The right to have personally identifiable information not disclosed in any unauthorized manner." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"The limitation of data access to only those authorized to view the data." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"The legal, political, and ethical issues surrounding the collection and dissemination of data, the technology used, and the expectations of what information is shared with whom." (Jonathan Ferrar et al, "The Power of People: Learn How Successful Organizations Use Workforce Analytics To Improve Business Performance", 2017)

"A compliance program aimed at protection of personal information about any individual the company may poses." (Svetlana Snezhko & Ali Coskun, "Compliance in Sustainability Reporting", 2019)

"Data containing information about a person should be treated with special attention according to the organization’s data privacy policy and legislation." (Lili Aunimo et al, "Big Data Governance in Agile and Data-Driven Software Development: A Market Entry Case in the Educational Game Industry", 2019)

"The term refers to the confidentiality of information that one has and other parties are not allowed to share it without a consent of the data owner. Privacy is a measure of control for individuals about their personal information." (M Fevzi Esen & Eda Kocabas, "Personal Data Privacy and Protection in the Meeting, Incentive, Convention, and Exhibition (MICE) Industry", 2019)

"This term relates to the individual right to restrict access to their personal, health, political/philosophical views, religious affiliation and educational data. In the case of students, schools and districts have the responsibility to control access to student data, providing it is available only to those who play a role in the learning process and for a defined time span." (Beatriz Arnillas, "Tech-Savvy Is the New Street Smart: Balancing Protection and Awareness", 2019)

"Protection of personal privacy during data acquisition, storage, transmission, and usage." (Hemlata Gangwar, "Big Data Adoption: A Comparative Study of the Indian Manufacturing and Services Sectors", 2020)

"the protection of any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means." (James Kelly et al, "Data in the Wild: A KM Approach to Collecting Census Data Without Surveying the Population and the Issue of Data Privacy", 2020)

"A person’s right to control how much information about her/him/them is collected, used, shared by others." (Zerin M Khan, "How Do Mobile Applications for Cancer Communicate About Their Privacy Practices?: An Analysis of Privacy Policies", 2021)

"Deals defining what data may be lawfully shared with third parties, by an individual or organization." (Nikhil Padayachee & Surika Civilcharran, "Predicting Student Intention to Use Cloud Services for Educational Purposes Based on Perceived Security and Privacy", 2021)

"Is the aspect of information and communication technology that deals with the ability an organization or individual to determine what data and information in computer system can be shared with third parties." (Valerianus Hashiyana et al, "Integrated Big Data E-Healthcare Solutions to a Fragmented Health Information System in Namibia", 2021)


Information Security: Distributed Denial of Service (Definitions)

"An electronic attack perpetrated by a person who controls legions of hijacked computers. On a single command, the computers simultaneously send packets of data across the Internet at a target computer. The attack is designed to overwhelm the target and stop it from functioning." (Andy Walker, "Absolute Beginner’s Guide To: Security, Spam, Spyware & Viruses", 2005)

"A type of DoS attack in which many (usually thousands or millions) of systems flood the victim with unwanted traffic. Typically perpetrated by networks of zombie Trojans that are woken up specifically for the attack." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"A denial of service (DoS) attack that comes from multiple sources at the same time. Attackers often enlist computers into botnets after infecting them with malware. Once infected, the attacker can then direct the infected computers to attack other computers." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A denial of service technique using numerous hosts to perform the attack. For example, in a network flooding attack, a large number of co-opted computers (e.g., a botnet) send a large volume of spurious network packets to disable a specified target system. See also denial of service; botnet." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A DoS attack in which multiple systems are used to flood servers with traffic in an attempt to overwhelm available resources (transmission capacity, memory, processing power, and so on), making them unavailable to respond to legitimate users." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"DDoS stands for distributed denial of service. In this type of an attack, an attacker tends to overwhelm the targeted network in order to make the services unavailable to the intended or legitimate user." (Kirti R Bhatele et al, "The Role of Artificial Intelligence in Cyber Security", Countering Cyber Attacks and Preserving the Integrity and Availability of Critical Systems, 2019)

"In DDoS attack, the incoming network traffic affects a target (e.g., server) from many different compromised sources. Consequently, online services are unavailable due to the attack. The target's resources are affected with different malicious network-based techniques (e.g., flood of network traffic packets)." (Ana Gavrovska & Andreja Samčović, "Intelligent Automation Using Machine and Deep Learning in Cybersecurity of Industrial IoT", 2020)

"This refers to malicious attacks or threats on computer systems to disrupt or break computing activities so that their access and availability is denied to the consumers of such systems or activities." (Heru Susanto et al, "Data Security for Connected Governments and Organisations: Managing Automation and Artificial Intelligence", 2021)

"A denial of service technique that uses numerous hosts to perform the attack." (CNSSI 4009-2015)

"A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic on a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic." (proofpoint) [source]

26 August 2019

Information Security: Privacy (Definitions)

"Privacy is concerned with the appropriate use of personal data based on regulation and the explicit consent of the party." (Martin Oberhofer et al, "Enterprise Master Data Management", 2008)

"Proper handling and use of personal information (PI) throughout its life cycle, consistent with data-protection principles and the preferences of the subject." (Alex Berson & Lawrence Dubov, "Master Data Management and Data Governance", 2010)

"Control of data usage dealing with the rights of individuals and organizations to determine the “who, what, when, where, and how” of data access." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed, 2011)

"Keeping information as a secret, known only to the originators of that information. This contrasts with confidentiality, in which information is shared among a select group of recipients. See also confidentiality." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"Control of data usage dealing with the rights of individuals and organizations to determine the “who, what, when, where, and how” of data access." (Carlos Coronel & Steven Morris, "Database Systems: Design, Implementation, & Management" 11th  Ed.", 2014)

"The ability of a person to keep personal information to himself or herself." (Jason Williamson, "Getting a Big Data Job For Dummies", 2015)

"The protection of individual rights to nondisclosure." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"The right of individuals to control or influence what information related to them may be collected and stored and by whom, as well as to whom that information may be disclosed." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

 "The right of individuals to a private life includes a right not to have personal information about themselves made public. A right to privacy is recognised by the Universal Declaration of Human Rights and the European Convention on Human Rights. See data protection legislation." (Open Data Handbook)

"to seclude certain data /information about oneself that is deemed personal." (Analytics Insight)

Information Security: Denial of Service (Definitions)

"A type of attack on a computer system that ties up critical system resources, making the system temporarily unusable." (Tom Petrocelli, "Data Protection and Information Lifecycle Management", 2005)

"Any attack that affects the availability of a service. Reliability bugs that cause a service to crash or hang are usually potential denial-of-service problems." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"This is a technique for overloading an IT system with a malicious workload, effectively preventing its regular service use." (Martin Oberhofer et al, "The Art of Enterprise Information Architecture", 2010)

"Occurs when a server or Web site receives a flood of traffic - much more traffic or requests for service than it can handle, causing it to crash." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

"Causing an information resource to be partially or completely unable to process requests. This is usually accomplished by flooding the resource with more requests than it can handle, thereby rendering it incapable of providing normal levels of service." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"Attacks designed to disable a resource such as a server, network, or any other service provided by the company. If the attack is successful, the resource is no longer available to legitimate users." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"An attack from a single attacker designed to disrupt or disable the services provided by an IT system. Compare to distributed denial of service (DDoS)." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A coordinated attack in which the target website or service is flooded with requests for access, to the point that it is completely overwhelmed." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"An attack that can result in decreased availability of the targeted system." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"An attack that generally floods a network with traffic. A successful DoS attack renders the network unusable and effectively stops the victim organization’s ability to conduct business." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A type of cyberattack to degrade the availability of a target system." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Any action, or series of actions, that prevents a system, or its resources, from functioning in accordance with its intended purpose." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"The prevention of authorized access to resources or the delaying of time-critical operations." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"An attack shutting down running of a service or network in order to render it inaccessible to its users (whether human person or a processing device)." (Wissam Abbass et al, "Internet of Things Application for Intelligent Cities: Security Risk Assessment Challenges", 2021)

"Actions that prevent the NE from functioning in accordance with its intended purpose. A piece of equipment or entity may be rendered inoperable or forced to operate in a degraded state; operations that depend on timeliness may be delayed." (NIST SP 800-13)

"The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided)." (NIST SP 800-12 Rev. 1)

"The prevention of authorized access to a system resource or the delaying of system operations and functions." (NIST SP 800-82 Rev. 2)


25 August 2019

Information Security: Cybersecurity (Definitions)

 "The art of ensuring the existence and continuity of the Information Society of a nation, guaranteeing and protecting, in Cyberspace, its information assets and critical infrastructure." (Claudia Canongia & Raphael Mandarino, "Cybersecurity: The New Challenge of the Information Society", 2012)

"The act of protecting technology, information, and networks from attacks." (Jason Williamson, "Getting a Big Data Job For Dummies", 2015)

"The practice of protecting computers and electronic communication systems as well as the associated information." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"Cybersecurity deals with damage to, unauthorized use of, exploitation of electronic information and communications systems that ensure confidentiality, integrity and availability." (Sanjukta Pookulangara, "Cybersecurity: What Matters to Consumers - An Exploratory Study", 2016)

"Focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction." (Kimberly Lukin, "Russian Cyberwarfare Taxonomy and Cybersecurity Contradictions between Russia and EU", 2016)

"The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation." (Olivera Injac & Ramo Šendelj, "National Security Policy and Strategy and Cyber Security Risks", 2016)

"The ability to protect against the unauthorized use of electronic data and malicious activity. This electronic data can be personal customer information such as names, addresses, social security numbers, credit cards, and debit cards, to name a few." (Brittany Bullard, "Style and Statistics", 2016)

"A trustworthiness property concerned with the protection of systems from cyberattacks." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Information security (infosec) but broadly referring to technology and human systems that are built around the secure exchange, storage, and management of information." (Shalin Hai-Jew, "Safe Distances: Online and RL Hyper-Personal Relationships as Potential Attack Surfaces", 2018)

"Is defined as the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment, organization, and user assets." (Thokozani I Nzimakwe, "Government's Dynamic Approach to Addressing Challenges of Cybersecurity in South Africa", 2018)

"Protection against criminal access to one’s data and information and against criminal manipulation of computer networks/data/systems." (Shalin Hai-Jew, "Beware!: A Multimodal Analysis of Cautionary Tales in Strategic Cybersecurity Messaging Online", 2018)

"The collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies that can be used to protect the cyberspace environment and organization and users’ assets." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The organization and collection of resources, processes, and structures used to protect cyberspace from occurrences that misalign de jure from de facto property rights." (Mika Westerlund et al, "A Three-Vector Approach to Blind Spots in Cybersecurity", 2018)

"A computing-based discipline involving technology, people, information, and processes to enable assured operations. It involves the creation, operation, analysis, and testing of secure computer systems. It is an interdisciplinary course of study, including aspects of law, policy, human factors, ethics, and risk management in the context of adversaries." (Matt Bishop et al, "Cybersecurity Curricular Guidelines", 2019)

"Acts taken, technologies created and deployed, policies written and enacted, to protect computer systems and networks against misuse, intrusion, and exploitation." (Shalin Hai-Jew, "The Electronic Hive Mind and Cybersecurity: Mass-Scale Human Cognitive Limits to Explain the “Weakest Link” in Cybersecurity", 2019)

"Also known as computer security or IT security, is the protection of computer systems from the theft or damage to the hardware, software or the information on them, as well as from disruption or misdirection of the services they provide." (Soraya Sedkaoui, "Big Data Analytics for Entrepreneurial Success", 2019)

"Includes process, procedures, technologies, and controls designed to protect systems, networks, and data." (Sandra Blanke et al, "How Can a Cybersecurity Student Become a Cybersecurity Professional and Succeed in a Cybersecurity Career?", 2019)

"The protection of computer systems from theft and damage to their assets and from manipulation and distraction of their services." (Viacheslav Izosimov & Martin Törngren, "Security Awareness in the Internet of Everything", 2019)

"The protection of internet-connected systems including hardware, software, and data from cyberattacks."  (Semra Birgün & Zeynep Altan, "A Managerial Perspective for the Software Development Process: Achieving Software Product Quality by the Theory of Constraints", 2019)

"Cybersecurity is seen where security alerts and cyber-attacks are becoming more frequent and malicious, these threats include private access attempts and exploitation software or phishing, malware, web application attacks, and network penetration." (Theunis G Pelser & Garth Gaffley, "Implications of Digital Transformation on the Strategy Development Process for Business Leaders", 2020)

"Is the protection of internet-connected systems, including hardware, software and data, from cyberattacks. In a computing context, security comprises cybersecurity and physical security - both are used by enterprises to protect against unauthorized access to data centers and other computerized systems." (Alexander A Filatov, "Sovereign Bureaucrats vs. Global Tech Companies: Ethical and Regulatory Challenges", 2020)

"It is a general term which describes technologies, processes, methods, and practices for the purpose of protection of internet-connected information systems from attacks, i.e., cyberattacks. Cybersecurity can refer to security of data, software or hardware within information systems." (Ana Gavrovska & Andreja Samčović, "Intelligent Automation Using Machine and Deep Learning in Cybersecurity of Industrial IoT: CCTV Security and DDoS Attack Detection", 2020)

"Cybersecurity is an act to protect data, devices, applications, servers, network from the malicious attack through various tools and techniques. The process also ensures the confidentiality, integrity, availability, and non-repudiation of the content." (Shafali Agarwal, "Preserving Information Security Using Fractal-Based Cryptosystem", 2021)

"Cybersecurity refers to the set of technologies, processes, and practices designed to safeguard networks, devices, programs, and data from attack, threats, or unauthorized access." (Sanjeev Rao et al, "Online Social Networks Misuse, Cyber Crimes, and Counter Mechanisms", 2021)

"It is the organization and collection of resources, processes, and structures used to protect cyberspace from security events." (Carlos A M S Teles et al, "A Black-Box Framework for Malicious Traffic Detection in ICT Environments", Handbook of Research on Cyber Crime and Information Privacy, 2021)

"Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation." (CNSSI 4009-2015)

"The ability to protect or defend the use of cyberspace from cyber attacks." (NISTIR 8170)

"The prevention of damage to, unauthorized use of, exploitation of, and - if needed - the restoration of electronic information and communications systems, and the information they contain, in order to strengthen the confidentiality, integrity and availability of these systems." (NISTIR 8074 Vol. 2)

"The process of protecting information by preventing, detecting, and responding to attacks." (NISTIR 8183)

Information Security: Attack Surface (Definitions)

"The attack surface of a software environment is the code within a computer system that can be run by unauthenticated users. This includes, but is not limited to, user input fields, protocols, interfaces, and services." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"The total vulnerabilities of a system that can be exploited by an attacker." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"Components available to be used by an attacker against the product itself." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"The avenues of attack that are available to an attacker by virtue of those avenues being exposed in some manner." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"The reachable and exploitable vulnerabilities in a system." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

 "The sum of all externally addressable vulnerabilities within an environment or system." (Forrester)

Information Security: Attack (Definitions)

[active attack:] "Any network-based attack other than simple eavesdropping (i.e., a passive attack)." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"Unauthorized activity with malicious intent that uses specially crafted code or techniques." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"An attempt to destroy, expose, alter, disable, steal or gain unauthorised access to or make unauthorised use of an asset," (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

[active attack:] "Attack where the attacker does interact with processing or communication activities." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

[passive attack:] "Attack where the attacker does not interact with processing or communication activities, but only carries out observation and data collection, as in network sniffing." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity." (Olivera Injac & Ramo Šendelj, "National Security Policy and Strategy and Cyber Security Risks", 2016)

"A sequence of actions intended to have a specified effect favorable to an actor that is adversarial to the owners of that system." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"An attempt to bypass security controls in a system with the mission of using that system or compromising it. An attack is usually accomplished by exploiting a current vulnerability." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or information itself." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"an aggressive action against a person, an organisation or an asset intended to cause damage or loss." (ISO/IEC 27000:2014)

Information Security: Digital Signature (Definitions)

"A form of electronic authentication of a digital document. Digital signatures are created and verified using public key cryptography and serve to tie the document being signed to the signer." (J P Getty Trust, "Introduction to Metadata" 2nd Ed., 2008)

"Data which proves that a document, message, or other piece of data was not modified since being processed and sent from a particular party." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"cryptographic transformations of data that allow a recipient of the data to prove the source (non-repudiation) and integrity of the data." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Data that is appended to a message, made from the message itself and the sender’s private key, to ensure the authenticity of the message" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"Ensuring the authenticity and integrity of a message through the use of hashing algorithms and asymmetric algorithms. The message digest is encrypted with the sender’s private key." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"A means of authenticating that a message or data came from a particular source with a known system identity." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"An electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide, 8th Ed", 2018)

"An encrypted means of identification that cannot be forged and that enables clients to validate servers and vice versa." (Microfocus)

"The combination of the private key, public key, message and hashing generates a digital signature. A digital signature is unique for every transaction and is a way to prove that the originator of the message has access to the private key." (AICPA)

24 August 2019

Information Security: Cyberattack (Definitions)

"Act or effect of an offensive activity cybernetic." (Claudia Canongia & Raphael Mandarino, "Cybersecurity: The New Challenge of the Information Society", 2012)

"Attacks on an organization’s IT resources through cyberspace. The purpose of the attacks might be for monetary gain, intelligence gathering, or vandalism." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A cyberattack is a deliberate attack on computer systems, a website, or individual computers using a computer. A cyberattack compromises the integrity and/or availability of the computer/system on which the information is stored." (Sanjukta Pookulangara, "Cybersecurity: What Matters to Consumers - An Exploratory Study", 2016)

"Any type of offensive maneuver employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system." (Kimberly Lukin, "Russian Cyberwarfare Taxonomy and Cybersecurity Contradictions between Russia and EU", 2016)

"When electronic data is used without authorization or malicious activities occur, such as spyware and viruses." (Brittany Bullard, "Style and Statistics", 2016)

"A deliberate exploitation of computer systems, technology-dependent enterprises and networks." (Mika Westerlund et al, "A Three-Vector Approach to Blind Spots in Cybersecurity", 2018)

"Is a deliberate exploitation of computer systems, technology systems, and networks. Cyberattacks use malicious code to alter computer code, logic or data, resulting in disruptive results that can compromise data. It is an illegal attempt to harm someone’s computer system or the information on it, using the internet." (Thokozani I Nzimakwe, "Government's Dynamic Approach to Addressing Challenges of Cybersecurity in South Africa", 2018)

"The state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this." (Christopher T Anglim, "Cybersecurity Legislation", 2020)

Information Security: Brute-Force Attack (Definitions)

"A brute force attack attempts to defeat a cryptographic algorithm by trying a large number of possibilities. A brute force attack on a cipher might include trying a large number of keys in the key space to decrypt a message. Brute force attack is the most inefficient method of attacking a cipher, and most cryptanalysis is concerned with finding more efficient means of defeating ciphers." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"An attack on an encryption algorithm in which the encryption key for ciphertext is determined by trying to decrypt with every key until valid plaintext is obtained." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"A method used for breaking encryption systems. Brute-force methodology entails trying all the possible keys until the proper one is found." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"A method by which a hacker tries to gain access to an account on the target system by trying to “guess” the correct password." ( Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Involves programs designed to guess at every possible combination until the password or key is cracked." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web 2nd Ed.", 2015)

"An attack that continually tries different inputs to achieve a predefined goal, which can be used to obtain credentials for unauthorized access." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed, 2018)

23 August 2019

Information Security: Cybercrime (Definitions)

 "A variety of offenses related to information technology, including extortion, boiler-room investment and gambling fraud, and fraudulent transfers of funds." (Robert McCrie, "Security Operations Management" 2nd Ed., 2006)

"Any type of crime that targets computers, or uses computer networks or devices, and violates existing laws. Cybercrime includes cyber vandalism, cyber theft, and cyber-attacks." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"Any crime that is facilitated through the use of computers and networks. This can include crimes that are dependent on computers or networks in order to take place, as well as those whose impact and reach are increased by their use." (Hamid R Arabnia et al, "Application of Big Data for National Security", 2015)

"Cybercrime is defined as any illegal activity that uses a computer either as the object of the crime OR as a tool to commit an offense." (Sanjukta Pookulangara, "Cybersecurity: What Matters to Consumers - An Exploratory Study", 2016)

"Any crime that is facilitated or committed using a computer, network, or hardware device." (Anisha B D Gani & Yudi Fernando, "Concept and Practices of Cyber Supply Chain in Manufacturing Context", 2018)

"Is all illegal acts, the commission of which involves the use of information and communication technologies. It is generally thought of as any criminal activity involving a computer system."  (Thokozani I Nzimakwe, "Government's Dynamic Approach to Addressing Challenges of Cybersecurity in South Africa", 2018)

"Any criminal action perpetrated primarily through the use of a computer." (Christopher T Anglim, "Cybersecurity Legislation", 2020)

"Criminal activity involving computer systems, networks, and/or the internet." (Boaventura DaCosta & Soonhwa Seok, "Cybercrime in Online Gaming", 2020)

22 August 2019

Information Security: Access Control Lists (Definitions)

"In Windows-based systems, a list of access control entries (ACE) that apply to an entire object, a set of the object's properties, or an individual property of an object, and that define the access granted to one or more security principals." (Microsoft, "SQL Server 2012 Glossary", 2012)

"An electronic list that specifies who can do what with an object. For example, an ACL on a file specifies who can read, write, execute, delete, and otherwise manipulate the file." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"a list of permissions attached to specified objects. Often abbreviated as ACL." ( Manish Agrawal, "Information Security and IT Risk Management", 2014)

"In systems such as electronic records management, electronic document and records management systems, or document management systems, a list of individuals authorized to access, view, amend, transfer, or delete documents, records, or files. Access rights are enforced through software controls." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"A list of credentials attached to a resource that indicates who has authorized access to that resource." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"A data structure that enumerates the access rights for all active entities (e.g., users) within a system." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A list of subjects that are authorized to access a particular object. Typically, the types of access are read, write, execute, append, modify, delete, and create." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide, 8th Ed", 2018)

"Lists of permissions that define which users or groups can access an object." (Weiss, "Auditing IT Infrastructures for Compliance, 2nd Ed", 2015)

Information Security: Attack Surface (Definitions)

"The attack surface of a software environment is the code within a computer system that can be run by unauthenticated users. This includes, but is not limited to, user input fields, protocols, interfaces, and services." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"The total vulnerabilities of a system that can be exploited by an attacker." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"Components available to be used by an attacker against the product itself." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"The avenues of attack that are available to an attacker by virtue of those avenues being exposed in some manner." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"The reachable and exploitable vulnerabilities in a system." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

 "The totality of different attack vectors through which cyber compromises may occur." (Shalin Hai-Jew, "Safe Distances: Online and RL Hyper-Personal Relationships as Potential Attack Surfaces", 2018)

"The sum of all externally addressable vulnerabilities within an environment or system." (Forrester)

21 August 2019

Information Security: SQL Injection Attack (Definitions)

"This is a way that hackers can bring a database down. SQL injection attacks can be avoided by using stored procedures with the appropriate configured parameters." (Joseph L Jorden & Dandy Weyn, "MCTS Microsoft SQL Server 2005: Implementation and Maintenance Study Guide - Exam 70-431", 2006)

"An attack on a database made by inserting escape characters or additional commands into a batch, allowing the attacker to run commands on the database server. This exploits poor validation or weak designs in application code that allow extra commands to be submitted to the server." (Marilyn Miller-White et al, "MCITP Administrator: Microsoft® SQL Server™ 2005 Optimization and Maintenance 70-444", 2007)

"An Internet attack against a database accessible via a web page. Automated programs are available to launch attacks, and successful SQL injection attacks can obtain the entire layout of a database and all the data." (Darril Gibson, "MCITP SQL Server 2005 Database Developer All-in-One Exam Guide", 2008)

"An attack against a database system launched through an application program containing embedded SQL." (Jan L Harrington, "Relational Database Design and Implementation: Clearly explained" 3rd Ed., 2009)

"A type of attack designed to break through database security and access the information. A SQL injection attack “injects” or manipulates SQL code." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web 2nd Ed.", 2015)


20 August 2019

Information Security: Cryptanalysis (Definitions)

"Cryptanalysis is the science of analyzing cryptographic methods and algorithms, generally probing them for weaknesses. Cryptanalysts devise new methods of defeating cryptographic algorithms." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"The science (or art) of breaking cryptographic algorithms." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"The study of mathematical techniques designed to defeat cryptographic techniques. Collectively, a branch of science that deals with cryptography and cryptanalysis is called cryptology. " (Alex Berson & Lawrence Dubov, "Master Data Management and Data Governance", 2010)

"The art of breaking ciphertext." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Practice of uncovering flaws within cryptosystems." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"The process of decrypting a message without knowing the cipher or key used to encrypt it" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"The practice of breaking cryptosystems and algorithms used in encryption and decryption processes." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"The process of breaking encryption without the benefit of the key under which data was encrypted." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Cryptanalysis refers to the study of the cryptosystem or ciphertext to crack the confidentiality of the underlying information and try to gain unauthorized access to the content." (Shafali Agarwal, "Preserving Information Security Using Fractal-Based Cryptosystem", Handbook of Research on Cyber Crime and Information Privacy, 2021)

Information Security: Advanced Persistent Threat (APT)

"A sustained, human-intensive attack that leverages the full range of computer intrusion techniques." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"A group or entity that has the capability and intent to persistently target a specific organization. They typically have the backing of an organization with almost unlimited resources, such as a government." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization. APT attacks target organizations in sectors with high-value information, such as national defense, manufacturing, and the financial industry. APTs differ from other types of attack in their careful target selection and persistent, often stealthy, intrusion efforts over extended periods." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Sophisticated attacks that are carefully crafted by hostile governments or organizations, usually for political vengeance or financial gain. They often combine the most advanced malware, spear-phishing, and intrusion techniques available." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives using multiple attack vectors." (NIST SP800-61)

"An adversary with sophisticated levels of expertise and significant resources, allowing it through the use of multiple different attack vectors (e.g., cyber, physical, and deception) to generate opportunities to achieve its objectives, which are typically to establish and extend footholds within the information technology infrastructure of organizations for purposes of continually exfiltrating information and/or to undermine or impede critical aspects of a mission, program, or organization, or place itself in a position to do so in the future; moreover, the advanced persistent threat pursues its objectives repeatedly over an extended period of time, adapting to a defender’s efforts to resist it, and with determination to maintain the level of interaction needed to execute its objectives." (CNSSI 4009-2015)

Information Security: Threat (Definitions)

"An imminent security violation that could occur at any time due to unchecked security vulnerabilities." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed., 2011)

"Anything or anyone that represents a danger to an organization’s IT resources. Threats can exploit vulnerabilities, resulting in losses to an organization." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"The capabilities, intentions, and attack methods of adversaries to exploit or cause harm to assets." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"The potential cause of an unwanted incident, which may result in harm to a system or organisation." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"Any activity that represents a possible danger." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"The danger of a threat agent exploiting a vulnerability." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"A potential for violation of security that exists when there is a circumstance, a capability, an action, or an event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"A possible danger to a computer system, which may result in the interception, alteration, obstruction, or destruction of computational resources, or other disruption to the system." (NIST SP 800-28 Version 2)

"A potential cause of an unwanted incident." (ISO/IEC 13335)

"A potential cause of an unwanted incident, which may result in harm to a system or organisation."(ISO/IEC 27000:2014)

"An activity, deliberate or unintentional, with the potential for causing harm to an automated information system or activity." (NIST SP 800-16)

"Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability." (FIPS 200)

"Any circumstance or event with the potential to cause harm to an information system in the form of destruction, disclosure, adverse modification of data, and/or denial of service." (NIST SP 800-32)

"An event or condition that has the potential for causing asset loss and the undesirable consequences or impact from such loss." (NIST SP 1800-17b)

"Anything that might exploit a Vulnerability. Any potential cause of an Incident can be considered to be a Threat." (ITIL)

"The potential for a threat-source to exercise (accidentally trigger or intentionally exploit) a specific vulnerability. "(NIST SP 800-47)

19 August 2019

Information Security: Public Key Cryptography (Definitions)

"Also known as asymmetric cryptography, a form of cryptography in which a user has a pair of cryptographic keys - a public key and a private key. The private key is kept secret, while the public key may be widely distributed. The keys are related mathematically, but the private key cannot be practically derived from the public key. A message encrypted with the public key can be decrypted only with the corresponding private key." (Martin Oberhofer et al, "Enterprise Master Data Management", 2008)

"Cryptography involving public keys, as opposed to cryptography making use of shared secrets. See Symmetric cryptography." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"An approach to cryptography in which each user has two related keys, one public and one private" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"An asymmetric cryptosystem where the encrypting and decrypting keys are different and it is computationally infeasible to calculate one form the other, given the encrypting algorithm. In public key cryptography, the encrypting key is made public, but the decrypting key is kept secret." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK 4th Ed.", 2015)

"An encryption method that uses a two-part key: a public key and a private key. Users generally distribute their public key but keep their private key to themselves. This is also known as asymmetric cryptography." (James R Kalyvas & Michael R Overly, "Big Data: A business and legal guide", 2015)

"Encryption system using a public-private key pair for encryption or digital signature. The encrypt and decrypt keys are different, and one cannot derive the private key from the public key." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Public-key cryptography refers to a cryptographic system requiring two separate keys, one of which is secret and one of which is public. Although different, the two parts of the key pair are mathematically linked. One key locks or encrypts the plaintext, and the other unlocks or decrypts the cipher text. Neither key can perform both functions by itself. The public key may be published without compromising security, while the private key must not be revealed to anyone not authorized to read the messages." (Addepalli V N Krishna & M Balamurugan, "Security Mechanisms in Cloud Computing-Based Big Data", 2019)

"A cryptographic system that requires public and private keys. The private key can decrypt messages encrypted with the corresponding public key, and vice versa. The public key can be made available to the public without compromising security and used to verify that messages sent by the holder of the private key must be genuine." (Daniel Leuck et al, "Learning Java" 5th Ed., 2020)

18 August 2019

Information System: Cryptosystem (Definitions)

"Hardware or software implementation of cryptography that contains all the necessary software, protocols, algorithms, and keys." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"The hardware or software implementation of cryptography." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"A set of cryptographic algorithms together with the key management processes that support use of the algorithms in some application context." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"A cryptosystem includes a complete process of key generation, encryption, and decryption techniques for secure data communication over the insecure channel." (Shafali Agarwal, "Preserving Information Security Using Fractal-Based Cryptosystem", Handbook of Research on Cyber Crime and Information Privacy, 2021)

"Associated information security (INFOSEC) items interacting to provide a single means of encryption or decryption." (CNSSI 4009-2015)

[manual cryptosystem:] "Cryptosystem in which the cryptographic processes are performed without the use of crypto-equipment or auto-manual devices." (CNSSI 4009-2015)

[online cryptosystem:] "Cryptographic system in which encryption and decryption are performed in association with the transmitting and receiving functions." (CNSSI 4009-2015)

[off-line cryptosystem:] "Cryptographic system in which encryption and decryption are performed independently of the transmission and reception functions." (CNSSI 4009-2015)

17 August 2019

Information Security: Asymmetric Encryption (Definitions)

"Requires a pair of keys to encode and decode information. One key is used to encrypt the plain text, and a second key, which is part of the matched pair, is used to decrypt that cipher text." (Marilyn Miller-White et al, "MCITP Administrator: Microsoft® SQL Server™ 2005 Optimization and Maintenance 70-444", 2007)

"Asymmetric encryption is an encryption model in which the encryption and decryption processes use different keys. Modern asymmetric encryption algorithms are based on the public key/private key pairs, in which the encryption and decryption keys are different but nontrivially related. The public key is widely known and distributed for encryption while the private key is kept secret and used for decryption. Although the keys are related, it is considered infeasible to try to derive the private key from the public key." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"Asymmetric encryption is encryption that requires two different keys: one to encrypt data and another to decrypt it. The most common form of asymmetric encryption is public key encryption, in which the two keys are mathematically related." (Michael Coles, "Pro T-SQL 2008 Programmer's Guide", 2008)

"Asymmetric encryption, also known as public-key encryption, is a form of data encryption where the encryption key (also called the public key) and the corresponding decryption key (also called the private key) are different. A message encrypted with the public key can be decrypted only with the corresponding private key. The public key and the private key are related mathematically, but it is computationally infeasible to derive the private key from the public key. Therefore, a recipient could distribute the public key widely." (Ninghui Li, "Asymmetric Encryption", 2009)

"Encryption that requires two different keys: one to encrypt data and another to decrypt it. The most common form of asymmetric encryption is public key encryption, in which the two keys are mathematically related." (Miguel Cebollero et al, "Pro T-SQL Programmer’s Guide" 4th Ed., 2015)

"Public-key cryptography refers to a cryptographic system requiring two separate keys, one of which is secret and one of which is public. Although different, the two parts of the key pair are mathematically linked. One key locks or encrypts the plaintext, and the other unlocks or decrypts the cipher text. Neither key can perform both functions by itself. The public key may be published without compromising security, while the private key must not be revealed to anyone not authorized to read the messages." (Addepalli V N Krishna & M Balamurugan, "Security Mechanisms in Cloud Computing-Based Big Data", 2019)

15 August 2019

Information Security: Vulnerability (Definitions)

"In computer security, a weakness which allows an attacker to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To be vulnerable, an attacker must have at least one applicable tool or technique that can connect to a system weakness." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"A weakness in a system’s component that could be exploited to allow unauthorized access or cause service disruptions." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed., 2011)

"A characteristic that leads to exposure, and that may be exploited by a threat to cause harm. Vulnerabilities are most commonly a result of a software flaw or misconfiguration. See also threat." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"a weakness in an information system that gives a threat the opportunity to compromise an asset." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"A weakness. It can be a weakness in any organizational IT systems, networks, configurations, users, or data. If a threat exploits a vulnerability, it can result in a loss to an organization." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"an error in the specification, development, or configuration of software such that its execution can violate the security policy." ( Manish Agrawal, "Information Security and IT Risk Management", 2014)

"The intrinsic properties of something resulting in susceptibility to a risk source that can lead to an event with a consequence" (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"Weakness or a lack of a countermeasure." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard." (Olivera Injac & Ramo Šendelj, "National Security Policy and Strategy and Cyber Security Risks", 2016)

"A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The property of a system whereby it is susceptible to a given attack succeeding against that system." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A vulnerability is any weakness in a product, process or system which could potentially be exploited to reduce the security or function of that product, process, or system." (Sandra Blanke et al, "How Can a Cybersecurity Student Become a Cybersecurity Professional and Succeed in a Cybersecurity Career?", 2019)

"the intrinsic properties of something resulting in susceptibility to a risk source that can lead to an event with a consequence" (ISO Guide 73:2009)

 "weakness that could be exploited by a thread" (ITIL)

12 August 2019

Information Security: Access Control (Definitions)

"The ability to selectively control who can get at or manipulate information in, for example, a Web server." (Tim Berners-Lee, "Weaving the Web", 1999)

"The methods by which interactions with resources are limited to collections of users or programs for the purpose of enforcing integrity, confidentiality, or availability constraints." (Kim Haase et al, "The J2EE™ Tutorial", 2002)

"Limiting access to resources according to rights granted by the system administrator, application, or policy." (Tom Petrocelli, "Data Protection and Information Lifecycle Management", 2005)

"Determining who or what can go where, when, and how." (Judith Hurwitz et al, "Service Oriented Architecture For Dummies" 2nd Ed., 2009)

"Management of who is allowed access and who is not allowed access to networks, data files, applications, or other digital resources." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed, 2011)

"Any mechanism to regulate access to something, but for parallel programs this term generally applies to shared memory. The term is sometimes extended to I/O devices as well. For parallel programming, the objective is generally to provide deterministic results by preventing an object from being modified by multiple tasks simultaneously. Most often this is referred to as mutual exclusion, which includes locks, mutexes, atomic operations, and transactional memory models. This may also require some control on reading access to prevent viewing of an object in a partially modified state." (Michael McCool et al, "Structured Parallel Programming", 2012)

"Secures content and identifies who can read, create, modify, and delete content." (Charles Cooper & Ann Rockley, "Managing Enterprise Content: A Unified Content Strategy" 2nd Ed., 2012)

"A technique used to permit or deny use of data or information system resources to specific users, programs, processes, or other systems based on previously granted authorization to those resources." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"The act of limiting access to information system resources only to authorized users, programs, processes, or other systems." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"The means to ensure that access to assets is authorised and restricted on business and security requirements." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"Are security features that control how users and systems communicate and interact with other systems and resources." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"Mechanisms, controls, and methods of limiting access to resources to authorized subjects only." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed, 2018)

"The process of granting or denying specific requests (1) for accessing and using information and related information processing services and (2) to enter specific physical facilities. Access control ensures that access to assets is authorized and restricted based on business and security requirements." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

11 August 2019

Information Security: Privacy (Definitions)

"Privacy is concerned with the appropriate use of personal data based on regulation and the explicit consent of the party." (Martin Oberhofer et al, "Enterprise Master Data Management", 2008)

[MDM privacy:] "Privacy is focused on the appropriate use of personal data based on regulation and the explicit consent of the Party. MDM Systems that have Party data (customer or patient) are quite sensitive to privacy concerns and regulations." (Allen Dreibelbis et al, "Enterprise Master Data Management", 2008)

"The ability of keeping secret someone’s identity, resources, or actions. It is realized by anonymity and pseudonymity." (Tomasz Ciszkowski & Zbigniew Kotulski, "Secure Routing with Reputation in MANET", 2008)

"Proper handling and use of personal information (PI) throughout its life cycle, consistent with data-protection principles and the preferences of the subject." (Alex Berson & Lawrence Dubov, "Master Data Management and Data Governance", 2010)

"Control of data usage dealing with the rights of individuals and organizations to determine the 'who, what, when, where, and how' of data access." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed., 2011)

"Keeping information as a secret, known only to the originators of that information. This contrasts with confidentiality, in which information is shared among a select group of recipients." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"The ability of a person to keep personal information to himself or herself." (Jason Williamson, "Getting a Big Data Job For Dummies", 2015)

"The protection of individual rights to nondisclosure." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"The right of individuals to control or influence what information related to them may be collected and stored and by whom, as well as to whom that information may be disclosed." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The right of individuals to a private life includes a right not to have personal information about themselves made public." (Open Data Handbook)

07 August 2019

Information Security: Certificate (Definitions)

"An asymmetric key, usually issued by a certificate authority, that contains the public key of a public/private key pair as well as identifying information, expiration dates, and other information and that provides the ability to authenticate its holder. Certificates are used in SQL Server 2005 to secure logins or other database objects." (Victor Isakov et al, "MCITP Administrator: Microsoft SQL Server 2005 Optimization and Maintenance (70-444) Study Guide", 2007)

"A certificate is an electronic document consisting of an asymmetric key with additional metadata such as an expiration date and a digital signature that allows it to be verified by a third-party like a certificate authority (CA)." (Michael Coles, "Pro T-SQL 2008 Programmer's Guide", 2008)

"A certificate is an electronic document that uses a digital signature to bind an asymmetric key with a public identity. In its simplest form, a certificate is essentially an asymmetric key which can have additional metadata, like a certificate name, subject, and expiration date. A certificate can be selfsigned or issued by a certificate authority." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"A data object that binds information about a person or some other entity to a public key. The binding is generally done using a digital signature from a trusted third party (a certification authority)." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"(1) A token of authorization or authentication. (2) In data security, a computer data security object that includes identity information, validity specification, and a key." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"A digital document that is commonly used for authentication and to help secure information on a network. A certificate binds a public key to an entity that holds the corresponding private key. Certificates are digitally signed by the certification authority that issues them, and they can be issued for a user, a computer, or a service." (Microsoft, "SQL Server 2012 Glossary", 2012)

"A bundle of information containing the encrypted public key of the server, and the identification of the key provider." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"An electronic document used to identify an individual, a system, a server, a company, or some other entity, and to associate a public key with the entity. A digital certificate is issued by a certification authority and is digitally signed by that authority." (IBM, "Informix Servers 12.1", 2014)

"A representation of a sender’s authenticated public key used to minimize malicious forgeries" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"A small electronic file that serves to validate or encrypt a message or browser session. Digital certificates are often used to create a digital signature which offers non-repudiation of a user or a Web site." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"An electronic document consisting of an asymmetric key with additional metadata such as an expiration date and a digital signature that allows it to be verified by a third party like a certificate authority (CA)." (Miguel Cebollero et al, "Pro T-SQL Programmer’s Guide 4th Ed", 2015)

"Cryptography-related electronic documents that allow for node identification and authentication. Digital certificates require more administrative work than some other methods but provide greater security." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"Digital identity used within a PKI. Generated and maintained by a certificate authority and used for authentication." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"A cryptographic binding between a user identifier and their public key as signed by a recognized authority called a certificate authority." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"In computer security, a digital document that binds a public key to the identity of the certificate owner, thereby enabling the certificate owner to be authenticated. A certificate is issued by a certificate authority and is digitally signed by that authority." (Sybase, "Open Server Server-Library/C Reference Manual", 2019)

"An electronic document using a digital signature to assert the identity of a person, group, or organization. Certificates attest to the identity of a person or group and contain that organization’s public key. A certificate is signed by a certificate authority with its digital signature." (Daniel Leuck et al, "Learning Java" 5th Ed., 2020)

06 August 2019

Information Security: Access Control Model (Definitions)

"A list of credentials attached to a resource that indicates who has authorized access to that resource." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"In Windows-based systems, a list of access control entries (ACE) that apply to an entire object, a set of the object's properties, or an individual property of an object, and that define the access granted to one or more security principals." (Microsoft, SQL Server 2012 Glossary, 2012)

"An electronic list that specifies who can do what with an object. For example, an ACL on a file specifies who can read, write, execute, delete, and otherwise manipulate the file." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"A list of permissions attached to specified objects. " (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Lists of permissions that define which users or groups can access an object." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed, 2015)

"In systems such as electronic records management, electronic document and records management systems, or document management systems, a list of individuals authorized to access, view, amend, transfer, or delete documents, records, or files. Access rights are enforced through software controls." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"A data structure that enumerates the access rights for all active entities (e.g., users) within a system." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A list of subjects that are authorized to access a particular object. Typically, the types of access are read, write, execute, append, modify, delete, and create." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed, 2018)

05 August 2019

Information Security: Security Policy (Definitions)

"The active policy on the client's computer that programmatically generates a granted set of permissions from a set of requested permissions. A security policy consists of several levels that interact; by default only permissions granted by all layers are allowed to be granted." (Damien Watkins et al, "Programming in the .NET Environment", 2002)

"A collection of standards, policies, and procedures created to guarantee the security of a system and ensure auditing and compliance." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed, 2011)

"The set of decisions that govern security controls." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"In label-based access control, a database object that is associated with one or more tables and that defines how LBAC can be used to protect those tables. The security policy defines what security labels can be used, how the security labels are compared to each other, and whether optional behaviors are used. See also label-based access control, security label." (IBM, "Informix Servers 12.1", 2014)

"A written statement describing the constraints or behavior an organization embraces regarding the information provided by its users" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"Strategic tool used to dictate how sensitive information and resources are to be managed and protected." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"Set of rules, guidelines and procedures represented in official security documents that define way in which state will protect its own national security interests." (Olivera Injac & Ramo Šendelj, "National Security Policy and Strategy and Cyber Security Risks", 2016)

"A set of rules and practices that specify or regulate how a system or an organization provides security services to protect sensitive and critical system resources." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"A statement of the rules governing the access to a system’s protected resources." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"In label-based access control, a database object that is associated with one or more tables and that defines how LBAC can be used to protect those tables. The security policy defines what security labels can be used, how the security labels are compared to each other, and whether optional behaviors are used. See also label-based access control, security label." (Sybase, "Open Server Server-Library/C Reference Manual", 2019)

"A set of criteria for the provision of security services." (CNSSI 4009-2015 NIST)

 "A set of methods for protecting a database from accidental or malicious destruction of data or damage to the database infrastructure." (Oracle)

"Security policies define the objectives and constraints for the security program. Policies are created at several levels, ranging from organization or corporate policy to specific operational constraints (e.g., remote access). In general, policies provide answers to the questions 'what' and 'why' without dealing with 'how'. Policies are normally stated in terms that are technology-independent." (NIST SP 800-82 Rev. 2)

Information Security: Trojan Horse (Definitions)

"Malware that looks like something beneficial but has a malicious component. Users are tricked into downloading and installing the malware, thinking it’s worthwhile. After the user installs the Trojan, the malicious component runs. Trojans are named after the Trojan horse from Greek mythology." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A program posing as a harmless piece of software that can contain malware such as viruses or spyware." (Andy Walker, "Absolute Beginner’s Guide To: Security, Spam, Spyware & Viruses", 2005)

"Malicious code that creates backdoors, giving an attacker illegal access to a network or account through a network port." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

"software that appears to be an application but is, in fact, a destructive program." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"An apparently useful and innocent program containing additional hidden code that allows the unauthorized collection, exploitation, falsification, or destruction of data. A Trojan is often received from a familiar e-mail address or URL or in the form of a familiar attachment." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"A form of malware application hidden within another application that introduces backdoor access." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web 2nd Ed.", 2015)

"A malicious program disguised as a benevolent resource" (Nell Dale & John Lewis, "Computer Science Illuminated, 6th Ed.", 2015)

"A piece of malicious software that looks harmless but has a detrimental effect on a computer when it runs." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"A program that is disguised as another program with the goal of carrying out malicious activities in the background without the user knowing." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"A piece of software or code that is disguised as a legitimate software that is created with the intention to breach a system or networks security." (Hamid R Arabnia et al, "Application of Big Data for National Security", 2015)

"Software that either hides or masquerades as a useful or benign program." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

04 August 2019

Information Security: Exploit (Definitions)

"A program that takes advantage of a known security weakness in a computer." (Andy Walker, "Absolute Beginner’s Guide To: Security, Spam, Spyware & Viruses", 2005)

"An exploit is a technique or software code (often in the form of scripts) that takes advantage of vulnerability or security weakness in a piece of target software." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"Used as a noun in this case, this refers to a known way to compromise a program to get it to do something the author didn’t intend. Your task is to write unexploitable programs." (Jon Orwant et al, "Programming Perl" 4th Ed., 2012)

"Either: an attack technique that can be directed at a particular computer system or software component and that takes advantage of a specific vulnerability, or the act of successfully implementing such an attack technique." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"An exploit is a particular form of attack in which a tried and tested method of causing impact is followed with some rigour. Exploits are similar in nature to processes, but whereas processes are generally benign, exploits are almost always harmful." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"A method or program that takes advantage of a vulnerability in a target system to accomplish an attack." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"An attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

Information Security: Data Loss Prevention (Definitions)

"Attempts to prevent the loss of confidentiality of sensitive information by limiting the use of confidential information only for authorized purposes." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"A set of technologies and inspection techniques used to classify information content contained within an object—such as a file, an email, a packet, an application or a data store - while at rest (in storage), in use (during an operation), or in transit (across a network). DLP tools also have the ability to dynamically apply a policy - such as log, report, classify, relocate, tag, and encrypt - and/or apply enterprise data rights management protections." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Data loss prevention (DLP; also known as data leak prevention) is a computer security term referring to systems that identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination, and so on) and with a centralized management framework. Systems are designed to detect and prevent unauthorized use and transmission of confidential information." (Robert F Smallwood, "Information Governance for Healthcare Professionals", 2018)

[data leak prevention (DLP):] "The actions that organizations take to prevent unauthorized external parties from gaining access to sensitive data." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide, 8th Ed", 2018)

"A capability that detects and prevents violations to corporate policies regarding the use, storage, and transmission of sensitive data. Its purpose is to enforce policies to prevent unwanted dissemination of sensitive information." (Forrester)

 "A systems ability to identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage) through deep packet content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination, etc.), within a centralized management framework. Data loss prevention capabilities are designed to detect and prevent the unauthorized use and transmission of NSS information." (CNSSI 4009-2015) 

03 August 2019

Information Security: Cryptography (Definitions)

"Cryptography is the science of hiding information through ciphers and codes. Cryptographers devise new cryptographic algorithms." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"The process of converting data into an unreadable form via an encryption algorithm. Cryptography enables information to be sent across communication networks that are assumed to be insecure, without losing confidentiality or the integrity of the information being sent." (Alex Berson & Lawrence Dubov, "Master Data Management and Data Governance", 2010)

"The science (or art) of providing secrecy, integrity, and non-repudiation for data." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"The art or science of rendering plain information unintelligible, and for restoring encrypted information to intelligible form." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Science of secret writing that enables an entity to store and transmit data in a form that is available only to the intended individuals." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"The encoding of data so that it can be decoded only by certain persons. The role of cryptography is to protect data integrity, confidentiality, nonrepudiation, and authentication." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"The field of study related to encoded information" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"The science of secret writing that enables storage and transmission of data in a form that is available only to the intended individuals." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"The study of algorithmic transformations from plain text to encrypted forms in which the unencrypted data cannot be ascertained without possession of the encryption key." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A technique to secure communication or data." (AICPA)

"Art or science concerning the principles, means, and methods for rendering plain information unintelligible and for restoring encrypted information to intelligible form."(CNSSI 4009-2015 NSA/CSS) 

"The art and science of using mathematics to secure information and create a high degree of trust in the electronic realm." (NISTIR 7316) 

"The discipline that embodies principles, means and methods for providing information security, including confidentiality, data integrity, non-repudiation, and authenticity." (NISTIR 8040)

"The discipline that embodies the principles, means, and methods for the transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification." (NIST SP 800-59)


Information Security: Countermeasure (Definitions)

"A control, method, technique, or procedure that is put into place to prevent a threat agent from exploiting a vulnerability. A countermeasure is put into place to mitigate risk. Also called a safeguard or control." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"A defensive mechanism intended to address a class of attack." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"An action, a device, a procedure, or a technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Countermeasures are steps that can be taken, and systems that can be implemented, to prevent internal and external threats from accessing your data and causing issues." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"Used to refer to any type of control" (ITIL)

Related Posts Plugin for WordPress, Blogger...