Information Security Best Practices: 205 Basic Rules


Glossary

Glossary

A-D

Access Control
- Operating systems limit access to computer system resources and services by authentication of the user and other access rules.
ACL
- Access Control List, grants access to file or object to anyone in list associated with a file or object.
ACK
- Acknowledgment. A packet of information sent from a receiving computer that acknowledges receipt of data.
Anonymous Remailer
- A program that removes an email message's sender and location before sending the message to the destination.
Application Gateway
- A program that restricts access to services across a firewall boundary.
Authentication
- The process of verifying the identity of a user before access is allowed to a system.
Authorization
- After authentication, the user is allowed the use of specific system resources that have been granted to that user.
Backdoor
- Once a hacker breaks into a system, code can be inserted somewhere on the system to create a secret backdoor that allows unauthorized access.
Bastion Host
- A computer usually located on the DMZ that often hosts the web site, email or a gateway to the network that has very high security features. It is often a machine that is accessed by the public or is the first line of defense to your network.
Confidentiality
- Assurance of privacy of information (usually by encryption).
COTS
- Commercial Off The Shelf hardware or software.
B1
Labeled Security Protection as specified in DoD 5200.28-STD
Certificate Authority
- A trusted system that digitally signs certificates to...