Table of Contents

RFC 4949 Internet Security Glossary Definitions P

Return to RFC 4949 Internet Security Glossary Definitions, RFC 4949 Internet Security Glossary, RFC 4949 Internet Security Glossary Bibliography, Cybersecurity, Awesome Security

RFC 4949: #, A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z (navbar_rfc4949)


([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: IEEE P1363.

Shirey Informational Page 212]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) See: policy approving authority.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) /Common Criteria/ A reusable set of either functional or assurance components, combined in a single unit to satisfy a set of identified security objectives. (Compare: protection profile.)

Example: The seven EALs defined in Part 3 of the Common Criteria are predefined assurance packages.

Tutorial: A package is a combination of security requirement components and is intended to be reusable in the construction of either more complex packages or protection profiles and security targets. A package expresses a set of either functional or assurance requirements that meet some particular need, expressed as a set of security objectives.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A block of data that is carried from a source to a destination through a communication channel or, more generally, across a network. (Compare: datagram, PDU.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: secondary definition under “filtering router”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) /slang/ Someone who floods a system with packets, creating a denial-of-service condition for the system's users. (See: cracker.)

Deprecated Term: It is likely that other cultures use different metaphors for this concept. Therefore, to avoid international misunderstanding, IDOCs SHOULD NOT use this term. (See: Deprecated Usage under “Green Book”.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) /slang/ A contraction of “Web page hijacking”. A masquerade attack in which the attacker copies (steals) a home page or other material from the target server, rehosts the page on a server the attacker controls, and causes the rehosted page to be indexed by the major Web search services, thereby diverting browsers from the target server to the attacker's server.

Deprecated Term: IDOCs SHOULD NOT use this contraction. The term is not listed in most dictionaries and could confuse international readers. (See: Deprecated Usage under “Green Book”.)

Shirey Informational Page 213]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) See: primary account number.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: Password Authentication Protocol.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A checksum that is computed on a block of bits by computing the binary sum of the individual bits in the block and then discarding all but the low-order bit of the sum. (See: checksum.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A mode of system operation wherein all users having access to the system have the necessary security clearances for all data handled by the system, but some users might not have either formal access approval or need-to-know for all the data. (See: /system operation/ under “mode”, formal access approval, need to know, protection level, security clearance.)

Usage: Usually abbreviated as “partitioned mode”. This term was defined in U.S. Government policy on system accreditation.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: personnel authentication system string.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: secondary definition under “attack”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: secondary definition under “system user”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A wiretapping attack that attempts only to observe a communication flow and gain knowledge of the data it contains, but does not alter or otherwise affect that flow. (See: wiretapping. Compare: passive attack, active wiretapping.)

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) A secret data value, usually a character string, that is presented to a system by a user to authenticate the user's id[[entity. (See: authentication information, challenge-response, PIN, simple authentication.)

1b. (O) “A character string used to authenticate an id[[entity.” [CSC2]

Shirey Informational Page 214]

RFC 4949 Internet Security Glossary, Version 2 August 2007

1c. (O) “A string of characters (letters, numbers, and other symbols) used to authenticate an id[[entity or to verify access authorization.” [FP140]

1d. (O) “A secret that a claimant memorizes and uses to authenticate his or her id[[entity. Passwords are typically character strings.” [SP63]

Tutorial: A password is usually paired with a user identifier that is explicit in the authentication process, although in some cases the identifier may be implicit. A password is usually verified by matching it to a stored value held by the access control system for that identifier.

Using a password as authentication information is based on assuming that the password is known only by the system entity for which the id[[entity is being authenticated. Therefore, in a network environment where wiretapping is possible, simple authentication that relies on transmission of static (i.e., repetitively used) passwords in cleartext form is inadequate. (See: one-time password, strong authentication.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A simple authentication mechanism in PPP. In PAP, a user identifier and password are transmitted in cleartext form. [R1334] (See: CHAP.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) /slang/ Passive wiretapping to gain knowledge of passwords. (See: Deprecated Usage under “sniffing”.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) For a digital certificate, the process of finding a set of public-key certificates that comprise a certification path from a trusted key to that specific certificate.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) The process of validating (a) all of the digital certificates in a certification path and (b) the required relationships between those certificates, thus validating the contents of the last certificate on the path. (See: certificate validation.)

Tutorial: To promote interoperable PKI applications in the Internet, RFC 3280 specifies a detailed algorithm for validation of a certification path.

Shirey Informational Page 215]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) /SET/ Collectively refers “to credit cards, debit cards, charge cards, and bank cards issued by a financial institution and which reflects a relationship between the cardholder and the financial institution.” [SET2]

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) /SET/ A system operated by an acquirer, or a third party designated by an acquirer, to provide electronic commerce services to the merchants in support of the acquirer, and which interfaces to the acquirer to support the authorization, capture, and processing of merchant payment messages, including payment instructions from cardholders. [SET1, SET2]

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) /SET/ A CA that issues digital certificates to payment gateways and is operated on behalf of a payment card brand, an acquirer, or another party according to brand rules. A SET PCA issues a CRL for compromised payment gateway certificates. [SET2] (See: PCA.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A type of credit card-sized, plug-in peripheral device that was originally developed to provide memory expansion for portable computers, but is also used for other kinds of functional expansion. (See: FORTEZZA, PCMCIA.)

Tutorial: The international PC Card Standard defines a non- proprietary form factor in three sizes – Types I, II, and III – each of which have a 68-pin interface between the card and the socket into which it plugs. All three types have the same length and width, roughly the size of a credit card, but differ in their thickness from 3.3 to 10.5 mm. Examples include storage modules, modems, device interface adapters, and cryptographic modules.

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) Abbreviation of various kinds of “certification authority”. (See: Internet policy certification authority, (MISSI) policy creation authority, (SET) payment gateway certification authority.)

Deprecated Usage: An IDOC that uses this abbreviation SHOULD define it at the point of first use.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: “protocol control information” under “protocol data unit”.

Shirey Informational Page 216]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) Personal Computer Memory Card International Association, a group of manufacturers, developers, and vendors, founded in 1989 to standardize plug-in peripheral memory cards for personal computers and now extended to deal with any technology that works in the PC Card form factor. (See: PC card.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: protective distribution system.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: protocol data unit.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) “The corroboration that a peer entity in an association is the one claimed.” [I7498-2] (See: authentication.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A security service that verifies an id[[entity claimed by or for a system entity in an association. (See: authentication, authentication service.)

Tutorial: This service is used at the establishment of, or at times during, an association to confirm the id[[entity of one entity to another, thus protecting against a masquerade by the first entity. However, unlike data origin authentication service, this service requires an association to exist between the two entities, and the corroboration provided by the service is valid only at the current time that the service is provided. (See: “relationship between data integrity service and authentication services” under “data integrity service”).

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: Privacy Enhanced Mail.

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) Circumvent a system's security protections. (See: attack, break, violation.)

1b. (I) Successfully and repeatedly gain unauthorized access to a protected system resource. [Huff]

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) /threat action/ See: secondary definition under “intrusion”.

Shirey Informational Page 217]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A system test, often part of system certification, in which evaluators attempt to circumvent the security features of a system. [NCS04, SP42] (See: tiger team.)

Tutorial: Penetration testing evaluates the relative vulnerability of a system to attacks and identifies methods of gaining access to a system by using tools and techniques that are available to adversaries. Testing may be performed under various constraints and conditions, including a specified level of knowledge of the system design and implementation. For a TCSEC evaluation, testers are assumed to have all system design and implementation documentation, including source code, manuals, and circuit diagrams, and to work under no greater constraints than those applied to ordinary users.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) For a key agreement protocol, the property that compromises long-term keying material does not compromise session keys that were previously derived from the long-term material. (Compare: public-key forward secrecy.)

Usage: Some existing RFCs use this term but either do not define it or do not define it precisely. While preparing this Glossary, we found this to be a muddled area. Experts did not agree. For all practical purposes, the literature defines “perfect forward secrecy” by stating the Diffie-Hellman-Merkle algorithm. The termpublic-key forward secrecy” (suggested by Hilarie Orman) and the definition stated for it in this Glossary were crafted to be compatible with current Internet documents, yet be narrow and leave room for improved terminology.

Challenge to the Internet security community: We need a taxonomy of terms and definitions to cover the basic properties discussed here for the full range of cryptographic algorithms and protocols used in Internet Standards:

Involvement of session keys vs. long-term keys: Experts disagree about the basic ideas involved: - One concept of “forward secrecy” is that, given observations of the operation of a key establishment protocol up to time t, and given some of the session keys derived from those protocol runs, you cannot derive unknown past session keys or future session keys. - A related property is that, given observations of the protocol and knowledge of the derived session keys, you cannot derive one or more of the long-term private keys.

Shirey Informational Page 218]

RFC 4949 Internet Security Glossary, Version 2 August 2007

- The “I” definition presented above involves a third concept of “forward secrecy” that refers to the effect of the compromise of long-term keys. - All three concepts involve the idea that a compromise of “this” encryption key is not supposed to compromise the “next” one. There also is the idea that compromise of a single key will compromise only the data protected by the single key. In Internet literature, the focus has been on protection against decryption of back traffic in the event of a compromise of secret key material held by one or both parties to a communication.

Forward vs. backward: Experts are unhappy with the wordforward”, because compromise of “this” encryption key also is not supposed to compromise the “previous” one, which is “backward” rather than forward. In S/KEY, if the key used at time t is compromised, then all keys used prior to that are compromised. If the “long-termkey (i.e., the base of the hashing scheme) is compromised, then all keys past and future are compromised; thus, you could say that S/KEY has neither forward nor backward secrecy.

Asymmetric cryptography vs. symmetric: Experts disagree about forward secrecy in the context of symmetric cryptographic systems. In the absence of asymmetric cryptography, compromise of any long- term key seems to compromise any session key derived from the long-term key. For example, Kerberos isn't forward secret, because compromising a client's password (thus compromising the key shared by the client and the authentication server) compromises future session keys shared by the client and the ticket-granting server.

Ordinary forward secrecy vs. “perfect” forward secret: Experts disagree about the difference between these two. Some say there is no difference, and some say that the initial naming was unfortunate and suggest dropping the word “perfect”. Some suggest using “forward secrecy” for the case where one long-term private key is compromised, and adding “perfect” for when both private keys (or, when the protocol is multi-party, all private keys) are compromised.

Acknowledgements: Bill Burr, Burt Kaliski, Steve Kent, Paul Van Oorschot, Jonathan Trostle, Michael Wiener, and, especially, Hilarie Orman contributed ideas to this discussion.

([[Fair Use]] [[Source]]: [[RFC 4949])


See: security perimeter.

Shirey Informational Page 219]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A mode of system operation in which information of different sensitivities is processed at distinctly different times by the same system, with the system being properly purged or sanitized between periods. (See: color change.)

Tutorial: The security mode of operation and maximum classification of data handled by the system is established for an interval of time and then is changed for the following interval of time. A period extends from the secure initialization of the system to the completion of any purging of sensitive data handled by the system during the period.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Non-volatile media that, once written into, can never be completely erased.

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) Synonym for “authorization”. (Compare: privilege.)

1b. (N) An authorization or set of authorizations to perform security-relevant functions in the context of role-based access control. ANSI

Tutorial: A permission is a positively stated authorization for access that (a) can be associated with one or more roles and (b) enables a user in a role to access a specified set of system resources by causing a specific set of system actions to be performed on the resources.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An X.509 certificate issued to a system entity that wishes to use a persona to conceal its true id[[entity when using PEM or other Internet services that depend on PKI support. (See: anonymity.) [R1422]

Tutorial: PEM designers intended that (a) a CA issuing persona certificates would explicitly not be vouching for the id[[entity of the system entity to whom the certificate is issued, (b) such certificates would be issued only by CAs subordinate to a policy CA having a policy stating that purpose (i.e., that would warn relying parties that the “subjectfield DN represented only a persona and not a true, vetted user id[[entity), and © the CA would not need to maintain records binding the true id[[entity of the subject to the certificate.

Shirey Informational Page 220]

RFC 4949 Internet Security Glossary, Version 2 August 2007

However, the PEM designers also intended that a CA issuing persona certificates would establish procedures (d) to enable “the holder of a PERSONA certificate to request that his certificate be revoked” and (e) to ensure that it did not issue the same subject DN to multiple users. The latter condition implies that a persona certificate is not an organizational certificate unless the organization has just one member or representative.

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) A character string used as a password to gain access to a system resource. (See: authentication information.)

Example: A cryptographic token typically requires its user to enter a PIN in order to access information stored in the token and invoke the token's cryptographic functions.

1b. (O) An alphanumeric code or password used to authenticate an id[[entity.

Tutorial: Despite the words “identification” and “number”, a PIN seldom serves as a user identifier, and a PIN's characters are not necessarily all numeric. Retail banking applications use 4-digit numeric user PINs, but the FORTEZZA PC card uses 12-character alphanumeric SSO PINs. (See: SSO PIN, user PIN.)

A better name for this concept would have been “personnel authentication system string” (PASS), in which case, an alphanumeric character string for this purpose would have been called, obviously, a “PASSword”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Information about a particular person, especially information of an intimate or critical nature, that could cause harm or pain to that person if disclosed to unauthorized parties. Examples: medical record, arrest record, credit report, academic transcript, training report, job application, credit card number, Social Security number. (See: privacy.)

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) Synonym for “principal”.

2. (O) /MISSI/ A set of MISSI X.509 public-key certificates that have the same subject DN, together with their associated private keys and usage specifications, that is stored on a FORTEZZA PC card to support a role played by the card's user.

Tutorial: When a card's user selects a personality to use in a FORTEZZA-aware application, the data determines behavior traits

Shirey Informational Page 221]

RFC 4949 Internet Security Glossary, Version 2 August 2007

(the personality) of the application. A card's user may have multiple personalities on the card. Each has a “personality label”, a user-friendly character string that applications can display to the user for selecting or changing the personality to be used. For example, a military user's card might contain three personalities: GENERAL HALFTRACK, COMMANDER FORT SWAMPY, and NEW YEAR'S EVE PARTY CHAIRMAN. Each personality includes one or more certificates of different types (such as DSA versus RSA), for different purposes (such as digital signature versus encryption), or with different authorizations.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: Tutorial under “personal identification number”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Procedures to ensure that persons who access a system have proper clearance, authorization, and need-to-know as required by the system's security policy. (See: security architecture.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) See: Pretty Good Privacy(trademark).

([[Fair Use]] [[Source]]: [[RFC 4949])



(I) /ISAKMP/ See: secondary definition under “Internet Security Association and Key Management Protocol”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) /slang/ A technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a Web site, in which the perpetrator masquerades as a legitimate business or reputable person. (See: social engineering.)

Derivation: Possibly from “phony fishing”; the solicitation usually involves some kind of lure or bait to hook unwary recipients. (Compare: phreaking.)

Deprecated Term: IDOCs SHOULD NOT use this term; it is not listed in most dictionaries and could confuse international readers. (See: Deprecated Usage under “Green Book”.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A UDP-based, key establishment protocol for session keys, designed for use with the IPsec protocols AH and ESP. Superseded by IKE.

Shirey Informational Page 222]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) A contraction of “telephone breaking”. An attack on or penetration of a telephone system or, by extension, any other communication or information system. [Raym]

Deprecated Term: IDOCs SHOULD NOT use this contraction; it is not listed in most dictionaries and could confuse international readers. (See: Deprecated Usage under “Green Book”.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) /threat action/ See: secondary definition under “incapacitation”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Tangible means of preventing unauthorized physical access to a system. Examples: Fences, walls, and other barriers; locks, safes, and vaults; dogs and armed guards; sensors and alarm bells. [FP031, R1455] (See: security architecture.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A form of active wiretapping in which the attacker gains access to a system via intervals of inactivity in another user's legitimate communication connection. Sometimes called a “between- the-lines” attack. (See: hijack attack, man-in-the-middle attack.)

Deprecated Usage: IDOCs that use this term SHOULD state a definition for it because the term could confuse international readers.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: personal identification number.

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) A denial-of-service attack that sends an improperly large ICMP echo request packet (a “ping”) with the intent of causing the destination system to fail. (See: ping sweep, teardrop.)

Deprecated Term: IDOCs SHOULD NOT use this term; instead, use “ping packet overflow attack” or some other term that is specific with regard to the attack mechanism.

Tutorial: This attack seeks to exploit an implementation vulnerability. The IP specification requires hosts to be prepared to accept datagrams of up to 576 octets, but also permits IP datagrams to be up to 65,535 octets long. If an IP implementation does not properly handle very long IP packets, the ping packet may overflow the input buffer and cause a [[fatal]] system error.

Shirey Informational Page 223]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An attack that sends ICMP echo requests (“pings”) to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities. (See: ping of death. Compare: port scan.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: Public-Key Cryptography Standards.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A standard [PKC05] (see: RFC 2898) from the PKCS series; defines a method for encrypting an octet string with a secret key derived from a password.

Tutorial: Although the method can be used for arbitrary octet strings, its intended primary application in public-key cryptography is for encrypting private keys when transferring them from one computer system to another, as described in PKCS #8.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A standard [PKC07] (see: RFC 2315) from the PKCS series; defines a syntax for data that may have cryptography applied to it, such as for digital signatures and digital envelopes. (See: CMS.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A standard [PKC10] (see: RFC 2986) from the PKCS series; defines a syntax for certification requests. (See: certification request.)

Tutorial: A PKCS #10 request contains a DN and a public key, and may contain other attributes, and is signed by the entity making the request. The request is sent to a CA, who converts it to an X.509 public-key certificate (or some other form), and returns it, possibly in PKCS #7 format.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A standard [PKC11] from the PKCS series; defines CAPI called “Cryptoki” for devices that hold cryptographic information and perform cryptographic functions.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: public-key infrastructure.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Abbreviation for “Public Key Cryptography for Initial Authentication in Kerberos” (RFC 4556). (See: Tutorial under “Kerberos”.)

Shirey Informational Page 224]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) A contraction of “Public-Key Infrastructure (X.509)”, the name of the IETF working group that is specifying an architecture [R3280] and set of protocols [R4210] to provide X.509-based PKI services for the Internet.

1b. (I) A collective name for that Internet PKI architecture and associated set of protocols.

Tutorial: The goal of PKIX is to facilitate the use of X.509 public-key certificates in multiple Internet applications and to promote interoperability between different implementations that use those certificates. The resulting PKI is intended to provide a framework that supports a range of trust and hierarchy environments and a range of usage environments. PKIX specifies (a) profiles of the v3 X.509 public-key certificate standards and the v2 X.509 CRL standards for the Internet, (b) operational protocols used by relying parties to obtain information such as certificates or certificate status, © management protocols used by system entities to exchange information needed for proper management of the PKI, and (d) information about certificate policies and CPSs, covering the areas of PKI security not directly addressed in the rest of PKIX.

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) /noun/ Data that is input to an encryption process. (See: plaintext. Compare: cipher text, clear text.)

2. (D) /noun/ Synonym for “clear text”.

Deprecated Definition: IDOCs SHOULD NOT use this term as a synonym for “clear text”. Sometimes plain text that is input to an encryption operation is clear text, but other times plain text is cipher text that was output from a previous encryption operation. (See: superencryption.)

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (O) /noun/ Synonym for “plain text”.

2. (I) /adjective/ Referring to plain text. Usage: Commonly used instead of “plain-text”. (Compare: ciphertext, cleartext.)

3. (D) /noun/ Synonym for “cleartext”.

Deprecated Definition: IDOCs SHOULD NOT use this term as a synonym for “cleartext”. Cleartext data is, by definition, not encrypted; but plaintext data that is input to an encryption operation may be

Shirey Informational Page 225]

RFC 4949 Internet Security Glossary, Version 2 August 2007

cleartext data or may be ciphertext data that was output from a previous encryption operation. (See: superencryption.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: Private Line Interface.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: policy management authority.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An Internet Standard protocol (RFC 1661) for encapsulation and full-duplex transportation of protocol data packets in OSIRM Layer 3 over an OSIRM Layer 2 link between two peers, and for multiplexing different Layer 3 protocols over the same link. Includes optional negotiation to select and use a peer entity authentication protocol to authenticate the peers to each other before they exchange Layer 3 data. (See: CHAP, EAP, PAP.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An Internet client-server protocol (RFC 2637) (originally developed by Ascend and Microsoft) that enables a dial-up user to create a virtual extension of the dial-up link across a network by tunneling PPP over IP. (See: L2TP.)

Tutorial: PPP can encapsulate any IPS Network Interface Layer protocol or OSIRM Layer 3 protocol. Therefore, PPTP does not specify security services; it depends on protocols above and below it to provide any needed security. PPTP makes it possible to divorce the location of the initial dial-up server (i.e., the PPTP Access Concentrator, the client, which runs on a special-purpose host) from the location at which the dial-up protocol (PPP) connection is terminated and access to the network is provided (i.e., at the PPTP Network Server, which runs on a general-purpose host).

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) A plan or course of action that is stated for a system or organization and is intended to affect and direct the decisions and deeds of that entity's components or members. (See: security policy.)

1b. (O) A definite goal, course, or method of action to guide and determine present and future decisions, that is implemented or executed within a particular context, such as within a business unit. [R3198]

Deprecated Abbreviation: IDOCs SHOULD NOT use “policy” as an abbreviation of either “security policy” or “certificate policy”.

Shirey Informational Page 226]

RFC 4949 Internet Security Glossary, Version 2 August 2007

Instead, to avoid misunderstanding, use a fully qualified term, at least at the point of first usage.

Tutorial: The introduction of new technology to replace traditional systems can result in new systems being deployed without adequate policy definition and before the implications of the new technology are fully understand. In some cases, it can be difficult to establish policies for new technology before the technology has been operationally tested and evaluated. Thus, policy changes tend to lag behind technological changes, such that either old policies impede the technical innovation, or the new technology is deployed without adequate policies to govern its use.

When new technology changes the ways that things are done, newprocedures” must be defined to establish operational guidelines for using the technology and achieving satisfactory results, and newpractices” must be established for managing new systems and monitoring results. Practices and procedures are more directly coupled to actual systems and business operations than are polices, which tend to be more abstract. - “Practices” define how a system is to be managed and what controls are in place to monitor the system and detect abnormal behavior or quality problems. Practices are established to ensure that a system is managed in compliance with stated policies. System audits are primarily concerned with whether or not practices are being followed. Auditors evaluate the controls to make sure they conform to accepted industry standards, and then confirm that controls are in place and that control measurements are being gathered. Audit trails are examples of control measurements that are recorded as part of system operations. - “Procedures” define how a system is operated, and relate closely to issues of what technology is used, who the operators are, and how the system is deployed physically. Procedures define both normal and abnormal operating circumstances. - For every control defined by a practice statement, there should be corresponding procedures to implement the control and provide ongoing measurement of the control parameters. Conversely, procedures require management practices to insure consistent and correct operational behavior.

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) /PKI/ Synonym for “policy management authority”. [PAG]

Deprecated Term: IDOCs SHOULD NOT use this term as synonym for “policy management authority”. The term suggests a limited, passive role that is not typical of PMAs.

Shirey Informational Page 227]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) /MISSI/ The top-level signing authority of a MISSI certification hierarchy. The term refers both to that authoritative office or role and to the person who plays that role. (See: policy management authority, root registry.)

Tutorial: A MISSI PAA (a) registers MISSI PCAs and signs their X.509 public-key certificates, (b) issues CRLs but does not issue a CKL, and © may issue cross-certificates to other PAAs.

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) /PKI/ Synonym for “policy management authority”. [PAG]

Deprecated Term: IDOCs SHOULD NOT use this term as synonym for “policy management authority”. The term is unnecessarily vague and thus may be confused with other PKI entities, such as CAs and RAs, that enforce of apply various aspects of PKI policy.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An X.509-compliant CA at the second level of the Internet certification hierarchy, under the IPRA. Each PCA operates under its published security policy (see: certificate policy, CPS) and within constraints established by the IPRA for all PCAs. [R1422]. (See: policy creation authority.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) /MISSI/ The second level of a MISSI certification hierarchy; the administrative root of a security policy domain of MISSI users and other, subsidiary authorities. The term refers both to that authoritative office or role and to the person who fills that office. (See: policy certification authority.)

Tutorial: A MISSI PCA's certificate is issued by a PAA. The PCA registers the CAs in its domain, defines their configurations, and issues their X.509 public-key certificates. (The PCA may also issue certificates for SCAs, ORAs, and other end entities, but a PCA does not usually do this.) The PCA periodically issues CRLs and CKLs for its domain.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) /PKI/ A person, role, or organization within a PKI that is responsible for (a) creating or approving the content of the certificate policies and CPSs that are used in the PKI; (b) ensuring the administration of those policies; and © approving any cross-certification or interoperability agreements with CAs external to the PKI and any related policy mappings. The PMA may also be the accreditor for the PKI as a whole or for some of its

Shirey Informational Page 228]

RFC 4949 Internet Security Glossary, Version 2 August 2007

components or applications. DoD9, PAG] (See: policy approving authority.)

Example: In the U.S. Department of Defense, an organization called the Policy Management Authority is responsible for DoD PKI DoD9].

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) “Recognizing that, when a CA in one domain certifies a CA in another domain, a particular certificate policy in the second domain may be considered by the authority of the first domain to be equivalent (but not necessarily identical in all respects) to a particular certificate policy in the first domain.” [X509]

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A building block of a security policy; it (a) defines a set of system conditions and (b) specifies a set of system actions that are to be performed if those conditions occur. [R3198]

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: Post Office Protocol, version 3.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A POP3 command (better described as a transaction type, or subprotocol) by which a POP3 client optionally uses a keyed hash (based on MD5) to authenticate itself to a POP3 server and, depending on the server implementation, to protect against replay attacks. (See: CRAM, POP3 AUTH, IMAP4 AUTHENTICATE.)

Tutorial: The server includes a unique time stamp in its greeting to the client. The subsequent APOP command sent by the client to the server contains the client's name and the hash result of applying MD5 to a string formed from both the time stamp and a shared secret value that is known only to the client and the server. APOP was designed to provide an alternative to using POP3's USER and PASS (i.e., password) command pair, in which the client sends a cleartext password to the server.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A POP3 command [R1734] (better described as a transaction type, or subprotocol) by which a POP3 client optionally proposes a mechanism to a POP3 server to authenticate the client to the server and provide other security services. (See: POP3 APOP, IMAP4 AUTHENTICATE.)

Tutorial: If the server accepts the proposal, the command is followed by performing a challenge-response authentication protocol and, optionally, negotiating a protection mechanism for

Shirey Informational Page 229]

RFC 4949 Internet Security Glossary, Version 2 August 2007

subsequent POP3 interactions. The security mechanisms used by POP3 AUTH are those used by IMAP4.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A technique that sends client requests to a range of service port addresses on a host. (See: probe. Compare: ping sweep.)

Tutorial: A port scan can be used for pre-attack surveillance, with the goal of finding an active port and subsequently exploiting a known vulnerability of that port's service. A port scan can also be used as a flooding attack.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) The principle that a security architecture should be designed so that access to system resources is permitted only when explicitly granted; i.e., in the absence of an explicit authorization that grants access, the default action shall be to refuse access. (See: authorization, access.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) Portable Operating System Interface for Computer Environments, a standard [FP151, I9945] (originally IEEE Standard P1003.1) that defines an operating system interface and environment to support application portability at the source code level. It is intended to be used by both application developers and system implementers.

Tutorial: P1003.1 supports security functionality like that on most UNIX systems, including discretionary access control and privileges. IEEE Draft Standard P1003.6 specifies additional functionality not provided in the base standard, including (a) discretionary access control, (b) audit trail mechanisms, © privilege mechanisms, (d) mandatory access control, and (e) information label mechanisms.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An Internet Standard protocol (RFC 1939) by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client. (See: IMAP4.)

Tutorial: POP3 has mechanisms for optionally authenticating a client to a server and providing other security services. (See: POP3 APOP, POP3 AUTH.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: Point-to-Point Protocol.

Shirey Informational Page 230]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: Point-to-Point Tunneling Protocol.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) /PKI/ A CAW feature that enables certification requests to be automatically validated against data provided in advance to the CA by an authorizing entity.

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) /information system/ A ranking assigned to events or data objects that determines the relative order in which they are processed.

2. (N) /communication system/ A designation assigned to a communication (i.e., packet, message, data stream, connection, etc.) by the originator to state the importance or urgency of that communication versus other communications, and thus indicate to the transmission system the relative order of handling, and indicate to the receiver the order in which the communication is to be noted. [F1037] (See: availability, critical, preemption.)

Example: The “Precedence” subfield of the “Type of Servicefield of the IPv4 header supports the following designations (in descending order of importance): 111 Network Control, 110 Internetwork Control, 101 CRITIC/ECP (Critical Intelligence Communication/Emergency Command Precedence), 100 Flash Override, 011 Flash, 010 Immediate, 001 Priority, and 000 Routine. These designations were adopted from U.S. DoD systems that existed before ARPANET.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) The seizure, usually automatic, of system resources that are being used to serve a lower-precedence communication, in order to serve immediately a higher-precedence communication. [F1037]

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) Trademarks of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet. (Compare: DKIM, MOSS, MSP, PEM, S/MIME.)

Tutorial: PGP encrypts messages with a symmetric algorithm (originally, IDEA in CFB mode), distributes the symmetric keys by encrypting them with an asymmetric algorithm (originally, RSA), and creates digital signatures on messages with a cryptographic hash and an asymmetric encryption algorithm (originally, MD5 and RSA). To establish ownership of public keys, PGP depends on the “web of trust”.

Shirey Informational Page 231]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: secondary definition under “security”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) /SET/ “The assigned number that identifies the card issuer and cardholder. This account number is composed of an issuer identification number, an individual account number identification, and an accompanying check digit as defined by ISO 7812-1985.” [SET2, I7812] (See: bank identification number.)

Tutorial: The PAN is embossed, encoded, or both on a magnetic- strip-based credit card. The PAN identifies the issuer to which a transaction is to be routed and the account to which it is to be applied unless specific instructions indicate otherwise. The authority that assigns the BIN part of the PAN is the American Bankers Association.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A specific id[[entity claimed by a user when accessing a system.

Usage: Usually understood to be an id[[entity that is registered in and authenticated by the system; equivalent to the notion of login account identifier. Each principal is normally assigned to a single user, but a single user may be assigned (or attempt to use) more than one principal. Each principal can spawn one or more subjects, but each subject is associated with only one principal. (Compare: role, subject, user.)

(I) /Kerberos/ A uniquely identified (i.e., uniquely named) client or server instance that participates in a network communication.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) /information system/ Precedence for processing an event or data object, determined by security importance or other factors. (See: precedence.)

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) The right of an entity (normally a person), acting in its own behalf, to determine the degree to which it will interact with its environment, including the degree to which the entity is willing to share its personal information with others. (See: HIPAA, personal information, Privacy Act of 1974. Compare: anonymity, data confidentiality.) [FP041]

2. (O) “The right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.” [I7498-2]

Shirey Informational Page 232]

RFC 4949 Internet Security Glossary, Version 2 August 2007

3. (D) Synonym for “data confidentiality”.

Deprecated Definition: IDOCs SHOULD NOT use this term as a synonym for “data confidentiality” or “data confidentiality service”, which are different concepts. Privacy is a reason for security rather than a kind of security. For example, a system that stores personal data needs to protect the data to prevent harm, embarrassment, inconvenience, or unfairness to any person about whom data is maintained, and to protect the person's privacy. For that reason, the system may need to provide data confidentiality service.

Tutorial: The termprivacy” is used for various separate but related concepts, including bodily privacy, territorial privacy, personal information privacy, and communication privacy. IDOCs are expected to address only communication privacy, which in this Glossary is defined primarily by “data confidentiality” and secondarily by “data integrity”.

IDOCs are not expected to address information privacy, but this Glossary provides definition 1 for that concept because personal information privacy is often confused with communication privacy. IDOCs are not expected to address bodily privacy or territorial privacy, and this Glossary does not define those concepts because they are not easily confused with communication privacy.

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) A U.S. Federal law (Section 552a of Title 5, United States Code) that seeks to balance the U.S. Government's need to maintain data about individuals with the rights of individuals to be protected against unwarranted invasions of their privacy stemming from federal agencies' collection, maintenance, use, and disclosure of personal data. (See: privacy.)

Tutorial: In 1974, the U.S. Congress was concerned with the potential for abuses that could arise from the Government's increasing use of computers to store and retrieve personal data. Therefore, the Act has four basic policy objectives: - To restrict disclosure of personally identifiable records maintained by Federal agencies. - To grant individuals increased rights of access to Federal agency records maintained on themselves. - To grant individuals the right to seek amendment of agency records maintained on themselves upon a showing that the records are not accurate, relevant, timely, or complete. - To establish a code of “fair information practices” that requires agencies to comply with statutory norms for collection, maintenance, and dissemination of records.

Shirey Informational Page 233]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An Internet protocol to provide data confidentiality, data integrity, and data origin authentication for electronic mail. [R1421, R1422]. (Compare: DKIM, MOSS, MSP, PGP, S/MIME.)

Tutorial: PEM encrypts messages with a symmetric algorithm (originally, DES in CBC mode), provides distribution for the symmetric keys by encrypting them with an asymmetric algorithm (originally, RSA), and signs messages with an asymmetric encryption algorithm over a cryptographic hash (originally, RSA over either MD2 or MD5). To establish ownership of public keys, PEM uses a certification hierarchy, with X.509 public-key certificates and X.509 CRLs that are signed with an asymmetric encryption algorithm over a cryptographic hash (originally, RSA over MD2).

PEM is designed to be compatible with a wide range of key management methods, but is limited to specifying security services only for text messages and, like MOSS, has not been widely implemented in the Internet.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Synonym for “private key”.

Deprecated Usage: In most cases, IDOCs SHOULD NOT use this term; instead, to avoid confusing readers, use “private key”. However, the term MAY be used when discussing a key pair; e.g., “A key pair has a public component and a private component.”

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: secondary definition under “extension”.

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) The secret component of a pair of cryptographic keys used for asymmetric cryptography. (See: key pair, public key, secret key.)

2. (O) In a public key cryptosystem, “that key of a user's key pair which is known only by that user.” [X509]

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) The first end-to-end packet encryption system for a computer network, developed by BBN starting in 1975 for the U.S. DoD, incorporating U.S. Government-furnished, military-grade COMSEC equipment (TSEC/KG-34). [B1822] (Compare: IPLI.)

Shirey Informational Page 234]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) /access control/ A synonym for “authorization”. (See authorization. Compare: permission.)

1b. (I) /computer platform/ An authorization to perform a security-relevant function in the context of a computer's operating system.

([[Fair Use]] [[Source]]: [[RFC 4949])


(O) “The infrastructure able to support the management of privileges in support of a comprehensive authorization service and in relationship with a” PKI; i.e., processes concerned with attribute certificates. [X509]

Deprecated Usage: IDOCs SHOULD NOT use this term with this definition. This definition is vague, and there is no consensus on a more specific one.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A computer process that is authorized (and, therefore, trusted) to perform some security-relevant functions that ordinary processes are not. (See: privilege, trusted process.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An user that has access to system control, monitoring, or administration functions. (See: privilege, /UNIX/ under “root”, superuser, user.)

Tutorial: Privileged users include the following types: - Users with near or complete control of a system, who are authorized to set up and administer user accounts, identifiers, and authentication information, or are authorized to assign or change other users' access to system resources. - Users that are authorized to change control parameters (e.g., network addresses, routing tables, processing priorities) on routers, multiplexers, and other important equipment. - Users that are authorized to monitor or perform troubleshooting for a system's security functions, typically using special tools and features that are not available to ordinary users.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) /verb/ A technique that attempts to access a system to learn something about the system. (See: port scan.)

Tutorial: The purpose of a probe may be offensive, e.g., an attempt to gather information for circumventing the system's protections; or the purpose may be defensive, e.g., to verify that the system is working properly.

Shirey Informational Page 235]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(D) Synonym for “administrative security”.

Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for “administrative security”. The term may be misleading because any type of security may involve procedures, and procedures may be either external to the system or internal. Instead, use “administrative security”, “communication security”, “computer security”, “emanations security”, “personnel security”, “physical security”, or whatever specific type is meant. (See: security architecture.)

([[Fair Use]] [[Source]]: [[RFC 4949])


See: certificate profile, protection profile.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A protocol whereby a system entity proves to another that it possesses and controls a cryptographic key or other secret information. (See: zero-knowledge proof.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Refers to information (or other property) that is owned by an individual or organization and for which the use is restricted by that entity.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A checksum that is computed for a data object by means that protect against active attacks that would attempt to change the checksum to make it match changes made to the data object. (See: digital signature, keyed hash, Tutorial under “checksum”.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) “Packaging techniques for COMSEC material that discourage penetration, reveal a penetration has occurred or was attempted, or inhibit viewing or copying of keying material prior to the time it is exposed for use.” [C4009] (See: tamper-evident, tamper- resistant. Compare: QUADRANT.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: secondary definition under “Internet Protocol Security Option”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) /U.S. Government/ An indication of the trust that is needed in a system's technical ability to enforce security policy for confidentiality. (Compare: /system operation/ under “mode of operation”.)

Shirey Informational Page 236]

RFC 4949 Internet Security Glossary, Version 2 August 2007

Tutorial: An organization's security policy could define protection levels that are based on comparing (a) the sensitivity of information handled by a system to (b) the authorizations of users that receive information from the system without manual intervention and reliable human review. For each level, the policy could specify security features and assurances that must be included in any system that was intended to operate at that level.

Example: Given some set of data objects that are classified at one or more hierarchical levels and in one or more non-hierarchical categories, the following table defines five protection levels for systems that would handle that data. Beginning with PL1 and evolving to PL5, each successive level would require stronger features and assurances to handle the dataset. (See: clearance, formal access approval, and need-to-know.)

Lowest Clearance[[Formal]] [[Access]] Need-To-[[Know]]
 Among All [[User]]s Approval of [[User]]sof [[User]]s
 +-------------------+-------------------+-------------------+
PL5 | Some user has no | [Does not matter.]| [Does not matter.]| High | clearance at all. | | |
 +-------------------+-------------------+-------------------+
PL4 | All are cleared| [Does not matter.]| [Does not matter.]|
 | for some [[data]]. | | |
 +-------------------+-------------------+-------------------+
PL3 | All are cleared| Some not approved | [Does not matter.]|
 | for all [[data]]. | for all [[data]]. | |
 +-------------------+-------------------+-------------------+
PL2 | All are cleared| All are approved | Some don't need to|
 | for all [[data]]. | for all [[data]]. | to [[know]] all [[data]]. |
 +-------------------+-------------------+-------------------+
PL1 | All are cleared| All are approved | All have a need| Low | for all data. | for all data. | to know all data. |
 +-------------------+-------------------+-------------------+

Each of these protection levels can be viewed as being equivalent to one or more modes of system operation defined in this Glossary: - PL5 is equivalent to multilevel security mode. - PL4 is equivalent to either multilevel or compartmented security mode, depending on the details of users' clearances. - PL3 is equivalent to partitioned security mode. - PL2 is equivalent to system-high security mode. - PL1 is equivalent to dedicated security mode.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) /Common Criteria/ An implementation-independent set of security requirements for a category of targets of evaluation that

Shirey Informational Page 237]

RFC 4949 Internet Security Glossary, Version 2 August 2007

meet specific consumer needs. [CCIB] Example: [IDSAN]. (See: target of evaluation. Compare: certificate profile, package.)

Tutorial: A protection profile (PP) is the kind of document used by consumers to specify functional requirements they want in a product, and a security target (ST) is the kind of document used by vendors to make functional claims about a product.

A PP is intended to be a reusable statement of product security needs, which are known to be useful and effective, for a set of information technology security products that could be built. A PP contains a set of security requirements, preferably taken from the catalogs in Parts 2 and 3 of the Common Criteria, and should include an EAL. A PP could be developed by user communities, product developers, or any other parties interested in defining a common set of requirements.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) One of a hierarchy of privileged operation modes of a system that gives certain access rights to processes authorized to operate in that mode. (See: Multics.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A wireline or fiber-optic communication system used to transmit cleartext classified information through an area of lesser classification or control. [N7003]

([[Fair Use]] [[Source]]: [[RFC 4949])


1a. (I) A set of rules (i.e., formats and procedures) to implement and control some type of association (e.g., communication) between systems. Example: Internet Protocol.

1b. (I) A series of ordered computing and communication steps that are performed by two or more system entities to achieve a joint objective. [A9042]

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) See: secondary definition under “protocol data unit”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A data packet that is defined for peer-to-peer transfers in a protocol layer.

Tutorial: A PDU consists of two disjoint subsets of data: the SDU and the PCI. (Although these terms – PDU, SDU, and PCI – originated in the OSIRM, they are also useful and permissible in an IPS context.)

Shirey Informational Page 238]

RFC 4949 Internet Security Glossary, Version 2 August 2007

- The “service data unit” (SDU) in a packet is data that the protocol transfers between peer protocol entities on behalf of the users of that layer's services. For Layers 1 through 6, the layer's users are peer protocol entities at a higher layer; for Layer 7, the users are application entities outside the scope of the OSIRM. - The “protocol control information” (PCI) in a packet is data that peer protocol entities exchange between themselves to control their joint operation of the layer.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A complementary collection of communication protocols used in a computer network. (See: IPS, OSI.)

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) A computer process that acts on behalf of a user or client.

2. (I) A computer process – often used as, or as part of, a firewall – that relays application transactions or a protocol between client and server computer systems, by appearing to the client to be the server and appearing to the server to be the client. (See: SOCKS.)

Tutorial: In a firewall, a proxy server usually runs on a bastion host, which may support proxies for several applications and protocols (e.g., FTP, HTTP, and TELNET). Instead of a client in the protected enclave connecting directly to an external server, the internal client connects to the proxy server, which in turn connects to the external server. The proxy server waits for a request from inside the firewall, forwards the request to the server outside the firewall, gets the response, then sends the response back to the client. The proxy may be transparent to the clients, or they may need to connect first to the proxy server, and then use that association to also initiate a connection to the real server.

Proxies are generally preferred over SOCKS for their ability to perform caching, high-level logging, and access control. A proxy can provide security service beyond that which is normally part of the relayed protocol, such as access control based on peer entity authentication of clients, or peer entity authentication of servers when clients do not have that ability. A proxy at OSIRM Layer 7 can also provide finer-grained security service than can a filtering router at Layer 3. For example, an FTP proxy could permit transfers out of, but not into, a protected network.

Shirey Informational Page 239]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) An X.509 public-key certificate derived from an end-entity certificate, or from another proxy certificate, for the purpose of establishing proxies and delegating authorizations in the context of a PKI-based authentication system. [R3820]

Tutorial: A proxy certificate has the following properties: - It contains a critical extension that (a) identifies it as a proxy certificate and (b) may contain a certification path length constraint and policy constraints. - It contains the public component of a key pair that is distinct from that associated with any other certificate. - It is signed by the private component of a key pair that is associated with an end-entity certificate or another proxy certificate. - Its associated private key can be used to sign only other proxy certificates (not end-entity certificates). - Its “subject” DN is derived from its “issuer” DN and is unique. - Its “issuer” DN is the “subject” DN of an end-entity certificate or another proxy certificate.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) A sequence of values that appears to be random (i.e., unpredictable) but is actually generated by a deterministic algorithm. (See: compression, random, random number generator.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: secondary definition under “random number generator”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Synonym for “public key”.

Deprecated Usage: In most cases, IDOCs SHOULD NOT use this term; to avoid confusing readers, use “private key” instead. However, the term MAY be used when discussing a key pair; e.g., “A key pair has a public component and a private component.”

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) The publicly disclosable component of a pair of cryptographic keys used for asymmetric cryptography. (See: key pair. Compare: private key.)

2. (O) In a public key cryptosystem, “that key of a user's key pair which is publicly known.” [X509]

Shirey Informational Page 240]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) A digital certificate that binds a system entity's identifier to a public key value, and possibly to additional, secondary data items; i.e., a digitally signed data structure that attests to the ownership of a public key. (See: X.509 public-key certificate.)

2. (O) “The public key of a user, together with some other information, rendered unforgeable by encipherment with the private key of the certification authority which issued it.” [X509]

Tutorial: The digital signature on a public-key certificate is unforgeable. Thus, the certificate can be published, such as by posting it in a directory, without the directory having to protect the certificate's data integrity.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) Synonym for “asymmetric cryptography”.

([[Fair Use]] [[Source]]: [[RFC 4949])


(N) A series of specifications published by RSA Laboratories for data structures and algorithms used in basic applications of asymmetric cryptography. [PKCS] (See: PKCS #5 through PKCS #11.)

Tutorial: The PKCS were begun in 1991 in cooperation with industry and academia, originally including Apple, Digital, Lotus, Microsoft, Northern Telecom, Sun, and MIT. Today, the specifications are widely used, but they are not sanctioned by an official standards organization, such as ANSI, ITU-T, or IETF. RSA Laboratories retains sole decision-making authority over the PKCS.

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) For a key-agreement protocol based on asymmetric cryptography, the property that ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the private keys is compromised in the future. (See: Usage note and other discussion under “perfect forward secrecy”.)

([[Fair Use]] [[Source]]: [[RFC 4949])


(I) See: Tutorial under “Kerberos”, PKINIT.

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) A system of CAs (and, optionally, RAs and other supporting servers and agents) that perform some set of certificate management, archive management, key management, and token management functions for a community of users in an application of asymmetric cryptography. (See: hierarchical PKI, mesh PKI, security management infrastructure, trust-file PKI.)

Shirey Informational Page 241]

RFC 4949 Internet Security Glossary, Version 2 August 2007

2. (I) /PKIX/ The set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates based on asymmetric cryptography.

Tutorial: The core PKI functions are (a) to register users and issue their public-key certificates, (b) to revoke certificates when required, and © to archive data needed to validate certificates at a much later time. Key pairs for data confidentiality may be generated (and perhaps escrowed) by CAs or RAs, but requiring a PKI client to generate its own digital signature key pair helps maintain system integrity of the cryptographic system, because then only the client ever possesses the private key it uses. Also, an authority may be established to approve or coordinate CPSs, which are security policies under which components of a PKI operate.

A number of other servers and agents may support the core PKI, and PKI clients may obtain services from them, such as certificate validation services. The full range of such services is not yet fully understood and is evolving, but supporting roles may include archive agent, certified delivery agent, confirmation agent, digital notary, directory, key escrow agent, key generation agent, naming agent who ensures that issuers and subjects have unique identifiers within the PKI, repository, ticket-granting agent, time-stamp agent, and validation agent.

([[Fair Use]] [[Source]]: [[RFC 4949])


1. (I) Synonym for “erase”.

2. (O) /U.S. Government/ Use degaussing or other methods to render magnetically stored data unusable and irrecoverable by any means, including laboratory methods. [C4009] (Compare: /U.S. Government/ erase.)


Fair Use Sources

Fair Use Sources:

Cybersecurity: DevSecOps - Security Automation, Cloud Security - Cloud Native Security (AWS Security - Azure Security - GCP Security - IBM Cloud Security - Oracle Cloud Security, Container Security, Docker Security, Podman Security, Kubernetes Security, Google Anthos Security, Red Hat OpenShift Security); CIA Triad (Confidentiality - Integrity - Availability, Authorization - OAuth, Identity and Access Management (IAM), JVM Security (Java Security, Spring Security, Micronaut Security, Quarkus Security, Helidon Security, MicroProfile Security, Dropwizard Security, Vert.x Security, Play Framework Security, Akka Security, Ratpack Security, Netty Security, Spark Framework Security, Kotlin Security - Ktor Security, Scala Security, Clojure Security, Groovy Security;

, JavaScript Security, HTML Security, HTTP Security - HTTPS Security - SSL Security - TLS Security, CSS Security - Bootstrap Security - Tailwind Security, Web Storage API Security (localStorage Security, sessionStorage Security), Cookie Security, IndexedDB Security, TypeScript Security, Node.js Security, NPM Security, Deno Security, Express.js Security, React Security, Angular Security, Vue.js Security, Next.js Security, Remix.js Security, PWA Security, SPA Security, Svelts.js Security, Ionic Security, Web Components Security, Nuxt.js Security, Z Security, htmx Security

Python Security - Django Security - Flask Security - Pandas Security,

Database Security (Database Security on Kubernetes, Database Security on Containers / Database Security on Docker, Cloud Database Security - DBaaS Security, Concurrent Programming and Database Security, Functional Concurrent Programming and Database Security, Async Programming and Databases Security, MySQL Security, Oracle Database Security, Microsoft SQL Server Security, MongoDB Security, PostgreSQL Security, SQLite Security, Amazon RDS Security, IBM Db2 Security, MariaDB Security, Redis Security (Valkey Security), Cassandra Security, Amazon Aurora Security, Microsoft Azure SQL Database Security, Neo4j Security, Google Cloud SQL Security, Firebase Realtime Database Security, Apache HBase Security, Amazon DynamoDB Security, Couchbase Server Security, Elasticsearch Security, Teradata Database Security, Memcached Security, Infinispan Security, Amazon Redshift Security, SQLite Security, CouchDB Security, Apache Kafka Security, IBM Informix Security, SAP HANA Security, RethinkDB Security, InfluxDB Security, MarkLogic Security, ArangoDB Security, RavenDB Security, VoltDB Security, Apache Derby Security, Cosmos DB Security, Hive Security, Apache Flink Security, Google Bigtable Security, Hadoop Security, HP Vertica Security, Alibaba Cloud Table Store Security, InterSystems Caché Security, Greenplum Security, Apache Ignite Security, FoundationDB Security, Amazon Neptune Security, FaunaDB Security, QuestDB Security, Presto Security, TiDB Security, NuoDB Security, ScyllaDB Security, Percona Server for MySQL Security, Apache Phoenix Security, EventStoreDB Security, SingleStore Security, Aerospike Security, MonetDB Security, Google Cloud Spanner Security, SQream Security, GridDB Security, MaxDB Security, RocksDB Security, TiKV Security, Oracle NoSQL Database Security, Google Firestore Security, Druid Security, SAP IQ Security, Yellowbrick Data Security, InterSystems IRIS Security, InterBase Security, Kudu Security, eXtremeDB Security, OmniSci Security, Altibase Security, Google Cloud Bigtable Security, Amazon QLDB Security, Hypertable Security, ApsaraDB for Redis Security, Pivotal Greenplum Security, MapR Database Security, Informatica Security, Microsoft Access Security, Tarantool Security, Blazegraph Security, NeoDatis Security, FileMaker Security, ArangoDB Security, RavenDB Security, AllegroGraph Security, Alibaba Cloud ApsaraDB for PolarDB Security, DuckDB Security, Starcounter Security, EventStore Security, ObjectDB Security, Alibaba Cloud AnalyticDB for PostgreSQL Security, Akumuli Security, Google Cloud Datastore Security, Skytable Security, NCache Security, FaunaDB Security, OpenEdge Security, Amazon DocumentDB Security, HyperGraphDB Security, Citus Data Security, Objectivity/DB). Database drivers (JDBC Security, ODBC), ORM (Hibernate Security, Microsoft Entity Framework), SQL Operators and Functions Security, Database IDEs (JetBrains DataSpell Security, SQL Server Management Studio Security, MySQL Workbench Security, Oracle SQL Developer Security, SQLiteStudio),

Programming Language Security ((1. Python Security, 2. JavaScript Security, 3. Java Security, 4. C# Security, 5. C++ Security, 6. PHP Security, 7. TypeScript Security, 8. Ruby Security, 9. C Security, 10. Swift Security, 11. R Security, 12. Objective-C Security, 13. Scala Security, 14. Golang Security, 15. Kotlin Security, 16. Rust Security, 17. Dart Security, 18. Lua Security, 19. Perl Security, 20. Haskell Security, 21. Julia Security, 22. Clojure Security, 23. Elixir Security, 24. F# Security, 25. Assembly Language Security, 26. Shell Script Security / bash Security, 27. SQL Security, 28. Groovy Security, 29. PowerShell Security, 30. MATLAB Security, 31. VBA Security, 32. Racket Security, 33. Scheme Security, 34. Prolog Security, 35. Erlang Security, 36. Ada Security, 37. Fortran Security, 38. COBOL Security, 39. Lua Security, 40. VB.NET Security, 41. Lisp Security, 42. SAS Security, 43. D Security, 44. LabVIEW Security, 45. PL/SQL Security, 46. Delphi/Object Pascal Security, 47. ColdFusion Security, 49. CLIST Security, 50. REXX);

OS Security, Mobile Security: Android Security - Kotlin Security - Java Security, iOS Security - Swift Security; Windows Security - Windows Server Security, Linux Security (Ubuntu Security, Debian Security, RHEL Security, Fedora Security), UNIX Security (FreeBSD Security), IBM z Mainframe Security (RACF Security), Passwords (Windows Passwords, Linux Passwords, FreeBSD Passwords, Android Passwords, iOS Passwords, macOS Passwords, IBM z/OS Passwords), Passkeys, Hacking (Ethical Hacking, White Hat, Black Hat, Grey Hat), Pentesting (Red Team - Blue Team - Purple Team), Cybersecurity Certifications (CEH, GIAC, CISM, CompTIA Security Plus, CISSP), Mitre Framework, Common Vulnerabilities and Exposures (CVE), Cybersecurity Bibliography, Cybersecurity Courses, Firewalls, CI/CD Security (GitHub Actions Security, Azure DevOps Security, Jenkins Security, Circle CI Security), Functional Programming and Cybersecurity, Cybersecurity and Concurrency, Cybersecurity and Data Science - Cybersecurity and Databases, Cybersecurity and Machine Learning, Cybersecurity Glossary (RFC 4949 Internet Security Glossary), Awesome Cybersecurity, Cybersecurity GitHub, Cybersecurity Topics (navbar_security - see also navbar_aws_security, navbar_azure_security, navbar_gcp_security, navbar_k8s_security, navbar_docker_security, navbar_podman_security, navbar_mainframe_security, navbar_ibm_cloud_security, navbar_oracle_cloud_security, navbar_database_security, navbar_windows_security, navbar_linux_security, navbar_macos_security, navbar_android_security, navbar_ios_security, navbar_os_security, navbar_firewalls, navbar_encryption, navbar_passwords, navbar_iam, navbar_pentesting, navbar_privacy)

Request for Comments (RFC): List of RFCs, GitHub RFCs, Awesome RFCs, (navbar_rfc)


© 1994 - 2024 Cloud Monk Losang Jinpa or Fair Use. Disclaimers

SYI LU SENG E MU CHYWE YE. NAN. WEI LA YE. WEI LA YE. SA WA HE.