Glossary

An Electronic signature is the process of applying any mark in electronic form with the intent to sign a data object and is used interchangeably with digital signature.

Encryption is a process of maintaining data integrity and confidentiality by converting plain data into a secret code with the help of an algorithm. Only authorized users with a key can access encrypted Data or cipher text.

An Encryption Key is a code of variable value developed with the help of encryption algorithm to encrypt and decrypt information.

A Fail Safe is the automatic protection of programs and/or processing systems when hardware or software failure is detected.

File encryption is the process of encrypting individual files on a storage medium and permitting access to the encrypted data only after proper authentication is provided.

File Transfer Protocol (FTP) is an internet protocol for transferring files from one computer to another in a network using TCP/ IP.

A firewall is a security system, tool that includes any software or hardware aimed at preventing viruses, worms, and hackers from intruding into a system or network.

Flooding is an attack that attempts to cause a failure in a system by providing more input than the system can process properly.

Gateways are network points that act as an entrance to another network. A node or stopping point can be either a gateway node or a host (end-point) node.

See also: Gateway

Governance, Risk Management and Compliance is a comprehensive and integrated organization wide system for achieving the goals set in each areas namely governance, Risk management, and Compliance, and meet the regulatory standards and requirements.

A guessing entropy is a measure of the difficulty that an Attacker has to guess the average password used in a system. In this document, entropy is stated in bits.  When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution.

A hash function is any function that can be used to map data of arbitrary size to data of a fixed size. The values returned by a hash function are called hash values, hash codes, digests, or simply hashes. Hash functions are often used in combination with a hash table, a common data structure used in computer software for rapid data lookup. Hash functions accelerate table or database lookup by detecting duplicated records in a large file.

See also: Hash 

A Header refers to the additional data at the beginning of a chunk of data (or packet) being stored or transmitted. The data that follows the header is called the payload or body. Note that it is important that the header is of clear and unambiguous format to allow for parsing.

E-mail header: The text (body) is preceded by header lines indicating sender, recipient, subject, sending time stamp, receiving time stamps of all intermediate and the final mail transfer agents, and much more.

See also: Header

High Assurance Guard is an enclave boundary protection device that controls access between a local area network that an enterprise system has a requirement to protect, and an external network that is outside the control of the enterprise system, with a high degree of assurance. A guard that has two basic functional capabilities:  a Message Guard and a Directory Guard.  The Message Guard provides filter service for message traffic traversing the Guard between adjacent security domains.  The Directory Guard provides filter service for directory access and updates traversing the Guard between adjacent security domains.

See also: HAG

In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site, but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, who are then blocked. This is similar to police sting operations, colloquially known as "baiting," a suspect.

See also: Honeypot

HoneyMonkey, short for Strider HoneyMonkey Exploit Detection System, is a Microsoft Research honeypot. The implementation uses a network of computers to crawl the World Wide Web searching for websites that use browser exploits to install malware on the HoneyMonkey computer. A snapshot of the memory, executables and registry of the honeypot computer is recorded before crawling a site. After visiting the site, the state of memory, executables, and registry is recorded and compared to the previous snapshot. The changes are analyzed to determine if the visited site installed any malware onto the client honeypot computer.

See also: HoneyMonkey

A host-based intrusion detection system (HIDS) is an intrusion detection system that monitors and analyses information from the operating system audit records occurring on the host. These operations are then compared to a pre-defined security policy norm. This analysis of the audit trail forces significant overhead requirements on the system due to the increased amount of processing power which must be utilized by the intrusion detection system. Depending on the size of the audit trail and the processing ability of the system, the review of audit data could result in the loss of a real-time analysis capability.

See also: HIDS

A hotwash is the immediate "after-action" discussions and evaluations of an agency's (or multiple agencies') performance following an exercise, training session, or major event.

See also: Hotwash

Hypertext Markup Language (HTML) is a set of markup symbols or codes that are inserted in a file intended for display on a World Wide Web (WWW) browser page. These markup states the browser how to display a web page to the user.

HTTP is the underlying protocol used by the World Wide Web (WWW). This protocol defines how messages are formatted and transmitted on the Internet and what actions web servers and browsers should take in response to various commands.