All > Technology > Security
Software that observes and records network traffic.
- Browse Related Terms: Antivirus Software, Boundary Router, Cyber Crime, Cyber warfare, Cyberspace, Demilitarized Zone (DMZ), Dynamic Host Configuration Protocol (DHCP), event, firewall, High Assurance Guard (HAG), IDS Network-Based, Incident management, Malicious code (also malware), packet sniffer, Physically Isolated Network, Proxy, server, Sniffer, Social Engineering, Virtual Private Network (VPN), Wired Equivalent Privacy (WEP)
Also listed in:
All > Technology > Security > Biometrics
A biometric modality that uses the physical structure of an individual's palm print for recognition purposes, as illustrated below.
- Browse Related Terms: Behavioral Biometric Characteristic, Biological Biometric Characteristic, Biometrics, Face Recognition, Gait, Hand Geometry Recognition, Iris Recognition, Keystroke Dynamics, Palm Print Recognition, Signature Dynamics, Speaker Recognition
All > Technology > Security
The organization that is applying for the Personal Identity Verification card on behalf of an applicant. Typically this is an organization for whom the applicant is working.
- Browse Related Terms: Cardholder, Identity Registration, Identity Verification, interoperability, Mandatory Topography, Off-Card, On-Card, Optional Topography, Parent Organization, Personal Identity Verification Card (PIV Card), Personal Identity Verification Issuance Authority, Standard Topography, topology, Verification
All > Technology > Security
An attack against an authentication protocol where the attacker intercepts data traveling along the network between the claimant and verifier, but does not alter the data (i.e. eavesdropping).
- Browse Related Terms: authenticity, Entity, Kerberos, Man-in-the-middle Attack (MitM), Off-line Attack, On-line Attack, Passive Attack, password, Personal Identification Number (PIN), Practice Statement, Proof of Possession Protocol (PoP Protocol), Protocol Run, Secure Communication Protocol, Shared Secret, Subscriber, Token, Transport Layer Security (TLS), Tunneled Password Protocol, Verifier Impersonation Attack
All > Technology > Security
A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization.
- Browse Related Terms: authenticity, Entity, Kerberos, Man-in-the-middle Attack (MitM), Off-line Attack, On-line Attack, Passive Attack, password, Personal Identification Number (PIN), Practice Statement, Proof of Possession Protocol (PoP Protocol), Protocol Run, Secure Communication Protocol, Shared Secret, Subscriber, Token, Transport Layer Security (TLS), Tunneled Password Protocol, Verifier Impersonation Attack
Also listed in:
- All > Law > E-Discovery
- All > Technology > Telecommunications
All > Technology > Security
The ability to protect a file using a password access control, protecting the data contents from being viewed with the appropriate viewer unless the proper password is entered.
- Browse Related Terms: Buffer Overflow, Cracking (also Crackers), Hacker, IDS Host-Based, Keystroke Monitoring, Min-Entropy, Password Protected, Rootkit, scanning, script kiddie, Signature, Victim
All > Technology > Security
Maintaining an authenticatable record of the prior platforms visited by a mobile software agent, so that a newly visited platform can determine whether to process the agent and what resource constraints to apply.
- Browse Related Terms: Active Content, Application Content Filtering, File Name Anomaly, MIME, Mobile Code Technologies, Multi-Hop Problem, Multipurpose Internet Mail Extensions (MIME), Path Histories, Single-Hop Problem
All > Technology > Security
The input data to the CCM generation-encryption process that is both authenticated and encrypted.
- Browse Related Terms: Ciphertext, Cryptology, Data Encryption Algorithm (DEA), Data Encryption Standard (DES), Encrypted Key, Encrypted Network, Encryption Certificate, end-to-end encryption, Escrow, Initialization Vector (IV), Key Bundle, Key Wrap, Payload, Rijndael, Secure Socket Layer and Transport Layer Security (SSL and TSL), Triple DES
Also listed in:
All > Technology > Security > Biometrics
A catch-all phrase for describing a measurement of the characteristics, such as accuracy or speed, of a biometric algorithm or system. See also accuracy, crossover error rate, cumulative match characteristics, d-prime, detection error tradeoff, equal error rate, false accept rate, false alarm rate, false match rate, false reject rate, identification rate, operational evaluation, receiver operating characteristics, scenario evaluation, technology evaluation, true accept rate, true reject rate, verification rate.
- Browse Related Terms: Accuracy, Crossover Error Rate (CER), D-Prime (D'), Degrees of Freedom, Detection Error Trade-off (DET) Curve, Equal Error Rate (EER), False Match Rate, False Non-Match Rate, Performance, Receiver Operating Characteristics (ROC), Verification Rate
Also listed in:
All > Technology > Security
An alphanumeric code or password used to authenticate an identity.
- Browse Related Terms: authenticity, Entity, Kerberos, Man-in-the-middle Attack (MitM), Off-line Attack, On-line Attack, Passive Attack, password, Personal Identification Number (PIN), Practice Statement, Proof of Possession Protocol (PoP Protocol), Protocol Run, Secure Communication Protocol, Shared Secret, Subscriber, Token, Transport Layer Security (TLS), Tunneled Password Protocol, Verifier Impersonation Attack
Also listed in:
- All > Business > Banking
- All > Business > Finance > Personal Finance
- All > Business > Finance > Personal Finance > Income Tax
All > Technology > Security
An individual who can act on behalf of an agency to authorize the issuance of a credential to an applicant.
- Browse Related Terms: Agency Certification Authority (CA), Chief Information Officer (CIO), Chief Information Security Officer, Clinger-Cohen Act of 1996, Crypto Officer, Federal Agency, Federal Information System, FISMA, Information System Security Officer (ISSO), IT Security Awareness and Training Program, Major Information System, Personal Identity Verification Authorizing Official, Personal Identity Verification Requesting Official
All > Technology > Security
Physical artifact (e.g., identity card, smart card) issued to an individual that contains stored identity credentials (e.g., photograph, cryptographic keys, digitized fingerprint representation etc.) such that a claimed identity of the cardholder may be verified against the stored credentials by another person (human readable and verifiable) or an automated process (computer readable and verifiable).
- Browse Related Terms: Cardholder, Identity Registration, Identity Verification, interoperability, Mandatory Topography, Off-Card, On-Card, Optional Topography, Parent Organization, Personal Identity Verification Card (PIV Card), Personal Identity Verification Issuance Authority, Standard Topography, topology, Verification
All > Technology > Security
An authorized identity card creator that procures FIPS approved blank identity cards, initializes them with appropriate software and data elements for the requested identity verification and access control application, personalizes the card with the identity credentials of the authorized subject, and delivers the personalized card to the authorized subject along with appropriate instructions for protection and use.
- Browse Related Terms: Cardholder, Identity Registration, Identity Verification, interoperability, Mandatory Topography, Off-Card, On-Card, Optional Topography, Parent Organization, Personal Identity Verification Card (PIV Card), Personal Identity Verification Issuance Authority, Standard Topography, topology, Verification
All > Technology > Security
An entity that establishes and vouches for the identity of an applicant to a PIV Issuing Authority. The PIV RA authenticates the applicants identity by checking identity source documents and identity proofing and ensures a proper background check has been completed before the credential is issued.
- Browse Related Terms: authenticate, Authentication, Authentication, Electronic, Electronic Authentication (E-authentication), Electronic Credentials, Identification, Identity Management, Identity Proofing, Personal Identity Verification Registration Authority, Pseudonym, Recipient Usage Period, registration, Relying Party, Subject, Verified Name
All > Technology > Security
An individual who can act on behalf of an agency to request a credential for an applicant.
- Browse Related Terms: Agency Certification Authority (CA), Chief Information Officer (CIO), Chief Information Security Officer, Clinger-Cohen Act of 1996, Crypto Officer, Federal Agency, Federal Information System, FISMA, Information System Security Officer (ISSO), IT Security Awareness and Training Program, Major Information System, Personal Identity Verification Authorizing Official, Personal Identity Verification Requesting Official
All > Technology > Security
A method of capturing sensitive information (such as Social Security numbers and passwords) by fooling a user into entering such information on a fake Web site that masks as a legitimate one.
- Browse Related Terms: cookie, Denial-of-service attack, Pharming, Phishing, proxy server, Tracking Cookie, Web Bug, Wireless Application Protocol (WAP)
All > Technology > Security
Using fake e-mail to trick individuals into revealing personal information, such as Social Security numbers, debit and credit card account numbers and passwords, for nefarious uses.
Tricking individuals into disclosing sensitive personal information through deceptive computer-based means.
All > Technology > Security > Identity Theft
A scam that involves tricking someone into giving up personal information, such as account passwords or SSN/SIN numbers, to be used to commit fraud. This fraud can range from draining a bank account, to complete identity takeover. Typically this type of scam is executed by creating a fake email, which leads the user to a fake-but-official-looking webpage.
- Browse Related Terms: Honey Pot, Malware, Phishing, SMShing, Spear Phishing, Vishing
Also listed in:
All > Technology > Security
A network that is not connected to entities or systems outside a physically controlled space.
- Browse Related Terms: Antivirus Software, Boundary Router, Cyber Crime, Cyber warfare, Cyberspace, Demilitarized Zone (DMZ), Dynamic Host Configuration Protocol (DHCP), event, firewall, High Assurance Guard (HAG), IDS Network-Based, Incident management, Malicious code (also malware), packet sniffer, Physically Isolated Network, Proxy, server, Sniffer, Social Engineering, Virtual Private Network (VPN), Wired Equivalent Privacy (WEP)
All > Technology > Security > Biometrics
A security method used to show "what you know." Depending on the system, a PIN could be used to either claim or verify a claimed identity.
- Browse Related Terms: False Acceptance Rate (FAR), False Alarm Rate (FAR), False Rejection Rate (FRR), PIN (Personal Identification Number), Sensor Aging, True Accept Rate, True Reject Rate, Type I Error, Type II Error
All > Technology > Security > Biometrics
A picture element. This is the smallest element of a display that can be assigned a color value. See also pixels per inch (PPI), resolution.
Also listed in:
- All > Technology > Defense
- All > Technology > GIS
- All > Technology > Programming > Java
- All > Technology > Telecommunications