All definitions are written in the context of information security and most are taken from the NIST (National Institution for Standards and Technology) glossary, unless otherwise noted. Many have been edited to conform to Buffalo State standards
Access
A privilege, once granted, giving the individual the ability to make use of, and interact with Buffalo State RITE resources and services.
Access Authority
The entity or office responsible for authorizing the requestor to access the resource or service.
Access Control
The process of granting or denying specific requests to obtain and use information and related information processing services, and enter specific physical facilities (e.g., data center, labs, classrooms, etc.).
Access Control List
A list of permissions associated with an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on/in the object.
Access Control Service
A security service that provides protection of physical or system resources against unauthorized access.
Access List
A roster of individuals who are authorized to access a controlled area, system, resource or service.
Access Point
A device, such as a wireless router, that allows wireless devices to connect to a network.
Access Profile
A list of criteria that qualify a user to be authorized to use a Buffalo State resource or service.
Active Content
Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user’s work station. (i.e., Java, Active X).
Applet
Java programs; an application program that uses the client's web browser to provide a user interface.
Authentication
Authentication is the process of confirming the correctness of the claimed identity.
Ad-hoc Network
A wireless network that dynamically connects wireless client devices to each other without the use of an infrastructure device, such as an access point or a base station.
Administrative Permissions/Administrative Account
The highest level of permission granted to a computer user. At home, the administrator is generally the owner. In an enterprise, like Buffalo State, administrative privileges are restricted under Access Control.
Advanced Persistent Threats (APT)
This is usually a network attack in which an unauthorized person gains access to a network and stays there, undetected, for some time with the intent to steal data and information. It can also include social engineering. In these types of threats, the main method of operation is to repeat the activity over an extended period of time while adapting to the defenders’ efforts to resist.
Alerts
A notification to Buffalo State account holders regarding significant trends and developments regarding information security. Alerts may warn of new phishing tactics, or reports of phishing at other SUNY institutions, national and worldwide organizations. When possible information about consumer information security is also provided.
Antispyware Software
A program that specializes in detecting both malware and non-malware forms of spyware.
Antivirus Software
A program that monitors a computer or network to identify all major types (known types) of malware for the purpose of preventing or containing malware incidents.
Asset
A major application, general support system, high impact program, physical space, mission critical system, personnel, equipment, or logically related group of systems.
Attack
An attempt to gain unauthorized access to system services, resources, information, or an attempt to compromise system integrity. Any kind of malicious activity that attempts to collect, disrupt, degrade or destroy information system resources or the information itself.
Attack Signature
A traceable, and specific sequence of events indicative of an unauthorized access attempt.
Authentication
The process of confirming the correctness of the claimed identity. (SANS.org)
Awareness, Information Security
The state of being conscious of potential threats to the security of one’s information, and the information one handles about others, and how to mitigate those threats.
Backup
A copy of files and programs made to facilitate a recover, if necessary (e.g., disk failure, malicious ransomware, etc.).
Brute Force Password Attack
An attack technique against a secure system using a computer program to rapidly and methodically exhaust all possibilities, one-by-one. (SANS.org)
Buffer Overflow
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. (SANS.org)
Client
A system (your computer is a “client” device) entity that requests and uses a service provided by another system entity, called a "server." In some cases, the server may itself be a client of some other server.
Controlled Access Area
A physical area (i.e., building, room) to which access is restricted to unauthorized personnel.
Cookie
Data exchanged between an HTTP server and a browser (a client of the server), to store state information
Credential
Evidence attesting to someone’s or somethings permission to access. In this case, your credential is your Buffalo State username and password.
Criticality
A measure of the degree to which an organization depends of the information or information system for the success of a mission or business function.
Cyber Attack
An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.
Cyber Criminal
An individual, group, organization or government that conducts or has the intent to conduct malicious and detrimental activities.
Cyber Infrastructure
Includes electronic information and communications systems and services and the information contained in these systems and services. Information and communications systems and services are composed of all hardware and software that process, store, and communicate information, or any combination of all of these elements. Processing includes the creation, access, modification, and destruction of information. Storage includes paper, magnetic, electronic, and all other media types. Communications include sharing and distribution of information. For example: computer systems, and control systems are part of cyber infrastructure.
Cybersecurity
The ability to protect or defend against cyber attacks.
Data Security
Protection of data from unauthorized (accidental or intentional) modification, destruction, or disclosure.
Denial of Service (DoS)
The prevention of authorized access to a system resource or the delaying of system operations and functions. (SANS.org)
Dictionary Attack
An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations. (SANS.org)
Disk Imaging
Generating a bit-for-bit copy of the original media, including free space and slack space. (SANS.org)
Digital Certificate
A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority. It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. (SANS.org)
Disaster Recovery Plan (DRP)
A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster. (SANS.org)
Domain
A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. In the Internet's domain name system, a domain is a name with which name server records are associated that describe sub-domains or host. In Windows NT and Windows 2000, a domain is a set of network resources (applications, printers, and so forth) for a group of users. The user need only to log in to the domain to gain access to the resources, which may be located on a number of different servers in the network. (SANS.org)
Domain Hijacking
Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain's DNS server and then putting his own server up in its place. (SANS.org)
Domain Name
A domain name locates an organization or other entity on the Internet. For example, the domain name "www.sans.org" locates an Internet address for "sans.org" at Internet point 199.0.0.2 and a particular host server named "www". The "org" part of the domain name reflects the purpose of the organization or entity (in this example, "organization") and is called the top-level domain name. The "sans" part of the domain name defines the organization or entity and together with the top-level is called the second-level domain name. (SANS.org)
Domain Name System (DNS)
The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember "handle" for an Internet address. (SANS.org)
Dumpster Diving
Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media. (SANS.org)
Entity
Any participant in an authentication exchange. The participant may be human or non-human.
Entropy
A measure of the amount of uncertainty that an attacker faces to determine the value of a secret.
Event
An event is an observable occurrence in a system or network.
External Network
A network not controlled by Buffalo State Information Technology.
Firewall
A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.
Firmware
This is software embedded in a piece of hardware. Examples of hardware that have firmware are network routers, card readers, cameras, Apple TV, receivers, DVD players, etc.
Gateway
A network point that acts as an entrance to another network.
Hybrid Attack
A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.
Identity
A set of attributes that uniquely describe a person within a given context
Incident
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices
Integrity
Integrity is the need to ensure that information has not been changed accidentally or deliberately, and that it is accurate and complete. (SANS.org)
Incidence Response Plan
The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of an incident against an organization’s IT system(s).
Information Security
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability
Intrusion Detection
A security management system for computers and networks. An IDS gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization).
Information System
A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information
Inside (r) Threat
An entity with authorized access (i.e., within the security domain) that has the potential to harm an information system or enterprise through destruction, disclosure, modification of data, and/or denial of service.
Intrusion
Unauthorized access.
Least Privilege
Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function. (SANS.org)
Malicious Code
Hardware, firmware, or software that is intentionally included or inserted in a system for a harmful purpose.
Malware
A generic term for a number of different types of malicious code.
National Institute of Standards and Technology (NIST)
National Institute of Standards and Technology, a unit of the US Commerce Department. Formerly known as the National Bureau of Standards, NIST promotes and maintains measurement standards. It also has active programs for encouraging and assisting industry and science to develop and use these standards.
Passive Attack
An attack against an authentication protocol where the Attacker intercepts data traveling along the network between the Claimant and Verifier, but does not alter the data (i.e., eavesdropping).
Patch
An update to an operating system, application, or other software issued specifically to correct particular problems with the software.
Password Cracking
Password cracking is the process of attempting to guess passwords, given the password file information. (SANS.org)
Penetration
Gaining unauthorized logical access to sensitive data by circumventing a system's protections. (SANS.org)
Penetration Testing
Penetration testing is used to test the external perimeter security of a network or facility. (SANS.org)
Pharming
A user’s session is redirected to a masquerading website. This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading website’s IP. Almost all users use a URL like www.worldbank.com instead of the real IP (192.86.99.140) of the website. Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website. At the pseudo website, transactions can be mimicked and information like login credentials can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website. (SANS.org)
Phishing
The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. Typically the e-mail and the web site looks like they are part of a bank the user is doing business with. (SANS.org)
Privilege
A right of access granted to an individual, a program, or a process.
Privilege Management
The definition and management of policies and processes that define the ways in which the user is provided access rights to enterprise systems. It governs the management of the data that constitutes the user’s privileges and other attributes, including the storage, organization and access to information in directories
Ransomware
A type of malware that is a form of extortion. It works by encrypting a victim's hard drive denying them access to key files. The victim must then pay a ransom to decrypt the files and gain access to them again. (SANS.org)
Registry
The Registry in Windows operating systems in the central set of settings and information required to run the Windows computer. (SANS.org)
Scavenging
Searching through object residue to acquire data. (SANS.org)
Secure Socket Layer (SSL)
A protocol used for protecting private information during transmission via the Internet. Note: By convention, URLs that require an SSL connection start with “https:” instead of “http:.” (SANS.org)
Social Engineering
A euphemism for non-technical or low-technology means – such as lies, impersonation, tricks, bribs, and threats – used to trick people into giving access to criminals. (SANS.org)
Spam
The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. (SANS.org)
Spoofing
Faking the sending address of a transmission to gain illegal entry into a secure system. Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing; The deliberate inducement of a user or resource to take incorrect action.
Spyware
Software that is secretly or surreptitiously installed into an information system to gather information on individuals or organizations without their knowledge; a type of malicious code.
Threat
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Tracking Cookie
A cookie placed on a user’s computer to track the user’s activity on different Web sites, creating a detailed profile of the user’s behavior.
Trojan Horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
Virtual Machine
Software that allows a single host to run one or more guest operating systems
Virus
A computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use email programs to spread itself to other computers, or even erase everything on a hard disk
Vulnerability
A weakness in a system, application, or network that is subject to exploitation or misuse.
Web Bug
A tiny image, invisible to a user, placed on Web pages in such a way to enable third parties to track use of Web servers and collect information about the user, including IP address, host name, browser type and version, operating system name and version, and cookies.
Wi-Fi Protected Access 1 (WPA2)
The approved Wi-Fi Alliance interoperable implementation of the IEEE 802.11i security standard. For federal government use, the implementation must use FIPS-approved encryption, such as AES.
Wireless Access Point (WAP)
A device that acts as a conduit to connect wireless communication devices together to allow them to communicate and create a wireless network.
Worm
A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself. See Malicious Code.
Zombie
A program that is installed on a system to cause it to attack other systems.