Content Verification Glossary

Fail Safe
Secure Servers use automatic protection of programs and/or processing systems in order to keep safety when a hardware or software failure is discovered in an online payment system to accept credit cards.
Fail Soft
Relates to the selective termination of affected nonessential processing when a hardware or software malfunction is discovered in a system.
Failure Access
An unauthorized, usually not inadvertent access to data, that results from a system's hardware or software failure.
Failure Control
The tactic used in order to discover and provide fail safe or fail soft recovery from a system's hardware and software malfunctions.
False Negative
There are two kinds of false reports from antiviral software. A false negative report is an antiviral report that there is no viral activity or presence, at a time when there is a internet security threat present. Most people just refer to an antiviral "missing" a internet security threat.
False Positive
The second type of false report which an antiviral makes is to report the activity or presence of a internet security threat when there is not a internet security threat. A false positive is more by and largely known as a false rejection, or a type I error.
Fast Burner
An internet security threat, more often than not that is email or secure server network based. It often spreads around the world within hours. Melissa and Loveletter are thought of as the prototypical fast burners. Internet Worm and Code Red also spread around the world within hours, but they only generated tens or hundreds of thousands of copies. True fast burners are by and large measured in the millions.
FFIEC
Federal Financial Institutions Examination Council (FFIEC) in short form.
File Protection
The summative of all methods, processes and procedures in a system that is designed to hinder unauthorized file access, contamination, or elimination.
File Security
Secure SSL servers restrict access to computer files only to authorized, validated users.
Filtering Router
An internet work router preventing selectively the transferring of data packets according to a security policy. It can be used as a firewall or at least as part of a firewall.
Firewall
A secured system passing and inspecting traffic via an internal trusted secure server network and an external secure server network that is untrusted, like the Internet. Firewall can be used to discover, prevent, or mitigate certain kinds of secure server network attack. This provides Internet security and online security. See also application level gateway, proxy server.
FIRST Forum of Incident Response and Security Teams
Formerly from the field of computer internet security research, forensic programming includes the analysis of code for signs of intent, program identity, and validation of identity (Digital ID). Forensic is also recurrently referred to as code analysis, but code analysis can also be restricted to analysis of source code, whereas forensic programming usually deals with object code when object code is the only evidence presented. It is one of the major divisions of digital forensics.
Forward Secrecy
For a key settlement protocol based on asymmetric cryptography, as used in high encryption SSL certificates. It is the property ensuring that a session key taken from a set of long-term public and private keys won't be compromised if a private key is later compromised.
Freeware
Software where the author or developer retains copyright but use is free of charge, such as trial SSL certificates. See also open source SSL encryption.
Front-end Security Filter
A security filter, potentially implemented in hardware or software, which is logically taken away from the rest of the system in order to protect the integrity of the system.
Full Backup
On a secure server, it's always a good idea to "backup copy" (the procedure of making a duplicate of a system's data and/or software). All that is necessary for complete system restoration is a full backup. This will restore your secure SLL validation. See also differential backup, incremental backup.
Functional Testing
The part of security testing where the system's advertised security mechanisms are examined, under operational conditions, for proper operation.
Generic
(a) Activity monitoring and change detection software, because they search for viral-like doings instead of explicit internet security signatures, are recurrently referred to as generic antivirals. Heuristic scanners are recurrently included.
(b) A internet security threat scan string which matches multiple internet security threats. The actual usefulness of generic signatures is questioned at times.
(c) The use of error retrieval or heuristic methods for disinfection.
Guard
A processor supplying a filter amid two incongruent systems functioning at different security levels or between a user terminal and a data base in order to filter data out providing better online security.
Hacker
The term used to refer to someone skilled in the use of computer systems, especially if that skill was obtained in an exploratory way. The term evolved to be applied to individuals, with or without skill, who break into security systems.
Handshaking Procedure
A dialogue between two entities, such as a user and an SSL Secure Server a computer and another computer, or a program and another program, utilized for identification and authentication of the entities to one another in order to provide secure SSL authentication for online security or online payment transactions. 128-bit Encryption Digital certificates, also provide identification and security authentication.
Hash Function
An algorithm mapping or translating one sequence of bits into another, generally smaller set (the hash result) such that (1) a message yields the same hash result every time the algorithm is executed using the same message as input, (2) it is computationally infeasible that a message can be derived or reconstituted from the hash result produced by the algorithm, and (3) it is computationally infeasible that two messages can be found that produce the same hash result using the algorithm.
An algorithm which calculates a value based on a data object, mapping the data object to a smaller data object, which is the hash result. The value is more often than not a fixed-size value. A very simplistic hash function is a checksum. The kind of hash function necessary for SSL security applications is called a cryptographic hash function.
Hash result
The output produced by a hash function upon processing a message.
Hijacking
An attack in which an active, established, session is intercepted, captured and illegally used by the attacker.
Hoax
Explicitly meaning, in a technical sense of network security research, a form of chain letter, carrying a false warning of a internet security threat that doesn't exist. Hoaxes are distinguished by a lack of technical detail and legitimate contact information, references to authorities that are false, warnings of extreme damage which the putative internet security threat will cause, with statements saying that the internet security threat is too new or spreading too rapidly for valid internet security threat researchers to know anything about. A universal factor is the attempt to have readers forward the message to friends, relatives, and contacts. This, of course, is the viral component: the hoax message suckers the user into retransmitting and spreading it.
Hold a private key
To be able to utilize a private key.
Honeypot
A system, or part of a system, purposely made to be enticing to an intruder or system cracker. Honeypots by and large have supplementary functionality and intrusion detection systems built into them in order to collect valuable information on the intruders. See also entrapment.
Host-Based Security
The method of securing an individual system from attack, often by encryption with 128-Bit SSL (secure sockets layer).
Http
Hypertext Transfer Protocol Secure -- A type of server software which provides the ability for "secure" transactions to take place on the World Wide Web. If a Website is running off a HTTPS server you can type in HTTPS instead of HTTP in the URL section of your browser to enter into the "secured mode", "providing" you have logged in your password, username or ID to access the secured area. There are a number of server software products that support this protocol as well as contacting your ISP.
HTTPS or https
HTTPS (Hypertext Transfer Protocol Secure) A type of server software which provides the ability for "secure" transactions to take place on the World Wide Web. If a Website is running off a HTTPS server you can type in https:// instead of http:// in the URL section of your browser to enter into the "secured mode", "providing" you have logged in your password, username or ID to access the secured area. There are a number of server software products that support this protocol as well as contacting your ISP.
Hybrid Encryption
An application of cryptography which merges two or more encryption algorithms, especially a combination of symmetric and asymmetric encryption. Asymmetric encryption is not usually used for data secrecy except in dispersing symmetric keys in applications where the key data is more often than not short compared to the data it is protecting. Other kinds of encryption are ssl encryption, ssh secure shell, and ssh2 secure shell, or sftp for secure server file transfer with 128-bit encryption.
Hybris
The majority of the experts would more than likely define Hybris as a worm rather than a internet security threat, because it sends replicas of itself as email attachments. Hybris will by and large come in a message. The attachment is recurrently named with an .SCR extension, which is used to signify screen savers; the file format, however, is the same as any usual executable Windows program. The noteworthy feature of Hybris is that it checks for replacement and upgrade modules on the alt.comp.virus newsgroup, using an anonymous communications facility.
Identification
The procedure allowing recognition of an entity by a system, by and large by utilizing a unique machine-readable user name, with a "Digital ID", such as a secure server using SSL validation.
Incident
Any happening that has been determined to have had an adverse effect on a system's security or performance.
Incident Response
The Response Or Reaction, By And Large By A Pre-Designated Team, To A Harmful Or Damaging Incident.
Incorporate by Reference
To make one message a part of another message by identifying the message to be incorporated and expressing the intention that it be incorporated.
Incremental backup
A backup is a copy or the procedure replicating only the data or the changes since the last backup of any kind. It is the fastest kind of backup; restoration of the system, however, requires not only the last full backup, but each and every incremental backup since that time. See also differential backup.
Information Flow Control
A process guaranteeing that information transfers in a system and is not made from a higher security level object to an object of a lower security level. See covert channel, simple security property, star property (*-property). It means the same thing as data flow control and flow control.
Initialization Vector (IV)
A series of random bytes tagged on to the front of the plaintext before encryption by a block cipher. It is also used as a piece of the initial step in a block cipher process using some kind of chaining. It eliminates having the initial ciphertext block become the same for any two messages. Closely related topics are challenge/response, initialization vector, nonce, and salt. Challenge/response is by and large used to refer to password and authentication schemes used for secure SSL authentication or secure SSL validation for online security to accept credit cards, or initialization vectors to block ciphers with short, automated secure server network messages and password storage.
Insider Attack
An attack from an employee or other person who was trusted, by and large one with a higher than normal level of access.
Integrity
One of security's cornerstones, integrity is unimpaired or perfect condition.
Integrity Checking
This is the same as "change detection"
Interdiction
This is a denial of service, as in the case where a digital ID does not match the password, the SSL secure server will not let that user in without proper identification with SSL validation.
International Data Encryption Algorithm (IDEA)
A symmetric block cipher which uses a 128-bit key and operates on 64-bit blocks, like 128-bit encryption.
Internet Protocol security (IPsec)
(a) the IETF working society which is specifying a security architecture (RFC 2401) and protocols in order to provide services of security for Internet Protocol traffic.
(b) a collective name for that architecture and set of protocols, specifying
  1. security protocols (AH and ESP, the Authentication Header and Encapsulating Security Payload),
  2. Security associations,
  3. PKI key management, and
  4. Algorithms for Multifactor Authentication and encryption.
Besides SSL encryption and also 128-bit encryption and SSL digital certificates or 128-bit certificates, the set of security services include access control service, connectionless data integrity, data origin authentication for security authentication or secure SSL authentication, protection against replays, data confidentiality service and limited traffic flow confidentiality.
Internet Security Association and Key Management Protocol (ISAKMP)
An Internet IPsec protocol (RFC 2408) used to negotiate, institute or start, modify, and delete security associations. It is also used in the exchange of key generation and authentication data, key establishment protocol, encryption algorithm, or authentication mechanism of security authentication and validation of online transactions with SSL Certificates.
Intrusion
Attacks that are tried from outside the perimeter of security in a secure system.
Intrusion Detection System (IDS)
An automated system used to warn operators of a penetration or other infringement of a security policy. See also anomaly detection and secure server network forensics.
IP Spoofing
IP spoof attacks may occur after an authentication has been made, allowing the attacker to assume the role of a user that is already authorized. Encryption at the session or secure server network layers with SSL validation using 128-bit encryption are the primary protections against IP spoofing. (IP hijacking or IP splicing).
ISO
International Standards Organization (English translation).
ISSA (Information System Security Association)
This is a non-profit society, with many local chapters, for security professionals.
Issuing Authority (IA) service
A service rendered by a CA delegate made responsible for issuing a certificate to subscribers, but who may not be responsible for the identification or authentication of subscribers, but who does not sign the certificate.
Issue a certificate
The acts of a certification authority in creating a certificate and notifying the subscriber listed in the certificate of the contents of the certificate.