General Security Information

Glossary of Security Terms

cracker - One who tries to break the security of a computer systems without authorization.

ciphertext - In cryptography, the unintelligible text that results from encrypting original text. Sometimes called "cipher."

COMPUSEC - Short for computer security. The government program whose focus is the techniques (e.g. trusted systems) that prevent unauthorized access to information while it's being processed or stored.

computer security - Protection of information while it's being processed or stored.

decryption - The transformation of encrypted text (called ciphertext) into original text (called plaintext). Sometimes called "deciphering."

encryption - The transformation of original text (called plaintext) into unintelligible text (called ciphertext). Sometimes called "enciphering."

firewall machine - A dedicated gateway machine with special security precautions on it, used to service outside network connections and dial-in lines. The idea is to protect a cluster of more loosely administered machines hidden behind it from unauthorized access.

INFOSEC - Short for information security. The government program whose focus is the techniques that increase the security of computer systems, communications systems, and the information they process or transmit.

login - The process of identifying oneself to, and having one's identity authenticated by, a computer system.

password - A secret sequence of characters that's used to authenticate a user's identity, usually during a login process.

plaintext - In cryptography, the original text that is being encrypted.

security - Freedom from risk or danger. Saftey and the assurance of saftey.

trap door - A hidden mechanism that allows normal system protection to be circumvented. Trap doors are often planted by system developers to allow them to test programs without having to follow secruity procedures or other user interfaces. They are typically activated in some unobvious way (e.g., by typing a particular sequence of keys).

Trojan horse - An independent program that appears to perform a useful function but that hides another unauthorized program inside it. When an authorized user performs the apparent funciton, the Trojan horse performs the unauthorized function as well (often usurping the privileges of the user).

virus - A code fragment (not an independent program) that reproduces by attaching to another program. It may damage data directly, or it may degrade system performance by taking over system resources which are then not available to authorized users.

worm - An independent program that reproduces by copying itself from one system to another, usually over a network. Like a virus, a worm may damage data directly, or it may degrade system performance by tying up system resources and even shutting down a network.

For More Information