Term
| Access control list (ACL) |
|
Definition
| A file that contains the basic and extended permissions that define user access to information assets |
|
|
Term
|
Definition
| Microsoft's direcotry database for Windows system |
|
|
Term
| Application programming interface (API) |
|
Definition
| A set of system-level routines that can be used in an application program for tasks such as basic input/output and file management |
|
|
Term
|
Definition
| Process of validating the identity of the user or program that is requesting access to a computing resource |
|
|
Term
|
Definition
| Process of determining types of activities that are permitted. Usually, authorization is in the context of authentication: once you have authenticated a user, the user may be authorized different types of access or activity |
|
|
Term
|
Definition
| A starting point or a snapshot of existing condition(s) against which future changes to a computing resource can be measured |
|
|
Term
|
Definition
| One promising authentication technology is biometrics. The basic premise is that the user is authenticated based on some unique physical characteristic. |
|
|
Term
|
Definition
| Technique of trying to guess a password by running through a list of all possiblities. The attack is often used after dictionary attack fails to guess passwords. |
|
|
Term
| Common interest file system (CIFS) |
|
Definition
| An enhanced version of Microsoft's open, cross-platform server message block (SMB) protocol. Used for sharing files across multiple operating systems including Windows, UNIX, and VMS. |
|
|
Term
|
Definition
| Technique of trying to guess a password by running through a list of likely possibilities, often a list of words from a dictionary. The attack works because users often choose easy-to-guess passwords. |
|
|
Term
|
Definition
| A method for storing, organizing, addressing, and retrieving computer files and the data they contain. File systems typically use a storage device such as a hard disk or CD-ROM. |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Short for "malicious software." A catchall term for any software that causes intentional damage to computer systems. |
|
|
Term
| NetWare directory service (NDS) |
|
Definition
| An X.500 compatible directory service software product released in 1993 by Novell for centrally managing access to resources on multiple servers and computers within a given network. Now rebranded as Novell eDirectory. |
|
|
Term
| Network file system (NFS) |
|
Definition
| A file-sharing protocol, originally developed by Sun Microsystems in 1984, that allows a computer to access files over a network as easily as if they were on its local disks. |
|
|
Term
|
Definition
| A one-time password is one password in a set of passwords, constructed such that it is extremely difficult to calculate the next password in the set given the previous passwords. Usually generated by a keyfob-type hardware device. |
|
|
Term
|
Definition
| An algorithm that generates an output of characters and numbers, called hash, by applying a mathematical formula to a document or sequence of text. A fundamental property of these functions is that (1) the output hash cannot be used to revert back to input text (hence one-way), and (2) no two inputs have the same output hash (hence collision free). |
|
|
Term
|
Definition
| The sytem software that controls and manages hardware and basic system operations of a computer. Additionally, it provides a foundation on which application software such as word processing programs and Web browswers run. |
|
|
Term
|
Definition
| A file, readable by all local users, that contains definitions of all users of a UNIX system. The file is typically store in /etc folder and may contain password hashes (if the shadow file is not used) |
|
|
Term
|
Definition
| An output of characters and numbers generated by applying a mathematical formula to a password. The hash is significantly shorter than the original text and is unique to the original text. |
|
|
Term
|
Definition
| Attributes that may be associated with a computing resource that determine the types and level of access that different users have to it. |
|
|
Term
|
Definition
| Refers to (1) an attack technique wherein the attacker gets a malicious program executred, in lieu of the intended program, by modifying the sceduled job; or (2) a method of gaining unauthorized access to computer facilities by following an authorized employee through a controlled door |
|
|
Term
|
Definition
| Administrative or superuser account within UNIX-based operating systems |
|
|
Term
|
Definition
| One of the inputs, usually random, into the algorithm that generates hashes. The other input typically is the password or the passphrase. |
|
|
Term
|
Definition
| An open-source implementation of the SMB file-sharing protocol that provides file and print services to SMB/CIFS clients. It allows a non-Windows server to communicate with the same networking protocol as the Windows products. The name Samba is a variant of SMB, the protocol from which it stems. |
|
|
Term
|
Definition
| Protocol that permits secure remote sccess over a network from one computer to another. SSH negotiates and establishes an encrypted connection between an SSH client and an SSH server, usually over port 22. |
|
|
Term
| Server message block (SMB) |
|
Definition
| A file-sharing protocol mainly applied to share files, printers, and serial ports between nodes on a network. It is mainly used by computers running Microsoft Windows operating systems. |
|
|
Term
|
Definition
| A file, readable only by administrators, htat contains the password hashes on UNIX systems. The file is typically sored in /etc folder. |
|
|
Term
|
Definition
| Card that contains a computer chip embedded in plastic. A typical credit card's magnetic stripe can hold only a few dozen characters; however, smart cards can store significantly more information. When read by a special reader, smart cards can perform a number of functions or access data stored in the chip. These cards are used as cah cards, credit cards with a preset limit, or as ID cards with stored-in passwords. Also known as chip cards. |
|
|
Term
|
Definition
| A security tool that scans file systems and computes message digests (or hashes) for the files therin, which they can be used later to check for any changes to the files. |
|
|
Term
|
Definition
| A relationship between two computer resources (operating systems, databases, networks) in which users who are members of one resource can access services on another trusting resource without the need for them to authenticate to the trusting resource |
|
|
