- Industry: Telecommunications
- Number of terms: 29235
- Number of blossaries: 0
- Company Profile:
ATIS is the leading technical planning and standards development organization committed to the rapid development of global, market-driven standards for the information, entertainment and communications industry.
1. An apparently harmless program containing malicious logic that allows the unauthorized collection, falsification, or destruction of data. 2. A program containing hidden code allowing the unauthorized collection, falsification, or destruction of information. 3. A computer program with an apparently or actually useful function that contains additional (hidden) functions that surreptitiously exploit the legitimate authorizations of the invoking process to the detriment of security. For example, making a "blind copy" of a sensitive file for the creator of the Trojan Horse.
Industry:Telecommunications
1. An analytical attack in which a cryptanalyst possesses a substantial quantity of corresponding plain text and cipher text. 2. A method of attack on a crypto system where the cryptanalyst has matching copies of plain text, and its encrypted version.
Industry:Telecommunications
1. An address that is used as the origin in the calculation of addresses in the execution of a computer program. 2. A given address from which an absolute address is derived by combination with a relative address. Note: Base addresses are primarily used by computer programmers rather than by computer users.
Industry:Telecommunications
1. An address space and one or more threads of control that execute within that address space, and their required system resources. 2. A program in execution. It is completely characterized by a single current execution point (represented by the machine state) and address space.
Industry:Telecommunications
1. An action, device, procedure, technique, or other measure that reduces the vulnerability of an information system (IS. ) 2. Synonymous with Security Measure.
Industry:Telecommunications
1. An access control concept that refers to monitoring of all accesses to objects by subjects. 2. An access control concept that refers to an abstract machine that mediates all accesses to objects by subjects.
Industry:Telecommunications
1. After establishing a configuration, such as that of a telecommunications or computer system, the evaluating and approving changes to the configuration and to the interrelationships among system components. 2. In distributed-queue dual-bus (DQDB) networks, the function that ensures the resources of all nodes of a DQDB network are configured into a correct dual-bus topology. Note: The functions that are managed include the head of bus, external timing source, and default slot generator functions. 3. The process of controlling modifications to hardware, firmware, software, and documentation to ensure the information system (IS) is protected against improper modifications prior to, during, and after system implementation. 4. The process of evaluating, approving or disapproving, coordinating and recording changes to configuration items. 5. A system of controls imposed on changing controlled objects produced during the development, production, and maintenance processes for a Target of Evaluation.
Industry:Telecommunications
1. Access control based on access rights granted by the System Security Officer. Note: Normally enforced by reference to security clearances of subjects and security classes of objects in accordance with the rules specified in the System Security Policy. 2. A means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity. 3. A means of restricting access to objects based on their MAC labels and the use of the implementation-defined dominate operator. The restrictions are mandatory in the sense that they are always imposed by the system, while discretionary access control is imposed at the discretion of the object owner.
Industry:Telecommunications
1. Abbreviation for network interface card. A network interface device (NID) in the form of a circuit card that is installed in an expansion slot of a computer to provide network access. Note: Examples of NICs are cards that interface a computer with an Ethernet LAN and cards that interface a computer with an FDDI ring network. 2. Abbreviation for network information center. An entity that provides information management, technical support, and administrative services to users of a given network. Note: NICs can form a hierarchy. A specific NIC, designated at the "Internetwork information center" or "InterNIC," has been the authority that assigns the network numbers to the subnetworks that it connects to the Internet.
Industry:Telecommunications
1. A transmission channel that may be used to transfer data in a manner that violates security policy. 2. An unintended and/or unauthorized communications path that can be used to transfer information in a manner that violates an information system (IS) security policy. 3. A channel which allows information to flow in violation of the System Security policy. Note: Covert channels can occur via mechanisms other than explicitly designed channels. For example, a covert timing channel may transmit information by inducing variations in system response time. 4. The use of a mechanism not intended for communication to transfer information in a way which violates security. 5. A communications channel that allows a process to transfer information in a manner that violates the system's security policy. A covert channel typically communicates by exploiting a mechanism not intended to be used for communication. 6. A communications channel that allows a process to transfer information in a manner that violates the system's security policy. See also: Covert Storage Channel, Covert Timing Channel.
Industry:Telecommunications