Читаем CISSP Practice полностью

(1) A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. (2) A parameter used in connection with a cryptographic algorithm that determines its operation in such a way that an entity with knowledge of the key can reproduce or reverse the operation, while an entity without knowledge of the key cannot. Seven examples include (i) the transformation of plaintext data into ciphertext data, (ii) the transformation of ciphertext data into plaintext data, (iii) the computation of a digital signature from data, (iv) the verification of a digital signature, (v) the computation of an authentication code from data, (vi) the verification of an authentication code from data and a received authentication code, and (vii) the computation of a shared secret that is used to derive keying material.

Cryptographic key management system (CKMS)

A set of components that is designed to protect, manage, and distribute cryptographic keys and bound metadata.

Cryptographic module

The set of hardware, software, firmware, or some combination thereof that implements approved security functions such as cryptographic logic or processes (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary of the module.

Cryptographic strength

A measure of the expected number of operations required to defeat a cryptographic mechanism. This term is defined to mean that breaking or reversing an operation is at least as difficult computationally as finding the key of an 80-bit block cipher by key exhaustion that is it requires at least on the order of 279 operations.

Cryptographic token

A token where the secret is a cryptographic key.

Cryptography

(1) The discipline that embodies the principles, means, and methods for the transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification. (2) The discipline that embodies principles, means, and methods for providing information security, including confidentiality, data integrity, non-repudiation, and authenticity. (3) It creates a high degree of trust in the electronic world.

Cryptology

The field that encompasses both cryptography and cryptanalysis. The science that deals with hidden, disguised, or encrypted communications. It includes communications security and communications intelligence.

Crypto-operation

The functional application of cryptographic methods. (1) Off-line encryption or decryption performed as a self-contained operation distinct from the transmission of the encrypted text, as by hand or by machines not electrically connected to a signal line. (2) Online the use of crypto-equipment that is directly connected to a signal line, making continuous processes of encryption and transmission or reception and decryption.

Crypto-period

The time span during which a specific key is authorized for use or in which the keys for a given system may remain in effect.

Cryptophthora

It is a degradation of secret key material resulting from the side channel leakage where an attacker breaks down the operation of a cryptosystem to reveal the contents of a cryptographic key.

Crypto-security

The security or protection resulting from the proper use of technically sound crypto-systems.

Cyber attack

An attack, via cyberspace, targeting an organization’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing infrastructure. This also includes destroying the integrity of the data or stealing controlled information.

Cyber infrastructure

The scope includes computer systems, control systems, networks (e.g., the Internet), and cyber services (e.g., managed security services).

Cyber security

The ability to protect or defend the use of cyberspace from cyber attacks.

Cyberspace

A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications network, computer systems, and embedded processors and controllers.

Cyclic redundancy check (CRC)

(1) A method to ensure data has not been altered after being sent through a communication channel. It uses an algorithm for generating error detection bits in a data link protocol. The receiving station performs the same calculation as done by the transmitting station. If the results differ, then one or more bits are in error. (2) Error checking mechanism that verifies data integrity by computing a polynomial algorithm based checksum. This is a technical and detective control.

Cyclomatic complexity metrics