Any specific combination of machines, tools, methods, materials, and/or people employed to attain specific qualities in a product or service.
The principle of process isolation or separation is employed to preserve the object’s wholeness and subject’s adherence to a code of behavior.
A procedure that analyzes control flow. A program is examined to create overview architecture with the purpose of transforming undesirable programming constructs into more efficient ones. Program restructuring can play a major role in process reengineering.
See process isolation.
Measuring the characteristics of expected activity so that changes to it can be more easily identified.
As a part of technical safeguards for active content, proof carrying code defines properties that are conveyed with the code, which must be successfully verified before the code is executed.
A claimant authenticates his identity to a verifier by the use of a password or PIN that he has knowledge of. The proof-by-knowledge applies to mobile device authentication and robust authentication.
A claimant authenticates his identity to a verifier by the use of a token or smart card and an authentication protocol. The proof-by-possession applies to mobile device authentication and robust authentication.
A claimant authenticates his identity to a verifier by the use of a biometric such as fingerprints. The proof-by-property applies to mobile device authentication and robust authentication.
A new idea or modified idea is put to test by developing a prototype model to prove whether the idea or the concept works.
Applies mathematical proofs-of-correctness to demonstrate that a computer program conforms exactly to its specifications and to prove that the functions of the computer programs are correct.
The design of a cryptographic module is verified by a formal model and informal proof-of-correspondence between the formal model and the functional specifications.
A proof-of-origin is the basis to prove an assertion. For example, a private signature key is used to generate digital signatures as a proof-of-origin.
A verification process whereby it is proven that the owner of a key pair actually has the private key associated with the public key. The owner demonstrates the possession by using the private key in its intended manner.
A protocol where a claimant proves to a verifier that he possesses and controls a token (e.g., a key or password).
Having all of an object’s parts or components include both the sense of unimpaired condition (i.e., soundness) and being complete and undivided (i.e., completeness). The proof-of-wholeness applies to preserving the integrity of objects in that different layers of abstraction for objects cannot be penetrated and their internal mechanisms cannot be modified or destroyed.
A configuration setting for a network interface card that causes it to accept all incoming packets that it sees, regardless of their intended destinations.
A protocol, network management protocol, or suite of protocols developed by a private company to manage network resources manufactured by that company.
A session wherein messages between two participants are encrypted and integrity is protected using a set of shared secrets; a participant is said to be authenticated if the other participant can link possession of the session keys by the first participant to a long-term cryptographic token and verify the identity associated with that token.
A mechanism commonly included in UNIX and UNIX-like systems that controls access based on bits specifying read, write, or execute permissions for a file’s (or directory’s) owner, group, or other.
A Common Criteria (CC) term for a set of implementation-independent security requirements for a category of Targets of Evaluation (TOEs) that meet specific consumer needs. It is an implementation-independent statement of security needs for a product type.
One of a hierarchy of privileged modes of a system that gives certain access rights to user programs and processes authorized to operate in a given mode.