Читаем CISSP Practice полностью

Any specific combination of machines, tools, methods, materials, and/or people employed to attain specific qualities in a product or service.

Process isolation

The principle of process isolation or separation is employed to preserve the object’s wholeness and subject’s adherence to a code of behavior.

Process reengineering

A procedure that analyzes control flow. A program is examined to create overview architecture with the purpose of transforming undesirable programming constructs into more efficient ones. Program restructuring can play a major role in process reengineering.

Process separation

See process isolation.

Profiling

Measuring the characteristics of expected activity so that changes to it can be more easily identified.

Proof carrying code

As a part of technical safeguards for active content, proof carrying code defines properties that are conveyed with the code, which must be successfully verified before the code is executed.

Proof-by-knowledge

A claimant authenticates his identity to a verifier by the use of a password or PIN that he has knowledge of. The proof-by-knowledge applies to mobile device authentication and robust authentication.

Proof-by-possession

A claimant authenticates his identity to a verifier by the use of a token or smart card and an authentication protocol. The proof-by-possession applies to mobile device authentication and robust authentication.

Proof-by-property

A claimant authenticates his identity to a verifier by the use of a biometric such as fingerprints. The proof-by-property applies to mobile device authentication and robust authentication.

Proof-of-concept

A new idea or modified idea is put to test by developing a prototype model to prove whether the idea or the concept works.

Proof-of-correctness

Applies mathematical proofs-of-correctness to demonstrate that a computer program conforms exactly to its specifications and to prove that the functions of the computer programs are correct.

Proof-of-correspondence

The design of a cryptographic module is verified by a formal model and informal proof-of-correspondence between the formal model and the functional specifications.

Proof-of-origin

A proof-of-origin is the basis to prove an assertion. For example, a private signature key is used to generate digital signatures as a proof-of-origin.

Proof-of-possession

A verification process whereby it is proven that the owner of a key pair actually has the private key associated with the public key. The owner demonstrates the possession by using the private key in its intended manner.

Proof-of-possession protocol

A protocol where a claimant proves to a verifier that he possesses and controls a token (e.g., a key or password).

Proof-of-wholeness

Having all of an object’s parts or components include both the sense of unimpaired condition (i.e., soundness) and being complete and undivided (i.e., completeness). The proof-of-wholeness applies to preserving the integrity of objects in that different layers of abstraction for objects cannot be penetrated and their internal mechanisms cannot be modified or destroyed.

Promiscuous mode

A configuration setting for a network interface card that causes it to accept all incoming packets that it sees, regardless of their intended destinations.

Proprietary protocol

A protocol, network management protocol, or suite of protocols developed by a private company to manage network resources manufactured by that company.

Protected channel

A session wherein messages between two participants are encrypted and integrity is protected using a set of shared secrets; a participant is said to be authenticated if the other participant can link possession of the session keys by the first participant to a long-term cryptographic token and verify the identity associated with that token.

Protection bits

A mechanism commonly included in UNIX and UNIX-like systems that controls access based on bits specifying read, write, or execute permissions for a file’s (or directory’s) owner, group, or other.

Protection profile (PP)

A Common Criteria (CC) term for a set of implementation-independent security requirements for a category of Targets of Evaluation (TOEs) that meet specific consumer needs. It is an implementation-independent statement of security needs for a product type.

Protection ring

One of a hierarchy of privileged modes of a system that gives certain access rights to user programs and processes authorized to operate in a given mode.

Protection suite