It is a set of parameters that are mandatory for IPsec phase 1 negotiations (encryption algorithm, integrity protection algorithm, authentication method, and Diffie-Hellman group).
Wire line or fiber optic system that includes adequate safeguards and/or countermeasures (e.g., acoustic, electric, electromagnetic, and physical) to permit its use for the transmission of unencrypted information.
Physical, administrative, personnel, and technical security measures which, when applied separately or in combination, are designed to reduce the probability of harm, loss, or damage to, or compromise of an unclassified computer system or sensitive and/or mission-critical information.
Special tamper-evident features and materials employed for the purpose of detecting tampering and deterring attempts to compromise, modify, penetrate, extract, or substitute information processing equipment and cryptographic keying material. Examples include white noise and zone of control.
A set of rules (i.e., data formats and semantic and syntactic procedures) for communications that computers use when sending signals between themselves or permit entities to exchange information. It establishes procedures the way in which computers or other functional units transfer data.
A protocol converter is a device that changes one type of coded data to another type of coded data for computer processing.
A unit of data specified in a protocol and consisting of protocol information and, possibly, user data.
Entity that follows a set of rules and formats (semantic and syntactic) that determines the communication behavior of other entities.
A protocol is a set of rules and formats, semantic and syntactic, permitting information systems to exchange data related to security functions. Organizations use several protocols for specific purposes (such as, encryption and authentication mechanisms) in various systems. Some protocols are compatible with each other while others are not, similar to negative interactions from prescription drugs. Protocol governance requires selecting the right protocols for the right purpose and at the right time to minimize their incompatibility and ineffectiveness (that is, not providing privacy and not protecting IT assets). It also requires a constant and ongoing monitoring to determine the best time for a protocol’s eventual replacement or substitution with a better one.
In addition to selecting standard protocols that were approved by the standard setting bodies, protocols must be operationally-efficient and security-effective. Examples include (1) DES, which is weak in security and AES, which is strong in security, and (2) WEP, which is weak in security and WPA, which is strong in security.
A finite state machine that implements a particular protocol.
An instance of the exchange of messages between a claimant and a verifier in a defined authentication protocol that results in the authentication (or authentication failure) of the claimant.
A method used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data packets, sending them in packets across the Internet, and decrypting them at the destination address.
(1) A program that receives a request from a client, and then sends a request on the client’s behalf to the desired destination. (2) An agent that acts on behalf of a requester to relay a message between a requester agent and a provider agent. The proxy appears to the provider agent Web service to be the requester. (3) An application or device acting on behalf of another in responding to protocol requests. (4) A proxy is an application that “breaks” the connection between client and server. (5) An intermediary device or program that provides communication and other services between a client and server. The proxy accepts certain types of traffic entering or leaving a network, processes it, and forwards it. This effectively closes the straight path between the internal and external networks, making it more difficult for an attacker to obtain internal addresses and other details of the organization’s internal network.
A proxy agent is a software application running on a firewall or on a dedicated proxy server that is capable of filtering a protocol and routing it to between the interfaces of the device.