Читаем CISSP Practice полностью

An overwrite technology using a firmware-based process to overwrite a hard drive, such as ATA or SCSI.

Secure hash

A hash value that is computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same digest.

Secure hash standard

This standard specifies four secure hash algorithms (SHAs): SHA-1, SHA-256, SHA-384, and SHA-512 for computing a condensed representation of electronic data (message) called a message digest. SHAs are used with other cryptographic algorithms, such as the digital signature algorithms and keyed-hash message authentication code (HMAC), or in the generation of random numbers (bits).

Secure hypertext-transfer protocol (S/HTTP)

A message-oriented communication protocol that extends the HTTP protocol. It coexists with HTTP’s messaging model and can be easily integrated with HTTP applications.

Secure multipurpose Internet mail extension (S/MIME)

A protocol for encrypting messages and creating certificates using public key cryptography. S/MIME is supported by default installations of many popular mail clients. It uses a classic, hierarchical design based on certificate authorities for its key management, thus making it suitable for medium- to large-scale implementations.

Secure operating system

An operating system that effectively controls hardware and software functions in order to provide the level of protection appropriate to the value of the data and resources managed by the operating system.

Secure sockets layer (SSL)

(1) A protocol that provides end-to-end encryption of application layer network traffic. It provides privacy and reliability between two communicating applications. It is designed to encapsulate other protocols, such as HTTP. SSL v3.0 has been succeeded by IETF’s TLS. (2) An authentication and security protocol widely implemented in browsers and Web servers for protecting private information during transmission via the Internet.

Secure sockets layer (SSL) and transport layer security (TLS)

SSL is a protocol developed by Netscape for transmitting private documents via the Internet. SSL is based on public key cryptography, used to generate a cryptographic session that is private to a Web server and a client browser. SSL works by using a public key to encrypt data that is transferred over the SSL connection. Most Web browsers support SSL and many websites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with “https” instead of “http.” SSL has been superseded by the newer TLS protocol. There are only minor differences between SSL and TLS.

Secure state

A condition in which no subject can access any object in an unauthorized manner.

Security

The quality of state-of-being cost-effectively protected from undue losses (e.g., loss of goodwill, monetary loss, and loss of ability to continue operations). Preservation of the authenticity, integrity, confidentiality, and ensured service of any sensitive or nonsensitive system-valued function and/or information element. Security is a system property. Security is much more than a set of functions and mechanisms. IT security is a system characteristic as well as a set of mechanisms that span the system both logically and physically.

Security administrator

A person dedicated to performing information security functions for servers and other hosts, as well as networks.

Security architecture

A description of security principles and an overall approach for complying with the principles that drive the system design; i.e., guidelines on the placement and implementation of specific security services within various distributed computing environments.

Security assertions markup language (SAML)

(1) An XML-based security specification for exchanging authentication and authorization information between trusted entities over the Internet. Security typically involves checking the credentials presented by a party for authentication and authorization. SAML standardizes the representation of these credentials in an XML format called ‘‘assertions,” enhancing the interoperability between disparate applications. (2) A specification for encoding security assertions in the extensible markup language (XML). (3) A protocol consisting of XML-based request and response message formats for exchanging security information, expressed in the form of assertions about subjects and between online business partners.

Security association (SA)

It is a set of values that define the features and protections applied to a connection.