Читаем CISSP Practice полностью

The location where trust anchors are stored. Here, store refers to placing electronic data into a storage medium, which may be accessed and retrieved under normal operational circumstances by authorized entities.

Trust list

It is the collection of trusted certificates used by the relying parties to authenticate other certificates.

Trusted certificate

A certificate that is trusted by the relying party on the basis of secure and authenticated delivery. The public keys included in trusted certificates are used to start certification paths. It is also known as a trust anchor.

Trusted channel

(1) A mechanism by which two trusted partitions can communicate directly. (2) A trusted channel may be needed for the correct operation of other security mechanisms. (3) A trusted channel cannot be initiated by untrusted software and it maintains the integrity of information that is sent over it. (4) A channel where the endpoints are known and data integrity and/or data privacy is protected in transit using SSL, IPsec, and a secure physical connection. (5) A mechanism through which a cryptographic module provides a trusted, safe, and discrete communication pathway for sensitive security parameters (SSPs) and other critical information between the cryptographic module and the module’s intended communications endpoint. A trusted channel exhibits a verification component that the operator or module may use to confirm that the trusted channel exists. A trusted channel protects against eavesdropping, as well as physical or logical tampering by unwanted operators/entities, processes, or other devices, both within the module and along the module’s communication link with the intended endpoint (e.g., the trusted channel will not allow man-in-the-middle (MitM) or replay types of attacks). A trusted channel may be realized in one or more of the following ways: (i) A communication pathway between the cryptographic module and endpoints that are entirely local, directly attached to the cryptographic module, and has no intervening systems, and (ii) A mechanism that cryptographically protects SSPs during entry and output and does not allow misuse of any transitory SSPs.

Trusted computer system

(1) A system that employs sufficient hardware and software assurance measures to allow its use for processing simultaneously a range of sensitive or classified information. (2) A system believed to enforce a given set of attributes to a stated degree of assurance (confidence).

Trusted computing

Trusted computing helps network administrators to keep track of host computers on the network. This tracking and controlling mechanism ensures that all hosts are properly patched up, the software version is current, and that they are protected from malware exploitation. Trusted computing technologies are both hardware-based and software-based techniques to combat the threat of possible attacks. It includes three technologies such as trusted platform module, trusted network connect, and trusted computing software stack.

Trusted computing base (TCB)

The totality of protection mechanisms within a computer system, including hardware, firmware, and software, where this combination is responsible for enforcing a security policy. It provides a basic protection environment and provides additional user services required for a trusted computer system. The capability of a TCB to correctly enforce a security policy depends solely on the mechanisms within the TCB and on the correct input by system administrative personnel of parameters (e.g., a user’s clearance) related to the security policy.

Trusted distribution

A trusted method for distributing the trusted computing base (TCB) hardware, software, and firmware components, both originals and updates, that provides methods for protecting the TCB from modification during distribution and for detection of any changes to the TCB that may occur.

Trusted functionality

That which is determined to be correct with respect to some criteria, e.g., as established by a security policy. The functionality shall neither fall short of nor exceed the criteria.

Trusted operating system (TOS)

A trusted operating system is part of a trusted computing base (TCB) that has been evaluated at an assurance level necessary to protect the data that will be processed.

Trusted path