Читаем CISSP Practice полностью

(1) A means by which an operator and a security function can communicate with the necessary confidence to support the security policy associated with the security function. (2) A mechanism by which a user (through an input device) can communicate directly with the security functions of the information system with the necessary confidence to support the system security policy. This mechanism can only be activated by the user or the security functions of the information system and cannot be imitated by untrusted software.

Trusted platform module (TPM) chip

A tamper-resistant integrated circuit built into some computer motherboards that can perform cryptographic operations (including key generation) and protect small amounts of sensitive information, such as passwords and cryptographic keys. TPM chip, through its key cache management feature, protects the generated keys used in encrypted file system (EFS).

Trusted relationships

Policies that govern how entities in differing domains honor each other’s authorizations. An authority may be completely trusted for example, any statement from the authority will be accepted as a basis for action or there may be limited trust, in which case only statements in a specific range are accepted.

Trusted software

It is the software portion of a trusted computing base (TCB).

Trusted subject

A subject that is part of the trusted computing base (TCB). It has the ability to violate the security policy but is trusted not to actually do so. For example, in the Bell-LaPadula model, a trusted subject is not constrained by the star-property and thus has the capability to write sensitive information into an object whose level is not dominated by the (maximum) level of the subject, but it is trusted to only write information into objects with a label appropriate for the actual level of the information.

Trusted system

Employing sufficient integrity measures to allow its use for processing intelligence information involving sensitive intelligence sources and methods.

Trusted third party (TTP)

An entity other than the owner and verifier that is trusted by the owner or the verifier or both. Sometimes shortened to “trusted party.”

Trustworthiness

(1) The attribute of a person or enterprise that provides confidence to others of the qualifications, capabilities, and reliability of that entity to perform specific tasks and fulfill assigned responsibilities. (2) A characteristic or property of an information system that expresses the degree to which the system can be expected to preserve the confidentiality, integrity, and availability of the information being processed, stored, or transmitted by the system.

Trustworthy system

Computer hardware, software, and procedures that (1) are reasonably secure from intrusion and misuse, (2) provide a reasonable level of availability, reliability, and correct operation, (3) are reasonably suited to performing their intended functions, and (4) adhere to generally accepted security principles.

Truth table

Computer logic blocks can use combinational logic (without memory) or sequential logic (with memory). The combinational logic can be specified by defining the values of the outputs for each possible set of input values using a truth table. Each entry in the table specifies the value of all the outputs for that particular input combination. Truth tables can grow in size quickly and may be difficult to understand. After a truth table is constructed, it can be optimized by keeping nonzero output values only.

Tuning

Altering the configuration of an intrusion detection and prevention system (IDPS) to improve its detection accuracy.

Tunnel mode

IPsec mode that creates a new IP header for each protected packet.

Tunnel virtual private network (VPN)

A secure socket layer (SSL) connection that allows a wide variety of protocols and applications to be run through it.

Tunneled password protocol

A protocol where a password is sent through a protected channel to a cryptographically authenticated verifier. For example, the transport layer security (TLS) protocol is often used with a verifier’s public key certificate to (1) authenticate the verifier to the claimant, (2) establish an encrypted session between the verifier and claimant, and (3) transmit the claimant’s password to the verifier. The encrypted TLS session protects the claimant’s password from eavesdroppers.

Tunneling