Home Training Consulting News roomContact CIS  
 
Welcome to SACFiS


 

Glossary of security terms

Account Hijacking – Using someone else's personal information to access current financial accounts or create new ones

  • Active Content – Interactive Web content that can carry malicious code
  • Adware – Software that displays advertising banners or pop-up windows
  • Anonymizer – A tool that makes your Web navigation untraceable
  • Anti -virusSoftware – Software that protects your computer from malware
  • AsymmetricEncryption – Encryption method that uses two different keys
  • Authentication , Authorization, Accounting (AAA) – The three elements necessary to insure the privacy and security of online information
  • Backdoor – A method of accessing a computer system undetected for either illegitimate or legitimate access
  • Bandwidth – How fast information can be moved from one computer to another
  • Biometrics – Using biological information to authenticate people
  • BlackHat – A person who compromises a computer system's security without authorization, typically maliciously
  • Blacklist – A way to filter Internet traffic so that all traffic is allowed except for that from selected servers
  • Blogging – Publishing an online diary
  • Bluebugging – Use of Bluetooth to illegitimately access sensitive information on mobile devices
  • Bluejacking – Using Bluetooth to send unsolicited messages to nearby Bluetooth-enabled devices
  • Bluesnarfing – Stealing information from mobile devices using a wireless connection
  • Bluetooth – A way for portable devices to communicate with each other over short-distances
  • Bookmark – A browser feature that allows you to click to a Web site, rather than have you type the address.
  • BruteForceAttack – Figuring out a password by trying every possible combination of letters, numbers, and symbols
  • BufferOverflow – A type of vulnerability in software that allows attackers to go inside the system and damage it
  • CALEA – A law requiring telecommunications companies to cooperate with operations by law enforcement agencies to intercept communications
  • CAN -SPAM – A law that sets standards for sending unsolicited email
  • CAPTCHA – A software tool used on Web sites to tell apart humans and Internet bots
  • CERT – An organization at Carnegie Mellon University devoted to creating and distributing information on best practices for computer security
  • CERT /CC – A major coordination center at Carnegie Mellon University dealing with Internet security problems
  • Cache – Temporary data storage area on your computer
  • Caller ID Anti-Spoofing Act – A law in Florida against the dishonest use of a telephone caller identification (ID) system with the intent to deceive, defraud or mislead
  • CertificateAuthority (CA) – Entity that issues digital certificates
  • CertificateRevocation List (CRL) – List of digital certificates that have expired or been revoked
  • Chanslash – Fan fiction that involves underage characters in romantic pairings
  • ChatCode – A system of symbols, acronyms, and abbreviations used online
  • ChatRoom – Virtual locations on the Internet where two or more users can communicate with one another in real time
  • Children's Internet Protection Act (CIPA) – A law that pushes schools and libraries to have an Internet safety policy and technology protection measures for children
  • Children's Online Privacy Protection Act (COPPA ) – A law that sets limits on Web sites that market to children
  • Click Fraud – The imitation of clicking on web advertisements to increase ad revenue for the Web site owner
  • Client – A computing system that acts like a user by requesting services from another computer called a server
  • ClientAuthentication – A process Web sites use to identify valid users
  • CommunicationsProtocol – A set of rules or standards that allow two computers to "talk" to each other.
  • ComputerFraudandAbuseAct – A law to protect information and computer systems from the attacks of hackers
  • Confidentiality – Accessibility of computer information exclusively to those authorized to access it
  • Cookie – Information, usually in a file, about someone’s Internet activities, such as the date of the last visit to a Web site, preferences, etc.
  • CookieScrubber – A tool for removing cookies, which contain a user's sensitive authentication and web-surfing history information
  • Cracking – Trying to get into computer systems in order to steal, corrupt, or illegitimately view data
  • Crimeware – A special type of malware used to commit financial crimes
  • Cross-site Scripting (XSS) – A vulnerability of dynamic Web content where a malicious user may embed code into a Web site that may cross over to a victim's computer
  • Cryptology – The science of disguising meaning by using codes or ciphers
  • Cryptovirology – The study of how hackers create and deploy powerful malicious software
  • CyLab – An initiative led by Carnegie Mellon University to research and provide education about secure computing and communications systems
  • CyberEspionage – The use of software tools to obtain secret or private government or business information
  • Cyberbullying – Using the Internet to harass, intimidate, embarrass, or demean others
  • Cyberpiracy – Using the Internet to copy a digital document without authorization
  • Cyberstalking – Using the Internet to threaten or make unwanted advances towards someone else
  • Cyberterrorism – Threat, harm or extortion via the Internet
  • Cyberwoozling – The unauthorized gathering of data from visitors of a Web site
  • DataTheft – The unauthorized taking or interception of computer-based information
  • Decryption – Conversion of a coded message to a readable form
  • Deleting Online Predators Act (DOPA) – A proposed U.S. law to prohibit the use of community Web sites by online predators
  • DemilitarizedZone (DMZ) – The protective hardware and software between an internal network (LAN) and the external network (Internet)
  • DigitalCertificates – A way to authenticate the identity of a computer or user
  • DigitalDirt – Traces left behind of your Internet activity that could reflect poorly on you
  • DigitalIdentity – A name and credentials created to participate in electronic transactions
  • DigitalMillenniumCopyright Act (DMCA) – A law against the use of technology to violate copyright
  • DigitalRightsManagement – A system that restricts use of digital media to only the rightful owner
  • DigitalSignature – A special file used to confirm the identity of the sender and integrity of an electronic document
  • DigitalSubscriber Line (DSL) – A method of digital data transmission over the telephone network
  • DigitalWallet – The electronic equivalent of a wallet for e-commerce transactions
  • DigitalWatermarking – Copyright information in the form of bits that are inserted into digital content and difficult to remove
  • DirectoryTraversalAttack – Attacks that access restricted files by combing through a computer's directories
  • DiskScrubber – A tool that makes it difficult for data deleted from a computer's hard disk to be recovered
  • DistributedDenial of Service (DDoS) – Interfering with a computer system by sending more Internet traffic to it than it can handle
  • DomainName – A string of text that identifies one or more computers on the Internet
  • DriveEncryptionTool – A piece of software that stores sensitive or other information on your hard drive in a form that only you can read
  • DummyAccount – An email account created to divert unimportant or unsolicited mail
  • E-commerce – Buying items online and conducting business over the Internet
  • E -money – Activities such as online banking, online money transfers and online trading
  • EasterEgg – A hidden feature or functionality in software that usually activates only when certain keystrokes or commands are typed
  • Eavesdropping – Method of secretly listening in on a conversation
  • ElectronicAuctions – Auctions where the transaction takes place over the Internet
  • Email – A system for sending and receiving electronic messages over a computer network
  • EmailClient – A software application that handles electronic mail
  • Email Privacy Tools – Software using encryption, digital signatures and other methods to prevent compromise of information in emails.
  • Encryption – Disguising information to make it unreadable
  • Ethernet – A communication protocol that provides rules for signaling and communication between two computers or devices on a local area network
  • Exploit – A piece of software that targets vulnerabilities in installed software in order to take over a computer
  • Extensible Markup Language (XML) – A computer language that can be used across many different computer operating systems and environments.
  • Fake Anti-spyware – Harmful programs disguised as anti-spyware
  • Family Education Rights and Privacy Act (FERPA) – A law that safeguards the records and personal information of students
  • File Sharing – Making files available for others to download, or downloading such files
  • File Transfer Protocol (FTP) – A common method for transferring files between two computers on a network
  • Firewall – A device that monitors and controls the traffic coming into and out of your computer
  • Firmware – Software that is embedded in hardware
  • Fisking – Criticism that highlights perceived errors or other problems in a statement, article, essay or blog entry
  • Flaming – Posting messages that are deliberately hostile and insulting
  • FlightMode – A PDA or mobile phone setting that enables only non-wireless features
  • Folksonomy – A system of classifying data based on user-created metadata, or "tags"
  • Forensics – Using computer science and technology to investigate crimes
  • Geographical Information Systems (GIS) – A system for collecting, analyzing and managing spatially related data
  • Geotagging – The method of adding location information to digital media, such as photos and text messages
  • Griefer – Individuals who play multiplayer online games with the intent to harass other players
  • HTTP – A communication protocol that defines how messages are sent across the World Wide Web
  • HTTPS – A method of secure Web-based information transfer
  • Hacking – Trying to get into computer systems in order to steal, corrupt, or illegitimately view data
  • HealthInsurancePortability and Accountability Act (HIPPA) – A law that safeguards computer-based health information
  • Hoax – Phony email warning about a computer virus or other threat
  • Honeypot – A trap or decoy used to divert, detect and characterize would-be attackers of a computer system
  • HyperTextMarkupLanguage (HTML) – A computer language that is used forcreating World Wide Web pages
  • IEEE 802.11 – A suite of wireless communication protocols
  • IJacking – Theft of a laptop by snatching it from an owner's hands
  • IP Address – A number used to identify a computer or other device on the Internet
  • IP Spoofing – Using fake computer identification to communicate with another machine, usually for malicious purposes
  • IdentityTheft – When someone uses your personal information to commit fraud
  • InformationNetworkingInstitute (INI) – An integral department of Carnegie Mellon University’s College of Engineering and the nation’s first research and education center devoted to information networking
  • InstantMessaging (IM) – A communication service that allows you to chat online using text messages
  • Internet – The world’s biggest computer network, providing many services, including email, e-commerce and multimedia
  • InternetBot – A software program that performs tasks over the Internet in an automated manner
  • InternetMessageAccessProtocol (IMAP) – Email protocol that allows you to access email via the Internet
  • InternetPrivacy – The general freedom from compromise of your personal or other sensitive information while using the Internet
  • InternetProtocol (IP) – A set of rules used by the Internet for computer communication and addressing
  • Intrusion – Getting into someone's computer without their permission
  • IntrusionDetectionSystem – A piece of software or hardware that recognizes attacks against computers and networks and responds with alarms and countermeasures
  • Java – Popular programming language
  • JavaScript – Java-based scripting language for Web pages
  • Keylogger – A device or software that records keystrokes entered by a user, usually to secretly monitor and/or maliciously use this information
  • LaptopTheft – Stealing of laptop computers, typically from public places where they are left behind or unattended
  • Leetspeak – A way of communicating online in code by changing the spellings of words
  • LightweightDirectoryAccessProtocol (LDAP) – A phonebook-like method for accessing and compactly presenting information on users and resources available on a computer network
  • LocalAreaNetwork (LAN) – A group of computers within a small area, such as a house, office or school, that are connected to each other
  • Lurking – Hanging out on Internet bulletin boards or chat rooms without posting
  • MACAddress – A unique identifier for network interface cards
  • Malware – Programs that are designed to harm your computer
  • Man in the Middle Attack – Intercepting communications between two parties without either party knowing about it
  • Megan Meier Cyberbullying Prevention Act – A bill introduced to Congress after a tragic case of cyberbullying led to a young teenager's suicide
  • Misinformation – Incorrect or misleading information on Web sites
  • MobileBrowsing – Using a mobile phone to access the Internet
  • MobileDevice – Portable devices for communication and computation
  • MobileOperatingSystem – A generic term for the system and resource management software (i.e., operating system) for mobile devices
  • MobileSoftware – Application software for mobile devices
  • Moblogging – An application that lets you read and write emails using a Web browser
  • NearFieldCommunication (NFC) – A method of short-range wireless communications intended for processing transactions and transferring small amounts of data
  • Netiquette – A code of conduct followed on the Internet in order to be respectful and clearly understood (Internet + etiquette)
  • NetworkAddressTranslation – A method for hiding the internal structure of a network and allowing it to use a single public IP address
  • OnlineDating – A web service for establishing friendships and romantic relationships
  • OnlineGambling – The placing of bets using the Internet
  • OnlineGrooming – Working to gain the trust of children and young people, often with the goal of a sexual relationship, though the use of cyber technology like the Internet or mobile phone
  • OnlineIdentity – A social identity that network users establish in online communities
  • PacketFiltering – Selectively allowing or preventing chunks of information from entering a computer network
  • PacketSniffer – A program that reads or snoops on network traffic
  • Palmtop – A computer that fits in the palm of your hand
  • ParentalControlSoftware – Software that monitors and limits children's online activity
  • Passcard – Means of identification for granting access, either physically or using software
  • Password – A string of letters, numbers and/or symbols that grants access to something private
  • PasswordCracking – Trying to figure out someone else's computer password to get past a security system
  • PasswordSecurityTools – Software that stores multiple Web site-access passwords in encrypted form, so you can use them by remembering a single master password
  • Patch – A modification to a software program or an operating system that is issued by the manufacturer
  • Pay Per Click – An arrangement whereby Web advertisers pay Web site owners for each click on an advertisement.
  • Pharming – Redirecting users from legitimate Web sites they are trying to visit to fraudulent Web sites
  • Phishing – Using fake Web sites to trick you into giving away personal information
  • PhotoSharing – Sharing and distributing digital photos over the Internet
  • PinCracking – A procedure for breaking into Bluetooth devices by determining the personal identification number (PIN) used for secure transmissions
  • Plagiarism – Using content that has been created by others without giving them due credit
  • PlatformforPrivacyPreferences (P3P) – A protocol that allows a Web site to declare to users its intended use for the information it collects
  • Plug-in – A software module that adds some specific service or function to a larger system
  • Pop-up Blocker – Software to suppress automatically displayed browser windows, called pop-ups, which are often used for advertisements
  • Port – An interface on a computer used to connect it to another device
  • PortScanning – Trying to find open ports on a computer in order to gain access to it
  • PortableDocumentFormat (PDF) – A format of electronic documents that permits viewing and accessing without the need to have the software that originally created it
  • PostOfficeProtocol (POP) – Email protocol that downloads email to your computer
  • PrivacyTools – Software or hardware that helps to keep your personal information from being illegitimately seen or acquired
  • ProxyServer – A server used to make an Internet connection from certain computers
  • QuickResponse (QR) Code – A two-dimensional barcode that mobile phones can quickly scan
  • RSS – A tool for incrementally or selectively downloading digital content from frequently updated sources, such as news sites
  • Radio -FrequencyIdentification – A means of uniquely identifying objects via radio-frequency communication
  • RemoteDesktop (RD) – Technology that allows you to interact with a remote computer as if it were in front of you
  • SMSSpam – Junk mail sent to mobile phones
  • SSLClientCertificate – Certificate used in SSL connections that contains detailed identification information about a user
  • SearchEngine – Software that quickly finds information on the Web
  • SecureInstantMessaging – Software that makes data less likely to be compromised when using instant messaging
  • SecureRemoteLogin – A way of accessing a distant computer with low risk of compromising a username, password and data
  • SecureShell (SSH) – A protocol for gaining secure access from your computer to a remote computer
  • SecureSocketsLayer (SSL) – A protocol that dictates how two computer systems should exchange messages
  • SecurityKey – A tool used to encrypt and decrypt content
  • Server – Computer system that provides shared resources over a network
  • Sexting – A slang term for the sending of sexually explicit or suggestive content between mobile devices
  • ShortMessageService (SMS) – A service that lets you send short text messages between mobile devices, known as "texting"
  • SmartCardsandTokens – Objects that have microchips in them loaded with identifying information
  • Smurfing – In gaming, targeting players below your skill level; Also, a type of Denial of Service attack
  • SocialEngineering – Using manipulation and deceit to trick victims into giving out confidential information
  • Social Networking Sites – Sites that let you post a profile and create a network with other people
  • Spam – Unwanted email used mainly for advertising
  • SpoofingCard – A communication service that allows you to choose what phone number displays on caller ID when someone receives a call from you
  • Spyware – Software that sends information from your computer to a third party without your consent
  • Steganography – A process of hiding secret information within other inconspicuous information
  • StreamingMedia – Media that can be played while it is still being received
  • SymmetricEncryption – Encryption method where the same key is used to encrypt and decrypt messages
  • TeamDating – An online service facilitating social interactions among groups
  • TransmissionControlProtocol/InternetProtocol (TCP/IP) – The set of rules for communication on which most major networks are based
  • TrojanHorse – A malicious program disguised as legitimate software
  • Trolling – A person who posts rude or offensive messages on the Internet with the intent to disrupt a discussion or upset its participants
  • UniformResourceLocator (URL) – Address of a Web page or other Web resource
  • VirtualPrivateNetwork (VPN) – The set of rules for communication on which most major networks are based
  • VirtualTourism – The activity of "visiting" sites of interest over the Internet without having to physically travel to them
  • Virus – A self-replicating program that spreads by inserting copies of itself into other code or documents
  • Vishing – Using fake phone numbers to trick you into giving away personal information
  • VoIP – Technology that allows you to make telephone calls using the Internet
  • WarDriving – Driving around with a computer to find and access wireless networks
  • Web 2.0 – The second generation of the World Wide Web, characterized by social networking and a high degree of content created by users
  • WebBrowser – Software that allows you to view Web pages
  • WebPage – The basic unit of information on the Web
  • WebSite – A group of Web pages with related content and a home page as a main point of entry
  • WebTraffic – Measurements of the frequency and time spent by Web site visitors on a site, which indicate the popularity and utility of the site
  • Web -basedGroup – A forum on the Internet set up for dialogue among a community of interest
  • Web -basedKeyboard – A computer program that displays a keyboard image with all its keys on the screen
  • Webmail – An application that lets you read and write emails using a Web browser
  • WiFi – Wireless Fidelity, shorthand for various wireless networking technologies
  • Wiki – A type of Web site that allows users to easily add and edit content using any Web browser
  • WirelessApplicationProtocol (WAP) – A set of rules for how data should be sent between mobile devices during wireless communication
  • Worm – A self-replicating, self-spreading malicious program
  • ZeroDayAttack – An attack against a computer application even before a vulnerability or fix for it has been announced
  • ZombieMachine – A computer that an attacker has taken control of using malware

 

 

 

 

   


 

 
   
Home | About SACfIS | Services | Training | Consulting | Research | Press Room | Contact us |