Glossary
AAA: Administration, authorization, and authentication.
Access: A specific type of interaction between a subject and an object that results in the flow of information from one to the other. The capability and opportunity to gain knowledge of, or to alter information or materials including the ability and means to communicate with (i.e., input or receive output), or otherwise make use of any information, resource, or component in a computer system.
Access Control: The process of limiting access to the resources of a system to only authorized persons, programs, processes, or other systems. Synonymous with controlled access and limited access. Requires that access to information resources be controlled by or for the target system. In the context of network security, access control is the ability to limit and control the access to host systems and applications via communications links. To achieve this control, each entity trying to gain access must first be identified, or authenticated, so that access rights can be tailored to the individual.
Accreditation: The written formal management decision to approve and authorize an organization to operate a classified information system (IS) to process, store, transfer, or provide access to classified information.
AES: Advanced Encryption Standard.
Accreditation/Approval: The official management authorization for operation of an MIS. It provides a formal declaration by an Accrediting Authority that a computer system is approved to operate in a particular security mode using a prescribed set of safeguards. Accreditation is based on the certification process as well as other management considerations. An accreditation statement affixes security responsibility with the Accrediting Authority and shows that proper care has been taken for security.
Adequate Security: Security commensurate with the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of information. This includes assuring that systems and applications used by the agency operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of cost-effective management, personnel, operational and technical controls.
ADP: Automatic Data Processing. See also: Management Information System.
Application: A software organization of related functions, or series of interdependent or closely related programs, that when executed accomplish a specified objective or set of user requirements. See also: Major Application, Process.
Application Control: The ability for next generation content filter gateways to inspect the application and determine its intention and block accordingly.
Application Owner: The official who has the responsibility to ensure that the program or programs, which make up the application accomplish the specified objective or set of user requirements established for that application, including appropriate security safeguards. See also: Process Owner.
Attachment: The blocking of certain types of file (executable programs).
Audit: To conduct the independent review and examination of system records and activities.
Audit Capability: The ability to recognize, record, store, and analyze information related to security-relevant activities on a system in such a way that the resulting records can be used to determine which activities occurred and which user was responsible for them.
Audit Trail: A set of records that collectively provides documentary evidence of processing. It is used to aid in tracing from original transactions forward to related records and reports, and/or backwards from records and reports to their component source transactions.
Automated Information Systems (AIS): The infrastructure, organization, personnel, and components for the collection, processing, storage, transmission, display, dissemination, and disposition of information.
Automatic Data Processing (ADP): The assembly of computer hardware, firmware, and software used to categorize, sort, calculate, compute, summarize, store, retrieve, control, process, and/or protect data with a minimum of human intervention. ADP systems can include, but are not limited to, process control computers, embedded computer systems that perform general purpose computing functions, supercomputers, personal computers, intelligent terminals, offices automation systems (which includes standalone microprocessors, memory typewriters, and terminal connected to mainframes), firmware, and other implementations of MIS technologies as may be developed: they also include applications and operating system software. See also: Management Information System.
Authenticate/Authentication: The process to verify the identity of a user, device, or other entity in a computer system, often as a prerequisite to allowing access to resources in a system. Also, a process used to verify that the origin of transmitted data is correctly identified, with assurance that the identity is not false. To establish the validity of a claimed identity.
Authenticated User: A user who has accessed a MIS with a valid identifier and authentication combination.
Authenticator: A method of authenticating a classified information system (IS) in the form of knowledge or possession (for example, password, token card, key).
Authorization: The privileges and permissions granted to an individual by a designated official to access or use a program, process, information, or system. These privileges are based on the individual’s approval and need-to-know.
Authorized Person: A person who has the need-to-know for sensitive information in the performance of official duties and who has been granted authorized access at the required level. The responsibility for determining whether a prospective recipient is an authorized person rests with the person who has possession, knowledge, or control of the sensitive information involved, and not with the prospective recipient.
Availability: The property of being accessible and usable upon demand by an authorized entity. Security constraints must make MIS services available to authorized users and unavailable to unauthorized users.
Availability of Data: The state when data are in the place needed by the user, at the time the user needs them, and in the form needed by the user.
Backup: A copy of a program or data file for the purposes of protecting against loss if the original data becomes unavailable.
Backup and Restoration of Data: The regular copying of data to separate media and the recovery from a loss of information.
Backup Operation: A method of operations to complete essential tasks as identified by a risk analysis. These tasks would be employed following a disruption of the MIS and continue until the MIS is acceptably restored. See also: Contingency Plan, Disaster Recovery.
Bad Reputation Domains: Sites that appear on one or more security industry blacklists for repeated bad behavior, including hosting malware and phishing sites, generating spam, or hosting content linked to by spam email.
Botnet: Sites used by botnet herders for command and control of infected machines. Sites that known malware and spyware connects to for command and control by cyber criminals. These sites are differentiated from the Malcode category to enable reporting on potentially infected computers inside the network.
By URL: Filtering based on the URL. This is a suitable for blocking Web sites or sections of Web sites.
C2: A level of security safeguard criteria. See also: Controlled Access Protection, TCSEC.
Capstone: The U.S. Government’s long-term project to develop a set of standards for publicly-available cryptography, as authorized by the Computer Security Act of 1987. The Capstone cryptographic system will consist of four major components and be contained on a single integrated circuit microchip that provides nonDoD data encryption for Sensitive But Unclassified information. It implements the Skipjack algorithm. See also: Clipper.
Certification: The comprehensive analysis of the technical and nontechnical features, and other safeguards, to establish the extent to which a particular MIS meets a set of specified security requirements. Certification is part of the accreditation process and carries with it an implicit mandate for accreditation. See also: Accreditation.
Channel: An information transfer path within a system or the mechanism by which the path is affected.
CHAP: Challenge Handshake Authentication Protocol developed by the IETF.
Child Pornography: Sites that promote, discuss or portray children in sexual acts and activity or the abuse of children. Pornographic sites that advertise or imply the depiction of underage models and that do not have a U.S.C. 2257 declaration on their main page. As of March 13, 2007, all sites categorized as child porn are actually saved into the URL Library in the Porn category and are automatically submitted to the Internet Watch Foundation for legal verification as child pornography (http://www.iwf.org.uk/). If the IWF agrees that a site and/or any of its hosted pages are child pornography, they add it those URLs to their master list. The master list is downloaded nightly and saved into the URL Library in the Child Porn category.
Cipher: An algorithm for encryption or decryption. A cipher replaces a piece of information (an element of plain text) with another object, with the intent to conceal meaning. Typically, the replacement rule is governed by a secret key. See also: Decryption, Encryption.
Ciphertext: Form of cryptography in which the plaintext is made unintelligible to anyone who intercepts it by a transformation of the information itself, based on some key.
CIO-Cyber Web Site: Provides training modules for Cyber Security subjects.
Classification: A systematic arrangement of information in groups or categories according to established criteria. In the interest of national security it is determined that the information requires a specific degree of protection against unauthorized disclosure together with a designation signifying that such a determination has been made.
Classified Distributive Information Network (CDIN): Any cable, wire, or other approved transmission media used for the clear text transmission of classified information in certain DOE access controlled environments. Excluded is any system used solely for the clear text transmission and reception of intrusion/fire alarm or control signaling.
Classified Information System (CIS): A discrete set of information resources organized for the collection, processing, maintenance, transmission, and dissemination of classified information, in accordance with defined procedures, whether automated or manual. Guidance Note: For the purposes of this document, an IS may be a standalone, single- or multiuser system or a network comprised of multiple systems and ancillary supporting communications devices, cabling, and equipment.
Classified Information Systems Security Plan (ISSP): The basic classified system protection document and evidence that the proposed system, or update to an existing system, meets the specified protection requirements. The Classified ISSP describes the classified IS, any interconnections, and the security protections and countermeasures. This plan is used throughout the certification, approval, and accreditation process and serves for the lifetime of the classified system as the formal record of the system and its environment as approved for operation. It also serves as the basis for inspections of the system.
Classified Information Systems Security Program: The Classified Information Systems Security Program provides for the protection of classified information on information systems at LANL.
Classified Information Systems Security Site Manager (ISSM): The manager responsible for the LANL Classified Information Systems Security Program.
Clear or Clearing (MIS Storage Media): The removal of sensitive data from MIS storage and other peripheral devices with storage capacity, at the end of a period of processing. It includes data removal in such a way that assures, proportional to data sensitivity, it may not be reconstructed using normal system capabilities, i.e., through the keyboard. See also: Object Reuse, Remanence.
Clipper: Clipper is an encryption chip developed and sponsored by the U.S. government as part of the Capstone project. Announced by the White House in April 1993, Clipper was designed to balance competing concerns of federal law-enforcement agencies and private citizens by using escrowed encryption keys. See also: Capstone, Skipjack.
Collaborator: A person not employed by the Laboratory who (1) is authorized to remotely access a LANL unclassified computer system located on the site or (2) uses a LANL system located off the site. Guidance note: A collaborator does not have an active Employee Information System record.
Commercial-off-the-Shelf (COTS): Products that are commercially available and can be utilized as generally marketed by the manufacturer.
Compromise: The disclosure of sensitive information to persons not authorized access or having a need-to-know.
Computer Fraud and Abuse Act of 1986: This law makes it a crime to knowingly gain access to a federal government computer without authorization and to affect its operation.
Computer Security: Technological and managerial procedures applied to MIS to ensure the availability, integrity, and confidentiality of information managed by the MIS. See also: Information Systems Security.
Computer Security Act of 1987: The law provides for improving the security and privacy of sensitive information in “federal computer systems”—“a computer system operated by a federal agency or other organization that processes information (using a computer system) on behalf of the federal government to accomplish a federal function.”
Computer Security Incident: Any event or condition having actual or potentially adverse effects on an information system. See the Cyber Security Handbook.
Computing, Communications, and Networking (CCN) Division Web Sites: Describes network services and their use by system users.
Confidentiality: The condition when designated information collected for approved purposes is not disseminated beyond a community of authorized knowers. It is distinguished from secrecy, which results from the intentional concealment or withholding of information. [OTA-TCT-606] Confidentiality refers to: 1) how data will be maintained and used by the organization that collected it; 2) what further uses will be made of it; and 3) when individuals will be required to consent to such uses. It includes the protection of data from passive attacks and requires that the information (in an MIS or transmitted) be accessible only for reading by authorized parties. Access can include printing, displaying, and other forms of disclosure, including simply revealing the existence of an object.
Configuration Management (CM): The management of changes made to an MIS hardware, software, firmware, documentation, tests, test fixtures, test documentation, communications interfaces, operating procedures, installation structures, and all changes there to throughout the development and operational life-cycle of the MIS.
Contingency Plan: The documented organized process for implementing emergency response, backup operations, and post-disaster recovery, maintained for an MIS as part of its security program, to ensure the availability of critical assets (resources) and facilitate the continuity of operations in an emergency. See also: Disaster Recovery.
Contingency Planning: The process of preparing a documented organized approach for emergency response, backup operations, and post-disaster recovery that will ensure the availability of critical MIS resources and facilitate the continuity of MIS operations in an emergency. See also: Contingency Plan, Disaster Recovery.
Controlled Access Protection (C2): A category of safeguard criteria as defined in the Trusted Computer Security Evaluation Criteria (TCSEC). It includes identification and authentication, accountability, auditing, object reuse, and specific access restrictions to data. This is the minimum level of control for SBU information.
Conventional Encryption: A form of cryptosystem in which encryption and decryption are performed using the same key. See also: Symmetric Encryption.
COTS: See: Commercial-off-the-Shelf.
COTS Software: Commercial-off the Shelf Software – software acquired by government contract through a commercial vendor. This software is a standard product, not developed by a vendor for a particular government project.
Countermeasures: See: Security Safeguards.
Cracker: See: Hacker.
Criminal Skills: Sites that promote crime or illegal activity such as credit card number generation, illegal surveillance and murder. Sites which commercially sell surveillance equipment will not be saved. Sample sites: www.illegalworld.com, www.password-crackers.com, and www.spy-cam-surveillance-equipment.com
Critical Assets: Those assets, which provide direct support to the organization’s ability to sustain its mission. Assets are critical if their absence or unavailability would significantly degrade the ability of the organization to carry out its mission, and when the time that the organization can function without the asset is less than the time needed to replace the asset.
Critical Processing: Any applications, which are so important to an organization, that little or no loss of availability is acceptable; critical processing must be defined carefully during disaster and contingency planning. See also: Critical Assets.
Cryptanalysis: The branch of cryptology dealing with the breaking of a cipher to recover information, or forging encrypted information what will be accepted as authentic.
Cryptography: The branch of cryptology dealing with the design of algorithms for encryption and decryption, intended to ensure the secrecy and/or authenticity of messages.
Cryptology: The study of secure communications, which encompasses both cryptography and cryptanalysis.
Cyber Security Program: The program mandated to ensure that the confidentiality, integrity, and availability of electronic data, networks and computer systems are maintained to include protecting data, networks and computing systems from unauthorized access, alteration, modification, disclosure, destruction, transmission, denial of service, subversion of security measures, and improper use.
DAC: See: C2, Discretionary Access Control and TCSEC.
DASD (Direct Access Storage Device): A physical electromagnetic data storage unit used in larger computers. Usually these consist of cylindrical stacked multiunit assemblies, which have large capacity storage capabilities.
Data: A representation of facts, concepts, information, or instructions suitable for communication, interpretation, or processing. It is used as a plural noun meaning “facts or information” as in: These data are described fully in the appendix, or as a singular mass noun meaning “information” as in: The data is entered into the computer.
Data Custodian: The person who ensures that information is reviewed to determine if it is classified or sensitive unclassified. This person is responsible for generation, handling and protection, management, and destruction of the information. Guidance Note: An alternative name for the data custodian is classified information systems application owner.
DES: Digital Encryption Standard.
Data Encryption Standard (DES): Data Encryption Standard is an encryption block cipher defined and endorsed by the U.S. government in 1977 as an official standard (FIPS PUB 59). Developed by IBM®, it has been extensively studied for over 15 years and is the most well known and widely used cryptosystem in the world. See also: Capstone, Clipper, RSA, Skipjack.
Data Integrity: The state that exists when computerized data are the same as those that are in the source documents and have not been exposed to accidental or malicious alterations or destruction. It requires that the MIS assets and transmitted information be capable of modification only by authorized parties. Modification includes writing, changing, changing status, deleting, creating, and the delaying or replaying of transmitted messages. See also: Integrity, System Integrity.
Deciphering: The translation of encrypted text or data (called ciphertext) into original text or data (called plaintext). See also: Decryption.
Decryption: The translation of encrypted text or data (called ciphertext) into original text or data (called plaintext). See also: Deciphering.
Dedicated Security Mode: An operational method when each user with direct or indirect individual access to a computer system, its peripherals, and remote terminals or hosts has a valid personnel security authorization and a valid need-to-know for all information contained within the system.
Dedicated System: A system that is specifically and exclusively dedicated to and controlled for a specific mission, either for full time operation or a specified period of time. See also: Dedicated Security Mode.
Default: A value or setting that a device or program automatically selects if you do not specify a substitute.
Degaussing Media: Method to magnetically erase data from magnetic tape.
Denial of Service: The prevention of authorized access to resources or the delaying of time-critical operations. Refers to the inability of a MIS system or any essential part to perform its designated mission, either by loss of, or degradation of operational capability.
Department of Defense (DOD) Trusted Computer System Evaluation Criteria: The National Computer Security Center (NCSC) criteria intended for use in the design and evaluation of systems that will process and/or store sensitive (or classified) data. This document contains a uniform set of basic requirements and evaluation classes used for assessing the degrees of assurance in the effectiveness of hardware and software security controls built in the design and evaluation of MIS. See also: C2, Orange Book, TCSEC.
DES: See: Data Encryption Standard. See also: Capstone, Clipper, RSA, Skipjack.
Designated Accrediting Authority (DAA): A DOE official with the authority to formally grant approval for operating a classified information system; the person who determines the acceptability of the residual risk in a system that is prepared to process classified information and either accredits or denies operation of the system.
Designated Security Officer: The person responsible to the designated high level manager for ensuring that security is provided for and implemented throughout the life-cycle of an MIS from the beginning of the system concept development phase through its design, development, operations, maintenance, and disposal.
Dial-up: The service whereby a computer terminal can use the telephone to initiate and effect communication with a computer.
Digital Signature Standard: DSS is the Digital Signature Standard, which specifies a Digital Signature Algorithm (DSA), and is part of the U.S. government’s Capstone project. It was selected by NIST and NSA to be the digital authentication standard of the U.S. government, but has not yet been officially adopted. See also: Capstone, Clipper, RSA, Skipjack.
Disaster Recovery Plan: The procedures to be followed should a disaster (fire, flood, etc.) occur. Disaster recovery plans may cover the computer center and other aspects of normal organizational functioning. See also: Contingency Plan.
Discretionary Access Control (DAC): A means of restricting access to objects based on the identity of subjects and/or groups to which they belong or on the possession of an authorization granting access to those objects. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) onto any other subject.
Discretionary access controls: Controls that limit access to information on a system on an individual basis.
Discretionary processing: Any computer work that can withstand interruption resulting from some disaster.
DSS: See: Capstone, Clipper, Digital Signature Standard, RSA, Skipjack.
Dubious/Unsavory: Sites of a questionable legal or ethical nature. Sites which promote or distribute products, information, or devices whose use may be deemed unethical or, in some cases, illegal: Warez, Unlicensed mp3 downloads, Radar detectors, and Street racing. Sample sites: www.thepayback.com and www.strangereports.com.
Emergency Response: A response to emergencies such as fire, flood, civil commotion, natural disasters, bomb threats, etc., in order to protect lives, limit the damage to property and the impact on MIS operations.
Enciphering: The conversion of plaintext or data into unintelligible form by means of a reversible translation that is based on a translation table or algorithm. See also: Encryption.
Encryption: The conversion of plaintext or data into unintelligible form by means of a reversible translation that is based on a translation table or algorithm. See also: Enciphering.
Entity: Something that exists as independent, distinct or self-contained. For programs, it may be anything that can be described using data, such as an employee, product, or invoice. Data associated with an entity are called attributes. A product’s price, weight, quantities in stock, and description all constitute attributes. It is often used in describing distinct business organizations or government agencies.
Environment: The aggregate of external circumstance, conditions, and events that affect the development, operation, and maintenance of a system. Environment is often used with qualifiers such as computing environment, application environment, or threat environment, which limit the scope being considered.
Evaluation: Evaluation is the assessment for conformance with a preestablished metric, criteria, or standard.
Facsimile: A document that has been sent, or is about to be sent, via a fax machine.
Firewall: A collection of components or a system that is placed between two networks and possesses the following properties: 1) all traffic from inside to outside, and vice-versa, must pass through it; 2) only authorized traffic, as defined by the local security policy, is allowed to pass through it; 3) the system itself is immune to penetration.
Firmware: Equipment or devices within which computer programming instructions necessary to the performance of the device’s discrete functions are electrically embedded in such a manner that they cannot be electrically altered during normal device operations.
Friendly Termination: The removal of an employee from the organization when there is no reason to believe that the termination is other than mutually acceptable.
Gateway: A machine or set of machines that provides relay services between two networks.
General Support System: An interconnected set of information resources under the same direct management control which shares common functionality. A system normally includes hardware, software, information, data, applications, communications, and people. A system can be, for example, a local area network (LAN) including smart terminals that support a branch office, an agency-wide backbone, a communications network, a departmental data processing center including its operating system and utilities, a tactical radio network, or a shared information processing service organization (IPSO).
Generic Remote Access: Web sites pertaining to the use of, or download of remote access clients.
Green Network: See Open Network.
Hack: Any software in which a significant portion of the code was originally another program. Many hacked programs simply have the copyright notice removed. Some hacks are done by programmers using code they have previously written that serves as a boilerplate for a set of operations needed in the program they are currently working on. In other cases it simply means a draft. Commonly misused to imply theft of software. See also: Hacker.
Hacker: Common nickname for an unauthorized person who breaks into or attempts to break into an MIS by circumventing software security safeguards. Also, commonly called a “cracker.” See also: Hack, Intruder.
Hacking: Sites discussing and/or promoting unlawful or questionable tools or information revealing the ability to gain access to software or hardware/communications equipment and/or passwords: Password generation, Compiled binaries, Hacking tools and Software piracy (game cracking). Sample sites: www.happyhacker.org, and www.phreak.com.
Hardware: Refers to objects that you can actually touch, like disks, disk drives, display screens, keyboards, printers, boards, and chips.
Heuristic: Filtering based on heuristic scoring of the content based on multiple criteria.
Hostmaster Database: A relational database maintained by the Network Engineering Group (CCN-5) that contains information about every device connected to the Laboratory unclassified yellow and green networks.
HTML Anomalies: Legitimate companies keep their Web sites up to date and standards based to support the newest browser version support and features and are malicious code free. Malicious sites frequently have HTML code that is not compliant to standards.
Identification: The process that enables recognition of an entity by a system, generally by the use of unique machine-readable usernames.
Information Security: The protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.
Information Security Officer (ISO): The person responsible to the designated high level manager for ensuring that security is provided for and implemented throughout the life-cycle of an MIS from the beginning of the system concept development phase through its design, development, operations, maintenance, and disposal.
Information System (IS): The entire infrastructure, organizations, personnel and components for the collection, processing, storage, transmission, display, dissemination and disposition of information.
Information Systems Security (INFOSEC): The protection of information assets from unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. INFOSEC reflects the concept of the totality of MIS security. See also: Computer Security.
Information System Security Officer (ISSO): The worker responsible for ensuring that protection measures are installed and operational security is maintained for one or more specific classified information systems and/or networks.
IKE: Internet Key Exchange.
Integrated Computing Network (ICN): LANL’s primary institutional network.
Integrity: A subgoal of computer security which ensures that: 1) data is a proper representation of information; 2) data retains its original level of accuracy; 3) data remains in a sound, unimpaired, or perfect condition; 3) the MIS perform correct processing operations; and 4) the computerized data faithfully represent those in the source documents and have not been exposed to accidental or malicious alteration or destruction. See also: Data Integrity, System Integrity.
Interconnected System: An approach in which the network is treated as an interconnection of separately created, managed, and accredited MIS.
Internet: A global network connecting millions of computers. As of 1999, the Internet has more than 200 million users worldwide, and that number is growing rapidly.
Intranet: A network based on TCP/IP protocols (an Internet) belonging to an organization, usually a corporation, accessible only by the organization’s members, employees, or others with authorization. An intranet’s Web sites look and act just like any other Web sites, but the firewall surrounding an intranet fends off unauthorized access.
Intruder: An individual who gains, or attempts to gain, unauthorized access to a computer system or to gain unauthorized privileges on that system. See also: Hacker.
Intrusion Detection: Pertaining to techniques, which attempt to detect intrusion into a computer or network by observation of actions, security logs, or audit data. Detection of break-ins or attempts either manually or via software expert systems that operate on logs or other information available on the network.
Invalid Web Pages: Sites where a domain may be registered but no content is served or the server is offline.
Ipsec: Internet Protocol Security is a framework for a set of security protocols at the network or packet processing layer of network communications. IPsec is ubiquitous amongst firewall, VPNs, and routers.
ISO/AISO: The persons responsible to the Office Head or Facility Director for ensuring that security is provided for and implemented throughout the life-cycle of an IT from the beginning of the concept development plan through its design, development, operation, maintenance, and secure disposal.
Issue-Specific Policy: Policies developed to focus on areas of current relevance and concern to an office or facility. Both new technologies and the appearance of new threats often require the creation of issue-specific policies (email, Internet usage).
IT Security: Measures and controls that protect an IT against denial of and unauthorized (accidental or intentional) disclosure, modification, or destruction of ITs and data. IT security includes consideration of all hardware and/or software functions.
IT Security Policy: The set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information.
IT Systems: An assembly of computer hardware, software and/or firmware configured to collect, create, communicate, compute, disseminate, process, store, and/or control data or information.
Kerberos: Kerberos is a secret-key network authentication system developed by MIT and uses DES for encryption and authentication. Unlike a public-key authentication system, it does not produce digital signatures. Kerberos was designed to authenticate requests for network resources rather than to authenticate authorship of documents. See also: DSS.
Key (digital): A set of code synonymous with key pairs as part of a public key infrastructure. The key pairs include ‘private’ and ‘public’ keys. Public keys are generally used for encrypting data and private keys are generally used for signing and decrypting data.
Key Distribution Center: A system that is authorized to transmit temporary session keys to principals (authorized users). Each session key is transmitted in encrypted form, using a master key that the key distribution shares with the target principal. See also: DSS, Encryption, Kerberos.
Label: The marking of an item of information that reflects its information security classification. An internal label is the marking of an item of information that reflects the classification of that item within the confines of the medium containing the information. An external label is a visible or readable marking on the outside of the medium or its cover that reflects the security classification information resident within that particular medium. See also: Confidentiality.
LAN (Local Area Network): An interconnected system of computers and peripherals. LAN users can share data stored on hard disks in the network and can share printers connected to the network.
Language: Content Filtering systems can be used to limit the results of an Internet search to those that are in your native language.
LANL Unclassified Network: The LANL unclassified network that consists of two internal networks: the unclassified protected network (Yellow Network) and the open network (Green Network).
LDAP: Short for Lightweight Directory Access Protocol, a set of protocols for accessing information directories. LDAP is based on the standards contained within the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, which is necessary for any type of Internet access.
Least Privilege: The principle that requires each subject be granted the most restrictive set of privileges needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use.
Local Area Network: A short-haul data communications systems that connects IT devices in a building or group of buildings within a few square miles, including (but not limited to) workstations, front end processors, controllers, switches, and gateways.
Mail header: Filtering based solely on the analysis of e-mail headers. Antispam systems try to use this technique as well, but it is not very effective due to the ease of message header forgery.
Mailing List: Used to detect mailing list messages and file them in appropriate folders.
Major Application (MA): A computer application that requires special management attention because of its importance to an organization’s mission; its high development, operating, and/or maintenance costs; or its significant role in the administration of an organization’s programs, finances, property, or other resources.
Malicious Code/Virus: Sites that promote, demonstrate and/or carry malicious executable, virus or worm code that intentionally cause harm by modifying or destroying computer systems often without the user’s knowledge.
Management Controls: Security methods that focus on the management of the computer security system and the management of risk for a system.
Management Information System (MIS): An MIS is an assembly of computer hardware, software, and/or firmware configured to collect, create, communicate, compute, disseminate, process, store, and/or control data or information. Examples include: information storage and retrieval systems, mainframe computers, minicomputers, personal computers and workstations, office automation systems, automated message processing systems (AMPSs), and those supercomputers and process control computers (e.g., embedded computer systems) that perform general purpose computing functions.
MIS Owner: The official who has the authority to decide on accepting the security safeguards prescribed for an MIS and is responsible for issuing an accreditation statement that records the decision to accept those safeguards. See also: Accreditation Approval (AA), Application Owner, Process Owner.
MIS Security: Measures or controls that safeguard or protect an MIS against unauthorized (accidental or intentional) disclosure, modification, destruction of the MIS and data, or denial of service. MIS security provides an acceptable level of risk for the MIS and the data contained in it. Considerations include: 1) all hardware and/or software functions, characteristics, and/or features; 2) operational procedures, accountability procedures, and access controls at all computer facilities in the MIS; 3) management constraints; 4) physical structures and devices; and 5) personnel and communications controls.
Microprocessor: A semiconductor central processing unit contained on a single integrated circuit chip.
Modem: An electronic device that allows a microcomputer or a computer terminal to be connected to another computer via a telephone line.
Multiuser Systems: Any system capable of supporting more than one user in a concurrent mode of operation.
National Computer Security Center (NCSC): The government agency part of the National Security Agency (NSA) and that produces technical reference materials relating to a wide variety of computer security areas. It is located at 9800 Savage Rd., Ft. George G. Meade, Maryland.
National Institute of Standards and Technology (NIST): The federal organization that develops and promotes measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life.
National Telecommunications and Information Systems Security Policy: Directs federal agencies, by July 15, 1992, to provide automated Controlled Access Protection (C2 level) for MIS, when all users do not have the same authorization to use the sensitive information.
Need-to-Know: Access to information based on clearly identified need to know the information to perform official job duties.
Network: A communications medium and all components attached to that medium whose responsibility is the transference of information. Such components may include MISs, packet switches, telecommunications controllers, key distribution centers, and technical control devices.
Network Security: Protection of networks and their services unauthorized modification, destruction, disclosure, and the provision of assurance that the network performs its critical functions correctly and there are no harmful side-effects.
NIST: National Institute of Standards and Technology in Gaithersburg, Maryland. NIST publishes a wide variety of materials on computer security, including FIPS publications.
Nonrepudiation: Method by which the sender is provided with proof of delivery and the recipient is assured of the sender’s identity, so that neither can later deny having processed the data.
Nonvolatile Memory Units: Devices which continue to retain their contents when power to the unit is turned off (bobble memory, Read-Only Memory/ROM).
Object: A passive entity that contains or receives information. Access to an object potentially implies access to the information it contains. Examples of objects are records, blocks, pages, segments, files, directories, directory tree, and programs as well as bits, bytes, words, fields, processors, video displays, keyboards, clocks, printers, network nodes, etc.
Object Reuse: The reassignment to some subject of a medium (e.g., page frame, disk sector, or magnetic tape) that contained one or more objects. To be securely reassigned, no residual data from previously contained object(s) can be available to the new subject through standard system mechanisms.
Obscene/Tasteless: Sites that contain explicit graphical or text depictions of such things as mutilation, murder, bodily functions, horror, death, rude behavior, executions, violence, and obscenities etc. Sites which contain or deal with medical content will not be saved. Sample sites: www.celebritymorgue.com, www.rotten.com, and www.gruesome.com
Offline: Pertaining to the operation of a functional unit when not under direct control of a computer. See also: Online.
Online: Pertaining to the operation of a functional unit when under the direct control of a computer. See also: Offline.
Open Network: A network within the LANL Unclassified Network that supports LANL’s public Internet presence and external collaborations. See LANL unclassified network.
Operating System: The most important program that runs on a computer. Every general-purpose computer must have an operating system to run other programs. Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers.
Operation Controls: Security methods that focus on mechanisms that primarily are implemented and executed by people (as opposed to systems).
Orange Book: Named because of the color of its cover, this is the DoD Trusted Computer System Evaluation Criteria, DoD 5200.28-STD. It provides the information needed to classify computer systems as security levels of A, B, C, or D, defining the degree of trust that may be placed in them. See also: C2, TCSEC.
Organizational Computer Security Representative (OCSR): A LANL person who has oversight responsibilities for one or more single-user, standalone classified or unclassified systems.
Overwrite Procedure: A process, which removes or destroys data recorded on a computer storage medium by writing patterns of data over, or on top of, the data stored on the medium.
Overwriting media: Method for clearing data from magnetic media. Overwriting uses a program to write (1 s, 0s, or a combination) onto the media. Overwriting should not be confused with merely deleting the pointer to a file (which typically happens when a “delete” command is used).
Parity: The quality of being either odd or even. The fact that all numbers have parity is commonly used in data communication to ensure the validity of data. This is called parity checking.
PBX: Short for private branch exchange, a private telephone network used within an enterprise. Users of the PBX share a certain number of outside lines for making telephone calls external to the PBX.
Pass Code: A one-time-use “authenticator” that is generated by a token card after a user inputs his or her personal identification number (PIN) and that is subsequently used to authenticate a system user to an authentication server or workstation.
Password: A protected word, phrase, or string of symbols used to authenticate a user’s identity to a system or network. Guidance note: One-time pass codes are valid only for a single authentication of a user to a system; reusable passwords are valid for repeated authentication of a user to a system.
Peripheral Device: Any external device attached to a computer. Examples of peripherals include printers, disk drives, display monitors, keyboards, and mice.
Personal Identification Number (PIN): A number known only to the owner of the token card and which, once entered, generates a one-time pass-code.
Personnel Security: The procedures established to ensure that all personnel who have access to any sensitive information have all required authorities or appropriate security authorizations.
Phishing: Deceptive information pharming sites that are used to acquire personal information for fraud or theft. Typically found in hoax e-mail, these sites falsely represent themselves as legitimate Web sites to trick recipients into divulging user account information, credit-card numbers, usernames, passwords, Social Security numbers, etc. Pharming, or crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.
Phrases: Filtering based on detecting phrases in the content text and their proximity to other target phrases.
Physical Security: The application of physical barriers and control procedures as preventative measures or safeguards against threats to resources and information.
Pornography/Adult Content: Sites that portray sexual acts and activity.
Port: An interface on a computer to which you can connect a device.
Port Protection Device: A device that authorizes access to the port itself, often based on a separate authentication independent of the computer’s own access control functions.
Privacy Act of 1974: A US law permitting citizens to examine and make corrections to records the government maintains. It requires that Federal agencies adhere to certain procedures in their record keeping and interagency information transfers. See also: System of Records.
Private Branch Exchange: Private Branch eXchange (PBX) is a telephone switch providing speech connections within an organization, while also allowing users access to both public switches and private network facilities outside the organization. The terms PABX, PBX, and PABX are used interchangeably.
Process: An organizational assignment of responsibilities for an associated collection of activities that takes one or more kinds of input to accomplish a specified objective that creates an output that is of value.
Process Owner: The official who defines the process parameters and its relationship to other Customs processes. The process owner has Accrediting Authority (AA) to decide on accepting the security safeguards prescribed for the MIS process and is responsible for issuing an accreditation statement that records the decision to accept those safeguards. See also: Application Owner.
Protected Distribution System (PDS): A type of protected conduit system used for the protection of certain levels of information. PDS is the highest level of protection and is used in public domain areas for SRD and lower.
Protected Transmission System: A cable, wire, conduit, or other carrier system used for the clear text transmission of classified information in certain DOE environments. Protected transmission systems comprise protected distribution systems (PDSs) and classified distributive information networks (CDINs). A wire-line or fiber-optic telecommunications system that includes the acoustical, electrical, electromagnetic, and physical safeguards required to permit its use for the transmission of unencrypted classified information.
Public Law 100-235: Established minimal acceptable standards for the government in computer security and information privacy. See also: Computer Security Act of 1987.
RADIUS: Remote Authentication Dial-in User Service. A long-established de-facto standard whereby user profiles are maintained in a database that remote servers can share and authenticate dial-in users and authorize their request to access a system or service.
Rainbow Series: A series of documents published by the National Computer Security Center (NCSC) to discuss in detail the features of the DoD, Trusted Computer System Evaluation Criteria (TCSEC) and provide guidance for meeting each requirement. The name “rainbow” is a nickname because each document has a different color of cover. See also: NCSC.
Read: A fundamental operation that results only in the flow of information from an object to a subject.
Real Time: Occurring immediately. Real time can refer to events simulated by a computer at the same speed that they would occur in real life.
Recovery: The process of restoring an MIS facility and related assets, damaged files, or equipment so as to be useful again after a major emergency which resulted in significant curtailing of normal ADP operations. See also: Disaster Recovery.
Regular Expression: Filtering based on rules written as regular expressions.
Remanence: The residual information that remains on storage media after erasure. For discussion purposes, it is better to characterize magnetic remanence as the magnetic representation of residual information that remains on magnetic media after the media has been erased. The magnetic flux that remains in a magnetic circuit after an applied magnetomotive force has been removed. See also: Object Reuse.
Remote Access: Sites that provide information about or facilitate access to information, programs, online services or computer systems remotely. Sample sites: pcnow.webex.com, and www.remotelyanywhere.com.
Residual Risk: The risk of operating a classified information system that remains after the application of mitigating factors. Such mitigating factors include, but are not limited to minimizing initial risk by selecting a system known to have fewer vulnerabilities, reducing vulnerabilities by implementing countermeasures, reducing consequence by limiting the amounts and kinds of information on the system, and using classification and compartmentalization to lessen the threat by limiting the adversaries’ knowledge of the system.
Risk: The probability that a particular threat will exploit a particular vulnerability of the system.
Risk Analysis: The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards. An analysis of an organization’s information resources, its existing controls, and its remaining organizational and MIS vulnerabilities. It combines the loss potential for each resource or combination of resources with an estimated rate of occurrence to establish a potential level of damage in dollars or other assets. See also: Risk Assessment, Risk Management.
Risk Assessment: Process of analyzing threats to and vulnerabilities of an MIS to determine the risks (potential for losses), and using the analysis as a basis for identifying appropriate and cost-effective measures. See also: Risk Analysis, Risk Management. Risk analysis is a part of risk management, which is used to minimize risk by specifying security measures commensurate with the relative values of the resources to be protected, the vulnerabilities of those resources, and the identified threats against them. The method should be applied iteratively during the system life-cycle. When applied during the implementation phase or to an operational system, it can verify the effectiveness of existing safeguards and identify areas in which additional measures are needed to achieve the desired level of security. There are numerous risk analysis methodologies and some automated tools available to support them.
Risk Management: The total process of identifying, measuring, controlling, and eliminating or minimizing uncertain events that may affect system resources. Risk management encompasses the entire system life-cycles and has a direct impact on system certification. It may include risk analysis, cost/benefit analysis, safeguard selection, security test and evaluation, safeguard implementation, and system review. See also: Risk Analysis, Risk Assessment.
Router: An interconnection device that is similar to a bridge but serves packets or frames containing certain protocols. Routers link LANs at the network layer.
ROM: Read Only Memory. See also: Nonvolatile Memory Units.
RSA: A public-key cryptosystem for both encryption and authentication based on exponentiation in modular arithmetic. The algorithm was invented in 1977 by Rivest, Shamir, and Adelman and is generally accepted as practical or secure for public-key encryption. See also: Capstone, Clipper, DES, RSA, Skipjack.
Rules of Behavior: Rules established and implemented concerning use of, security in, and acceptable level of risk for the system. Rules will clearly delineate responsibilities and expected behavior of all individuals with access to the system. Rules should cover such matters as work at home, dial-in access, connection to the Internet, use of copyrighted works, unofficial use of Federal Government equipment, the assignment and limitation of system privileges, and individual accountability.
Safeguards: Countermeasures, specifications, or controls, consisting of actions taken to decrease the organizations existing degree of vulnerability to a given threat probability, that the threat will occur.
Security Incident: An MIS security incident is any event and/or condition that has the potential to impact the security and/or accreditation of an MIS and may result from intentional or unintentional actions. See also: Security Violation.
Security Plan: Document that details the security controls established and planned for a particular system.
Security Policy: The set of laws, rules, directives, and practices that regulate how an organization manages, protects, and distributes controlled information.
Security Requirements: Types and levels of protection necessary for equipment, data, information, applications, and facilities to meet security policies.
Security Safeguards (Countermeasures): The protective measures and controls that are prescribed to meet the security requirements specified for a system. Those safeguards may include, but are not necessarily limited to: hardware and software security features; operating procedures; accountability procedures; access and distribution controls; management constraints; personnel security; and physical structures, areas, and devices. Also called safeguards or security controls.
Security Specifications: A detailed description of the security safeguards required to protect a system.
Security Violation: An event, which may result in disclosure of sensitive information to, unauthorized individuals, or that results in unauthorized modification or destruction of system data, loss of computer system processing capability, or loss or theft of any computer system resources. See also: Security Incident.
Sensitive Data: Any information, the loss, misuse, modification of, or unauthorized access to, could affect the national interest or the conduct of federal programs, or the privacy to which individuals are entitled under Section 552a of Title 5, U.S. Code, but has not been specifically authorized under criteria established by an Executive order or an act of Congress to be kept classified in the interest of national defense or foreign policy.
Sensitive Unclassified Information: Information for which disclosure, loss, misuse, alteration, or destruction could adversely affect national security or other federal government interests. Guidance Note: National security interests are those unclassified matters that relate to the national defense or to United States (US) foreign relations. Other government interests are those related to, but not limited to, a wide range of government or government-derived economic, human, financial, industrial, agricultural, technological, and law-enforcement information, and to the privacy or confidentiality of personal or commercial proprietary information provided to the U.S. government by its citizens. Examples are Unclassified Controlled Nuclear Information (UCNI), Official Use Only (OUO) information, Naval Nuclear Propulsion Information (NNPI), Export Controlled Information (ECI), In Confidence information, Privacy Act information (such as personal/medical information), proprietary information, for example, from a cooperative research and development agreement (CRADA), State Department Limited Official Use (LOU) information, and Department of Defense For Official Use Only (FOUO) information.
Sensitivity Level: Sensitivity level is the highest classification level and classification category of information to be processed on an information system.
Separation of Duties: The dissemination of tasks and associated privileges for a specific computing process among multiple users to prevent fraud and errors.
Server: The control computer on a local area network that controls software access to workstations, printers, and other parts of the network.
Site: Usually a single physical location, but it may be one or more MIS that are the responsibility of the DSO. The system may be a standalone MIS, a remote site linked to a network, or workstations interconnected via a local area network (LAN).
Skipjack: A classified NSA designed encryption algorithm contained in the Clipper Chip. It is substantially stronger than DES and intended to provide a federally mandated encryption process, which would enable law enforcement agencies to monitor and wiretap private communications. See also: Capstone, Clipper, DES, RSA, Skipjack.
Smart Card: A credit-card – sized device with embedded microelectronics circuitry for storing information about an individual. This is not a key or token, as used in the remote access authentication process.
SNMP: Simple Networking Management Protocol.
Software: Computer instructions or data. Anything that can be stored electronically is software.
Software Copyright: The right of the copyright owner to prohibit copying and/or issue permission for a customer to employ a particular computer program.
SPAM: To crash a program by overrunning a fixed-site buffer with excessively large input data. Also, to cause a person or newsgroup to be flooded with irrelevant or inappropriate messages.
Spyware: Sites that promote, offer or secretively install software to monitor user behavior, track personal information, record keystrokes, and/or change user computer configuration without the user’s knowledge and consent malicious or advertising purposes. Includes sites with software that can connect to “phone home” for transferring user information.
Standard Security Procedures: Step-by-step security instructions tailored to users and operators of MIS that process sensitive information.
Standalone System: A single-user MIS not connected to any other systems.
Symmetric Encryption: See: Conventional Encryption.
System: An organized hierarchy of components (hardware, software, data, personnel, and communications, for example) having a specified purpose and performance requirements.
System Administrator: The individual responsible for the installation and maintenance of an information system, providing effective information system utilization, required security parameters, and implementation of established requirements.
System Availability: The state that exists when required automated informations can be performed within an acceptable time period even under adverse circumstances.
System Failure: An event or condition that results in a system failing to perform its required function.
System Integrity: The attribute of a system relating to the successful and correct operation of computing resources. See also: Integrity.
System of Records: A group of any records under the control of the Department from which information is retrieved by the name of an individual, or by some other identifying number, symbol, or other identifying particular assigned to an individual. See also: Privacy Act of 1974.
System Owner: The person, team, group, or division that has been assigned and accepted responsibility for Laboratory computer assets.
System Recovery: Actions necessary to restore a system’s operational and computational capabilities, and its security support structure, after a system failure or penetration.
System User: An individual who can receive information from, input information to, or modify information on a LANL information system without an independent review. Guidance Note: This term is equivalent to computer information system user, or computer user, found in other Laboratory documentation. System users may be both LANL workers and collaborators. For desktop systems, a single individual may be a system user and system owner.
TCP/IP: Transmission Control Protocol/Internet Proto-col. The Internet Protocol is based on this suite of protocols.
TCSEC: Trusted Computer System Evaluation Criteria (TCSEC). DoD 5200.28-STD, National Institute of Standards and Technology (NIST), Gaithersburg, Maryland, 1985. Establishes uniform security requirements, administrative controls, and technical measures to protect sensitive information processed by DoD computer systems. It provides a standard for security features in commercial products and gives a metric for evaluating the degree of trust that can be placed in computer systems for the securing of sensitive information. See also: C2, Orange Book.
Technical Controls: Security methods consisting of hardware and software controls used to provide automated protection to the system or applications. Technical controls operate within the technical system and applications.
Technical Security Policy: Specific protection conditions and/or protection philosophy that express the boundaries and responsibilities of the IT product in supporting the information protection policy control objectives and countering expected threats.
Telecommunications: Any transmission, emission, or reception of signals, writing, images, sound or other data by cable, telephone lines, radio, visual or any electromagnetic system.
Terrorist/Militant/Extremist: Sites that contain information regarding militias, anti-government groups, terrorism, anarchy, etc.: Anti-government/Anti-establishment and bomb-making/usage (Should also be saved in criminal skills). Sample sites: www.michiganmilitia.com, www.militiaofmontana.com, and www.ncmilitia.org
Test Condition: A statement defining a constraint that must be satisfied by the program under test.
Test Data: The set of specific objects and variables that must be used to demonstrate that a program produces a set of given outcomes. See also: Disaster Recovery, Test Program.
Test Plan: A document or a section of a document which describes the test conditions, data, and coverage of a particular test or group of tests. See also: Disaster Recovery, Test Condition, Test Data, Test Procedure (Script).
Test Procedure (Script): A set of steps necessary to carry out one or a group of tests. These include steps for test environment initialization, test execution, and result analysis. The test procedures are carried out by test operators.
Test Program: A program which implements the test conditions when initialized with the test data and which collects the results produced by the program being tested. See also: Disaster Recovery, Test Condition, Test Data, Test Procedure (Script).
The Computer Security Plans for General Support Systems (GSS) and Major Applications (MA): Plans that detail the specific protection requirements for major applications and general support systems.
The Cyber Security Handbook: A Web-site handbook that details the Cyber Security requirements required by system users, system administrators, and SRLMs who access electronic information.
Threat: An event, process, activity (act), substance, or quality of being perpetuated by one or more threat agents, which, when realized, has an adverse effect on organization assets, resulting in losses attributed to: direct loss, related direct loss, delays or denials, disclosure of sensitive information, modification of programs or databases and intangible (good will, reputation, etc.).
Threat Agent: Any person or thing, which acts, or has the power to act, to cause, carry, transmit, or support a threat. See also: Threat.
Token Card: A device used in conjunction with a unique PIN to generate a one-time pass code (for example, CRYPTOCard® or SecureID®).
Trapdoor: A secret undocumented entry point into a computer program, used to grant access without normal methods of access authentication. See also: Malicious Code.
Trojan Horse: A computer program with an apparently or actually useful function that contains additional (hidden) functions that surreptitiously exploit the legitimate authorizations of the invoking process to the detriment of security. See also: Malicious Code. Threat Agent.
Trusted Computer Base (TCB): The totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy. A TCB consists of one or more components that together enforce a security policy over a product or system. See also: C2, Orange Book, TCSEC.
Trusted Computing System: A computer and operating system that employs sufficient hardware and software integrity measures to allow its use for simultaneously processing a range of sensitive information and can be verified to implement a given security policy.
Unclassified Cyber Security Program Plan: A plan that provides a single source of unclassified computer security program information, and specifies the minimum protections and controls and references the detailed source material that pertains to the program.
Unclassified Information Systems Security Site Manager: The manager responsible for the LANL Unclassified Information Systems Security Program.
Unclassified Protected Network: A network within the LANL unclassified network that is designed to protect the resident systems from unauthorized access and is separated from the Internet by a firewall that controls external access to the network. See also: LANL Unclassified Network.
Unfriendly Termination: The removal of an employee under involuntary or adverse conditions. This may include termination for cause, RIF, involuntary transfer, resignation for “personality conflicts,” and situations with pending grievances.
UPS (Uninterruptible Power Supply): A system of electrical components to provide a buffer between utility power, or other power source, and a load that requires uninterrupted, precise power. This often includes a trickle-charge battery system which permits a continued supply of electrical power during brief interruption (blackouts, brownouts, surges, electrical noise, etc.) of normal power sources.
User: Any person who is granted access privileges to a given IT.
User Interface: The part of an application that the user works with. User interfaces can be text-driven, such as DOS, or graphical, such as Windows.
Verification: The process of comparing two levels of system specifications for proper correspondence.
Virus: Code imbedded within a program that causes a copy of itself to be inserted in one or more other programs. In addition to propagation, the virus usually performs some unwanted function. Note that a program need not perform malicious actions to be a virus; it need only infect other programs. See also: Malicious Code.
VSAN: Virtual SAN.
Vulnerability: A weakness, or finding that is non-compliant, non-adherent to a requirement, a specification or a standard, or unprotected area of an otherwise secure system, which leaves the system open to potential attack or other problem.
WAN (Wide Area Network): A network of LANs, which provides communication, services over a geographic area larger than served by a LAN.
WWW: See: World Wide Web.
World Wide Web: An association of independent information databases accessible via the Internet. Often called the Web, WWW, or W.
Worm: A computer program that can replicate itself and send copies from computer to computer across network connections. Upon arrival, the worm may be activated to replicate and propagate again. In addition to propagation, the worm usually performs some unwanted function. See also: Malicious Code.
Write: A fundamental operation that results only in the flow of information from a subject to an object.
Yellow Network: See LANL Unclassified Network.