Cybersecurity Glossary

A security domain is a set of subjects, their information objects, and a common security policy; it is also a collection of entities to which applies a single security policy executed by a single authority. A domain that implements a security policy and is administered by a single authority.

A seed key is an initial key used to start an updating or key generation process.

Security functions are the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based.

A smart card is an electronic badge that includes a magnetic strip or chip that can record and replay a set key. The card connects to a reader with direct physical contact or with a remote contactless radio frequency interface.

The secure hash standard specifies secure hash algorithms -sha-1, sha-224, sha-256, sha-384, sha-512, sha-512/224 and sha-512/256 -for computing a condensed representation of electronic data (message). When a message of any length less than 2 64 bits (for sha-1, sha224 and sha-256) or less than 2 128 bits (for sha-384, sha-512, sha-512/224 and sha-512/256) is input to a hash algorithm, the result is an output called a message digest. The message digests range in length from 160 to 512 bits, depending on the algorithm. Secure hash algorithms are typically used with other cryptographic algorithms, such as digital signature algorithms and keyed-hash message authentication codes, or in the generation of random numbers (bits). The hash algorithms specified in this standard are called secure because, for a given algorithm, it is computationally infeasible 1) to find a message that corresponds to a given message digest, or 2) to find two different messages that produce the same message digest. Any change to a message will, with a very high probability, result in a different message digest. This will result in a verification failure when the secure hash algorithm is used with a digital signature algorithm or a keyed-hash message authentication algorithm. In addition, a secure hash standard is a specification for a secure hash algorithm that can generate a condensed message representation called a message digest.

Security markings are human-readable indicators applied to a document, storage media, or hardware component to designate security classification, categorization, and/or handling restrictions applicable to the information contained therein. For intelligence information, security markings could include compartment and sub-compartment indicators and handling restrictions.

A security relevant event is an occurrence (e.g., an auditable event or flag) considered to have potential security implications to the system or its environment that may require further action (noting, investigating, or reacting).

A security banner is a banner at the top or bottom of a computer screen that states the overall classification of the system in large, bold type. A security banner can also refer to the opening screen that informs users of the security implications of accessing a computer resource.

A server is a computer entity or a machine that waits for requests from other machines or software (clients) and responds to them. The purpose of a server is to share data or hardware and software resources among clients.

Salt is a non-secret value that is used in a cryptographic process, usually to ensure that the results of computations for one instance cannot be reused by an attacker.