A3 Algorithm
A3 Algorithm is used to encrypt Global System for Mobile Communications (GSM) cellular communications. In practice, A3 and A8 algorithms are generally implemented together (known as A3/A8). An A3/A8 algorithm is implemented in Subscriber Identity Module (SIM) cards and in GSM network Authentication Centres. It is used to authenticate the customer and generate a key for encrypting voice and data traffic, as defined in 3GPP TS 43.020 (03.20 before Rel-4). Development of A3 and A8 algorithms is considered a matter for individual GSM network operators, although example implementations are available.

A3/A8
A3/A8 refers to two algorithms, A3 and A8, that are used to encrypt Global System for Mobile Communications (GSM) cellular communications. Since A3 and A8 algorithms are generally implemented together, they are often known as A3/A8. An A3/A8 algorithm is implemented in Subscriber Identity Module (SIM) cards and in GSM network Authentication Centres. It is used to authenticate the customer and generate a key for encrypting voice and data traffic, as defined in 3GPP TS 43.020 (03.20 before Rel-4). Development of A3 and A8 algorithms is considered a matter for individual GSM network operators, although example implementations are available.

A5 Algorithm
A5 Algorithm is used to encrypt Global System for Mobile Communications (GSM) cellular communications. An A5 encryption algorithm scrambles the user's voice and data traffic between the handset and the base station to provide privacy. An A5 algorithm is implemented in both the handset and the base station subsystem (BSS).

A8 Algorithm
A8 Algorithm is used to encrypt Global System for Mobile Communications (GSM) cellular communications. In practice, A3 and A8 algorithms are generally implemented together (known as A3/A8). An A3/A8 algorithm is implemented in Subscriber Identity Module (SIM) cards and in GSM network Authentication Centres. It is used to authenticate the customer and generate a key for encrypting voice and data traffic, as defined in 3GPP TS 43.020 (03.20 before Rel-4). Development of A3 and A8 algorithms is considered a matter for individual GSM network operators, although example implementations are available.

AAA server
An AAA server is a server with AAA software or applications to process user requests for access to computer/network resources and to provide authentication, authorization, and accounting (AAA) functions.

AAA: Access control, Authorization, and Auditing
Access control, Authorization, and Auditing (AAA), another description of Authentication, Authorization and Accounting, is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security.

AAA: Authentication, Authorization, and Accounting
AAA typically stands for Authentication, Authorization, Accounting. Sometimes it refers to as Access control, Authorization, Auditing. AAA is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security.

Access Control
Access Control ensures that computer, network and infomation resources are only granted to those users who are entitled to them. Computer security access control includes authentication, authorization and audit. It also includes additional measures such as physical devices, including biometric scans and metal locks, hidden paths, digital signatures, encryption, social barriers, and monitoring by humans and automated systems.

Access Control Service
Access Control Service is a security service that provides a protection of computer and networking resources against unauthorized access. The two basic mechanisms for implementing this service are ACLs and tickets.

Access Management
Access Management provides the maintenance of access information with four key tasks: account administration, maintenance, monitoring, and revocation.

Access Matrix
An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.

Access Point
Access points act as a central transmitter and receiver of WLAN radio signals. Access points used in home or small business networks are generally small, dedicated hardware devices featuring a built-in network adapter, antenna, and radio transmitter. Access points support Wi-Fi wireless communication standards.

Access Point Mapping
Access Point Mapping, also called war driving, is the act of locating and possibly exploiting connections to wireless local area networks while driving around an area. To do war driving, you need to use a computer with a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna on/in a vihecle to receive the wireless signals.

Access Token
Access Token is a security device that normally attaches to a COM port on a system which, when used in conjunction with appropriate software or hardware, allows authorized access to that system.

Access
Access, in networking, refers to enter into a system with certain privacy and to have the right to use resources.

Access list
Access list, also known as acccess control list (ACL), refers to a list used for controlling traffic on network devices. Access List is a mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted or denied to access the resource.

Access mask
Access mask is a 32 bits value specifying which rights are allowed or denied in an access control entry (ACE). An access mask is also used to request access rights when an object is opened.

Account Harvesting
Account Harvesting is the process of collecting all the legitimate account names on a system. Sniffing software is often used to harvest accounts.

Account lockout
Account lockout refers to the situation in which a user account is disabled automatically for security reasons.

Account lockout policy
Account lockout policy refers to a policy that controls how account lockout is implemented for a system or network.

Account policy
Account policy refers to the policies to control and manage the security aspects of user accounts.

ACE: Access Control Entry 
Access Control Entry (ACE) describes access rights associated with a particular SID. The access control entry is evaluated by the operating system in order to compute the effective access granted to a particular program based upon its credentials. For example, when a user logs on to the computer, and then executes a program, the program uses the credentials associated with that particular user's account.

ACF2: Access Control Facility 2
Access Control Facility 2 (ACF2, more formally, CA-ACF2), a set of programs from Computer Associates, enables security on mainframes. ACF2 prevents accidental or deliberate modification, corruption, mutilation, deletion, or viral infection of files.

ACK Piggybacking
ACK piggybacking is the practice of sending an ACK inside another packet going to the same destination.

ACK Storm
ACK storm refers to a situation when a large numbers of Transmission Control Protocol (TCP) acknowledgment (ACK) packets are generated, usually because of an attempted session hijacking.

ACL: Access Control List
Access Control List is a mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted or denied to access the resource.

AclDiag: ACL Diagnostics
AclDiag.exe is a Microsoft Windows 2000/2003/XP Server Resource Kit command-line tool for troubleshooting permissions problems, also known as ACL Diagnostics.

ACPA: Anticybersquatting Consumer Protection Act
Anticybersquatting Consumer Protection Act(ACPA) is a U.S. federal law that gives trademark owners legal remedies against domain name cybersquatters.

ACSA: Applied Computer Security Associates
Applied Computer Security Associates (ACSA) is a nonprofit association of computer security professionals whose goal is improving the understanding, theory, and practice of computer security.

ACSAC: Annual Computer Security Applications Conference
Annual Computer Security Applications Conference(ACSAC) is an annual conference on computer security organized and sponsored by Applied Computer Security Associates (ACSA).

Active Attacks
Active Attacks means that the attackers is actively attempting to cause harm to a network or system. The attacker is not just monitoring on the traffic but is attempting to breach or shut down a service. Some of the well-known active attacks include DOS/DDOS, buffer overflow, SYN attacks and IP spoofing.

Active Content
Active Content is the program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Active content is either interactive, such as Internet polls or opt-in features, or dynamic, such as animated GIFs, stock tickers, weather maps, JavaScript applications, embedded objects, streaming video and audio or ActiveX applications. Streaming video and audio rely on browser plug-ins, such as RealPlayer, to display active content.

ActiveX
ActiveX programs, often written using Visual Basic, are used to create active contents that are called and used by other programs and the operating system. For example, ActiveX is used with Microsoft Internet Explorer to make interactive Web pages that can perform functions, rather than static pages. With ActiveX, users can ask or answer questions, use push buttons, and interact in other ways with the Web page. ActiveX applications can have full access to your system and you must be very careful when allow your system to execute this kind of code, because it may conduct malicious activities.

Activity Monitors
Activity monitors aim to prevent virus infections by monitoring malicious activity on a system, and blocking that activity when possible.

Adaptive proxy
Adaptive proxy, also called dynamic proxy, is an enhanced form of application-level gateway. The adaptive proxy prefetches and replaces heterogeneous data dynamically in consideration of networks cost, data size, data change rate, etc. An adaptive cache proxy is developed to improve the performance of web access in real-time applications.

Add-on Security
Add-on Security refers to a type of security patches that has been added to a system after it has been released. In other words, the security features are retrofitted instead of being an original part of the system.

Address munging
Address munging refers to any method of disguising an e-mail address to make it hard for Web crawlers to find.

Address spoofing
Address spoofing, often simply called spoofing, the process of falsifying the source of Media Access Control (MAC) or Internet Protocol (IP) addresses of packets being sent on an Ethernet network or IP network.

Address-based authentication
Address-based authentication refers to an authentication method that employs a network address as the credentials.

Admintool
Admintool is a tool on the Solaris platform used for configuring password policies for users.

Admission Control
Admission Control refers to controlling what type of traffic is allowed to enter or transit a network. Admission control schemes, therefore, need to be implemented at the network edges to control the traffic and user entering the network

Admnlock
Admnlock is a command-line tool in the Microsoft Windows 2000/2003/XP Server Resource Kit that can be used to protect the Administrator account from abuse.

ADMworm
ADMworm is a worm developed by the hacker group ADM that exploits a buffer overflow in BIND.

Adware
Adware, a form of spyware, collects information about the user or user activities in order to display advertisements in the Web browser. Adware or advertising-supported software includes advertisements or other marketing material automatically loaded by the software and displayed or played back after installation about the computer or its users activities. It is uploaded automatically when the user has not requested it. These applications often present banner ads in pop-up windows or through a bar that appears on a computer screen.

AE: Authenticated Encryption
Authenticated Encryption (AE) is a term used to describe encryption systems which simultaneously protect confidentiality and authenticity (integrity) of communications. These goals have long been studied, but they have only recently enjoyed a high level of interest from cryptographers due to the complexity of implementing systems for privacy and authentication separately in a single application.

AES: Advanced Encryption Standard
The Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard developed by NIST. AES is intended to specify an unclassified, publicly-disclosed, symmetric encryption algorithm. AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits.

AES-CMAC
AES-CMAC, short of Advanced Encryption Standard-Cipher-based Message Authentication Code, is an authentication algorithm based on CMAC with the 128-bit Advanced Encryption Standard (AES). AES-CMAC achieves a security goal similar to that of HMAC. Since AES-CMAC is based on a symmetric key block cipher, AES, and HMAC is based on a hash function, such as SHA-1, AES-CMAC is appropriate for information systems in which AES is more readily available than a hash function.

AES-CMAC-PRF-128
AES-CMAC-PRF-128, short of Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128, is an authentication algorithm based on AES-CMAC. AES-CMAC-PRF-128 is identical to AES-CMAC except that the 128-bit key length restriction is removed.

AFIS: Automated Fingerprint Identification System
The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data. The AFIS was originally used by the U.S. Federal Bureau of Investigation (FBI) in criminal cases.

Aggressive Mode
Aggressive Mode, one of the two IKE policy modes (aggressive and main), establishes an authenticated IKE SA and keys. Aggressive mode eliminates several steps during IKE authentication negotiation (phase 1) between two or more IPSec peers. Aggressive mode is faster than Main Mode but not as secure. However, aggressive mode uses half the number of messages, has less negotiation power, and does not provide identity protection.

AH: Authentication Header
Authentication Header is a key protocol in the IPsec protocol suite, which provides a framework for secured communication of the IP network. AH protocol is responsible for maintaining the authenticity and integrity of the payload.

AirSnort
AirSnort is a wireless LAN tool that can recover encryption keys. It passively monitors transmissions and computes the encryption key when enough packets have been gathered.

AKE: Augmented Key Exchange
Augmented Key Exchange(AKE) is a key exchange protocol for public key cryptography systems.

ALBB: Application-Level Behavior Blocking
Application-Level Behavior Blocking (ALBB), an anti-virus and anti-spyeare technology, blocks active content based on the actions it will try to carry out in accordance with a company’s security policy, thereby detects any new unknown attacks.

Alert
Alert is a message sent or event triggered in response to an intrusion, hardware failure, software problem, or some other conditions.

Alert flooding
Alert flooding refers to an attack that tries to overwhelm an intrusion detection system (IDS) by deliberately causing it to generate too many alerts, most of them false negative.

Alias / Handle
Alias or Handle means an alternative name or ID used by people to hide their true identities. Many Internet users have a genuine and valid reason to disguise their identities and then use alias. Others, including hackers, crackers and script kiddies, use an alias/handle, simply to avoid recognition and detection.

Amap
Amap is a network-scanning tool for identifying services and applications running on a network.

Amplification attack
Amplification attack refers to any type of attack that magnifies the effect of a single attacking host.

Anna or Anna Kournikova Virus
Anna is the informal name of the computer virus, the Anna Kournikova VBS.SST. "Anna" is a viral worm that uses Visual Basic to infect Windows systems when a user unwittingly opens an e-mail note with an attachment that appears to be a graphic image of Russian tennis star Anna Kournikova.

Anomaly Detection
Anomaly Detection is a technique used in Intrusion Detection System (IDS) to identify possible attacks. When using anomaly detection, ongoing traffic, activity, transaction or behavior for anomalies on network or systems are examined. The principle underlying is that the "attack behavior" is different than the normal user behavior.

Anomaly-based IDS
Anomaly-based IDS refers to an intrusion detection system (IDS) that uses a baseline instead of signatures to detect intrusions.

Anonymous FTP
Anonymous FTP means a public FTP file archive that any Internet user can access without password or any other access control. The term "anonymous" refers to the generic account that is used by anyone to log into an FTP server.

Anonymous P2P
An anonymous P2P computer network is a particular type of peer-to-peer network in which the users and their nodes are pseudonymous by default. The primary difference between regular and anonymous networks is in the routing method of their respective network architectures. These networks allow for unfettered free flow of information, legal or otherwise.

Anonymous remailer
Anonymous remailer refers to a server computer which receives messages with embedded instructions on where to send them next, and which forwards them without revealing where they originally came from. There are Cypherpunk anonymous remailers, Mixmaster anonymous remailers, and nym servers, among others which differ in how they work, in the policies they adopt, and in the type of attack on anonymity of email they can (or are intended to) resist. Remailing as discussed in this article applies to emails intended for particular receipients, not the general public. Anonymity in the latter case is more easily addressed by using any of several methods of anonymous publication.

Anonymous access
Anonymous access is a form of authentication that allows anonymous users access to a Web or FTP site without checking its user name and password, and without making one's IP address or any other personally identifiable information available to the websites that one is visiting.

Anonymous proxy
Anonymous proxy is a proxy server that can be used for anonymous Web browsing. In this case, anonymity of the real visitor will be retained because only the information on the proxy server is visible to outsiders.

Anonymous Web browsing
Anonymous Web browsing refers to any method for browsing the World Wide Web anonymously without making one's IP address or any other personally identifiable information available to the websites that one is visiting. Anonymous web browsing is generally useful to anyone who wants to ensure that their sessions can not be monitored. For instance, it is used to circumvent traffic monitoring by organisations which want to find out or control which web sites employees can visit.

Anti-Adware
Anti-Adware refers to any software utility that scans your system and removes adware, spyware, keyloggers, trojans, and other malicious code from your computer. Many Adware programs are undetectable to anti-virus software and many users now use an anti-adware utility in addition to anti-virus software to protect their system.

AntiGen
AntiGen is an antivirus software developed by Sybari for Lotus Domino and Microsoft Exchange to detect the presence of Back Orifice on a machine running Microsoft Windows.

Anti-Phishing
Anti-phishing refers to a process, typically using software tools, to identify phishing contents like websites and emails. It is often integrated with web browsers and email clients as a toolbar that displays the real domain name for the visiting website. Phishing is the act of attempting to fraudulently acquire sensitive user information, such as passwords and credit card details, by masquerading as a trustworthy person (or organization) with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message).

AntiSniff
AntiSniff is a network monitoring tool that is able to remotely detect whether a computer is doing packet sniffing or in promiscuous mode. If it is and this sniffing is not conducted by an authorized personale, either that the system administrator has accidentally left it in this state or that you have an intruder.

Anti-Spam
Spamming is the use of any electronic communications medium, such as emails and short messages, to send unsolicited messages in bulk. The most common form of spam is the one that delivered in e-mail as a form of commercial advertising. Anti-spam software can detect spam messages, stop them from further verification, or to delete them completely.

Anti-Spyware
Spyware is a software installed in the PC without the knowledge or authorization of the owner to collect user information. The majority of PCs are infected with spyware. Antispyware applications are software utilities that will scan the PC, detect the spyware and clean them.

Anti-Virus (Antivirus) Software
Antivirus software is a class of program that searches your hard drive and floppy disks for any known or potential viruses. If it finds a virus, the program alerts the user and may clean, delete or quarantine any files, directories or disks affected. Most antivirus programs identify the viruses, worms and trojan horses that are a threat and remove them automatically.

Anti-X
Anti-X refers to the anti-virus, anti-spyware, anti-spam and anti-phishing solutions. On the other hand, Anti-X is a solution developed by GenNet Technology for guarding certain Internet viewers against the fast-growing pornography contents on the Internet.

Applet
An applet is a software component that runs in the context of another progam, for example a web browser. The applet must run in a container, which is provided by a host program, or through a plugin, or a variety of other applications including mobile devices that support the applet programming model. Unlike a program, an applet cannot run independently, features display and often interaction with the human user, and is usually stateless and has restricted security privileges. An applet characteristically performs a very narrow function that has no independent use. Hence, it is an application -let.

Application Filtering
Application filtering is a technique used in the application gateway or application level firewalls to filter or block certain network traffic by the application types.

Application Hardening
Application Hardening is the process to address application security weaknesses by implementing the latest software paches, hotfixes and updates, using the latest and secured versions of protocols and following procedures and policies to reduce attacks and system down time. The critical applications that need hardening are Web servers, email servers, DNS servers, etc.

Application Layer Firewall
Application layer firewall is a firewall operating at the application layer of the networking communication. Generally, it is a host using various forms of proxy servers to proxy traffic instead of routing it. As it works on the application layer, it may inspect the contents of the traffic, blocking what the firewall administrator views as inappropriate content, such as certain websites, viruses, attempts to exploit known logical flaws in client software, and so forth.

Application Level Gateway
Application level gateways, also known as application layer firewalls or application proxy firewalls, are often described as third generation firewalls. When a user on the trusted networks wishes to connect to a service on the untrusted network such as the Internet, the application is directed to the proxy server on the firewall. The proxy server effectively pretends to be the real server on the Internet. It evaluates the request and decides to permit or deny the request based on a set of rules that are managed for the individual network service.

Application Proxy
An application proxy, also known as application level proxy or application-level gateway, is an application program that runs on a firewall system between two networks. When a client program establishes a connection to a destination service, it connects to an application gateway, or proxy. The client then negotiates with the proxy server in order to communicate with the destination service. In effect, the proxy establishes the connection with the destination behind the firewall and acts on behalf of the client, hiding and protecting individual computers on the network behind the firewall. This creates two connections: one between the client and the proxy server and one between the proxy server and the destination.

Application-level proxy
Application-level proxy, also known as application proxy or application-level gateway, is a type of firewall(or a program running on a firewall) that establishes connections using a proxy.

AppSec: Application Security Tool
AppSec is a Microsoft Windows 2000/2003/XP Server Resource Kit utility that can be used to limit which applications a user can run.

APS: Application Protection System
Application protection system (APS) is a software program that identifies hostile Hypertext Transfer Protocol(HTTP) traffic.

Apsend
Apsend is a free open source Linux utility for testing firewalls. APSEND can send TCP/IP packets to test firewalls and other network applications. It also includes a syn flood option, the land DoS attack, a DoS attack against tcpdump running on a UNIX-based system, a UDP-flood attack, and a ping flood option. It currently supports the following protocols: IP, TCP, UDP, ICMP, Ethernet frames, and you can also build any other type of protocol using the generic option.

APSR
APSR is a network-testing tool that can send and receive arbitrary packets. APSR can be used to test firewalls, routing, security and many other things. The project is splitted in two main programs, apsend to create packets and aprecv to sniff packets. The main goal of the APSR project is to develop a high quality network testing tool.

Arbitrary code execution attack
Arbitrary code execution attack is a type of attack that enables an intruder to run arbitrary code on the target machine.

Argus
Argus is an open source tool for monitoring network activity. Argus can monitor all network traffic such as TCP + UDP applications, IP connectivity, SNMP OIDS, Programs, Databases, etc. It can send alerts in numerous ways (such as via pager) and can automatically escalate if someone falls asleep.

Application Proxy
An application proxy, also known as application level proxy or application-level gateway, is an application program that runs on a firewall system between two networks. When a client program establishes a connection to a destination service, it connects to an application gateway, or proxy. The client then negotiates with the proxy server in order to communicate with the destination service. In effect, the proxy establishes the connection with the destination behind the firewall and acts on behalf of the client, hiding and protecting individual computers on the network behind the firewall. This creates two connections: one between the client and the proxy server and one between the proxy server and the destination.

ARP Poisoning
Address Resolution Protocol (ARP) poisoning, also known as ARP spoofing or APR cache poisoning, is a MAC layer attack that can only be carried out when an attacker is connected to the same local network as the target machines, limiting its effectiveness only to networks connected with switches, hubs, and bridges; not routers. Most 802.11b access points act as transparent MAC layer bridges, which allow ARP packets to pass back and forth between the wired and wireless networks. This implementation choice for access points allows ARP cache poisoning attacks to be executed against systems that are located behind the access point.

ARP Spoofing
ARP Spoofing, also referred to as ARP poison routing (APR) or ARP cache poisoning, is a method of attacking an Ethernet LAN by updating the target computer's ARP cache with both a forged ARP request and reply packets in an effort to change the Layer 2 Ethernet MAC address to one that the attacker can monitor. Because the ARP replies have been forged, the target computer sends frames that were meant for the original destination to the attacker computer first so the frames can be read. A successful APR attempt is invisible to the user.

ARP Cache Poisoning
ARP cache poisoning, also known as ARP spoofing, is the process of falsifying the source Media Access Control (MAC) addresses of packets being sent on an Ethernet network. It is a MAC layer attack that can only be carried out when an attacker is connected to the same local network as the target machines, limiting its effectiveness only to networks connected with switches, hubs, and bridges; not routers.

ARP redirection
ARP redirection, also known as ARP spoofing, the process of falsifying the source Media Access Control (MAC) addresses of packets being sent on an Ethernet network. It is a MAC layer attack that can only be carried out when an attacker is connected to the same local network as the target machines, limiting its effectiveness only to networks connected with switches, hubs, and bridges; not routers.

Arpwatch
Arpwatch is a command-line utility for UNIX/Linux platforms that monitors Address Resolution Protocol (ARP) tables for changes.

AS: Authentication server
Authentication server (AS) is a device used in network access control. It stores the usernames and passwords that identify the clients logging on, or it may hold the algorithms for access. For access to specific network resources, the server may itself store user permissions and company policies or provide access to directories that contain the information. Protocols such as RADIUS, Kerboros and TACACS+, and 802.1x are implemented in an authentication server to perform user authentications.

ASA: Adaptive Security Algorithm
Adaptive Security Algorithm (ASA) is a Cisco algorithm for managing stateful connections for PIX Firewalls. ASA controls all traffic flow through the PIX firewall, performs stateful inspection of packets, and creates remembered entries in connection and translations tables. These entries are referenced every time when traffic tries to flow back through from lower security levels to higher security levels. If a match is found, the traffic is allowed through. Finally, the ASA provides an extra level of security by randomizing the TCP sequence numbers of outgoing packets in an effort to make them more difficult to predict by hackers.

ASAX: Advanced Security Audit Trail Analysis on UNIX
Advanced Security Audit Trail Analysis on UNIX (ASAX) is a sequential file analysis tool for UNIX and Linux platforms that simplifies the analysis of audit information.

ASP.NET Forms authentication
ASP.NET Forms authentication is a secure forms-based Web site authentication method provided by ASP.NET on the Microsoft Windows Server 2003 platform.

ARP: Address Resolution Protocol
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions.

ARPANET: Advanced Research Projects Agency Network
ARPANET (Advanced Research Projects Agency Network) is a pioneer packet-switched network that was built in the early 1970s under contract to the US Government (Department of Defence). It led to the development of today's Internet.

Asymmetric Algorithm
Asymmetric algorithm is the algorithm used in the asymmetric cryptography, in which a pair of keys (a private key and a public key) is used to encrypt and decrypt a message to ensure the privacy of communications.

Asymmetric Cryptography
Asymmetric Cryptography, also called public-key cryptography, is a modern branch of cryptography in which the algorithms employ a pair of keys (a public key and a private key). One key is used to encrypt the message while the other key is used to decrypt the message.

Asymmetric Warfare
Asymmetric warfare is a military term describing warfare in which the two belligerents are mismatched in their military capabilities or their accustomed methods of engagement. In such a situation, the militarily disadvantaged power must press its special advantages or effectively exploit its enemy's particular weaknesses if they are to have any hope of prevailing. In the context of network security, hackers and intruders with very limited resources may explore some critical weaknesses in a network or system to launch very effective attacks that can yield incredible damages.

Asymmetric key algorithm
Asymmetric key algorithm is a form of encryption in which two mathematically related keys are used.

ATLAS: Advanced Transaction Look-up and Signaling
Advanced Transaction Look-up and Signaling(ATLAS) is a system being developed by Verisign to replace BIND and to bridge between the network infrastructures of telephony and the Internet.

ATM Security
ATM security concerns the security issues regarding the Asynchronous Transfer Mode (ATM) network, which usually has less security exposures than TCP/IP network. However, ATM networks are subjected to information sniffing, VC hijacking, denial of service attacks and ATM switch attacks.

Attack Vector
An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element.

ATR string
ATR string refers to a string of bytes returned by a smart card when it is inserted into a smart card reader.

Attack
Attack, in networking and information technology, refers to any method used to try to breach the security of a network or system.

Attack map
Attack map refers to a map of a network that an intruder plans to attack.

Attribute BLOB
Attribute BLOB refers to an encoded representation of the attribute information stored in a certificate request.

AUC: Authentication Centre
The Authentication Centre (AUC) is a device, usually located in the HLR of a GSM system, to authenticate each SIM card that attempts to connect to the GSM core network (typically when the phone is powered on). Once the authentication is successful, the HLR is allowed to manage the SIM and services described above. An encryption key is also generated that is subsequently used to encrypt all wireless communications (voice, SMS, etc.) between the mobile phone and the GSM core network.

Audit (or Auditing)
Audit refers to the following actions in information security: 1. To conduct an independent review and examination of system records and activities in order to test the adequacy and effectiveness of data security and data integrity procedures, to ensure compliance with established policy and operational procedures, and to recommend any necessary changes.2. Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures.

Audit Trail
In accounting, an audit trail is the sequence of paperwork that validates or invalidates accounting entries. In computing, the term is also used for an electronic or paper log used to track computer activity. For example, an employee might have access to a section of a network in a corporation such as billing but be unauthorized to access all other sections. An audit trail will show where in the network the employee has accessed to and what has been done.

Audit/Auditing
In information security, Auditing is the information gathering and analysis of assets to ensure policy compliance and to secure systems from possible attacks.

Audit log
Audit log refers to a log file containing audit information for an application or system.

Audit policy
Audit policy specifies the level and type of auditing to be performed by a system or application.

Auditpol
Auditpol is an utility in the Microsoft Windows NT/2000/2003/XP Server Resource Kit for remotely managing auditing on servers running Windows OS.

AUP: Acceptable Use Policy
Acceptable Use Policy (AUP) refers to the policies that restrict the use to which the network can be put. The enforcement of AUPs varies with the network. Many public network services have an AUP. The AUP is a formal or informal document that defines the intended uses of the network, unacceptable uses, and the consequences for non-compliance. One often encounters an AUP when registering for a Web-based service or when working on a corporate intranet. A good AUP will include provisions for network etiquette, limits on the use of network resources, if any, and clear indications of the level of privacy a member on the network should expect. The best AUPs incorporate "what if" scenarios that illustrate the usefulness of the policy in real-world terms.

AusCERT: Australian Computer Emergency Response Team
Australian Computer Emergency Response Team (AusCERT) is an independent nonprofit organization based in Australia that monitors and evaluates global computer network threats and vulnerabilities.

Authentication
Authentication is the process of determining whether someone or something is actually who or what it is declared to be. In private and public computer networks, authentication is commonly done through the use of logon passwords. Many more advanced authenticaion methods such as biometric authenticaion using finger prints and other unique identities are developed.

Authentication Protocol
Authentication protocols are the stardands and procedues used to authenticate information and users. There are many authentication protocols. For example, the Challenge-Handshake Authentication Protocol (CHAP) is an authentication protocol used to log on a user to an Internet access provider.

Authentication Server
Authentication server is a device used in network access control. It stores the usernames and passwords that identify the clients logging on, or it may hold the algorithms for access. For access to specific network resources, the server may itself store user permissions and company policies or provide access to directories that contain the information. Protocols such as RADIUS, Kerboros and TACACS+, and 802.1x are implemented in an authentication server to perform user authentications.

Authentication Spoofing
Authentication Spoofing refers to the process of using other person's credentials to get authenticated to access a network. The packet injection attack is authentication spoofing, which happens in the wireless LAN communications by using a design fraud in the WEP.

Authentication Ticket
An authentication ticket, also known as a ticket-granting ticket (TGT), is a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process. When the client receives an authentication ticket, the client sends the ticket back to the server along with additional information verifying the client's identity.

Authentication package
Authentication package is the code that encapsulates the logic used for authenticating users.

Authenticator
In networking and information security, authenticators are means used to confirm the identity or eligibility of a station, originator, or individual. Authenticator typically is a symbol or group of symbols, or a series of bits, selected or derived in a prearranged manner and usually inserted at a predetermined point within a message or transmission for the purpose of attesting to the validity of the message or transmission. A letter, numeral, group of letters or numerals, or any combinations of these, attesting to the authenticity of a message or transmission.

Authenticity
Authenticity typically means the integrity and trustworthiness of data or an entity. In other words, authenticity is the validity and conformance of the information or identity of a person. The authenticity can be secured and verified using cryptographic methods.

Authenticode
Authenticode is a security feature of Internet Explorer. Authenticode allows vendors of downloadable executable code (plug-ins or ActiveX controls, for example) to attach digital certificates to their products to assure end users that the code is from the original developer and has not been altered. Authenticode lets end users decide for themselves whether to accept or reject software components posted on the Internet before downloading begins. Authenticode comes into play when applications are signed by the authors and placed in cabinet (CAB) files. These are then check-summed as to their contents and the checksum is then related to the author's signature.

Authorization
Authorization is the approval, permission, or empowerment for someone or something to do something.

Authorization creep
Authorization creep is a term describing how users may possess unnecessarily high access privileges within a company or organization.

Autologon
Autologon is a logon method in which the user is automatically logged onto the system or network.

Autorooter
Autorooter is an automated tool for discovering and scanning security vulnerabilities in networks.

Autonomous System
One network or series of networks that are all under one administrative control. An autonomous system is also sometimes referred to as a routing domain. An autonomous system is assigned a globally unique number, sometimes called an Autonomous System Number (ASN).

Availability
Availability of network or system is the the ratio of the total time a system is capable of being used during a given interval to the length of the interval. For example, the switching system of the PSTN is claimed to have a 99.999% (5 9's) availability, which translate into a 4 minutes down time each year.