Information, Computer and Network Security Terms Glossary and Dictionary - R

RA: Registration Authority
In Public Key Infrastructure (PKI), the Registration Authority(RA) is the authority charged with recording or verifying some or all of the data required for the Certificate Authority to issue certificates and maintain CRLs. In many cases, the CA will undertake all of the RA functions itself; but where a CA operates over a wide geographical area, it may be administratively advisable to delegate some of the tasks to an RA. The delegated tasks might include personal authentication, token distribution, key generation, revocation and others -- leaving the CA to concentrate on its primary tasks of signing certificates and CRLs.

Race Condition
A race condition exploits the small window of time between a security control being applied and when the service is used.

RACF: Resource Access Control Facility
Resource Access Control Facility(RACF) is the IBM security management product for its mainframe operating system, OS/390 (MVS) as well as for its VM operating system. RACF allows an enterprise to manage the biggest security threat in most enterprises: destruction of computing resources by its own employees.

Radiation Monitoring
Radiation monitoring is the process of receiving images, data, or audio from an unprotected source by listening to radiation signals.

RADIUS: Remote Authentication Dial-In User Service
Remote Authentication Dial In User Service (RADIUS) is a protocol for carrying authentication, authorization and configuration information between a Network Access Server which desires to authenticate its links and a shared Authentication Server. RADIUS uses UDP as the transport protocol. RADIUS also carries accounting information between a Network Access Server and a shared Accounting Server.

Rainbow Series
Rainbow Series is a collection of books published by the National Computer Security Center under U.S. Department of defense. Each book has a different cover color which is the reason for the series nicknamed "the rainbow series".

Random Number
A random number is a number that is completely arbitrary in nature other than its length. Random numbers are widely used in cryptography as keys. The point of using a random number is that it should be impossible to guess, calculate or even narrow the field of possible outcomes.

Random Number Generator
Random Number Generator is a hardware or software based system which produces Random or Pseudo Random Numbers. True random number generators must work by sampling some truly random source such as the white noice. If any predictable algorithm is used to generate the number, it is called Pseudo Random Number Generators. Actually, most random number generators are Pseudo Random Number Generators.

RARP: Reverse Address Resolution Protocol
RARP (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local area network can request to learn its IP address from a gateway server's Address Resolution Protocol table or cache. A network administrator creates a table in a local area network's gateway router that maps the physical machine (or Media Access Control - MAC address) addresses to corresponding Internet Protocol addresses. When a new machine is set up, its RARP client program requests from the RARP server on the router to be sent its IP address. Assuming that an entry has been set up in the router table, the RARP server will return the IP address to the machine which can store it for future use.

RAS: Remote Access Service
Remote Access Service (RAS) is a method allowing users to access corporate network resources from home or on the go. RAS servers typically have an array of modems and dial-in lines for users to connect through, which provides some form of authentication and then connects users to the corporate network as if they were physically in a LAN environment.

RAT: Remote Administration Tool
Remote Administration Tool (RAT), sometimes called "remote administration trojans", uses Trojan as the delivery mechanism for remote administration. RATs are also sometimes described as Backdoor Servers. However, RAT remains the best name and description

RAT: Remote Administration Trojan
Remote Administration Trojan (RAT), sometimes called 'remote administration tools', use Trojan as the delivery mechanism for remote administration. RATs are also sometimes described as Backdoor Servers. However, RAT remains the best name and description

RBAC: Role Based Access Control
Role Based Access Control (RBAC) assigns users to roles based on their organizational functions and determines authorization based on those roles. This allows for a more granular and defined access control with a centralization of the access control function.

RC2: Rivest Cipher 2
RC2, or Rivest Cipher 2, is a block cipher designed by Ron Rivest in 1987. Other ciphers designed by Rivest include RC4, RC5 and RC6. RC2 is a 64-bit block cipher with a variable size key. Its 18 rounds are arranged as a source-heavy Feistel network, with 16 rounds of one type (MIXING) punctuated by two rounds of another type (MASHING). A MIXING round consists of four applications of the MIX transformation.

RC4: Rivest Cipher 4
RC4, or Rivest Cipher 4, is the most widely-used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). RC4 was designed by Ron Rivest of RSA Security in 1987. RC4 generates a pseudorandom stream of bits (a "keystream") which, for encryption, is combined with the plaintext using XOR as with any Vernam cipher; decryption is performed in the same way. While remarkable in its simplicity, RC4 falls short of the high standards of security set by cryptographers, and some ways of using RC4 lead to very insecure cryptosystems (including WEP). It is not recommended for use in new systems. However, some systems based on RC4 are secure enough for practical use.

RC5: Rivest Cipher 5
RC5, or Rivest Cipher 5 designed by Ronald Rivest in 1994, is a block cipher with a variable block size (32, 64 or 128 bits), key size (0 to 2040 bits) and number of rounds (0 to 255). The original suggested choice of parameters were a block size of 64 bits, a 128-bit key and 12 rounds. A key feature of RC5 is the use of data-dependent rotations; one of the goals of RC5 was to prompt the study and evaluation of such operations as a cryptographic primitive. RC5 also consists of a number of modular additions and eXclusive OR (XOR)s.

RC6: Rivest Cipher 6
RC6, or Rivest Cipher 6, is a symmetric key block cipher derived from RC5. It is proprietary of RSA Security designed by Ron Rivest, Matt Robshaw, Ray Sidney, and Yiqun Lisa Yin to meet the requirements of the Advanced Encryption Standard (AES) competition. The algorithm was one of the five finalists, and was also submitted to the NESSIE and CRYPTREC projects. RC6 proper has a block size of 128 bits and supports key sizes of 128, 192 and 256 bits, but, like RC5, it can be parameterised to support a wide variety of word-lengths, key sizes and number of rounds. RC6 is very similar to RC5 in structure, using data-dependent rotations, modular addition and XOR operations; in fact, RC6 could be viewed as interweaving two parallel RC5 encryption processes. However, RC6 does use an extra multiplication operation not present in RC5 in order to make the rotation dependent on every bit in a word, and not just the least significant few bits.

RC2/RC4
RC2/RC4 are two secret key encryption algorithms developed by Ronald Rivest and owned by RSA Security. RC2 is a variable key length 64-bit block cipher, while RC4 is a variable key length stream cipher.

rDNS: Reverse DNS
Reverse DNS (rDNS) is a method of resolving an IP address into a domain name, just as the domain name system (DNS) resolves domain names into associated IP addresses. One of the applications of reverse DNS is as a spam filter. Here's how it works: Typically, a spammer uses an invalid IP address, the one that doesn't match the domain name. A reverse DNS lookup program inputs IP addresses of incoming messages to a DNS database. If no valid name is found to match the IP address, the server blocks that message.

Realm
Realm refers to a network served by a single Kerberos database and group of key distribution centers (KDCs).

Recognizable plaintext attack
Recognizable plaintext attack, also known as ciphertext-only attack, is a cryptanalytic attack in which the attacker has only ciphertext to work with.

Reconnaissance
Reconnaissance is the phase of an attack where a attacker finds new systems, maps out networks, and probes for specific, exploitable vulnerabilities.

Red Team
The United States government used groups of experts called red teams to hack its own computer systems. Red team is a group of ethical hackers who help organizations to explore network and system vulnerailities.

Recovery agent
Recovery agent is a designated user that can decrypt encrypted files when a private key is lost.

Recovery Console
Recovery Console is a tool for troubleshooting startup problems on Microsoft Windows 2000 or later versions of the operating system.

Redact
Frequently, a redacted document, such as a memo or e-mail message, has simply had personal (or possibly actionable) information deleted or blacked out; as a consequence, redacted is often used to describe documents from which sensitive information has been expunged.

Reflection Attack
Reflection Attack is a type of replay attack in which transmitted data is sent back to its originator.

Reflexive Access List (ACLs)
Reflexive access lists or Reflexive ACLs, sitting in a filtering router contain condition statements (entries) that define criteria for permitting IP packets. Reflexive access lists enable dynamically open up filtering router to allow reply packets back through, in response to an outbound TCP connection or UDP session initiated from within your network. This mechanism reduces exposure to spoofing and denial-of-service, since desirable inbound flows are mostly in response to outbound traffic.

Regdmp
Regdmp is a Microsoft Windows 2000 Resource Kit utility for dumping registry information.

Registration
Registration in network security means the administrative act or process whereby an entity's name and other attributes are established for the first time at a Certification Authority (CA), prior to the CA issuing a digital certificate that has the entity's name as the subject.

Regrade
Regrade means deliberately changing the classification level of information by an authorized person.

Rekey
Rekey means to change the value of a cryptographic key that is being used in an application of a cryptographic system.

Reflexive ACLs (Cisco)
Reflexive ACLs for Cisco routers are a step towards making the router act like a stateful firewall. The router will make filtering decisions based on whether connections are a part of established traffic or not.

Remote Administration
Remote Administration generally refers to any method of remotely controling a computer. Typically a server, or network workstation, although sometimes "Home User" computers can be remotely administered by their owners. This is a legitimate function. However, it s also a function of many Trojan Horses (such as Back Orifice and Sub7). In some cases, the developers of such software attempt to reclassify their products as commercial "remote administration" tools.

Replay Attack
Replay attack is a type of attack that may happen in the TCP/IP network. To perform a replay attack, the attacker must first capture an amount of sensitive traffic, then simply replay it back to the host in an attempt to replicate the transaction. This attack may also cause target connection to drop. The random TCP sequence numbers and encyption like SSH and IPsec can help reduce the risk of this type of attack.

Repository
Repository in network security is a system for storing and distributing digital certificates and related information (including CRLs, CPSs, and certificate policies) to certificate users.

Repudiation
Repudiation refers to the denial by a system entity that was involved in an association (especially an association that transfers information) of having participated in the relationship. In contrast, non-repudiation means that in digital security the system can verify that the sender, and the recipient were, in fact, the parties who claimed to send or receive the message, respectively.

Residual Risk
Residual risk refers to the part of risk remaining after security measures have been implemented.

Resource Exhaustion
Resource Exhaustion refers to tying up finite resources on a system, making them unavailable to others.

Resource exhaustion attack
Resource exhaustion attack is a type of denial of service (DoS) by “starving” or "exhaust" a system resource.

Restrictive shell
Restrictive shell is a command shell that limits what users can do.

Return-to-libc attack
A return-to-libc attack is a computer security attack usually starting with a buffer overflow, in which the return address on the stack is replaced by the address of another function in the program. This allows attackers to call pre-existing functions without injecting malicious code into programs, and can still be a security hole in environments protected by concepts such as a non-executable stack.

Reverse Engineering
Reverse Engineering refers to the process of acquiring sensitive data by disassembling and analyzing the design of a system.

Reverse Lookup
Reverse Lookup means finding out the hostname that corresponds to a particular IP address. Reverse lookup uses an IP (Internet Protocol) address to find a domain name.

Reverse Proxy
Reverse proxies take public HTTP requests and pass them to back-end webservers to send the content to it, so the proxy can then send the content to the end-user.

Reversible encryption
Reversible encryption refers to any form of encryption that also can be decrypted.

Rexec
Rexec is a UNIX utility for executing a command on a remote host.

rhosts
rhosts is a file on UNIX systems that specifies remote users who are not required to provide a login password in order to run r-commands.

RID: Relative ID or Relative Identifier
In Windows 2000, the relative identifier (RID) is the part of a security ID (SID) that uniquely identifies an account or group within a domain.

Ridge
In the biometric process of fingerscanning, a ridge is a curved line in a finger image. Some ridges are continuous curves, and others terminate at specific points called ridge endings. Sometimes, two ridges come together at a point called a bifurcation. Ridge endings and bifurcations are known as minutiae.

Rijndael
Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES). It was selected from a list of five finalists, that were themselves selected from an original list of more than 15 submissions.

Rinetdl
Rinetd is a tool for redirecting Transmission Control Protocol (TCP) connections on a Unix and Linux OS. Rinetd is a single-process server which handles any number of connections to the address/port pairs specified in the configuration file etc/rinetd.conf. Since rinetd runs as a single process using nonblocking I/O, it is able to redirect a large number of connections without putting much additional load to the machine.

RIP Routing Attack
Routing Information Protocol (RIP) is used to distribute routing information within networks. Since RIP has no built-in authentication, an attacker could forge a RIP packet, claiming his host "X" has the fastest path out of the network. All packets sent out from that network would then be routed through X, where they could be modified or examined. An attacker could also use RIP to effectively impersonate any host, by causing all traffic sent to that host to be sent to the attacker's machine instead.

RIP spoofing
RIP spoofing refers to forging the Routing Information Protocol (RIP) packet, which causes redirecting of the Data streams by interspersing wrong routing information.

Risk
Risk in information security refers to the likelihood of a successful attack. It is measured as the product of the level of threat with the level of vulnerability. It establishes the likelihood of a successful attack.

RIP: Routing Information Protocol
Routing Information Protocol is a distance vector protocol used for interior gateway routing which uses hop count as the sole metric of a path's cost.

Risk Assessment
Risk Assessment is the process by which risks are identified and the impact of those risks determined.

Risk management
Risk management is the process of identifying, controlling, and eliminating or minimizing uncertain events that might affect system resources.

Rivest-Shamir-Adleman
Rivest-Shamir-Adleman (RSA) is an Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. The RSA algorithm is the most commonly used encryption and authentication algorithm and is included as part of the Web browsers from Microsoft and Netscape and many other products.

Rnmap
Rnmap is an enhanced version of Nmap(Network Mapper) for centralized port scanning.

ROKSO: Register of Known Spam Operations
The Register of Known Spam Operations (ROKSO) is a list of professional spammers that is maintained by the Spamhaus Project, an organization dedicated to identifying and exposing spam operators. Any spammer known to have been terminated by three consecutive Internet service providers (ISPs) is added to the list.

Role-based authorization
Role-based authorization refers to a type of authorization that uses roles instead of the user credentials to determine access rights and privileges.

Role-based security
Role-based security refers to any general mechanism that controls access to resources using roles instead of user credentials. A role is a set of users sharing the same security privileges. A user belonging to a particular role can access code, software and resources for which permissions are granted for the role. Granting permissions to access resources/code using roles rather than using a particular user is easier to manage.

Rollup
Rollup refers to a cumulative set of hot-fixes that can be applied in a single step.

Root CA: Root Certificate Authority
Root Certificate Authority (CA) is the ultimate CA, which signs the certificates of the subordinate CAs. The root CA has a self-signed certificate that contains its own public key.

Root Certificate
Root Certificate is the certificate for which the subject is a root. Hierarchical PKI usage: The self-signed public-key certificate at the top of a certification hierarchy.

Root Key
Root Key is a public for which the matching private key is held by a root certificate authority (CA).

Root rollover
Root rollover refers to the expiration of the root certificate for a root certificate authority (CA).

Rootkit
Rootkit is a collection of tools (programs) that a hacker uses to mask intrusion and obtain administrator-level access to a computer or computer network.

Route verification
Route verification is a packet-filtering technique for blocking spoofed packets. The procedures of route verificatipon permit a signaling point to determine the accuracy and consistency of its routing data by sending a test message and analyzing the response message to determine whether the sent message traversed the expected route.

Routing Daemon
Routing Daemon is the process on the router that is running the routing protocol, communicating with its neighbor routers, is usually called a routing daemon. The routing daemon updates the kernel's routing table with information it receives from neighbor routers.

Routing Loop
A routing loop is where two or more poorly configured routers repeatedly exchange the same packet over and over.

Roving Analysis Port
Roving analysis port, also known as port mirroring, is a method of monitoring network traffic that forwards a copy of each incoming and outgoing packet from one port of a network switch to another port where the packet can be studied. A network administrator uses port mirroring as a diagnostic tool or debugging feature, especially when fending off an attack.

RPC Scans: Remote Procedure Call Scan
Remote Procedure Call (RPC) scans determine which RPC services are running on a machine.

Rpcdump
Rpcdump is a Windows 2000 Resource Kit tool for displaying services registered with the remote procedure call (RPC) endpoint mapper.

RSA Cryptography Standard
A Public-Key Cryptography Standard (PKCS) that outlines the encryption of data using the RSA algorithm. The purpose of this standard is in the development of digital signatures and digital envelopes. It also describes a syntax for RSA public keys and private keys. The public-key syntax is used for certificates, while the private-key syntax is used for encrypting private keys.

RSA: Rivest-Shamir-Adleman
Rivest-Shamir-Adleman (RSA) is an Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. The RSA algorithm is the most commonly used encryption and authentication algorithm and is included as part of the Web browsers from Microsoft and Netscape and many other products.

RSBAC: Rule Set Based Access Control
The Rule Set Based Access Control (RSBAC) system is an open source extension to current Linux kernels. RSBAC targets actions based on rules for entities operating on objects. It was designed according to the Generalized Framework for Access Control (GFAC) to overcome the deficiencies of access control in standard *nix systems, and to make a flexible combination of security models as well as proper access logging possible.

rsh: Remote Shell Protocol
Remote Shell Protocol (rsh) is a protocol that allows a user to execute commands on a remote system without having to log in to the system. For example, rsh can be used to remotely examine the status of a number of access servers without connecting to each communication server, executing the command, and then disconnecting from the communication server. rsh originated as part of the BSD Unix operating system as part of the rlogin package on 4.2BSD in 1983. rsh has since been ported to other operating systems. rsh is mostly replaced by a more secured protocol called Secure Shell protocol(SSH) in today's environment.

Runas
Runas is a Microsoft Windows command that allows a user to run an application using different credentials from those used for the current logon session.

Rwho
Rwho is a UNIX command for displaying information about users who has logged on to a remote host.