Help Index > Security Information and Advisories

Computer and Network Security

Glossary of terms you should know

Access Control List - (ACL) A security service that provides protection of system resources against unauthorized access. The two basic mechanisms for implementing this service are ACLs and tickets.

Access Management - Access management is the maintenance of access information which consists of four basic tasks: account administration, maintenance, monitoring, and revocation.

Adware - Internet jargon for Advertising Supported software. It is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don't have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them, by paying the regular licensing fee. (Source: spychecker.com)

Auditing - Auditing is the information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.

AV - Scanner Antivirus scanner or program.

Backbone - A high-speed line or series of connections that forms a major pathway within a network. The term is relative as a backbone in a small network will likely be much smaller than many non-backbone lines in a large network.

Backdoor Trojans - Programs that hide on your computer, trying to evade detection while they perform unauthorized actions.

Cookie - The most common meaning of "Cookie" on the Internet refers to a piece of information sent by a Web Server to a Web Browser that the Browser software is expected to save and to send back to the Server whenever the browser makes additional requests from the Server.

Depending on the type of Cookie used, and the Browsers' settings, the Browser may accept or not accept the Cookie, and may save the Cookie for either a short time or a long time.

Cookies might contain information such as login or registration information, online "shopping cart" information, user preferences, etc.

When a Server receives a request from a Browser that includes a Cookie, the Server is able to use the information stored in the Cookie. For example, the Server might customize what is sent back to the user, or keep a log of particular users' requests.

Cookies are usually set to expire after a predetermined amount of time and are usually saved in memory until the Browser software is closed down, at which time they may be saved to disk if their "expire time" has not been reached.

Cookies do not read your hard drive and send your life story to the CIA, but they can be used to gather more information about a user than would be possible without them.

Custodian - (see Information Systems Security and Computer Usage Policy)

Customer/Client - (see Information Systems Security and Computer Usage Policy)

Domain Name - The unique name that identifies an Internet site. Domain Names always have 2 or more parts, separated by dots. The part on the left is the most specific, and the part on the right is the most general.

• mcg.edu
• msn.com
• whitehouse.gov
• sans.org

Usually, all of the machines on a given network will have the same thing as the right-hand portion of their Domain Names.  It is also possible for a Domain Name to exist but not be connected to an actual machine. This is often done so that a group or business can have an Internet e-mail address without having to establish a real Internet site. In these cases, some real Internet machine must handle the mail on behalf of the listed Domain Name.

Domain Name System (DNS) - The unique name of a collection of computers connected to a network such as the Internet. A replicated, distributed data query service for looking up host IP addresses based on host names. The DNS is hierarchical, consisting of domains, subdomains, sites, and hosts. Unique names are formed from smallest to largest, and are of the form user@host.site.subdomain.domain, where host and site are often optional. On the Internet, domain names typically end with a suffix denoting the type of site:

• .com (commercial)
• .edu (educational)
• .net (network operations)
• .gov(US government)
• .mil (US military)
• .org (organization)
• .us (United States)
• .ca (Canada)
• .uk (United Kingdom)
• .au (Australia
• .cz (Czech Republic)
• .xx(where xx refers to another country's two-letter abbreviation)

Encryption - the translation of data into a secret code – obscuring information – to make it unreadable without special knowledge (i.e. a secret key or password) that enables you to decrypt it. Encryption is the most effective way to achieve data security and confidential communication. Unencrypted data is called plain text; encrypted data is referred to as cipher text.

Electronic Data - Information (i.e. text or graphic) that is transmitted or maintained in electronic media.   

Firewall - A combination of hardware and software that separates a Network into two or more parts for security purposes.

Flame - Originally, "flame" meant to carry forth in a passionate manner in the spirit of honorable debate. Flames most often involved the use of flowery language and flaming well was an art form. More recently flame has come to refer to any kind of derogatory comment no matter how witless or crude.

Gateway - The technical meaning is a hardware or software set-up that translates between two dissimilar protocols, for example America Online has a gateway that translates between its internal, proprietary e-mail format and Internet e-mail format. Another, sloppier meaning of gateway is to describe any mechanism for providing access to another system, e.g. AOL might be called a gateway to the Internet.

Hacker - While this term originally referred to a clever or expert programmer, it is now more commonly used to refer to someone who can gain unauthorized access to other computers. A hacker can "hack" his or her way through the security levels of a computer system or network. This can be as simple as figuring out somebody else's password or as complex as writing a custom program to break another computer's security software. Hackers are the reason software manufacturers release periodic "security updates" to their programs. While it is unlikely that the average person will get "hacked," some large businesses and organizations receive multiple hacking attempts a day.

IMAP  - IMAP is gradually replacing POP as the main protocol used by e-mail clients in communicating with e-mail servers.

Using IMAP an e-mail client program can not only retrieve e-mail but can also manipulate message stored on the server, without having to actually retrieve the messages. So messages can be deleted, have their status changed, multiple mail boxes can be managed, etc.

IMAP is defined in RFC 2060

Internet - A global network connecting millions of computers and technology devices.

Internet Service Provider - A company that provides other companies or individuals with access to, or a presence on, the Internet (e.g. Comcast, Knology, Bellsouth, Peachnet, etc).

Intranet - A network of computers and servers maintained within an organization or company, and not generally accessible to those outside the organization.  The MCG campus network would be considered an Intranet because there are defined limits to the services under its auspices.

Key Loggers - Programs that record mouse clicks, keystrokes, and sometimes screen shots of your computer activity.

Limited Data (as it relates to PHI) - The following direct identifiers must be removed for Protected Health Information to qualify as a limited data set:

1. names
2. postal address information, other than town or city, state, and ZIP code
3. telephone numbers
4. fax numbers
5. e-mail addresses
6. social security numbers
7. medical record numbers
8. health plan beneficiary numbers
9. account numbers
10. certificate or license numbers
11. vehicle identifiers and license plate numbers
12. device identifiers and serial numbers
13. URLs
14. IP addresses
15. biometric identifiers
16. full-face photographs and any comparable images.

Malicious Code  - Any computer code that can do damage or negatively impact a computer.

Natural Responsibility - As it applies to the MCG Information Systems Security and Computer Usage, "Natural Responsibility" has to do with system and/or data ownership. The system "owner" will most often NOT be the person who maintains and administers the system or data, but the one that is "naturally" responsible. For example: a researcher (principle investigator) will be the owner of research data and systems that fall under the area of his/her grant. The Chief Information Officer is the person "naturally responsible" for systems that are part of the Intranet.

Phishing ¡(v.) Pronounced “fishing,” - the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user’s account was about to be suspended unless he clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay’s site to update their account information.

By spamming large groups of people, the “phisher” counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately. Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

POP - Post Office Protocol refers to a way that e-mail client software such as Eudora gets mail from a mail server. When you obtain an account from an Internet Service Provider (ISP) you almost always get a POP account with it, and it is this POP account that you tell your e-mail software to use to get your mail. Another protocol called IMAP is replacing POP for e-mail.

Protected Health Information (PHI) - The following identifiers of the individual or of relatives, employers, or household members of the individual is considered to be PHI:

1. Names
2. all geographic subdivisions smaller than a state, except for the initial three digits of the ZIP code if the geographic unit formed by combining all ZIP codes with the same three initial digits contains more than 20,000 people
3. all elements of dates except year, and all ages over 89 or elements indicative of such age
4. telephone numbers
5. fax numbers
6. e-mail addresses
7. social security numbers
8. medical record numbers
9. health plan beneficiary numbers
10. account numbers
11. certificate or license numbers
12. vehicle identifiers and license plate numbers
13. device identifiers and serial numbers
14. URLs
15. IP addresses
16. biometric identifiers
17. full-face photographs and any comparable images
18. any other unique, identifying characteristic or code, except as permitted for re-identification in the Privacy Rule.

Proxy Server - Most large businesses, organizations, and universities these days use a proxy server. This is a server that all computers on the local network have to go through before accessing information on the Internet. By using a proxy server, an organization can improve the network performance and filter what users connected to the network can access.

A proxy server improves Internet access speeds from a network primarily by using a caching system. Caching saves recently viewed Web sites, images, and files on a local hard drive so that they don't have to be downloaded from the Web again. While your Web browser might save recently viewed items on your computer, a proxy server caches everything accessed from the network.

The other main purpose a proxy server is to filter what is allowed into the network. While HTTP, FTP, and Secure protocols can all be filtered by a proxy server, HTTP is the most common. The proxy server can limit what Web sites users on the network can access. Many organizations choose to block access to sites with objectionable material such as hacking information and pornography, but other sites can be filtered as well. If an employer notices workers are spending too much time at sites like eBay or Quicken.com, those sites can be blocked by the proxy server as well.

Public Access Computer - A public access machine is any machine that allows access to resources on the machine without requiring unique user authentication. Examples include, but not limited to, public stations in libraries and classroom computers.

Remote Connection - Connecting to the Intranet from an Internet connection.  Example: Connecting to the MCG internal network from a residence or hotel.

Resource Owner - (see Information Systems Security and Computer Usage Policy)

Sensitive Information - Defined as: non-public data (i.e. medical record or educational data) or personal/corporate information that can be harvested and used for identity theft or criminal use.

Server - A computer or device on a network that manages network resources by sending files to, or running applications for, other computers on the network; the software that runs on the server computer and performs the work of serving files or running applications; or, in object-oriented programming, a piece of code that exchanges information with another piece of code upon request.

For example, a file server is a computer and storage device dedicated to storing files. Any user on the network can store files on the server. A print server is a computer that manages one or more printers, and a network server is a computer that manages network traffic. A database server is a computer system that processes database queries.

Servers are often dedicated, meaning that they perform no other tasks besides their server tasks. On multiprocessing operating systems, however, a single computer can execute several programs at once. A server in this case could refer to the program that is managing resources rather than the entire computer.

SMTP  - engine an e-mail program that can send files without using programs installed on your computer.

Spam - An inappropriate attempt to use a mailing list, or USENET or other networked communications facility as if it was a broadcast medium (which it is not) by sending the same message to a large number of people who didn?t ask for it. The term probably comes from a famous Monty Python skit which featured the word spam repeated over and over. The term may also have come from someone?s low opinion of the food product with the same name, which is generally perceived as a generic content-free waste of resources. (Spam® is a registered trademark of Hormel Corporation, for its processed meat product.)

Spyware - (sometimes called adware, snoopware or sneakware) is software that secretly gathers information about a user and relays that information to another party over the Internet. In many cases, users unknowingly install spyware when they download freeware or shareware, even though references -- often obscure -- to spyware might be included in the program's end-user agreement. In other instances, spyware programs are automatically installed when a user simply views an HTML e-mail or visits a certain Web page. At its mildest, spyware is a simple tool used by advertisers to track users' Web-surfing preferences. At its worst, spyware is used to monitor keystrokes, scan files, install additional spyware, reconfigure Web browsers, snoop e-mail and other applications, and more. Some of today's spyware can even capture screenshots or turn on webcams. Source: Computerworld

Stored electronic data - data that is kept on magnetic media (i.e. hard drive, tape, floppy disk, USB portable storage drive, zip disk, network drive, etc).

Strong Password - A password that is at least 8 characters long with a combination of letters and numbers/symbols (e.g. using the phrase “a new one for you,” the password would be “an3w14u.”

Transmitted electronic data - data that is transferred from storage medium to storage medium.  For example: A document sent via e-mail is transmitted when it is sent.  It is stored once the document is received by the recipient's e-mail system.

Trojan Horse - A computer program is either hidden inside another program or that masquerades as something it is not in order to trick potential users into running it. For example a program that appears to be a game or image file but in reality performs some other function. The term "Trojan Horse" comes from a possibly mythical ruse of war used by the Greeks sometime between 1500 and 1200 B.C.

A Trojan Horse computer program may spread itself by sending copies of itself from the host computer to other computers, but unlike a virus it will (usually) not infect other programs.

Virus - A program that infects a computer and modifies other programs.

Virus Definitions - database of known viruses

VPN - (Virtual Private Network Usually refers to a network in which some of the parts are connected using the public Internet, but the data sent across the Internet is encrypted, so the entire network is "virtually" private.

Vulnerability - Any mistake or feature set that gives the hacker or virus unauthorized access to the computer.

Workstation - A computer either stand alone or on a network that may request and use a service or services provided by another system entity. Laptops are defined as workstations and are included in this definition.

Worm - A type of virus that can spread without infecting a specific program or file.