tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 4949


Internet Security Glossary, Version 2

Part 6 of 13, p. 131 to 160
Prev RFC Part       Next RFC Part


prevText      Top      Up      ToC       Page 131 
   $ firmware
      (I) Computer programs and data stored in hardware -- typically in
      read-only memory (ROM) or programmable read-only memory (PROM) --
      such that the programs and data cannot be dynamically written or
      modified during execution of the programs. (See: hardware,

   $ FIRST
      (N) See: Forum of Incident Response and Security Teams.

   $ flaw
      1. (I) An error in the design, implementation, or operation of an
      information system. A flaw may result in a vulnerability.
      (Compare: vulnerability.)

      2. (D) "An error of commission, omission, or oversight in a system
      that allows protection mechanisms to be bypassed." [NCSSG]
      (Compare: vulnerability. See: brain-damaged.)

      Deprecated Definition: IDOCs SHOULD NOT use this term with
      definition 2; not every flaw is a vulnerability.

   $ flaw hypothesis methodology
      (I) An evaluation or attack technique in which specifications and
      documentation for a system are analyzed to hypothesize flaws in
      the system. The list of hypothetical flaws is prioritized on the
      basis of the estimated probability that a flaw exists and,
      assuming it does, on the ease of exploiting it and the extent of
      control or compromise it would provide. The prioritized list is
      used to direct a penetration test or attack against the system.
      [NCS04] (See: fault tree, flaw.)

   $ flooding
      1. (I) An attack that attempts to cause a failure in a system by
      providing more input than the system can process properly. (See:
      denial of service, fairness. Compare: jamming.)

      Tutorial: Flooding uses "overload" as a type of "obstruction"
      intended to cause "disruption".

      2. (I) The process of delivering data or control messages to every
      node of a network. (RFC 3753)

   $ flow analysis
      (I) An analysis performed on a nonprocedural, formal, system
      specification that locates potential flows of information between
      system variables. By assigning security levels to the variables,
      the analysis can find some types of covert channels. [Huff]

Top      Up      ToC       Page 132 
   $ flow control
      1. (I) /data security/ A procedure or technique to ensure that
      information transfers within a system are not made from one
      security level to another security level, and especially not from
      a higher level to a lower level. [Denns] (See: covert channel,
      confinement property, information flow policy, simple security

      2. (O) /data security/ "A concept requiring that information
      transfers within a system be controlled so that information in
      certain types of objects cannot, via any channel within the
      system, flow to certain other types of objects." [NCSSG]

   $ For Official Use Only (FOUO)
      (O) /U.S. DoD/ A U.S. Government designation for information that
      has not been given a security classification pursuant to the
      criteria of an Executive Order dealing with national security, but
      which may be withheld from the public because disclosure would
      cause a foreseeable harm to an interest protected by one of the
      exemptions stated in the Freedom of Information Act (Section 552
      of title 5, United States Code). (See: security label, security
      marking. Compare: classified.)

   $ formal
      (I) Expressed in a restricted syntax language with defined
      semantics based on well-established mathematical concepts. [CCIB]
      (Compare: informal, semiformal.)

   $ formal access approval
      (O) /U.S. Government/ Documented approval by a data owner to allow
      access to a particular category of information in a system. (See:

   $ Formal Development Methodology
      (O) See: Ina Jo.

   $ formal model
      (I) A security model that is formal. Example: Bell-LaPadula model.
      [Land] (See: formal, security model.)

   $ formal proof
      (I) "A complete and convincing mathematical argument, presenting
      the full logical justification for each step in the proof, for the
      truth of a theorem or set of theorems." [NCSSG]

   $ formal specification
      (I) A precise description of the (intended) behavior of a system,
      usually written in a mathematical language, sometimes for the

Top      Up      ToC       Page 133 
      purpose of supporting formal verification through a correctness
      proof. [Huff] (See: Affirm, Gypsy, HDM, Ina Jo.) (See: formal.)

      Tutorial: A formal specification can be written at any level of
      detail but is usually a top-level specification.

   $ formal top-level specification
      (I) "A top-level specification that is written in a formal
      mathematical language to allow theorems showing the correspondence
      of the system specification to its formal requirements to be
      hypothesized and formally proven." [NCS04] (See: formal

   $ formulary
      (I) A technique for enabling a decision to grant or deny access to
      be made dynamically at the time the access is attempted, rather
      than earlier when an access control list or ticket is created.

   $ FORTEZZA(trademark)
      (O) A registered trademark of NSA, used for a family of
      interoperable security products that implement a NIST/NSA-approved
      suite of cryptographic algorithms for digital signature, hash,
      encryption, and key exchange. The products include a PC card
      (which contains a CAPSTONE chip), and compatible serial port
      modems, server boards, and software implementations.

   $ Forum of Incident Response and Security Teams (FIRST)
      (N) An international consortium of CSIRTs (e.g., CIAC) that work
      together to handle computer security incidents and promote
      preventive activities. (See: CSIRT, security incident.)

      Tutorial: FIRST was founded in 1990 and, as of July 2004, had more
      than 100 members spanning the globe. Its mission includes:
      -  Provide members with technical information, tools, methods,
         assistance, and guidance.
      -  Coordinate proactive liaison activities and analytical support.
      -  Encourage development of quality products and services.
      -  Improve national and international information security for
         governments, private industry, academia, and the individual.
      -  Enhance the image and status of the CSIRT community.

   $ forward secrecy
      (I) See: perfect forward secrecy.

   $ FOUO
      (O) See: For Official Use Only.

Top      Up      ToC       Page 134 
   $ FPKI
      (O) See: Federal Public-Key Infrastructure.

   $ fraggle attack
      (D) /slang/ A synonym for "smurf attack".

      Deprecated Term: It is likely that other cultures use different
      metaphors for this concept. Therefore, to avoid international
      misunderstanding, IDOCs SHOULD NOT use this term.

      Derivation: The Fraggles are a fictional race of small humanoids
      (represented as hand puppets in a children's television series,
      "Fraggle Rock") that live underground.

   $ frequency hopping
      (N) Repeated switching of frequencies during radio transmission
      according to a specified algorithm. [C4009] (See: spread

      Tutorial: Frequency hopping is a TRANSEC technique to minimize the
      potential for unauthorized interception or jamming.

   $ fresh
      (I) Recently generated; not replayed from some earlier interaction
      of the protocol.

      Usage: Describes data contained in a PDU that is received and
      processed for the first time. (See: liveness, nonce, replay

   $ FTP
      (I) See: File Transfer Protocol.

   $ gateway
      (I) An intermediate system (interface, relay) that attaches to two
      (or more) computer networks that have similar functions but
      dissimilar implementations and that enables either one-way or two-
      way communication between the networks. (See: bridge, firewall,
      guard, internetwork, proxy server, router, and subnetwork.)

      Tutorial: The networks may differ in any of several aspects,
      including protocols and security mechanisms. When two computer
      networks differ in the protocol by which they offer service to
      hosts, a gateway may translate one protocol into the other or
      otherwise facilitate interoperation of hosts (see: Internet
      Protocol). In theory, gateways between computer networks are
      conceivable at any OSIRM layer. In practice, they usually operate

Top      Up      ToC       Page 135 
      at OSIRM Layer 2 (see: bridge), 3 (see: router), or 7 (see: proxy

   $ GCA
      (O) See: geopolitical certificate authority.

   $ GDOI
      (O) See: Group Domain of Interpretation.

   $ GeldKarte
      (O) A smartcard-based, electronic money system that is maintained
      by the German banking industry, incorporates cryptography, and can
      be used to make payments via the Internet. (See: IOTP.)

   $ GeneralizedTime
      (N) The ASN.1 data type "GeneralizedTime" (ISO 8601) contains a
      calendar date (YYYYMMDD) and a time of day, which is either (a)
      the local time, (b) the Coordinated Universal Time, or (c) both
      the local time and an offset that enables Coordinated Universal
      Time to be calculated. (See: Coordinated Universal Time. Compare:

   $ Generic Security Service Application Program Interface (GSS-API)
      (I) An Internet Standard protocol [R2743] that specifies calling
      conventions by which an application (typically another
      communication protocol) can obtain authentication, integrity, and
      confidentiality security services independently of the underlying
      security mechanisms and technologies, thus enabling the
      application source code to be ported to different environments.
      (Compare: EAP, SASL.)

      Tutorial: "A GSS-API caller accepts tokens provided to it by its
      local GSS-API implementation and transfers the tokens to a peer on
      a remote system; that peer passes the received tokens to its local
      GSS-API implementation for processing. The security services
      available through GSS-API in this fashion are implementable (and
      have been implemented) over a range of underlying mechanisms based
      on [symmetric] and [asymmetric cryptography]." [R2743]

   $ geopolitical certificate authority (GCA)
      (O) /SET/ In a SET certification hierarchy, an optional level that
      is certified by a BCA and that may certify cardholder CAs,
      merchant CAs, and payment gateway CAs. Using GCAs enables a brand
      to distribute responsibility for managing certificates to
      geographic or political regions, so that brand policies can vary
      between regions as needed.

Top      Up      ToC       Page 136 
   $ GIG
      (O) See: Global Information Grid.

   $ Global Information Grid (GIG)
      (O) /U.S. DoD/ The GIG is "a globally interconnected, end-to-end
      set of information capabilities, associated processes and
      personnel for collecting, processing, storing, disseminating, and
      managing information on demand to war fighters, policy makers, and
      support personnel." [IATF] Usage: Formerly referred to as the DII.

   $ good engineering practice(s)
      (N) A term used to specify or characterize design, implementation,
      installation, or operating practices for an information system,
      when a more explicit specification is not possible. Generally
      understood to refer to the state of the engineering art for
      commercial systems that have problems and solutions equivalent to
      the system in question.

   $ granularity
      1. (N) /access control/ Relative fineness to which an access
      control mechanism can be adjusted.

      2. (N) /data security/ "The size of the smallest protectable unit
      of information" in a trusted system. [Huff]

   $ Green Book
      (D) /slang/ Synonym for "Defense Password Management Guideline"

      Deprecated Term: Except as an explanatory appositive, IDOCs SHOULD
      NOT use this term, regardless of the associated definition.
      Instead, use the full proper name of the document or, in
      subsequent references, a conventional abbreviation. (See: Rainbow

      Deprecated Usage: To improve international comprehensibility of
      Internet Standards and the Internet Standards Process, IDOCs
      SHOULD NOT use "cute" synonyms. No matter how clearly understood
      or popular a nickname may be in one community, it is likely to
      cause confusion or offense in others. For example, several other
      information system standards also are called "the Green Book"; the
      following are some examples:
      -  Each volume of 1992 ITU-T (known at that time as CCITT)
      -  "PostScript Language Program Design", Adobe Systems, Addison-
         Wesley, 1988.
      -  IEEE 1003.1 POSIX Operating Systems Interface.

Top      Up      ToC       Page 137 
      -  "Smalltalk-80: Bits of History, Words of Advice", Glenn
         Krasner, Addison-Wesley, 1983.
      -  "X/Open Compatibility Guide".
      -  A particular CD-ROM format developed by Phillips.

   $ Group Domain of Interpretation (GDOI)
      (I) An ISAKMP/IKE domain of interpretation for group key
      management; i.e., a phase 2 protocol in ISAKMP. [R3547] (See:
      secure multicast.)

      Tutorial: In this group key management model that extends the
      ISAKMP standard, the protocol is run between a group member and a
      "group controller/key server", which establishes security
      associations [R4301] among authorized group members. The GDOI
      protocol is itself protected by an ISAKMP phase 1 association.

      For example, multicast applications may use ESP to protect their
      data traffic. GDOI carries the needed security association
      parameters for ESP. In this way, GDOI supports multicast ESP with
      group authentication of ESP packets using a shared, group key.

   $ group identity
      (I) See: secondary definition under "identity".

   $ group security association
      (I) "A bundling of [security associations] (SAs) that together
      define how a group communicates securely. The [group SA] may
      include a registration protocol SA, a rekey protocol SA, and one
      or more data security protocol SAs." [R3740]

   $ GSS-API
      (I) See: Generic Security Service Application Program Interface.

   $ guard
      (I) A computer system that (a) acts as gateway between two
      information systems operating under different security policies
      and (b) is trusted to mediate information data transfers between
      the two. (See: controlled interface, cross-domain solution,
      domain, filter. Compare: firewall.)

      Usage: Frequently understood to mean that one system is operating
      at a higher security level than the other, and that the gateway's
      purpose is to prevent unauthorized disclosure of data from the
      higher system to the lower. However, the purpose might also be to
      protect the data integrity, availability, or general system
      integrity of one system from threats posed by connecting to the
      other system. The mediation may be entirely automated or may
      involve "reliable human review".

Top      Up      ToC       Page 138 
   $ guest login
      (I) See: anonymous login.

   $ GULS
      (I) Generic Upper Layer Security service element (ISO 11586), a
      five-part standard for the exchange of security information and
      security-transformation functions that protect confidentiality and
      integrity of application data.

   $ Gypsy verification environment
      (O) A methodology, language, and integrated set of software tools
      developed at the University of Texas for specifying, coding, and
      verifying software to produce correct and reliable programs.

   $ H field
      (D) See: Deprecated Usage under "Handling Restrictions field".

   $ hack
      1a. (I) /verb/ To work on something, especially to program a
      computer. (See: hacker.)

      1b. (I) /verb/ To do some kind of mischief, especially to play a
      prank on, or penetrate, a system. (See: hacker, cracker.)

      2. (I) /noun/ An item of completed work, or a solution for a
      problem, that is non-generalizable, i.e., is very specific to the
      application area or problem being solved.

      Tutorial: Often, the application area or problem involves computer
      programming or other use of a computer. Characterizing something
      as a hack can be a compliment, such as when the solution is
      minimal and elegant; or it can be derogatory, such as when the
      solution fixes the problem but leaves the system in an
      unmaintainable state.

      See [Raym] for several other meanings of this term and also
      definitions of several derivative terms.

   $ hacker
      1. (I) Someone with a strong interest in computers, who enjoys
      learning about them, programming them, and experimenting and
      otherwise working with them. (See: hack. Compare: adversary,
      cracker, intruder.)

      Usage: This first definition is the original meaning of the term
      (circa 1960); it then had a neutral or positive connotation of
      "someone who figures things out and makes something cool happen".

Top      Up      ToC       Page 139 
      2. (O) "An individual who spends an inordinate amount of time
      working on computer systems for other than professional purposes."

      3. (D) Synonym for "cracker".

      Deprecated Usage: Today, the term is frequently (mis)used
      (especially by journalists) with definition 3.

   $ handle
      1. (I) /verb/ Perform processing operations on data, such as
      receive and transmit, collect and disseminate, create and delete,
      store and retrieve, read and write, and compare. (See: access.)

      2. (I) /noun/ An online pseudonym, particularly one used by a
      cracker; derived from citizens' band radio culture.

   $ handling restriction
      (I) A type of access control other than (a) the rule-based
      protections of mandatory access control and (b) the identity-based
      protections of discretionary access control; usually involves
      administrative security.

   $ Handling Restrictions field
      (I) A 16-bit field that specifies a control and release marking in
      the security option (option type 130) of IP's datagram header
      format. The valid field values are alphanumeric digraphs assigned
      by the U.S. Government, as specified in RFC 791.

      Deprecated Abbreviation: IDOCs SHOULD NOT use the abbreviation "H
      field" because it is potentially ambiguous. Instead, use "Handling
      Restrictions field".

   $ handshake
      (I) Protocol dialogue between two systems for identifying and
      authenticating themselves to each other, or for synchronizing
      their operations with each other.

   $ Handshake Protocol
      (I) /TLS/ The TLS Handshake Protocol consists of three parts
      (i.e., subprotocols) that enable peer entities to agree upon
      security parameters for the record layer, authenticate themselves
      to each other, instantiate negotiated security parameters, and
      report error conditions to each other. [R4346]

Top      Up      ToC       Page 140 
   $ harden
      (I) To protect a system by configuring it to operate in a way that
      eliminates or mitigates known vulnerabilities. Example: [RSCG].
      (See: default account.)

   $ hardware
      (I) The material physical components of an information system.
      (See: firmware, software.)

   $ hardware error
      (I) /threat action/ See: secondary definitions under "corruption",
      "exposure", and "incapacitation".

   $ hardware token
      See: token.

   $ hash code
      (D) Synonym for "hash result" or "hash function".

      Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts
      in a potentially misleading way. A hash result is not a "code",
      and a hash function does not "encode" in any sense defined by this
      glossary. (See: hash value, message digest.)

   $ hash function
      1. (I) A function H that maps an arbitrary, variable-length bit
      string, s, into a fixed-length string, h = H(s) (called the "hash
      result"). For most computing applications, it is desirable that
      given a string s with H(s) = h, any change to s that creates a
      different string s' will result in an unpredictable hash result
      H(s') that is, with high probability, not equal to H(s).

      2. (O) "A (mathematical) function which maps values from a large
      (possibly very large) domain into a smaller range. A 'good' hash
      function is such that the results of applying the function to a
      (large) set of values in the domain will be evenly distributed
      (and apparently at random) over the range." [X509]

      Tutorial: A hash function operates on variable-length input (e.g.,
      a message or a file) and outputs a fixed-length output, which
      typically is much shorter than most input values. If the algorithm
      is "good" as described in the "O" definition, then the hash
      function may be a candidate for use in a security mechanism to
      detect accidental changes in data, but not necessarily for a
      mechanism to detect changes made by active wiretapping. (See:
      Tutorial under "checksum".)

Top      Up      ToC       Page 141 
      Security mechanisms require a "cryptographic hash function" (e.g.,
      MD2, MD4, MD5, SHA-1, Snefru), i.e., a good hash function that
      also has the one-way property and one of the two collision-free
      -  "One-way property": Given H and a hash result h = H(s), it is
         hard (i.e., computationally infeasible, "impossible") to find
         s. (Of course, given H and an input s, it must be relatively
         easy to compute the hash result H(s).)
      -  "Weakly collision-free property": Given H and an input s, it is
         hard (i.e., computationally infeasible, "impossible") to find a
         different input, s', such that H(s) = H(s').
      -  "Strongly collision-free property": Given H, it is hard to find
         any pair of inputs s and s' such that H(s) = H(s').

      If H produces a hash result N bits long, then to find an s' where
      H(s') = H(s) for a specific given s, the amount of computation
      required is O(2**n); i.e., it is necessary to try on the order of
      2 to the power n values of s' before finding a collision. However,
      to simply find any pair of values s and s' that collide, the
      amount of computation required is only O(2**(n/2)); i.e., after
      computing H(s) for 2 to the power n/2 randomly chosen values of s,
      the probability is greater than 1/2 that two of those values have
      the same hash result. (See: birthday attack.)

   $ hash result
      1. (I) The output of a hash function. (See: hash code, hash value.
      Compare: hash value.)

      2. (O) "The output produced by a hash function upon processing a
      message" (where "message" is broadly defined as "a digital
      representation of data"). [DSG]

      Usage: IDOCs SHOULD avoid the unusual usage of "message" that is
      seen in the "O" definition.

   $ hash value
      (D) Synonym for "hash result".

      Deprecated Term: IDOCs SHOULD NOT use this term for the output of
      a hash function; the term could easily be confused with "hashed
      value", which means the input to a hash function. (See: hash code,
      hash result, message digest.)

   $ HDM
      (O) See: Hierarchical Development Methodology.

Top      Up      ToC       Page 142 
   $ Hierarchical Development Methodology (HDM)
      (O) A methodology, language, and integrated set of software tools
      developed at SRI International for specifying, coding, and
      verifying software to produce correct and reliable programs.

   $ hierarchical PKI
      (I) A PKI architecture based on a certification hierarchy.
      (Compare: mesh PKI, trust-file PKI.)

   $ hierarchy management
      (I) The process of generating configuration data and issuing
      public-key certificates to build and operate a certification
      hierarchy. (See: certificate management.)

   $ hierarchy of trust
      (D) Synonym for "certification hierarchy".

      Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts
      in a potentially misleading way. (See: certification hierarchy,
      trust, web of trust.)

   $ high-assurance guard
      (O) "An oxymoron," said Lt. Gen. William H. Campbell, former U.S.
      Army chief information officer, speaking at an Armed Forces
      Communications and Electronics Association conference.

      Usage: IDOCs that use this term SHOULD state a definition for it
      because the term mixes concepts and could easily be misunderstood.

   $ hijack attack
      (I) A form of active wiretapping in which the attacker seizes
      control of a previously established communication association.
      (See: man-in-the-middle attack, pagejacking, piggyback attack.)

   $ HIPAA
      (N) Health Information Portability and Accountability Act of 1996,
      a U.S. law (Public Law 104-191) that is intended to protect the
      privacy of patients' medical records and other health information
      in all forms, and mandates security for that information,
      including for its electronic storage and transmission.

   $ HMAC
      (I) A keyed hash [R2104] that can be based on any iterated
      cryptographic hash (e.g., MD5 or SHA-1), so that the cryptographic
      strength of HMAC depends on the properties of the selected
      cryptographic hash. (See: [R2202, R2403, R2404].)

Top      Up      ToC       Page 143 
      Derivation: Hash-based MAC. (Compare: CMAC.)

      Tutorial: Assume that H is a generic cryptographic hash in which a
      function is iterated on data blocks of length B bytes. L is the
      length of the of hash result of H. K is a secret key of length L
      <= K <= B. The values IPAD and OPAD are fixed strings used as
      inner and outer padding and defined as follows: IPAD = the byte
      0x36 repeated B times, and OPAD = the byte 0x5C repeated B times.
      HMAC is computed by H(K XOR OPAD, H(K XOR IPAD, inputdata)).

      HMAC has the following goals:
      -  To use available cryptographic hash functions without
         modification, particularly functions that perform well in
         software and for which software is freely and widely available.
      -  To preserve the original performance of the selected hash
         without significant degradation.
      -  To use and handle keys in a simple way.
      -  To have a well-understood cryptographic analysis of the
         strength of the mechanism based on reasonable assumptions about
         the underlying hash function.
      -  To enable easy replacement of the hash function in case a
         faster or stronger hash is found or required.

   $ honey pot
      (N) A system (e.g., a web server) or system resource (e.g., a file
      on a server) that is designed to be attractive to potential
      crackers and intruders, like honey is attractive to bears. (See:

      Usage: It is likely that other cultures use different metaphors
      for this concept. Therefore, to avoid international
      misunderstanding, an IDOC SHOULD NOT use this term without
      providing a definition for it. (See: Deprecated Usage under "Green

   $ host
      1. (I) /general/ A computer that is attached to a communication
      subnetwork or internetwork and can use services provided by the
      network to exchange data with other attached systems. (See: end
      system. Compare: server.)

      2. (I) /IPS/ A networked computer that does not forward IP packets
      that are not addressed to the computer itself. (Compare: router.)

      Derivation: As viewed by its users, a host "entertains" them,
      providing Application-Layer services or access to other computers
      attached to the network. However, even though some traditional
      peripheral service devices, such as printers, can now be

Top      Up      ToC       Page 144 
      independently connected to networks, they are not usually called

   $ HTML
      (I) See: Hypertext Markup Language.

   $ HTTP
      (I) See: Hypertext Transfer Protocol.

   $ https
      (I) When used in the first part of a URL (the part that precedes
      the colon and specifies an access scheme or protocol), this term
      specifies the use of HTTP enhanced by a security mechanism, which
      is usually SSL. (Compare: S-HTTP.)

   $ human error
      (I) /threat action/ See: secondary definitions under "corruption",
      "exposure", and "incapacitation".

   $ hybrid encryption
      (I) An application of cryptography that combines two or more
      encryption algorithms, particularly a combination of symmetric and
      asymmetric encryption. Examples: digital envelope, MSP, PEM, PGP.
      (Compare: superencryption.)

      Tutorial: Asymmetric algorithms require more computation than
      equivalently strong symmetric ones. Thus, asymmetric encryption is
      not normally used for data confidentiality except to distribute a
      symmetric key in a hybrid encryption scheme, where the symmetric
      key is usually very short (in terms of bits) compared to the data
      file it protects. (See: bulk key.)

   $ hyperlink
      (I) In hypertext or hypermedia, an information object (such as a
      word, a phrase, or an image, which usually is highlighted by color
      or underscoring) that points (i.e., indicates how to connect) to
      related information that is located elsewhere and can be retrieved
      by activating the link (e.g., by selecting the object with a mouse
      pointer and then clicking).

   $ hypermedia
      (I) A generalization of hypertext; any media that contain
      hyperlinks that point to material in the same or another data

Top      Up      ToC       Page 145 
   $ hypertext
      (I) A computer document, or part of a document, that contains
      hyperlinks to other documents; i.e., text that contains active
      pointers to other text. Usually written in HTML and accessed using
      a web browser. (See: hypermedia.)

   $ Hypertext Markup Language (HTML)
      (I) A platform-independent system of syntax and semantics (RFC
      1866) for adding characters to data files (particularly text
      files) to represent the data's structure and to point to related
      data, thus creating hypertext for use in the World Wide Web and
      other applications. (Compare: XML.)

   $ Hypertext Transfer Protocol (HTTP)
      (I) A TCP-based, Application-Layer, client-server, Internet
      protocol (RFC 2616) that is used to carry data requests and
      responses in the World Wide Web. (See: hypertext.)

   $ IAB
      (I) See: Internet Architecture Board.

   $ IANA
      (I) See: Internet Assigned Numbers Authority.

   $ IATF
      (O) See: Information Assurance Technical Framework.

   $ ICANN
      (I) See: Internet Corporation for Assigned Names and Numbers.

   $ ICMP
      (I) See: Internet Control Message Protocol.

   $ ICMP flood
      (I) A denial-of-service attack that sends a host more ICMP echo
      request ("ping") packets than the protocol implementation can
      handle. (See: flooding, smurf.)

   $ ICRL
      (N) See: indirect certificate revocation list.

   $ IDEA
      (N) See: International Data Encryption Algorithm.

   $ identification
      (I) An act or process that presents an identifier to a system so
      that the system can recognize a system entity and distinguish it
      from other entities. (See: authentication.)

Top      Up      ToC       Page 146 
   $ identification information
      (D) Synonym for "identifier"; synonym for "authentication
      information". (See: authentication, identifying information.)

      Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
      either of those terms; this term (a) is not as precise as they are
      and (b) mixes concepts in a potentially misleading way. Instead,
      use "identifier" or "authentication information", depending on
      what is meant.

   $ Identification Protocol
      (I) A client-server Internet protocol [R1413] for learning the
      identity of a user of a particular TCP connection.

      Tutorial: Given a TCP port number pair, the server returns a
      character string that identifies the owner of that connection on
      the server's system. The protocol does not provide an
      authentication service and is not intended for authorization or
      access control. At best, it provides additional auditing
      information with respect to TCP.

   $ identifier
      (I) A data object -- often, a printable, non-blank character
      string -- that definitively represents a specific identity of a
      system entity, distinguishing that identity from all others.
      (Compare: identity.)

      Tutorial: Identifiers for system entities must be assigned very
      carefully, because authenticated identities are the basis for
      other security services, such as access control service.

   $ identifier credential
      1. (I) See: /authentication/ under "credential".

      2. (D) Synonym for "signature certificate".

      Usage: IDOCs that use this term SHOULD state a definition for it
      because the term is used in many ways and could easily be

   $ identifying information
      (D) Synonym for "identifier"; synonym for "authentication
      information". (See: authentication, identification information.)

      Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
      either of those terms; this term (a) is not as precise as they are
      and (b) mixes concepts in a potentially misleading way. Instead,

Top      Up      ToC       Page 147 
      use "identifier" or "authentication information", depending on
      what is meant.

   $ identity
      (I) The collective aspect of a set of attribute values (i.e., a
      set of characteristics) by which a system user or other system
      entity is recognizable or known. (See: authenticate, registration.
      Compare: identifier.)

      Usage: An IDOC MAY apply this term to either a single entity or a
      set of entities. If an IDOC involves both meanings, the IDOC
      SHOULD use the following terms and definitions to avoid ambiguity:
      -  "Singular identity": An identity that is registered for an
         entity that is one person or one process.
      -  "Shared identity": An identity that is registered for an entity
         that is a set of singular entities (1) in which each member is
         authorized to assume the identity individually and (2) for
         which the registering system maintains a record of the singular
         entities that comprise the set. In this case, we would expect
         each member entity to be registered with a singular identity
         before becoming associated with the shared identity.
      -  "Group identity": An identity that is registered for an entity
         (1) that is a set of entities (2) for which the registering
         system does not maintain a record of singular entities that
         comprise the set.

      Tutorial: When security services are based on identities, two
      properties are desirable for the set of attributes used to define
      -  The set should be sufficient to distinguish each entity from
         all other entities, i.e., to represent each entity uniquely.
      -  The set should be sufficient to distinguish each identity from
         any other identities of the same entity.

      The second property is needed if a system permits an entity to
      register two or more concurrent identities. Having two or more
      identities for the same entity implies that the entity has two
      separate justifications for registration. In that case, the set of
      attributes used for identities must be sufficient to represent
      multiple identities for a single entity.

      Having two or more identities registered for the same entity is
      different from concurrently associating two different identifiers
      with the same identity, and also is different from a single
      identity concurrently accessing the system in two different roles.
      (See: principal, role-based access control.)

Top      Up      ToC       Page 148 
      When an identity of a user is being registered in a system, the
      system may require presentation of evidence that proves the
      identity's authenticity (i.e., that the user has the right to
      claim or use the identity) and its eligibility (i.e., that the
      identity is qualified to be registered and needs to be

      The following diagram illustrates how this term relates to some
      other terms in a PKI system: authentication information,
      identifier, identifier credential, registration, registered user,
      subscriber, and user.

      Relationships:  === one-to-one, ==> one-to-many, <=> many-to-many.
                  +- - - - - - - - - - - - - - - - - - - - - - - - - - +
                  |                      PKI System                    |
      + - - - - + | +------------------+   +-------------------------+ |
      |  User,  | | |Subscriber, i.e., |   | Identity of Subscriber  | |
      |i.e., one| | | Registered User, |   |    is system-unique     | |
      | of the  | | | is system-unique |   | +---------------------+ | |
      |following| | | +--------------+ |   | |     Subscriber      | | |
      |         | | | | User's core  | |   | |     Identity's      | | |
      | +-----+ |===| | Registration | |==>| |  Registration data  | | |
      | |human| | | | | data, i.e.,  | |   | |+-------------------+| | |
      | |being| | | | | an entity's  | |   | ||  same core data   || | |
      | +-----+ | | | |distinguishing|========|for all Identities || | |
      |   or    | | | |  attribute   | |   | || of the same User  || | |
      | +-----+ | | | |   values     | | +===|+-------------------+| | |
      | |auto-| | | | +--------------+ | | | +---------------------+ | |
      | |mated| | | +------------------+ | +------------|------------+ |
      | |pro- | | |         |    +=======+              |              |
      | |cess | | | +-------v----|----------------------|------------+ |
      | +-----+ | | | +----------v---+     +------------v----------+ | |
      |   or    | | | |Authentication|<===>|Identifier of Identity | | |
      |+-------+| | | | Information  |     |    is system-unique   | | |
      || a set || | | +--------------+     +-----------------------+ | |
      ||  of   || | | Identifier Credential that associates unit of  | |
      || either|| | | Authentication Information with the Identifier | |
      |+-------+| | +------------------------------------------------+ |
      + - - - - + + - - - - - - - - - - - - - - - - - - - - - - - - - -+

   $ identity-based security policy
      (I) "A security policy based on the identities and/or attributes
      of users, a group of users, or entities acting on behalf of the
      users and the resources/objects being accessed." [I7498-2] (See:
      rule-based security policy.)

Top      Up      ToC       Page 149 
   $ identity proofing
      (I) A process that vets and verifies the information that is used
      to establish the identity of a system entity. (See: registration.)

   $ IDOC
      (I) An abbreviation used in this Glossary to refer to a document
      or other item of written material that is generated in the
      Internet Standards Process (RFC 2026), i.e., an RFC, an Internet-
      Draft, or some other item of discourse.

      Deprecated Usage: This abbreviation SHOULD NOT be used in an IDOC
      unless it is first defined in the IDOC because the abbreviation
      was invented for this Glossary and is not widely known.

   $ IDS
      (I) See: intrusion detection system.

   $ IEEE
      (N) See: Institute of Electrical and Electronics Engineers, Inc.

   $ IEEE 802.10
      (N) An IEEE committee developing security standards for LANs.
      (See: SILS.)

   $ IEEE P1363
      (N) An IEEE working group, Standard for Public-Key Cryptography,
      engaged in developing a comprehensive reference standard for
      asymmetric cryptography. Covers discrete logarithm (e.g., DSA),
      elliptic curve, and integer factorization (e.g., RSA); and covers
      key agreement, digital signature, and encryption.

   $ IESG
      (I) See: Internet Engineering Steering Group.

   $ IETF
      (I) See: Internet Engineering Task Force.

   $ IKE
      (I) See: IPsec Key Exchange.

   $ IMAP4
      (I) See: Internet Message Access Protocol, version 4.

      (I) An IMAP4 command (better described as a transaction type, or
      subprotocol) by which an IMAP4 client optionally proposes a
      mechanism to an IMAP4 server to authenticate the client to the
      server and provide other security services. (See: POP3.)

Top      Up      ToC       Page 150 
      Tutorial: If the server accepts the proposal, the command is
      followed by performing a challenge-response authentication
      protocol and, optionally, negotiating a protection mechanism for
      subsequent POP3 interactions. The security mechanisms that are
      used by IMAP4 AUTHENTICATE -- including Kerberos, GSS-API, and
      S/Key -- are described in [R1731].

   $ impossible
      (O) Cannot be done in any reasonable amount of time. (See: break,
      brute force, strength, work factor.)

   $ in the clear
      (I) Not encrypted. (See: clear text.)

   $ Ina Jo
      (O) A methodology, language, and integrated set of software tools
      developed at the System Development Corporation for specifying,
      coding, and verifying software to produce correct and reliable
      programs. Usage: a.k.a. the Formal Development Methodology. [Cheh]

   $ incapacitation
      (I) A type of threat action that prevents or interrupts system
      operation by disabling a system component. (See: disruption.)

      Usage: This type of threat action includes the following subtypes:
      -  "Malicious logic": In context of incapacitation, any hardware,
         firmware, or software (e.g., logic bomb) intentionally
         introduced into a system to destroy system functions or
         resources. (See: corruption, main entry for "malicious logic",
         masquerade, misuse.)
      -  "Physical destruction": Deliberate destruction of a system
         component to interrupt or prevent system operation.
      -  "Human error": /incapacitation/ Action or inaction that
         unintentionally disables a system component. (See: corruption,
      -  "Hardware or software error": /incapacitation/ Error that
         unintentionally causes failure of a system component and leads
         to disruption of system operation. (See: corruption, exposure.)
      -  "Natural disaster": /incapacitation/ Any "act of God" (e.g.,
         fire, flood, earthquake, lightning, or wind) that disables a
         system component. [FP031 Section 2]

   $ incident
      See: security incident.

      (N) See: "International Committee for Information Technology
      Standardization" under "ANSI".

Top      Up      ToC       Page 151 
   $ indicator
      (N) An action -- either specific, generalized, or theoretical --
      that an adversary might be expected to take in preparation for an
      attack. [C4009] (See: "attack sensing, warning, and response".
      Compare: message indicator.)

   $ indirect attack
      (I) See: secondary definition under "attack". Compare: direct

   $ indirect certificate revocation list (ICRL)
      (N) In X.509, a CRL that may contain certificate revocation
      notifications for certificates issued by CAs other than the issuer
      (i.e., signer) of the ICRL.

   $ indistinguishability
      (I) An attribute of an encryption algorithm that is a
      formalization of the notion that the encryption of some string is
      indistinguishable from the encryption of an equal-length string of
      nonsense. (Compare: semantic security.)

   $ inference
      1. (I) A type of threat action that reasons from characteristics
      or byproducts of communication and thereby indirectly accesses
      sensitive data, but not necessarily the data contained in the
      communication. (See: traffic analysis, signal analysis.)

      2. (I) A type of threat action that indirectly gains unauthorized
      access to sensitive information in a database management system by
      correlating query responses with information that is already

   $ inference control
      (I) Protection of data confidentiality against inference attack.
      (See: traffic-flow confidentiality.)

      Tutorial: A database management system containing N records about
      individuals may be required to provide statistical summaries about
      subsets of the population, while not revealing sensitive
      information about a single individual. An attacker may try to
      obtain sensitive information about an individual by isolating a
      desired record at the intersection of a set of overlapping
      queries. A system can attempt to prevent this by restricting the
      size and overlap of query sets, distorting responses by rounding
      or otherwise perturbing database values, and limiting queries to
      random samples. However, these techniques may be impractical to
      implement or use, and no technique is totally effective. For
      example, restricting the minimum size of a query set -- that is,

Top      Up      ToC       Page 152 
      not responding to queries for which there are fewer than K or more
      than N-K records that satisfy the query -- usually cannot prevent
      unauthorized disclosure. An attacker can pad small query sets with
      extra records, and then remove the effect of the extra records.
      The formula for identifying the extra records is called the
      "tracker". [Denns]

      (O) See: information operations condition

   $ informal
      (N) Expressed in natural language. [CCIB] (Compare: formal,

   $ information
      1. (I) Facts and ideas, which can be represented (encoded) as
      various forms of data.

      2. (I) Knowledge -- e.g., data, instructions -- in any medium or
      form that can be communicated between system entities.

      Tutorial: Internet security could be defined simply as protecting
      information in the Internet. However, the perceived need to use
      different protective measures for different types of information
      (e.g., authentication information, classified information,
      collateral information, national security information, personal
      information, protocol control information, sensitive compartmented
      information, sensitive information) has led to the diversity of
      terminology listed in this Glossary.

   $ information assurance
      (N) /U.S. Government/ "Measures that protect and defend
      information and information systems by ensuring their availability
      integrity, authentication, confidentiality, and non-repudiation.
      These measures include providing for restoration of information
      systems by incorporating protection, detection, and reaction
      capabilities." [C4009]

   $ Information Assurance Technical Framework (IATF)
      (O) A publicly available document [IATF], developed through a
      collaborative effort by organizations in the U.S. Government and
      industry, and issued by NSA. Intended for security managers and
      system security engineers as a tutorial and reference document
      about security problems in information systems and networks, to
      improve awareness of tradeoffs among available technology
      solutions and of desired characteristics of security approaches
      for particular problems. (See: ISO 17799, [SP14].)

Top      Up      ToC       Page 153 
   $ information domain
      (O) See: secondary definition under "domain".

   $ information domain security policy
      (O) See: secondary definition under "domain".

   $ information flow policy
      (N) /formal model/ A triple consisting of a set of security levels
      (or their equivalent security labels), a binary operator that maps
      each pair of security levels into a security level, and a binary
      relation on the set that selects a set of pairs of levels such
      that information is permitted to flow from an object of the first
      level to an object of the second level. (See: flow control,
      lattice model.)

   $ information operations condition (INFOCON)
      (O) /U.S. DoD/ A comprehensive defense posture and response based
      on the status of information systems, military operations, and
      intelligence assessments of adversary capabilities and intent.
      (See: threat)

      Derivation: From DEFCON, i.e., defense condition.

      Tutorial: The U.S. DoD defines five INFOCON levels: NORMAL (normal
      activity), ALPHA (increased risk of attack), BRAVO (specific risk
      of attack), CHARLIE (limited attack), and DELTA (general attack).

   $ information security (INFOSEC)
      (N) Measures that implement and assure security services in
      information systems, including in computer systems (see: COMPUSEC)
      and in communication systems (see: COMSEC).

   $ information system
      (I) An organized assembly of computing and communication resources
      and procedures -- i.e., equipment and services, together with
      their supporting infrastructure, facilities, and personnel -- that
      create, collect, record, process, store, transport, retrieve,
      display, disseminate, control, or dispose of information to
      accomplish a specified set of functions. (See: system entity,
      system resource. Compare: computer platform.)

   $ Information Technology Security Evaluation Criteria (ITSEC)
      (N) A Standard [ITSEC] jointly developed by France, Germany, the
      Netherlands, and the United Kingdom for use in the European Union;
      accommodates a wider range of security assurance and functionality
      combinations than the TCSEC. Superseded by the Common Criteria.

Top      Up      ToC       Page 154 
      (I) See: information security.

   $ ingress filtering
      (I) A method [R2827] for countering attacks that use packets with
      false IP source addresses, by blocking such packets at the
      boundary between connected networks.

      Tutorial: Suppose network A of an internet service provider (ISP)
      includes a filtering router that is connected to customer network
      B, and an attacker in B at IP source address "foo" attempts to
      send packets with false source address "bar" into A. The false
      address may be either fixed or randomly changing, and it may
      either be unreachable or be a forged address that legitimately
      exists within either B or some other network C. In ingress
      filtering, the ISP's router blocks all inbound packet that arrive
      from B with a source address that is not within the range of
      legitimately advertised addresses for B. This method does not
      prevent all attacks that can originate from B, but the actual
      source of such attacks can be more easily traced because the
      originating network is known.

   $ initialization value (IV)
      (I) /cryptography/ An input parameter that sets the starting state
      of a cryptographic algorithm or mode. (Compare: activation data.)

      Tutorial: An IV can be used to synchronize one cryptographic
      process with another; e.g., CBC, CFB, and OFB use IVs. An IV also
      can be used to introduce cryptographic variance (see: salt)
      besides that provided by a key.

   $ initialization vector
      (D) /cryptography/ Synonym for "initialization value".

      Deprecated Term: To avoid international misunderstanding, IDOCs
      SHOULD NOT use this term in the context of cryptography because
      most dictionary definitions of "vector" includes a concept of
      direction or magnitude, which are irrelevant to cryptographic use.

   $ insertion
      1. (I) /packet/ See: secondary definition under "stream integrity

      2. (I) /threat action/ See: secondary definition under

   $ inside attack
      (I) See: secondary definition under "attack". Compare: insider.

Top      Up      ToC       Page 155 
   $ insider
      1. (I) A user (usually a person) that accesses a system from a
      position that is inside the system's security perimeter. (Compare:
      authorized user, outsider, unauthorized user.)

      Tutorial: An insider has been assigned a role that has more
      privileges to access system resources than do some other types of
      users, or can access those resources without being constrained by
      some access controls that are applied to outside users. For
      example, a salesclerk is an insider who has access to the cash
      register, but a store customer is an outsider.

      The actions performed by an insider in accessing the system may be
      either authorized or unauthorized; i.e., an insider may act either
      as an authorized user or as an unauthorized user.

      2. (O) A person with authorized physical access to the system.
      Example: In this sense, an office janitor is an insider, but a
      burglar or casual visitor is not. [NRC98]

      3. (O) A person with an organizational status that causes the
      system or members of the organization to view access requests as
      being authorized. Example: In this sense, a purchasing agent is an
      insider but a vendor is not. [NRC98]

   $ inspectable space
      (O) /EMSEC/ "Three-dimensional space surrounding equipment that
      process classified and/or sensitive information within which
      TEMPEST exploitation is not considered practical or where legal
      authority to identify and/or remove a potential TEMPEST
      exploitation exists." [C4009] (Compare: control zone, TEMPEST

   $ Institute of Electrical and Electronics Engineers, Inc. (IEEE)
      (N) The IEEE is a not-for-profit association of approximately
      300,000 individual members in 150 countries. The IEEE produces
      nearly one third of the world's published literature in electrical
      engineering, computers, and control technology; holds hundreds of
      major, annual conferences; and maintains more than 800 active
      standards, with many more under development. (See: SILS.)

   $ integrity
      See: data integrity, datagram integrity service, correctness
      integrity, source integrity, stream integrity service, system

Top      Up      ToC       Page 156 
   $ integrity check
      (D) A computation that is part of a mechanism to provide data
      integrity service or data origin authentication service. (Compare:

      Deprecated Term: IDOCs SHOULD NOT use this term as a synonym for
      "cryptographic hash" or "protected checksum". This term
      unnecessarily duplicates the meaning of other, well-established
      terms; this term only mentions integrity, even though the intended
      service may be data origin authentication; and not every checksum
      is cryptographically protected.

   $ integrity label
      (I) A security label that tells the degree of confidence that may
      be placed in the data, and may also tell what countermeasures are
      required to be applied to protect the data from alteration and
      destruction. (See: integrity. Compare: classification label.)

   $ intelligent threat
      (I) A circumstance in which an adversary has the technical and
      operational ability to detect and exploit a vulnerability and also
      has the demonstrated, presumed, or inferred intent to do so. (See:

   $ interception
      (I) A type of threat action whereby an unauthorized entity
      directly accesses sensitive data while the data is traveling
      between authorized sources and destinations. (See: unauthorized

      Usage: This type of threat action includes the following subtypes:
      -  "Theft": Gaining access to sensitive data by stealing a
         shipment of a physical medium, such as a magnetic tape or disk,
         that holds the data.
      -  "Wiretapping (passive)": Monitoring and recording data that is
         flowing between two points in a communication system. (See:
      -  "Emanations analysis": Gaining direct knowledge of communicated
         data by monitoring and resolving a signal that is emitted by a
         system and that contains the data but was not intended to
         communicate the data. (See: emanation.)

   $ interference
      (I) /threat action/ See: secondary definition under "obstruction".

   $ intermediate CA
      (D) The CA that issues a cross-certificate to another CA. [X509]
      (See: cross-certification.)

Top      Up      ToC       Page 157 
      Deprecated Term: IDOCs SHOULD NOT use this term because it is not
      widely known and mixes concepts in a potentially misleading way.
      For example, suppose that end entity 1 ("EE1) is in one PKI
      ("PKI1"), end entity 2 ("EE2) is in another PKI ("PKI2"), and the
      root in PKI1 ("CA1") cross-certifies the root CA in PKI2 ("CA2").
      Then, if EE1 constructs the certification path CA1-to-CA2-to-EE2
      to validate a certificate of EE2, conventional English usage would
      describe CA2 as being in the "intermediate" position in that path,
      not CA1.

   $ internal controls
      (I) /COMPUSEC/ Functions, features, and technical characteristics
      of computer hardware and software, especially of operating
      systems. Includes mechanisms to regulate the operation of a
      computer system with regard to access control, flow control, and
      inference control. (Compare: external controls.)

   $ International Data Encryption Algorithm (IDEA)
      (N) A patented, symmetric block cipher that uses a 128-bit key and
      operates on 64-bit blocks. [Schn] (See: symmetric cryptography.)

   $ International Standard
      (N) See: secondary definition under "ISO".

   $ International Traffic in Arms Regulations (ITAR)
      (O) Rules issued by the U.S. State Department, by authority of the
      Arms Export Control Act (22 U.S.C. 2778), to control export and
      import of defense articles and defense services, including
      information security systems, such as cryptographic systems, and
      TEMPEST suppression technology. (See: type 1 product, Wassenaar

   $ internet, Internet
      1. (I) /not capitalized/ Abbreviation of "internetwork".

      2. (I) /capitalized/ The Internet is the single, interconnected,
      worldwide system of commercial, governmental, educational, and
      other computer networks that share (a) the protocol suite
      specified by the IAB (RFC 2026) and (b) the name and address
      spaces managed by the ICANN. (See: Internet Layer, Internet
      Protocol Suite.)

      Usage: Use with definite article ("the") when using as a noun. For
      example, say "My LAN is small, but the Internet is large." Don't
      say "My LAN is small, but Internet is large."

Top      Up      ToC       Page 158 
   $ Internet Architecture Board (IAB)
      (I) A technical advisory group of the ISOC, chartered by the ISOC
      Trustees to provide oversight of Internet architecture and
      protocols and, in the context of Internet Standards, a body to
      which decisions of the IESG may be appealed. Responsible for
      approving appointments to the IESG from among nominees submitted
      by the IETF nominating committee. (RFC 2026)

   $ Internet Assigned Numbers Authority (IANA)
      (I) From the early days of the Internet, the IANA was chartered by
      the ISOC and the U.S. Government's Federal Network Council to be
      the central coordination, allocation, and registration body for
      parameters for Internet protocols. Superseded by ICANN.

   $ Internet Control Message Protocol (ICMP)
      (I) An Internet Standard protocol (RFC 792) that is used to report
      error conditions during IP datagram processing and to exchange
      other information concerning the state of the IP network.

   $ Internet Corporation for Assigned Names and Numbers (ICANN)
      (I) The non-profit, private corporation that has assumed
      responsibility for the IP address space allocation, protocol
      parameter assignment, DNS management, and root server system
      management functions formerly performed under U.S. Government
      contract by IANA and other entities.

      Tutorial: The IPS, as defined by the IETF and the IESG, contains
      numerous parameters, such as Internet addresses, domain names,
      autonomous system numbers, protocol numbers, port numbers,
      management information base OIDs, including private enterprise
      numbers, and many others. The Internet community requires that the
      values used in these parameter fields be assigned uniquely. ICANN
      makes those assignments as requested and maintains a registry of
      the current values.

      ICANN was formed in October 1998, by a coalition of the Internet's
      business, technical, and academic communities. The U.S. Government
      designated ICANN to serve as the global consensus entity with
      responsibility for coordinating four key functions for the
      Internet: allocation of IP address space, assignment of protocol
      parameters, management of the DNS, and management of the DNS root
      server system.

   $ Internet-Draft
      (I) A working document of the IETF, its areas, and its working
      groups. (RFC 2026) (Compare: RFC.)

Top      Up      ToC       Page 159 
      Usage: The term is customarily hyphenated when used either as a
      adjective or a noun, even though the latter is not standard
      English punctuation.

      Tutorial: An Internet-Draft is not an archival document like an
      RFC is. Instead, an Internet-Draft is a preliminary or working
      document that is valid for a maximum of six months and may be
      updated, replaced, or made obsolete by other documents at any
      time. It is inappropriate to use an Internet-Draft as reference
      material or to cite it other than as a "work in progress".
      Although most of the Internet-Drafts are produced by the IETF, any
      interested organization may request to have its working documents
      published as Internet-Drafts.

   $ Internet Engineering Steering Group (IESG)
      (I) The part of the ISOC responsible for technical management of
      IETF activities and administration of the Internet Standards
      Process according to procedures approved by the ISOC Trustees.
      Directly responsible for actions along the "standards track",
      including final approval of specifications as Internet Standards.
      Composed of IETF Area Directors and the IETF chairperson, who also
      chairs the IESG. (RFC 2026)

   $ Internet Engineering Task Force (IETF)
      (I) A self-organized group of people who make contributions to the
      development of Internet technology. The principal body engaged in
      developing Internet Standards, although not itself a part of the
      ISOC. Composed of Working Groups, which are arranged into Areas
      (such as the Security Area), each coordinated by one or more Area
      Directors. Nominations to the IAB and the IESG are made by a
      committee selected at random from regular IETF meeting attendees
      who have volunteered. (RFCs 2026, 3935) [R2323]

   $ Internet Key Exchange (IKE)
      (I) An Internet, IPsec, key-establishment protocol [R4306] for
      putting in place authenticated keying material (a) for use with
      ISAKMP and (b) for other security associations, such as in AH and

      Tutorial: IKE is based on three earlier protocol designs: ISAKMP,
      OAKLEY, and SKEME.

   $ Internet Layer
      (I) See: Internet Protocol Suite.

   $ Internet Message Access Protocol, version 4 (IMAP4)
      (I) An Internet protocol (RFC 2060) by which a client workstation
      can dynamically access a mailbox on a server host to manipulate

Top      Up      ToC       Page 160 
      and retrieve mail messages that the server has received and is
      holding for the client. (See: POP3.)

      Tutorial: IMAP4 has mechanisms for optionally authenticating a
      client to a server and providing other security services. (See:

   $ Internet Open Trading Protocol (IOTP)
      (I) An Internet protocol [R2801] proposed as a general framework
      for Internet commerce, able to encapsulate transactions of various
      proprietary payment systems (e.g., GeldKarte, Mondex, SET, Visa
      Cash). Provides optional security services by incorporating
      various Internet security mechanisms (e.g., MD5) and protocols
      (e.g., TLS).

   $ Internet Policy Registration Authority (IPRA)
      (I) An X.509-compliant CA that is the top CA of the Internet
      certification hierarchy operated under the auspices of the ISOC
      [R1422]. (See: /PEM/ under "certification hierarchy".)

   $ Internet Private Line Interface (IPLI)
      (O) A successor to the PLI, updated to use TCP/IP and newer
      military-grade COMSEC equipment (TSEC/KG-84). The IPLI was a
      portable, modular system that was developed for use in tactical,
      packet-radio networks. (See: end-to-end encryption.)

   $ Internet Protocol (IP)
      (I) An Internet Standard, Internet-Layer protocol that moves
      datagrams (discrete sets of bits) from one computer to another
      across an internetwork but does not provide reliable delivery,
      flow control, sequencing, or other end-to-end services that TCP
      provides. IP version 4 (IPv4) is specified in RFC 791, and IP
      version 6 (IPv6) is specified in RFC 2460. (See: IP address,

      Tutorial: If IP were used in an OSIRM stack, IP would be placed at
      the top of Layer 3, above other Layer 3 protocols in the stack.

      In any IPS stack, IP is always present in the Internet Layer and
      is always placed at the top of that layer, on top of any other
      protocols that are used in that layer. In some sense, IP is the
      only protocol specified for the IPS Internet Layer; other
      protocols used there, such as AH and ESP, are just IP variations.

   $ Internet Protocol security
      See: IP Security Protocol.

Next RFC Part