tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 4949


Internet Security Glossary, Version 2

Part 8 of 13, p. 192 to 222
Prev RFC Part       Next RFC Part


prevText      Top      Up      ToC       Page 192 
   $ MISSI
      (O) Multilevel Information System Security Initiative, an NSA
      program to encourage development of interoperable, modular
      products for constructing secure network information systems in
      support of a wide variety of U.S. Government missions. (See: MSP,
      SP3, SP4.)

   $ MISSI user
      (O) /MISSI/ A system entity that is the subject of one or more
      MISSI X.509 public-key certificates issued under a MISSI
      certification hierarchy. (See: personality.)

      Tutorial: MISSI users include both end users and the authorities
      that issue certificates. A MISSI user is usually a person but may
      be a machine or other automated process. Machines that are
      required to operate nonstop may be issued their own certificates
      to avoid downtime needed to exchange the FORTEZZA cards of machine
      operators at shift changes.

   $ mission
      (I) A statement of a (relatively long-term) duty or (relatively
      short-term) task that is assigned to an organization or system,
      indicates the purpose and objectives of the duty or task, and may
      indicate the actions to be taken to achieve it.

   $ mission critical
      (I) A condition of a system service or other system resource such
      that denial of access to, or lack of availability of, the resource
      would jeopardize a system user's ability to perform a primary
      mission function or would result in other serious consequences.
      (See: Critical. Compare: mission essential.)

   $ mission essential
      (O) /U.S. DoD/ Refers to materiel that is authorized and available
      to combat, combat support, combat service support, and combat
      readiness training forces to accomplish their assigned missions.
      [JP1] (Compare: mission critical.)

   $ misuse
      1. (I) The intentional use (by authorized users) of system
      resources for other than authorized purposes. Example: An
      authorized system administrator creates an unauthorized account
      for a friend. (See: misuse detection.)

      2. (I) A type of threat action that causes a system component to
      perform a function or service that is detrimental to system
      security. (See: usurpation.)

Top      Up      ToC       Page 193 
      Usage: This type of threat action includes the following subtypes:
      -  "Tampering": /misuse/ Deliberately altering a system's logic,
         data, or control information to cause the system to perform
         unauthorized functions or services. (See: corruption, main
         entry for "tampering".)
      -  "Malicious logic": /misuse/ Any hardware, firmware, or software
         intentionally introduced into a system to perform or control
         execution of an unauthorized function or service. (See:
         corruption, incapacitation, main entry for "malicious logic",
      -  "Violation of authorizations": Action by an entity that exceeds
         the entity's system privileges by executing an unauthorized
         function. (See: authorization.)

   $ misuse detection
      (I) An intrusion detection method that is based on rules that
      specify system events, sequences of events, or observable
      properties of a system that are believed to be symptomatic of
      security incidents. (See: IDS, misuse. Compare: anomaly

   $ MLS
      (I) See: multilevel secure

   $ mobile code
      1a. (I) Software that originates from a remote server, is
      transmitted across a network, and is loaded onto and executed on a
      local client system without explicit initiation by the client's
      user and, in some cases, without that user's knowledge. (Compare:
      active content.)

      Tutorial: One form of mobile code is active content in a file that
      is transferred across a network.

      1b. (O) /U.S. DoD/ "Software modules obtained from remote systems,
      transferred across a network, and then downloaded and executed on
      local systems without explicit installation or execution by the
      recipient." [JP1]

      2a. (O) /U.S. DoD/ Technology that enables the creation of
      executable information that can be delivered to an information
      system and directly executed on any hardware/software architecture
      that has an appropriate host execution environment.

      2b. (O) "Programs (e.g., script, macro, or other portable
      instruction) that can be shipped unchanged to a heterogeneous
      collection of platforms and executed with identical semantics"
      [SP28]. (See: active content.)

Top      Up      ToC       Page 194 
      Tutorial: Mobile code might be malicious. Using techniques such as
      "code signing" and a "sandbox" can reduce the risks of receiving
      and executing mobile code.

   $ mode
   $ mode of operation
      1. (I) /cryptographic operation/ A technique for enhancing the
      effect of a cryptographic algorithm or adapting the algorithm for
      an application, such as applying a block cipher to a sequence of
      data blocks or a data stream. (See: CBC, CCM, CMAC, CFB, CTR, ECB,

      2. (I) /system operation/ A type of security policy that states
      the range of classification levels of information that a system is
      permitted to handle and the range of clearances and authorizations
      of users who are permitted to access the system. (See:
      compartmented security mode, controlled security mode, dedicated
      security mode, multilevel security mode, partitioned security
      mode, system-high security mode. Compare: protection level.)

      3. (I) /IKE/ IKE refers to its various types of ISAKMP-scripted
      exchanges of messages as "modes". Among these are the following:
      -  "Main mode": One of IKE's two phase 1 modes. (See: ISAKMP.)
      -  "Quick mode": IKE's only phase 2 mode. (See: ISAKMP.)

   $ model
      See: formal model, security model.

   $ modulus
      (I) The defining constant in modular arithmetic, and usually a
      part of the public key in asymmetric cryptography that is based on
      modular arithmetic. (See: Diffie-Hellman-Merkle, RSA.)

   $ Mondex
      (O) A smartcard-based electronic money system that incorporates
      cryptography and can be used to make payments via the Internet.
      (See: IOTP.)

   $ Morris Worm
      (I) A worm program that flooded the ARPANET in November 1988,
      causing problems for thousands of hosts. [R1135] (See: community
      risk, worm)

   $ MOSS
      (I) See: MIME Object Security Services.

Top      Up      ToC       Page 195 
   $ MQV
      (N) A key-agreement protocol [Mene] that was proposed by A.J.
      Menezes, M. Qu, and S.A. Vanstone in 1995 and is based on the
      Diffie-Hellman-Merkle algorithm.

   $ MSP
      (N) See: Message Security Protocol.

   $ multicast security
      See: secure multicast

   $ Multics
      (N) MULTiplexed Information and Computing Service, an MLS computer
      timesharing system designed and implemented during 1965-69 by a
      consortium including Massachusetts Institute of Technology,
      General Electric, and Bell Laboratories, and later offered
      commercially by Honeywell.

      Tutorial: Multics was one of the first large, general-purpose,
      operating systems to include security as a primary goal from the
      inception of the design and development and was rated in TCSEC
      Class B2. Its many innovative hardware and software security
      mechanisms (e.g., protection ring) were adopted by later systems.

   $ multilevel secure (MLS)
      (I) Describes an information system that is trusted to contain,
      and maintain separation between, resources (particularly stored
      data) of different security levels. (Examples: BLACKER, CANEWARE,
      KSOS, Multics, SCOMP.)

      Usage: Usually understood to mean that the system permits
      concurrent access by users who differ in their access
      authorizations, while denying users access to resources for which
      they lack authorization.

   $ multilevel security mode
      1. (N) A mode of system operation wherein (a) two or more security
      levels of information are allowed to be to be handled concurrently
      within the same system when some users having access to the system
      have neither a security clearance nor need-to-know for some of the
      data handled by the system and (b) separation of the users and the
      classified material on the basis, respectively, of clearance and
      classification level are dependent on operating system control.
      (See: /system operation/ under "mode", need to know, protection
      level, security clearance. Compare: controlled mode.)

Top      Up      ToC       Page 196 
      Usage: Usually abbreviated as "multilevel mode". This term was
      defined in U.S. Government policy regarding system accreditation,
      but the term is also used outside the Government.

      2. (O) A mode of system operation in which all three of the
      following statements are true: (a) Some authorized users do not
      have a security clearance for all the information handled in the
      system. (b) All authorized users have the proper security
      clearance and appropriate specific access approval for the
      information to which they have access. (c) All authorized users
      have a need-to-know only for information to which they have
      access. [C4009] (See: formal access approval, protection level.)

   $ Multipurpose Internet Mail Extensions (MIME)
      (I) An Internet protocol (RFC 2045) that enhances the basic format
      of Internet electronic mail messages (RFC 822) (a) to enable
      character sets other than U.S. ASCII to be used for textual
      headers and content and (b) to carry non-textual and multi-part
      content. (See: S/MIME.)

   $ mutual suspicion
      (I) The state that exists between two interacting system entities
      in which neither entity can trust the other to function correctly
      with regard to some security requirement.

   $ name
      (I) Synonym for "identifier".

   $ naming authority
      (O) /U.S. DoD/ An organizational entity responsible for assigning
      DNs and for assuring that each DN is meaningful and unique within
      its domain. [DoD9]

   $ National Computer Security Center (NCSC)
      (O) A U.S. DoD organization, housed in NSA, that has
      responsibility for encouraging widespread availability of trusted
      systems throughout the U.S. Federal Government. It has established
      criteria for, and performed evaluations of, computer and network
      systems that have a TCB. (See: Rainbow Series, TCSEC.)

   $ National Information Assurance Partnership (NIAP)
      (N) A joint initiative of NIST and NSA to enhance the quality of
      commercial products for information security and increase consumer
      confidence in those products through objective evaluation and
      testing methods.

Top      Up      ToC       Page 197 
      Tutorial: NIAP is registered, through the U.S. DoD, as a National
      Performance Review Reinvention Laboratory. NIAP functions include
      the following:
      -  Developing tests, test methods, and other tools that developers
         and testing laboratories may use to improve and evaluate
         security products.
      -  Collaborating with industry and others on research and testing
      -  Using the Common Criteria to develop protection profiles and
         associated test sets for security products and systems.
      -  Cooperating with the NIST National Voluntary Laboratory
         Accreditation Program to develop a program to accredit private-
         sector laboratories for the testing of information security
         products using the Common Criteria.
      -  Working to establish a formal, international mutual recognition
         scheme for a Common Criteria-based evaluation.

   $ National Institute of Standards and Technology (NIST)
      (N) A U.S. Department of Commerce organization that promotes U.S.
      economic growth by working with industry to develop and apply
      technology, measurements, and standards. Has primary U.S.
      Government responsibility for INFOSEC standards for sensitive
      unclassified information. (See: ANSI, DES, DSA, DSS, FIPS, NIAP,

   $ National Reliability and Interoperability Council (NRIC)
      (N) An advisory committee chartered by the U.S. Federal
      Communications Commission (FCC), with participation by network
      service providers and vendors, to provide recommendations to the
      FCC for assuring reliability, interoperability, robustness, and
      security of wireless, wireline, satellite, cable, and public data
      communication networks.

   $ national security
      (O) /U.S. Government/ The national defense or foreign relations of
      the United States of America.

   $ National Security Agency (NSA)
      (N) A U.S. DoD organization that has primary U.S. Government
      responsibility for INFOSEC standards for classified information
      and for sensitive unclassified information handled by national
      security systems. (See: FORTEZZA, KEA, MISSI, national security
      system, NIAP, NIST, SKIPJACK.)

   $ national security information
      (O) /U.S. Government/ Information that has been determined,
      pursuant to Executive Order 12958 or any predecessor order, to
      require protection against unauthorized disclosure. [C4009]

Top      Up      ToC       Page 198 
   $ national security system
      (O) /U.S. Government/ Any Government-operated information system
      for which the function, operation, or use (a) involves
      intelligence activities; (b) involves cryptologic activities
      related to national security; (c) involves command and control of
      military forces; (d) involves equipment that is an integral part
      of a weapon or weapon system; or (e) is critical to the direct
      fulfillment of military or intelligence missions and does not
      include a system that is to be used for routine administrative and
      business applications (including payroll, finance, logistics, and
      personnel management applications). [Title 40 U.S.C. Section 1552,
      Information Technology Management Reform Act of 1996.] (See: type
      2 product.)

   $ natural disaster
      (I) /threat action/ See: secondary definitions under "corruption"
      and "incapacitation".

   $ NCSC
      (O) See: National Computer Security Center.

   $ need to know, need-to-know
      (I) The necessity for access to, knowledge of, or possession of
      specific information required to carry out official duties.

      Usage: The compound "need-to-know" is commonly used as either an
      adjective or a noun.

      Tutorial: The need-to-know criterion is used in security
      procedures that require a custodian of sensitive information,
      prior to disclosing the information to someone else, to establish
      that the intended recipient has proper authorization to access the

   $ network
      (I) An information system comprised of a collection of
      interconnected nodes. (See: computer network.)

   $ Network Hardware Layer
      (I) See: Internet Protocol Suite.

   $ Network Interface Layer
      (I) See: Internet Protocol Suite.

   $ Network Layer Security Protocol (NLSP).
      (N) An OSI protocol (IS0 11577) for end-to-end encryption services
      at the top of OSIRM Layer 3. NLSP is derived from SP3 but is more
      complex. (Compare: IPsec.)

Top      Up      ToC       Page 199 
   $ Network Substrate Layer
      (I) Synonym for "Network Hardware Layer".

   $ network weaving
      (I) A penetration technique in which an intruder avoids detection
      and traceback by using multiple, linked, communication networks to
      access and attack a system. [C4009]

   $ NIAP
      (N) See: National Information Assurance Partnership.

   $ nibble
      (D) Half of a byte (i.e., usually, 4 bits).

      Deprecated Term: To avoid international misunderstanding, IDOCs
      SHOULD NOT use this term; instead, state the size of the block
      explicitly (e.g., "4-bit block"). (See: Deprecated Usage under
      "Green Book".)

      (O) The U.S. DoD's common-use Non-Classified Internet Protocol
      Router Network; the part of the Internet that is wholly controlled
      by the U.S. DoD and is used for official DoD business.

   $ NIST
      (N) See: National Institute of Standards and Technology.

   $ NLSP
      (N) See: Network Layer Security Protocol

   $ no-lone zone
      (I) A room or other space or area to which no person may have
      unaccompanied access and that, when occupied, is required to be
      occupied by two or more appropriately authorized persons. [C4009]
      (See: dual control.)

   $ no-PIN ORA (NORA)
      (O) /MISSI/ An organizational RA that operates in a mode in which
      the ORA performs no card management functions and, therefore, does
      not require knowledge of either the SSO PIN or user PIN for an end
      user's FORTEZZA PC card.

   $ node
      (I) A collection of related subsystems located on one or more
      computer platforms at a single site. (See: site.)

Top      Up      ToC       Page 200 
   $ nonce
      (I) A random or non-repeating value that is included in data
      exchanged by a protocol, usually for the purpose of guaranteeing
      liveness and thus detecting and protecting against replay attacks.
      (See: fresh.)

   $ non-critical
      See: critical.

   $ non-repudiation service
      1. (I) A security service that provide protection against false
      denial of involvement in an association (especially a
      communication association that transfers data). (See: repudiation,
      time stamp.)

      Tutorial: Two separate types of denial are possible -- an entity
      can deny that it sent a data object, or it can deny that it
      received a data object -- and, therefore, two separate types of
      non-repudiation service are possible. (See: non-repudiation with
      proof of origin, non-repudiation with proof of receipt.)

      2. (D) "Assurance [that] the sender of data is provided with proof
      of delivery and the recipient is provided with proof of the
      sender's identity, so neither can later deny having processed the
      data." [C4009]

      Deprecated Definition: IDOCs SHOULD NOT use definition 2 because
      it bundles two security services -- non-repudiation with proof of
      origin, and non-repudiation with proof of receipt -- that can be
      provided independently of each other.

      Usage: IDOCs SHOULD distinguish between the technical aspects and
      the legal aspects of a non-repudiation service:
      -  "Technical non-repudiation": Refers to the assurance a relying
         party has that if a public key is used to validate a digital
         signature, then that signature had to have been made by the
         corresponding private signature key. [SP32]
      -  "Legal non-repudiation": Refers to how well possession or
         control of the private signature key can be established. [SP32]

      Tutorial: Non-repudiation service does not prevent an entity from
      repudiating a communication. Instead, the service provides
      evidence that can be stored and later presented to a third party
      to resolve disputes that arise if and when a communication is
      repudiated by one of the entities involved.

Top      Up      ToC       Page 201 
      Ford describes the six phases of a complete non-repudiation
      service and uses "critical action" to refer to the act of
      communication that is the subject of the service [For94, For97]:

      --------   --------   --------   --------   --------   . --------
      Phase 1:   Phase 2:   Phase 3:   Phase 4:   Phase 5:   . Phase 6:
      Request    Generate   Transfer   Verify     Retain     . Resolve
      Service    Evidence   Evidence   Evidence   Evidence   . Dispute
      --------   --------   --------   --------   --------   . --------

      Service    Critical   Evidence   Evidence   Archive    . Evidence
      Request => Action  => Stored  => Is      => Evidence   . Is
      Is Made    Occurs     For Later  Tested     In Case    . Verified
                 and        Use |          ^      Critical   .    ^
                 Evidence       v          |      Action Is  .    |
                 Is         +-------------------+ Repudiated .    |
                 Generated  |Verifiable Evidence|------> ... . ----+

      Phase / Explanation
      1. Request service: Before the critical action, the service
         requester asks, either implicitly or explicitly, to have
         evidence of the action be generated.
      2. Generate evidence: When the critical action occurs, evidence is
         generated by a process involving the potential repudiator and
         possibly also a trusted third party.
      3. Transfer evidence: The evidence is transferred to the requester
         or stored by a third party, for later use (if needed).
      4. Verify evidence: The entity that holds the evidence tests it to
         be sure that it will suffice if a dispute arises.
      5. Retain evidence: The evidence is retained for possible future
         retrieval and use.
      6. Resolve dispute: In this phase, which occurs only if the
         critical action is repudiated, the evidence is retrieved from
         storage, presented, and verified to resolve the dispute.

   $ non-repudiation with proof of origin
      (I) A security service that provides the recipient of data with
      evidence that proves the origin of the data, and thus protects the
      recipient against an attempt by the originator to falsely deny
      sending the data. (See: non-repudiation service.)

      Tutorial: This service is a strong version of data origin
      authentication service. This service can not only verify the
      identity of a system entity that is the original source of
      received data; it can also provide proof of that identity to a
      third party.

Top      Up      ToC       Page 202 
   $ non-repudiation with proof of receipt
      (I) A security service that provides the originator of data with
      evidence that proves the data was received as addressed, and thus
      protects the originator against an attempt by the recipient to
      falsely deny receiving the data. (See: non-repudiation service.)

   $ non-volatile media
      (I) Storage media that, once written into, provide stable storage
      of information without an external power supply. (Compare:
      permanent storage, volatile media.)

   $ NORA
      (O) See: no-PIN ORA.

   $ notarization
      (I) Registration of data under the authority or in the care of a
      trusted third party, thus making it possible to provide subsequent
      assurance of the accuracy of characteristics claimed for the data,
      such as content, origin, time of existence, and delivery.
      [I7498-2] (See: digital notary.)

   $ NRIC
      (N) See: Network Reliability and Interoperability Council.

   $ NSA
      (N) See: National Security Agency

   $ null
      (N) /encryption/ "Dummy letter, letter symbol, or code group
      inserted into an encrypted message to delay or prevent its
      decryption or to complete encrypted groups for transmission or
      transmission security purposes." [C4009]

   $ NULL encryption algorithm
      (I) An algorithm [R2410] that is specified as doing nothing to
      transform plaintext data; i.e., a no-op. It originated because ESP
      always specifies the use of an encryption algorithm for
      confidentiality. The NULL encryption algorithm is a convenient way
      to represent the option of not applying encryption in ESP (or in
      any other context where a no-op is needed). (Compare: null.)

      (I) A key establishment protocol (proposed for IPsec but
      superseded by IKE) based on the Diffie-Hellman-Merkle algorithm
      and designed to be a compatible component of ISAKMP. [R2412]

      Tutorial: OAKLEY establishes a shared key with an assigned
      identifier and associated authenticated identities for parties;

Top      Up      ToC       Page 203 
      i.e., OAKLEY provides authentication service to ensure the
      entities of each other's identity, even if the Diffie-Hellman-
      Merkle exchange is threatened by active wiretapping. Also, it
      provides public-key forward secrecy for the shared key and
      supports key updates, incorporation of keys distributed by out-of-
      band mechanisms, and user-defined abstract group structures for
      use with Diffie-Hellman-Merkle.

   $ object
      (I) /formal model/ Trusted-system modeling usage: A system
      component that contains or receives information. (See: Bell-
      LaPadula model, object reuse, trusted system.)

   $ object identifier (OID)
      1. (N) An official, globally unique name for a thing, written as a
      sequence of integers (which are formed and assigned as defined in
      the ASN.1 standard) and used to reference the thing in abstract
      specifications and during negotiation of security services in a

      2. (O) "A value (distinguishable from all other such values)
      [that] is associated with an object." [X680]

      Tutorial: Objects named by OIDs are leaves of the object
      identifier tree (which is similar to but different from the X.500
      Directory Information Tree). Each arc (i.e., each branch of the
      tree) is labeled with a non-negative integer. An OID is the
      sequence of integers on the path leading from the root of the tree
      to a named object.

      The OID tree has three arcs immediately below the root: {0} for
      use by ITU-T, {1} for use by ISO, and {2} for use by both jointly.
      Below ITU-T are four arcs, where {0 0} is for ITU-T
      recommendations. Below {0 0} are 26 arcs, one for each series of
      recommendations starting with the letters A to Z, and below these
      are arcs for each recommendation. Thus, the OID for ITU-T
      Recommendation X.509 is {0 0 24 509}. Below ISO are four arcs,
      where {1 0 }is for ISO standards, and below these are arcs for
      each ISO standard. Thus, the OID for ISO/IEC 9594-8 (the ISO
      number for X.509) is {1 0 9594 8}.

      ANSI registers organization names below the branch {joint-iso-
      ccitt(2) country(16) US(840) organization(1) gov(101) csor(3)}.
      The NIST CSOR records PKI objects below the branch {joint-iso-itu-
      t(2) country(16) us(840) organization (1) gov(101) csor(3)}. The
      U.S. DoD registers INFOSEC objects below the branch {joint-iso-
      itu-t(2) country(16) us(840) organization(1) gov(101) dod(2)

Top      Up      ToC       Page 204 
      The IETF's Public-Key Infrastructure (pkix) Working Group
      registers PKI objects below the branch {iso(1) identified-
      organization(3) dod(6) internet(1) security(5) mechanisms(5)
      pkix(7)}. [R3280]

   $ object reuse
      (N) /COMPUSEC/ Reassignment and reuse of an area of a storage
      medium (e.g., random-access memory, floppy disk, magnetic tape)
      that once contained sensitive data objects. Before being
      reassigned for use by a new subject, the area needs to be erased
      or, in some cases, purged. [NCS04] (See: object.)

   $ obstruction
      (I) A type of threat action that interrupts delivery of system
      services by hindering system operations. (See: disruption.)

      Tutorial: This type of threat action includes the following
      -  "Interference": Disruption of system operations by blocking
         communication of user data or control information. (See:
      -  "Overload": Hindrance of system operation by placing excess
         burden on the performance capabilities of a system component.
         (See: flooding.)

   $ OCSP
      (I) See: Online Certificate Status Protocol.

   $ octet
      (I) A data unit of eight bits. (Compare: byte.)

      Usage: This term is used in networking (especially in OSI
      standards) in preference to "byte", because some systems use
      "byte" for data storage units of a size other than eight bits.

   $ OFB
      (N) See: output feedback.

   $ off-line attack
      (I) See: secondary definition under "attack".

   $ ohnosecond
      (D) That minuscule fraction of time in which you realize that your
      private key has been compromised.

      Deprecated Usage: IDOCs SHOULD NOT use this term; it is a joke for
      English speakers. (See: Deprecated Usage under "Green Book".)

Top      Up      ToC       Page 205 
   $ OID
      (N) See: object identifier.

   $ Online Certificate Status Protocol (OCSP)
      (I) An Internet protocol [R2560] used by a client to obtain from a
      server the validity status and other information about a digital
      certificate. (Mentioned in [X509] but not specified there.)

      Tutorial: In some applications, such as those involving high-value
      commercial transactions, it may be necessary either (a) to obtain
      certificate revocation status that is timelier than is possible
      with CRLs or (b) to obtain other kinds of status information. OCSP
      may be used to determine the current revocation status of a
      digital certificate, in lieu of or as a supplement to checking
      against a periodic CRL. An OCSP client issues a status request to
      an OCSP server and suspends acceptance of the certificate in
      question until the server provides a response.

   $ one-time pad
      1. (N) A manual encryption system in the form of a paper pad for
      one-time use.

      2. (I) An encryption algorithm in which the key is a random
      sequence of symbols and each symbol is used for encryption only
      one time -- i.e., used to encrypt only one plaintext symbol and
      thus produce only one ciphertext symbol -- and a copy of the key
      is used similarly for decryption.

      Tutorial: To ensure one-time use, the copy of the key used for
      encryption is destroyed after use, as is the copy used for
      decryption. This is the only encryption algorithm that is truly
      unbreakable, even given unlimited resources for cryptanalysis
      [Schn], but key management costs and synchronization problems make
      it impractical except in special situations.

   $ one-time password, One-Time Password (OTP)
      1. (I) /not capitalized/ A "one-time password" is a simple
      authentication technique in which each password is used only once
      as authentication information that verifies an identity. This
      technique counters the threat of a replay attack that uses
      passwords captured by wiretapping.

      2. (I) /capitalized/ "One-Time Password" is an Internet protocol
      [R2289] that is based on S/KEY and uses a cryptographic hash
      function to generate one-time passwords for use as authentication
      information in system login and in other processes that need
      protection against replay attacks.

Top      Up      ToC       Page 206 
   $ one-way encryption
      (I) Irreversible transformation of plain text to cipher text, such
      that the plain text cannot be recovered from the cipher text by
      other than exhaustive procedures even if the cryptographic key is
      known. (See: brute force, encryption.)

   $ one-way function
      (I) "A (mathematical) function, f, [that] is easy to compute, but
      which for a general value y in the range, it is computationally
      difficult to find a value x in the domain such that f(x) = y.
      There may be a few values of y for which finding x is not
      computationally difficult." [X509]

      Deprecated Usage: IDOCs SHOULD NOT use this term as a synonym for
      "cryptographic hash".

   $ onion routing
      (I) A system that can be used to provide both (a) data
      confidentiality and (b) traffic-flow confidentiality for network
      packets, and also provide (c) anonymity for the source of the

      Tutorial: The source, instead of sending a packet directly to the
      intended destination, sends it to an "onion routing proxy" that
      builds an anonymous connection through several other "onion
      routers" to the destination. The proxy defines a route through the
      "onion routing network" by encapsulating the original payload in a
      layered data packet called an "onion", in which each layer defines
      the next hop in the route and each layer is also encrypted. Along
      the route, each onion router that receives the onion peels off one
      layer; decrypts that layer and reads from it the address of the
      next onion router on the route; pads the remaining onion to some
      constant size; and sends the padded onion to that next router.

   $ open security environment
      (O) /U.S. DoD/ A system environment that meets at least one of the
      following two conditions: (a) Application developers (including
      maintainers) do not have sufficient clearance or authorization to
      provide an acceptable presumption that they have not introduced
      malicious logic. (b) Configuration control does not provide
      sufficient assurance that applications and the equipment are
      protected against the introduction of malicious logic prior to and
      during the operation of system applications. [NCS04] (See: "first
      law" under "Courtney's laws". Compare: closed security

Top      Up      ToC       Page 207 
   $ open storage
      (N) /U.S. Government/ "Storage of classified information within an
      accredited facility, but not in General Services Administration
      approved secure containers, while the facility is unoccupied by
      authorized personnel." [C4009]

   $ Open Systems Interconnection (OSI) Reference Model (OSIRM)
      (N) A joint ISO/ITU-T standard [I7498-1] for a seven-layer,
      architectural communication framework for interconnection of
      computers in networks. (See: OSIRM Security Architecture. Compare:
      Internet Protocol Suite.)

      Tutorial: OSIRM-based standards include communication protocols
      that are mostly incompatible with the IPS, but also include
      security models, such as X.509, that are used in the Internet.

      The OSIRM layers, from highest to lowest, are (7) Application, (6)
      Presentation, (5) Session, (4) Transport, (3) Network, (2) Data
      Link, and (1) Physical.

      Usage: This Glossary refers to OSIRM layers by number to avoid
      confusing them with IPS layers, which are referred to by name.

      Some unknown person described how the OSIRM layers correspond to
      the seven deadly sins:

      7. Wrath: Application is always angry with the mess it sees below
         itself. (Hey! Who is it to be pointing fingers?)
      6. Sloth: Presentation is too lazy to do anything productive by
      5. Lust: Session is always craving and demanding what truly
         belongs to Application's functionality.
      4. Avarice: Transport wants all of the end-to-end functionality.
         (Of course, it deserves it, but life isn't fair.)
      3. Gluttony: (Connection-Oriented) Network is overweight and
         overbearing after trying too often to eat Transport's lunch.
      2. Envy: Poor Data Link is always starved for attention. (With
         Asynchronous Transfer Mode, maybe now it is feeling less
      1. Pride: Physical has managed to avoid much of the controversy,
         and nearly all of the embarrassment, suffered by the others.

      John G. Fletcher described how the OSIRM layers correspond to Snow
      White's dwarf friends:

      7. Doc: Application acts as if it is in charge, but sometimes
         muddles its syntax.

Top      Up      ToC       Page 208 
      6. Sleepy: Presentation is indolent, being guilty of the sin of
      5. Dopey: Session is confused because its charter is not very
      4. Grumpy: Transport is irritated because Network has encroached
         on Transport's turf.
      3. Happy: Network smiles for the same reason that Transport is
      2. Sneezy: Data Link makes loud noises in the hope of attracting
      1. Bashful: Physical quietly does its work, unnoticed by the

   $ operational integrity
      (I) Synonym for "system integrity"; this synonym emphasizes the
      actual performance of system functions rather than just the
      ability to perform them.

   $ operational security
      1. (I) System capabilities, or performance of system functions,
      that are needed either (a) to securely manage a system or (b) to
      manage security features of a system. (Compare: operations
      security (OPSEC).)

      Usage: IDOCs that use this term SHOULD state a definition because
      (a) the definition provided here is general and vague and (b) the
      term could easily be confused with "operations security", which is
      a different concept.

      Tutorial: For example, in the context of an Internet service
      provider, the term could refer to capabilities to manage network
      devices in the event of attacks, simplify troubleshooting, keep
      track of events that affect system integrity, help analyze sources
      of attacks, and provide administrators with control over network
      addresses and protocols to help mitigate the most common attacks
      and exploits. [R3871]

      2. (D) Synonym for "administrative security".

      Deprecated Definition: IDOCs SHOULD NOT use this term as a synonym
      for "administrative security". Any type of security may affect
      system operations; therefore, the term may be misleading. Instead,
      use "administrative security", "communication security", "computer
      security", "emanations security", "personnel security", "physical
      security", or whatever specific type is meant. (See: security
      architecture. Compare: operational integrity, OPSEC.)

Top      Up      ToC       Page 209 
   $ operations security (OPSEC)
      (I) A process to identify, control, and protect evidence of the
      planning and execution of sensitive activities and operations, and
      thereby prevent potential adversaries from gaining knowledge of
      capabilities and intentions. (See: communications cover. Compare:
      operational security.)

   $ operator
      (I) A person who has been authorized to direct selected functions
      of a system. (Compare: manager, user.)

      Usage: IDOCs that use this term SHOULD state a definition for it
      because a system operator may or may not be treated as a "user".

   $ OPSEC
      1. (I) Abbreviation for "operations security".

      2. (D) Abbreviation for "operational security".

      Deprecated Usage: IDOCs SHOULD NOT use this abbreviation for
      "operational security" (as defined in this Glossary), because its
      use for "operations security" has been well established for many
      years, particular in the military community.

   $ ORA
      See: organizational registration authority.

   $ Orange Book
      (D) /slang/ Synonym for "Trusted Computer System Evaluation
      Criteria" [CSC1, DoD1].

      Deprecated Usage: IDOCs SHOULD NOT use this term as a synonym for
      "Trusted Computer System Evaluation Criteria" [CSC1, DoD1].
      Instead, use the full, proper name of the document or, in
      subsequent references, the abbreviation "TCSEC". (See: Deprecated
      Usage under "Green Book".)

   $ organizational certificate
      1. (I) An X.509 public-key certificate in which the "subject"
      field contains the name of an institution or set (e.g., a
      business, government, school, labor union, club, ethnic group,
      nationality, system, or group of individuals playing the same
      role), rather than the name of an individual person or device.
      (Compare: persona certificate, role certificate.)

      Tutorial: Such a certificate might be issued for one of the
      following purposes:

Top      Up      ToC       Page 210 
      -  To enable an individual to prove membership in the
      -  To enable an individual to represent the organization, i.e., to
         act in its name and with its powers or permissions.

      2. (O) /MISSI/ A type of MISSI X.509 public-key certificate that
      is issued to support organizational message handling for the U.S.
      DoD's Defense Message System.

   $ organizational registration authority (ORA)
      1. (I) /PKI/ An RA for an organization.

      2. (O) /MISSI/ An end entity that (a) assists a PCA, CA, or SCA to
      register other end entities, by gathering, verifying, and entering
      data and forwarding it to the signing authority and (b) may also
      assist with card management functions. An ORA is a local
      administrative authority, and the term refers both to the role and
      to the person who plays that role. An ORA does not sign
      certificates, CRLs, or CKLs. (See: no-PIN ORA, SSO-PIN ORA, user-
      PIN ORA.)

   $ origin authentication
      (D) Synonym for "data origin authentication". (See:
      authentication, data origin authentication.)

      Deprecated Term: IDOCs SHOULD NOT use this term; it suggests
      careless use of the internationally standardized term "data origin
      authentication" and also could be confused with "peer entity

   $ origin authenticity
      (D) Synonym for "data origin authentication". (See: authenticity,
      data origin authentication.)

      Deprecated Term: IDOCs SHOULD NOT use this term; it suggests
      careless use of the internationally standardized term "data origin
      authentication" and mixes concepts in a potentially misleading

      (N) See: Open Systems Interconnection Reference Model.

   $ OSIRM Security Architecture
      (N) The part of the OSIRM [I7498-2] that specifies the security
      services and security mechanisms that can be applied to protect
      communications between two systems. (See: security architecture.)

Top      Up      ToC       Page 211 
      Tutorial: This part of the OSIRM includes an allocation of
      security services to protocol layers. The following table shows
      which security services (see definitions in this Glossary) are
      permitted by the OSIRM in each of its layers. (Also, an
      application process that operates above the Application Layer may
      itself provide security services.) Similarly, the table suggests
      which services are suitable for each IPS layer. However,
      explaining and justifying these allocations is beyond the scope of
      this Glossary.

      Legend for Table Entries:
         O = Yes, [I7498-2] permits the service in this OSIRM layer.
         I = Yes, the service can be incorporated in this IPS layer.
         * = This layer subsumed by Application Layer in IPS.

      IPS Protocol Layers    +-----------------------------------------+
                             |Network| Net |In-| Trans |  Application  |
                             |  H/W  |Inter|ter| -port |               |
                             |       |-face|net|       |               |
      OSIRM Protocol Layers  +-----------------------------------------+
                             |  1  |  2  |  3  |  4  |  5  |  6  |  7  |
      Confidentiality        +-----------------------------------------+
      -  Datagram            | O I | O I | O I | O I |     | O * | O I |
      -  Selective Field     |     |     |   I |     |     | O * | O I |
      -  Traffic Flow        | O   |     | O   |     |     |     | O   |
         -- Full             |   I |     |     |     |     |     |     |
         -- Partial          |     |   I |   I |     |     |     |   I |
      Integrity              +-----------------------------------------+
      -  Datagram            |   I |   I | O I | O I |     |     | O I |
      -  Selective Field     |     |     |   I |     |     |     | O I |
      -  Stream              |     |     | O I | O I |     |     | O I |
      Authentication         +-----------------------------------------+
      -  Peer Entity         |     |   I | O I | O I |     |     | O I |
      -  Data Origin         |     |   I | O I | O I |     |     | O I |
      Access Control         +-----------------------------------------+
      -  type as appropriate |     |   I | O I | O I |     |     | O I |
      Non-Repudiation        +-----------------------------------------+
      -  of Origin           |     |     |     |     |     |     | O I |
      -  of Receipt          |     |     |     |     |     |     | O I |

   $ OTAR
      (N) See: over-the-air rekeying.

   $ OTP
      (I) See: One-Time Password.

Top      Up      ToC       Page 212 
   $ out-of-band
      (I) /adjective, adverb/ Information transfer using a channel or
      method that is outside (i.e., separate from or different from) the
      main channel or normal method.

      Tutorial: Out-of-band mechanisms are often used to distribute
      shared secrets (e.g., a symmetric key) or other sensitive
      information items (e.g., a root key) that are needed to initialize
      or otherwise enable the operation of cryptography or other
      security mechanisms. Example: Using postal mail to distribute
      printed or magnetic media containing symmetric cryptographic keys
      for use in Internet encryption devices. (See: key distribution.)

   $ output feedback (OFB)
      (N) A block cipher mode that modifies ECB mode to operate on
      plaintext segments of variable length less than or equal to the
      block length. [FP081] (See: block cipher, [SP38A].)

      Tutorial: This mode operates by directly using the algorithm's
      previously generated output block as the algorithm's next input
      block (i.e., by "feeding back" the output block) and combining
      (exclusive OR-ing) the output block with the next plaintext
      segment (of block length or less) to form the next ciphertext

   $ outside attack
      (I) See: secondary definition under "attack". Compare: outsider.)

   $ outsider
      (I) A user (usually a person) that accesses a system from a
      position that is outside the system's security perimeter.
      (Compare: authorized user, insider, unauthorized user.)

      Tutorial: The actions performed by an outsider in accessing the
      system may be either authorized or unauthorized; i.e., an outsider
      may act either as an authorized user or as an unauthorized user.

   $ over-the-air rekeying (OTAR)
      (N) Changing a key in a remote cryptographic device by sending a
      new key directly to the device via a channel that the device is
      protecting. [C4009]

   $ overload
      (I) /threat action/ See: secondary definition under "obstruction".

   $ P1363
      (N) See: IEEE P1363.

Top      Up      ToC       Page 213 
   $ PAA
      (O) See: policy approving authority.

   $ package
      (N) /Common Criteria/ A reusable set of either functional or
      assurance components, combined in a single unit to satisfy a set
      of identified security objectives. (Compare: protection profile.)

      Example: The seven EALs defined in Part 3 of the Common Criteria
      are predefined assurance packages.

      Tutorial: A package is a combination of security requirement
      components and is intended to be reusable in the construction of
      either more complex packages or protection profiles and security
      targets. A package expresses a set of either functional or
      assurance requirements that meet some particular need, expressed
      as a set of security objectives.

   $ packet
      (I) A block of data that is carried from a source to a destination
      through a communication channel or, more generally, across a
      network. (Compare: datagram, PDU.)

   $ packet filter
      (I) See: secondary definition under "filtering router".

   $ packet monkey
      (D) /slang/ Someone who floods a system with packets, creating a
      denial-of-service condition for the system's users. (See:

      Deprecated Term: It is likely that other cultures use different
      metaphors for this concept. Therefore, to avoid international
      misunderstanding, IDOCs SHOULD NOT use this term. (See: Deprecated
      Usage under "Green Book".)

   $ pagejacking
      (D) /slang/ A contraction of "Web page hijacking". A masquerade
      attack in which the attacker copies (steals) a home page or other
      material from the target server, rehosts the page on a server the
      attacker controls, and causes the rehosted page to be indexed by
      the major Web search services, thereby diverting browsers from the
      target server to the attacker's server.

      Deprecated Term: IDOCs SHOULD NOT use this contraction. The term
      is not listed in most dictionaries and could confuse international
      readers. (See: Deprecated Usage under "Green Book".)

Top      Up      ToC       Page 214 
   $ PAN
      (O) See: primary account number.

   $ PAP
      (I) See: Password Authentication Protocol.

   $ parity bit
      (I) A checksum that is computed on a block of bits by computing
      the binary sum of the individual bits in the block and then
      discarding all but the low-order bit of the sum. (See: checksum.)

   $ partitioned security mode
      (N) A mode of system operation wherein all users having access to
      the system have the necessary security clearances for all data
      handled by the system, but some users might not have either formal
      access approval or need-to-know for all the data. (See: /system
      operation/ under "mode", formal access approval, need to know,
      protection level, security clearance.)

      Usage: Usually abbreviated as "partitioned mode". This term was
      defined in U.S. Government policy on system accreditation.

   $ PASS
      (N) See: personnel authentication system string.

   $ passive attack
      (I) See: secondary definition under "attack".

   $ passive user
      (I) See: secondary definition under "system user".

   $ passive wiretapping
      (I) A wiretapping attack that attempts only to observe a
      communication flow and gain knowledge of the data it contains, but
      does not alter or otherwise affect that flow. (See: wiretapping.
      Compare: passive attack, active wiretapping.)

   $ password
      1a. (I) A secret data value, usually a character string, that is
      presented to a system by a user to authenticate the user's
      identity. (See: authentication information, challenge-response,
      PIN, simple authentication.)

      1b. (O) "A character string used to authenticate an identity."

Top      Up      ToC       Page 215 
      1c. (O) "A string of characters (letters, numbers, and other
      symbols) used to authenticate an identity or to verify access
      authorization." [FP140]

      1d. (O) "A secret that a claimant memorizes and uses to
      authenticate his or her identity. Passwords are typically
      character strings." [SP63]

      Tutorial: A password is usually paired with a user identifier that
      is explicit in the authentication process, although in some cases
      the identifier may be implicit. A password is usually verified by
      matching it to a stored value held by the access control system
      for that identifier.

      Using a password as authentication information is based on
      assuming that the password is known only by the system entity for
      which the identity is being authenticated. Therefore, in a network
      environment where wiretapping is possible, simple authentication
      that relies on transmission of static (i.e., repetitively used)
      passwords in cleartext form is inadequate. (See: one-time
      password, strong authentication.)

   $ Password Authentication Protocol (PAP)
      (I) A simple authentication mechanism in PPP. In PAP, a user
      identifier and password are transmitted in cleartext form. [R1334]
      (See: CHAP.)

   $ password sniffing
      (D) /slang/ Passive wiretapping to gain knowledge of passwords.
      (See: Deprecated Usage under "sniffing".)

   $ path discovery
      (I) For a digital certificate, the process of finding a set of
      public-key certificates that comprise a certification path from a
      trusted key to that specific certificate.

   $ path validation
      (I) The process of validating (a) all of the digital certificates
      in a certification path and (b) the required relationships between
      those certificates, thus validating the contents of the last
      certificate on the path. (See: certificate validation.)

      Tutorial: To promote interoperable PKI applications in the
      Internet, RFC 3280 specifies a detailed algorithm for validation
      of a certification path.

Top      Up      ToC       Page 216 
   $ payment card
      (N) /SET/ Collectively refers "to credit cards, debit cards,
      charge cards, and bank cards issued by a financial institution and
      which reflects a relationship between the cardholder and the
      financial institution." [SET2]

   $ payment gateway
      (O) /SET/ A system operated by an acquirer, or a third party
      designated by an acquirer, to provide electronic commerce services
      to the merchants in support of the acquirer, and which interfaces
      to the acquirer to support the authorization, capture, and
      processing of merchant payment messages, including payment
      instructions from cardholders. [SET1, SET2]

   $ payment gateway certification authority (SET PCA)
      (O) /SET/ A CA that issues digital certificates to payment
      gateways and is operated on behalf of a payment card brand, an
      acquirer, or another party according to brand rules. A SET PCA
      issues a CRL for compromised payment gateway certificates. [SET2]
      (See: PCA.)

   $ PC card
      (N) A type of credit card-sized, plug-in peripheral device that
      was originally developed to provide memory expansion for portable
      computers, but is also used for other kinds of functional
      expansion. (See: FORTEZZA, PCMCIA.)

      Tutorial: The international PC Card Standard defines a non-
      proprietary form factor in three sizes -- Types I, II, and III --
      each of which have a 68-pin interface between the card and the
      socket into which it plugs. All three types have the same length
      and width, roughly the size of a credit card, but differ in their
      thickness from 3.3 to 10.5 mm. Examples include storage modules,
      modems, device interface adapters, and cryptographic modules.

   $ PCA
      (D) Abbreviation of various kinds of "certification authority".
      (See: Internet policy certification authority, (MISSI) policy
      creation authority, (SET) payment gateway certification

      Deprecated Usage: An IDOC that uses this abbreviation SHOULD
      define it at the point of first use.

   $ PCI
      (N) See: "protocol control information" under "protocol data

Top      Up      ToC       Page 217 
      (N) Personal Computer Memory Card International Association, a
      group of manufacturers, developers, and vendors, founded in 1989
      to standardize plug-in peripheral memory cards for personal
      computers and now extended to deal with any technology that works
      in the PC Card form factor. (See: PC card.)

   $ PDS
      (N) See: protective distribution system.

   $ PDU
      (N) See: protocol data unit.

   $ peer entity authentication
      (I) "The corroboration that a peer entity in an association is the
      one claimed." [I7498-2] (See: authentication.)

   $ peer entity authentication service
      (I) A security service that verifies an identity claimed by or for
      a system entity in an association. (See: authentication,
      authentication service.)

      Tutorial: This service is used at the establishment of, or at
      times during, an association to confirm the identity of one entity
      to another, thus protecting against a masquerade by the first
      entity. However, unlike data origin authentication service, this
      service requires an association to exist between the two entities,
      and the corroboration provided by the service is valid only at the
      current time that the service is provided. (See: "relationship
      between data integrity service and authentication services" under
      "data integrity service").

   $ PEM
      (I) See: Privacy Enhanced Mail.

   $ penetrate
      1a. (I) Circumvent a system's security protections. (See: attack,
      break, violation.)

      1b. (I) Successfully and repeatedly gain unauthorized access to a
      protected system resource. [Huff]

   $ penetration
      (I) /threat action/ See: secondary definition under "intrusion".

Top      Up      ToC       Page 218 
   $ penetration test
      (I) A system test, often part of system certification, in which
      evaluators attempt to circumvent the security features of a
      system. [NCS04, SP42] (See: tiger team.)

      Tutorial: Penetration testing evaluates the relative vulnerability
      of a system to attacks and identifies methods of gaining access to
      a system by using tools and techniques that are available to
      adversaries. Testing may be performed under various constraints
      and conditions, including a specified level of knowledge of the
      system design and implementation. For a TCSEC evaluation, testers
      are assumed to have all system design and implementation
      documentation, including source code, manuals, and circuit
      diagrams, and to work under no greater constraints than those
      applied to ordinary users.

   $ perfect forward secrecy
      (I) For a key agreement protocol, the property that compromises
      long-term keying material does not compromise session keys that
      were previously derived from the long-term material. (Compare:
      public-key forward secrecy.)

      Usage: Some existing RFCs use this term but either do not define
      it or do not define it precisely. While preparing this Glossary,
      we found this to be a muddled area. Experts did not agree. For all
      practical purposes, the literature defines "perfect forward
      secrecy" by stating the Diffie-Hellman-Merkle algorithm. The term
      "public-key forward secrecy" (suggested by Hilarie Orman) and the
      definition stated for it in this Glossary were crafted to be
      compatible with current Internet documents, yet be narrow and
      leave room for improved terminology.

      Challenge to the Internet security community: We need a taxonomy
      of terms and definitions to cover the basic properties discussed
      here for the full range of cryptographic algorithms and protocols
      used in Internet Standards:

      Involvement of session keys vs. long-term keys: Experts disagree
      about the basic ideas involved:
      -  One concept of "forward secrecy" is that, given observations of
         the operation of a key establishment protocol up to time t, and
         given some of the session keys derived from those protocol
         runs, you cannot derive unknown past session keys or future
         session keys.
      -  A related property is that, given observations of the protocol
         and knowledge of the derived session keys, you cannot derive
         one or more of the long-term private keys.

Top      Up      ToC       Page 219 
      -  The "I" definition presented above involves a third concept of
         "forward secrecy" that refers to the effect of the compromise
         of long-term keys.
      -  All three concepts involve the idea that a compromise of "this"
         encryption key is not supposed to compromise the "next" one.
         There also is the idea that compromise of a single key will
         compromise only the data protected by the single key. In
         Internet literature, the focus has been on protection against
         decryption of back traffic in the event of a compromise of
         secret key material held by one or both parties to a

      Forward vs. backward: Experts are unhappy with the word "forward",
      because compromise of "this" encryption key also is not supposed
      to compromise the "previous" one, which is "backward" rather than
      forward. In S/KEY, if the key used at time t is compromised, then
      all keys used prior to that are compromised. If the "long-term"
      key (i.e., the base of the hashing scheme) is compromised, then
      all keys past and future are compromised; thus, you could say that
      S/KEY has neither forward nor backward secrecy.

      Asymmetric cryptography vs. symmetric: Experts disagree about
      forward secrecy in the context of symmetric cryptographic systems.
      In the absence of asymmetric cryptography, compromise of any long-
      term key seems to compromise any session key derived from the
      long-term key. For example, Kerberos isn't forward secret, because
      compromising a client's password (thus compromising the key shared
      by the client and the authentication server) compromises future
      session keys shared by the client and the ticket-granting server.

      Ordinary forward secrecy vs. "perfect" forward secret: Experts
      disagree about the difference between these two. Some say there is
      no difference, and some say that the initial naming was
      unfortunate and suggest dropping the word "perfect". Some suggest
      using "forward secrecy" for the case where one long-term private
      key is compromised, and adding "perfect" for when both private
      keys (or, when the protocol is multi-party, all private keys) are

      Acknowledgements: Bill Burr, Burt Kaliski, Steve Kent, Paul Van
      Oorschot, Jonathan Trostle, Michael Wiener, and, especially,
      Hilarie Orman contributed ideas to this discussion.

   $ perimeter
      See: security perimeter.

Top      Up      ToC       Page 220 
   $ periods processing
      (I) A mode of system operation in which information of different
      sensitivities is processed at distinctly different times by the
      same system, with the system being properly purged or sanitized
      between periods. (See: color change.)

      Tutorial: The security mode of operation and maximum
      classification of data handled by the system is established for an
      interval of time and then is changed for the following interval of
      time. A period extends from the secure initialization of the
      system to the completion of any purging of sensitive data handled
      by the system during the period.

   $ permanent storage
      (I) Non-volatile media that, once written into, can never be
      completely erased.

   $ permission
      1a. (I) Synonym for "authorization". (Compare: privilege.)

      1b. (N) An authorization or set of authorizations to perform
      security-relevant functions in the context of role-based access
      control. [ANSI]

      Tutorial: A permission is a positively stated authorization for
      access that (a) can be associated with one or more roles and (b)
      enables a user in a role to access a specified set of system
      resources by causing a specific set of system actions to be
      performed on the resources.

   $ persona certificate
      (I) An X.509 certificate issued to a system entity that wishes to
      use a persona to conceal its true identity when using PEM or other
      Internet services that depend on PKI support. (See: anonymity.)

      Tutorial: PEM designers intended that (a) a CA issuing persona
      certificates would explicitly not be vouching for the identity of
      the system entity to whom the certificate is issued, (b) such
      certificates would be issued only by CAs subordinate to a policy
      CA having a policy stating that purpose (i.e., that would warn
      relying parties that the "subject" field DN represented only a
      persona and not a true, vetted user identity), and (c) the CA
      would not need to maintain records binding the true identity of
      the subject to the certificate.

Top      Up      ToC       Page 221 
      However, the PEM designers also intended that a CA issuing persona
      certificates would establish procedures (d) to enable "the holder
      of a PERSONA certificate to request that his certificate be
      revoked" and (e) to ensure that it did not issue the same subject
      DN to multiple users. The latter condition implies that a persona
      certificate is not an organizational certificate unless the
      organization has just one member or representative.

   $ personal identification number (PIN)
      1a. (I) A character string used as a password to gain access to a
      system resource. (See: authentication information.)

      Example: A cryptographic token typically requires its user to
      enter a PIN in order to access information stored in the token and
      invoke the token's cryptographic functions.

      1b. (O) An alphanumeric code or password used to authenticate an

      Tutorial: Despite the words "identification" and "number", a PIN
      seldom serves as a user identifier, and a PIN's characters are not
      necessarily all numeric. Retail banking applications use 4-digit
      numeric user PINs, but the FORTEZZA PC card uses 12-character
      alphanumeric SSO PINs. (See: SSO PIN, user PIN.)

      A better name for this concept would have been "personnel
      authentication system string" (PASS), in which case, an
      alphanumeric character string for this purpose would have been
      called, obviously, a "PASSword".

   $ personal information
      (I) Information about a particular person, especially information
      of an intimate or critical nature, that could cause harm or pain
      to that person if disclosed to unauthorized parties. Examples:
      medical record, arrest record, credit report, academic transcript,
      training report, job application, credit card number, Social
      Security number. (See: privacy.)

   $ personality
      1. (I) Synonym for "principal".

      2. (O) /MISSI/ A set of MISSI X.509 public-key certificates that
      have the same subject DN, together with their associated private
      keys and usage specifications, that is stored on a FORTEZZA PC
      card to support a role played by the card's user.

      Tutorial: When a card's user selects a personality to use in a
      FORTEZZA-aware application, the data determines behavior traits

Top      Up      ToC       Page 222 
      (the personality) of the application. A card's user may have
      multiple personalities on the card. Each has a "personality
      label", a user-friendly character string that applications can
      display to the user for selecting or changing the personality to
      be used. For example, a military user's card might contain three
      YEAR'S EVE PARTY CHAIRMAN. Each personality includes one or more
      certificates of different types (such as DSA versus RSA), for
      different purposes (such as digital signature versus encryption),
      or with different authorizations.

   $ personnel authentication system string (PASS)
      (N) See: Tutorial under "personal identification number".

   $ personnel security
      (I) Procedures to ensure that persons who access a system have
      proper clearance, authorization, and need-to-know as required by
      the system's security policy. (See: security architecture.)

   $ PGP(trademark)
      (O) See: Pretty Good Privacy(trademark).

   $ phase 1 negotiation
   $ phase 2 negotiation
      (I) /ISAKMP/ See: secondary definition under "Internet Security
      Association and Key Management Protocol".

   $ phishing
      (D) /slang/ A technique for attempting to acquire sensitive data,
      such as bank account numbers, through a fraudulent solicitation in
      email or on a Web site, in which the perpetrator masquerades as a
      legitimate business or reputable person. (See: social

      Derivation: Possibly from "phony fishing"; the solicitation
      usually involves some kind of lure or bait to hook unwary
      recipients. (Compare: phreaking.)

      Deprecated Term: IDOCs SHOULD NOT use this term; it is not listed
      in most dictionaries and could confuse international readers.
      (See: Deprecated Usage under "Green Book".)

   $ Photuris
      (I) A UDP-based, key establishment protocol for session keys,
      designed for use with the IPsec protocols AH and ESP. Superseded
      by IKE.

Next RFC Part