Cybersecurity Glossary

A segment is another name for TCP packets. Dividing an ethernet into multiple segments is one of the most common ways of increasing available bandwidth on the LAN.

Security control enhancements are statements of security capability to 1) build in additional, but related, functionality to a basic control; and/or 2) increase the strength of a basic control. Statements of security capability to: (i) build in additional, but related, functionality to a security control; and/or (ii) increase the strength of the control.

Security is a condition that results from the establishment and maintenance of protective measures that enable an enterprise to perform its mission or critical functions despite risks posed by threats to its use of information systems. Protective measures may involve a combination of deterrence, avoidance, prevention, detection, recovery, and correction that should form part of the enterprise’s risk management approach.

In simple integrity property, a user cannot write data to a higher integrity level than their own.

A secret key is a cryptographic key that is used with a secret-key (symmetric) cryptographic algorithm that is uniquely associated with one or more entities and is not made public. The use of the term “secret” in this context does not imply a classification level, but rather implies the need to protect the key from disclosure. A secret key is also a cryptographic key that is used with a symmetric cryptographic algorithm that is uniquely associated with one or more entities and is not made public. The use of the term “secret” in this context does not imply a classification level, but rather implies the need to protect the key from disclosure. A secret key is also a cryptographic key that must be protected from unauthorized disclosure to protect data encrypted with the key. The use of the term “secret” in this context does not imply a classification level; rather, the term implies the need to protect the key from disclosure or substitution. A secret key is also a cryptographic key that is uniquely associated with one or more entities. The use of the term “secret” in this context does not imply a classification level, but rather implies the need to protect the key from disclosure or substitution. Secret key – a cryptographic key, used with a secret key cryptographic algorithm, that is uniquely associated with one or more entities and should not be made public.

A security association is a relationship established between two or more entities to enable them to protect data they exchange.

Security concept of operations is a security-focused description of an information system, its operational policies, classes of users, interactions between the system and its users, and the system’s contribution to the operational mission.

A security kernel is the hardware, firmware, and software elements of a trusted computing base implementing the reference monitor concept. A security kernel must mediate all accesses, be protected from modification, and be verifiable as correct.

A security label is a marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource. Information that represents or designates the value of one or more security relevant-attributes (e.g., classification) of a system resource.

Signals analysis is a process of gaining indirect knowledge of communicated data by monitoring and analyzing a signal that is emitted by a system and that contains the data, but is not intended to communicate the data.