Glossary-Luka (1027769), страница 27
Текст из файла (страница 27)
Вопросызащиты информации, №3,4, 1996, №3-4, 1997.21. "Безопасность информации-97". Материалы конференции.22. Б. Киви. Еще один шаг к новому криптостандарту AES. ComputerWeekly, №40,1998.© Copyright, 1998-2000, А.В. Лукацкий169Краткий толковый словарь по информационной безопасностиУказатель55200.28-STD, 168AA Guide to Procurement of Trusted SystemsAn Introduction to Procurement Initiators on ComputerSecurity Requirements, 90Computer Security Contract Data Requirements List andData Item Description Tutorial, 90How to Evaluate a Bidder’s Proposal Document – AnAid to Procurement Initiators and Contractors, 90Language for RFP Specifications and Statements of Work– An Aid to Procurement Initiators, 90A Guide to Understanding Audit in Trusted Systems, 87A Guide to Understanding Configuration Management inTrusted Systems, 88A Guide to Understanding Covert Channel Analysis ofTrusted Systems, 92A Guide to Understanding Data Remanence in AutomatedInformation Systems, 91A Guide to Understanding Design Documentation in TrustedSystems, 88A Guide to Understanding Discretionary Access Control inTrusted Systems, 88A Guide to Understanding Identification and Authenticationin Trusted Systems, 89A Guide to Understanding Information System SecurityOfficer Responsibilities for Automated InformationSystems, 91A Guide to Understanding Object Reuse in Trusted Systems,89A Guide to Understanding Security Modeling in TrustedSystems, 89A Guide to Understanding Security testing and TestDocumentation in Trusted Systems, 90A Guide to Understanding Trusted Distribution in TrustedSystems, 88A Guide to Understanding Trusted Facility Manuals, 89A Guide to Understanding Trusted Recovery in TrustedSystems, 89A Guide to Writing the Security Features User’s Guide forTrusted Systems, 91Access control, 86Access control list, 86Access period, 86Accessing Controlled Access Protection, 91Accountability, 86Adaptive chosen ciphertext attack, 87Adjudicated protocol, 87Advanced Encryption Standard, 92AES, 92Amber Book, 92American National Standards Institute, 84ANSI, 84ANSI X12.58, 85ANSI X9.17, 84ANSI X9.23, 84© Copyright, 1998-2000, А.В.
ЛукацкийANSI X9.30, 84ANSI X9.31, 84ANSI X9.41, 85ANSI X9.42, 85ANSI X9.44, 85ANSI X9.45, 85ANSI X9.9, 84Application-level Gateway, 87Aqua Book, 92Arbitrated protocol, 87AS2805.6.5.3, 87ASSIST, 85Assurance, 87Asymmetric cryptography, 87Audit, 86Audit trail, 86Authentication, 86Authentication Header, 119Authenticode, 85Authorization, 87Automated Systems Security Incident Support Team, 86BBackup plan, 93Banking Circular 226, 93Banking Circular 229, 93Bastion Host, 95BC-226, 93BC-229, 93Bell-LaPadulla model, 93Birthday attack, 94Blind signature scheme, 94Block Cipher, 93Blowfish, 93Blue Book, 95Bright Blue Book, 95Bright Orange Book, 95Brown Book, 95Brute-force attack, 94Brute-force search, 94Burgundy Book, 95CC-36, 101Capability, 99CAPI, 101Capstone, 97CBC, 96CERT, 97Certificate, 101Certificate Revocation List, 101CFB, 96Challenge-Handshake Authentication Protocol, 102CHAP, 102Chosen ciphertext attack, 100Chosen key attack, 101Chosen message attack, 100Chosen plaintext attack, 100170Краткий толковый словарь по информационной безопасностиCIAC, 98Cipher, 96Cipher Block Chaining, 96Cipher Feedback, 96Ciphertext, 96Ciphertext auto key, 101Ciphertext only attack, 101Circuit-level Gateway, 102Clipper, 97COAST, 103Code signing, 97Commercial Computer Security Centre, 99Commercial Product Evaluation, 99Compromise, 99Computer Emergency Response Team, 97Computer Fraud and Abuse Act of 1986, 100Computer Incident Advisory Capability, 98Computer Misuse Act of 1990, 100Computer Operations Audit and Security Technology, 102Computer Security Act of 1987, PL 100-235, 100Computer Security Agency, 99Computer Security Requirements – Guidance for Applyingthe DoD TCSEC in Specific Environments, 103Computer Security Subsystem Interpretation of the TCSEC,103Confidentiality, 99Contingency plan, 99Counter method, 101Counterfeit Access Device and Computer Fraud and AbuseAct of 1984, 100Covert channels, 98Covert storage channel, 98Covert timing channel, 99Cryptographic application programming interface, 102Cryptography, 98Cryptoki, 102CSC-STD-001-83, 103CSC-STD-002-85, 103CSC-STD-003-85, 103CSC-STD-004-85, 103CTAK, 101DDAC, 106Dark Lavender Book, 108Data Computer Act of 1984, 106Data Encryption Standard, 104, 105Data security officer, 106Davies-Meyer hash function, 107Demilitarized zone, 107Denial of service, 105Department of Defense, 105DES, 104DES-EDE2, 107DES-EDE3, 107DES-EEE2, 107DES-EEE3, 106Designated Confirmer Signature, 106DESX, 105Differential cryptanalysis, 106Diffie-Hellman, 104Digital envelop, 108Digital fingerprint, 107Digital Signature Algorithm, 104Digital Signature Standard, 104Discretionary access control, 105© Copyright, 1998-2000, А.В.
ЛукацкийDisk scavenging, 105DMZ, 108DoD, 105DoD Guidelines for Computer Security, 105Domain, 106DSA, 104DSO, 106DSS, 104Dual-homed Gateway, 107EE31.20, 110ECB, 109EES, 110Electronic codebook, 109Electronic Communications Privacy Act of 1986, 110ElGamal, 109Elliptic Curves, 109Enigma, 110EPL, 109Escrowed Encryption Standard, 110ETEBAC 5, 110Evaluated Products List, 109Exhaustive key search, 110Exponential key agreement, 110Extended Terminal Access Control Access System, 165FFail-stop signature scheme, 112FAPKC, 111Fast Data Encipherment Algorithm, 111Fault, 111FEAL, 111FedCIRC, 113Federal Computer Incident Response Capability, 112Firewall, 112FIRST, 112Flaw, 111Foreign Corrupt Practices Act of 1977, 111Forest Green Book, 113Fortezza, 111Forum of Incident Response and Security Teams, 112GGarbage collecting, 114G-DES, 114Glossary of Computer Security Terms, 115Greedy program, 114Green Book, 114Group signature, 114Guessed plaintext attack, 114Guidelines for Formal Verification Systems, 115Guidelines for Writing Trusted Facility Manuals, 115HHash, 116Hole, 116Hot Peach Book, 116171Краткий толковый словарь по информационной безопасностиIIDEA, 117Identification, 118IEEE 802.10c, 117IEEE P1363, 117IKE, 120iKP, 117Information Technology Security Evaluation Criteria, 118Integrity, 120Internal feedback, 118International Data Encryption Algorithm, 117International Organization for Standardization, 117Internet Key Exchange, 120Internet Keyed Payments Protocol, 117Internet Security Association & Key Management Protocol,119, 120Introduction to Certification and Accreditation Concepts, 120Intrusion, 119Intrusion Detection, 119Intrusion Detection System, 119IP Security Protocol, 119IPSEC, 119IP-spoofing, 118ISAKMP, 120ISO, 117Iterated Block Cipher, 118ITSEC, 118KKAK, 121Kerberos, 121Key, 121Key auto key, 121Key crunching, 122Key deletion, 122Key distribution, 122Key escrow, 122Key generation, 122Key management, 122Key recovery, 122Key schedule, 121Key storage, 122Key stream generator, 121Knapsack, 121Known plaintext attack, 121LL2F, 125L2TP, 125Label, 124Layer 2 Forwarding, 124Layer 2 Tunneling Protocol, 125Least privilege, 124LFSR, 124Light Blue Book, 125Light Pink Book, 125Light Yellow Book, 125Linear Feedback Shift Register, 124Link encryption, 124Loophole, 124LUC, 124© Copyright, 1998-2000, А.В.
ЛукацкийMM-209 Converter, 127MAC, 126Mandatory access control, 127Man-in-the-middle, 128Masquerade, 127McEliece cryptosystem, 126MD2, 126MD4, 127MD5, 127Merkle Tree, 126Message Authentication Code, 127Message Digest, 128Message integrity check, 128Message Security Protocol, 128Middleperson attack, 128MIME Object Security Service, 126MOSS, 126MSP, 128Multilevel security, 127NNASA Automated Systems Incident Response Capability,129NASIRC, 129National Computer Security Center, 130National Institute of Standards and Technology, 129National Security Agency, 129NBS, 129NCSC, 130NCSC-TG-001, 130NCSC-TG-002, 130NCSC-TG-003, 130NCSC-TG-004, 131NCSC-TG-005, 131NCSC-TG-006, 131NCSC-TG-007, 131NCSC-TG-008, 131NCSC-TG-009, 131NCSC-TG-010, 131NCSC-TG-011, 131NCSC-TG-013, 131NCSC-TG-014, 131NCSC-TG-015, 131NCSC-TG-016, 131NCSC-TG-017, 132NCSC-TG-018, 132NCSC-TG-019, 132NCSC-TG-020, 132NCSC-TG-021, 132NCSC-TG-022, 132NCSC-TG-023, 132NCSC-TG-024, 132NCSC-TG-025, 132NCSC-TG-026, 132NCSC-TG-027, 133NCSC-TG-028, 133NCSC-TG-029, 133NCSC-TG-030, 133Neon Orange Book, 133network address translation, 141New Directions in Cryptography, 130Niederreiter cryptosystem, 130NIST, 129172Краткий толковый словарь по информационной безопасностиNonrepudiation, 130NSA, 129QOQuantum cryptography, 143ROakley, 135Object, 134Object reuse, 134Object Signing, 134OFB, 134OMBA-123, 135One-time pad, 134One-time signature, 135One-way function, 135Opus novum, 135Orange book, 134Output Feedback, 134PPacket-filtering firewall, 140PAP, 141Partial Key Escrow, 141Password Authentication Protocol, 141Password Management Guideline, 141PBC, 140PCBC, 140PCT, 138PEM, 138PEM-MIME, 138Personal Information Exchange, 141PFX, 141Pink Book, 141PKCS, 136PKCS #1, 136PKCS #10, 137PKCS #11, 137PKCS #3, 136PKCS #5, 136PKCS #6, 136PKCS #7, 136PKCS #8, 136PKCS #9, 136Plaintext, 139Plaintext Block Chaining, 140Point-to-Point Tunneling Protocol, 138Polygraphia, 139PPL, 139PPTP, 138Preferred Products List, 138Principal, 138Privacy Act of 1974, 139Privacy Enhanced Mail, 137Private Communication Technology, 138Private key, 137Process, 139Propagating Cipher Block Chaining, 140Protocol, 139Proxy, 140Proxy Server, 141Public key, 137Public-key cryptography, 139Public-Key Cryptography Standards, 137Purchase key attack, 139Purple, 139Purple Book, 142© Copyright, 1998-2000, А.В.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
