Abuse of Privilege: When a user performs an action that they should not have, according to organizational policy or law.

Access: The ability to enter a secured area. The process of interacting with a system. Used as either a verb or a noun.

Access Authorization: Permission granted to users, programs or workstations.

Access Control: A set of procedures performed by hardware, software and administrators to monitor access, identify users requesting access, record access attempts, and grant or deny access.

Access Mediation: Process of monitoring and controlling access to the resources of an IT product, including but not limited to the monitoring and updating of policy attributes during accesses as well as the protection of unauthorized or inappropriate accesses.

Access port: A logical or physical identifier that a computer uses to distinguish different terminal input/output data streams.

Access Sharing: Permitting two or more users simultaneous access to file servers or devices.

Active Attack: An attack which results in an unauthorized state change, such as the manipulation of files, or the adding of unauthorized files.

Administrative Security: The management constraints and supplemental controls established to provide an acceptable level of protection for data.

AIS: Automated Information System - any equipment of an interconnected system or subsystems of equipment that is used in the automatic acquisition, storage, manipulation, control, display, transmission, or reception of data and includes software, firmware, and hardware.

Alert: A formatted message describing a circumstance relevant to network security. Alerts are often derived from critical audit events.

Ankle-Biter: A person who aspires to be a hacker/cracker but has very limited knowledge or skills related to AISs. Usually associated with young teens who collect and use simple malicious programs obtained from the Internet.

Anomaly Detection Model: A model where intrusions are detected by looking for activity that is different from the user's or system's normal behavior.

Anonymous FTP: A guest account which allows anyone to login to the FTP Server. It can be a point to begin access on the host server.

ANSI: The American National Standards Institute. Develops standards for transmission storage, languages and protocols. Represents the United States in the ISO (International Standards Organization).

Application Level Gateway [Firewall]: A firewall system in which service is provided by processes that maintain complete TCP connection state and sequencing. Application level firewalls often re-address traffic so that outgoing traffic appears to have originated from the firewall, rather than the internal host.

Application Logic: The computational aspects of an application, including a list of instructions that tells a software application how to operate.

ASIM: Automated Security Incident Measurement -- Monitors network traffic and collects information on targeted unit networks by detecting unauthorized network activity.

Asymmetric Cryptography: In order to use asymmetric cryptography, each person receives a key pair; one public key and one private key. Each person's public key is published, while the private key is kept secret. The need for sender and receiver sharing information about the secret is eliminated. The only requirement is that public keys are associated with their users in a trusted (authenticated) manner.

Audit: The independent collection of records to access their veracity and completeness.

Audit Trail: An audit trail may be on paper or on disk. In computer security systems, a chronological record of when users log in, how long they arc engaged in various activities, what they were doing, whether any actual or attempted security violations occurred.

Authenticate: In networking, to establish the validity of a user or an object (i.e. communications server).

Authentication: The process of establishing the legitimacy of a node or user before allowing access to requested information. During the process, the user enters a name or account number (identification) and password (authentication).

Authentication Tool: A software or hand-held hardware "key" or "token" utilized during the user authentication process. See 'Key' and 'Token'.

Authentication Token: A portable device used for authenticating a user. Authentication tokens operate by challenge/response, time-based code sequences, or other techniques. This may include paper-based lists of one-time passwords.

Authorization: The process of determining what type of activities are permitted. Usually, authorization is in the context of authentication. Once you have authenticated a user, the user may be authorized different types of access or activity.

Automatic Data Processing (ADP) System: An assembly of computer hardware, firmware, and software configured for the purpose of classifying, sorting, calculating, computing, summarizing, transmitting and receiving, storing, and retrieving data with a minimum of human intervention.

Automated Security Monitoring: All security features needed to provide an acceptable level of protection for hardware, software, and classified, sensitive, unclassified or critical data, material, or processes in the system.

Availability: The portion of time that a system can be used for productive work, expressed as a percentage.