Glossary - Security & Privacy
My long term objective for this page is to create a glossary of security and privacy terms. At the moment, the terms are added randomly (excuse me for that). I will be putting more efforts as time permits.
Externality - a situation where a party could efficiently prevent harm to others
DoS - Denial of Service
DDoS - Distributed Denial of Service
Availability -
IPS - Inptrusion Prevention System
DPI - Deep Packet Inspection
VPN - Virtual Private Network
Cipher -
Cipher-text -
Cryptography -
RSA - an asymmetric cryptographic algorithm named after its inventors
Cryptanalysis -
Encryption -
Decryption -
Anonymity -
Unlinkability -
P2P - Peer-to-Peer
PGP - Pretty Good Privacy
DSA - Digital Signature Algorithm - a symmetric cryptographic algorithm used for encryption and decryption
DES - Data Encryption Standard
AES - Advanced Encryption Standard
DSS - Digital Signature Standard
DH - Diffie-Hellman
ECDH - Elliptic curve Diffie-Hellman
ECDSA - Elliptic curve Digital Signature Algorithm
GCM - Galois/Counter Mode
EKE - Encrypted Key Exchange
EAP - Extensible Authentication Protocol
TLS - Transport Layer Security
DTLS - Datagram Transport Layer Security
HMAC - Hash-based Message Authentication Code
MD5 - Message Digest algorithm
SHA-1, SHA-2 - Secure Hash Algorithm
digest -
hash -
integrity -
confidentiality -
non-repudiation -
signature -
identity -
authentication -
authorization -
PIN -
password -
name-space -
DNSSEC -
IPSec -
802.1x - port based network access control
phishing -
APT -
scalability -
TTP - Trusted Third-Party
RBAC - Role Based Access Control
NIST -
FIPS -
PDX - Privacy Data Exchange
brute-force -
SSL -
SSH -
tunnel -
oblivious transfer -
PKI - Public-Key Infrastructure
X.509 -
SPKI - Simple PKI
SDSI - Simple Distributed Security Infrastructure
exploit -
vulnerability -
bug -
entropy -
ACL - Access Control List
firewall -
ingress -
egress -
covert -
side-channel -
OWASP -
botnet -
malware -
spyware -
adware -
virus -
worm -
privilege -
TOR - The Onion Router
encapsulation -
encoding -
error -
0-day -
intrusion -
intruder -
mitigation -
surveillance -
obfuscation -
PRNG - Pseudo Random Number Generator
salt -
nonce -
seed -
rainbow table -
observer -
attacker -
victim -
layman -
token -
OTP - One Time Password
access-control -
one-way function -
trust -
undeniability -
revoke -
OCSP - Online Certificate Status Protocol
oracle -
MiM - Man in Middle
sink hole -
biometric -
0-knowledge -
Chinese-wall -
DRM - Digital Rights Management
PCC - Proof Carrying Code
payload -
HTTPS - Secure HTTP
HSTS - HTTP Strict Transport Security
CA - Certificate Authority
RA - Registration Authority
XSS - Cross-Site Scripting
sandbox -
quarantine -
mitigate -
MAC - Mandatory Access Control
DAC - Discretionary Access Control
RBAC - Role-Based Access Control
SASL - Simple Authentication and Security Layer
GSSAPI - Generic Security Services Application Program Interface
RADIUS - Remote Access Dial In User Service
Kerberos - a computer network authentication protocol
SSO - Single Sign-On
LDAP - Lightweight Directory Access Protocol
PAP - Password Authentication Protocol
CHAP - Challenge-Handshake Authentication Protocol
PAM - Password Authentication Module
OAuth - open protocol to allow secure authorisation in a simple and standard method from web, mobile, desktop
OpenID - safe, faster, and easier way to log in to other web sites
SAML - Security Assertion Markup Language
PCI-DSS - Payment Card Industry Data Security Standard
OpenSSL - SSL library
GnuTLS - GNU TLS
PFS - Perfect Forward Secrecy
keylogger -
man-in-the-middle-attack -
cold-boot-attack -
hibernation-file-attack -
LUKS - Linux Unified Key Setup
rootkit -
bootkit -
trojan -
splice-attack - A type of attack where an intruder is able to forge a biometric sample