Glossary
Term Description
Covert Timing Channel
A channel that conveys information by altering the performance of a system component or modifying a resource’s timing in a predictable manner. A covert channel in which one process signals information to another by modulating its own use of system resources in such a way that this manipulation affects the real response time observed by the second process. Covert channel in which one process signals information to another process by modulating its own use of system resources (e. g. , central processing unit time) in such a way that this manipulation affects the real response time observed by the second process.
CPU
Central Processing UnitThe central processing unit; the brains of the computer.
Cracker
Malicious users intent on waging an attack against a person or system. Crackers may be motivated by greed, power, or recognition. Their actions can result in stolen property (data, ideas, and so on), disabled systems, compromised security, negative public opinion, loss of market share, reduced profitability, and lost productivity. The correct name for an individual who hacks into a networked computer system with malicious intentions. The term “hacker” is used interchangeably (although incorrectly) because of media hype of the word “hacker. ” A cracker explores and detects weak points in the security of a computer networked system and then exploits these weaknesses using specialized tools and techniques.
CRC
Cyclic Redundancy CheckCyclical redundancy check.
Credentials
Data that is transferred to establish the claimed identity of an entity. Information, passed from one entity to another, used to establish the sending entity’s access rights.
CRL
Certificate Revocation ListCertificate revocation list.
Crossover error rate (CER)
A comparison metric for different biometric devices and technologies; the error rate at which FAR equals FRR. The lower the CER, the more accurate and reliable the biometric device. The point at which the false acceptance rate (FAR) equals the false rejection rate (FRR). This is the point from which performance is measured in order to compare the capabilities of different biometric devices.
Cryptanalysis
Operations performed in converting encrypted messages to plain text without initial knowledge of the cryptoalgorithm and/or key employed in the encryption. The study of methods to defeat codes and ciphers. The study of techniques for attempting to defeat cryptographic techniques and, more generally, information security services.
Cryptographic Key
A parameter used with a cryptographic algorithm to transform, validate, authenticate, encrypt, or decrypt data. Cryptographic keys provide the “secret” portion of a cryptographic algorithm used to encrypt and decrypt data.
Cryptography
Algorithms applied to data that are designed to ensure confidentiality, integrity, authentication, and/or nonrepudiation. Art or science concerning the principles, means, and methods for rendering plain information unintelligible and for restoring encrypted information to intelligible form. The study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication. Cryptography is not the only means of providing information security services, but rather one set of techniques. The word itself comes from the Greek word kryptos, which means “hidden” or “covered. ” Cryptography is a way to hide writing but yet retain a way to uncover it again.