Glossary of Data Security Terms


A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.
Program or software capable of detecting, removing, and protecting against various forms of malicious software (also called “malware”) including viruses, worms, Trojans or Trojan horses, spyware, adware, and rootkits.
Process of verifying identity of an individual, device, or process.
Granting of access or other rights to a user, program, or process. For a network, authorization defines what an individual or program can do after successful authentication.


Duplicate copy of data made for archiving purposes or for protecting against damage or loss.
Commonly used to mean the capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second.
A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.
A client computer program that can retrieve and display information from servers on the World Wide Web.
Brute Force
A cryptanalysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, one-by-one.


Pronounced cash, a special high-speed storage mechanism. It can be either a reserved section of main memory or an independent high-speed storage device. Two types of caching are commonly used in personal computers: memory caching and disk caching.
A computer security term, to compromise a computer means to break into it or crack it without authorization.
Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. A server can use this mechanism to maintain persistent client-side state information for HTTP-based applications, retrieving the state information in later connections.


A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. The daemon program forwards the requests to other programs (or processes) as appropriate. The term daemon is a Unix term, though many other operating systems provide support for daemons, though they're sometimes called other names. Windows, for example, refers to daemons and System Agents and services.
Data Mining
Data Mining is a technique used to analyze existing information, usually with the intention of pursuing new avenues to pursue business.
Decryption is the process of transforming an encrypted message into its original plaintext.
Denial of Service
The prevention of authorized access to a system resource or the delaying of system operations and functions.
A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. In the Internet's domain name system, a domain is a name with which name server records are associated that describe sub-domains or host.
Domain Name System
The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember "handle" for an Internet address.


Email Header
Email headers determine where a message is sent, and records the specific path the message follows as it passes through each mail server.
Process of converting information into an unintelligible form except to holders of a specific cryptographic key. Use of encryption protects information between the encryption process and the decryption process (the inverse of encryption) against unauthorized disclosure.
Endpoint Device
An endpoint device acts as a user endpoint in a distributed computing system. Typically, the term is used specifically for Internet-connected PC hardware on a TCP/IP network. However, various network types have their own types of endpoint devices in which users can access information from a network. Endpoint devices can include desktop or laptop computers, as well as portable devices like tablets and smart phones.


Hardware and/or software technology that protects network resources from unauthorized access. A firewall permits or denies computer traffic between networks with different security levels based upon a set of rules and other criteria.


When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL.


IP Address
Also referred to as "internet protocol address." Numeric code that uniquely identifies a particular computer on the Internet.
IP Address Spoofing
Attack technique used by a malicious individual to gain unauthorized access to computers. The malicious individual sends deceptive messages to a computer with an IP address indicating that the message is coming from a trusted host.


MAC Address
Abbreviation for "media access control address." Unique identifying value assigned by manufacturers to network adapters and network interface cards.
A generic term for a number of different types of malicious code.


The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. Typically the e-mail and the web site looks like they are part of a bank the user is doing business with.
Acronym for "personal identification number." Secret numeric password known only to the user and a system to authentic ate the user to the system. The user is only granted access if the PIN the user provided matches the PIN in the system.


Secure Shell (SSH)
A program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another.
Secure Sockets Layer
A protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a public key to encrypt data that's transferred over the SSL connection.
Sensitive Information
Sensitive information, as defined by the federal government, is any unclassified information that, if compromised, could adversely affect the national interest or conduct of federal initiatives.
A system entity that provides a service in response to requests from other system entities called clients.
Electronic junk mail or junk newsgroup postings.
Attempt by an unauthorized entity to gain access to a system by posing as an authorized user.


Trojan Horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.


A person, organization entity, or automated process that accesses a system, whether authorized to do so or not.


A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting - i.e., inserting a copy of itself into and becoming part of - another program. A virus cannot run by itself; it requires that its host program be run to make the virus active.


A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.


A zombie computer (often shortened as zombie) is a computer connected to the Internet that has been compromised by a hacker, a computer virus, or a trojan horse. Generally, a compromised machine is only one of many in a botnet, and will be used to perform malicious tasks of one sort or another under remote direction. Most owners of zombie computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to zombies.