Security Architecture Engineering (SAE) Flashcards
Accreditation
the managerial approval to operate a system based upon knowledge of risk to operate
Alarm Station
A manually actuated device installed at a fixed location to transmit an alarm signal in response to an alarm condition.
Annunciator
A device that signals a change of protection zone status in a security system.
Architecture
high level design or model with a goal of consistency, integrity, and balance
Bell-LaPadula
Security policy model with simple security property and *-property. The simple security property is no process may read data at a higher level. This is also known as no read up (NRU). The *-property: no process may write data to a lower level. This is also known as no write down (NWD).
Biba
Security policy model that deals with integrity alone and ignores confidentiality. First rule integrity - preventing unauthorized users from making modifications. Simple integrity - No read down. Star integrity - No write up. Service commands - Tranquility.
Blackout
prolonged loss of commercial power
Bollard
vehicle stopping object
Bolt
The part of a lock which, when actuated, is projected (or “thrown”) from the lock into a retaining member, such as a strike plate, to prevent a door or window from moving or opening.
Bounds
a process consist of limits set on the memory addresses and resources it can access. The bounds state the area within which a process is confined or contained.
Brewer-Nash
Created Chinese-Wall model to handle conflicts of interest. Law firm 1 works for Company A. Law firm 2 works for Company B. Law firm 1 and Law firm2 merges. Ensures paralegals on Law firm 1 only works on Company A and paralegals on Law firm 2 only works on Company B.
Brownout
reduction of voltage by the utility company for a prolonged period of time
Bumping
hitting a filed down key in a lock with a hammer to open without real key
Capacitance
The property of two or more objects, which enables them to store electrical energy in an electric field between them. The basic measurement unit is the Farad.
Card Access
A type of access control system that uses a card with a coded area or strip, on or inside the card, to actuate a lock or other access control device.
Card Key
A card usually plastic, that contains encoded information to open a locking device.
Central Processing Unit
the core of a computer that calculates
Central Station
An organization or business established for the purpose of monitoring subscribers’ alarm systems from a centralized monitoring location rather than at the individual sites.
Certification
the technical and risk assesment of a system within the context of the operating environment
CICS
complex instructions. Many operations per instruction. Less number of fetches
Clark and Wilson
Integrity security model. Three integrity goals: Preventing unauthorized users from making modifications, Preventing authorized users from making improper modifications, maintaining internal and external consistency. Defines well formed transactions, Separation of duties, Access Triple - subject-application-object.
Classified Information
Official information that has been identified and marked as Top Secret, Secret, or Confidential in the interests of national security.~
Closed Circuit Television (CCTV)
A television system, hard-wired, used for proprietary purposes and not for public or general broadcast.
Combination Lock
A keyless lock which requires the turning of a numbered dial to a preset sequence of numbers for the lock to open.
Common Criteria
the current internationally accepted set of standards and processes for information security products evaluation and assurance, which joins function and assurance requirements
Confinement
to restrict the actions of a program. Simply put, process confinement allows a process to read from and write to only certain memory locations and resources. This is also known as sandboxing.
Conflict of interest
one entity with two competing allegiances
Covert Channel
an unintended communication path
CPU Cache
dedicated fast memory located on the same board as the CPU
Custodian
An individual who is designated the responsibility for maintaining, safeguarding and accounting for classified information.
Data Execution Prevention
a system-level memory protection feature that is built into the OS, it prevents code from being run from data pages such as the default heap, stacks, and memory pools.
Data hiding
a software design technique for abstraction of a process
Data Mining
technique allow analysts to comb through data warehouses and look for potential correlated information.
Data Warehousing
large databases, store large amounts of information from a variety of databases for use with specialized analysis techniques.
Deadbolt Lock
A lock that uses strong metal components that cannot be easily forced.
Dedicated Line
A power or transmission line with a single function, such as data transmission, or to a single source such as an outlet for a computer.
Deterrent
Any physical or psychological device or method that discourages action.
Doppler Effect
The change in the frequency of a light wave or sound wave, resulting from relative motion of the source and the receiver.
Electromagnetic Interference (EMI)
high frequency noise
Electromagnetic Lock
A door lock that uses an electrically actuated magnetic attraction to secure the door. Magnetic locks use no moving parts.
Electrostatic Discharge
power surge
Embedded
hardware or software that is part of a larger system
Fault
momentary loss of power
Fire Detection
Alerts personnel to the presence of a fire
Fire Prevention
Reduces causes of fire
Fire Suppression
to reduce fire
Firmware
reprogrammable basic startup instructions
Foil
An electrically conductive ribbon used for a sensing circuit.
Framework
third party processes used to organize the implementation of an architecture
Generator
fault tolerance for power
Gong
Not model implementation, not answer
Graham Denning
focused on relationship between subjects and objects. Need update, delete, modify. Integrity security model.
Harrison-Russo-Ullman
More granular than Graham Denning. Access control with list and matrix. Integrity security model.
Information Flow model
mediation of covert channels must be addressed
Infrared Motion Detector
A passive, low power, area protection device that detects a change in ambient temperature within the coverage pattern caused by the movement of a body.
Infrastructure
specific format of technical and physical controls that support the chosen framework and the architecture
Inrush Current
initial surge of current
Interference (noise)
natural occurrence in circuits that are in close proximity