Security Engineering (Domain 3) Flashcards
System which can simultaneous support separate execution domains for different subject.
Multi-user
A program in execution that works in its own address space and can only communicate with other processes in a controlled manner.
Process
Memory allocation for programs.
Real Storage
Read-Only Memory
A non-volatile storage facility that generally is not updatable without replacing the ROM chip.
ROM
Manner of a system moving from one state to another (i.e.: initialization state to ready state).
State Transition
A system that has the necessary controls to ensure that the security policy will not be compromised and that it can process a range of sensitive or classified information simultaneously.
Trusted Computer System
A British risk-based method for assessing, evaluating, and managing risk. It is a standard and a framework for developing a security program.
7779 Standards
Security model that provides access controls that can change dynamical depending upon a user’s previous actions. The main goal is to protect against users accessing data that could be seen as conflicts of interest. Also known as the Chinese Wall model.
Brewer and Nash Model
A covert channel that involves direct or indirect writing to a storage location by one process and the direct or indirect reading of the storage location by another process. Covert storage channels typically involve a finite resource that is shared by two subjects at a different security levels.
Covert Storage Channel
Security model that defines a set of basic rights in terms of commands that a specific subject can execute on an object.
Graham-Denning Model
Instructions within a program’s code that enable the developer or maintainer to enter the program without having to go through the usual access control and authentication processes. They should be removed from the code before being released for production otherwise; they can cause serious security risks. Also called trapdoors.
Maintenance Hook
A part of the asymmetric key pair that must only be known and used by the owner
Private Key
Also called packet replay, an attack based on capturing and resending packets on a network. This type of attack can be used against certain cryptographic standards.
Replay Attack
Secure Electronic Transactions – A security technology proposed by Visa and MasterCard to allow for more secure card transaction possibilities.
SET
A form of IPSec communication where the payload of the message is protected. This occurs with direct forms of communication between hosts (i.e. between a client and a server).
Transport Mode
