Definition: A connectionless packet-switching technology often used to connect multiple LANs, forming a Metropolitan Area Network (MAN) or a Wide Area Network (WAN). It was a forerunner to Asynchronous Transfer Mode (ATM) due to the similar technologies used.
DHCP Snooping
Purpose: A security feature used to protect networks from unauthenticated DHCP clients. It helps prevent unauthorized devices from gaining access to network resources.
Industrial Control System (ICS)
Definition: A computer-management device that controls industrial processes and machines. ICSs are critical in industries like manufacturing, electricity generation, water distribution, sewage processing, and oil refining.
Forms of ICS:
Distributed Control Systems (DCSs): Used for process control in industrial environments.
Programmable Logic Controllers (PLCs): Specialized computers used to control machinery.
Supervisory Control and Data Acquisition (SCADA): Systems that monitor and control industrial processes.
Kerckhoffs’s Principle
Definition: A principle in cryptography stating that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.
Input and Parameter Checking
Purpose: Ensures that data provided as input is limited and validated to prevent security vulnerabilities like buffer overflows. Proper data validation is crucial for maintaining system integrity.
Side-Channel Attack
Definition: A passive, non-invasive attack that observes the operation of a device (e.g., a smartcard) to extract valuable information, such as encryption keys, without directly interacting with the system.
Transitive Trust
Definition: If Domain A trusts Domain B and Domain B trusts Domain C, then Domain A automatically trusts Domain C. This trust relationship extends not only between the two original domains but also to all their subdomains.
Implication: Transitive trust can potentially broaden the access across multiple domains, which may need to be carefully managed to maintain the principle of least privilege.
Nontransitive Trust
Definition: A direct trust relationship between two security domains that does not extend to other domains. It allows subjects in one domain to access objects in the other domain but does not extend that trust further.
Implication: Nontransitive trust enforces the principle of least privilege by limiting trust to a single domain at a time, thereby providing tighter control over access between domains.