A | B | C | D | E | F | G | H | I | J | K | L | M |
N | O | P | Q | R | S | T | U

Safeguards
Countermeasures, specifications, or controls, consisting of actions taken to decrease the organizations existing degree of vulnerability to a given threat probability, that the threat will occur

Secret Key
An identical secret shared between two users of a secret key method.

Secret Key Method
Classical encryption method where two users share the identical secret key.

Secure Email
Applications like Secure Multipurpose Internet Mail Exchange (S/MIME) and Pretty Good Privacy (PGP) which offer different choices for secret key methods, public key methods, and message digest methods used to encrypt email. All secure email packages require the sender to purposefully invoked encryption, either by setting the default in the program to automatic encryption or by selecting encryption and signing each time email is sent

Secure Hash Algorithm (SHA-1)
A currently secure message digest method. SHA-1 makes a 160-bit digest—compressing all of Microsoft Office to about 20 bytes of disk storage.

Secure Socket Layer (SSL)
A protocol (data transmission procedure) transparent to the user that implements three cryptographic assurances— authentication, confidentially, message integrity— and provides secure key exchange between an Internet Browser and Internet Server. It’s main purpose is to make Internet e-commerce users feel secure about sending their financial information over the Internet. SSL does not offer non-repudiation.

Security Association (SA)
Terminology in for one secret key together with one set of cryptographic parameters agreed upon during the authentication and key exchange process.

Security Incident
A MIS security incident is any event and/or condition that has the potential to impact the security and/or accreditation of a MIS and may result from intentional or unintentional actions. See also: Security Violation

Security Policy
The set of laws, rules, directives, and practices that regulate how an organization manages, protects, and distributes controlled information

Security Requirements
Types and levels of protection necessary for equipment, data, information, applications, and facilities to meet security policies

Security Safeguards (countermeasures)
The protective measures and controls that are prescribed to meet the security requirements specified for a system. Those safeguards may include, but are not necessarily limited to: hardware and software security features; operating procedures; accountability procedures; access and distribution controls; management constraints; personnel security; and physical structures, areas, and devices. Also called safeguards or security controls

Security Specifications
A detailed description of the security safeguards required to protect a system

Security Violation
An event, which may result in disclosure of sensitive information to, unauthorized individuals, or that results in unauthorized modification or destruction of system data, loss of computer system processing capability, or loss or theft of any computer system resources. See also: Security Incident

Selective Forgery
A forgery made when the secret key is no longer secure and BlackHat can manufacture a MAC for any selected plaintext.

Session Key
A secret key used one time for a single session between two parties exchanging encrypted electronic information.

SET
Secure Electronic Transaction. MasterCard and Visa developed (with some help from industry) this standard jointly to insure secure electronic transactions.

SHA-1
One of the two most popular non-keyed message digest programs. It makes a 160-bit digest and has so far been immune from the cryptanalytic attacks successfully mounted against MD5.

Signature Method
Required information on an X509 digital certificate which spells out the encryption method used to generate the public/private key pair.

Signing
Encrypting with the private key in public key cryptography to provide authentication, integrity and non-repudiation.

Site
Usually a single physical location, but it may be one or more MIS that are the responsibility of the DSO. The system may be a stand-alone MIS, a remote site linked to a network, or workstations interconnected via a local area network (LAN)

Skipjack
A classified NSA designed encryption algorithm contained in the Clipper Chip. It is substantially stronger than DES and Intended to provide a Federally mandated encryption process, which would enable law enforcement agencies to monitor and wiretap private communications. See also: Capstone, DES, Clipper, RSA, Skipjack

Smart cards
A standard plastic credit card with an imbedded computer chip which easily store cryptographic keys and algorithms while limiting access to those keys. The most widespread commercial solution for key management at present, smart cards, though not foolproof, are particularly valued for providing secure authentication by creating and storing keys someplace more secure than a desktop computer.

SMTP
Simple Mail Transfer Protocol.

Standalone System
A single-user MIS not connected to any other systems

Standard Security Procedures
Step-by-step security instructions tailored to users and operators of MIS that process sensitive information

Steganography
The process of hiding data inside other data. For example, a text file could be hidden "inside" an image or a sound file. By looking at the image, or listening to the sound, you would not know that there is extra information present.

Stream Cipher
A secret-key encryption algorithm that operates on a bit at a time.

Strong Collision Resistance
One of three non-keyed message digest security assurances which prevents two different messages from making equivalent message digests. The other two assurances are one-wayness (first pre-image resistance) and weak collision resistance (second pre-image resistance). Strong collision resistance stops forgery of any message.

Sub Certificate Authority (CA)
Some entity who has been given authority to issue digital certificates by a root certificate authority (CA). Usually the root CA directs the sub CA to sign certificates with the sub CA’s private key — not with the root CA’s private key.

Substitution Cipher
A method of hiding text in which plaintext letters are replaced by ciphertext letters or symbols. It is one technique used in the Data Encryption Standard (DES).

Symmetric Cipher
Cryptographic methods that use shared secret keys. Both confidants encrypt and decrypt with the identical secret key. Usually there are only two holders of a particular secret key. Also known as secret key cryptography.

Symmetric Encryption
See: Conventional Encryption

System
See: Management Information System, MI

System Integrity
The attribute of a system relating to the successful and correct operation of computing resources. See also: Integrity

System of Records
A group of any records under the control of the Department from which information is retrieved by the name of an individual, or by some other identifying number, symbol, or other identifying particular assigned to an individual. See also: Privacy Act of 197