• Choose a category
• All
• Classic-Fiction

Key Exchange Algorithm (KEA) A method of offering mutual authentication and establishing data encryption keys.

key generation The act of creating keys for use by users.

key suspension The temporary deferment of a key for a period of time (such as for a leave of absence).

Keyed-Hash Message Authentication Code (HMAC) “A mechanism for message authentication using cryptographic hash functions” per the draft of the Federal Information Processing Standard (FIPS) publication. Addressed in RFC 2104.

L

L2F See Layer 2 Forwarding (L2F).

L2TP See Layer 2 Tunneling Protocol (L2TP).

LAN See local area network (LAN).

LANMAN An old authentication method used with early Windows-based systems.

latency The wait time between the call for an action or activity and the actual execution of that action.

lattice The concept that access differs at different levels. Often used in discussion with the Biba and Bell La-Padula models as well as with cryptography to differentiate between security levels based upon user/group labels.

Layer 2 Forwarding (L2F) A tunneling protocol often used with virtual private networks (VPNs). L2F was developed by Cisco.

Layer 2 Tunneling Protocol (L2TP) A tunneling protocol that adds functionality to Point-to-Point Protocol (PPP). This protocol was created by Microsoft and Cisco and is often used with virtual private networks (VPNs).

LCP See Link Control Protocol (LCP).

LDAP See Lightweight Directory Access Protocol (LDAP).

Lightweight Directory Access Protocol (LDAP) A set of protocols that was derived from X.500 and operates at port 389.

limited distribution Describes information that isn’t intended for release to the public. This category of information isn’t secret, but it’s private.

Link Control Protocol (LCP) The protocol used to establish, configure, and test the link between a client and PPP host. See also Point-to-Point Protocol (PPP).

local area network (LAN) A network that is restricted to a single building, group of buildings, or even a single room. A LAN can have one or more servers.

local registration authority (LRA) An authority used to identify or establish the identity of an individual for certificate issuance.

logic bomb Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met. For example, a programmer could create a program that always makes sure his name appears on the payroll roster; if it doesn’t, then key files begin to be erased.

logs and inventories Tools used to help an organization know what is happening to its systems and assets. System logs tell what is happening with the systems in the network. Inventories refer to both the physical assets and the software assets a company owns.

M

M of N Control method A rule stating that in order to access the key server if n number of administrators have the ability to perform a process, m number of those administrators must authenticate for access to occur. M of N Control may involve physical presence.

MAC See Media Access Control (MAC), Mandatory Access Control (MAC), and message authentication code (MAC).

MAC address The address that is either assigned to a network card or burned into the network interface card (NIC). PCs use MAC addresses to keep track of one another and keep each other separate. macro virus A software exploitation virus that works by using the macro feature included in many applications. malicious code Any code that is meant to do harm.

Mandatory Access Control (MAC) A security policy wherein labels are used to identify the sensitivity of objects. When a user attempts to access an object, the label is checked to see if access should be allowed (that is, whether the user is operating at the same sensitivity level). This policy is “mandatory,” because labels are automatically applied to all data (and can be changed only by administrative action), as opposed to “discretionary” policies that leave it up to the user to decide whether to apply a label.

man-in-the-middle attack An attack that