Accessibility Links

Infosec
English 繁體版 简体版

Navigation Menu 1

General UsersYoungsters & StudentsParents and TeachersIT ProfessionalsSME
FAQ Search :
Change text size: Text Size: Default Size (A) Text Size: Larger (A) Text Size: Largest (A)
general user youngsters and students parents and teachers IT professionals sme

Navigation Menu 2

 

  

 
 
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Index for glossary S

 

Scam Email

Secure Sockets Layer (SSL)

Security Assertion

Security Incident

Security Policy

Security Risk Assessment

Segregation of Duties

 

Server Authentication

Service Set Identifier (SSID)

Session Hijack

Session Key

Shoulder Attack

Single Sign-On (SSO)

Smart Card

 

Social Engineering

Soft Token

Spam

Spammer

Spyware

SSL VPN

Symmetric Cryptography

 

Scam Email

Unsolicited email which is deceptive and deliberately fraudulent in nature, leading to infection by viruses, identity theft, or even financial loss if instructions described in the messages are followed.

back to top Top

Secure Sockets Layer (SSL)

Secure Sockets Layer (SSL) is a protocol designed to enable encrypted, authenticated communications across the Internet. It is a security layer between the application and transport layers, which protects the application-layer protocols such as HTTP and is transparent to application developers or users. It provides privacy, authentication and message integrity.

back to top Top

Security Assertion

A security assertion is a statement about the identity of a user that is supported by the trust established at the receiving site on the issuer of the assertion.

back to top Top

Security Incident

It is any event that could pose a threat to the availability, integrity and confidentiality of an information system.

back to top Top

Security Policy

A top-level directive statement that guide and determine decisions concerning security in a system.

back to top Top

Security Risk Assessment

Security Risk Assessment can be defined as a process of evaluating security risks, which are related to the use of information technology. It can be used as a baseline for showing the amount of change since the last assessment, and how much more changes are required in order to meet the security requirements.

back to top Top

Segregation of Duties

Segregation of duties is a concept in internal control that requires critical functions to be divided into steps among different individuals so as to prevent a single individual from subverting a critical process.

back to top Top

Server Authentication

It allows a client to identify that it is communicating with the target party, not a malicious third party.

back to top Top

Service Set Identifier (SSID)

Service Set Identifier (SSID) is a configurable identification that allows wireless clients to communicate with an appropriate access point. With proper configuration, only clients with the correct SSID can communicate with access points.

back to top Top

Session Hijack

Take over a session that someone else has established.

back to top Top

Session Key

A session key is a symmetric key which encrypts a message or session, in order to protect data during transmission. It is created at the beginning of a communications session.

back to top Top

Shoulder Attack

Shoulder attack is an attack in which attacker might be able to observe what one types and hence steal the password by direct observation by looking over one’s shoulder, or indirect monitoring by using a camera when one types in his password.

back to top Top

Single Sign-On (SSO)

Single sign-on is an access control mechanism that requires a user to login only once and be authenticated automatically by all other service providers.

back to top Top

Smart Card

A tamper-resistant card with a chip storing an encrypted password or the private key which makes it difficult to be sniffed or stolen by the intruder.

back to top Top

Social Engineering

An act using social interactions such as lie, play acting or verbal wordings to trick legitimate users for secrets of the systems such as the user lists, user passwords and network architecture.

back to top Top

Soft Token

This is a copy of software with a cryptographic key installed in the user's computer, PDA or smartphone. The cryptographic key is normally encrypted and stored on some storage media, and authentication requires entry of password or biometrics to activate the token.

back to top Top

Spam

Spam refers to bulk unsolicited electronic messages sent in the form of e-mail, fax or short messages, etc. regardless of whether the recipients have given any consent to receive such or even after the recipients have requested not to receive such any more.

back to top Top

Spammer

Spammer is a person who sends spam messages.

back to top Top

Spyware

Spyware is software that secretly forwards information about a user's online activities to third parties without the user's permission.

back to top Top

SSL VPN

An SSL VPN allows users to connect to the VPN devices using their Web browsers. The SSL (Secure Sockets Layer) protocol or TLS (Transport Layer Security) protocol is used to encrypt the traffic between the Web browser and the SSL VPN device.

back to top Top

Symmetric Cryptography

A branch of cryptography involving algorithms that use the same key for encryption and decryption.

 
 
     
Back back to topTop
 

Footer Menu

Sitemap | Contact Us | Privacy Policy | Important Notices
 
General Users Youngsters & Students Parents & Teachers IT Professionals SME