Glossary P
pseudonymization

Pseudonymization

A particular type of de-identification that both removes the association with a data subject and adds an association between a particular set of characteristics relating ...

Read More

rivest-shamir-adleman (rsa)

Privacy

Assurance that the confidentiality of, and access to, certain information about an entity is protected.See the following for more information:NIST SP 1800-10B under Privacy from ...

Read More

DH

PIN

Personal Identification NumberA memorized secret typically consisting of only decimal digits.See NIST SP 1800-17b under Personal Identification Number NIST SP 1800-17c under Personal Identification Number ...

Read More

Intranet

Pseudonym

A name assigned through a formal process by a federal department or agency to a federal employee for the purpose of the employee’s protection (i.e., ...

Read More

PSK

PSK

A single secret key used by IPsec endpoints to authenticate endpoints to each other.See NIST SP 800-77 Rev. 1 under Pre-shared Key for more information.

Read More

O

Perimeter

1. Encompasses all those components of the system that are to be accredited by the DAA, and excludes separately accredited systems to which the system ...

Read More

Packet

Packet

The logical unit of network communications produced by the transport layer. See NIST SP 800-86 for more information.

Read More

Packet Filter

Packet Filter

A routing device that provides access control functionality for host addresses and communication sessions. See NIST SP 800-41 Rev. 1 for more information. Specifies which types of traffic should ...

Read More

Packet Filtering

Packet Filtering

See “Packet Filtering”. See NIST SP 800-41 Rev. 1 under Stateless Inspection for more information. 

Read More

Packet Sniffer

Packet Sniffer

Software that observes and records network traffic. Software that monitors network traffic on wired or wireless networks and captures packets. See NIST SP 800-86 under Packet Sniffer for more information. 

Read More

Parity

Parity

Bit(s) used to determine whether a block of data has been altered. Rationale: Term has been replaced by the term “parity bit”. 

Read More

Parity Bit

Parity Bit

A checksum that is computed on a block of bits by computing the binary sum of the individual bits in the block and then discarding ...

Read More

Partition

Partition

A logical portion of a media that functions as though it were physically separate from other logical portions of the media. See NIST SP 800-86 for more information.  ...

Read More

Passive Attack

Passive Attack

An attack against an authentication protocol where the attacker intercepts data traveling along the network between the claimant and verifier, but does not alter the ...

Read More

Passive Security Testing

Passive Security Testing

Security testing that does not involve any direct interaction with the targets, such as sending packets to a target. See NIST SP 800-115 for ...

Read More

Passphrase

Passphrase

A passphrase is a memorized secret consisting of a sequence of words or other text that a claimant uses to authenticate their identity. A passphrase ...

Read More

Password

Password

A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization. See the following under Password for more ...

Read More

Password Cracking

Password Cracking

The process of recovering secret passwords stored in a computer system or transmitted over a network.  See NIST SP 800-115 for more information. 

Read More

Patch

Patch

 A “repair job” for a piece of programming; also known as a “fix”. A patch is the immediate solution to an identified problem that is ...

Read More

Patch Management

Patch Management

The systematic notification, identification, deployment, installation, and verification of operating system and application software code revisions. These revisions are known as patches, hot fixes, and ...

Read More

Phishing

Phishing

Phishing is the practice of sending email to users with the purpose of tricking them into revealing personal information or clicking on a link. A ...

Read More

Plain text

Plain text

Plain text is simple text displayed in a readable format. Encryption converts plain text to ciphertext.The following graphic shows how plain text is converted to ...

Read More

POODLE attack

POODLE attack

Padding Oracle on Downgraded Legacy Encryption. POODLE is referred to as both a downgrade attack, and a man-in-the-middle (MITM) exploit. It essentially forces a TLS ...

Read More

Payload

Payload

Consists of the information passed down from the previous layer. See NIST SP 800-113 for detailed information.  The input data to the CCM generation-encryption process that is both authenticated ...

Read More

Penetration Testing

Penetration Testing

A method of testing where testers target individual binary components or the application as a whole to determine whether intra or intercomponent vulnerabilities can be ...

Read More

Permission

Permission

Authorization to perform some action on a system.See NISTIR 7316 for more information.

Read More

Physical Access Control System

Physical Access Control System

An electronic system that controls the ability of people or vehicles to enter a protected area by means of authentication and authorization at access control ...

Read More