Online Glossary of Security Terms

This glossary contains a list of terms, abbreviations, and acronyms frequently used when discussing networks, security, firewalls, and technical products.

# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | R | S | T | U | V | W | X | All

E

ECC (Elliptic Curve Cryptosystem)

A method for creating public key algorithms, which some experts claim provides the highest strength-per-bit of any cryptosystem known today. Its algorithms accept an encryption key but then add extra numbers representing the coordinates of points on an imaginary wiggly curve as it crosses an imaginary line. Its complicated algebraic approach allows shorter keys to produce security equivalent to longer keys in other cryptosystems (such as RSA). Shorter keys mean the encryption and decryption can be performed relatively quickly and with less computer hardware. Numerous experts believe ECC will eventually enjoy widespread use.

elevation of privilege

Almost every computer program has some notion of "privilege" built in, meaning, permission to do some set of actions on the system. This permission is granted to individuals based on their ability to present proper credentials (for example, a username and password). Privilege has levels -- for example, a guest account typically has fewer privileges than an administrator account. Many network attacks begin with an attacker obtaining limited privileges on a system, then attempting to leverage those privileges into greater privileges that might ultimately lead to controlling the system. Any attempt to gain greater permissions illicitly (typically, by impersonating a privileged user or otherwise bypassing normal authentication) is considered an elevation of privilege.

encryption

The process of disguising data to hide its content. As used in a network security context, encryption is usually accomplished by putting the data through any of several established mathematical algorithms developed specifically for this purpose.

entropy

In cryptography, a mathematical measurement of the amount of uncertainty or randomness.

ESMTP (Extended Simple Mail Transfer Protocol)

A protocol that provides extensions to SMTP for sending e-mail that supports graphics, audio, and video files, and text in various foreign languages. These extensions were first described in RFC 1869.

Ethernet

One of the least expensive, most widely deployed networking standards, enabling the transmission of data at 10 million bits per second (Mbps), using a specified protocol. A more recent Ethernet standard, called 100BaseTx, enables data to be transmitted and received at 100 Mbps.

Ethernet address

A unique ID number obtained automatically when an Ethernet adapter is added to a computer. This address identifies the machine as a unique communication item and enables direct communications to and from that particular computer. See also MAC address.

event

Any network incident that prompts some kind of log entry or other notification.

extension

See file extension.

External interface

An Ethernet port intended for connecting to the portion of your network that presents the greatest security risk (typically the Internet and any other switches, routers, or servers connected to, but outside, your network).

External network

Any network that can connect to yours, with which you have neither a trusted or semi-trusted relationship. For example, a company's employees would typically be trusted on your network, a primary vendor's network might be semi-trusted, but the public Internet would be untrusted — hence, External.