System And Network Security Acronyms And Abbreviations
NIST Interagency Report 7581September 2009System and Network SecurityAcronyms and AbbreviationsKaren ScarfoneVictoria Thompson
NIST Interagency Report 7581September 2009System and Network Security Acronymsand AbbreviationsKaren ScarfoneVictoria ThompsonC O M P U T E RS E C U R I T YComputer Security DivisionInformation Technology LaboratoryNational Institute of Standards and TechnologyGaithersburg, MD 20899-8930September 2009U.S. Department of CommerceGary Locke, SecretaryNational Institute of Standards and TechnologyPatrick D. Gallagher, Deputy Director
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONSReports on Computer Systems TechnologyThe Information Technology Laboratory (ITL) at the National Institute of Standards and Technology(NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’smeasurement and standards infrastructure. ITL develops tests, test methods, reference data, proof ofconcept implementations, and technical analysis to advance the development and productive use ofinformation technology. ITL’s responsibilities include the development of technical, physical,administrative, and management standards and guidelines for the cost-effective security and privacy ofsensitive unclassified information in Federal computer systems. This Interagency Report discusses ITL’sresearch, guidance, and outreach efforts in computer security and its collaborative activities with industry,government, and academic organizations.National Institute of Standards and Technology Interagency Report 758132 pages (Sep. 2009)Certain commercial entities, equipment, or materials may be identified in thisdocument in order to describe an experimental procedure or concept adequately.Such identification is not intended to imply recommendation or endorsement by theNational Institute of Standards and Technology, nor is it intended to imply that theentities, materials, or equipment are necessarily the best available for the purpose.ii
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONSAcknowledgmentsThe authors, Karen Scarfone of the National Institute of Standards and Technology (NIST) and VictoriaThompson of Booz Allen Hamilton, wish to thank their colleagues who reviewed drafts of this report,particularly Liz Lennon and Tim Grance of NIST. Thanks also go to individuals and organizations thatsubmitted suggestions, particularly Tim Kramer, Mark Seecof, the U.S. Department of Energy, and theU.S. Department of State. The authors also thank their colleagues who created acronym and abbreviationlists for their publications that were subsequently used as sources of information for this report.Trademark InformationAll names are registered trademarks or trademarks of their respective companies.Note to ReviewersReviewers are encouraged to submit additional acronyms and abbreviations related to system and networksecurity, particularly for emerging technologies, for consideration as additions to this report. Allsuggestions and corrections should be sent to securityacronyms@nist.gov.iii
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONSTable of Contents1.Introduction .12.Acronym and Abbreviation List.2Numeric. 2A. 2B. 3C . 4D . 6E. 7F. 8G . 9H . 10I . 11J . 13K. 13L . 13M . 14N . 15O . 17P. 17Q . 19R . 19S. 20T. 22U . 23V. 24W. 24XYZ . 25UAppendix A— References .26Appendix B— Former Acronyms .27iv
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS1.IntroductionThis report contains a list of selected acronyms and abbreviations for system and network security termswith their generally accepted or preferred definitions. It is intended as a resource for federal agencies andother users of system and network security publications.The capitalization, spelling, and definitions of acronyms and abbreviations frequently vary amongpublications. It is easy to understand why this happens. While some acronyms and abbreviations (e.g.,WWW) have one universally recognized and understood definition within the domain of system andnetwork security, others (e.g., IA, MAC) have multiple valid definitions depending upon the context inwhich they are used. Some acronyms bear little resemblance to their definitions, such as Modes ofOperation Validation System for the Triple DES Algorithm (TMOVS). Others use unexpectedcapitalization or spelling (e.g., Electronic Business using eXtensible Markup Language [ebXML] andOrganisation for Economic Co-operation and Development [OECD]). As a result, acronyms,abbreviations, and their definitions may be inaccurately or inconsistently defined by authors, perpetuatingerrors and confusing or misleading readers.This report is meant to help reduce these errors and confusion by providing the generally accepted orpreferred definitions of a list of frequently used acronyms and abbreviations. The list does not include allsystem and network security terms, nor is it a compendium of every acronym and abbreviation found insystem and network security documents published by NIST. Readers should refer to each document’s listof acronyms and abbreviations (typically found in an appendix) for definitions applicable to thatparticular document.The following conventions have been used in the preparation of the list of acronyms and abbreviations inthis report.Abbreviations and acronyms generally appear in all capital letters, although there are occasionalexceptions—for example, meter (m) and decibels referenced to one milliwatt (dBm).Technical terms are not capitalized unless they are proper nouns. Names of people, places, andgroups, and the titles of protocols, standards, and algorithms are considered proper nouns. Forexample, certification and accreditation (C&A) is not capitalized, but Advanced Encryption Standard(AES) is capitalized.Collective nouns are not capitalized (e.g., wide area network [WAN]).When two or more definitions of the same acronym or abbreviation are given, the acronym orabbreviation is italicized and repeated for each definition. Definitions are listed alphabetically.1
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS2.Acronym and Abbreviation ListThis section consists of a list of selected system and network security acronyms and abbreviations, alongwith their generally accepted definitions. When there are multiple definitions for a single term, theacronym or abbreviation is italicized and each definition is listed separately.Numeric1xRTT3DES3G3GPP3GPP2one times radio transmission technologyTriple Data Encryption Standard3rd Generation3rd Generation Partnership Project3rd Generation Partnership Project IAPAPIaddress resource record typeABAC attribute authorityauthentication, authorization, and accountingauthentication, authorization, and accounting keyadditional authenticated dataafter action reportadaptive antenna systemattribute-based access controlaccess control entryaccess control listAssociation for Computing Machineryauthenticated cipher offsetActive Directoryauthenticated dataalternate data streamAdvanced Encryption StandardAdvanced Encryption Standard-Cipher Block ChainingAdvanced Encryption Standard-Counter Modeadaptive frequency hoppingassisted global positioning systemAuthentication Headerautomatic identification and data captureAssociation for Automatic Identification and Mobilityautomatic identification technologyAsynchronous JavaScript and XMLauthorization keyauthorization key identifierauthentication and key managementapplication layer gatewayAmerican National Standards Instituteaccess pointapplication programming interface2
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONSAPWGARINARPARPAASASASASCASC Phishing Working GroupAmerican Registry for Internet NumbersAddress Resolution ProtocolAdvanced Research Projects Agencyauthentication serverauthentication serviceautonomous systemAnti-Spyware CoalitionAccredited Standards Committee X9American Standard Code for Information Interchangeaddress space layout randomizationautonomous system numberAbstract Syntax Notation 1active server pagesAdvanced Technology AttachmentAnnouncement Traffic Indication Messageasynchronous transfer modeautomated teller machineantivirusAnti-Virus Information Exchange Networkattribute-value businessbest current practicebusiness continuity planBorder Gateway ProtocolBorder Gateway Protocol 4Bump-in-the-APIbusiness impact analysisBiometric Application Programming Interfacebasic input/output systemBump-in-the-StackBusiness Process Modeling LanguageBusiness Process Specification Schemabusiness recovery (resumption) planbase stationbase station controllerBritish Standards InstitutionBritish Security Industry Associationbest security practicebasic service setbasic service set identifierbetter-than-nothing-securitybase transceiver stationbinding updatebinding update acknowledgement3
SYSTEM AND NETWORK SECURITY ACRONYMS AND BC-MACCBEFFCCCCE D-ROMCD-RWCEOCERIASCERTCERT PCIPCcertification and accreditationcertificate authoritycertification agentcertification authoritycommon access cardCooperative Association for Internet Data AnalysisCompletely Automated Public Turing Test to Tell Computers and Humans ApartComputer Antivirus Research OrganizationCryptographic Algorithm Validation ProgramCipher Block ChainingCipher Block Chaining Message Authentication CodeCommon Biometric Exchange File FormatCommon CriteriaCommon Configuration EnumerationCommon Criteria Evaluation and Validation SchemeComputer Crime and Intellectual Property Sectioncomplementary code keyingCounter Mode with CBC-MACCounter Mode with CBC-MAC ProtocolCommon Criteria Recognition ArrangementCommon Configuration Scoring Systemcountry code top-level domainchecking disabledcompact disccompact disc file systemcode division multiple accesscompact disc-recordablecompact disc-read only memorycompact disc-rewritablechief executive officerCenter for Education and Research in Information Assurance and Securitycomputer emergency response teamCERT Coordination CenterCompactFlash Computer Fraud and Abuse ActCipher Feedbackcomputer and financial investigationsCode of Federal Regulationscomputer forensics tool testingcryptographically generated addressesCommon Gateway InterfaceChallenge-Handshake Authentication Protocolcardholder unique identifierClassless Inter-Domain RoutingCommon Internet File Systemchief information officercritical infrastructure protectionCritical Infrastructure Protection Committee4
SYSTEM AND NETWORK SECURITY ACRONYMS AND decCOICOMCOOPCOPPACORBA COTSCPCPCPE RCSRCCSRDAConfidential Information Protection and Statistical Efficiency Actcomputer incident response capabilitycomputer incident response centerCERIAS Incident Response Databasecomputer incident response teamCenter for Internet Securitychief information security officercommon log formatcommand line interfacecommon language runtimecentimeterCertificate Management AuthorityCipher-based Method Authentication CodeCommon Malware Enumerationcomplementary metal oxide semiconductorCenters for Medicare and Medicaid ServicesCryptographic Message SyntaxCommon Misuse Scoring SystemCryptographic Module Validation Programcommon namecorrespondent nodeCommittee on National Security SystemsCommittee on National Security Systems Instructioncare-of addresscoder/decoderconflict of interestComponent Object Modelcontinuity of operationsChildren’s Online Privacy Protection ActCommon Object Request Broker Architecturecommercial off-the-shelfcertificate policycontingency planCommon Platform Enumerationcompression parameter indexCentre for the Protection of National Infrastructurecertification practice statementcentral processing unitchallenge-response authentication mechanismcyclic redundancy checkcertificate revocation listclient/serverCyber Security Industries Alliancecomputer security incident response capabilitycomputer security incident response teamchief security officercomputer security objectCredentials Service Providercertificate signing requestComputer Security Resource CenterCyber Security Research and Development Act of 20025
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONSCSSCSVCTOCTRCVECVSSCWEcascading style sheetcomma-separated valueschief technology officercounter mode encryptionCommon Vulnerabilities and ExposuresCommon Vulnerability Scoring SystemCommon Weakness destination addressdesignated accrediting authoritydesignated approving authoritydiscretionary access controlduplicate address detectionDARPA Agent Markup LanguageDigital Advanced Mobile Phone ServiceData Access ObjectDefense Advanced Research Projects Agencydecibels referenced to one milliwattdatabase management systemdomain controllerDistributed Computing EnvironmentDistributed Component Object Modeldistributed control systemDepartment of Defense Metadata Specificationdistributed denial of serviceData Encryption AlgorithmData Execution PreventionData Encryption StandardDistributed File Systemdynamic frequency selectionDiffie-HellmanDynamic Home Agent Address DiscoveryDynamic Host Configuration ProtocolDynamic Host Configuration Protocol for Internet Protocol v6U.S. Department of Homeland SecurityDigital Identity Management ServiceU.S. Defense Information Systems Agencydynamic link librarydirect memory accessdemilitarized zonedistinguished namedomain nameDistributed Network Protocoldomain name systemDomain Name System BlacklistDomain Name System Security ExtensionsU.S. Department of CommerceU.S. Department of Defense6
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONSDOEDOIDOJDOMDoSDPADRADRMDRPDSDSDS DVD-ROMDVD-RWU.S. Department of Energydomain of interpretationU.S. Department of JusticeDocument Object Modeldenial of servicedifferential power analysisdata recovery agentdigital rights managementdisaster recovery planDelegation Signerdistribution systemdifferentiated services fieldDigital Signature Algorithmdigital subscriber lineDirectory Services Markup Languagedelivery status notificationdynamic separation of dutyDigital Signature StandardDual Stack Transition MechanismDistributed Transaction CoordinatorDocument Type Definitionderived test requirementDHCP unique identifierdigital video discdigital video disc - recordabledigital video disc - read only memorydigital video disc - AEDGEEDIevaluation assurance levelExtensible Authentication ProtocolExtensible Authentication Protocol-Flexible Authentication via Secure TunnelingExtensible Authentication Protocol Over LANExtensible Authentication Protocol Over LAN Key Confirmation KeyExtensible Authentication Protocol Over LAN Key Encryption KeyExtensible Authentication Protocol-Transport Layer SecurityExtensible Authentication Protocol-Tunneled Transport Layer SecurityExterior Border Gateway ProtocolElectronic Business using eXtensible Markup LanguageElliptic Curve over G[2N]Electronic Codebook (mode)Elliptic Curve CryptographyElliptic Curve Diffie-HellmanElliptic Curve Digital Signature AlgorithmEnterprise Configuration ManagerEncryption Control ProtocolElectronic Communications Privacy ActEnhanced Data rates for GSM Evolutionelectronic data interchange7
SYSTEM AND NETWORK SECURITY ACRONYMS AND SETSIEUEUI-64EV-DOext2fsext3fsenhanced data rateelectronically erasable programmable read-only memoryExtensible Firmware InterfaceEncrypting File SystemExteri
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s
COMMONLY USED ACRONYMS If you interact with Medicare, you probably encounter acronyms on a regular basis. It can be difficult sometimes to keep track of them all. This resource is a list of Medicare-related acronyms. While the list is not all-inclusive, it contains those acronyms you may encounter on a regular basis in the course of your
Acronyms & Abbreviations 1 page . Acronyms and Abbreviations. List of Acronyms and Abbreviations % percent %g Percent acceleration of gravity C degrees Celsius . NCDC NOAA's National Climatic Data Center NEHRP . National Earthquake Hazard Reduction Program . NEPA National Environmental Policy Act NESEC .
security in application, transport, network, link layers Network Security 8-3 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security
3 CONTENTS Notation 10 Preface 12 About the Author 18 PART ONE: BACKGROUND 19 Chapter 1 Computer and Network Security Concepts 19 1.1 Computer Security Concepts 21 1.2 The OSI Security Architecture 26 1.3 Security Attacks 27 1.4 Security Services 29 1.5 Security Mechanisms 32 1.6 Fundamental Security Design Principles 34 1.7 Attack Surfaces and Attack Trees 37
Network Security Groups Network Security Groups are used to provide traffic control at the packet level. You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allo
network.edgecount Return the Number of Edges in a Network Object network.edgelabel Plots a label corresponding to an edge in a network plot. network.extraction Extraction and Replacement Operators for Network Objects network.indicators Indicator Functions for Network Properties network.initialize Initialize a Network Class Object
6 7/26/2000 1 – Abbreviations, Acronyms and Definitions Chapter 1 – Abbreviations, Acronyms and Definitions Abbreviations and Acronyms ACCA – Air Conditioning Contractors of America. AFUE – Annual fuel utilization efficiency. ARI – Air-Conditioning and Refrig
MySQL Quick Start Guide This guide will help you: Add a MySQL database to your account. Find your database. Add additional users. Use the MySQL command-line tools through ssh. Install phpMyAdmin. Connect to your database using PHP. You’ll also find links to further information that will help you make the most of your database. Customer Support MySQL Quick Start Guide Page 1 Contents .
