This glossary defines terms used on

2 | A | B | C | D | E | F | G | H | I | K | M | N | O | P | R | S | T | U | V | W | X | Y | Z



2FA requires individuals or systems to prove their identity by providing two different factors: something they have, something they know, or something they are. For example, you must provide your credit card (sth. you have) and PIN (sth. you know) when you withdraw money. On the internet, common 2FA standards are OATH-TOTP and the W3C WebAuthn API. If authentication requires more than two factors, it is commonly called multi-factor authentication.



Accountability is a security goal of RMIAS. It means that a system can hold users responsible for their actions.

Advanced persistent threat

APT means an attacker infiltrates a system over a long period. Attackers adapt their actions to their victims to pass undetected and gain a permanent foothold. Therefore, APTs are customized attacks.


Authenticated Encryption with Associated Data (AEAD) includes Authenticated Encryption (AE). AE combines encryption and MAC to accomplish confidentiality, integrity, and authenticity. AEAD allows its users to transfer additional unencrypted but authenticated data. AD achieves the security goals of integrity and authenticity. For example, modern TLS cipher suites implement AEAD.


AES is a widespread symmetric encryption algorithm.


An allowlist contains actions that are allowed explicitly. Any missing action is denied by default. Other terms are whitelist and passlist. For instance, “application whitelisting” means only applications on the allowlist can be executed on the system. The opposite is a denylist.


Application-Layer Protocol Negotiation (ALPN) is a TLS extension. It is needed by HTTP/2 to improve the compression of web pages and to reduce latency. ALPN replaced Next Protocol Negotiation (NPN).


Argon2 is a key derivation function. It uses a password and additional parameters to derive a stronger cryptographic key. This process is called key stretching and makes brute-force attacks less feasible. Argon2 can be used to store passwords securely in a database. Another widespread KDF is PBKDF2.

Attack tree

Attack trees are diagrams showing paths to reach a goal. The root node of the tree represents the goal of the attacker. Leaves and their children show distinct attack paths. Child nodes of a parent node must be satisfied to make the parent node “true.” Nodes can be weighted to prioritize protection measures.

Attack-defense tree

Attack-defense trees extend attack trees. They add a node type for protection measures.


Auditing means comparing the desired condition of something with its actual state. For instance, code audits should discover bugs and vulnerabilities. Companies, their subsidiaries, or single data centers can be audited, for example, to get an ISO/IEC 27001 certification.


Auditability is a security goal of RMIAS. It means that a system can conduct persistent, non-bypassable monitoring of all actions performed by humans or machines within the system.


Authentication means a system or individual confirms the identity of another system or individual. Usually, this is done by providing proof (something you have, something you know, or something you are, and the verifier knows that an identity is linked to this proof. For example, you must provide your credit card (sth. you have) and PIN (sth. you know) when you withdraw money. It is called two-factor authentication if you must provide different proofs for authentication.


Authenticity (or “trustworthiness”) is a security goal of RMIAS. It means that a system can verify the identity of a third party and establish trust in a third party and in the information it provides. An attack on this security goal is the replay attack.


Availability is a security goal of RMIAS and the CIA triad. The security goal mean a system is available when expected (it can be down for maintenance when previously announced). Attackers can conduct a DDoS attack to affect the availability of a system or service.


There is no clear definition of awareness in the context of Information Security Awareness. It means to raise awareness of threats to information security and to change the behavior of people. Raising awareness remains an integral part of information security since social engineering attacks target humans who can unwittingly disable security measures or leak information.



A backdoor in software or hardware allows an unauthorized party to bypass access control. For instance, an undocumented developer account in a router enables developers of this product to bypass the login form. Third parties can misuse backdoors to access software and hardware.


Backporting in terms of security vulnerabilities means someone takes security updates for supported software versions and applies these updates to unsupported software versions. For backporting security updates, one must isolate the actual security update from other changes and ensure that there are no side effects after applying the changes to the unsupported software version. Backported security updates can result in new security risks, like any other modification of software.


Biometrics refers to metrics related to human characteristics and is used for authentication (sth. you are). However, biometrics as a single factor for authentication is considered insecure.

Block cipher

Block ciphers are algorithms to transform fixed-length blocks (groups of bits) using symmetric keys. There are different modes of operation. Some modes are considered insecure (like ECB). We recommend modes that combine confidentiality and authenticity (authenticated encryption).

Body area network

A body area network (BAN; or “wireless body area network” (WBAN)) connects wearable devices of an individual. For instance, an activity tracker is connected with a smartphone using Bluetooth. BANs are smaller than PANs.


After being taken over (e.g., due to malware infection), a system (bot) can become part of a large remotely controlled network of bots (botnet). Attackers can use these networks for DDoS attacks or phishing.

Brute-force attack

An attacker trying every possible key to access a service or decrypt a file uses “brute force.” This process is called brute-force attack. Brute-force attacks become more feasible due to more efficient computers. More efficient machines require the implementation of better algorithms to slow down the process of guessing.

Buffer overflow

A buffer overflow occurs when data is written to a buffer that is too small. The data overruns the boundary of the buffer and overwrites adjacent memory areas then. Buffer overflows are a widespread type of attack, and there are several protective countermeasures available (e.g., DEP, ASLR, or stack canaries).



CAA means “DNS Certification Authority Authorization.” Domain name holders can define which certificate authorities should be able to issue certificates for this domain. The idea is to prevent unauthorized certificate issuance. However, certificate authorities must support CAA, and some reports were showing that certificate authorities ignored this policy. Only 9.0% of the 150,000 most popular websites implement CAA, according to Qualys' SSL Pulse in August 2021.


CAPEC stands for “Common Attack Pattern Enumeration and Classification,” and is currently maintained by the Mitre Corporation, a US-based not-for-profit organization. Like CVE and CWE, Mitre created the CAPEC system to structure and define attack patterns.


A digital certificate is issued and signed by a trustworthy certificate authority (CA). It contains information like the public key of the owner, its fingerprint, and the validity period of the certificate. A certificate, signed by a public CA, allows the verifier to check whether the public key is valid and trustworthy (integrity and authenticity). One problem with certificates is to check their revocation status (see CRL and OCSP).

Certificate Transparency

Certificate Transparency (CT) is a more complex system that logs information about all certificates issued by trustworthy certificate authorities. CT allows clients and other parties to validate certificates provided by servers.

Challenge-response authentication

The challenge-response authentication works as follows: The verifier sends a challenge to the prover. Then, the prover sends their response to the verifier. Finally, the verifier checks whether the response matches the expected one. However, the actual implementation is more complicated: Both parties usually share a secret, and an attacker can capture exchanged messages between both parties. So challenge-response authentication requires protection against replay attacks and brute-force attacks. It is common practice to send a nonce (which is valid for a short time) to the prover who includes it in their response.

CIA triad

The CIA triad is a core concept of information security. Its elements are confidentiality, integrity, and availability. However, this view is limited to information which is why there are newer concepts like RMIAS.

Cipher suites

Cipher suites (as used in TLS) are sets of algorithms used for key exchange, authentication, encryption, and MAC. Client and server can support different cipher suites, but they must have at least one cipher suite in common to establish connections.


Clickbait can be short text or a headline that is designed to make readers curious, so they want to access linked content. While it is primarily a marketing technique, it can be seen as social engineering in the broadest sense.


Clickjacking tricks the user into clicking on concealed links. A clickjacked website looks normal; however, there is an invisible layer over the legitimate website. Users who think that they click the buttons of the authentic website interact with the hidden layer. Known exploits are downloading and running malware, sharing links on social media, or enabling the victim’s webcam or microphone.


Confidentiality is a security goal of RMIAS and the CIA triad. It means that only authorized individuals or systems can read and modify confidential information.

HTTP is stateless. Being stateless means web browsers need other ways to store data when necessary. Cookies are dedicated files for this purpose, stored by the web browser. However, cookies are sometimes used for user tracking. We recommend denying cookies by default (create an allowlist) and delete all cookies when you close your web browser.

Credential stuffing

Credential stuffing means an attacker uses previously leaked or stolen valid user credentials (e.g., e-mail addresses and the corresponding passwords) to gain access to other accounts. Contrary to brute-force attacks, attackers don’t try every possible key but use valid user credentials. People reusing the same credentials for distinct user accounts are prone to this attack.


Certificate Revocation Lists (CRL) are simple lists that contain revoked certificates. However, there are different problems with CRLs. Due to this, some web browsers implement OCSP, while Chrome uses a custom mechanism.


CSP is an HTTP response header, included in the HTTP response of a server to clients. CSP means “Content Security Policy.” Website owners can set a CSP to tell clients (like web browsers) how they should handle the content of the website. For example, a CSP can forbid loading JavaScript, images, and fonts from other web servers. Website owners shouldn’t use “unsafe-inline” directives at all.


Cross-site request forgery (CSRF or XSRF) is an attack that executes unwanted actions on a website in which the victim is currently authenticated. For the website, it looks like the action originated from the authenticated user. A server-side countermeasure is to use and validate CSRF tokens.

CSRF token

CSRF tokens are unique and unpredictable values to defend against cross-site request forgery. The server-side application generates tokens and sends them to the client. The client must include the token in a subsequent HTTP request. If the token is invalid or missing, the server requests the request.


Curve25519 is an elliptic curve that offers 128 bits of security. Its reference implementation is public domain, and it is widely supported. Curve25519 is a SafeCurve (see for further information).


CVE stands for “Common Vulnerabilities and Exposures,” and is currently maintained by the Mitre Corporation, a US-based not-for-profit organization. Like CAPEC and CWE, Mitre created the CVE system to create globally unique identifiers for security vulnerabilities. Identifiers look like “CVE-YEAR-NUMBER.” The year included in the identifier is the year when the CVE ID was assigned, not the year when the vulnerability became publicly known.


CWE stands for “Common Weakness Enumeration,” and is currently maintained by the Mitre Corporation, a US-based not-for-profit organization. Like CVE and CAPEC, Mitre created the CWE system to provide a structured list of software weaknesses.


The Common Vulnerability Scoring System is an open standard to rate the severity of vulnerabilities. CVSS v3.0 provides a score (0 to 10.0, 10.0 means most severe) and a vector string based on a formula that evaluates several metrics to approximate ease and impact of exploits. There are three metrics: base (is calculated once), temporal (changes over time), and environmental (allows organizations and individuals to adjust the scoring by considering their infrastructure).


Data protection

Data protection is the protection of personal data so that the processor processes it in accordance with the law, and third parties aren’t able to access this data. However, there is more data in companies that must be protected (see information security).

DDoS attack

A DDoS attack (Distributed Denial of Service attack) tries to overload or crash services on the targeted system by sending millions of requests from numerous sources. The goal of DDoS attacks is to affect the availability of a service or system, e.g., making a web server unreachable for web browsers.

Defacement attack

Breaking into a web server to modify (add, change, delete) content of the hosted website is called website defacement. Typically, it’s easy to spot defacement since defacers want to arouse attention.


A denylist explicitly defines actions that are denied. Undefined actions are allowed by default. Other terms are blacklist and blocklist. For instance, a custom e-mail spam filter explicitly blocks defined e-mail addresses. The opposite is an allowlist.


Diceware is a technique to generate passphrases using dice as a hardware random number generator. A group of five digits represents a word on a word list. Sufficiently long Diceware passphrases aren’t vulnerable to dictionary attacks because there is the same probability for every word on the list to be chosen, and words are picked randomly. You randomly generate numbers and replace these numbers with words to be easily readable.

Dictionary attack

Iterating over a word list (= dictionary) and trying every word to access a service or decrypt a file, is a dictionary attack. A suitable hash function and salt can defeat this attack as long as the attacker doesn’t have an appropriate word list and sufficient computing power.

Digital signature

Digital signatures base on public-key cryptography and are used to provide non-repudiation, authenticity, and integrity. A user uses a private key to digitally sign data, while the corresponding public key is used by third parties to validate the signature of the user. It’s imperative to verify the owner of the public key.


The demilitarized zone (DMZ) is a physical or logical subnetwork, containing the external-facing services of a network. External hosts can connect to network services in the DMZ. However, these hosts can’t connect to hosts of the private network outside the DMZ since a firewall protects the private part.


DNSSEC stands for “Domain Name System Security Extensions.” Its primary purpose is authentication by signing DNS data, so DNS resolvers can check if DNS records remained unchanged. DNSSEC responses are signed, not encrypted. It allows integrity checks but does not provide confidentiality of data.

Downgrade attack

A protocol that allows different levels of security can be vulnerable to downgrade attacks. An attacker tries to downgrade the security level to the lowest one, so it is easier for him to attack. A well-known example is POODLE.


Publicly releasing private data about an individual or organization is called doxing. Before publication, the person conducting doxing uses public databases, social media, or social engineering to acquire information.



Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC requires smaller keys compared to non-EC cryptography (like used by RSA) to provide equivalent security.


The Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the Digital Signature Algorithm (DSA). It uses elliptic-curve cryptography to sign data digitally.


Ed25519 is an EdDSA signature scheme using SHA-512 and Curve25519. It offers roughly the same security as NIST curve P-256, RSA with 3000-bit keys, or 128-bit block ciphers. Ed25519 signatures fit into 64 bytes, and public keys consume 32 bytes.


EdDSA stands for “Edwards-curve Digital Signature Algorithm.” It uses elliptic curves for digital signatures. One famous variant is Ed25519.

End-to-end encryption

End-to-end encryption (also E2EE) protects network communication between two endpoints. Only the endpoints can decrypt the communication. For example, the Signal messenger and GnuPG provide E2EE.


Entropy describes the strength of keys in bits. One bit represents two possible outcomes (0 or 1). A key with 100-bit entropy is equal to 2 to the power of 100 possibilities to create this key. Every extra bit duplicates the number of possibilities.


An exploit is code to exploit a vulnerability. Even worse are zero-day exploits.



Federation means that users of a network can communicate with users of another network without being part of the other network. For instance, Facebook isn’t federated because all users have to be on Facebook to communicate with each other. By contrast, e-mail is federated because a Gmail user can send an e-mail to a user.


A firewall is software that limits access between two networks or systems and follows a security policy. Firewalls can be network-based or host-based. There are different types of firewalls, like packet filters, stateful filters, and application layer firewalls. Another specific firewall is a web application firewall.


The FIDO2 Project is an effort to create a new FIDO authentication standard that incorporates the upcoming W3C WebAuthn API and the Client-to-Authenticator Protocol (CTAP) developed by the FIDO Alliance.


A digital fingerprint is a checksum. You can use hash functions to create fingerprints. One advantage is that you only need to check whether the (shorter) fingerprint matches. For example, you calculate the hash sum of a PDF file and send the fingerprint and file to a friend. Your friend needs to calculate the hash sum and check if it matches yours. Fingerprints are often used in cryptography (e.g., in certificates or to verify public keys in general).

Besides, the term fingerprint is used in conjunction with a machine, device, or web browser (e.g., device fingerprint). Such fingerprints consist of (unique) information about devices and can be used to identify individual devices or even users.

Forward secrecy

Forward secrecy (FS; also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications against key compromise in the future. An attacker who can record every encrypted message (man-in-the-middle) won’t be able to decrypt these messages when keys are compromised in the future. Modern encryption protocols like TLS 1.3 and Signal Protocol offer FS.



GnuPG implements the OpenPGP standard. GPG provides cryptographic functions to encrypt, decrypt, and sign e-mail content, files, etc. Metadata (like e-mail addresses or subject) remains unencrypted.



Hardening is a generic term for securing systems against attacks. Hardening includes deactivating unused interfaces like USB ports (see Principle of Least Functionality) and appropriate rights management (see Principle of Least Privilege).

Hash function

A hash function maps input (e.g., files or data) of arbitrary size to an output of fixed size (e.g., 128-bit string). In cryptography, hash functions must be infeasible to invert (one-way function) and have several additional properties. Hash functions can be used to check the integrity of data.


HMAC means “keyed-hash message authentication code.” HMAC combines MAC, a secret key, and a cryptographic hash function. It can be used to check the authenticity and integrity of data. Unlike MACs, HMACs aren’t prone to length extension attacks.


HSTS is an HTTP response header, included in the HTTP response of a server to clients. HSTS tells clients to always upgrade to HTTPS for this domain name. HTTPS-only is a good practice for most websites. Server admins should set this header. More and more web browsers enable HTTPS-only be default.


Industrial control systems

Industrial control systems (ICS) are control systems used for industrial process control. They contain Supervisory Control and Data Acquisition (SCADA) systems or distributed control systems (DCS) and programmable logic controllers (PLCs). ICS differ from “traditional” information technology. Most technical security practices can’t be simply deployed in ICS environments. Therefore, ICS are considered operational technology.

IDN homograph attack

Homoglyphs are characters with shapes that appear identical or similar. Attackers make use of homoglyphs to create internationalized domain names (IDN) that look similar to well-known domain names. For example, “infosес” looks similar to “” However, the first domain name contains Cyrillic е and с. The visual similarity enables attackers to impersonate individuals and domain names.


In terms of information security, an impersonator is somebody who pretends to be another person (identity theft) to commit fraud or other illegal activities. It is another social engineering technique.

Information security

According to Wikipedia, “[i]nformation security, sometimes shortened to InfoSec, is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. It is a general term that can be used regardless of the form the data may take (e.g., electronic, physical).”

On the contrary, IT security is focused on the protection of computer systems (hardware, software, information). Therefore, IT security is a subset of information security.

The term information doesn’t include personal data. Securing personal data is called data protection.


Integrity is a security goal of RMIAS and the CIA triad. It means that one can determine whether a particular resource was modified compared with the original resource.

Intrusion detection system

An intrusion detection system (IDS) monitors networks (network IDS, NIDS) or hosts (host-based IDS, HIDS) for malicious activity or policy violations. Mostly, detected events are reported to a centralized security monitoring solution.

IDS that can respond to malicious activity or policy violations are referred to as intrusion prevention systems (IPS).


IPsec is a secure network protocol suite that authenticates and encrypts the packets of data sent over an internet protocol network. It is used in virtual private networks. IPsec can be operated in transport mode (the payload of the IP packet is encrypted and authenticated) or in tunnel mode (the entire IP packet is encrypted and authenticated).

Contrary to TLS, IPsec operates on the Internet Layer.



A KDF derives at least one secret key from an input like a password. Some KDFs can be used for key stretching.

Kerckhoffs’s principle

Kerckhoffs's principle is derived from six design principles for military ciphers written by Dutch linguist and cryptographer Auguste Kerckhoffs. It says that “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.”

Key stretching

Key stretching is used to make brute-force attacks more difficult by increasing the time it takes to test each possible key. Two widespread key stretching algorithms are PBKDF2 and Argon2.

Kill chain

The term kill chain originates from a military concept to structure a physical attack. In information security, the cyber kill chain is a framework developed by the Lockheed-Martin corporation to structure a digital attack. The cyber kill chain describes different phases of an attack. However, it has some downsides (e.g., several phases happen outside the defended organization, or it is focused on malware-based attacks). Due to this, there is the newer unified kill chain based on the cyber kill chain and Mitre’s ATT&CK framework. The unified kill chain describes 18 phases that may occur in digital attacks.



A MAC is a short value used to check the authenticity and integrity of data. It protects against message forgery by anyone who doesn’t know the secret key. Since this key is shared among the sender and receiver of a message, MACs don’t provide non-repudiation.


Malware (malicious software) is a generic term for software containing unwanted or malicious functions. Malware includes ransomware, Trojan horses, computer viruses, worms, spyware, scareware, adware, etc. Nowadays, malware can’t be categorized because sophisticated malware often combines properties of different categories. For instance, WannaCry propagated like a worm but encrypted files and demanded ransom (ransomware).

Man-in-the-middle attack

While Alice communicates with Bob via the internet, Eve (Eavesdropper) joins the conversation “in the middle” and becomes man-in-the-middle. Eve can modify, insert, replay, or read messages at will. Protective measures are encryption (confidentiality) and checking the authenticity and integrity of all messages. However, you must ensure that you communicate with the expected party. For instance, when you use GnuPG (or public-key cryptography in general), you must verify that you use the actual public key of the respective recipient.


Metadata is data that provides information about other data. For instance, a JPG file contains the actual picture (data) and metadata, like creation date, type of camera, GPS coordinates, etc. Metadata can be valuable for attackers (e.g., finding appropriate exploits for outdated software used by the victim), government agencies (e.g., collecting information about people to create social graphs), and other parties (e.g., show location-based advertisements). As soon as you use any computer (like your smartphone, laptop, PC, IP camera, smart refrigerator), you likely leave metadata behind.


MFA requires individuals or systems to prove their identity by providing multiple factors: something they have, something they know, or something they are. For example, you must connect a security token to your device, enter an additional PIN, and be physically located in a specific region. Two-factor authentication is common on the internet.


Need-to-know basis

The need-to-know basis means certain information is exclusively shared with individuals who need to know this information.


The Nitrokey is an open-source USB key produced by the Nitrokey UG in Germany. It implements OpenPGP card algorithms. One can generate and store OpenPGP key pairs on it. Some models support creating OATH-TOTP codes, contain secure password storage, secure data storage, and other cryptographic functions.


In cryptography, a nonce is a random value used once. Nonces are used to prevent replay attacks.


Non-repudiation is a security goal of RMIAS. It means that a system can prove (with legal validity) occurrence/non-occurrence of an event or participation/non-participation of a party in an event.



OATH-HOTP stands for “OATH HMAC-based one-time password algorithm.” This algorithm generates OTPs based on a secret key, a counter value, and an HMAC.


OATH-TOTP stands for “OATH time-based one-time password algorithm.” In addition to OATH-HOTP, the current timestamp is included to create an OTP.


The OCSP can be used to obtain the revocation status of digital certificates. It’s an alternative to CRL. Pure OCSP exposes the client’s IP address to the OCSP responder while OCSP stapling enables the server to store pre-authenticated OCSP information to avoid this. OCSP Must-Staple is a certificate extension that allows the client to learn about the presence of OCSP information during the TLS handshake. Most web browsers support OCSP; however, Chrome uses a custom mechanism to obtain revocation information.


OMEMO (XEP-0384) is an experimental extension to XMPP that allows end-to-end encrypted communication and offers forward secrecy. It is based on the Signal Protocol.


OpenPGP is an open standard, introduced several years after the original PGP (Pretty Good Privacy). OpenPGP is specified in RFC 4880 and some additional RFCs like RFC 6637. OpenPGP-compliant software provides several security services for electronic communications and data storage. Private users mostly use OpenPGP-compliant software like GnuPG for encrypting and signing e-mails. Other current implementations are NeoPG, Sequoia PGP, and OpenPGP.js. Mailvelope and ProtonMail use the latter.


OT includes hardware and software that is used to monitor or modify the physical state of a system. The term OT is used to demonstrate differences between information technology (IT) and ICS environments.


OTP stands for “one-time password.” This password is valid for single use. Standard algorithms to generate OTPs are OATH-HOTP and OATH-TOTP.


OTR stands for “Off-the-Record Messaging.” It allows end-to-end encrypted communication and offers forward secrecy. However, it is only suitable for single-client use and synchronous messaging. Both parties must be online at the same time to communicate.



A passphrase is similar to passwords; however, it consists of words instead of characters. You can create passphrases with Diceware.


A password is a string of characters used for authentication. A strong password consists of randomly-chosen characters that all have an identical probability of occurrence.

Password spraying

Password spraying is a brute-force attack. Typically, an attacker tries to guess the password for a fixed username. For instance, the attacker sets “root” as the username and iterates over a long list of different passwords. Of course, intrusion detection systems (IDS) could easily detect a vast number of unsuccessful login attempts.

Contrary to this, password spraying sets a fixed password (e.g., “123456”) and iterates over a long list of different usernames. So, there is only one failed login per username and iteration. As a result, IDS aren’t triggered. The attack requires a list of (likely) valid usernames and a list of common passwords. Countermeasures are strong credentials and two-factor authentication.


PBKDF (Password-Based Key Derivation Function) creates cryptographic keys based on a password, HMAC, iterations, and salt. For instance, WPA2 uses PBKDF2. The aim is to reduce the vulnerability of keys to brute-force attacks. According to RFC 8018 section 4.2., “an iteration count of 10,000,000 may be appropriate.”

Penetration test

Penetration tests are documented checks and scans on applications, systems, or websites to identify vulnerabilities. Penetration tests are either black box (pen tester has no inside knowledge), gray box (limited knowledge), or white box (pen tester has inside knowledge) tests. Typically, pen test reports include identified vulnerabilities, guidance, and severity of each vulnerability.

Personal area network

A personal area network (PAN; or “wireless personal area network” (WPAN)) is a small network that connects personal devices in the direct workspace of a single person. Technologies used for WPANs are Bluetooth, ZigBee, IrDA, and Wireless USB. Sometimes, one device in the PAN is used to connect all other devices to another network. PANs are smaller than LANs but bigger than BANs.

Personal data

According to Article 4 of the European General Data Protection Regulation (GDPR), “‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’).” An identifiable natural person “is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, … an online identifier or … one or more factors specific to the … natural person.”

For instance, company names, addresses of authorities, or secret manufacturing data isn’t personal data. Protecting this non-personal data may be necessary, see information security.

A similar but non-synonymous term is personally identifiable information (PII) in the US. According to NIST Special Publication 800-122, PII is “any information about an individual … such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and … any other information that is linked or linkable to an individual ….”


Phishing is a social engineering technique. Attackers send forged SMS, e-mails, chat messages, etc. to their victims to get their personal data. After that, attackers can try to impersonate their victims or do something criminal. Spear phishing is a more sophisticated phishing technique.

Plausible deniability

Plausible deniability can be another security goal. It is accomplished if you can’t prove that a person or system sent a particular message. Then, this person or system can plausibly deny being the sender of the message.

Principle of Least Functionality

Principle of Least Functionality means hardening a system by disabling or removing all functionality that isn’t needed for the intended use case of the system.

Principle of Least Privilege

Principle of Least Privilege means hardening a system by restricting privileges of user accounts to the essential minimum so that the intended actions can be performed. For instance, a guest user on a system can’t install or uninstall software since this isn’t an intended action.


Privacy is a security goal of RMIAS. It means that a system should obey privacy legislation, and it should enable individuals to control, where feasible, their personal information (user-involvement).

Sometimes, data protection is called “data privacy.”

Public-key cryptography

Public-key cryptography (or asymmetric cryptography) is the opposite of symmetric cryptography. Every party has two keys (public and private). The private one must be kept secret and is used for decryption while the public one has to be published and is used for encryption. All other parties must verify that a published public key belongs to the anticipated owner to avoid man-in-the-middle attacks.

There are different approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields. Others are based on the difficulty of the factorization of the product of two large prime numbers.

Public-key cryptography can be used for digital signatures.



Ransomware is a type of malware. There are different subtypes of ransomware. The idea is to press victims for money by threatening them with doing something harmful. One scheme is publishing confidential data in x hours. Another more popular method is encrypting vital data using public-key cryptography and threaten to delete the corresponding private key after x hours, rendering the encrypted data useless). An important countermeasure is to back up all of your data regularly.


The referrer is an HTTP request header, included in the HTTP request of a client to a server. There are different use cases for this. However, it can be used for tracking users. Most web browsers allow you to disable referrer headers.

Replay attack

Replay attacks are attacks on authenticity. An attacker records messages and resends them (replay). The recipient can’t be sure whether the second message (sent by the attacker) was sent by the sender of the first (identical) message or someone else. Using current timestamps, nonces, and end-to-end encryption are primary countermeasures.


A risk is the level of impact on operations, assets, or individuals. It is based on the impact of a threat and the likelihood of that threat occurring.

Risk assessment

A risk assessment (or risk analysis) is the process of identifying risks to operations, assets, or individuals by determining the probability of occurrence, the resulting impact, and controls that would mitigate this impact.

Risk management

Risk management is the process of the identification, measurement, control, and minimization of risks. It includes assessing risks, taking actions to reduce risks to an acceptable level, and maintaining risks at an acceptable level.


RMIAS is a reference model introduced in 2013 which consists of four dimensions: Security Life Cycle, Information Taxonomy, Security Goals, and Security Countermeasures. The goal of this model is to overcome restrictions of prior models like the CIA triad and meet the needs of new trends. Besides the “traditional” security goals of the CIA triad, this model contains authenticity/trustworthiness, privacy, accountability, auditability, and non-repudiation. These security goals are viewed in the context of components of an information system that are information, people, processes, hardware, software, and networks.


RSA is a well-known public-key cryptosystem. It is based on the practical difficulty of the factorization of the product of two large prime numbers. For instance, RSA is used as part of OpenPGP for e-mail encryption and signing.



In cryptography, salt is random data. Commonly, salt is appended to a key and then processed with a hash function. Finally, the output and salt are stored in a database. A long salt, which is randomly generated for each key, protects against dictionary attacks.


Sandboxing is software-based isolation of applications to mitigate system failures or vulnerabilities.

Security goal

Concepts in information security like the CIA triad or RMIAS define security goals that have to be fulfilled. Well-known security goals are confidentiality, integrity, and availability.

Signal Protocol

The Signal Protocol (formerly TextSecure Protocol or Axolotl Protocol) is a modern cryptographic protocol allowing end-to-end encrypted communication. Contrary to OTR, asynchronous and multi-client communication is possible. Forward secrecy is supported.

SIM swapping

SIM swapping is a social engineering attack. An attacker gathers information about the victim. Afterward, the attacker convinces the victim’s mobile phone service provider to port the victim’s telephone number to a SIM card controlled by the attacker by impersonating the victim. If successful, the attacker has full control of the victim’s telephone number. This way, the attacker can bypass two-factor authentication by directly intercepting one-time passwords in text messages or phone calls.

Social engineering

Social engineering is a generic term for the psychological manipulation of humans into performing actions. Social engineering isn’t dependent on technology and quite common in everyday life. For example, children cry to manipulate their parents, or commercials manipulate their viewers. In information security, phishing is a widespread social engineering technique.

Spear phishing

Spear phishing is more sophisticated than phishing. Attackers customize their forged messages and send them to a smaller amount of potential victims. Spear phishing requires more research on the attacker’s side; however, the success rate of spear-phishing attacks is higher than the success rate of phishing attacks.


SSRF is an attack that exploits a server-side application to execute unwanted actions. For other server applications (including the exploited application itself), it looks like the action originated from the trustworthy server application.

Stream cipher

Stream ciphers are symmetric algorithms to combine plaintext with a pseudorandom keystream. Each digit is encrypted or decrypted one at a time with the corresponding keystream digit. It’s crucial to use different keys each time.

Subresource Integrity

SRI can be used to ensure the integrity of third-party content embedded on a website. Websites which don’t embed any third-party content don’t need SRI. The basic idea is that one hash per external resource is provided. Modifying the external resource results in a different hash. The client gets a new hash value that differs from the hash value provided by the web server. Ultimately, the client discards the modified resource.

Supply-chain attack

A supply-chain attack can affect any user of IT and OT components (hardware or software). Attackers manipulate a component during its manufacturing process. In most cases, the actual attack happens before the targeted user possesses the manipulated component. Examples are manipulated compilers or firmware, and attacks like Stuxnet or NotPetya.

Symmetric cryptography

Symmetric cryptography is the opposite of public-key cryptography. Two parties need the same private key to communicate. Both of them use this key for encryption and decryption. Symmetric encryption is faster than public-key encryption; however, you have to exchange keys securely. AES is a well-known representative of symmetric cryptography.

Symmetric cryptography uses either block ciphers or stream ciphers.



TLS allows secure data transfer via the internet. TLS 1.3 and TLS 1.2 (with a limited set of secure cipher suites) are considered secure. The latest TLS 1.3 standard offers secure cipher suites, supporting forward secrecy and AEAD.



U2F is an authentication standard initially developed by Google and Yubico. The FIDO Alliance currently hosts the standard. U2F tokens can be used for two-factor authentication. These tokens contain a unique secret key which can’t be extracted. The specification allows unlimited accounts per U2F token since web applications that offer U2F authentication generate and store their own key pair for each U2F token in use.



A VPN extends a private network (e.g., your network at home) across a public network (like the internet). Devices connected to the VPN are logically part of the private network, even if there are physically somewhere else. Applications using a VPN are subject to the functionality, security, and management of the private network. IPsec or TLS are widely in use to secure VPNs.


Vulnerabilities are exploitable security flaws in software or hardware. Well-known vulnerabilities receive names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one CVE identifier. There aren’t always exploits available for vulnerabilities. A well-known system to classify the severity of vulnerabilities is CVSS.


Web application firewall

A web application firewall (WAF) is an application layer firewall that filters, monitors, and blocks HTTP traffic to and from web applications. For instance, this can prevent SQL injection or XSS attacks.


WebAuthn is a specification developed by W3C that defines the creation and use of strong, attested, scoped, public key-based credentials by web applications. It is part of FIDO2. The latest version is Level 2, released in April 2021.


Wi-Fi is a family of wireless networking technologies and a trademark of the Wi-Fi Alliance. It is based on the IEEE 802.11 specifications that define protocols for implementing wireless local area networks (WLANs). The current Wi-Fi generation is 6, referring to the 802.11ax protocol. Former generations are Wi-Fi 5 (802.11ac), Wi-Fi 4 (802.11n), Wi-Fi 3 (802.11g), Wi-Fi 2 (802.11a), and Wi-Fi 1 (802.11b).

For protection, WPA is used.


WPA means Wi-Fi Protected Access, and it is used to secure wireless networks. The current generation is WPA3. Former generations are WPA2 (use CCMP/AES for encryption; TKIP is insecure), and WPA (insecure). WPA offers WPA-Personal (for private users) and WPA-Enterprise (for companies). For WPA-Personal, PBKDF2 is used to derive a 256 bit key from the pre-shared key entered by the user.



XSS is a vulnerability found in web applications. There are different types of XSS attacks. Mostly, the attacker can inject client-side scripts into websites. Code injection exploits the trust a user has in a website. The opposite is CSRF/XSRF.



The YubiKey is a closed source USB key produced by Yubico in the US and Sweden. It implements OpenPGP card algorithms. One can generate and store OpenPGP key pairs on it. Some models support creating OATH-TOTP codes, U2F, and other cryptographic functions.


Zero-day exploit

A zero-day exploit exploits a vulnerability in software or hardware, and this vulnerability is unknown to the public, publisher, or other parties who would typically mitigate it.