信息安全原理與應(yīng)用 單詞

1、Overlapping control 重疊控制Chapter 1Layered defense 分層防御Principle of weakest link 最弱環(huán)節(jié)原則Administrative control 管理控制Computing system 計(jì)算系統(tǒng)Principle of easiest penetration 最易滲透原貝 0Hardware 硬件Software 軟件Data數(shù)據(jù)Vulnerability 脆弱性Threat攻擊Attack威脅Control 控制Interruption 中斷Interception 截取Modification 篡改Fabricatio

2、n 偽造Method方法Opportunity 機(jī)會(huì)Motive動(dòng)機(jī)Security secure 安全措施Confidentiality保密性/機(jī)密性Integrity完整性Availability 可用性Secrecy保密性Privacy私密性Configuration management 配置官理Logic bomb邏輯炸彈Trojan horse特洛伊木馬Virus病毒Trapdoor 陷門Information leak 信息泄露Principle of adequate protection 適度保護(hù)原則Salami attack香腸攻擊Replay 重放Cracker破譯者Pr

3、evention 預(yù)防方法Deterrence 障礙Deflection 偏差Detection 檢測(cè)Recovery 恢復(fù)Encryption 加密Protocol 協(xié)議Policy策略Procedure 規(guī)程Physical control 物理控制Principle of effectiveness 有效性原則Chapter 2Sender發(fā)送者Recipient接受者Transmission medium 傳輸中介Interceptor 截取者Intruder入侵者Encryption 加密Decryption 解密Encode編碼Decode解碼Encipher編密碼Decipher

4、譯密碼Cryptosystem密碼體制Plaintext 明文Ciphertext 密文Algorithm 算法Key密鑰Symmetric對(duì)稱的Asymmetric非對(duì)稱的Keyless cipher無(wú)密鑰密碼Cryptography密碼編碼學(xué)Cryptanalyst密碼分析學(xué)Cryptology 密碼學(xué)Break an encryption 破譯加密Substitution 替換Transposition 置換Substitution替換密碼monoalphabetic substitution 單字符替換法Simple substitution 簡(jiǎn)單替換法Caesar cipher愷撒密

5、碼Permutation 排歹。One-time pad 一次性密碼本Vigenere tableau維吉尼亞表Vernam cipher弗納母密碼Book cipher 密碼本Columnar Transposition 歹U置換Digram雙字母組Trigram三字母組Product cipher 成績(jī)密碼Secure cryptographic system 安全密碼體制Amount of secrecy 保密量Error propagation 差錯(cuò)傳播Authentication 鑒另ljKey distribution 密鑰分配Key management 密鑰管理Stream c

6、ipher 流密碼Block cipher 塊密碼Confusion混亂性Diffusion擴(kuò)散性Ciphertext-only attack 唯密文攻擊Known plaintext attack 已知明文攻擊Probable plaintext attack 可能明文攻擊Chosen plaintext attack 選擇明文攻擊Chosen ciphertext attack 選擇密文攻擊Data Encryption Standard(DES)數(shù)據(jù)加密標(biāo)準(zhǔn)Data Encryption Algorithm-1 數(shù)據(jù)加密算法-1Double DES 雙重 DESTriple DES 三重

7、 DESDifferential cryptanalysis 微分密碼分析學(xué)Advanced Encryption Standard(AES) AES 高級(jí)加密標(biāo)準(zhǔn)Rijndael 一種對(duì)稱加密算法Cycle or round 循環(huán)Public key encryption 公鑰加密Asymmetric encryption system 非對(duì)稱密碼體制Private key 私鑰Secret key 密鑰Rivest-Shamir-Adelman (RSA) algorithm 一種非對(duì)稱加密算法Cryptographic hash function 密碼哈希函數(shù)Message digest

8、 消息摘要Hash哈希Checksum檢驗(yàn)和One-way function 單向函數(shù)MD4,MD5兩種消息摘要算法名稱SHA/SHS安全哈希算法/安全哈希標(biāo)準(zhǔn)Chaining 鏈接Key exchange密鑰交換Digital signature 數(shù)字簽名Certificate 證書Certificate authority(CA)證書管理中心Chapter 3Program 程序Secure program 安全程序Fault故障Program security flaw 程序安全漏洞Bug bugError錯(cuò)誤Failure 失敗Penetrate and patch 滲透和打補(bǔ)丁Cyb

9、er attack計(jì)算機(jī)攻擊Buffer overflow緩沖區(qū)溢出Incomplete mediation 不完全驗(yàn)證Time-of-check to time-of-use檢查時(shí)刻到使用時(shí)刻Malicious code 惡意代碼Rogue program欺詐程序Virus 病毒Agent代理Transient virus 瞬時(shí)病毒Resident virus 寄生病毒Trojan horse特洛伊木馬Logic bomb邏輯炸彈Time bomb時(shí)間炸彈Backdoor 后門Trapdoor 陷門Worm蠕蟲Rabbit野兔Appended virus掛接性病毒Document virus

10、 文檔病毒Bootstrap load 引導(dǎo)裝在Boot sector virus引導(dǎo)區(qū)病毒Virus signature 病毒特征Polymorphic virus 多態(tài)性病毒Encrypting virus 加密病毒Brain virus Brain 病毒The Internet worm 互聯(lián)網(wǎng)蠕蟲Code Red紅色代碼病毒W(wǎng)eb bug 網(wǎng)頁(yè) bugUnit test單元測(cè)試Integration test 集成測(cè)試Error checking 錯(cuò)誤檢查Rootkit rootkitRootkit revealer Rootkit 檢測(cè)器Privilege escalation權(quán)限提

11、升Interface illusion 接 口錯(cuò)誤Keystroke logger鍵盤記錄器Man-in-middle attack 中間人攻擊Covert channel 隱蔽通道File-lock channel 文件鎖通道Storage channel 儲(chǔ)存通道Timing channel 時(shí)間通道Software engineering 軟件工程Encapsulation 封裝Information hiding 信息隱藏Modularity 模塊化Maintainability 可維護(hù)性Understandability 易理解性Reusability可重用性Correctabili

12、ty 正確性Testability可測(cè)試性Coupling 耦合Cohesion 內(nèi)聚Mutual suspicion 相互猜疑Confined program 限制程序Peer review對(duì)等復(fù)查Program design 程序設(shè)計(jì)Inspection 檢查Walk-through 走查法Review復(fù)查Egoless programming 無(wú)我編程Hazard analysis危險(xiǎn)性分析Hazard/interoperability studies 危險(xiǎn)/互操作性研究Failure modes and effects analysis 失效模式和后果 分析Fault tree ana

13、lysis 故障樹(shù)分析Performance test 性能檢測(cè)Regression test 衰減檢測(cè)Black-box test 黑盒檢測(cè)Clear-box test 白盒測(cè)試Independents test team 獨(dú)立測(cè)試小組Penetration test 滲透測(cè)試Passive fault detection 被動(dòng)故障檢測(cè)Active fault detection 主動(dòng)故障檢測(cè)Redundancy 冗余Fault tolerance 錯(cuò)誤容差Configuration management 配置管理Configuration identification 配置識(shí)另UCondi

14、tional compilation 條件編譯Configuration audit 配置審查Proof of program correctness 程序正確性證明Program verification 程序驗(yàn)證Process standard 過(guò)程標(biāo)準(zhǔn)Configuration management standards 配置管理標(biāo)準(zhǔn)Security audit 安全審計(jì)Chapter 4Executive執(zhí)行器Monitor監(jiān)控器Multiprogrammed system 多道程序系統(tǒng)Protected object被保護(hù)對(duì)象Sharable I/O device 可共享的 I/O 設(shè)

15、備Serially reusable I/o device 可連續(xù)重用的 I/O 設(shè)備Physical separation 物理分離Temporal separation 時(shí)間分離Logical separation 邏輯分離Cryptographic separation 密碼分離Isolation 隔離Memory protection 內(nèi)存保護(hù)Fence register界地址寄存器Relocation 重定位Base/bounds registers基址/范圍寄存器Tagged memory architecture 標(biāo)記內(nèi)存結(jié)構(gòu)Segmentation 分段式Segment add

16、ress table 段地址表Segment address translation 段地址轉(zhuǎn)換Paging分頁(yè)P(yáng)age frame 頁(yè)幀Page address translation 頁(yè)地址轉(zhuǎn)換Paged segmentation 段頁(yè)式Directory 目錄Revocation of access 撤銷訪問(wèn)Access control list訪問(wèn)控制列表User-group-world protection 用戶/組/全局保護(hù)Access control matrix 訪問(wèn)控制矩陣Wildcard designation 通配符指定Capability訪問(wèn)權(quán)能Domain 域Loca

17、l name space本地名字空間Kerberos KerberosAuthentication sever 鑒別服務(wù)器Ticket-granter sever票據(jù)授權(quán)服務(wù)器Key distribution center 密鑰發(fā)布中心Procedure-oriented access control 面向程序的訪問(wèn)控制Role-based access control基于角色的訪問(wèn)控制File protection 文件保護(hù)Shared file共享文件Persistent permission 持久許可Temporary access permission 臨時(shí)訪問(wèn)許可Set userid

18、 permission 設(shè)置用戶 ID 許可Per-object protection 每個(gè)對(duì)象保護(hù)Per-subject protection 每個(gè)主題保護(hù)User authentication by something you know 依據(jù)用 戶知道的事情鑒別User authentication by somthing you have 依據(jù)用戶 擁有的東西鑒別User authentication by somthing you are 根據(jù)用戶的 身體特征鑒別Password 口令Password response 口令響應(yīng)Multifactor authentication 多因

19、素鑒別Two-factor authentication 兩因素鑒別Exhaustive attack on password 對(duì)口令的窮舉攻擊Brute force attack on password 對(duì)口令的暴力攻擊Probable password 可能的口令Likely password很可能的口令Social engineer attack 社會(huì)工程攻擊One-time password 一次性口令Challenge-response system 質(zhì)詢響應(yīng)系統(tǒng)Single sign-on 單次登陸Login impersonation假扮演登陸界面Biometric authen

20、tication 生物特征鑒別Chapter 5Trust信任Trusted process 可信進(jìn)程Trusted product 可信產(chǎn)品Trusted software 可信軟件Trusted computing base 可信計(jì)算基Trusted system 可信系統(tǒng)Security policy 安全策略Military security policy 軍事安全策略Sensitivity level 敏感等級(jí)Object對(duì)象Need-to-know rule 須知原則Compartment 分隔項(xiàng)Classification 分類Clearance 許可Dominance支酉己Su

21、bject 主體Hierarchical security 等級(jí)安全Nonhierarchial security 非等級(jí)安全Clark-Wilson policy Clark-Wilson 策略Well-formed transaction 良構(gòu)事務(wù)Constrained data item 受約束數(shù)據(jù)項(xiàng)Transformation procedure 轉(zhuǎn)換規(guī)程Access triple訪問(wèn)三元組Separation of duty 職責(zé)分離Chinese wall policy 中國(guó)墻策略Lattice model 格模型Bell-La Padula model Bell-La Padul

22、a 模型Simple security property 簡(jiǎn)單安全特性-property *-特性Write-down 下寫B(tài)iba model Biba 模型Simple integrity policy簡(jiǎn)單完整性策略Integrity *-property 完整性*-特性Graham-Denning model Graham-Denning 模型Harrison-Ruzzo-UllmanmodelHarrison-Ruzzo-Ullman 模型Command 命令Condition 條件Primitive operation 原語(yǔ)操作Protection system 保護(hù)系統(tǒng)Take-g

23、rant system獲取/授予系統(tǒng)Least privilege 最少特權(quán)Economy of mechanism 機(jī)制經(jīng)濟(jì)型Open design開(kāi)放設(shè)計(jì)Complete mediation 完全檢查Permission-based access 基于許可的訪問(wèn)Separation of privilege 特權(quán)分離Least common mechanism 最小公共機(jī)制Ease of use 易用User authentication 用戶鑒別Memory protection 內(nèi)存保護(hù)Object access control 對(duì)象訪問(wèn)控制Enforced sharing 強(qiáng)制共享F

24、air service公平服務(wù)Interprocess communication 進(jìn)程間通信Synchronization 同步Protected control data 保護(hù)控制數(shù)據(jù)User identification and authentication 用戶識(shí)別和鑒 別Mandatory access control 強(qiáng)制訪問(wèn)控制Discretionary access control 自主訪問(wèn)控制Object reuse對(duì)象重用Magnetic remanence 磁記憶Trusted path可信路徑Audit審計(jì)Accountability 責(zé)任認(rèn)定Audit log red

25、uction審計(jì)日志精簡(jiǎn)Intrusion detection 入侵檢測(cè)Kernel內(nèi)核Nucleus 核Core核心Security kernel 安全內(nèi)核Reference monitor 引用監(jiān)視器Reference monitor properties： 引用監(jiān)視器特性：Tamperproof 抗干擾Unbypassable不可繞過(guò)Analyzable 可分析Trusted computing base(TCB)可 信計(jì)算基Process activation 進(jìn)程激活Execution domain switching 執(zhí)行域轉(zhuǎn)換Memory protection 內(nèi)存保護(hù)Virtu

26、alization 虛擬化Virtual machine 虛擬機(jī)Virtual memory 虛擬內(nèi)存Layering 分層Hierarchically structured operation system 層次結(jié)構(gòu)的操作系統(tǒng)Assurance 保證Flaw exploitation 缺陷利用User interface processing flaw I/O 處理缺陷Access ambiguity flaw 訪問(wèn)二義性缺陷Incomplete mediation flaw 不完全檢查缺陷Generality flaw普遍性缺陷Time-of-check to time-of-use fl

27、aw 檢查時(shí)刻到使用 時(shí)刻缺陷Testing 測(cè)試Penetration testing 滲透測(cè)試Tiger team analysis 攻擊隊(duì)測(cè)試Ethical hacking 黑客攻擊Formal verification 形式化驗(yàn)證Proof of correctness 正確性證明Theorem prover定理證明器validation 證實(shí)Requirements checking 需求檢查Design and code review設(shè)計(jì)和代碼審查Module and system testing 模塊和系統(tǒng)測(cè)試Open source開(kāi)放源代碼Evaluation 評(píng)估Orange

28、 Book(TCSEC)橙皮書(TESEC)D,C1,C2,B1,B2,B3,A1 rating D,C1,C2,B1,B2,B3,A1等級(jí)German Green Book德國(guó)綠皮書Functionality class 功能類Assurance level 保證等級(jí)British evaluation criteria 英國(guó)評(píng)估準(zhǔn)貝0Claims language 生命語(yǔ)言Action phrase行為短語(yǔ)Target phrase目標(biāo)短語(yǔ)CLEF CLEFComparable evaluation 可比較評(píng)估 Transferable evaluation 可轉(zhuǎn)移評(píng)估ITSEC ITSE

29、CEffectiveness 有效性Target of evaluation 評(píng)估 目標(biāo)Security-enforcing function 安全強(qiáng)制功能 Mechanism 機(jī)制Strength of mechanism 機(jī)制強(qiáng)度Target evaluation level 目標(biāo)評(píng)估等級(jí) Suitability of functionality 功能適宜性 Binding of functionality 功能綁定 Combined Federal Criteria 聯(lián)合聯(lián)邦準(zhǔn)則 Protection profile 保護(hù)輪廓Security target 安全目標(biāo)Common Crit

30、eria 通用準(zhǔn)則Extensibility 可擴(kuò)展性Granularity 粒度Speed速度Thoroughness 全面Objectivity 客觀性 Portability可移植性Emphatic assertion 強(qiáng)調(diào) 申明Chapter 7Single point of failure 單一故障點(diǎn) Resilience 彈回Fault tolerance 容錯(cuò)Server服務(wù)器Client客戶機(jī)Node節(jié)點(diǎn)Host主機(jī)Link鏈路Workstation 工作站Topology拓?fù)浣Y(jié)構(gòu)Network boundary 網(wǎng)絡(luò)周界Network ownership網(wǎng)絡(luò)擁有關(guān)系 Netw

31、ork control 網(wǎng)絡(luò)控制Digital 數(shù)字Analog模擬IP address IP 地址Modem調(diào)制解調(diào)器Domain 域Twisted pair 雙絞線Top-level domain 頂級(jí)域名Unshielded twisted pair 無(wú)屏敝雙絞線Local area network 局域網(wǎng)Bandwidth 帶寬LAN LANCoaxial cable同軸電纜Wide area network 廣域網(wǎng)Ethernet以太網(wǎng)Internet Society互聯(lián)網(wǎng)社會(huì)Repeater中繼器Anonymity匿名性Amplifier放大器Motivation for atta

32、ck 攻擊的動(dòng)機(jī)Optical fiber 光纖Challenge 挑戰(zhàn)Wireless LAN 無(wú)線局域網(wǎng)Fame名聲802.11 802.11協(xié)議標(biāo)準(zhǔn)Money金錢Microwave 微波Espionage 間諜Infrared紅外線Organized crime 組織犯罪Satellite 衛(wèi)星Ideology意識(shí)形態(tài)Geosynchronous orbit 覆蓋范圍Hactivism激進(jìn)主義Transponder地球同步軌道Cyberterrorism 網(wǎng)絡(luò)恐怖主義Footprint異頻應(yīng)答器Reconnaissance 偵察Protocol 協(xié)議Intelligence情報(bào)收集Pro

33、tocol stack 協(xié)議棧Port scan端口掃描ISO reference model ISO 參考模型Social engineering 社會(huì)工程學(xué)OSI model OSI 模型Fingerprinting 指紋Application layer 應(yīng)用層Eavesdrop 偷聽(tīng)Presentation layer 表示層War driving戰(zhàn)爭(zhēng)驅(qū)動(dòng)Session layer 會(huì)話層Passive wiretap 被動(dòng)竊聽(tīng)Transport layer 傳輸層Active wiretap 主動(dòng)竊聽(tīng)Network layer 網(wǎng)絡(luò)層Packet sniffer 包嗅探器Datali

34、nk layer數(shù)據(jù)鏈路層Inductance 自感器Physical layer 物理層Impedance 阻抗Peer對(duì)等層Multiplexed signals 多重信號(hào)Router路由器Interception 截取Packet 包Theft of service 騙取服務(wù)Network interface card 網(wǎng)絡(luò)接口卡RFC(request for comments)請(qǐng)求注解MAC address Mac 地址Impersonation 彳假冒Frame 幀Authentication 鑒另ljSession header 會(huì)話頭部Guessing authenticatio

35、n 猜測(cè)鑒別Logical connection 邏輯連接Eavesdropping authentication 偷聽(tīng)鑒別USequencing 排序Avoiding authentication 避開(kāi)鑒別TCP TCPNonexistent authentication 不存在的鑒別IP IPWell-known authentication 眾所周知的鑒別UDP UDPTrusted authentication 可信任鑒別Port 端口Spoof欺騙SMTP SMTPMasquerade 偽裝HTTP HTTPPhishing釣魚欺詐FTP FTPSession hijacking 會(huì)

36、話劫持SNMP SNMPMan-in-middle attack 中間人攻擊Misdelivery 誤傳Message exposure 消息暴露Interception 偵聽(tīng)Traffic flow analysis 流量分析Message falsification 偽造消息Message replay 重放消息Message fabrication 編造消息Noise噪聲Interference 干涉Protocol flaw協(xié)議缺陷Web site defacement 網(wǎng)站被黑Buffer overflow緩沖區(qū)溢出Dot-dot attack .攻擊Address resoluti

37、on 地址解析Application code attack 應(yīng)用代碼攻擊Server-side include 服務(wù)端包含Denial-of-service attack 拒絕服務(wù)攻擊Transmission failure 傳輸失敗Connection flooding 連接洪泛Echo響應(yīng)Chargen 索取Ping of death 死亡之 PingSmurf Smurf 攻擊Syn flood同步洪泛Teardrop attack teardrop 攻擊Distributed denial of service 分布式拒絕服務(wù)Active code活動(dòng)代碼Mobile code移動(dòng)代

38、碼Cookie腳本Escape-character attack ESC 字符攻擊Active server page活動(dòng)服務(wù)器頁(yè)Java code Java 代碼Sandbox 沙漏Java virtual machine Java 虛擬機(jī)Hostile applet 有敵意的 appletScript kiddie腳本小子Building block attack 積木攻擊Network segmentation 網(wǎng)絡(luò)分段Redundancy 冗余Failover mode失效修復(fù)模式Link encryption 鏈路加密End-to-end encryption 端至端加密Virtual private network 虛擬專有網(wǎng)絡(luò)Encrypted tunnel 加密隧道Certificate 證書Certificate authority 證書管理中心Transport layer security 傳輸層安全性Security association 安