The process of verifying that someone is who they claim to be. In the cyber security world, this occurs when a person attempts to access a computer or online service. A driver’s license could be considered “identification,” but it only becomes “authentication” when someone matches my face to the photo on the card.
Defense in Depth
The practice of arranging (or layering) defensive lines or fortifications so that they can defend each other, especially in case of an enemy incursion.the practice of arranging defensive lines or fortifications so that they can defend each other, especially in case of an enemy incursion.
Hardware or software designed to filter communications between to systems or networks. Firewalls are generally configured to prevent traffic from coming in to a network, also called ingress filtering. Homes must also concern themselves with egress filtering to manage the traffic allowed to leave the network.
Violations of computer security for malicious reasons. This can occur from the outside or the inside of a protected network.
A claim of identity. A username for a computer or service is a claim of “identity” but the password serves to “authenticate” that identity as correct.
In high security areas, more than one factor of authentication should be used. A password is only a single factor of authentication–it is something that “you know”. Other factors can be “something you have” like a card or token and “something you are” like a fingerprint. Banks often do this by texting a one-time password to a cell phone before accessing a banking website.
A server that acts as an intermediary between one system and another. In the classic sense, users request a web page to a proxy server, which then goes out to the Internet, downloads the webpage or data, and passes it back to the original user. This is used as a security control to prevent direct access from the inside of a network out to an unknown server. This classic use can provide content filtering on webpages to prevent access of pornography or other disallowed things. Under another and newer usage, anonymous proxies on the Internet can be used to “go around” content filtering in schools and in homes. This “anonymizer” version hides the requests and destinations from the configured security controls.
Safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets.
A well-defined area that enforces security controls. For most homes, the security perimeter ends at the WiFi router. Modern mobile devices somewhat obsoletes this concept, as they can transfer to other networks, such as the joining a neighbor’s open access point or any of a number of commercial WiFi hotspots.
A router is a device that forwards data packets along networks. A router is connected to at least two networks, commonly used in a home to connect between the Internet Service Provider (such as a cable or telephone company) and the WiFi hosts that use it. Routers are located at gateways, the places where two or more networks connect.
A computer record used to describe a particular user or group of users. It is considered a “subject” in cyber security. A subject is granted security or usage privileges to an “object.” For instance, the user jbaxter might be granted privileges to print on the karis-printer object. Or maybe not.
The name used to access a User Account. It can be an email address or a random name. The username is “identity” for which the password provides a single-factor of “authentication.” As such, usernames should be protected whenever possible and considered as though they were half of the password.
A flaw, bug, or misconfiguration in a system that can be used to defeat security controls. A hacker, more officially called a “threat actor” exploits a vulnerability to misuse a system. Children can purposefully or inadvertently exploit a vulnerability and be exposed to inappropriate material.