Too Cool for Internet Explorer

GIST v0.7 ― L
“L2F” to “low frequency (LF)”

L

- L2F n. 
See: Layer 2 Forwarding Protocol.
- L2TP n. 
See: Layer 2 Tunneling Protocol.
- label n. 
See: security label.
- Language of Temporal Ordering Specification (LOTOS) n. 
RFC 2828 (2000)
(N) A language (ISO 8807-1990) for formal specification of computer network protocols; describes the order in which events occur.
- latent n. 
iAfB-ICSA 1999
An impression of a finger image collected from a crime scene.
! Note: Not necessarily from a crime scene.
- lattice model n. 
RFC 2828 (2000)
(I) A security model for flow control in a system, based on the lattice that is formed by the finite security levels in a system and their partial ordering. [Denn] (See: flow control, security level, security model.)
(C) The model describes the semantic structure formed by a finite set of security levels, such as those used in military organizations.
(C) A lattice is a finite set together with a partial ordering on its elements such that for every pair of elements there is a least upper bound and a greatest lower bound. For example, a lattice is formed by a finite set S of security levels – i.e., a set S of all ordered pairs (x, c), where x is one of a finite set X of hierarchically ordered classification levels (X1, ..., Xm), and c is a (possibly empty) subset of a finite set C of non-hierarchical categories (C1, ..., Cm) – together with the dominate relation. (See: dominate.)
- Law Enforcement Access Field (LEAF) n. 
RFC 2828 (2000)
(N) A data item that is automatically embedded in data encrypted by devices (e.g., see: CLIPPER chip) that implement the Escrowed Encryption Standard.
- Layer 2 Forwarding Protocol (L2F) n. 
RFC 2828 (2000)
(N) An Internet protocol (originally developed by Cisco Corporation) that uses tunneling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user. (See: L2TP.)
- Layer 2 Tunneling Protocol (L2TP) n. 
RFC 2828 (2000)
(N) An Internet client-server protocol that combines aspects of PPTP and L2F and supports tunneling of PPP over an IP network or over frame relay or other switched network. (See: virtual private network.)
(C) PPP can in turn encapsulate any OSI layer 3 protocol. Thus, L2TP does not specify security services; it depends on protocols layered above and below it to provide any needed security.
- LDAP n. 
See: Lightweight Directory Access Protocol.
- least privilege n. 
ISO/IEC 2382-8:1998
minimum privilege
Restriction of the access rights of a subject to only those rights that are necessary for the execution of authorized tasks.
RFC 2828 (2000)
(I) The principle that a security architecture should be designed so that each system entity is granted the minimum system resources and authorizations that the entity needs to do its work. (See: economy of mechanism.)
(C) This principle tends to limit damage that can be caused by an accident, error, or unauthorized act.
NIST IR 7298 (2006)
SP 800-12
The security objective of granting users only those accesses they need to perform their official duties.
- level of assurance
See: assurance level.
- LID n. 
See: logonid under userid.
- life cycle stage n.
SC 27 SD 6 (2002)
ISO/IEC WD 15443-1 (11/2001)
An instance within the deliverable life cycle that relates to the state of the deliverable.
- Lightweight Directory Access Protocol (LDAP) n. 
RFC 2828 (2000)
(N) A client-server protocol that supports basic use of the X.500 Directory (or other directory servers) without incurring the resource requirements of the full Directory Access Protocol (DAP). [R1777]
(C) Designed for simple management and browser applications that provide simple read/write interactive directory service. Supports both simple authentication and strong authentication of the client to the directory server.
RFC 2828 (2000)
(I) World Wide Web usage: See: hyperlink.
(I) subnetwork usage: A point-to-point communication channel connecting two subnetwork relays (especially one between two packet switches) that is implemented at OSI layer 2. (See: link encryption.)
(C) The relay computers assume that links are logically passive. If a computer at one end of a link sends a sequence of bits, the sequence simply arrives at the other end after a finite time, although some bits may have been changed either accidentally (errors) or by active wiretapping.
- linkage n. 
ISO/IEC 2382-8:1998
linkage, fusion
The purposeful combination of data or information from one data processing system with data or information from another system to derive protected information.
- link-by-link encryption, - link encryption n. 
RFC 2828 (2000)
(I) Stepwise protection of data that flows between two points in a network, provided by encrypting data separately on each network link, i.e., by encrypting data when it leaves a host or subnetwork relay and decrypting when it arrives at the next host or relay. Each link may use a different key or even a different algorithm. [R1455] (See: end-to-end encryption.)
NIST IR 7298 (2006)
SP 800-12
link encryption
Link encryption encrypts all of the data along a communications path (e.g., a satellite link, telephone circuit, or T1 line). Since link encryption also encrypts routing data, communications nodes need to decrypt the data to continue routing.
- live capture n. 
See: capture.
- live processing n. 
BEM 2002
Direct enrolment/identification of potential users via the normal biometric capture process. Compare off-line processing.
- live scan n. 
IBG [?]
The term live scan is typically used in conjunction with finger image technology. Synonym for live capture (see: capture).
- local registration authority (LRA) n. 
NIST IR 7298 (2006)
SP 800-32
A registration authority with responsibility for a local community.
- logical access n.
SCA ISCTAG (2007)
Access to online resources (e.g., networks, files, computers, databases).
Compare: physical access.
- logical access control n. 
ISO/IEC 2382-8:1998
The use of mechanisms related to data or information to provide access control. Example: The use of a password.
Compare: physical access control.
- logic bomb n. 
ISO/IEC 2382-8:1998
logic bomb
Malicious logic that causes damage to a data processing system when triggered by some specific system condition.
RFC 2828 (2000)
(I) Malicious logic that activates when specified conditions are met. Usually intended to cause denial of service or otherwise damage system resources. (See: Trojan horse, virus, worm.)
- log in vb. 
To initiate a session. See: login.
- login n. 
UNIX2:1997
The unspecified activity by which a user gains access to the system. Each login is associated with exactly one login name.
RFC 2828 (2000)
(I) The act of a system entity gaining access to a session in which the entity can use system resources; usually accomplished by providing a user name and password to an access control system that authenticates the user.
(C) Derives from log file, a security audit trail that records security events, such as the beginning of sessions, and who initiates them.
OASIS SAML 2.0 (2005)
login, logon, sign-on
The process whereby a user presents credentials to an authentication authority, establishes a simple session, and optionally establishes a rich session.
- login factor n. 
See: (secondary definition under) authentication.
- login method n. 
“A login method is a specific implementation of a login factor.” [NMAS] See also: authentication.
- login name n. 
UNIX2:1997
A user name that is associated with a login.
See: (discussion under) userid.
- login sequence n. 
“A login sequence is an ordered set of one or more login methods.” [NMAS] See also: authentication service.
- log off vb. 
See: log out.
- logoff n. 
See: logout.
- log on vb. 
See: log in.
- logon n. 
See: login.
- logonid n. 
See: (secondary definition under) userid.
- log out vb. 
To terminate a session. See: logout.
- logout n. 
OASIS SAML 2.0 (2005)
logout, logoff, sign-off
The process whereby a user signifies desire to terminate a simple session or rich session.
- loophole n. 
ISO/IEC 2382-8:1998
A synonym for flaw.
- loss n. 
ISO/IEC 2382-8:1998
A quantitative measure of harm or deprivation resulting from a compromise.
- LOTOS n. 
See: Language of Temporal Ordering Specification.
- low-impact system n. 
NIST IR 7298 (2006)
SP 800-53; FIPS 200
An information system in which all three security objectives (i.e., confidentiality, integrity, and availability) are assigned a FIPS 199 potential impact of low.
- low frequency (LF) n.
SCA ISCTAG (2007)
Radio frequencies (RF) in the range of 30 to 300 kHz. When used in an RF-based identification system, the low frequency is typically 125 kHz.
The originals sources of these definitions may be protected by copyright. The definitions are republished here for review and commentary.
Copyleft & Creative Commons (cc) 2000–2008 Ant: This XHTML encoding and antnotations are dual-licensed under both ―
GFDL The GNU Free Documentation License   Creative Commons License A Creative Commons Attribution-Noncommercial-Share Alike 3.0 License
URL http://homepage.mac.com/antallan/gistl.html History Last updated Friday 12 December 2008

Made on a MacBuilt with BBEdit In Association with Amazon.co.uk Valid XHTML 1.0! Valid CSS!