File

(1) A collection of related records. (2) A collection of information logically grouped into a single entity and referenced by a unique name, such as a filename.

File descriptor attacks

File descriptors are non-negative integers that the system uses to keep track of files rather than using specific filenames. Certain file descriptors have implied uses. When a privileged program assigns an inappropriate file descriptor, it exposes that file to compromise.

File encryption

The process of encrypting individual files on a storage medium and permitting access to the encrypted data only after proper authentication is provided.

File encryption key (FEK)

Each owner’s file is encrypted under a different randomly generated symmetric file encryption key (FEK).

File infector virus

A virus that attaches itself to executable program files, such as word processors, spreadsheet applications, and computer games.

File integrity checker

Software that generates, stores, and compares message digests for files to detect changes to the files.

File protection

The aggregate of all processes and procedures in a system designed to inhibit unauthorized access, contamination, or deletion of a file.

File security

The means by which access to computer files is limited to authorized users only.

File server

Sends and receives data between workstation and the server.

File system

A mechanism for naming, storing, organizing, and accessing files stored on logical volumes.

File transfer protocol (FTP)

A means to exchange remote files across a TCP/IP network and requires an account on the remote computer. Different versions of FTP include trivial FTP (not secure), secure FTP, and anonymous FTP using the “username” anonymous (not secure).

Finger table

Used for node lookup in peer-to-peer (P2P) networks. Each node maintains a finger table with entries, indexes, and node identifiers. Each node stores the IP addresses of the other nodes.

Finite state machine (FSM) model

The finite state machine (FSM) model is used for protocol modeling to demonstrate the correctness of a protocol. Mathematical techniques are used in specifying and verifying the protocol correctness. In FSM, each protocol machine of the sender or receiver is in a specific state, consisting of all the values of its variables and the program counter. From each state, there are zero or more possible transitions to other states. FSM is a mathematical model of a sequential machine that is composed of a finite set of input events, a finite set of output events, a finite set of states, a function that maps states and input to output, a function that maps states and inputs to states (a state transition function), and a specification that describes the initial state. FSMs are used for real-time application systems requiring better user interface mechanisms (menu-driven systems). In other words, FSM defines or implements the control structure of a system.

Firewall

(1) A process integrated with a computer operating system that detects and prevents undesirable applications and remote users from accessing or performing operations on a secure computer; security domains are established which require authorization to enter. (2) A product that acts as a barrier to prevent unauthorized or unwanted communications between sections of a computer network. (3) A device or program that controls the flow of network traffic between networks or hosts that employ differing security postures. (4) A gateway that limits access between networks in accordance with local security policy. (5) A system designed to prevent unauthorized accesses to or from a private network. (6) Often used to prevent Internet users from accessing private networks connected to the Internet.

Firewall control proxy

The component that controls a firewall’s handling of a call. The firewall control proxy can instruct the firewall to open specific ports that are needed by a call, and direct the firewall to close these ports at call termination.

Firewall environment

A firewall environment is a collection of systems at a point on a network that together constitute a firewall implementation. The environment could consist of one device or many devices such as several firewalls, intrusion detection systems, and proxy servers.

Firewall platform

A firewall platform is the system device upon which a firewall is implemented. An example of a firewall platform is a commercial operating system running on a personal computer.

Firewall rule set

A firewall rule set is a table of instructions that the firewall uses for determining how packets should be routed between its interfaces. In routers, the rule set can be a file that the router examines from top to bottom when making routing decisions.

Firmware

(1) Software permanently installed inside the computer as part of its main memory to provide protection from erasure or loss if electrical power is interrupted. (2) The programs and data components of a cryptographic module that are stored in hardware within the cryptographic boundary and cannot be dynamically written or modified during execution.

Fit-gap analysis

This analysis is a common technique, which can be applied to help define the nature of the required service components. It examines the components within the context of requirements and makes a determination as to the suitability of the service component.

Flash ROM

Flash read only memory (ROM) is nonvolatile memory that is writable.

Flaw

An error of commission, omission, or oversight in a system that allows protection mechanisms to be bypassed or disabled. Synonymous with loophole or fault.

Flaw-based DoS attacks

These make use of software errors to consume resources. Patching and upgrading software can prevent the flaw-based DoS attacks.

Flooding

Sending large numbers of messages to a host or network at a high rate.

Flooding attacks

Flooding attacks most often involve copying valid service requests and resending them to a service provider. The attacker may issue repetitive SOAP/XML messages in an attempt to overload the Web service. This type of activity may not be detected as an intrusion because the source IP address is valid, the network packer behavior is valid, and the SOAP/XML message is well- formed. But the business behavior is not legitimate resulting in a DoS attack. Techniques for detecting and handling DoS can be applied against flooding attacks.

Flow

A particular network communication session occurring between hosts.

Flow control

A strategy for protecting the contents of information objects from being transferred to objects at improper security levels. It is more restrictive than access control.

Flow-sensitive analysis

Analysis of a computer program that takes into account the flow of control.

Focused testing

A test methodology that assumes some knowledge of the internal structure and implementation detail of the assessment object. Focused testing is also known as gray box testing.

Folder

An organizational structure used by a file system to group files.

Folder encryption

The process of encrypting individual folders on a storage medium and permitting access to the encrypted files within the folders only after proper authentication is provided.