A computer protection system in which each protected object has a list of all subjects authorized to access it. Compare with ticket-oriented protection system.
Local access
Access to an organizational information system by a user (or an information system) communicating through an internal organization-controlled network (e.g., local-area network) or directly to a device without the use of a network.
Local-area network (LAN)
A group of computers and other devices dispersed over a relatively limited area and connected by a communications link that enables a device to interact with any other on the network. A user-owned, user-operated, high-volume data transmission facility connecting a number of communicating devices (e.g., computers, terminals, word processors, printers, and mass storage units) within a single building or several buildings within a physical area. A LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected to other LANs over any distance via telephone lines and radio waves. A system of LANs connected in this way is called a wide-area network (WAN). Bridges and switches are used to interconnect different LANs. LANs and MANs are non-switched networks, meaning they do not use routers.
Local delivery agent (LDA)
A program running on a mail server that delivers messages between a sender and recipient if their mailboxes are both on the same mail server. An LDA may also process the message based on a predefined message filter before delivery.
Location-based commerce (L-commerce)
A mobile-commerce (m-commerce) application targeted to a customer whose location, preferences, and needs are known in real time.
Lock-and-key protection system
A protection system that involves matching a key or password with a specific access requirement.
Locking-based attacks
Attacks that degrade a system performance and service. This attack is used to hold a critical system locked most of the time, releasing it only briefly and occasionally. The result is a slow running browser. This results in a degradation of service, a mild form of DoS. Countermeasures against locking-based attacks include system backups and upgrading/patching software can help in maintaining a system’s integrity.
Locks
Locks are used to prevent concurrent updates to a record. Various types of locks include page-level, row-level, area-level, and record-level. This is a technical and preventive control.
Lockstep computing
Lockstep systems are redundant computing systems that run the same set of operations at the same time in parallel. The output from lockstep operations can be compared to determine if there has been a fault. The lockstep systems are set up to progress from one state to the next state, as they closely work together. When a new set of inputs reaches the system, the system processes them, generates new outputs, and updates its state. Lockstep systems provide redundancy against hardware failures, not against software failures. Other redundant configurations include dual modular redundancy (DMR) systems and triple modular redundancy (TMR) systems. In DMR, computing systems are duplicated. Unlike the lockstep systems, there is a master/slave configuration in DMR where the slave is a hot-standby to the master. When the master fails at some point, the slave is ready to continue from the previous known good state. In TMR, computing systems are triplicated as voting systems. If one unit’s output disagrees with the other two, the unit is detected as having failed. The matched output from the other two is treated as correct. Similar to lockstep systems, DMR and TMR systems provide redundancy against hardware failures, not against software failures (Wikipedia).
Log
A record of the events occurring within an organization’s systems and networks. Log entries are individual records within a log.
Log analysis
Studying log entries to identify events of interest or suppress log entries for insignificant events.
Log archival
Retaining logs for an extended period of time, preferably on removable media, a storage area network (SAN), or a specialized log archival appliance or server.
Log clearing
Removing all entries from a log that precede certain date and time.
Log compression
Storing a log file in a way that reduces the amount of storage space needed for the file without altering the meaning of its contents.
Log conversion
Parsing a log in one format and storing its entries in a second format.
Log correlation
Correlating events by matching multiple log entries from a single source or multiple sources based on logged values, such as timestamps, IP addresses, and event types.
Log file integrity checking
Comparing the current message digest for a log file to the original message digest to determine if the log file has been modified.
Log filtering
The suppression of log entries from analysis, reporting, or long-term storage because their characteristics indicate that they are unlikely to contain information of interest.
Log management
The process for generating, transmitting, storing, analyzing, and disposing of log data.
Log management infrastructure
The hardware, software, networks, and media used to generate, transmit, store, analyze, and dispose of log data.
Log-off
Procedure used to terminate connections. Synonymous with log-out, sign-out, and sign-off.
Log-on
Procedure used to establish the identity of the user and the levels of authorization and access permitted. Synonymous with log-in, sign-in, and sign-on.
Log parsing
Extracting data from a log so that the parsed values can be used as input for another logging process.
Log preservation
Keeping logs that normally would be discarded, because they contain records of activity of particular interest.
Log reduction
Removing unneeded entries from a log to create a new log that is smaller in size.
Log reporting
Displaying the results of log analysis.
Log retention
Archiving logs on a regular basis as part of standard operating procedure or standard operational activities.
Log rotation
Closing a log file and opening a new log file when the first log file is considered to be complete.
Log viewing
Displaying log entries in a human-readable format.
Logic bomb
(1) A resident computer program that triggers the penetration of an unauthorized act when particular states of the system are realized. (2) A Trojan horse set to trigger upon the occurrence of a particular logical event. (3) It is a small, malicious program activated by a trigger (such as a date or the number of times a file is accessed), usually to destroy data or source code.
Logical access control
The use of information-related mechanisms (e.g., passwords) rather than physical mechanisms (e.g., keys and locks) for the provision of access control.
Logical access perimeter security controls
Acting as a first-line-of-defense, e-mail gateways, proxy servers, and firewalls provide logical access perimeter security controls.
Logical link control (LLC) protocol
The LLC protocol hides the differences between the various kinds of IEEE 802 networks by providing a single format and interface to the network layer. LLC forms the upper half of the data-link layer with the MAC sublayer below it.