Network size

The total number of network devices managed within the network and all its subcomponents.

Network sniffing

A passive technique that monitors network communication, decodes protocols, and examines headers and payloads for information of interest. Network sniffing is both a review technique and a target identification and analysis technique.

Network tap

A direct connection between a sensor and the physical network media itself, such as a fiber optic cable.

Network topology

The architectural layout of a network. The term has two meanings: (1) the structure, interconnectivity, and geographic layout of a group of networks forming a larger network and (2) the structure and layout of an individual network within a confined location or across a geographic area. Common topologies include bus (nodes connected to a single backbone cable), ring (nodes connected serially in a closed loop), star (nodes connected to a central hub), and mesh.

Network transparency

Network transparency is the ability to simplify the task of developing management applications, hiding distribution details. There are different aspects of transparency such as access failure, location, migration replication, and transaction. Transparency means the network components or segments cannot be seen by insiders and outsiders and that actions of one user group cannot be observed by other user groups. It is achieved through process isolation and hardware segmentation concepts.

Network weaving

It is a penetration technique in which different communication networks are linked to access an information system to avoid detection and traceback.

Network worm

A worm that copies itself to another system by using common network facilities and causes execution of the copy program on that system.

Neural networks

They are artificial intelligence systems built around concepts similar to the way the human brain’s Web of neural connections to identify patterns, learn, and reach conclusions.

Node

A computer system connected to a communications network and participates in the routing of messages within that network. Networks are usually described as a collection of nodes connected by communications links. A communication point at which subordinate items of data originate. Examples include cluster controllers, terminals, computers, and networks.

Nondiscretionary access controls

A policy statement that access controls cannot be changed by users, but only through administrative actions.

Noninvasive attack

An attack that can be performed on a cryptographic module without direct physical contact with the module. Examples include differential power analysis attack, electromagnetic emanation attack, simple power analysis attack, and timing analysis attack.

Nonlocal maintenance

Maintenance activities conducted by individuals communicating through a network, either an external network (e.g., the Internet) or an internal network.

No-lone zone

It is an area, room, or space that, when staffed, must be occupied by two or more security cleared individuals who remain within sight of each other.

Nonce

(1) An identifier, a counter, a value, or a message number that is used only once. These numbers are freshly generated random values. Nonce is a time-varying value with a negligible chance of repeating (almost non-repeating). (2) A nonce could be a random value that is generated anew or each instance of a nonce, a timestamp, a sequence number, or some combination of these. (3) A randomly generated value used to defeat “playback” attacks in communication protocols. One party randomly generates a nonce and sends it to the other party. The receiver encrypts it using the agreed-upon secret key and returns it to the sender. Because the sender randomly generated the nonce, this defeats playback attacks because the replayer cannot know in advance the nonce the sender will generate. The receiver denies connections that do not have the correctly encrypted nonce. (4) Nonce is a value used in security protocols that is never repeated with the same key. For example, challenges used in challenge-response authentication protocols generally must not be repeated until authentication keys are changed, or there is a possibility of a replay attack. Using a nonce as a challenge is a different requirement than a random challenge because a nonce is not necessarily unpredictable.

Nonrepudiation

(1) An authentication that with high assurance can be asserted to be genuine and that cannot subsequently be refuted. It is the security service by which the entities involved in a communication cannot deny having participated. Specifically, the sending entity cannot deny having sent a message (nonrepudiation with proof of origin) and the receiving entity cannot deny having received a message (nonrepudiation with proof of delivery). This service provides proof of the integrity and origin of data that can be verified by a third party. (2) Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information. (3) A service that is used to provide assurance of the integrity and origin of data in such a way that the integrity and origin can be verified and validated by a third party as having originated from a specific entity in possession of the private key (i.e., the signatory). (4) Protection against an individual falsely denying having performed a particular action. It provides the capability to determine whether a given individual took a particular action such as creating information, sending a message, approving information, and receiving a message.

Nonreversible action

A type of action that supports the principle of accountability by preventing the reversal and/or concealment of activity associated with sensitive objects.

Nontechnical countermeasure

A security measure that is not directly part of the network information security processing system, taken to help prevent system vulnerabilities. Nontechnical countermeasures encompass a broad range of personal measures, procedures, and physical facilities that can deter an adversary from exploiting a system (e.g., security guards, visitor escort, visitor badge, locked closets, and locked doors).

N-person control

A method of controlling actions of subjects (people) by distributing a task among more than one (N) subject.

N-version programming

N-version programming is based on design or version diversity. The different versions are executed in parallel and the results are voted on.

O

Obfuscation technique

A way of constructing a virus to make it more difficult to detect.

Object

The basic unit of computation. An object has a set of “operations” and a “state” that remembers the effect of operations. Classes define object types. Typically, objects are defined to represent the behavioral and structural aspects of real-world entities. Object is a state, behavior, and identity; the terms “instance” and “object” are interchangeable. A passive entity that contains or receives information. Access to an object by a subject potentially implies access to the information it contains. Examples of objects include devices, records, blocks, tables, pages, segments, files, directories, directory trees, processes, domain, and programs, as well as bits, bytes, words, fields, processors, video displays, keyboards, clocks, printers, network nodes, and so on.

Object code or module

(1) A source code compiled to convert to object code, a machine-level language. (2) Instructions in machine-readable language are produced by a compiler or assembler from source code.