Privileged user

An individual who has access to system control, monitoring, or administration functions (e.g., system administrator, information system security officer, system maintainer, and system programmer).

Probative data

Information that reveals the truth of an allegation.

Probe

A device program managed to gather information about an information system or its users.

Problem

Often used interchangeably with anomaly, although problem has a more negative connotation, and implies that an error, fault, failure, or defect does exist.

Problem state

A state in which a computer is executing an application program with faults.

Procedural security

The management constraints; operational, administrative, and accountability procedures; and supplemental controls established to provide protection for sensitive information. Synonymous with administrative security.

Process

Any specific combination of machines, tools, methods, materials, and/or people employed to attain specific qualities in a product or service.

Process isolation

The principle of process isolation or separation is employed to preserve the object’s wholeness and subject’s adherence to a code of behavior.

Process reengineering

A procedure that analyzes control flow. A program is examined to create overview architecture with the purpose of transforming undesirable programming constructs into more efficient ones. Program restructuring can play a major role in process reengineering.

Process separation

See process isolation.

Profiling

Measuring the characteristics of expected activity so that changes to it can be more easily identified.

Proof carrying code

As a part of technical safeguards for active content, proof carrying code defines properties that are conveyed with the code, which must be successfully verified before the code is executed.

Proof-by-knowledge

A claimant authenticates his identity to a verifier by the use of a password or PIN that he has knowledge of. The proof-by-knowledge applies to mobile device authentication and robust authentication.

Proof-by-possession

A claimant authenticates his identity to a verifier by the use of a token or smart card and an authentication protocol. The proof-by-possession applies to mobile device authentication and robust authentication.

Proof-by-property

A claimant authenticates his identity to a verifier by the use of a biometric such as fingerprints. The proof-by-property applies to mobile device authentication and robust authentication.

Proof-of-concept

A new idea or modified idea is put to test by developing a prototype model to prove whether the idea or the concept works.

Proof-of-correctness

Applies mathematical proofs-of-correctness to demonstrate that a computer program conforms exactly to its specifications and to prove that the functions of the computer programs are correct.

Proof-of-correspondence

The design of a cryptographic module is verified by a formal model and informal proof-of-correspondence between the formal model and the functional specifications.

Proof-of-origin

A proof-of-origin is the basis to prove an assertion. For example, a private signature key is used to generate digital signatures as a proof-of-origin.

Proof-of-possession

A verification process whereby it is proven that the owner of a key pair actually has the private key associated with the public key. The owner demonstrates the possession by using the private key in its intended manner.

Proof-of-possession protocol

A protocol where a claimant proves to a verifier that he possesses and controls a token (e.g., a key or password).

Proof-of-wholeness

Having all of an object’s parts or components include both the sense of unimpaired condition (i.e., soundness) and being complete and undivided (i.e., completeness). The proof-of-wholeness applies to preserving the integrity of objects in that different layers of abstraction for objects cannot be penetrated and their internal mechanisms cannot be modified or destroyed.

Promiscuous mode

A configuration setting for a network interface card that causes it to accept all incoming packets that it sees, regardless of their intended destinations.

Proprietary protocol

A protocol, network management protocol, or suite of protocols developed by a private company to manage network resources manufactured by that company.

Protected channel

A session wherein messages between two participants are encrypted and integrity is protected using a set of shared secrets; a participant is said to be authenticated if the other participant can link possession of the session keys by the first participant to a long-term cryptographic token and verify the identity associated with that token.

Protection bits

A mechanism commonly included in UNIX and UNIX-like systems that controls access based on bits specifying read, write, or execute permissions for a file’s (or directory’s) owner, group, or other.

Protection profile (PP)

A Common Criteria (CC) term for a set of implementation-independent security requirements for a category of Targets of Evaluation (TOEs) that meet specific consumer needs. It is an implementation-independent statement of security needs for a product type.

Protection ring

One of a hierarchy of privileged modes of a system that gives certain access rights to user programs and processes authorized to operate in a given mode.

Protection suite

It is a set of parameters that are mandatory for IPsec phase 1 negotiations (encryption algorithm, integrity protection algorithm, authentication method, and Diffie-Hellman group).

Protective distribution system (PDS)

Wire line or fiber optic system that includes adequate safeguards and/or countermeasures (e.g., acoustic, electric, electromagnetic, and physical) to permit its use for the transmission of unencrypted information.

Protective measures

Physical, administrative, personnel, and technical security measures which, when applied separately or in combination, are designed to reduce the probability of harm, loss, or damage to, or compromise of an unclassified computer system or sensitive and/or mission-critical information.

Protective technologies

Special tamper-evident features and materials employed for the purpose of detecting tampering and deterring attempts to compromise, modify, penetrate, extract, or substitute information processing equipment and cryptographic keying material. Examples include white noise and zone of control.

Protocol

A set of rules (i.e., data formats and semantic and syntactic procedures) for communications that computers use when sending signals between themselves or permit entities to exchange information. It establishes procedures the way in which computers or other functional units transfer data.

Protocol converter

A protocol converter is a device that changes one type of coded data to another type of coded data for computer processing.

Protocol data unit (PDU)

A unit of data specified in a protocol and consisting of protocol information and, possibly, user data.