Session layer
Portion of an OSI system responsible for adding control mechanisms to the data exchange.
Session locking
A feature that permits a user to lock a session upon demand or locks the session after it has been idle for a preset period of time.
Shared secret
A secret used in authentication that is known to the claimant and the verifier.
Shareware
Software distributed free of charge, often through electronic bulletin boards, may be freely copied, and for which a nominal fee is requested if the program is found useful.
Shim
A layer of host-based intrusion detection and prevention code placed between existing layers of code on a host that intercepts data and analyzes it.
Short message service (SMS)
A cellular network facility that allows users to send and receive text messages of up to 160 alphanumeric characters on their handset.
Shoulder surfing attack
Stealing passwords or personal identification numbers by looking over someone’s shoulder. It is also called a keyboard logging attack because a keyboard is used to enter passwords and identification numbers. Shoulder surfing attack can also be done at a distance using binoculars or other vision-enhancing devices, and these attacks are common when using automated teller machines and point-of-sale terminals. A simple and effective practice to avoid this attack is to shield the keypad with one hand while entering the required data with the other hand.
Shred
A method of sanitizing media; the act of cutting or tearing into small particles.
Shrink-wrapped software
Commercial software used “ out-of-the-box” without change (i.e., customization). The term derives from the plastic wrapping used to seal microcomputer software.
Side channel attacks
Side channel attacks result from the physical implementation of a cryptosystem. Examples of these attacks include timing attacks, power monitoring attacks, TEMPEST attacks, and thermal imaging attacks. Improper error handling in cryptographic operation can also allow side channel attacks. In all these attacks, side channel leakage of information occurs during the physical operation of a cryptosystem through monitoring of sound from computations, observing from a distance, and introducing faults into computations, thus revealing secrets such as the cryptographic key, system-state information, initialization vectors, and plaintext. Side channel attacks are possible even when transmissions between a Web browser and server are encrypted. Note that side channel attacks are different from social engineering attacks where the latter involves deceiving or coercing people who have the legitimate access to a cryptosystem. In other words, the focus of side channel attacks is on data and information, not on people. Countermeasures against the side channel attacks include implementing physical security over hardware, jamming the emitted channel with noise (white noise), designing isochronous software so it runs in a constant amount of time independent of secret values, designing software so that it is PC-secure, building secure CPUs (asynchronous CPUs) so they have no global timing reference, and retransmitting the failed (error prone) transmission with a predetermined number of times.
Sign-off
Functional users are requested and required to approve in writing their acceptance of the system at various stages or phases of the system development life cycle (SDLC).
Signal-to-noise ratio
It is the ratio of the amplitude of the desired signal to the amplitude of noise signals at a given point in time in a telecommunications system. Usually, the signal-to-noise ratio is specified in terms of peak-signal-to-peak-noise ratio, to avoid ambiguity. A low ratio at the receiver is preferred to prevent emanation attack.
Signatory
The entity that generates a digital signature on data using a private key.
Signature
(1) A recognizable, distinguishing pattern associated with an attack, such as a binary string in a virus or a particular set of keystrokes used to gain unauthorized access to a system. (2) A pattern that corresponds to a known threat. (3) The ability to trace the origin of the data.
Signature-based detection
The process of comparing signatures against observed events to identify possible incidents.
Signature certificate
A public key certificate that contains a public key intended for verifying digital signatures rather than encrypting data or performing any other cryptographic functions.
Signature (digital)
A process that operates on a message to assure message source authenticity and integrity, and may be required for source non-repudiation.
Signature generation
The process of using a digital signature algorithm and a private key to generate a digital signature on data. Only the possessor of the user’ private key can perform signature generation.
Signature validation
The mathematical verification of the digital signature and obtaining the appropriate assurances (e.g., public key validity and private key possession).
Signature verification
The process of using a digital signature algorithm and a public key to verify a digital signature. Anyone can verify the signature of a user by employing that user’s public key.
Signed data
The data or message upon which a digital signature has been computed.
Simple mail transfer protocol (SMTP)
It is the most commonly used mail transfer agent (MTA) protocol as defined by IETF RFC 2821. It is the primary protocol used to transfer electronic mail messages on the Internet. SMTP is a host-to-host e-mail protocol. An SMTP server accepts e-mail messages from other systems and stores them for the addressees. It does not provide for reliable authentication and does not require the use of encryption, thus allowing e-mail messages to be easily forged.
Simple Network Management Protocol (SNMP)
A Network Management Protocol used with a TCP/IP suite of protocols. SNMP specifies a set of management operations for retrieving and altering information in a management information base, authorization procedures for accessing information base tables, and mappings to lower TCP/IP layers. SNMP (1) is used to manage and control IP gateways and the networks to which they are attached, (2) uses IP directly, bypassing the masking effects of TCP error correction, (3) has direct access to IP datagrams on a network that may be operating abnormally, thus requiring careful management, (4) defines a set of variables that the gateway must store, and (5) specifies that all control operations on the gateway are a side-effect of fetching or storing those data variables (i.e., operations that are analogous to writing commands and reading status). SNMP version 3 should be used because the basic SNMP, SNMP version 1, and SNMP version 2 are not secure.
Simple Object Access Protocol (SOAP)
The Simple Object Access Protocol (SOAP) is an approach for performing remote procedure calls (RPCs) between application programs in a language-independent and system-independent manner. SOAP uses the extensible markup language (XML) for communicating between application programs on heterogeneous platforms. The client constructs a request as an XML message and sends it to the server, using HTTP. The server sends back a reply as an XML-formatted message. SOAP is an XML-based protocol for exchanging structured information in a decentralized, distributed environment. The SOAP has headers and message paths between nodes.
Simple power analysis (SPA) attack