Not sure what a network or encryption term means? You might find it here. If that isn’t enough, check our white papers and fact sheets for more information. Of course, you are always welcome to contact us and one of our technical experts will be happy to help you.
This glossary of terms is provided to help clarify the meaning of words and terms as used in cybersecurity and IT – important data transmission security, data network, data encryption, data at rest and associated terms.
Encryption Terms Explained
Australasian Certification Authority
Academic Centres of Cyber Security Excellence (ACCSE)
The ACCSE program is part of Australia’s $230 million Cyber Security Strategy.
Access Cross Domain Solution
A system permitting access to multiple security domains from a single client device.
ASD (Australian Signals Directorate) Cryptographic Evaluation
Australian Criminal Intelligence Commission
Australian Cyber Security Centre
Australian Communications Security Instruction
Advanced persistent threat (APT)
A set of malicious cyber activity with common characteristics, often orchestrated by a person or group targeting specific entities over an extended period. An APT usually targets either private organisations, states or both for business or political motives.
A type of ACSC publication that provides timely information and advice about current security issues, vulnerabilities, and exploits.
Advanced Encryption Standard
The Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive but unclassified material by US Government agencies, and the default encryption standard for commercial transactions.
The number ‘256’ refers to the encryption key size, the highest used with AES which implies the highest level of security.
Agence nationale de la sécurité des systèmes d’information (ANSSI)
The French National Cybersecurity Agency. The agency is committed to advocating for the digital sovereignty of the EU and working with international organisations and governments to ensure a free, neutral, open, secure, and unique digital space.
A network security measure employed on one or more computers to ensure that the network is physically isolated from any other network. This makes the isolated network secure, as it does not connect to unsecured networks such as the public Internet or an unsecured local area network.
Australasian Information Security Evaluation Facility
Australasian Information Security Evaluation Program
American National Standards Institute (ANSI)
ANSI is a private, non-profit organization that administers and coordinates the U.S. voluntary standards and conformity assessment system. The Institute works with industry and government to identify and develop standards-and conformance-based solutions to national and global priorities.
A software program or group of software programs designed for end users. Examples of an application include a word processor, a spreadsheet, an accounting application, a web browser, an email client, a media player, a file viewer, an aeronautical flight simulator, a console game or a photo editor. The collective noun application software refers to all applications collectively. This contrasts with system software, which is mainly involved with running the computer.
Artificial intelligence (AI)
The simulation of intelligence processes by machines, especially computer systems. These processes include learning (the acquisition of information and rules for using the information), reasoning (using the rules to reach approximate or definite conclusions), and self-correction. Particular applications of AI include threat identification, expert systems, speech recognition and machine vision.
ASD Cryptographic Evaluation
An Australian Signals Directorate (ASD) program that analyses products to determine whether their security architecture and cryptographic algorithms have been implemented correctly and are strong enough for the product’s intended use.
Australian Eyes Only
Australian Criminal Intelligence Commission (ACIC)
An Australian Government law enforcement agency that has specialist investigative capabilities and delivers and maintains national information-sharing systems.
Australian Cyber Security Centre (ACSC)
The Australian Government’s lead for cyber security. The ACSC is part of the Australian Signals Directorate.
Australian Government Access Only (AGAO) information
Information not to be passed to or accessed by foreign nationals, with the exception of those foreign nationals seconded to Australian government agencies.
Australian Government Information Security Manual (ISM)
An Australian Cyber Security Centre publication outlining a cyber security framework that organisations can apply, using their risk management framework, to protect their information and systems from cyber threats.
Australian Information Security Evaluation Facility (AISEF)
A program that evaluates products in order to protect systems and data against cyber threats. These evaluation activities are certified by the Australian Certification Authority.
Australian Information Security Evaluation Program (AISEP)
A program under which evaluations are performed by impartial bodies against the Common Criteria. The results of these evaluations are then certified by the Australian Cyber Security Centre (ACSC), which is the Australian Certification Authority responsible for the overall operation of the program.
Australian Internet Security Initiative
A program run by the Australian Cyber Security Centre (ACSC) that helps to reduce malicious software (malware) infections and service vulnerabilities occurring on Australian Internet protocol address ranges. It operates as a public-private partnership where Australian Internet providers voluntarily work with the ACSC to help protect their customers from cyber security threats.
Australian Prudential Regulation Authority (APRA)
APRA is an independent statutory authority that supervises institutions across banking, insurance and superannuation and promotes financial system stability in Australia.
Australian Security Intelligence Organisation (ASIO)
Australia’s national security agency responsible for the protection of the country and its citizens from espionage, sabotage, acts of foreign interference, politically-motivated violence, attacks on the Australian defence system, and terrorism.
Australian Signals Directorate (ASD)
An Australian Government statutory agency responsible for foreign signals intelligence, cyber warfare and information security.
A security measure designed to verify the identity of a transmission, user, user device, entity or data.
The assurance that systems and information are accessible and useable by authorised entities when required.
Measurable physical characteristics used to identify or verify an individual.
A digital computer both stores and processes information using bits, which can be either 0 or 1. Physically, a bit can be anything that has two distinct configurations: one represented by “0”, and the other represented by “1”. In modern computing and communications, bits are often represented by the absence or presence of an electrical signal, encoding “0” and “1” respectively.
A distributed database that maintains a continuously growing list of records, called blocks, secured from tampering and revision. Each block contains a timestamp and a link to a previous block. By design, blockchains are inherently resistant to modification of the data—once recorded, the data in a block cannot be altered retrospectively.
An incident that results in unauthorised access to data, applications, services, networks and/or devices by bypassing their underlying security mechanisms.
Wide bandwidth data transmission which transports multiple signals and traffic types. In the context of Internet access, broadband is used to mean any high speed Internet access that is always on.
The distribution of audio or video content to a dispersed audience via any electronic mass communications medium, but typically one using the electromagnetic spectrum.
Brute force attack
An unsophisticated and exhaustive process to try and determine a cryptographic key or password without the user’s knowledge by systematically trying all alternatives or combinations until the correct one is discovered.
A loosely-defined set of planning, preparatory and related activities which are intended to ensure that an organisation’s critical business functions will either continue to operate despite serious incidents or disasters that might otherwise have interrupted them, or will be recovered to an operational state within a reasonably short period.
A secure certificate, is a file installed on a secure web server that identifies a website. This digital certificate establishes the identity and authenticity of the company or merchant so that online shoppers can trust that the website is secure and reliable.
Certified Cloud Services List (CCSL)
A list of cloud services certified by the Australian Signals Directorate.
Chief Information Security Officer (CISO)
A senior executive who is responsible for coordinating communication between security and business functions as well as overseeing the application of security controls and associated security risk management processes.
Information that requires increased security to protect its confidentiality, for example, information marked PROTECTED, SECRET or TOP SECRET.
Command and control (C2 or C&C)
A set of organisational and technical attributes and processes that employs human, physical and information resources to solve problems and accomplish missions.
Commercial grade cryptographic equipment (CGCE)
A subset of ICT equipment which contains cryptographic components.
An international standard for software and ICT equipment evaluations.
Common Criteria Recognition Arrangement (CCRA)
An international agreement which facilitates the mutual recognition of Common Criteria evaluations by certificate-producing schemes.
The disclosure of information to unauthorised persons, or a violation of the security policy of a system in which unauthorised intentional or unintentional disclosure, modification, destruction or loss of an object may have occurred.
The use of network address translation to allow a port on a node inside a network to be accessed from outside the network. Alternatively, using a Secure Shell server to forward a Transmission Control Protocol connection to an arbitrary port on the local host.
A small text file that is transmitted by a website and stored in a user’s web browser that is then used to identify the user and prepare customised web pages. A cookie can also be used to track a user’s activity while browsing the Internet.
Physical facilities, supply chains, information technologies and communication networks which if destroyed, degraded or rendered unavailable for an extended period would significantly impact on the social or economic wellbeing of the nation, or affect a nation’s ability to conduct national defence and ensure national security.
Cross domain solution
A system capable of implementing comprehensive data flow security policies with a high level of trust between two or more differing security domains.
An algorithm used to perform cryptographic functions such as encryption, integrity, authentication, digital signatures or key establishment.
A generic term for Commercial Grade Cryptographic Equipment and High Assurance Cryptographic Equipment.
An algorithm (the hash function) which takes as input a string of any length (the message) and generates a fixed length string (the message digest or fingerprint) as output. The algorithm is designed to make it computationally infeasible to find any input which maps to a given digest, or to find two different messages that map to the same digest.
An agreed standard for secure communication between two or more entities to provide confidentiality, integrity, authentication and non-repudiation of information.
A related set of hardware or software used for cryptographic communication, processing or storage, and the administrative framework in which it operates.
The practice and study of techniques for securing communications in which plaintext data is converted through a cipher into ciphertext, from which the original data cannot be recovered without the cryptographic key.
A deliberate act through cyberspace to manipulate, disrupt, deny, degrade or destroy computers or networks, or the information resident on them, with the effect of seriously compromising national security, stability or economic prosperity.
Note: there are multiple global definitions of what constitutes a cyber attack.
Measures used to protect the confidentiality, integrity and availability of systems, devices and the information residing on them.
Web sites that are not indexed by search engines and are only accessible through special networks such as The Onion Router (ToR). Often, the dark web is used by website operators who want to remain anonymous. The ‘dark web’ is a subset of the ‘deep web’.
The quantities, characters, or symbols on which operations are performed by a computer, which may be stored and transmitted in the form of electrical signals and recorded on magnetic, optical, or mechanical recording media.
Data at rest
Information that resides on media or a system.
The unauthorised movement or disclosure of sensitive private or business information.
Data encryption algorithm
Algorithms that are used to encrypt and decrypt data. This algorithm type is used for encrypting data to encrypt and decrypt various parts of the message, including the body content and the signature.
Data Encryption Keys
Keys (see ‘Key’) used with encryption algorithms to apply confidentiality protection to information. See ‘Encryption’.
Data in motion
Data in motion (also known as data in transit) is literally information that is moving through a telecommunications network.
For example, if you’re sending an e-mail, that e-mail is classified as data in motion between the time it leaves the computers’ Local Area network (LAN) and the time the recipient receives it at a remote location in the Wide Area Network (WAN).
Data protection is the process of safeguarding important information from corruption, compromise or loss.
A process whereby information is reduced to an OFFICIAL level and an administrative decision is made to formally authorise its release to the public.
Term for extracting original information that has been encrypted back to its original un-encrypted form.
Where a device needs a username and/or password to log in, a default password is usually provided that allows the device to be accessed during its initial setup, or after resetting it to factory defaults.
Defence Intelligence Organisation (DIO)
An Australian Government intelligence agency responsible for strategic and technical intelligence assessments, used to advise defence and government decision-making on national security and international security issues, and the planning and conduct of Australian Defence Force operations.
Denial of Service (DoS)
When legitimate users are denied access to computer services (or resources), usually by overloading the service with requests.
Denial of Service attack
An attempt by an adversary to prevent legitimate access to online services (typically a website), for example, by consuming the amount of available bandwidth or the processing capacity of the server hosting the online service.
Diffie-Hellman encryption algorithm
An electronic document used to identify an individual, a system, a server, a company, or some other entity, and to associate a public key with the entity. A digital certificate is issued by a certification authority and is digitally signed by that authority.
A cryptographic process that allows the proof of the source (with non-repudiation) and the verification of the integrity of that data.
Digital Transformation Agency (DTA)
An Australian Government agency whose role is to make it easy for people to deal with government, by helping government agencies transform services to be simple, clear and fast.
Distributed Denial of Service (DDoS)
A Denial of Service (DoS) where the source is comprised of multiple, distributed unique IP addresses used to flood the bandwidth or resources of a targeted system or network.
In the Internet, a part of a naming hierarchy which consists of a sequence of names (labels) separated by periods (dots).
Note: There are multiple other technical and communications-related definitions for ‘domain’.
Domain Name System (DNS)
The naming system that translates domain names into IP addresses.
Dual-stack network device
ICT equipment that implements both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) protocol stacks.
Extensible Authentication Protocol-Transport Layer Security
Elliptic Curve Diffie-Hellman
Elliptic Curve Digital Signature Algorithm
Encapsulating Security Payload (ESP)
A protocol used for encryption and authentication in Internet Protocol security (IPsec).
The conversion of electronic plaintext data into unreadable ciphertext using algorithms. Encryption protects the confidentially of data at rest and in transit. Both encryption and decryption are functions of cryptography.
A methodology of protecting a network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connection to the network creates a potential entry point for security threats.
A method of secure communication where only the communicating users can read data transferred from one end-system or device to the other. The encryption keys are only accessible by the owner of the data.
Erasable programmable read-only memory
An independent statutory office supported by the Australian Communications and Media Authority (ACMA). The eSafety Commissioner has various functions and powers to foster online safety for all Australians.
A physical and data link layer technology for local area networks (LANs). Higher level network protocols like Internet Protocol (IP) use Ethernet as their transmission medium.
Evaluation Assurance Level (EAL)
Evaluation Assurance Level (EAL1 through EAL7)
Used by a security information and event management tool. This tool provides a level of analysis of the contents of an event log to help network administrators determine what is going on within a network.
Federal Information Processing Standard (FIPS)
Federal Information Processing Standard
A highly-reliable, gigabit interconnect technology that allows concurrent communications among workstations, mainframes, servers, data storage systems, and other peripherals using SCSI and IP protocols. It provides interconnect systems for multiple topologies that can scale to a total system bandwidth at a terabit per second.
Refers to the medium and the technology associated with the transmissions of information as light impulses along a glass or plastic wire or fibre. Fibre optic wire carries much more information than conventional copper wire and is far less subject to electromagnetic interference.
An English-speaking intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom and the United States of America.
Flash memory media
A specific type of electrically erasable programmable read-only memory.
General Data Protection Regulation (GDPR
A regulation in European Union (EU) law on data protection and privacy in the EU and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA. The GDPR is generally considered a gold standard of data privacy and protection.
Global Positioning System (GPS)
A system of satellites combined with receivers on Earth that determines the latitude and longitude of any particular receiver through triangulation.
An impartial publication by the Australian Cyber Security Centre (ACSC) which will help you to identify your options, provide direction and narrow down your choices, and may include instructions relating to specific products. The ACSC makes every undertaking to ensure the accuracy and quality of the information it provides but is not accountable for any decision made based on it.
Hash-based Message Authentication Code Algorithms
A cryptographic construction that can be used to compute Message Authentication Codes using a hash function and a secret key.
High Assurance Cryptographic Equipment (HACE)
ICT equipment containing cryptographic logic and components that have been designed and authorised for the protection of highly classified information.
Host-based Intrusion Prevention System
Software, resident on a system, which monitors system activities for malicious or unwanted behaviour and can react in real-time to block or prevent those activities.
Human Machine Interface (HMI)
The control panel or on-screen controls that allow a person to adjust the operation of a machine or computer program.
An approach that blends the convenience of an asymmetric encryption scheme with the effectiveness of a symmetric encryption scheme.
Hypertext Transfer Protocol (HTTP)
Hypertext Transfer Protocol is the fundamental protocol used for transferring files on the Internet.
Hypertext Transfer Protocol Secure (HTTPS)
While Hypertext Transfer Protocol (HTTP) is the basic framework for transferring data across the web, HTTPS adds a layer of encryption for additional security; with ‘S’ standing for secure.
Identity and Access Management, also called Identity Management (IdM).
The process of analysing the access of individuals or systems to an organisation’s IT resources.
Incident Response Plan
A plan for responding to cyber security incidents.
Industrial Control Systems
Control systems and associated instrumentation used to efficiently operate and/or automate industrial processes. Industrial Control Systems include supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other smaller control system configurations such as programmable logic controllers (PLC).
Information and communications technology (ICT)
An extensible term for information technology that stresses the role of unified communications and the integration of telecommunications and computers, as well as related enterprise software, middleware, storage and audio-visual systems, that enable users to access, store, transmit and manipulate information.
Information security (INFOSEC)
The protection of information and information systems from unauthorised access, use, disclosure, disruption, modification or destruction in order to provide confidentiality, integrity and availability.
The accuracy and completeness of information and assets and the authenticity of transactions.
The property of your mind or proprietary knowledge. It can be an invention, trade mark, design, brand or the application of your idea.
The global system of interconnected computer networks that use standardised communication protocols to link devices and provide a variety of information and communication facilities.
Internet of Things (IoT)
The network of physical objects, devices, vehicles, buildings and other items which are embedded with electronics, software, sensors and network connectivity, which enables these objects to connect to the Internet and collect and exchange data.
Internet Protocol Security (IPsec)
A suite of protocols for secure communications through authentication or encryption of Internet Protocol (IP) packets as well as including protocols for cryptographic key establishment.
Internet Protocol version 6 (IPv6)
A protocol used for communicating over packet switched networks. Version 6 is the successor to version 4 which is widely used on the Internet.
Internet Service Provider (ISP)
A company that provides subscribers with access to the Internet.
Intrusion Detection System
An automated system used to identify an infringement of security policy. IDS can be host-based or network-based.
Joint Cyber Security Centre (JCSC)
The ACSC’s Joint Cyber Security Centre program brings together business and the research community along with state, territory and Australian Government agencies in an open and cooperative environment.
A computer which is used to manage important or critical resources in a separate security domain. Also known as a jump host or jump box.
A special piece of data used for encryption and/or decryption. Due to modern encryption automation, keys are not humanly readable and typically look like alphanumeric gibberish to people.
A computerised random number generator chooses the bits of the key in such a way that it cannot be predicted. The keys are binary values that may be interpretable as the codes for text strings, or they may be arbitrary numbers.
The purpose of encryption is to prevent unauthorised access to data while it is either in storage or being transmitted.
The activities involving the handling of encryption keys and other related security parameters (e.g., passwords) during the entire life cycle of the encryption keys, including their generation, storage, establishment, entry and output, and destruction. For more information, visit our key management page.
Cryptographic keys generated or used by cryptographic equipment or software.
Stands for ‘Local Area Network’, a group of computers and associated devices that share a common communications line or wireless link.
Also known as the ‘data link layer’ in the seven-layer Open Systems Interconnection (OSI) model of computer networking.
The data link layer is the protocol layer that transfers data between adjacent network nodes in a wide area network or between nodes on the same local area network segment.
The data link layer provides the functional and procedural means to transfer data between network entities, and might provide the means to detect and possibly correct errors that may occur in the physical layer.
Examples of data link protocols include Ethernet for local area networks.
In computer science, a library is a collection of non-volatile resources used by computer programs, often for software development.
A software license is a legal instrument governing the use or redistribution of software.
An HTML object that allows you to jump to a new location when you select it. Links provide a simple means of navigating between pages on the web.
Local area network (LAN)
A computer network that interconnects devices within a limited area such as a home, school, laboratory or office building.
The automatically produced and time-stamped documentation of events relevant to a particular system.
Media Access Control
A type of artificial intelligence (AI) that allows software applications to become more accurate in predicting outcomes without being explicitly programmed.
The basic premise of machine learning is to build algorithms that can receive input data and use statistical analysis to predict an output value within an acceptable range.
An instruction that causes the execution of a predefined sequence of instructions.
Traffic generated by system administrators over a network in order to control workstations and servers. This includes standard management protocols and traffic that contains information relating to the management of the network.
A generic term for hardware, often portable in nature, which is used to store information.
The process of physically damaging media with the intent of making information stored on it inaccessible. To destroy media effectively, only the actual material in which information is stored needs to be destroyed.
The process of erasing or overwriting information stored on media so that it cannot be retrieved or reconstructed.
Descriptive information about the content and context used to identify information.
Multiple-input and multiple-output
Multi-factor authentication (MFA)
A method of computer access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).
National Relay Service (NRS)
A government service that allows people who are deaf, hard of hearing and/or have a speech impairment to make and receive phone calls.
National Broadband Network
All associated information technology equipment and media creating electronic transmission between and among any information sources and resource(s), such as wired, optical, wireless, IP, synchronous serial, telephony, etc. devices.
Network access control
Security policies used to control access to a network and actions on a network. This can include authentication checks and authorisation controls.
The infrastructure used to carry information between workstations and servers or other network devices.
Partitioning a network into smaller networks; compare with network segregation.
Developing and enforcing a rule set for controlling the communications between specific hosts and services; compare with network segmentation.
Non-disclosure agreement (NDA)
A contract by which one or more parties agree not to disclose confidential information that they have shared with each other as a necessary part of doing business together.
Non-shared government facility
A facility where the entire facility and personnel are cleared to the highest level of information processed in the facility.
A type of media which retains its information when power is removed.
Open System Interconnect
An agreement in which one company hires another company to be responsible for a planned or existing activity that is or could be done internally, and sometimes involves transferring employees and assets from one firm to another.
Pacific Cyber Security Operational Network (PaCSON)
A multinational Pacific cyber security network which the Australian Cyber Security Centre (ACSC) is a member of. PaCSON promotes closer sharing of cyber security threat information, tools, techniques and ideas between Pacific nations.
Part of digitally transmitted data that is the fundamental purpose of the transmission. In the cyber-security context, normally the part of a malware program that performs a malicious action.
Peer-to-peer (P2P) file sharing network
A decentralised file sharing system. Files are stored on and served by the personal computers of the users.
Penetration testing (pen test)
A method of evaluating the security of an ICT system by seeking to identify and exploit vulnerabilities to gain access to systems and data. Also called a ‘pen test’.
Personal identification number (PIN)
A number allocated to an individual and used to validate electronic transactions.
Public Key Infrastructure
Portable Document Format (PDF)
A file format that has captured all the elements as of a printed document as an electronic image that you can view, navigate, print or forward to someone else.
Position of trust
A position that involves duties that require a higher level of assurance than that provided by normal employment screening. In some organisations additional screening may be required.
Positions of trust can include, but are not limited to, an organisation’s Chief Information Security Officer and their delegates, administrators or privileged users.
The shell framework developed by Microsoft for administrative tasks such as configuration management and automation of repetitive jobs.
Settings which control how a user’s data is shared with other people or systems. Privacy settings apply to web browsers and social networking services.
A document that stipulates the security functionality that must be included in a Common Criteria evaluation to meet a range of defined threats.
Protection Profiles also define the activities to be taken to assess the security function of an evaluated product.
Public Key Infrastructure (PKI)
A set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
Public network infrastructure
Network infrastructure that an organisation has no control over (e.g. the Internet).
Public Switched Telephone Network (PSTN)
Public network infrastructure used for voice communications.
Quality of service (QoS)
The ability to provide different priorities to different applications, users or data flows, or to guarantee a certain level of performance to a data flow.
Relating to, or employing the principles of quantum mechanics.
Quantum algorithms are sets of instructions given to quantum computers to execute tasks. Some quantum algorithms have improved efficiencies (speed-ups) when compared to classical algorithms for the same task.
Quantum computing harnesses the quantum behaviour of atoms, molecules and nanoelectronic circuits for a radically different and more fundamentally powerful way of computing. Potential impacts and applications of quantum computing include security, optimization, simulation of physical, chemical and biological processes, and drug and material design.
Quantum Error Correction
Quantum error correction refers to the measurement, mitigation and correction of quantum errors to improve the performance, size, and reliability of a quantum computer.
In classical computing, a gate is a logical operation that processes input bits to generate output bits. In quantum computing, a quantum gate transforms a sequence of quantum bits. Quantum gates are mathematically represented by matrices.
Quantum Information Science and Technology (QIST)
Quantum Information Science and Technology (QIST) is a multidisciplinary field bringing together quantum mechanics and information technology. QIST is a field of study for mathematicians, computer scientists, physicists, chemists, engineers, and more.
Quantum Key Distribution (QKD)
The cryptographic protocol based on the uncertainty principle, where two parties exchange quantum states instead of electronic signals. QKD keeps information absolutely safe, even against an attack from a quantum computer.
Quantum mechanics, also known as quantum physics, is the study of our universe at its most fundamental level. It explains and predicts the behaviour of atoms and molecules in a way that redefines our understanding of nature.
The quantum state is the condition in which a physical system, such as an electron, exists. Knowing the quantum state of the system allows us to predict the outcomes of experiments.
Quantum-safe (or Quantum-resistant) cryptography is the study of information security protocols that are designed to be secure against attacks by both classical and quantum computers.
A qubit, or a quantum bit, is any bit made out of a quantum system, like an electron or photon. Just like classical bits, a quantum bit must have two distinct states: one representing “0” and one representing “1”. A quantum bit may also exist in superposition states.
The transmission of signals by modulation of electromagnetic waves with frequencies below those of visible light.
Radio frequency (RF) transmitter
A device designed to transmit electromagnetic radiation as part of a radio communication system.
Remote Access Dial-In User Service
Most commonly refers to the removal of information from a document to ensure that information remains private or secret from a wide audience. It can also refer to a form of editing in which multiple sources of texts are combined and altered slightly to make a single document.
Access to a system that originates from outside an organisation’s network and enters the network through a gateway, including over the Internet.
Remote Desktop Protocol (RDP)
A proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.
Rivest-Sharmir-Adleman. One of the encryption key algorithms used to protect data.
A virtual space in which new, untrusted or untested software or coding can be run safely without risking harm to the hosting computer.
Secure shell (SSH)
A network protocol that can be used to securely log into, execute commands on, and transfer files between remote workstations and servers.
Secure Sockets Layer (SSL)
A networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the Internet.
Secure/Multipurpose Internet Mail Extension (S/MIME)
A protocol which allows the encryption and signing of email messages.
Security Construction and Equipment Committee (SCEC)
An Australian Government interdepartmental committee responsible for the evaluation and endorsement of security equipment and services. The committee is chaired by the Australian Security Intelligence Organisation (ASIO).
Service Set Identifier (SSID)
The name given to identify a particular Wi-Fi network. The SSID is broadcast by the wireless access point (wireless router) and can be detected by other wireless-enabled devices in range of the wireless access point (WAP). In some cases, SSIDs are hidden, making them invisible to Wi-Fi clients.
Secure Hashing Algorithm 1
Secure Hashing Algorithm 2
Shared government facility
A facility where the facility and personnel are cleared at different levels.
Shared non-government facility
A facility where the facility is shared by government organisations and non-government organisations.
The program that gives your commands to your computer’s operating system.
A distinct pattern in network traffic that can be identified to a specific tool or exploit. Signatures are used by security software to determine if a file has been previously determined to be malicious or not.
Simple Network Management Protocol (SNMP)
A widely-used network monitoring and control protocol.
Small Computer System Interface (SCSI)
A set of standard electronic interfaces that allow personal computers to communicate with peripheral hardware such as disk drives, CD-ROM drives, printers etc. more quickly and flexibly than previous interfaces.
Bugs in software. Bugs are coding errors that cause the system to make or allow an unwanted action.
Solid state drive Non-volatile media that uses flash memory media to retain its information when power is removed and, unlike non-volatile magnetic media, contains no moving parts.
Synchronous Optical networks. A fibre-optic transmission system for high-speed digital traffic. Employed by telephone companies and common carriers, speeds range from 51 Mbps to 40 Gbps.
Information that is exclusive to a nation. For example, data sets that should only be hosted in Australia, in an accredited Australian data centre, across Australian networks and only accessed by the Australian government and our Australian service providers
Functionality that allows personnel to access both public network infrastructure and a Virtual Private Network (VPN) connection at the same time, such as an organisation’s system and the Internet.
Storage Area Network (SAN)
A high-speed special-purpose network (or sub-network) that interconnects different kinds of data storage devices with associated data servers on behalf of a larger network of users.
Supervisory Control and Data Acquisition (SCADA)
A control system architecture comprising computers, networked data communications and graphical user interfaces for high-level process supervisory management. It also comprises other peripheral devices like programmable logic controllers and discrete proportional-integral-derivative controllers used to interface with process plant or machinery.
Traffic Light Protocol (TLP)
The Traffic Light Protocol is a set of Australian Cyber Security Centre (ACSC) designations used to ensure that information is shared with the correct audience.
Transfer Cross Domain Solution
A system that facilitates the transfer of information, in one or multiple directions (low to high or high to low), between different security domains.
Transmission Control Protocol (TCP)
A set of rules (protocol) used along with the Internet Protocol (IP) to send data in the form of message units between computers via a network or over the Internet.
While IP takes care of handling the actual delivery of the data, TCP takes care of keeping track of the individual units of data (called packets) that a message is divided into for efficient routing through the Internet.
Transport Layer Security (TLS)
A protocol that ensures privacy between communicating applications and their users on the Internet.
When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message.
TLS is the successor to the Secure Sockets Layer.
An Internet Protocol security (IPsec) mode that provides a secure connection between two endpoints by encapsulating an IP payload.
An Internet Protocol security (IPsec) mode that provides a secure connection between two endpoints by encapsulating an entire IP packet.
A form of multi-factor authentication to confirm a user’s claimed identity by combining two different pieces of evidence.
Uniform Resource Locator (URL)
The technical term for the web address (location) of an Internet resource such as a website or an image within a website.
Universal Serial Bus (USB)
A standardized serial computer interface that allows simplified attachment of peripherals
User experience (UX)
The overall experience of a person using a product such as a website or computer application, especially in terms of how easy or pleasing it is to use.
User interface (UI)
The means by which the user and a computer system interact, in particular the use of input devices and software.
Confirmation, through the provision of objective evidence, that specified requirements have been fulfilled.
Virtual network encryption allows encryption of virtual network traffic between virtual machines that communicate with each other within sub-nets marked as ‘Encryption Enabled.’ For more details, visit our virtual encryption product page.
Virtual Local Area Network (VLAN)
Network devices and ICT equipment grouped logically based on resources, security or business requirements instead of their geographic location. For example, by department, type of user, or primary application.
Virtual Private Local Area Network Service (VPLS)
Virtual Private Local Area Network Service. A technology that makes it possible to connect local area networks (LANs) over the Internet, so that they appear to subscribers like a single Ethernet LAN.
Virtual Private Network (VPN)
A network that maintains privacy through a tunnelling protocol and security procedures. VPNs may use encryption to protect traffic.
Simulation of a hardware platform, operating system, application, storage device or network resource.
Voice over Internet Protocol. An IP telephony term for a set of facilities used to manage the delivery of voice information over the Internet. VoIP involves sending voice information in digital form in discrete packets rather than by using the traditional circuit-committed protocols of the public switched telephone network.
A type of media, such as RAM, which gradually loses its information when power is removed.
A weakness in system’s/company’s security requirements, design, implementation or operation that could be exploited.
The process of identifying, prioritising and responding to security vulnerabilities.
A technique used in flash memory to prolong the life of the media. As data can be written to and erased from an address on flash memory a finite number of times, wear-levelling helps to distribute writes evenly across each memory block, thereby decreasing the wear on the media and increasing its lifetime.
Wide Area Network (WAN)
A geographically dispersed telecommunications network. The term distinguishes a broader telecommunication structure from a local area network (LAN)
A set of wireless communication protocols that can transmit traffic to Wi-Fi enabled devices within a local area. A Wi-Fi enabled device such as a laptop or mobile device can connect to the Internet when within range of a wireless network connected to the Internet. An area covered by one or more Wi-Fi access points is commonly called a hotspot.
Wi-Fi Protected Access (WPA)
Original protocol for communicating information over wireless networks
Wi-Fi Protected Access 2 (WPA2)
A protocol designed to replace the Wi-Fi Protected Access protocol for communicating information over wireless networks.
Telecommunication involving signals transmitted by radio waves rather than over wires, also: the technology used in radio telecommunication.
Wireless Access Point (WAP)
A device which enables communications between wireless clients. It is typically also the device which connects wired and wireless networks.
Wireless local area network (WLAN)
A wireless distribution method for two or more devices that use radio communications and often includes an access point to the Internet.
A network based on the 802.11 standards.
Zero day (0-day)
A software exploit that has not been disclosed or patched by the software vendor.