4 Glossary and definition of terms

This glossary explains several important terms related to information security and IT-Grundschutz.

Access (data access)

This type of access refers to the use of information and/or data.

In this case, data access authorisations determine who (within the framework of their function) or which IT applications are authorised to execute transactions and use information, data, or even IT applications.

Access (site access)

This type of access refers to the entry to restricted areas, for example certain rooms or protected sections of a property.

Site access authorisations therefore allow people to enter certain environments, for example a property, a building, or specific rooms in a building.

Access (system access)

This type of access refers to the use of IT systems, system components, and networks.

System access authorisations therefore allow a user to use certain resources, for example IT systems and/or system components or networks.

Additional security analysis

According to IT-Grundschutz, this analysis must be performed if the target objects of the information system considered have increased protection requirements, cannot be modelled adequately, or are operated in atypical application scenarios. The corresponding approach is described in the BSI standard 100-2 "IT-Grundschutz approach". The additional security analysis is used to determine which parts of the information system need to be subjected to a risk analysis.

Administrator

An administrator manages and provides support for computers and computer networks. He/she installs operating systems and application programs, creates new user IDs, and grants users the rights needed to do their work. The administrator himself/herself generally has wide-ranging or even unrestricted access rights to the computers and networks administered.

Application-Level-Gateway (ALG)

A so-called Application Level Gateway (ALG) offers the functionality of a security gateway at the application level. ALGs also implicitly perform functions located in ISO/OSI layers 1 through 3. ALGs, also referred to as security proxies, cut off the direct flow of data between the source and the destination. When a client on one side of the proxy and a server on the other side of a proxy communicate, the proxy receives the requests from the client and forwards them to the server. The proxy operates in the same manner with data flowing in the other direction, i.e. from the server to the client.

In this case, communication between the two computers is only possible indirectly via the proxy. This form of communication allows a proxy to filter out certain protocol commands, for example.

Attack

An attack is a deliberate form of threat, namely an undesired or unauthorised action executed with the goal of gaining advantages and/or causing damage to third parties. Attackers may also act on behalf of third parties who wish to gain an advantage through the attack.

Auditing

Auditing is the systematic examination of the suitability of and compliance with specified (security) guidelines. Auditing should be independent and neutral.

Authentication

Authentication refers to the confirmation of identity towards a communication partner. Authentication may be obtained by entering a password, using a chip card, or with biometric methods, for example.

In Germany, some authors differentiate between the terms authentication and authentification. Authentication in this case refers to the submission of some type of verification of the user's identity, while authentification refers to the examination of this verification. In order to ensure the comprehensibility of the test, this differentiation is not made in the IT-Grundschutz documents.

Authenticity

The term authenticity refers to the attribute ensuring that a communication partner is actually the one it claims to be. Authentic information is information guaranteed to have been created by the source specified. The term is not only used when the identity of persons is checked, but also for IT components or applications.

Authorisation

During authorisation, it is checked whether a person, an IT component, or an application is authorised to perform a specific action.

Availability

The availability of services and IT system, IT application, and IT network functions, or even of information is guaranteed if the users are able to use them at all times as intended.

Backdoor

Backdoors refer to malware intended to maintain unauthorised access to an IT system allowing undetected access to the system and possessing the maximum scope of rights in order to eliminate traces of the attack, for example.

Basic security check

In IT-Grundschutz, this term refers to the investigation of whether the safeguards recommended according to IT-Grundschutz have already been implemented in an organisation and which basic security safeguards are still missing.

Basic threat

A basic threat in general terms is an event or condition involving the risk of damage. The possible damage in this case can be caused to actual values, for example to financial assets, knowledge, objects, or people's health. In IT terms, a basic threat is a condition or an event which can negatively affect the availability, integrity, or the confidentiality of information, which in turn may result in damage to the owner and/or user of the information. Examples for basic threats include Force Majeure, Human Errors, Technical Failure, or Deliberate Acts. If a basic threat encounters a vulnerability (technical or organisational shortcomings in particular), the basic threat becomes a threat.

Basic values of information security

The IT-Grundschutz defines three fundamental information security values: confidentiality, availability, and integrity.

Each user is naturally free to include additional fundamental values during protection requirements determination if this is helpful in his/her individual application case. Other generic terms concerning information security include, for example:

BIA (Business Impact Analyse)

A Business Impact Analysis (consequential damage analysis) is an analysis designed to determine potential direct and indirect consequential damage for an organisation caused by the occurrence of an emergency or a crisis and the failure of one or several business processes. It is a procedure designed to identify critical resources and restart requirements, as well as the effects of unscheduled interruptions of business operations.

Binding nature

The term binding nature combines the security objectives of authenticity and non-repudiation. For the transmission of information, this means that the source of information has proven its identity and that reception of the message cannot be denied.

Biometrics

Biometrics refers to the automated recognition and identification of persons based on their physical characteristics. Biometrics can be used to unambiguously identify and authenticate users based on special characteristics. One or more of the following biometric characteristics may be used for authentication purposes, for example:

Blackbox test

A browser is software used to access the World Wide Web. The program interprets the incoming data and displays it as text and images on the screen.

Within the framework of blackbox tests, the behaviour of outside attackers is simulated, assuming that the attacker has no or only superficial information about the target.

Browser

A browser is software used to access the World Wide Web. The program interprets the incoming data and displays it as text and images on the screen.

Business Continuity Management

Business Continuity Management (BCM) refers to all organisational, technical, and personnel measures that serve to ensure the continuity of the core business of a government agency or company when an emergency and/or a security incident occurs. Furthermore, BCM also supports the successive continuation of the business processes during long-term failures or malfunctions.

Certificate

Different meanings of the term certificate are used in information security contexts. The main definitions are as follows:

Client

Client is a term referring to software or hardware that is capable of using certain services provided by a server. The term client is often used to refer to a workstation computer that accesses data and programs available on a server in a network.

Components

In IT-Grundschutz, components refers to technical target objects (see there) or parts of target objects.

Computer virus

A computer virus is a non-independent, self-reproducing routine manipulating system areas, other programs, and their environments in a manner which cannot be controlled by the user. (In addition, the virus can also be programmed with functions intended to cause damage.)

Confidentiality

Confidentiality means protection against the unauthorised disclosure of information. Confidential data and information must only be accessible to those authorised using the allowed access methods.s

Cumulative effect

The cumulative effect describes the fact that the protection requirements of an IT system must be increased if the accumulation of several (e.g. smaller-scale) damages on an IT system may lead to a higher total damage. For example, this may be triggered if several IT applications and/or numerous sensitive information is processed on an IT system, so that the cumulative effect of damages may result in a higher overall damage.

Danger

"Danger" is often regarded as a generic term, whereas "threat" is understood as a danger described in more detail (defined spatially and temporally with regard to type, scope, and direction). Example: The danger is loss of data. Loss of data may occur, for example, due to a defective hard disk or as the result of the hard disk being stolen by a thief. The threats then include "defective data media" and "theft of data media". However, this differentiation is not made consistently in the literature and its significance is more of an academic nature so that both "danger" and "threat" can be deemed synonymous.

Data backup

When backing up data, backup copies of the existing databases are created to prevent any loss of data. Data backup includes all technical and organisational safeguards required for ensuring the availability, integrity, and consistency of the systems, including the data, programs, and procedures saved on these systems for processing purposes.

Proper data backup means that the safeguards taken - depending on the data sensitivity - allow for immediate or short-term restoration of the condition of systems, data, programs, or procedures when it has been determined that the availability, integrity, or consistency has been adversely affected by a damaging event. The minimum requirements of these safeguards include making copies of the data and testing the restoration capability of copies of the respective software, data, and procedures in defined cycles and generations.

Data protection

Data protection is intended to protect the right to privacy of individuals from being violated through improper handling of their personal data. Data protection is therefore used to refer to the protection of personal data against possible misuse by third parties (not to be confused with the term data security).

The terms "data protection" and "data privacy" differ slightly, though: "Data protection" refers to data protection as a legal concept. The term "data privacy", on the other hand, is more directly related to the lives of people (i.e. the protection of their privacy) and is used primarily in the U.S., although its use is becoming more common in the European Union.

Data protection management

Data protection management refers to the processes necessary to ensure the implementation of the legal requirements of the data protection laws when planning, configuring, and operating procedures used to process information, as well as when taking these procedures out of operation.

Data security

Data security refers to the protection of data in connection with stipulated requirements regarding their confidentiality, availability, and integrity. A modern term for this is "information security".

Demilitarised zone (DMZ)

A DMZ is an intermediate network located between the intranet and the internet, but not included in either network. It is a separate network not protected as strongly as the network actually to be protected.

On simple security gateways, DMZs are normally created on a third interface of the packet filter. If the security gateway comprises an Application Level Gateway packet filter configuration, an additional interface of the Application Level Gateway (ALG) generally serves as DMZ interface. If packet filters or ALG have more than three interfaces, additional DMZs can be created.

Digital signature

A digital signature is an item of check information appended to a message or file and associated with the following characteristics:

Distribution effect

The distribution effect may have a qualifying influence on protection requirements if an individual application has high protection requirements, but its protection requirements are not applicable to the IT system considered due to the fact that only insignificant parts of the application run on this IT system.

Encryption

Encryption (coding) transforms a clear text depending on an item of additional information (known as the key) into a corresponding secret text (cipher text or enciphered text), which should not be decryptable for anyone not in possession of the key. The reverse conversion - restoring the clear text from the cipher text - is known as decryption or decipherment.

Firewall

A firewall (better referred to as security gateway) is a system consisting of hardware and software components that is used to connect IP networks securely (see security gateway).

Information security

The goal of information security is to protect information. This information might be stored on paper, on computers, or inside people's heads. IT security primarily concerns protecting and processing information stored electronically. The term "information security" is therefore more comprehensive than the term "IT security" and is being used more and more often. However, since the term "IT security" is still overwhelmingly used in the literature, it will still be used in this and other publications relating to IT-Grundschutz, although the documents will place more and more emphasis on considering information security over time.

Information security management (IS management)

The planning, management, and control roles essential for establishing and continuously implementing a thoroughly thought through and effective process for ensuring information security are referred to as information security management. This is a continuous process the strategies and concepts of which must be continuously monitored for their performance and effectiveness and updated as required.

The term "IT security management" is still frequently used in IT-Grundschutz for the same reasons as mentioned above for the terms "information security" and "IT security".

Information system

An information system (or also IT system) refers to all infrastructural, organisational, personnel, and technical objects serving to perform tasks in a particular field of application of information processing. An information system may refer to the entire organisation or to individual areas defined by organisational structures (e.g. departments) or joint business processes and/or shared applications (e.g. HR information system).

Information technology (IT)

Information technology (IT) encompasses all technical resources which serve for processing or communicating information. Information processing includes acquiring, recording, using, storing, communicating, program-controlled processing, internally displaying, and outputting information.

Infrastructure

In terms of IT-Grundschutz, infrastructure is understood to include the buildings, rooms, power supplies, air conditioning systems, and cabling used for IT. The IT systems and network switching elements are not part of the infrastructure.

Integrity

Integrity refers to ensuring the correctness (intactness) of data and the correct functioning of systems. When the term integrity is used in connection with the term "data", it expresses that the data is complete and unchanged. In the field of information technology, however, this term is used somewhat more widely and also for "information". The term "information" is used for data that, depending on the context, can be associated with certain attributes such as the author or the time and date of creation. Loss of the integrity of information can therefore mean that it was changed without authorisation, the information regarding the originator was tampered with or that the date of creation was manipulated.

Intranet

An intranet is an internal network which is fully controlled by the network provider (i.e. the respective government agency or the company). Normally, access from other networks (such as the internet) is protected by a firewall.

IS Management Team

In larger organisations, it makes sense to establish an IT Management Team (often also referred to as IT Security Management Team) supporting the IT Security Officer, for example by coordinating comprehensive safeguards in the overall organisation, by compiling information, and by performing control tasks.

IT security

IT security refers to a condition where risks existing as the result of basic threats and vulnerabilities during the use of information technology are limited to an acceptable level by suitable safeguards. IT security is therefore also the condition in which confidentiality, integrity and availability of information and information technology are protected by appropriate safeguards.

IT Security Officer

A person with technical competence in the field of information security in a staff position of a company or a government agency who is responsible for all aspects regarding information security, participation in the security process and in the IT Management Team, creating the guideline for information security, the security concept and other concepts, e.g. for contingency planning, in a coordinating role and planning and checking their implementation.

The role of the person in charge of information security has different names depending on the type and orientation of the organisation. Commonly used titles are IT Security Officer, Chief Security Officer (CSO), Chief Information Security Officer (CISO), Information Security Manager. On the other hand, the title "Security Officer" commonly refers to those persons responsible for industrial safety, employee safety, or plant security.

IT system

IT systems refer to technical systems which serve for information processing and are a closed functional unit. Typical IT systems include servers, clients, stand-alone computers, mobile telephones, routers, switches, and security gateways.

IT-Grundschutz

IT-Grundschutz refers to a method for setting up a security management system and for protecting information systems with standard security safeguards. Furthermore, IT-Grundschutz refers to the condition where the standard security safeguards recommended by the BSI are implemented sufficiently, which, as a unit of infrastructural, organisational, personnel, and technical security safeguards, protect organisations with normal protection requirements

IT-Grundschutz analysis

An IT-Grundschutz analysis includes modelling, including the determination of the necessary security safeguards, and also the basic security check within the framework of which a target-actual comparison describes the current degree of implementation of security safeguards within a company or a government agency.

Keylogger

A keylogger refers to hardware or software used to record the data entered on the keyboard. It records all keyboard input and then transmits it to an attacker without being noticed, if possible. The attacker can then filter out data he/she deems important from this information, for example login information or credit card numbers.

Malicious function

The term malicious function describes a function not desired by the user that may endanger the information security accidentally or deliberately.

Malicious software (or malware)

The terms malicious function, malicious program, malicious software, and malware are frequently used synonymously. Malware is a coinage constituting the short version of "malicious software" and refers to software designed specifically with the goal of executing unwanted and usually malicious functions. Examples include computer viruses, worms, and Trojan horses. Malware is usually designed for a specific operating system version and is therefore most often written for widely used systems and applications.

Maximum principle

According to the maximum principle, the damage and/or the sum of damages with the most severe effects determines the protection requirements of a business process, an application and/or an IT system.

Modelling

When applying the IT-Grundschutz approach, the information system considered of a company or government agency is mapped with the help of the modules from the IT-Grundschutz Catalogues during the modelling phase. To this end, chapter 2.2 of the IT-Grundschutz Catalogues contains information stating which target objects it should be applied to and which requirements may need to be taken into account for each module.

Modules

This term serves for structuring the recommendations of the IT-Grundschutz Catalogues. Modules are the units within a given layer (e.g. IT systems, networks). They describe technical components (such as cabling), partially organisational procedures (such as the contingency planning concept), and special forms of use (such as home workplace). In each module, the respective aspect and/or IT component and the threat scenario are described, and the organisational and technical security safeguards are recommended additionally.

Multi-client capability

Applications, IT systems, and also services with a stringent separation of the processes, information, and applications of one client from those of other clients are deemed multi-client capable, i.e. no accesses or failures from one area into the other area are possible and therefore there can be no adverse effects on the confidentiality, integrity, or availability of the processes, information, and applications.

Network plan

A network plan is a graphical overview of the components of a network and their connections.

Non-repudiation

Here, the main focus is on verifiability regarding third parties. The aim is to ensure that sending and receiving data and information cannot be denied. A differentiation is made between

Organisations

The term "organisations" is used in this context for companies, government agencies, and other public and private organisations.

Packet filter

Packet filters are IT systems with special software filtering the incoming and outgoing data traffic in a network based on special rules. Packet filters are designed to forward or discard data packets on the basis of the information in the header data of the UDP/IP and/or TCP/IP layers (e.g. IP address and port number). Packet filters base their decisions on the filtering rules specified by the user. In many cases, the packet filters also offer an option for Network Address Translation (NAT) where the sender addresses of IP packets are replaced by an IP address of the packet filter. This way, the network structure of the network to be protected is hidden.

Patch

A patch is a small program that eliminates software errors such as security gaps in applications or operating systems.

Penetration testing

Penetration testing is a targeted , normally simulated attack on an IT system. It is used as an efficiency test to investigate existing security safeguards.

Policy on information security

The policy is a central document for the information security of an organisation. It describes how information security is to be established in the organisation, for which purposes and with which resources and structures. It contains the information security objectives aimed at by the organisation and the information security strategy pursued. The security policy therefore also describes the level of security aimed at in a government agency or company beyond the security objectives.

Privileged authorisations

Privileged or administrative authorisations include more advanced access options on IT systems or software components than required for normal users. Normally, privileged authorisations are only granted for roles, groups, or persons predominantly responsible for administrating the information technology. This includes the operational and/or security-related configuration, amongst other things.

Protection requirements

The protection requirements describe the protection sufficient and adequate for the business processes, the processed information, and the information technology used.

Protection requirements definitions

Criteria adapted to the needs of the organisation under review that are applied to decide which protection requirements category can be applied to an IT component.

Protection requirements determination

During assessment of protection requirements, the necessary degree of protection of the business processes, the processed information, and the IT components is determined. In so doing, the damage to be expected is considered for each application and the information processed that could occur as a result of a loss of confidentiality, integrity, or availability. Here it is also important to realistically estimate the possible consequential damages. Experience has shown that it is best to divide the protection requirements into three categories: "normal", "high", and "very high".

Proxy

A proxy is a kind of representative in networks. It accepts data from one party and forwards it to another location in the network. Proxies are used to filter data flows and forward them selectively.

Qualification level

The IT-Grundschutz methodology includes three qualification levels: "A" for the IT-Grundschutz -entry level, "B" for the IT-Grundschutz continuation level, and "C" for the ISO 27001 certificate based on IT-Grundschutz. "Z" indicates safeguards constituting supplements that may be necessary especially in the event of increased security requirements. Safeguards identified with a "W" are only intended to convey the basic principles and know-how helpful for understanding and implementing the other safeguards.

Risk

A risk is the prediction of possible damage, often based on calculation, in a negative case (danger), or in a positive case a possible advantage (chance). The definition of damage or advantage depends on the benchmark values.

Risk is also often defined as the combination of the probability of occurrence of damage and the extent of this damage.

In contrast to the term "threat", the term "risk" includes an assessment of the extent to which a certain damage scenario is relevant to the scenario being examined.

Risk analysis (or risk assessment)

A risk analysis provides information on which damaging events could occur, the probability of occurrence of a damaging event, and which negative consequences the damage would have.

Rootkit

A rootkit is a malicious piece of software containing manipulated versions of system programs. In Unix, these programs are typically programs such as login, ps, who, netstat, etc. The manipulated system programs are intended to allow an attacker to hide the fact that he/she has successfully gained access with administrator rights so that the attacker can use this access capability again later on.

Safeguard catalogues

In the IT-Grundschutz Catalogues, suitable safeguards are recommended for each module. These are combined to form catalogues divided into sections for Infrastructure, Organisation, Personnel, Hardware/Software, Communication, and Contingency Planning.

Security concept

A security concept serves to implement the security strategy and describes the approach planned to achieve the security objectives set in an organisation. The security concept is the main document in the security process of a company and/or government agency. It must be possible to trace every security safeguard back to the security concept.

Security design

The creation of a security design is one of the primary tasks of information security management. Based on the results of the structure analysis and the protection requirements determination, the required security safeguards are identified and documented in the security concept.

Security gateway

A security gateway (often also referred to as a firewall) is a system made of hardware and software components. It guarantees secure connection of IP networks by restricting the types of communication technically possible to those types that have been approved in a security policy. In this case, security when connecting networks primarily means that only desired accesses or data streams between different networks are permitted and that the data transmitted is checked.

Security policy

In a security policy, the security objectives and general security safeguards are formulated according to official specifications of a company or government agency. Detailed security safeguards are contained in a more comprehensive security concept.

Security safeguard

The term security safeguard (safeguard for short) refers to all actions serving to control and counteract security risks. This includes organisational, personnel, technical, or infrastructural security safeguards. The terms security precaution and protective safeguard are often used synonymously. "Safeguard" is used as a general term. In addition to "safeguard" the term "control" is often used.

Security strategy

This is the incorrect translation of the English term "Security Policy", see security policy.

Servers

A server is either software or hardware offering certain services to others (namely clients). Typically this term refers to a computer which makes its hardware and software resources accessible to other computers in a network. Examples include application, data, web, or email servers. X-servers often cause confusion, as an X-server process typically runs on a workstation computer, i.e. a client in a server-client network.

Spyware

Spyware refers to programs secretly, meaning with no indication, collecting information on a user and/or on the use of a computer and forwarding the information to the author of the spyware. Spyware is often just considered annoying, but it should not be forgotten that spyware could also be used to obtain security-relevant information such as passwords.

Standard software

The term standard software refers to software (programs, program modules, tools, etc.) developed for the requirements of a large number of customers on the market, and not specifically developed for a customer, including the corresponding documentation. It is also characterised by the fact that it is installed by the user and only requires minimum customisation.

Strong authentication

Strong authentication refers to the combination of two authentication techniques, for example a password plus a transaction number (one-time passwords) or a chip card. For this reason, strong authentication is also often referred to as two-factor authentication.

Structure analysis

As part of a structure analysis, the necessary information on the selected information system, applications, IT systems, networks, rooms, buildings, and connections is captured and prepared in such a way that it supports the next steps of IT-Grundschutz.

Target object

Target objects are those parts of the information system one or several modules from the IT-Grundschutz Catalogues can be assigned to within the framework of modelling. Target objects may include physical objects, such as networks or IT systems. Often however, target objects are logical objects such as organisational units, applications, or the entire information system.

Threat

A threat is a basic threat with a direct effect on an object as the result of a vulnerability. Thus, a basic threat only becomes a threat for an object when combined with an existing vulnerability.

For example, are computer viruses a basic threat or threat to users surfing the Internet? According to the above definition, it can be ascertained that all users are principally exposed to a basic threat by computer viruses on the internet. The user downloading an infected file is exposed to a threat by the computer virus if his/her computer is susceptible to this type of computer virus. Users with an effective anti-virus program, a configuration preventing the virus from becoming effective, or an operating system not able to execute the virus code are not exposed to a threat as a result of the downloaded malicious program, however.

Threat catalogues

Threat catalogues are part of the IT-Grundschutz Catalogues and contain descriptions of possible threats for information technology. They are divided into the cause of damage Force Majeure, Organisational Shortcomings, Human Error, Technical Failure, and Deliberate Acts.

Trojan horse

A Trojan horse, sometimes called a Trojan, is a program with a hidden, undocumented function or effect. A Trojan horse cannot spread itself autonomously, and instead it entices users to install the host program containing the Trojan horse by pointing out the benefits of using the host program.

User ID (also often referred to as a user account)

The user ID is the name the user of an IT system uses to identify himself/herself on an IT system. The user ID may be the person's actual name, a pseudonym, an abbreviation, or a combination of numbers and/or letters.

Value (or asset)

The term value refers to everything important to an organisation (financial assets, knowledge, objects, health).

VLAN

Virtual Local Networks (Virtual LANs, VLANs) are used to logically structure networks. In this, a logical network structure is formed in a physical network by connecting workstations and servers with similar functions to a virtual network.

VPN

A Virtual Private Network (VPN) is a network physically operated within another network (often the internet), but logically separated from this network. In VPNs, the integrity and confidentiality of data can be protected and the communication partner can be securely authenticated with the help of cryptographic procedures, even when several networks or computers are connected to each other over leased lines or public networks.

The term VPN is often used to refer to encrypted connections, but other methods can also be used to secure the transport channel, for example special functions available in the transport protocol used.

Vulnerability

A vulnerability is a security-relevant error of an IT systems of an organisation. Causes may include the design, the algorithms used, the implementation, the configuration, or the operation, as well as the organisation itself. A vulnerability may cause a basic threat to become effective and damage an organisation or a system. As a result of a vulnerability an object (an organisation or a system) is susceptible to basic threats.

WLAN

The term WLAN refers to wireless networks based on the group of standards called IEEE 802.11 specified by the Institute of Electrical and Electronics Engineers (IEEE).

Worm

Computer, internet, and email worms are pieces of malware similar to a virus that can reproduce and spread copies of themselves by exploiting the communication interfaces.

© Federal Office for Information Security. All rights reserved.