Glossary
Danmont
A smart card operating system developed in Denmark and used in the VisaCash card. See www.iccard.dk.
DAP
Directory Access Protocol, a DUA conveys requests for information on behalf of users and programs to the Directory through a Directory Access Protocol (DAP).
DARPA:
Defense Advanced Research Projects Agency.
DASM
Device Application Security Management
Data Driven Attack:
A form of attack that is encoded in innocuous seeming data which is executed by a user or a process to implement an attack. A data driven attack is a concern for firewalls, since it may get through the firewall in data form and launch an attack against a system behind the firewall.
Data Encryption Standard (DES):
1.) An unclassified crypto algorithm adopted by the National Bureau of Standards for public use. 2.) A cryptographic algorithm for the protection of unclassified data, published in Federal Information Processing Standard (FIPS) 46. The DES, which was approved by the National Institute of Standards and Technology (NIST), is intended for public and government use.
Data Integrity
Different from authentication and confidentiality, which are the two other conventional features provided by encryption. It uses protocols and calculations that ensure that a message is not changed (intentionally or accidentally) during transmission.
Data Warehouse
Permits access of information throughout the system by use of a central data repository or storage system. This functionality is more recently being delivered by “just-in-time” co-ordinated access across multiple databases (“threading”), which allows for on-demand compilation of patient records
Daughter Card
One of a batch or shipment of cards that is unlocked with a mother card.
DCS 1800
Digital Cellular System network working at 1800 MHz.
DDA
Dynamic Data Authentication
DDR Memory
Double Data Rate. A new type of SDRAM memory that is both higher performance and lower power than standard SDRAM, making it appropriate for the latest portable devices.
DEA
Data Encryption Algorithm.
Debit Card
A payment card when the money is direct debited from a persons' account when paying for goods and services and withdrawing cash.
Debit Card Activation
Percentage of debit cards owners that use it at least once a month.
Debit Card Saturation
Percentage of bank customers with checking accounts that own a debit card.
Decryption
The process of converting encrypted data back into its original form, so it can be understood. To easily recover the contents of an encrypted signal, the correct decryption key is required. The key is an algorithm that "undoes" the work of the encryption algorithm. Alternatively, a computer can be used in an attempt to "break" the cipher. The more complex the encryption algorithm, the more difficult it becomes to eavesdrop on communications without access to the key.
DECT
Digital Enhanced (previously European) Cordless Telecommunication System. Developed by ETSI for domestic cordless telephone service but now extended to other uses as well such as telepoint and data transmission in office environments (wireless LAN). Operates in 1.88-1.90GHz band and uses TDMA coding.
Defense Information Infrastructure (DII):
The shared or interconnected system of computers, communications, data applications, security, people, training and other support structures serving DoD local, national, and worldwide information needs. DII connects DoD mission support, command and control, and intelligence computers through voice, telecommunications, imagery, video, and multimedia services. It provides information processing and services to the subscribers over the Defense Information Systems Network and includes command and control, tactical, intelligence, and commercial communications systems used to transmit DoD information. (Pending approval in JP 1-02).
Defensive Information Operations:
A process that integrates and coordinates policies and procedures, operations, personnel, and technology to protect information and defend information systems. Defensive information operations are conducted through information assurance, physical security, operations security, counter-deception, counter-psychological operations, counter-intelligence, electronic protect, and special information operations. Defensive information operations ensure timely, accurate, and relevant information access while denying adversaries the opportunity to exploit friendly information and information systems for their own purposes. (Pending approval in JP 1-02).
Degaussing
Magnetic stripe data erasure.
Demon Dialer:
A program which repeatedly calls the same telephone number. This is benign and legitimate for access to a BBS or malicious when used as a denial of service attack.
Denial of Service:
Action(s) which prevent any part of an AIS from functioning in accordance with its intended purpose.
Derf:
The act of exploiting a terminal which someone else has absent mindedly left logged on.
DES
Data Encryption Standard. Symmetrical encryption system (secret key, i.e. with a single key to cipher and decipher) established as a ciphering standard by the American government in 1977 based on developments made by IBM. It usually uses a 56 bit key to cipher 64 bit data blocks. It is increasingly used in the triple DES form (three ciphering operations instead of one according to different protocols). Now replaced as a standard by the AES (see above).
Dethloff, Jürgen
The German co-inventor of the smart card in 1968. See also Gröttrupp, Helmut.
DF
(Dedicated File) Memory organization for microprocessor cards: A DF is a logical entity that holds a number of elementary files (EF). In multi-purpose cards each DF will normally correspond to a distinct application. See MF, EF.
DHS
Department of Homeland Security (DHS)
DICOM
Digital Imaging and Communications in Medicine
Digital
An electrical signal converted into a form consisting purely of on-off pulses, similar to those found within computers. The nature of this transmission system eliminates most errors and distortion, providing a more reliable means of sending information.
Digital Certificate
An electronic "credit card" that establishes your credentials when doing bussiness or other transactions on the web. It is issued by a certification authority. A digital certificate contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting and decrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify the certificate is real
Digital ID
Another name for a certificate
Digital Key
Strings of unique bits that allow messages to be scrambled and unscrambled
Digital Signature
An electronic signature, created using a public-key algorithmused to establish the authenticity of electronic messages or documents.
Digitizing
Conversion of non-textual data to digital form.
Diversified Key
A smart card key that is computed from a smart card’s serial number and a master key. Diversified key techniques let every card in a large set of cards be accessed with a unique key without the necessity of maintaining a record of which key is on which card. Both the master key and the calculation program are kept in a highly secure environment.
DMA
Direct Memory Access.
DN
Distinguished Name. Each user entry in a directory has a unique distinguished name (DN). These are created by including an attribute which is known to be unique to the real world object. For such as: cn=J.Jones + voterCode=1117, l=Kalamazoo, st=Michigan, c=US
DNS Spoofing:
Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.
DPA
Differential Power Analysis. A type of attack against smart cards, discovered by American Paul Kocher. In order to discover the secrets contained in the card, the attack uses error correction and tension and radiation variation statistical analysis techniques observed directly on an active smart card.
DRAM
Dynamic Random Access Memory. Dynamic RAM requiring a constant power supply and periodic refreshing to ensure data is retained.
DRM
Digital Rights Management
DSA
Digital Signature Algorithm.
DSA
Directory Service Agents, Individual collections, or subsets of data held within an X.500 directory, are managed by directory service agents (DSAs).
DSL
Digital Subscriber Loop.
DSP
Directory System Protocol , DSAs communicate with each other using Directory System Protocol (DSP). Ultimately, these DSAs provide the actual directory service for users and administrators.
DSS
Digital signature standard. The U.S. standard that defines DSA and its use.
DTI
Department of Trade and Industry
DUA
Directory User Agents, when users wish to access a directory, they use directory user agents (DUAs). These agents (DUAs) directly represent the users in accessing the information stored in the Directory.
Dual Slot
Said of a smart card reader than can accommodate two cards simultaneously (often one for the end-user and one to identify an authorized professional).
Dual-interfaced Card
Smart card that has both contactless and contact style interfaces for transferring data to and from the card.
Dumb Terminal
A keyboard and monitor screen combination, connected over a network to a larger computer (such as a mainframe), for which it acts as a workstation (q.v.).