A direct (primarily visual) analysis of patterns of instruction execution (or execution of individual instructions), obtained through monitoring the variations in electrical power consumption of a cryptographic module, for the purpose of revealing the features and implementations of cryptographic algorithms and subsequently the values of cryptographic keys.

Simplicity in security

Security mechanisms and information systems in general should be as simple as possible. Complexity is at the root of many security vulnerabilities and breaches.

Single-hop problem

The security risks resulting from a mobile software agent moving from its home platform to another platform.

Single point-of-failure

A security risk due to concentration of risk in one place, system, process, or with one person. Examples include placement of Web servers and DNS servers, primary telecommunication services, centralized identity management, central certification authority, password synchronization, single sign-on systems, firewalls, Kerberos, converged networks with voice and data, cloud storage services, and system administrators.

Single sign-on (SSO)

A SSO technology allows a user to authenticate once and then access all the resources the user is authorized to use.

Sink tree

A sink tree shows the set of optimal routes from all sources to a given destination, rooted at the destination. The goal of all routing algorithms is to identify and use the sink trees for all routers. A sink tree does not contain any loops so each packet is delivered within a finite and bounded number of hops. A spanning tree uses the sink tree for the router initiating the broadcast. A spanning tree is a subset of the subnet that includes all the routers but does not contain any loops.

Six-sigma

The phrase six-sigma is a statistical term that measures how far a given process deviates from perfection. The central idea behind six-sigma is that if one can measure how many “defects” are in a process, one can systematically figure out how to eliminate them and get as close to zero defects as possible.

Skimming

The unauthorized use of a reader to read tags without the authorization or knowledge of the tag’s owner or the individual in possession of the tag.

Sliding window protocols

Sliding window protocols, which are used to integrate error control and flow, are classified in terms of the size of the sender’s window and the size of the receiver’s window. When the sender’s window and the receiver’s window are equal to 1, the protocol is said to be in the stop-and-wait condition. When the sender’s window is greater than 1, the receiver can either discard all frames or buffer out-of-order frames. Examples of sliding window protocols, which are bit-oriented protocols, include SDLC, HDLC, ADCCP, and LAPB. All these protocols use flag bytes to delimit frames and bit stuffing to prevent flag bytes from occurring in the data. (Tanenbaum)

Smart card

A credit card-sized card with embedded integrated circuits that can store, process, and communicate information. It has a built-in microprocessor and memory that is used for identification of individuals or financial transactions. When inserted into a reader, the card transfers data to and from a central computer. A smart card is more secure than a magnetic stripe card and can be programmed to self-destruct if the wrong password is entered too many times. This is a technical and preventive control.

Smart grid computing

Consists of interoperable standards and protocols that facilitate in providing centralized electric power generation, including distributed renewable energy resources and energy storage. Ensuring cyber security of the smart grid is essential because it improves power reliability, quality, and resilience. The goal is to build a safe and secure smart grid that is interoperable, end-to-end. Smart grid computing needs cyber security measures as it uses cyber computing.

Smelting

A physically destructive method of sanitizing media to be changed from a solid to a liquid state generally by the application of heat. Same as melting.

Smurf attack

A hacker sends a request for information to the special broadcast address of a network attached to the Internet. The request sparks a flood of responses from all the nodes on this first network. The answers are then sent to a second network that becomes a victim. If the first network has a larger capacity for sending out responses than the second network is capable of receiving, the second network experiences a DoS problem as its resources become saturated or strained.

Sniffer attack

Software that observes and records network traffic. On a TCP/IP network, sniffers audit information packets. It is a network-monitoring tool, usually running on a PC.

Social engineering

(1) The act of deceiving an individual into revealing sensitive information by associating with the individual to gain confidence and trust. (2) A person’s ability to use personality, knowledge of human nature, and social skills (e.g., theft, trickery, or coercion) to steal passwords, keys, tokens, or telephone toll calls. (3) Subverting information system security by using nontechnical (social) means. (4) The process of attempting to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks. (5) An attack based on deceiving users or administrators at the target site and is typically carried out by an adversary telephoning users or operators and pretending to be an authorized user, to attempt to gain illicit access to systems. (6) A general term for attackers trying to trick people into revealing sensitive information or performing certain actions, such as downloading and executing files that appear to be benign but are actually malicious.

Social engineering for key discovery attacks

It is important for functional users to protect their private cryptographic keys from unauthorized disclosure and from social engineering attacks. The latter attack can occur when users die or leave the company without revealing their passwords to the encrypted data. The attacker can get hold of these passwords using tricky means and access the encrypted data. Examples of other-related social engineering attacks include presenting a self-signed certificate unknown to the user, exploiting vulnerabilities in a Web browser, taking advantage of a cross-site scripting (XSS) vulnerability on a legitimate website, and taking advantage of the certificate approval process to receive a valid certificate and apply it to the attacker’s own site.

SOCKS

(1) An Internet Protocol to allow client applications to form a circuit-level gateway to a network firewall via a proxy service. (2) This protocol supports application-layer firewall traversal. The SOCKS protocol supports both reliable TCP and UDP transport services by creating a shim-layer between the application and the transport layers. The SOCKS protocol includes a negotiation step whereby the server can dictate which authentication mechanism it supports. (3) A networking-proxy protocol that enables full access across the SOCKS server from one host to another without requiring direct IP reachability. (4) The SOCKS server authenticates and authorizes the requests, establishes a proxy connection, and transmits the data. (5) SOCKS are commonly used as a network firewall that enables hosts behind a SOCKS server to gain full access to the Internet, while preventing unauthorized access from the Internet to the internal hosts. SOCKS is an abbreviation for SOCKetServer.

Softlifting

Illegal copying of licensed software for personal use.

Software

The computer programs and possibly associated data dynamically written and modified.