Send email Copy Email Address

CISpA IT-Glossary

Principle for the clear identification of responsibility or authorship for (digital) processes and constructs, with the aim of ensuring accountability. This also predicates the assignment of competence, for example, as to who has access to certain data or who can access a server.

The term is generally referred to as an application that is divided into several steps in order to solve a task or problem. In the form of computer programs, algorithms control computers and machines.

A person who manages computer systems and networks and has extensive access rights.

Comprises various methods and procedures that aim to implement human intelligence, in particular problem-solving and decision-making processes, with the help of machines.

Enables hidden access to a computer, bypassing existing security mechanisms. Can either be deliberately built in by developers to gain access for service purposes or secretly installed by malware.

The backend contains the non-visible parts of a website, including databases, servers and code. The backend processes data that is displayed in the frontend.

A security copy of data that is usually stored outside a computer, e.g., on an external hard disk, a server or in the cloud, so that it can be restored in the event of accidental data loss.

A decentralized database that is distributed across several computers, in which new blocks of data are attached to old ones like a chain. Once data is stored, it is immutable. The (mathematical) chaining within and between the blocks makes it possible to determine the correctness of the data and is virtually impossible to manipulate. The best-known field of application is cryptocurrency.

Abbreviation of "robot". A program that autonomously performs predefined tasks without human guidance. Internet search engines, for example, use these programs to search the web and answer queries.

A group of malicious bots installed on networked computers without the user’s knowledge and able to communicate with each other or only with the operator. Botnet operators can control them remotely, e.g., to initiate DDoS attacks.

Computer program for displaying content from the Internet. The most popular browsers are Google Chrome, Mozilla Firefox and Safari from Apple.

An attempt by hackers to obtain a password or encryption by systematically trying out all possible combinations. Although it can be very time-consuming, this type of attack often succeeds against weak passwords.

Error in the software code leading to unexpected behavior. This can lead to a software crash, incorrect output, or even the system being taken over by attackers.

Physical pathway for exchanging data between different components of a computer. A well-known bus is the USB (Universal Serial Bus).

Temporary storage for frequently used data in order to speed up the data access. It is often used in processors, hard disks, but also in browsers.

The CPU is the main processor of a computer that processes most of the data and commands. The CPU reads data and code from the memory, executes the code and writes back the results.

Procedure for creating a secure connection between an RF chip and the corresponding reader. Using a secret key, the reader checks the authenticity of the document containing an RF chip.

Software or hardware that allows users to access services from servers. A web browser, e.g., is a client program that makes available services from web servers.

A network of servers accessible via the internet, where software and databases can be run and data can be stored.

1. translation of characters and words from one language to another, e.g., in encryption

2. instructions as part of programs that are executed by a computer in order to perform tasks or solve problems.

A system for transmitting data between different control units that is commonly used in cars.

Text files the web browser stores on the computer that clearly identify the users of a website.

A defense mechanism, especially against cross-site scripting, consisting of a list of rules that define from where a website may load images, scripts or similar content.

Refers to various forms of personalized information used to prove user identities to a system. These include user names, passwords, or biometric data.

Exploiting the security vulnerabilities of websites to implement malicious code from outside into initially trustworthy websites or documents, often using the JavaScript language.

Refers to methods for the secure conception, definition and construction of information systems for secure data transmission. Along with cryptanalysis, cryptography is part of the scientific field of cryptology.

All measures that protect personal and secret information of private individuals, companies and government institutions from abusive data collection and processing. It also includes the protection against sabotage or damage to systems.

Parts of the World Wide Web that are only accessible via certain browsers (e.g., TOR browser) and that guarantee users a high degree of anonymity. The dark web is heavily used by criminal organizations.

When users are persuaded by manipulative designs or applications to perform actions that run counter to their original interests or intentions, this is referred to as a dark pattern.

Process for localizing and fixing errors in the code of computer programs.

Computer-generated or modified text, audio, photo or video files that are not recognizable as such by humans. Deepfakes are created with the aim of misleading users, e.g., in order to impute statements to politicians. Derived from "deep learning" and "fake".

A subfield of machine learning that uses artificial neural networks consisting of several layers to solve complex problems, e.g., in image and speech recognition.

Unique, globally available name of a website that can be accessed via the World Wide Web and consists of different levels (third-level domain, second-level domain, top-level domain). Top-level domain refers to the suffix at the end of a domain, such as org, net or de.

Denial-of-service attacks generate a large number of accesses to a system (e.g., websites or networks) in order to overload it and make it inaccessible. If this attack is carried out by many systems simultaneously (e.g., by a botnet), it is referred to as a "distributed" denial-of-service attack.

Disclosure of private identifying information about people on the internet without their consent, usually in order to harm them. Doxxing is a form of bullying and can be prosecuted under criminal law.

Electronic proof of identity, such as the online ID function on an ID card or passport.

Process of converting confidential data into a code with a secret key to prevent unauthorized access to it.

Method for the encryption of data, used in many messenger services. The data or messages are encrypted by the sender and can only be decrypted by the intended recipients.

In information technology, entropy describes the degree of randomness inherent in a system or a sequence of information. In cyber security, the term also refers to the strength of passwords or keys. The higher the entropy, the more difficult the password can be cracked.

Attacking security systems on behalf of their owners in order to find and close security gaps. Also referred to as white hat hacking, in reference to the fact that the good guys in Western movies often wear white hats.

The utilization of a vulnerability in program code to execute unintended functions or commands. Usually allows attackers to gain control of a system or cause damage.

Open and license-free standards for authentication processes on the Internet. The FIDO alliance was officially launched in early 2013 by various globally active digital companies.

A kind of multi-factor authentication that provides a strong authentication method on the Internet not using a password but a secret key, usually in conjunction with biometric features, hardware keys or smart cards.

Identifies and filters unwanted network communication and is used to protect networks and computers from external attacks.

Graphical user interface of a website or software application that is visible to viewers and on which they can interact. The front end cooperates with the back end, which processes the data.

Automated testing where software repeatedly receives randomly generated data as input. This technique primarily detects problems caused by unintentional input and is therefore particularly important for the security of programs.

Denotes a machine learning model consisting of two competing neural networks. GANs are capable of generating realistic images and texts.

European Union regulation, implemented in 2018, that standardizes the rules for processing personal data. It defines how institutions may collect, store and process personal data.

People who employ technical knowledge to use devices or software beyond their intended purpose. Hackers can act out of altruistic motives or technical interest, as well as for financial gain. Their motives determine what they use their findings for.

A target on the Internet, a server for example, that pretends to contain valuable data. This “honeypot” is created with the intention of encouraging attacks in order to learn about attack methods and/or identify attackers.

Unlike HTTP (without S), this is an encrypted protocol for transmitting websites on the Internet, which prevents third parties from intercepting communication with websites.

In information technology, infrastructure refers to the system consisting of hardware, software and other service components that is necessary for the execution of specific IT processes.

Term describing the interface between different parts or components of a communication system. Distinctions are made, for example, between data interface, hardware interface, network interface, etc.

Address by which a computer can be reached on the Internet as part of the Internet Protocol (IP). Originally composed of four numbers (in the form of, but now extended to longer series of numbers. Due to the unhandy nature of the numbers, the IP address is usually translated into a URL.

A programming or scripting language that is an extension of HTML and that enables the display of dynamic and interactive web pages. Enables, for example, the adaptation of web pages to different devices and screen sizes.

One of the most important principles of modern cryptography, which states that the security of a cryptosystem must only be guaranteed by keeping the key secret, not by keeping the encryption procedure secret.

Refers to the unauthorized publication of information on the Internet and the loss of data that ensues for users.

Refers to the derivation of knowledge from large data sets. By recognizing patterns in known data, models are created for the prediction of future developments, such as the best route in a automotive navigation system.

Software that is used to access third-party systems and/or intercept data. Combination of "malicious" and "software".

Attack in which an adversary is located between two communication partners and pretends to be the respective other partner. This can also refer to the connection between two websites or a user and a website.

An attack on a hardware vulnerability in modern processors, in which the memory content of other programs can be read via side channels and thus data can be stolen. The name is based on the 'melting' of the border between different programs and the operating system by exploiting the vulnerability.

Refers to the internal details of a processor. The microarchitecture determines how a processor executes instructions and processes data.

Application-neutral programs that mediate between applications in such a way that the complexity of these applications and their infrastructure are hidden.

Software whose program code can be accessed and used freely (but there may be restrictions on commercial use).

Software installed on a computer that, together with the hardware, enables the operation of the computer by controlling the interaction of hardware and software and enabling the execution of application programs.

Computer program which converts semi-structured or unstructured data, such as text or web sites, into a structured format. In practice, a parser ensures, for example, that the HTML code of a website is displayed correctly by a browser.

Simulated attack on a computer system, performed to assess its security measures and detect its vulnerabilities before they can cause problems.

Composed of the terms "Phishing" and "farming". This is another way of obtaining personal data, but without the fake links used in phishing.

Using fake messages to trick users into revealing their private data, such as passwords. Composed of the terms "password" and "fishing".

A software-defined number assigned to a network protocol, which enables data transmission and communication between servers on the Internet. In hardware, a port is a socket to which peripheral devices can be connected.

Refers to the consideration of data protection as early as the planning and design of software and hardware for data processing. Subsequent inclusion of such considerations is usually difficult and expensive or proves to be impossible.

Serves as an interface between a computer and the Internet, such that all data connections are routed through the proxy server. The proxy can, e.g., limit access to certain content or accelerate access by locally caching frequently used data.

Malware that encrypts data on a computer, making it inaccessible. The encryption can only be reversed by the correct key, which is (usually) revealed in exchange for a ransom payment.

Network devices that enable data exchange, e.g., to establish Internet access, by forwarding network packets between different computer networks.

Software that captures screen content and makes it available to blind or visually impaired people with the help of voice output, character magnification or Braille characters.

Refers to hardware components such as special USB devices that are used for the identification and authentication of users.

Link that refers to another file or directory. Also a keystroke combination that allows users to complete tasks more quickly.

Social Engineering method to spy out private data like PINs or passwords. Data are obtained by secretly observing users and looking over their shoulders.

A so-called side channel can unintentionally leak data. This usually involves physical changes that allow conclusions to be drawn about non-public data (processing), e.g., differences in heat dissipation or processor response times depending on the executed operation.

The undetected reading of bank or credit cards at manipulated cash machines and payment terminals in order to create a copy of the card. The associated PIN is usually also obtained in the process.

Exploiting people as a vulnerability with the aim of manipulating them into voluntarily disclosing otherwise protected information. One example of this is Phishing.

Attacks on hardware vulnerabilities in modern processors, in which the memory content of programs can be read via side channels and thus data can be stolen. This is based on the exploitation of speculative code execution: Code is executed by way of precaution and, if it is not needed, the results are reverted. But, exploiting the vulnerability, memory changes can still be accessed.

Faking a trustworthy message or website, or its originator, in order to gain unauthorized access to networks or data.

Network for anonymizing Internet traffic to enable private surfing on the Internet. This is realized via the TOR browser, which anonymizes the connection data.

Successor protocol to SSL (Secure Sockets Layer) for secure data transmission on the Internet. The protocol ensures that data is encrypted during the transmission between client and server.

A program that feigns usefulness but that is actually used to introduce malicious code. The term derives from the Trojan Horse which, according to legend, was used by the Greeks to enter besieged Troy.

Isolated environment, separated from other applications, on a main processor or an own processor, for storing protected data or running secure applications. This allows for, e.g., the secure storage of biometric data on certain devices.

This means an extension of the options for secure login to web services (e.g., using a password or PIN). The term refers to the fact that two different components are required as proof of identity for login.

Secure tunnel between computers facilitating the encrypted transmission of data over an insecure network.

Malicious code that can reproduce itself by integrating itself - often unnoticed - into other programs and modifying them so that they spread it. Often serves for spreading Malware.

Refers to a weakness in computer systems that allows for their manipulation or takeover or for stealing data.

A method used by hackers to exploit a previously unknown and unresolved vulnerability in the program code. "Zero-day" refers to the fact that the vulnerability was not known to the developers until the attack.