Glossary of Content Security Terms

 

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

 

A

access control list (ACL)
A table that tells a computer operating system which access rights each user has to a particular system object, such as a file directory or individual file.
 
Acceptable Use Policy (AUP)
Rules and regulations governing the use of organizational email and Internet browsing.
Active Directory
The directory service implemented in the Windows 2000 or later environment to store often accessed information. It contains information about users, groups, computers, organizational units, and domains.
alert
An indication of a significant event. Alerts are generated by MailMarshal and WebMarshal services.
array
A group of MailMarshal SMTP email processing servers, or WebMarshal servers, that implement the same usage policies. Arrays can be local, or geographically distributed.
array manager
A MailMarshal SMTP service that controls configuration for all email processing servers and connects to the MailMarshal database. Also, the server running the array manager service.
ASP
Application Service Provider. An organization that provides hosted computing services.
attribute
Computer characteristic, typically defined by a registry key or value.

B

Bayesian filtering
A method of constructing and refining groups of similar material, based on probabilities, using methods derived from the theories of Thomas Bayes. Bayesian methods are commonly used to classify and filter Spam.

C

Children's Internet Protection Act (CIPA)
A U.S. law requiring institutions to limit children's exposure to inappropriate material online.
component
Individual part of a software implementation that performs a specific function. For example, in MailMarshal an email processing server, Array Manager, or database is considered a component.
computer name
A name that uniquely identifies a computer on a network. The computer name cannot be the same as any other computer or domain name on the network. The network uses the computer name to identify the computer and to allow other users to access the shared resources on that computer.
Configurator
In MailMarshal, the interface that allows you to edit email policy and configure email delivery and server settings.
Console
In MailMarshal, the interface that allows you to monitor email traffic and manage quarantined email. Intended to be used by email administrators, managers, and help desk personnel.
In WebMarshal, the interface that allows you to edit Web access policy, monitor sessions in real time, and configure server settings.
cookie
A small packet of data that stores information on a web user's computer. Cookies are typically used to enable Web sites to track visits and remember visitors' details

D

Data Protection Act
in the UK, a law setting requirements and standards of privacy in the processing of personal data.
Denial of Service Attack (DoS)
An attempt to cause the target organization to lose access to common business services, such as e-mail. In an e-mail DoS attack, the attacker floods email servers with messages, causing the email servers to slow down or cease operation.
Directory Harvest Attack (DHA)
An attempt to identify valid email addresses by sending randomly-addressed messages to an email server in a corporate network. When a message reaches a recipient without being bounced back, the attacker enters the valid address in a database used for sending spam.
distinguished name
An address format used to locate and access objects in an X.500 directory using the LDAP protocol. This format specifies the complete path to the object through the hierarchy of containers in a domain. Each distinguished name is unique. For example, in Windows 2000 or later a user object with the common name J. Doe in the organizational unit container called Users on the domain marshal.com might be represented as follows:

CN=JDoe,OU=Users,DC=Marshal,DC=com
DLL
A library of executable functions or data that can be used by a Windows application. Typically, a DLL provides one or more particular functions and a program accesses these functions.
DMZ
A part of an organization's network that has controlled access both to the Internet and to the organization's internal network. Servers that provide gateway services for an organization are typically located in a DMZ.
DNS
See Domain Name Service (DNS)
DNS blacklist
A service that provides an automated response through the DNS protocol. DNS blacklists typically attempt to list email servers that are associated with Spamming, open relays, or other unacceptable behavior.
Domain Name Service (DNS)
The Internet service that translates domain names into IP addresses.

E

eDirectory
An X.500 directory service created and supported by Novell.
email processing server
A MailMarshal SMTP server that accepts SMTP email messages and takes action as defined in the organization's email policy.
event
Any significant occurrence in the system or application that requires user notification or an entry to be added to an event log.
event log
A record of any event that happens on a server. In Windows, events are stored in the System, Security, or Application log.
Exchange Server
Microsoft's enterprise email and collaborative communications server
Extended Simple Mail Transfer Protocol (ESMTP)
A standard that defines optional additions to the SMTP email protocol.
Extensible Markup Language (XML)
A data tagging language that permits the storage and interchange of structured data. Marshal products use XML for import and export of configuration information.

F

fault tolerance
The ability of a product to respond to a catastrophic event (fault) that ensures no data is lost and that any work in progress is not corrupted.
FTP
File Transfer Protocol. An Internet protocol for the efficient transfer of data files.
FileFilter
In WebMarshal, a filtering list implementation allowing categories to be synchronized from flat text files.
filtering list
A database of Web site addresses grouped into categories of similar content, used to allow controlled access to particular types of content.
firewall
A security system that is placed between the Internet and an organization's network, or within a network, and only passes authorized network traffic.

G

Gramm-Leach-Bliley Act (GLBA)
The Financial Services Modernization Act (USA), signed into law in 1999, and known by the names of its legislative sponsors. The Act includes a number of provisions related to privacy of consumer financial data, including a definition of privacy policies and policies for disclosure of information.

H

Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act of 1996 (USA). The Act places specific requirements on healthcare and related organizations covering how they manage electronic communication with, and about, patients.
HTTP
Hypertext Transfer Protocol, the standard for transmission of Web pages.
hyperlink
An emphasized portion of text on a window that, when clicked, opens another document or window.

I

image spam
Spam email that delivers its message using one or more images. The message is usually not included in the text of the email.
IMAP 4
Internet Message Access Protocol 4. A standard for communication between email clients and servers, where the message is generally stored on the server.
IP
In computer networking, the Internet Protocol: a standard that defines data transmission standards over the Internet.
In law and business, Intellectual Property: the legal rights that apply to intangible inventions such as design and know-how.
ISA Server
Microsoft's active Internet proxy server software

J

JavaScript
A simple programming language, pioneered by Netscape, widely used for DHTML and other client-side Web scripting.

K

No Glossary entries

L

Lightweight Directory Access Protocol (LDAP)
A network protocol used to extract information from a hierarchical directory such as X.500. Examples of LDAP accessible directories are Microsoft's Active Directory and Novell eDirectory. Objects in an LDAP directory are identified by their distinguished names.
local area network (LAN)
A group of computers in the same place that are connected and typically have the same network operating system installed. Users on a LAN can share storage devices, printers, applications, data, and other resources.

M

mailbox
A disk storage space assigned to a user account to receive incoming email messages.
MDAC
See Microsoft Data Access Components (MDAC).
Microsoft Data Access Components (MDAC)
A set of network libraries and programming interfaces designed to allow client applications to connect to data providers such as SQL databases.
Microsoft Management Console (MMC)
A common interface designed to host administrative tools for networks, computers, services, and other system components.
Multi-Purpose Internet Email Extensions (MIME)
A standard that permits transmission of content other than text through SMTP email.
Microsoft SQL Server Desktop Engine (MSDE)
A freely distributable limited version of SQL Server 2000. The equivalent for SQL Server 2005 is SQL 2005 Express.

N

NASDRule3010
The National Association of Securities Dealers (USA) Rule 3010, as applied to electronic mail, requires that management be able to inspect customer communications to ensure that they are in compliance with regulations.
Novell Directory Services (NDS)
See eDirectory

O

open relay
An email server that accepts messages from any server for delivery to any other server. Open relays are often exploited by Spam senders.

P

permissions
Authorization for a user to perform an action, such as sending email messages for another user or posting items in a public folder.
PGP
Pretty Good Privacy, a standard for public-key encryption of email.
phishing
The practice of tricking unsuspecting customers of a business into imparting their confidential information for illegal use.
port
An interface used to send and receive data. In software networking, port addresses allow specific programs to handle particular protocols through the same hardware interface.
Post Office Protocol 3 (POP3)
A standard protocol used by email client software to retrieve email messages from a server.
protocol
A standard that defines a format for data transfer between computer systems. Common Internet protocols include TCP/IP, SMTP, HTTP, and FTP.

Q

queue
A storage structure in which a set of items are held until they can be processed. For example, when MailMarshal SMTP receives email messages, the messages are stored in a queue until the MailMarshal Engine can process them.

R

registry
A database repository for information about the computer configuration. The database is organized in a hierarchical structure of sub trees and their keys, hives, and value entries.
regular expressions
Search criteria for text pattern matching that provide more flexibility than simple wildcard characters.
relaying
Sending an email message to an email server for delivery to another server. See open relay.
remote procedure call (RPC)
A standard protocol for client server communication that allows a distributed application to call services available on various computers in a network.
Return on Investment (ROI)
A quantified measure of the value or benefit resulting from an expenditure, such as a software purchase. Usually based on a calculation of enhanced productivity derived from the use of the product.
RSA
The public key encryption approach commonly applied for email encryption. RSA is an acronym of the names of the inventors, Rivest, Shamir, and Adleman.

S

S/MIME (Secure / Multipurpose Internet Mail Extensions)
A standard for public key encryption and signing of e-mail, as an extension of the MIME standard.
Sarbanes Oxley Act (SOX)
The Sarbanes-Oxley Act of 2002 (USA) holds the management in charge of corporate disclosures personally accountable for its actions. The Act amends mail and wire fraud infractions with harsher punishments and imposes fines and prison sentences of up to 20 years for anyone who knowingly alters or destroys a record or document with the intent to obstruct an investigation. Email messages and attachments are treated by the courts as business records that must be retained to achieve regulatory compliance.
scalability
The ability of software to efficiently accommodate increasing demand and larger volumes of data.
SEC Rule 17a-4
The U.S. Securities and Exchange Commission, which regulates financial organizations, has implemented a very comprehensive and specific set of rules for the management of electronic communications. These mandates include storage of duplicate copies, maintenance of indices, and the ability to present stored messages for inspection and review.
security identifier (SID)
A unique value in Windows NT and Windows 2000 or later that identifies a user account, group, or computer account in a domain.
server
A computer that provides information, software, and services to other computers in a network.
service account
In Windows NT and Windows 2000, a user account that a service uses to log on to Windows NT or Windows 2000. The account must have the specific rights and permissions required by that service.
Simple Mail Transfer Protocol (SMTP)
A member of the TCP/IP suite of protocols. The standard governing email delivery over the Internet.
SMTP
See Simple Mail Transfer Protocol (SMTP).
snap-in
An administrative application component designed to be hosted by the Microsoft Management Console (MMC).
Spam
Unsolicited email messages, usually of a commercial nature.
SpamCensor
The proprietary Spam detection technology incorporated in MailMarshal SMTP and MailMarshal Exchange. SpamCensor includes a multi-faceted message analysis tool and regular definition updates.
Spam Quarantine Management Website
Interface that allows a user to review and release their email messages that MailMarshal SMTP has quarantined.
spyware
malicious software that performs many different functions, including delivering unrequested advertising (pop-up ads), harvesting private information and monitoring a user's activities.
spoofing
Disguising the sender address of an email message to make it appear as though it is from another person, usually for malicious reasons.
SQL Server
Microsoft's enterprise database server software.
Structured Query Language (SQL)
A standard programming language used to retrieve information from databases.

T

Total Cost of Ownership (TCO)
The cost of deploying a software product over time, including hardware, administrative time, maintenance fees, and other aspects.
TCP
Transmission Control Protocol, a basic standard for Internet data transmission.
TextCensor
The lexical analysis engine included in MailMarshal SMTP, MailMarshal Exchange, and WebMarshal. TextCensor allows you to scan email messages and attachments, or Web documents, for complex text content. TextCensor allows you to use Boolean and proximity operators and numerical weighting.
Transport Layer Security (TLS)
A protocol intended to secure and authenticate communications (such as e-mail) across public networks by using data encryption.
Trojan
A disguised computer program (virus) that appears harmless but produces unwanted effects.

U

UDP
User Datagram Protocol, a basic standard for Internet data transmission.
Uniform Resource Locator (URL)
The addres of an item on the Internet.
URLCensor
A feature in MailMarshal and WebMarshal that uses DNS Blacklists to categorize material related to Spam.

V

Virus
Malicious software code that attempts to spread itself by attaching to, or hiding in, an innocent file.

W

Web Console
In MailMarshal SMTP, the interface that allows you to perform Console functions from any workstation that can run Microsoft Internet Explorer. See Console.
wildcard character
A character in a search pattern that represents a number of arbitrary characters within the text being searched.
Worm
A virus program that distributes multiple copies of itself. Unlike a standard virus, a worm typically seeks out information residing on a computer (for instance, using an address list to replicate itself).

X

X.500
A global, hierarchical directory service. For example, a domain controller hosting Active Directory on a network running Windows 2000 or later provides an X.500 directory service.
XML
See Extensible Markup Language (XML).

Y

No Glossary entries

Z

No Glossary entries