Skip to main content
. 2 3 A B C D E F G H I J K L M N O P Q R S T U V W X Z



High Assurance Cryptographic Equipment


The unauthorised exploitation of weaknesses in a computer system or network.


A computer expert that can gain unauthorised access to computer systems. Hacker is an agnostic term and a hacker does not necessarily have malicious intent.

See ‘Black Hat’, ‘Grey Hat’, and ‘White Hat’.


A hacker whose motivation is political, religious, or ideological, as opposed to criminal.

Handling requirements

An agreed standard for the storage and dissemination of information to ensure its protection. This can include electronic information, paper-based information or media containing information.


A generic term for ICT equipment.

Hardware vulnerabilities

A hardware vulnerability is an exploitable weakness in a computer system that enables attack through remote or physical access to system hardware.

Hardware-based security (hardsec)

Hardware-based security is vulnerability protection that comes in the form of a physical device rather than software that is installed on a computer system.

Hash-based Message Authentication Code Algorithms

A cryptographic construction that can be used to compute Message Authentication Codes using a hash function and a secret key.

High Assurance Cryptographic Equipment

High assurance ICT equipment containing cryptographic logic and components that have been designed and authorised for the protection of highly classified information.

High Assurance evaluation

The rigorous investigation, analysis, verification and validation of ICT equipment by ASD against a stringent security standard.

High Assurance evaluation program

The High Assurance Evaluation program involves rigorous analysis and testing to search for any security vulnerabilities in products.

High assurance ICT equipment

ICT equipment that has been designed and authorised for the protection of highly classified information.

High risk vendor

part of supply chain management

Highly classified information

Information that requires the highest level of security to protect its confidentiality (i.e. information marked SECRET or TOP SECRET).


Host-based Intrusion Prevention System


Hashed Message Authentication Code


A hoax is a falsehood deliberately fabricated to masquerade as the truth.

Hoax emails

An email hoax is a scam that is distributed in email form. It is designed to deceive and defraud email recipients, often for monetary gain.


A computer system designed specifically to attract potential malicious actors in order to inform the development of defensive measures and responses.

Host-based Intrusion Detection System

Software, resident on a system, which monitors system activities for malicious or unwanted behaviour.

Host-based Intrusion Prevention System

Software, resident on a system, which monitors system activities for malicious or unwanted behaviour and can react in real-time to block or prevent those activities.


An area where wireless internet access is available to the general public.


HTTP Strict Transport Security


Hypertext Markup Language


Hypertext Transfer Protocol

HTTP Strict Transport Security

HTTP Strict Transport Security is a web security policy mechanism that helps to protect websites against man in the middle attacks such as protocol downgrade attacks and cookie hijacking.


Hypertext Transfer Protocol Secure


Hummingbad is Android malware. Researchers say that the malware installs more than 50,000 fraudulent apps each day and displays 20 million malicious advertisements.

Hybrid hard drive

Non-volatile magnetic media that uses a cache to increase read/write speeds and reduce boot times. The cache is normally flash memory media or battery backed random-access memory (RAM).

Hypertext Transfer Protocol

Hypertext Transfer Protocol is the fundamental protocol used for transferring files on the internet.

Hypertext Transfer Protocol Secure

Hypertext Transfer Protocol, with the "S" for "Secure." The Hypertext Transfer Protocol (HTTP) is the basic framework that controls how data is transferred across the web, while HTTPS adds a layer of encryption for additional security.