Glossary

ASD-Approved Cryptographic Algorithm

ASD-Approved Cryptographic Protocol

Australian Bureau of Statistics

Australasian Certification Authority

The ACCSE program is part of Australia's $230 million Cyber Security Strategy launched by the Prime Minister on 21 April 2016.

Australian Competition and Consumer Commission

The process of granting or denying requests for access to systems, applications and information. It can also refer to the process of granting or denying requests for access to facilities.

A system permitting access to multiple security domains from a single client device.

The illegal practice of collecting email accounts from information in the public domain or by using software to search for email addresses stored locally on a computer. Account harvesting may be used for spamming.

Academic Centres of Cyber Security Excellence

ASD Cryptographic Evaluation

Australian Communication Exchange Limited

Australian Criminal Intelligence Commission

Australian Communications and Media Authority

Australian Cybercrime Online Reporting Network (replaced by ReportCyber)

Adobe Acrobat is software used to view, create, edit and manage PDF files

Australian Communications Security Instruction

The principle of proactively implementing a spectrum of security measures to strengthen a network or system to make it more robust against attack. Active defence is separate from offensive cyber operations, as well as passive defence or network hardening.

Note that some references to active defence focus on the employment of limited offensive action and counterattacks – commonly referred to as ‘hacking back’. The term active defence is not synonymous with ‘hacking back’, so these terms should not be used interchangeably.

Software that prevents advertisements from appearing with the content the user is intentionally viewing. People block ads for a variety of reasons. For example, many of them find marketing ads annoying and even stressful.

Australian Data and Digital Council

Adobe Inc, previously known as Adobe Systems Inc, is an American multinational computer software company headquartered in San José, California.

Computer software for using content created with Adobe Flash, including viewing multimedia content, executing rich internet applications, and streaming audio and video.

A free program created and distributed by Adobe Inc used to open PDF documents. PDFs can be a wide variety of files, such as images, text documents, forms, books, or any combination of these. They are cross-platform, meaning each PDF will look the same on a Windows computer as it will on a Mac.

A set of malicious cyber activity with common characteristics, often orchestrated by a person or group targeting specific entities over an extended period. An APT usually targets either private organisations, states or both for business or political motives.

An opinion recommending a course of action to be taken given the circumstances relating to a single moment or decision.

A type of ACSC publication that provides timely information and advice about current security issues, vulnerabilities, and exploits.

A program that displays advertisements that can be installed legitimately as a part of another application or service, or illegitimately without the consent of the system user.

Advanced Encryption Standard

Australian Federal Police

A secondary market of an industry, concerned with the manufacturing, remanufacturing, distribution, retailing, and installation of all parts, equipment, and accessories, after the sale of the device by the original equipment manufacturer to the consumer.

Australian Government Access Only

Compilations of information that, once together, may require a higher level of protection than their separate component parts.

Authentication Header

A network security measure employed on one or more computers to ensure that the network is physically isolated from any other network. This makes the isolated network secure, as it does not connect to unsecured networks such as the public internet or an unsecured local area network.

AirPort Express, AirPort Extreme (Wi-Fi) and AirPort Time Capsule (Wi-Fi HDD).

Australasian Information Security Evaluation Facility

Australasian Information Security Evaluation Program

An ACSC publication intended to provide timely notification concerning threats or activity with the potential to impact individuals, businesses, organisations, government, devices, peripherals, networks or infrastructure.

Amazon.com Inc is an American multinational technology company based in Seattle, focusing on e-commerce, cloud computing, digital streaming and artificial intelligence.

A comprehensive, evolving cloud computing platform provided by Amazon that includes a mixture of infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and packaged software-as-a-service (SaaS) offerings.

A mobile operating system developed by Google. It is used by several smartphones and tablets. The Android operating system is based on the Linux kernel.

American National Standards Institute

Software that is designed to detect, stop and remove viruses and other kinds of malicious software.

Access Point

Application

Apple Inc. is an electronics and software company based in California, USA. Originally known as Apple Computer.

An authentication method used by Apple for iPhone, iPad, Mac and other Apple devices and services. Apple ID accounts contain user personal information and settings. When an Apple ID is used to log into an Apple device, the device will automatically use the settings associated with the Apple ID.

Help and support service provided by Apple.

A software program or group of software programs designed for end users. Examples of an application include a word processor, a spreadsheet, an accounting application, a web browser, an email client, a media player, a file viewer, an aeronautical flight simulator, a console game or a photo editor. The collective noun application software refers to all applications collectively. This contrasts with system software, which is mainly involved with running the computer.

An approach in which only an explicitly defined set of trusted applications are allowed to run on systems.

Australian Prudential Regulation Authority

Advanced Persistent Threat

A place where an accumulation of computer files is stored. It could be disk storage, a flash drive, a backup disk drive, an online backup service, an indexing internet page, etc.

The simulation of intelligence processes by machines, especially computer systems. These processes include learning (the acquisition of information and rules for using the information), reasoning (using the rules to reach approximate or definite conclusions), and self-correction. Particular applications of AI include threat identification, expert systems, speech recognition and machine vision.

Australian Signals Directorate

An Australian Signals Directorate (ASD) program that analyses products to determine whether their security architecture and cryptographic algorithms have been implemented correctly and are strong enough for the product's intended use.

Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)

Australian Securities and Investments Commission

Australian Security Intelligence Organisation

Anything of value, such as ICT equipment, software or information.

Advanced Technology Attachment

Australian Taxation Office

The amount of ICT equipment and software used in a system. The greater the attack surface the greater the chances of a malicious actor finding an exploitable vulnerability.

The process of assessing the source, perpetrator or sponsor of malicious activity. Statements of attribution often use probabilistic language and indicate the level of confidence in the assessment.

A chronological record of system activities including records of system access and operations performed.

A chronological record that reconstructs the sequence of activities surrounding, or leading to, a specific operation, procedure or event.

Australian Eyes Only

The independent Australian Government statistical agency that provides key statistics on a wide range of economic, population, environmental and social issues, to assist and encourage informed decision-making, research and discussion within governments and the community.

A charity whose purpose is to provide communication assistance for the deaf and hearing-impaired community.

An Australian Government statutory authority within the federal Communications portfolio.

An Australian Government statutory authority mandated to protect consumer rights, business rights and obligations, perform industry regulation and price monitoring and prevent illegal anti-competitive behaviour.

An Australian Government law enforcement agency that has specialist investigative capabilities and delivers and maintains national information-sharing systems.

Replaced by ReportCyber

Information not to be passed to or accessed by foreign nationals.

The enforcer of Commonwealth criminal law, the AFP combats complex, transnational, serious and organised crime impacting Australia's national security and protects Commonwealth interests from criminal activity in Australia and overseas.

Information not to be passed to or accessed by foreign nationals, with the exception of those foreign nationals seconded to Australian government agencies.

A program that evaluates products in order to protect systems and data against cyber threats. These evaluation activities are certified by the Australian Certification Authority.

A program under which evaluations are performed by impartial bodies against the Common Criteria. The results of these evaluations are then certified by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), which is the Australian Certification Authority responsible for the overall operation of the program.

A program run by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) that helps to reduce malicious software (malware) infections and service vulnerabilities occurring on Australian internet protocol address ranges. It operates as a public-private partnership where Australian internet providers voluntarily work with the ASD's ACSC to help protect their customers from cyber security threats.

An Australian Government statutory authority that is the prudential regulator of the Australian financial services industry.

Australia's national security agency responsible for the protection of the country and its citizens from espionage, sabotage, acts of foreign interference, politically-motivated violence, attacks on the Australian defence system, and terrorism.

An Australian Government statutory agency responsible for foreign signals intelligence, cyber warfare and information security.

The Australian Government's lead for cyber security. The ASD's ACSC is part of the Australian Signals Directorate.

The principal revenue collection agency of the Australian Government. Its role is to effectively manage and shape the tax and superannuation systems that support and fund services for Australians.

Verifying the identity of a user, process or device as a prerequisite to allowing access to resources in a system.

A protocol used in Internet Protocol Security (IPsec) that provides data integrity and data origin authenticity but not confidentiality.

An executive with the authority to formally accept the security risks associated with the operation of a system and to authorise it to operate.

The assurance that systems and information are accessible and useable by authorised entities when required.

Amazon Web Services