Security

/ˌstɛɡəˈnɒɡrəfi/

noun — "hidden communication within digital media."

Steganography is the practice of concealing information within another medium so that the presence of the hidden message is not detectable to casual observers. Unlike cryptography, which focuses on making data unreadable to unauthorized parties, steganography emphasizes secrecy by embedding information in a way that appears innocuous or ordinary. Common digital mediums include images, audio files, video streams, and text documents.

/roʊl beɪst ˈæk.sɛs kənˌtroʊl/

noun — "permissions assigned by roles."

Role-Based Access Control, abbreviated RBAC, is an access control methodology where permissions to perform operations on resources are assigned to roles rather than individual users. Users are then assigned to these roles, inheriting the associated permissions. This model simplifies administration, improves security, and scales efficiently in environments with many users and resources.

/ˈæk.sɛs kənˌtroʊl/

noun — "governing who can use resources."

Access Control is a system or methodology used to regulate which users, processes, or devices can interact with resources within computing environments, networks, or information systems. It ensures that only authorized entities are allowed to read, write, execute, or manage specific resources, thereby protecting data integrity, confidentiality, and availability.

/ˌɛs.maɪm/

noun — "locking email so only the intended reader can open it."

S/MIME, short for Secure/Multipurpose Internet Mail Extensions, is a standard for securing email messages using encryption and digital signatures. It provides confidentiality, message integrity, authentication, and non-repudiation for email communications by relying on public key cryptography.

/aɪ.piː.ɛs/

noun — "the security guard that stops attacks in their tracks."

IPS, short for Intrusion Prevention System, is a network security device or software that monitors traffic for malicious activity and takes immediate action to block or prevent threats. Unlike IDS, which only detects and alerts, an IPS actively intervenes to stop attacks, unauthorized access, and malware in real time.

/aɪ.diː.ɛs/

noun — "the alarm system that spots network threats before they strike."

IDS, short for Intrusion Detection System, is a security tool that monitors network or system activity for suspicious behavior or policy violations. It identifies potential attacks, unauthorized access, and malicious activity, alerting administrators so they can respond quickly.

/siː-mæk/

noun — "the cryptographic signature that proves a message hasn’t been tampered with."

CMAC, short for Cipher-based Message Authentication Code, is a cryptographic algorithm used to verify the integrity and authenticity of messages. It generates a fixed-size tag from a variable-length message using a block cipher, such as AES, ensuring that any alteration in the message can be detected.

/ˈfaɪər.wɔːl/

noun — "the digital gatekeeper that keeps networks safe."

Firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predefined security rules. It protects networks, devices, and applications from unauthorized access, malware, and cyberattacks while allowing legitimate communications to pass through.

/ˌoʊ.siːˈɛs.piː/

noun — "the real-time check that keeps digital certificates honest."

OCSP, short for Online Certificate Status Protocol, is a network protocol used to obtain the real-time revocation status of a digital certificate within a PKI framework. Unlike CRLs, which are periodically published lists, OCSP allows clients to query a Certificate Authority (CA) directly to verify whether a certificate is valid, revoked, or unknown.

/ˌsiː.ɑːrˈɛl/

noun — "the blacklist that keeps revoked certificates in check."

CRL, short for Certificate Revocation List, is a digitally signed list of certificates that have been revoked before their scheduled expiration within a PKI system. It enables systems and applications to verify that a digital certificate is no longer trustworthy due to compromise, expiration, or policy violations, ensuring secure communications remain intact.