|
Security Domain
A security domain is an application or a set of applications that collectively rely on a shared security token for processes such as authentication, authorization, and session management. In essence, a security token is granted to a user following their active authentication using a user ID and password within the security domain. The token establishes a foundation of trust, enabling secure interactions across the applications within the defined security domain. A security domain is the determining factor in the classification of an enclave of servers/computers. A network with a different security domain is kept separate from other networks. For example, NIPRNet, SIPRNet, JWICS, and NSANet are all kept separate. Examples of a security domain include: * All the web applications that trust a session cookie issued by a Web Access Management product * All the Windows applications and services that trust a Kerberos ticket issued by Active Directory Active Directory (AD) is a direc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NIPRNet
The Non-classified Internet Protocol (IP) Router Network (NIPRNet) is an IP network used to exchange unclassified information, including information subject to controls on distribution, among the private network's users. The NIPRNet also provides its users access to the Internet. It is one of the United States Department of Defense's three main networks. The others include SIPRNet and JWICS. History NIPRNet is composed of Internet Protocol routers owned by the United States Department of Defense (DOD). It was created in the 1980s and managed by the Defense Information Systems Agency (DISA) to supersede the earlier MILNET. Security improvements In the year leading up to 2010 NIPRNet has grown faster than the U.S. Department of Defense can monitor. DoD spent $10 million in 2010 to map out the current state of the NIPRNet, in an effort to analyze its expansion, and identify unauthorized users, who are suspected to have quietly joined the network. The NIPRNet survey, whic ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SIPRNet
The Secret Internet Protocol Router Network (SIPRNet) is "a system of interconnected computer networks used by the U.S. Department of Defense and the U.S. Department of State to transmit classified information (up to and including information classified SECRET) by packet switching over the 'completely secure' environment". It also provides services such as hypertext document access and electronic mail. As such, SIPRNet is the DoD's classified version of the civilian Internet. SIPRNet is the secret component of the Defense Information Systems Network. Other components handle communications with other security needs, such as the NIPRNet, which is used for nonsecure communications, and the Joint Worldwide Intelligence Communications System (JWICS), which is used for Top Secret communications. Access According to the U.S. Department of State Web Development Handbook, domain structure and naming conventions are the same as for the open internet, except for the addition of a s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
JWICS
The Joint Worldwide Intelligence Communication System (JWICS, ) is the United States government's secure intranet for the storage of top secret and sensitive compartmented information, primarily for use in intelligence. It is the most secure of three separate router networks operated by the U.S. government for the handling and transmission of classified materials and is designed to safeguard the most sensitive materials. Operated by the Department of Defense, JWICS superseded DSNET2 and DSNET3, the Top Secret and SCI levels of the earlier Defense Data Network.MARCORSYSCOM – Website Temporarily Suspended . Marcorsyscom.usmc.mil. Retrieved on 2014-04-12. . ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NSANet
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for global intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The NSA has roughly 32,000 employees. Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by President Harry S. Truman in 1952. Between then and the end of the Cold War, it became the largest of the U.S. intelligence organizations in terms of personnel and budget. Still, information available as of 2013 indicates that the Cent ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Kerberos (protocol)
Kerberos () is a computer-network authentication protocol that works on the basis of ''tickets'' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client–server model, and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks. Kerberos builds on symmetric-key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.RFC 4556, abstract. Kerberos uses UDP port 88 by default. The protocol was named after the character '' Kerberos'' (or ''Cerberus'') from Greek mythology, the ferocious three-headed guard dog of Hades. History and development The Massachusetts Institute of Technology (MIT) developed Kerberos in 1988 to protect network services provided by Project Athena. Its ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Active Directory
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services. Originally, only centralized domain management used Active Directory. However, it ultimately became an umbrella title for various directory-based identity-related services. A domain controller is a server running the Active Directory Domain Services (AD DS) role. It authenticates and authorizes all users and computers in a Windows domain-type network, assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer which is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or a non-admin user. Furthermore, it allows the management and storage of information, provides authentication and authorization mechanisms, and establishes a f ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
