Set 5 – Encryption and Access Controls (Vocabulary)

Vocabulary flashcards covering key terms from Encryption and Access Controls (Pages 1–2).

Pseudonymous Data

Data points which are not directly associated with a specific individual. The identity of the person is not known but multiple appearances of that person can be linked together.

Psychographic Advertising

Based on a user's interest as accounted for by their preferences online.

Public Key Infrastructure (PKI)

A system of digital certificates, authorities and registration entities verifying authenticity through cryptography.

Public Records

Information collected and maintained by a government entity and available to the general public.

Quality Attributes

Concerns in software development that cannot be alleviated with a single design element or function.

Radio-Frequency Identification (RFID)

Technologies that use radio waves to identify people or objects carrying encoded microchips.

Re-identification

The process of using publicly available information to re-associate personally identifying information with anonymized data.

Remnant Advertising

The most basic, stripped down form of web advertising when no data is available about the user or webpage.

Retention

Organizations should retain personal information only as long as necessary to fulfill the stated purpose.

Right of Access

The right of individuals to obtain data about themselves from data controllers upon request.

Role-Based Access Controls (RBAC)

Access policies ensuring employees only have the necessary access for their job.

RSA (Rivest-Shamir-Adleman) Encryption

Most common internet encryption system, using prime numbers to generate public/private key pairs.

Seal Programs

Programs requiring participants to abide by privacy codes and monitoring, allowing display of a compliance seal.

Secret Key

A cryptographic key uniquely associated with entities and not to be made public, requiring protection from disclosure.

Security Safeguards

Principle that personal data should be protected by reasonable security safeguards against loss, access, or disclosure.

Single-Factor Authentication

Standard authentication mechanism requiring a username and password.

Single-Sign-On (SSO)

Authentication process allowing one set of credentials to access multiple applications.

Social Engineering

Tactics used by attackers to manipulate individuals into revealing confidential information.

Software Requirements Specification (SRS)

Formal documentation of a software system’s requirements.

Spear Phishing

Phishing targeted at specific groups or individuals with known affiliations.

SQL Injection

Attack inserting commands into SQL input fields to exploit databases.

Storage Encryption

Use of encryption to protect stored or backed-up data.

Structured Query Language (SQL)

A programming language for managing and querying relational databases.

Super Cookie

A persistent tracking mechanism that remains even after standard cookies are deleted.

Surveillance Collection

Collecting data by observing user activity streams without interference.

Symmetric Key Encryption

Encryption method using a single key for both encryption and decryption.

Syndicated Content

Content developed/licensed by a third party, sometimes introducing security risks.

Terms of Service

Rules governing use of a service, which users must agree to.

Third-Party Collection

Data collected and transferred to another party for repurposing.

Transfer

Sending personal data cross-border or between companies as necessary for operations.