Način metoda ovjere korisnika koja se koristi kada se želi osigurati da odgovor daje osoba a ne računalo. Proces ovjere uključuje jedno računalo poslužitelj koje traži korisnika da izvede jednostavnu provjeru. Sigurnost ovjere se temelji na pretpostavci da računalo nije u stanju u konačnom vremenu dati odgovor na zadanu provjeru.
A CAPTCHA is a type of challenge-response test used in computing as an attempt to ensure that the response is generated by a person. The process usually involves one computer (a server) asking a user to complete a simple test which the computer is able to generate and grade. Because other computers are supposedly unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human.
http://webtrends.about.com/od/gettingstarted/f/spam_filter.htm
http://www.gohacking.com/2010/06/what-is-captcha.html

Blokovski algoritam za šifriranje podataka korišten u mnogim proizvodima. Jedan od osnovnih algoritama u GNU Privacy Guard (GPG) i Pretty Good Privacy (PGP) sustavima. Podržava blokove veličine 64 bita, koristi ključeve veličine 40-128 bita i koristi 12-16 rundi za šifriranje.
CAST-128, also known as CAST5, is a block cipher used in a number of products, notably as the default cipher in some versions of GNU Privacy Guard (GPG) and Pretty Good Privacy (PGP) systems. It operates on block sizes of 64 bits, uses 12-16 rounds and supports key sizes from 40-128 bits.
http://www.vocal.com/cryptography/cast.html
http://www.thc.org/root/docs/cryptography/rfc2144.txt.html

Blokovski algoritam za šifriranje podataka objavljen 1998. godine. Prijavljen kao jedan od kandidata za AES standard, nije dospio u prvih pet kandidata. Podržava blokove veličine 128 bita, koristi ključeve veličine 128-256 bita i koristi 48 rundi za šifriranje.
In cryptography, CAST-256 (or CAST6) is a block cipher published in June 1998. It was submitted as a candidate for the Advanced Encryption Standard (AES); however, it was not among the five AES finalists. It operates on block sizes of 128 bits, uses 48 rounds and supports key sizes from 128-256 bits.
http://cryptography.wikia.com/wiki/CAST-256
http://www.faqs.org/rfcs/rfc2612.html
http://www.vocal.com/cryptography/cast.html

CBC način rada (engl. Cipher Block Chaining mode) je najkorišteniji oblik šifriranja diskova. U ovom načinu rada svaki blok sa podacima se spaja sa prethodnim šifriranim blokom pomoću operacije ekskluzivno-ILI (engl. Exclusive OR – XOR), time svaki blok ovisi o svim prethodno obrađenim blokovima. Dodatno, kako bi svaka poruka bila jedinstvena koristi se posebna vrijednost za šifriranje prvog bloka, a ta vrijednost se naziva inicijalizacijski vektor (engl. Initialization vector).
Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block). Cipher block chaining uses what is known as an initialization vector (IV) of a certain length. One of its key characteristics is that it uses a chaining mechanism that causes the decryption of a block of ciphertext to depend on all the preceding ciphertext blocks.
http://www.herongyang.com/Cryptography/DES-Mode-CBC-Cipher-Block-Chaining.html
http://www.cryptopp.com/wiki/CBC_Mode
http://www.pvv.ntnu.no/~asgaut/crypto/thesis/node15.html

Otvorena, praktična i nadogradiva specifikacija zapisivanja događaja, s ciljem reprezentacije i klasifikacije unificiranih događaja. Razvijana je u tvrtci MITRE Corporation, a izrađena je zbog nekonzistentnosti formata dnevničkih zapisa, koje otežavaju IT analizu.
Open source, practical and extendable specification of event logging with goal of unified event classification. It was developed in MITRE corporation. It was developed to prevent inconsistencies of event logs which make IT analysis of data very difficult.
http://cee.mitre.org/
http://scap.nist.gov/events/2009/itsac/presentations/day2/Day2_CNMAL_CEE_Shields_Heinbockel.pdf

Naziv koji se daje grupi stručnjaka koji zaduženi za rješavanje računalnih sigurnosnih incidenata. Vecina država ima vlastiti CERT zvan "Nacionalni CERT". Nacionalni CERT ima pravo iz područja svoje nadležnosti donositi upute, smjernice, preporuke, savjete i mišljenja.
Computer Emergency Response Team is a name given to expert groups that handle computer security incidents. Most groups append the abbreviation CERT or CSIRT to their designation where the latter stands for Computer Security Incident Response Team. For some teams the spelling of CERT refers to Computer Emergency Readiness Team while handling the same tasks.
http://www.cert.hr/onama

U kriptografiji, izdavatelj certifikata (eng. Certification Authority, CA) je osoba koja izdaje digitalne certifikate. U modelu povjerenja, CA je pouzdajuća treća strana kojoj vjeruje vlasnik certifikata i stranka koja se oslanja na certifikat. CA je karakteristika mnogih shema infrastrukture javnih ključeva (eng. Public key infrastructure, PKI).
In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. In the model of trust relationships, a CA is a trusted third party that is trusted by both the subject (owner) of the certificate and the party relying upon the certificate. CA is characteristic of many public key infrastructure (PKI) schemes.
http://searchsecurity.techtarget.com/definition/certificate-authority
http://www.tech-faq.com/certificate-authority.html

Cezarova šifra vrsta jednoabecedne zamjenske šifre kod koje se svako slovo pomiče za tri mjesta u abecedi.
In cryptography, a Caesar cipher, also known as a Caesar's cipher, the shift cipher, Caesar's code or Caesar shift, is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a shift of 3, A would be replaced by D, B would become E, and so on. The method is named after Julius Caesar, who used it to communicate with his generals.
http://www.cs.trincoll.edu/~crypto/historical/caesar.html
http://www.secretcodebreaker.com/caesar-cipher.html
http://www.simonsingh.net/The_Black_Chamber/caesar.html

CFS predstavlja jedan od najpoznatijih kriptografskih datotečnih sustava namijenjenih za operacijski sustav Unix/Linux. Jedan od glavnih ciljeva sustava CFS je pružanje usluge sigurne pohrane podataka koja radi na transparentan način. Korisnik u većini slučajeva nema dojam da se radi o šifriranim datotekama.
CFS is a cryptographic filesystem designed for Unix/Linux operating systems. One of its advantages is user transparency. While CFS encrypts each file before writing it on the disk the user does not see any difference or delay while working.
http://www.techrepublic.com/article/using-cryptographic-filesystem-with-linux/5033691
http://www.linuxjournal.com/article/6381

Poseban oblik međujezika zvan bytecode koji nastaje prevođenjem CLI jezika .NET platforme. Klasični jezici poput programskog jezika C i C++ se prevode izravno u asembler, no jezici koji koriste virtualni jezični procesor se prevode u poseban međujezik. Za jezike .NET platforme to je originalno bio jezik MSIL (MicroSoft Intermediate Language), no novi naziv je CIL.
Common Intermediate Language (formerly called Microsoft Intermediate Language or MSIL) is the lowest-level human-readable programming language defined by the Common Language Infrastructure specification and used by the .NET Framework and Mono. Languages which target a CLR-compatible run-time environment compile to CIL, which is assembled into an object code that has a bytecode-style format.
http://www.scriptol.com/programming/cil.php
http://en.wikipedia.org/wiki/Common_Intermediate_Language

Arhitektura računala koja podržava složen skup procesorskih naredbi. Dok RISC računala sadrže tek mali skup operacija od kojih je moguće složiti kompleksnije cjeline, CISC računala sadrže složenije naredbe (npr. direktne naredbe za zbrajanje matrica) ali su zato sporiji od RISC računala.
Most personal computers, use a CISC architecture, in which the CPU supports as many as two hundred instructions. Later, it was discovered that, by reducing the full set to only the most frequently used instructions, the computer would get more work done in a shorter amount of time for most applications.
http://www.webopedia.com/TERM/C/CISC.html
http://searchcio-midmarket.techtarget.com/definition/CISC
http://www.wisegeek.com/what-is-cisc.htm

Otvorena specifikacija koju je izdala tvrtka Microsoft, a standardizirala ISO i ECMA. Specifikacija opisuje izvršni programski kod i okruženje koje čini jezgru Microsoft .NET platforme te besplatne implementacije otvorenog koda Mono i Portable.NET. Specifikacijom se definira okruženje koje omogućuje uporabu niza programskih jezika više razine prilikom izrade programskog proizvoda. Ovim se omogućuje migracija postojećeg koda na druge platforme bez dodatne obrade i prilagodbe. Neki od podržanih jezika su C#, VB.NET i J#.
The Common Language Infrastructure (CLI) is an open specification developed by Microsoft and standardized by ISO[ and ECMA that describes the executable code and run-time environment that form the core of the Microsoft .NET Framework and the free and open source implementations Mono and Portable.NET. The specification defines an environment that allows multiple high-level languages to be used on different computer platforms without being rewritten for specific architectures. Popular supported programming languages are: C#, VB.NET and J#.
http://searchsoa.techtarget.com/definition/Common-Language-Infrastructure
http://www.webopedia.com/TERM/C/Common_Language_Infrastructure.html
http://en.csharp-online.net/Introduction_to_the_Common_Language_Infrastructure

Jezgrena komponenta okruženja Microsoft .NET. Predstavlja konkretnu implementaciju standarda CLI (engl. Common Language Infrastructure) koji definira okruženje za izvođenje programa. Putem sustava CLR, programski kod se prevodi u poseban oblik međukoda poznat kao jezik CIL (Common Intermediate Language). Programeri mogu koristiti bilo koji programski jezik koji je podržan infrastrukturom CLR za izradu svojih aplikacija u okruženju .NET.
The .NET Framework provides a run-time environment called the common language runtime, which runs the code and provides services that make the development process easier. The common language runtime makes it easy to design components and applications whose objects interact across languages. Objects written in different languages can communicate with each other, and their behaviors can be tightly integrated. For example, you can define a class and then use a different language to derive a class from your original class or call a method on the original class.
http://msdn.microsoft.com/en-us/library/8bs2ecf4.aspx
http://whatis.techtarget.com/definition/0,,sid9_gci860097,00.html

Jezični prevoditelj je računalni program koji čita program napisan u izvornom jeziku, te ga prevodi u istovjetni program u ciljnom (najčešće strojnom) jeziku.
A compiler is a computer program that transforms source code written in a programming language (the source language) into another computer language (the target language, often having a binary form known as object code).
http://www.webopedia.com/TERM/C/compiler.html
http://lambda.uta.edu/cse5317/notes/node3.html
http://whatis.techtarget.com/definition/0,,sid9_gci211824,00.html

Datoteka koja sadrži podatke o posjeti web stranici. Na taj način vlasnici web stranice rade statistiku posjeta. Cookie također pamti neke postavke koje ste namjestili i podatke koje ste upisali na posjećenoj stranici (npr. lozinku). cookie datoteka
A cookie, also known as a web cookie, browser cookie, and HTTP cookie, is a piece of text stored on a user's computer by their web browser. A cookie can be used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplished through storing text data.
http://www.httpwatch.com/httpgallery/cookies/
http://webdesign.about.com/cs/cookies/a/aa082498a.htm
http://www.nczonline.net/blog/2009/05/05/http-cookies-explained/

Autorsko pravo je isključivo pravo autora na raspolaganje vlastitim književnim, znanstvenim ili umjetničkim djelima te djelima iz drugih područja stvaralaštva. Autorskim pravom ne štiti se ideja nego autorsko djelo koje je izražaj ideje, bez obzira na vrstu ili kvalitetu izražavanja. Autorsko pravo nastaje samim ostvarenjem djela i, za razliku od većine drugih oblika intelektualnog vlasništva, ne podliježe administrativnim ili registracijskim postupcima.
The authors of the works in the literary, scientific and artistic and other domains of creativity have the exclusive right to use or to authorize others to use their works. Such right of the author, as well as the system of legal instruments protecting such a right is called copyright. Copyright does not protect an idea but a work, expressing the idea of the human mind, irrespective of the form or quality of the expression. Copyright in a work is conferred to its author by the mere act of creation of the work and, contrary to the majority of other forms of intellectual property, it is not subject to any administrative or registration procedure.
http://www.dziv.hr/hr/intelektualno-vlasnistvo/autorsko-pravo/

Računalni crv je samo-replicirajući zloćudni program koji koristi mrežu računala kako bi poslao vlastite kopije na druge čvorove mreže bez pomoći korisnika. Ovakvo širenje računalnom mrežom je obično posljedica ranjivosti računala.
A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach itself to an existing program.
http://virusall.com/computer%20worms/worms.php
http://www.zsis.hr/site/Preporuke/Virusicrviitrojanskikonji/tabid/100/Default.aspx
http://www.tech-faq.com/computer-worm.html

Kriptoanaliza je znanstvena disciplina koja se bavi razbijanjem kriptografskih algoritama i šifri bez uporabe tajnih informacija kao što su ključ ili lozinka za šifriranje.
Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key.
http://www.webopedia.com/TERM/C/cryptanalysis.html
http://os2.zemris.fer.hr/algoritmi/simetricni/2005_poljak_darko/seminar/index.html#chapter1
http://searchsecurity.techtarget.com/definition/cryptanalysis

Aplikacijsko sučelje uključeno u Windows operacijskim sustavima koje pruža razvijateljima gotove metode za zaštitu podataka. Predstavlja skup dinamički povezanih biblioteka (DLL) koje odvaja razvijatelje od samog aplikacijskog koda CryptoAPI biblioteke.
The Cryptographic Application Programming Interface (also known variously as CryptoAPI, Microsoft Cryptography API, MS-CAPI or simply CAPI) is an application programming interface included with Microsoft Windows operating systems that provides services to enable developers to secure Windows-based applications using cryptography. It is a set of dynamically-linked libraries that provides an abstraction layer which isolates programmers from the code used to encrypt the data.
http://technet.microsoft.com/en-us/library/cc962093.aspx
http://msdn.microsoft.com/en-us/library/aa380240%28v=vs.85%29.aspx

Kriptografija je područje kriptologije koje se bavi stvaranjem kriptografskih algoritama za zaštitu podataka. Točnije, podrazumijeva stvaranje i analizu protokola i algoritama koji osiguravaju siguran prijenos i pohranu informacija, bilo u računalnoj mreži ili mediju za pohranu podataka.
Cryptography is the practice and study of techniques for secure communication in the presence of third parties. More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity, and authentication.
http://searchsoftwarequality.techtarget.com/definition/cryptography
http://web.math.pmf.unizg.hr/~duje/kript/kriptografija.html http://klub.posluh.hr/list/010/kriptografija.htm http://fly.srk.fer.hr/~peloquin/

Znanost koja obuhvaća pojmove kritpografije i kriptoanalize. Kriptografija je umješnost izmišljanja šifri, dok je kriptoanaliza umješnost njihova probijanja.
The science of cryptology is the science of secure communications, formed from the Greek words kryptós, "hidden", and lógos, "word".
http://searchsecurity.techtarget.com/definition/cryptology
http://www.math.okstate.edu/~wrightd/crypt/crypt-intro/node2.html
http://www.wisegeek.com/what-is-cryptology.htm

Napad na web stranice koji iskorištava ovjerenje web stranice/aplikacije prema legitimnom autoriziranom korisniku za izvođenje zlonamjernih radnji. Svrha napada je obično krađa povjerljivih informacija o autoriziranom korisniku, a napad se često dostavlja metodama društvenog inženjeringa. Točnije, žrtvi se dostavlja poveznica koja djeluje poznato, te kada korisnik otvori poveznicu pokreće se napad.
CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29
http://security.lss.hr/documents/LinkedDocuments/NCERT-PUBDOC-2010-04-297.pdf

Opisni programski jezik koji služi za definiranje prikaza grafičkih elemenata na web sjedištu. Služi za upravljanje prikazom HTML elemenata. Koristi se za odvajanje funkcijske logike od logike za prikaz sadržaja. CSS je postao standard za izradu grafičkog sučelja web sjedišta, te je World Wide Web Consortium's (W3C) preporuka.
A style sheet language used to describe the presentation semantics (the look and formatting) of a document written in a markup language. Its most common application is to style web pages written in HTML and XHTML, but the language can also be applied to any kind of XML document, including plain XML, SVG and XUL. The CSS specifications are maintained by the World Wide Web Consortium (W3C).
http://www.w3schools.com/css/default.asp
http://www.w3.org/Style/CSS/

Način šifriranja podataka koji omogućuje obradu poruka koje nije moguće jednoliko podijeliti u blokove bez povećavanja šifrata. Način rada je nešto složeniji od ostalih načina rada kriptografskih algoritama.
In cryptography, ciphertext stealing (CTS) is a general method of using a block cipher mode of operation that allows for processing of messages that are not evenly divisible into blocks without resulting in any expansion of the ciphertext, at the cost of slightly increased complexity.
http://www.encyclo.co.uk/define/Ciphertext%20stealing
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/ciphertext%20stealing%20proposal.pdf

CVE je rječnik javno poznatih sigurnosnih ranjivosti. Sadrži dodatne usluge koji imaju cilj korisnike informirati o sigurnosnim rizicima i prijetnjama.
Common Vulnerabilities and Exposures (CVE) is a dictionary of common names for publicly known information security vulnerabilities, while its Common Configuration Enumeration provides identifiers for security configuration issues and exposures.
http://searchfinancialsecurity.techtarget.com/definition/Common-Vulnerabilities-and-Exposures
http://cve.mitre.org/
http://www.ipa.go.jp/security/english/vuln/CVE_en.html

Cyber kriminalac je osoba koja koristi računala i Internet za počinjenje kaznenih dijela.
Cyber criminal is a person that uses computers and Internet to commit a crime.
http://www.webopedia.com/TERM/C/cyber_crime.html
http://www.cybercitizenship.org/crime/crime.html
