Ver
Relación de
elementos que se sabe positivamente que son aceptables en un sistema. Es lo
contario de una lista negra.
Whitelists refer
to defined lists of known good" items: users, network addresses. applications,
and so on. typically for the purpose of exception-based security where any item
not explicitly defined as known good" results in a remediation action
(e.g. alert and block}. Whitelists contrast blacklists. which define known
bad items. [knapp:2014]
Whitelisting refers
to the act of comparing an item against a list of approved items for the
purpose of assessing whether it is allowed or should be blocked. Typically referred
to in the context of Application Whitelisting. which prevents unauthorized
applications from executing on a host by comparing all applications against a
whitelist of authorized applications. [knapp:2014]
Application
Whitelisting (AW) is a form of whitelisting intended to control which
executable files [applications] are allowed to operate. AW systems typically
work by first establishing the whitelist of allowed applications. after which
point any attempt to execute code will be compared against that list. If the
application is not allowed. it will be prevented from executing. AW often operates
at low levels within the kernel of the host operating system. [knapp:2014]
The process of
establishing a whitelist of known valid user identities and/or accounts. for
the purpose of detecting and/or preventing rogue user activities. See also:
Application Whitelisting. [knapp:2014]
A list of
computers, IP (Internet Protocol) addresses, user names or other identifiers to
specifically allow access to a computing resource. Normally combined with a
default "no-access" policy.
http://cyber.law.harvard.edu/cybersecurity/Keyword_Index_and_Glossary_of_Core_Ideas
Temas relacionados