A link-layer protocol attack that allows an attacker to change which machine on the local network correspond to an IP address, thus making it possible for the attacker to redirect and intercept network traffic.
A style of communication in which the timing of sending and receiving are not necessarily linked, allowing senders to move on to other tasks during transmission. Also used to describe a form of execution in which concurrent events occur without coordination.
The abstraction that a step or sequence of steps are performed as a single unit without interruption or interference by other entities.
Messages sent into an IPC channel are entered as a single, contiguous unit.
Audio/Video Distribution Transport Protocol
Abbreviated as AVDTP.
A Bluetooth profile designed to provide low latency for the wireless connection of audio/video devices, such as headphones.
Authenticated Encryption with Attached Data
Abbreviated as AEAD.
A digital signature feature added in TLS 1.3 to perform the message authentication code (MAC) and encryption calculations in parallel to avoid a particular ciphertext reuse attack.
The security property that a message’s origin can be determined.
authoritative name server
A DNS server maintained by an organization to provide the definitive mapping of IP addresses within the organization’s network.
Abbreviated as AS.
A network of hosts or subnetworks controlled by a single entity.
One of the three primary security properties (along with confidentiality and integrity); the ability to provide service to legitimate users.
A feature of cryptographic hash functions; changing a small number of bits in the input leads to significantly different outputs.
A classical synchronization problem that demonstrates a scenario that cannot be solved using only a semaphore’s increment and decrement operations; all possible solutions have deadlock as a possible outcome.
The output of an encryption procedure that scrambles data in a secure way so that the original message cannot be determined.
A network technology in which hosts take turns transmitting information into a dedicated network; contrasted with packet switching.
The situation in which multiple threads or processes each have control of one or more resources while waiting to gain access to the resources held by the other(s); one of the four requirements (along with hold and wait, mutual exclusion, and no preemption) for deadlock.
Classless Inter-Domain Routing
Abbreviated as CIDR.
An IPv4 notation for subnetworks by referring to a group of addresses; the address ends in a series of zeroes and /n, where n indicates the number of trailing bits that can be either a 1 or 0 in any of the addresses.
A system architecture in which multiple, independent clients request service from a single, centralized server.
A type of multiprocessing system that is created by linking multiple, typically low-cost, independent computers on a closed, high-speed network; each node has independent processors and memory systems, and they communicate via message passing on the network.
The property that a hash function produces the same result for two (or more) different inputs; cryptographic hash functions are designed to make finding collisions difficult.
A system characteristic that is created by entities providing feedback into the system that lead to unpredictable effects.
The ability for multiple entities to make progress toward a goal within a single period of time; creates the appearance of parallel execution (which may be real or illusory).
A synchronization primitive that can be used to wait until another thread indicates that a particular event has occurred or a desired condition has been achieved.
One of the three primary security properties (along with availability and integrity); the property that unauthorized reading of data is not permitted.
The state that occurs when there is too much traffic on a network, often leading to delays and dropped packets.
A protocol, such as TCP, that relies on both endpoints maintaining state information about a virtual connection between the hosts.
A protocol, such as UDP, in which each message is sent as a stand-alone entity with no logical or persistent state.
A distributed system protocol that aims for all correct nodes to agree to the same value of a state variable.
content delivery network
Abbreviated as CDN.
An Internet service that stores copies of popular data in several locations distributed throughout the world, providing faster access to local copies.
An organization that provides a service on the Internet.
The change from one process to another, defined by replacing the virtual memory image that is accessible by the CPU.
The portion of the network layer that focuses on exchanging information between routers to determine paths between and through networks.
One of the primary roles of the kernel, which is to handle errors and access violations in a safe manner.
A small file used in HTTP to maintain a persistent state or login information.
An early form of multiprogramming in which a process maintained control of the CPU until it voluntarily relinquished control.
A sequence of instructions that must be executed as an atomic unit to avoid timing-related errors.
cryptographic hash function
A one-way mathematical function that converts any sequence of bytes into a fixed-size numeric value; designed to prevent anyone from discovering the original data or to find other data that produces the same result.
A numeric value that an encryption or decryption routine combines with a piece of data to scramble or recover the message.
A cryptographic technique that allows an entity, potentially untrusted, to claim verifiable authorship of a message.
The study of mathematical techniques that can be used to add security features to information.
current privilege level
Abbreviated as CPL.
A CPU internal configuration parameter that controls what software instructions are allowed to be executed.
cyclic redundancy check
Abbreviated as CRC.
An error-detection technique commonly used in network protocols.
A parallel programming strategy in which the same operation is applied to multiple pieces of data.
The portion of the network layer that focuses on assigning addresses to hosts.
A structured network communication message that does not assume the presence of reliable data transfer.
The permanent blocking of multiple processes that are simultaneously waiting on each other.
The transport-layer service of directing incoming data to the intended process.
A type of attack on the availability of a service.
An independent thread of execution that can no longer be joined by the parent thread that created it.
Abbreviated as DNS.
A distributed Internet database that maps human-readable domain names to IP addresses.
Configuring a system with multiple OS images so that the OS to be used is selected during the boot sequence.
Dynamic Host Configuration Protocol
Abbreviated as DHCP.
A protocol that allows a host to be configured dynamically for a local network when it first joins.
dynamic IP address
An IP address that is assigned to a host when it joins a network.
A system model that emphasizes changes to the system over time.
A style of programming in which a larger problem is solved by applying local information to a smaller solved problem.
An observable result of a transition from one system state to another.
The observation that a problem has an obvious parallel solution.
Unanticipated system properties that result from the normal functioning of a system, in contrast to properties that are intended by design.
A cryptographic technique in which a message (plaintext) combined with a key to produce a scrambled message (ciphertext) to hide the original information; designed to be reversible by a corresponding decryption routine that converts the ciphertext into the plaintext.
The networking abstraction that two processes are communicating directly to each other as if they exist on the same host.
A configuration parameter that can be passed from a parent process to a child process without changing the program interface.
A randomly assigned port number in the upper range of possible values.
A family of link- and physical-layer protocols that provide wired connectivity.
A meaningful change in the state of a system or an entity such as a process.
A system architecture that emphasizes detecting and responding to pre-defined events.
An internal event that disrupts the normal flow of a process, caused by the execution of a CPU instruction.
A synchronization property that guarantees any entity waiting on access to a shared resource will eventually do so; also known as bounded waiting.
A one-to-one threading model used by Windows and the .NET framework; unlike POSIX, related fibers use cooperative multiprogramming instead of preemptive.
A type of wire made from glass that allows the controlled transmission and modulation of light signals.
A first-in, first-out message-passing IPC in which bytes are sent and retrieved as unstructured streams. Also known as a named pipe.
An integer used by the kernel to identify a file, such as an IPC channel.
A reconfigurable hardware component that can persistently store small programs.
The TCP service that the transmission rate of data is reduced based on the capacity of the other host.
A classification of hardware architectures based on their ability to support multiple instructions and/or multiple pieces of data in parallel.
A parallel programming implementation pattern in which a single thread creates a collection of helper threads for parallel computation, then all threads are joined before the main thread continues processing.
A description of a system using a mathematical specification language.
Propagating a network packet from one device to another without modification.
The network- and link-layer service in which a large packet is broken down into smaller packets based on the requirements of lower network layers.
A structured link-layer network message.
Manipulating the frequency of a carrier signal to encode binary data.
A C programming language technique in which a pointer variable is used to store the address of a function rather than another variable or data structure.
A system property that allows a thread or process to hold mutually exclusive access to one resource while waiting on another; one of the four requirements (along with circular wait, mutual exclusion, and no preemption) for deadlock.
A logical distance metric that indicates a single link in a network.
A computer or similar device that forms an end-point of a network.
Human Interface Device
Abbreviated as HID.
A Bluetooth profile used for standard computer peripherals, such as a wireless mouse or keyboard.
The working group that defines the specification for Wi-Fi; also used to refer to the collection of Wi-Fi standards themselves.
The working group that defines the specification for low-power, short-range wireless devices, including sensor networks and the Zigbee protocol stack; also used to refer to the collection of standards themselves.
The working group that defines the specification for Ethernet; also used to refer to the collection of Ethernet standards themselves.
A programming language feature in which the execution environment, rather than the programmer, takes the responsibility for creating and managing threads.
information theoretic security
The cryptographic property that an adversary cannot determine the plaintext message for a ciphertext, even with infinite time and resources; not achievable (or needed) in practice; contrasted with semantic security.
An on-disk data structure that identifies the location of data and contains the file metadata, such as permissions.
One of the three primary security properties (along with availability and confidentiality); the property that unauthorized modifications are not permitted.
integrity (consensus protocol)
The characteristic that, if all correct nodes propose the correct value in a consensus protocol, then any correct node will propose that value.
The characteristic that describes how much detail of a system is revealed by how it is used.
A semantic model for concurrent execution in which instructions from multiple entities are executed one at a time rather than parallel, but the system switches back and forth between the entities in a nondeterministic fashion.
An interconnected, world-wide network of multiple computer networks that are each independently owned and operated.
Internet Corporation for Assigned Names and Numbers
Abbreviated as ICANN.
An international non-profit organization responsible for controlling the root level of DNS.
Internet Engineering Task Force
Abbreviated as IETF.
The part of ISOC that is responsible for defining standards and protocols used to create the Internet.
The middle layer of the Internet protocol stack, defining logical locations within the Internet and routing paths between hosts.
A layered architecture model to describe the role of major protocols used in the Internet.
Internet of Things
Abbreviated as IoT.
The system created by connecting non-computational physical devices, such as household appliances, to the Internet.
Abbreviated as IP.
A network-layer protocol that assigns a logical location (address) to a host on the Internet.
Abbreviated as ISOC.
An international non-profit organization responsible for the development and leadership of the Internet.
Abbreviated as IPC.
A collection of techniques that allow processes to exchange information with the help of the kernel.
An external event that disrupts the normal flow of a process, caused by a hardware component indicating that service is needed.
The time that elapses from the beginning of a task until its completion.
A system architecture in which entities can only interact with those directly above and below in a defined hierarchy.
level of abstraction
The characteristic that describes how much detail is included in a model.
Abbreviated as LWP.
A many-to-many threading model used in Solaris; a run-time threading library dynamically mapped running process-level threads to a set of virtual processors that corresponded to kernel threads.
A synchronization programming pattern for locks and semaphores in which the first thread to enter a critical section performs a specific initial action and the last to leave performs a specific closing action.
The second-lowest layer of the Internet protocol stack, creating the logical point-to-point links between devices connected within a network.
Link Manager/Link Controller
Abbreviated as LM/LC.
The second lowest layer in the Bluetooth wireless protocol stack, responsible for managing and controlling the baseband.
A protocol strategy in which all routers initially exchange information about the network structure prior to determining optimal routing paths.
A situation in which multiple processes are simultaneously preventing each other from progressing, but the processes are repeatedly changing state in an unproductive fashion.
A synchronization property that guarantees some entity will eventually be able to continue execution toward a goal; also known as progress.
A distributed system technique for ordering events that is not dependent on real-time measurements.
Logical Link Control and Adaptation Protocol
Abbreviated as L2CAP.
The middle Bluetooth layer that provides multiplexing service for application profiles to access the LM/LC layer; provides services comparable to the link layer in the 5-layer Internet model.
A parallel programming strategy in which multiple iterations of a loop can be executed in parallel and will achieve the same result as if executed sequentially.
Abbreviated as MtE.
A cryptographic technique that can be used to establish a message’s authenticity by encrypting the output of a message’s cryptographic hash; used in TLS 1.2 but replaced in TLS 1.3, due to vulnerability to a ciphertext reuse attack.
A task parallelism implementation strategy in which one thread is designated as a manager that distributes tasks to other worker threads as needed.
A parallel programming implementation pattern in which a problem is broken down into small, independent problems that are distributed to nodes; the results of the parallel computations are then merged as needed.
maximum transmit unit
Abbreviated as MTU.
The largest size of transmission message that a physical device will allow.
The multiple instruction, single data classification of Flynn’s taxonomy.
mobile ad hoc network
Abbreviated as MANET.
A network of mobile computing devices that is designed to be short-lived and to require minimal configuration.
Changing the CPL between kernel and user mode.
A simplified representation of a system.
An early piece of software responsible for setting up and executing jobs; the monitor is an early stage of the evolution of the kernel.
A software construct in which shared data is encapsulated into a structure and access to the data is only permitted through an interface of functions (or methods) that use a lock to ensure mutually exclusive access to the entire structure.
The system property that no thread may disrupt another thread’s claim to a resource, such as a lock or semaphore; one of the four requirements (along with circular wait, hold and wait, and mutual exclusion) for deadlock.
non-uniform memory access
Abbreviated as NUMA.
The characteristic of memory systems in which accessing different ranges of addresses can require different amounts of time.
A first-in, first-out message-passing IPC in which bytes are sent and retrieved as unstructured streams.
A system architecture defined by a unidirectional flow of information through a sequence of entities that can modify and process the information.
A parallel programming algorithm design strategy in which a procedure is broken down into multiple sequential steps that allow for parallel execution.
The meaningful data provided as input to an encryption routine.
A network end-point.
A 16-bit unsigned integer used to identify a process on a host.
Portable Operating System Interface
Abbreviated as POSIX.
A cross-platform specification supported by UNIX operating systems and those considered UNIX-like, such as Linux. The X in the name originally denoted that the interface was “based on UNIX.”
A form of encryption that uses separate keys (one public, one private) for encryption and decryption.
A thread pool execution strategy in which threads access a common pool and select a task.
A thread pool execution strategy in which one thread is responsible for assigning tasks from the common pool.
The maximum amount of continuous CPU time granted to a process in multiprogramming.
A search strategy used in unstructured P2P network systems in which requests are forwarded from one node to its neighbors until the desired object’s location is found.
The time that a network packet must wait in a queue prior to transmission.
A situation where the result of a computation depends on the timing of events during a particular instance of execution; an error that results from nondeterministic system design or programming.
A socket for writing data directly to the link layer without processing by the transport or network layers; used in protocols, such as ICMP, that can be used to monitor the behavior and performance of the network itself.
A system characteristic that indicates the primary purpose is to respond to events rather than to cause them to occur.
A classical synchronization problem that highlights the difficulty of providing fair access to a critical section between two types of threads that perform asymmetric actions.
A field in the TCP header that is used to indicate a maximum amount of data that should be sent in response to the current segment; used to create the flow control service.
A Rust programming language construct that acts like an anonymous function.
At most one entity (such as a thread) has access to a resource or critical section at a given time; also known as mutual exclusion.
A system characteristic that refers to how the system behaves as the number of entities increases significantly.
scarcity of resources
A system characteristic that describes how resource limitations can pose constraints on the system design.
The multiprogramming kernel responsibility to select which process to execute in user mode whenever an interrupt or exception occurs.
A variant of the readers-writers problem that illustrates how synchronization design techniques can be applied to common data structures.
security vs. usability
A common design tradeoff that arises from the fact that making a system more secure can make it more difficult to use.
A structured transport-layer network message.
The cryptographic property that an adversary has only a negligible probability to determine the plaintext message for a ciphertext, given limited time and resources; contrasted with information theoretic security.
One of three aspects of semiotics that focuses on the intended meaning of symbols.
An integer with atomic operations for incrementing and decrementing the value; if the result of decrementing the value is negative, the current process becomes blocked until another process increments the value.
The study of the use and interpretation of symbols.
A type of UML diagram that can be used to illustrate the order of messages exchanged between entities and the corresponding responses.
An integer used in TCP to identify the order of a segment; a particular segment’s sequence number is the previous segment’s sequence number plus the size of the previous segment’s payload.
A finite sequence of messages between entities until one or both parties determine that the exchange is complete.
A randomly generated symmetric key used to encrypt and decrypt messages in a single session; should never be reused in future sessions to prevent eavesdropping attacks.
A family of cryptographic hash functions published by NIST to replace the insecure SHA-1 family; based on the Merkle-Damsgård construction technique.
A family of cryptographic hash functions published by NIST as an alternative—not a replacement—to the SHA-2 family; based on the sponge construction technique.
One of two standard IPC models; there is a significant performance cost to set up the shared region, but all subsequent data exchanges are immediate and do not require system calls.
A pre-defined event that can be sent to another process to disrupt its normal execution.
A synchronization programming pattern for semaphores in which one thread can alert another that an event has occurred; often replaced with condition variables in modern usage.
The single instruction, multiple data classification of Flynn’s taxonomy.
The single instruction, single data classification of Flynn’s taxonomy.
smoothed round-trip time
Abbreviated as SRTT.
A rolling average of the RTT calculations; helps to prevent overreactions to outlier measurements by considering the history of previous results.
A style of P2P network in which nodes are arranged in a logical structure, such as a circle, to support predictable routing and increased availability of objects through replication.
A domain name—ending in the organization’s authoritative domain name—that is typically used to add logical structure to the organization’s servers.
A smaller network that is part of a larger network, identified by a common range of network addresses.
A bitmask that can be applied to any address in a subnet to determine a common routing prefix.
A process state in which the process has been indefinitely paused by the kernel, system administrator, or the user executing the process.
A device that provides a link-layer connection between two homogeneous networks.
symmetric key cryptography
A form of encryption that uses a single key for both encryption and decryption.
Abbreviated as SMP.
A type of multiprocessing system that consists of multiple processors with a shared memory resource in a single computer.
A denial-of-service attack in which one or more hosts repeatedly initiate a TCP handshake with a server with SYN packets to cause the server to exhaust its memory resources, preventing legitimate requests from establishing connections.
The act of controlling the timing of concurrent threads or processes.
A programming language construct that provides atomic operations for basic synchronization techniques.
An easily understood scenario that illustrates common challenges that arise in concurrent systems.
A style of communication in which the timing of sending and receiving are closely linked, forcing senders to wait until a message has been received.
One of three aspects of semiotics that focuses on the rules that define how symbols must be linked to create valid messages.
An integrated collection of entities and their interactions.
A static model of a system that illustrates how entities can interact with each other.
A request from a process for the kernel to perform an action.
The specification that defines the requirements for an operating system to be considered UNIX.
The rigorous study of systems and their properties.
A parallel programming strategy in which different threads are assigned different tasks to perform.
A data structure that stores the tasks to be performed by a thread pool.
A three-step protocol to establish a connection with a TCP server; the client initiates the procedure with a SYN packet, then the server responds with a SYN-ACK packet, and the client completes the handshake with an ACK packet.
termination (consensus protocol)
The characteristic that all correct nodes will eventually determine a value to propose.
A radiation therapy machine that is a commonly cited example of a race condition that can lead to catastrophic and fatal results.
A coherent and independent execution sequence of software instructions.
A parallel programming execution strategy in which a collection of threads are created at the start of the process and persist until completion; threads will perform parallel computations when required and may sit idle at other times.
A software property that a function uses appropriate synchronization techniques to prevent race conditions, allowing multiple threads to call the function concurrently in a safe manner.
The amount of work that can be accomplished in a given amount of time.
Tier 1 Internet service provider
One of several organizations that provide mutually beneficial Internet service by routing data cooperatively between each other’s clients.
Abbreviated as UDP.
A transport-layer protocol that provides only unreliable transport; used in multimedia applications and network-centric protocols such as DNS and DHCP.
The CPU configuration used by normal software applications, in which privileged instructions cannot be executed.
The ratio that describes how much a resource was actually used compared to the potential amount that it could have been used.
A technique for creating a logical clock in a distributed system.
The logical, linear memory address space visible to a process.
A pictorial representation of a system intended to convey information in an intuitive manner that can be easily understood by people.
A characteristic of a problem in which increasing the number of parallel entities increases the complexity of the problem, but parallelism improves the amount of work that can be done.
One of several designated port numbers that are used for common Internet services.
The common name for wireless technologies based on the IEEE 802.11 standards that allow portable computing devices, such as laptops and cell phones, to access the Internet through a physical close access point.
A non-profit organization responsible for defining specifications and certifying compatibility of Wi-Fi devices.
wireless mesh network
A wireless network topology in which router nodes can forward data through multiple possible paths.
A standard, verifiable data structure for exchanging public key and identity information.
A wireless protocol stack that can be used to build a wireless mesh network; commonly used in low-power sensor networks and the Internet of Things.
The industry standards group that defines the specifications for the Zigbee short-range wireless technology.