The FREE Cybersecurity Glossary by Thor Pedersen!

Hashed Message Authentication Code (HMAC): A cryptographic technique that uses a hash function and a secret key to verify the authenticity and integrity of a message. It is used in secure communication protocols to prevent tampering and replay attacks. Examples of HMAC include using it to authenticate HTTP requests and verify the authenticity of digital signatures.

Hash (hashing): The process of converting data into a fixed-length, unique value known as a hash. This is used in cryptography to verify the integrity of data, as any change to the data will result in a different hash value. Examples of hashing include using a hash function to create a digital signature and generating a checksum for a file.

Hashing Function: An algorithm that maps data of any size to a fixed size. The output, or hash, is a string of characters that represents the input data. In security, hash functions are used for a variety of purposes, including data integrity checks, password storage, and digital signatures. A secure hash function has the property that it's computationally infeasible to derive the original input from its hash, making it useful for storing sensitive information like passwords in a form that prevents their recovery even if the hash is known.

Hash Value: A fixed-length string output produced by a hash function, uniquely representing input data. Any change to the input will result in a different hash value, which is used for password hashing, digital signatures, and data integrity verification.

Header manipulation: Header manipulation refers to the intentional alteration of HTTP header attributes by either a sender or an intermediary, such as a proxy, often to bypass security measures, conduct spoofing attacks, or enhance privacy. It can be used legitimately to control cache or to adjust request-response headers for compatibility, but it can also be utilized maliciously to disguise the true source of traffic or to manipulate web application behaviors.

Health Information Technology for Economic and Clinical Health Act (HITECH Act) (US): A US law enacted as part of the American Recovery and Reinvestment Act of 2009. The act promotes the adoption and meaningful use of health information technology, specifically electronic health records. One of its significant aspects related to security is that it expands the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA), including extending the requirement of safeguarding health information to business associates of covered entities and strengthening the enforcement of HIPAA rules.