Bypass, in general, means either to go around something by an external route rather than going through it, or the means of accomplishing that feat. In network security, a bypass is a flaw in a security system that allows an attacker to circumvent security mechanisms to get system or network access. The actual point of entry is through a mechanism (either a hardware device or program, even just a piece of code) that enables the user to access the system without going through the security clearance procedures (such as authentication) that were set up by the system administrator. A bypass may be a mechanism put in place by an attacker, a flaw in the design, or an alternate access route left in place by developers. A bypass that is purposefully put in place as a means of access for authorized users is called a back door or a trap door. A crypto bypass is a flaw that allows data to circumvent the encryption process and escape, unencrypted, as plaintext.
No comments:
Post a Comment