5

(50) Lawful interception: authorized access to the data of an electronic communication's
network, an information system or terminal equipment without right or authorization;
(51) Intentional intrusion: intentional and unauthorized access to an electronic
communication's network or an information system with the intent of causing harm or
deriving economic, financial ,industrial , or security benefit or sovereignty;
(52) Intrusion by intellectual challenge: intentional access without right to an electronic
communication's network or an information system with the intent of taking up an intellectual
challenge that can help improve the performance of the organization's security system;
(53) Deceptive software: software that performs operations on a user's terminal equipment
without initially informing him of the exact nature of the operations to be performed on his
terminal equipment by the software or without asking his approval for the software to perform
the operations;
(54) Spyware: specific deceptive software that collects personal information (most visited
websites, passwords, etc.) from a user's electronic communication's network;
(55) Potentially unwanted software: software having the features of a deceptive software or
spyware;
(56) Plain text: version .of a message that is intelligible to and understandable by all;
(57) Cryptographic means: equipment or software designed or modified used in
transforming data, be it information or signals, using secret codes or to perform an inverse
operation with or without a secret code to guarantee the safe storage or transmission of data
and ensure the confidentiality and control of their integrity;
(58) Non-repudiation: security criterion that ensures the availability of evidence that can be
used to prove the traceability of an electronic communication that has taken place;
(59) Certificate policy: set of rules that define standards to be respected by Certification
Authorities when providing their services, indicating the applicability of a certificate to a
particular community and/or class of application with common security requirements;
(60) Security policy: security benchmark established by an organization which reflects its
security strategy and specifies the means to achieve it;
(61) Provision of cryptographic service: operation aimed at implementing cryptographic
solutions on behalf of others;
(62) Electronic communication's network: active or inactive transmission systems and ,
where applicable, switching and routing equipment and other resources that enable signal
routing by wire, radio, optical means or other electromagnetic means, including satellite,
terrestrial networks, fixed (circuits or packets switching, including the Internet) and mobile
networks, systems using electrical network, provided they are used to transmit signals,
networks used for radio and television and cable television networks, irrespective of the type
of information transmitted;

Select target paragraph3