– Private data, other than keys, that are required to access cryptographic modules. Active Attack – An attack that alters a system or data. An attack on the authentication protocol where the Attacker transmits data to the Claimant, Credential Service Provider, Verifier, or Relying Party. Examples of active attacks include man-in-the-middle, impersonation, and session hijacking. SOURCE: SP 800-63 Active Content – Electronic documents that can carry out or trigger actions automatically on a computer platform without the intervention of a user. SOURCE: SP 800-28 Software in various forms that is able to automatically carry out or trigger actions on a computer platform without the intervention of a user.