Menu

You are here

Home » Enterprise Technology Dictionary » Find Terms by Theme » Find Terms by Theme: Information Security

Find Terms by Theme: Information Security

Access

Definition:

The ability to use, modify, or affect an IT system or to gain entry to a physical area or location.

Application

Definition:

A computer program or set of programs that meet a defined set of business needs.  A program or group of programs designed for end users. These programs are divided into two classes: system software and application software. While system software consists of low-level programs that interact with computers at a basic level, application software resides above system software and includes applications such as database programs, word processors and spreadsheets. Application software may be grouped along with system software or published alone. For the purposes of integration applications consume an integration service such as a web service or API.

Application System

Definition:

An interconnected set of IT resources under the same direct management control that meets a defined set of business needs.

Attack

Definition:

An attempt to bypass security controls on an IT system in order to compromise the data.

Audit Trail Capture and Analysis

Definition:
Defines the set of capabilities to support the identification and monitoring of activities within an application, system, or network
Context:
IT Business Function

Authentication

Definition:

The process of ensuring the identity of a connected user or participants exchanging electronic data.

Certification and Accreditation

Definition:
Defines the set of capabilities to support the certification and accreditation (C&A) of federal information systems, as described in NIST SP800-37.
Context:
IT Business Function

Community Management

Definition:
Defines the set of capabilities to support the administration of online groups that share common interests
Context:
IT Business Function

Continuous Monitoring

Definition:
Continuous Monitoring includes all activities related to the real-time monitoring of security controls employed within or inherited by a system. (see Appendix G of NIST Special Publication 800-37)
Context:
IT Business Function

Contractor

Definition:

The firm, its employees and affiliated agents. Contractor also includes any firm, provider, organization, individual, or other entity performing the business activities of the agency. It will also include any subcontractor retained by Contractor as permitted under the terms of the Contract.

Topic(s):

Credential Issuance and Management

Definition:
Credential Issuance and Management: the researching, tracking and providing of user access credentials (logical and physicals) and associated security features for the protection of federal information and information systems from unauthorized access, use, disclosure, disruptions, modification, or destruction, as well as the creation and implementation of related security policies, procedures and controls. This includes background checks and related personnel security management services.
Context:
IT Business Function

Critical Issue

Definition:

A known system defect or enhancement request that if left unresolved could significantly impact business operations, compliance with statute or policy, the integrity of the system or data or otherwise create a public health, safety or other significant risk areas.

Cryptography

Definition:
Defines the set of capabilities to support the use and management of ciphers, including encryption and decryption processes, to ensure confidentiality and integrity of data
Context:
IT Business Function

Environmental Security

Definition:

Physical protection against damage from fire, flood, wind, earthquake, explosion, civil unrest and other forms of natural and man-made risk.

Extranet / VPN Connection

Definition:

Network-level access originating from outside the network. Examples include SSL, IPSec, “terminal service” or Citrix-like connections.

File Transfer Protocol with SSL Security

Definition:
An extension to the FTP protocol that adds Secure Socket Layer (SSL)/Transport Layer Security (TLS)-based mechanisms/capabilities on a standard FTP connection. It mainly enables performing or delivering standard FTP communication on top of an SSL-based security connection. FTPS is also known as FTP Secure.

Firewall

Definition:

A combination of hardware and software designed to control the types of network connections allowed to a system or combination of systems or that enforces a boundary between 2 or more networks.

Identification and Authentication

Definition:
Defines the set of capabilities to support the management of permissions for logging onto a computer, application, service, or network; includes user management and role/privilege management. This includes Identification and Authentication for digital signatures
Context:
IT Business Function

Incident Response

Definition:
Defines the set of capabilities to provide active response and remediation to a security incident that has allowed unauthorized access to a government information system
Context:
IT Business Function

Information Technology

Definition:

Per RCW 43.105.020, "Information technology" includes, but is not limited to, all electronic technology systems and services, automated information handling, system design and analysis, conversion of data, computer programming, information storage and retrieval, telecommunications, requisite system controls, simulation, electronic commerce, radio technologies, and all related interactions between people and machines.

Information Technology (IT) Assets

Definition:

The processes, procedures, systems, IT infrastructure, data, and communication capabilities that allow each agency to manage, store, and share information in pursuit of its business mission, including but not limited to:

  • Applications.
  • All data typically associated with IT systems regardless of source (agency, partner, customer, citizen, etc.). 
  • All data typically associated with IT systems regardless of the medium on which it resides (disc, tape, flash drive, cell phone, personal digital assistant, etc.).
  • End-user authentication systems.
  • Hardware (voice, video, radio transmitters and receivers, mainframes, servers, workstations, personal computers, laptops, and all end point equipment).
  • Software (operating systems, application software, middleware, microcode).
  • IT infrastructure (networks, connections, pathways, servers, wireless endpoints).
  • Services (data processing, telecommunications, office automation, and computerized information systems).
  • Telecommunications hardware, software, and networks.
  • Radio frequencies.
  • Data computing and telecommunications facilities.
  • Intelligent control systems such as video surveillance, HVAC, and physical security.

Information Technology (IT) Infrastructure

Definition:

IT infrastructure consists of the equipment, systems, software, and services used in common across an organization, regardless of mission/program/project.  IT Infrastructure also serves as the foundation upon which mission/program/project-specific systems and capabilities are built.  Approaches to provisioning of IT infrastructure vary across organizations, but commonly include capabilities such as Domain Name Server (DNS), Wide Area Network (WAN), and employee locator systems. Additional common capabilities examples include IT security systems, servers, routers, workstations, networked Supervisory Control and Data Acquisition (SCADA) systems, and networked printers (multifunction devices).

Information Technology (IT) Risk Assessment

Definition:

Risk assessment is a process by which to determine what IT Assets exist that require protection, and to understand and document potential risks from IT security failures that may cause loss of information confidentiality, integrity, or availability. The purpose of a risk assessment is to help management create appropriate strategies and controls for stewardship of information assets.

Context:
Information Security

Internal System or Network

Definition:

An IT system or network designed and intended for use only by state of Washington employees, contractors, and business partners.

Intrusion Detection Systems

Definition:

Software and/or hardware designed to detect an attack on a network or computer system. A Network IDS (NIDS) is designed to support multiple hosts, whereas a Host IDS (HIDS) is set up to detect illegal actions within the host. Most IDS programs typically use signatures of known cracker attempts to signal an alert. Others look for deviations of the normal routine as indications of an attack.

Intrusion Prevention Systems

Definition:

Software and/or hardware designed to prevent an attack on a network or computer system. An IPS is a significant step beyond an IDS because it stops the attack from damaging or retrieving data. Whereas an IDS passively monitors traffic by sniffing packets off of a switch port, an IPS resides inline like a firewall, intercepting and forwarding packets. It can thus block attacks in real time.

Malicious Code

Definition:

Software (such as a Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.

Malware

Definition:

A general term coined for all forms malicious software including but limited to computer viruses, worms, Trojan horses, most rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software.

Mobile Device

Definition:

Any hand-portable device capable of text, voice, email, instant messaging (“IM”), photo messaging or other types of data communication. This policy is not meant to apply to: cars, boats, airplanes, laptop computers, desktop computers, unpiloted aerial vehicles (drones), gps receivers, radios

Multi-factor Authentication

Definition:

A security system or mechanism in which more than one form of authentication is implemented to verify the legitimacy of a transaction. In contrast, single factor authentication involves only a UserID/password. 

In 2-factor authentication, the user provides dual means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. 

Additional authentication methods that can be used in MFA include biometric verification such as keyboard cadence, finger scanning, iris recognition, facial recognition and voice ID. In addition to these methods, device identification software, smart cards, and other electronic devices can be used along with the traditional UserID and password.

Network Device

Definition:

A device available to other computers on a network. Examples include servers, firewalls, routers, switches, workstations, networked Supervisory Control and Data Acquisition (SCADA) systems, and networked printers (multifunction devices).

Penetration Test

Definition:

A deliberate probe of a network or system to discover security weaknesses. The test attempts to leverage identified weaknesses to penetrate into the organization. The test exploits the vulnerabilities uncovered during a vulnerability assessment to avoid false positives often reported by automated assessment tools.

Physical Security

Definition:

Physical security describes measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media in an IT facility.

Secure File Transfer Protocol (SFTP) (FTP over SSH)

Definition:

A secure version of File Transfer Protocol (FTP), which facilitates data access and data transfer over a Secure Shell (SSH) data stream. It is part of the SSH Protocol. This term is also known as SSH File Transfer Protocol.

Context:
Integration

Secure Segmentation

Definition:

Secure segmentation is defined as implementing methods that allow for secure communication between various levels of segmented environments. These environments typically involve 4 basic segment groups:

  1. Outside (Trust no one)
  2. Services (Trust limited to defined segmentation lines)
  3. Internal (Trust limited to defined group)
  4. External users (Trust limited to defined group)

The methods for securing these segments may include but are not limited to firewall and switch/router configurations and router/switch ACLs.

Security Controls

Definition:

The security requirements and methods applied by agencies to manage IT security risk including but not limited those defined in the OCIO IT security standards.

Security Domain

Definition:

An environment or context that is defined by security policy, a security model, or security architecture to include a set of system resources and the set of system entities that have the right to access the resources.

Threat and Vulnerability Management

Definition:

Threat and Vulnerability Management involves all functions pertaining to the protection of federal information and information systems from unauthorized access, use, disclosure, disruptions, modification, or destruction, as well as the creation and implementation of security policies, procedures and controls. It includes all risk and controls tracking for IT systems.

Context:
IT Business Function

Trusted Agency, System or Network

Definition:

An IT system or network that is recognized automatically as reliable, truthful, and accurate without continual validation or testing.

Untrusted

Definition:

Characterized by absence of trusted status. Assumed to be unreliable, untruthful, and inaccurate unless proven otherwise.

Vulnerability

Definition:

Relates to risk of attack. In IT terms, vulnerability describes points of risk to penetration of security barriers. Awareness of potential vulnerability is very important to designing ever more effective defenses against attack by unauthorized parties.

Vulnerability Assessment

Definition:

A comprehensive analysis that attempts to define, identify, and classify the security holes (vulnerabilities) in a system, network, or communications infrastructure within the assessment scope.

Web Services Security

Definition:

An OASIS specification that proposes a standard set of SOAP extensions that can be used when building secure Web services to implement message content integrity and confidentiality.

Context:
Integration