FREE ELECTRONIC LIBRARY - Theses, dissertations, documentation

Pages:     | 1 |   ...   | 37 | 38 || 40 | 41 |   ...   | 47 |

«Securing Information in the Digital Age Information Security Policies This document presents a suite of integrated solutions which, together, offer ...»

-- [ Page 39 ] --

The term ‘ISO’ is not an acronym for the IOS, it is a word derived from the Greek word ‘isos’ which means ‘equal’, which is the root of the prefix ‘iso-’. For example the word isobar links together areas of equal atmospheric pressure.

In Information Security the ISO standard 17799 has recently been established.

Based upon the British Standard – BS 7799.

Internet A publicly accessible Wide Area Network that can be employed for communication between computers.

To many users, the terms: ‘Internet’ (‘The Net’) and ‘World Wide Web’ (‘The Web’) are synonymous. In fact, the Web - the best known part of the Net by virtue of all

–  –  –

Internet Service Provider – ISP An Internet Service Provider – commonly referred to as an ‘ISP’, is a company which provides individuals and organisations with access to the Internet, plus a range of standard services such as e-mail and the hosting (running) of personal and corporate Web sites.

The larger ISPs will offer a range of access methods including telephone, leased line, ISDN or the newer DSL (ADSL) circuits and will be connected to ‘backbone’ high speed digital circuits which form the Internet itself.

ISPs usually charge a tariff for their services although income can be derived from various sources of advertising and portal activities.

Occasionally an ISP are referred to as IAP - an Internet Access provider.

Intervention Human input in response to a request by the system while it is ‘on hold’.

Interventions can be expected or unexpected, for example, providing a higher level password for authorisation, or responding to an error message indicating a fault, e.g. ‘Printer Error: cannot print to LPT3, user intervention required’.

A log of unexpected interventions should be maintained and reviewed at intervals to check if a pattern is developing with a particular program, user, or piece of equipment, which may require some repair, fix, or other corrective action.

Intranet A Local Area Network within an organisation, which is designed to look like, and work in the same way as, the Internet. Intranets are essentially private networks, and are not accessible to the public.

Intrusion The IT equivalent of trespassing. An uninvited and unwelcome entry into a system by an unauthorised source. While Incursions are always seen as Hostile, Intrusions may well be innocent, having occurred in error.

Strong ID and password systems can minimise intrusions.

Intrusion Detection System IDS Intrusion Detection Systems are complex software applications, which monitor network activity using various techniques, such as ‘intelligent agents’. Many current applications will not only detect misuse but also identify a known pattern of attack, or attack scenario. The IDS can then automatically terminate the offending session and send an alert to the Systems Administrator.

IP Address The IP Address or ‘Internet Protocol’ is the numeric address that guides all Internet traffic, such as e-mail and Web traffic, to its destination. The IP address is ‘under the hood’ and is derived from its domain name, which is mapped to the IP Address through the Domain Name Service.

–  –  –

ISDN Integrated Services Digital Network. Provides for point to point data transmission at 128K bps. ISDN users must connect to a host, which is also capable of ISDN connection using an adaptor. The reliability of ISDN is not questioned, however, it is relatively expensive and is being eclipsed by the recent growth in broadband Digital Subscriber line technology.

IT Plan An IT Plan is the means of executing your IT Strategy. Typically, it comprises the regular replacement of old hardware, upgrading of software and features, and the support and contribution to known Business Systems Projects.

IT Strategy An IT Strategy sets out projected hardware and software development. It outlines the current, ‘as is’ hardware and software platforms (environments), and envisages how that environment will change over time - the future, ‘to be’ environment.

For an IT Strategy to be of benefit, its implications need to be conveyed to organisation staff so all can appreciate how it will affect their work in the future.

Java / Java Script Java is an applications programming language which was developed by SUN Microsystems in 1995. Similar in look and feel to C++, Java was designed for the distributed environment of the Internet. It is based upon object orientation, and the resultant code is portable; which means that Java applications can run on many operating systems, not just the system which compiled it.

Java Script is an interpreted scripting language; similar in capability to Microsoft’s Visual Basic or SUN Microsystems’ Perl scripting language. Java script is interpreted, not compiled, and therefore slower to execute than compiled code; but it is easier to maintain and fast enough for small applications.

Job (IT Operations) A series of tasks, or units or work, which a computer performs, the sum total of which may be described as a job. For example printing reports from many individual systems may be called ‘the print job’.

JOOTT Pronounced ‘Jute’; it stands for ‘Just One Of Those Things’. Sooner or later every organisation/user will run into problems which are not amenable to logical or

–  –  –

Laptop Laptop has become a generic expression for all portable computers. The earliest were described by some users as ‘luggables’ but as the size and weight of such equipment fell (and still continues to do so), the names have changed from luggable, to portable, Laptop, Notebook, SubNotebook, and Palmtop.

Laptops are more expensive than desktops and require extra security measures, if only because of their obvious attractiveness to thieves.

–  –  –

Legacy / Heritage System A legacy system is a hardware and software system which uses technologies which are ‘old’ in comparison with today’s technology. Typically, legacy systems use character terminals (although many have been made to look smarter by enabling access through a Graphical User Interface), and process data through a proprietary database etc.

Glossary 445 Legacy Tech Techie term for hardware and/or software which is basically obsolete, but cannot yet be disposed of, either because of the size of investment expended to obtain it in the first place, or because the cost of replacement by upgrade or migration is beyond the resources of the organisation. The continued use of such technology often means that the organisation cannot take advantage of advances in software capabilities, since new programs will not run with their old hardware or operating systems.

There are large numbers of Legacy systems still in use at all levels, from old IBM installations down to networks running applications, written in a now-defunct programming language. Some, such as PCs still running DOS or Windows® 3.1 systems, can be dealt with on a piecemeal basis, while others will require a complete and simultaneous cutover. Organisation management would do well to identify all such systems, and establish a prioritised programme for replacement, as resources permit.

Library An area of the computer which retains software files in an orderly and secure manner.

Live / Production When a system is ‘in production’ or is said to be ‘live’, it means that it is being used to process active work or transactions, and it is no longer in test mode.

Organisations should always differentiate between and separate systems which are being evaluated, tested, or developed from those which are ‘live’.

Load / Systems Loading The ‘load’ on a system refers to the demands placed upon it. The overall load combines many factors and includes : Total storage capacity for programs and data • Number of applications being run concurrently • Number of concurrent users, peaks, troughs and average • Number of peripherals: e.g. using a file server as a print server increases demand, as each printed document is ‘spooled’ to the server’s disk before being queued to the printer.

Whilst the sizing of hardware can become complex, once the above points are clear, other factors, such as expected response times / performance can be considered.

Local Area Network A private communications network owned and operated by a single organisation within one location. This may comprise one or more adjacent buildings, but a local network will normally be connected by fixed cables or, more recently, short range radio equipment. A LAN will not use modems or telephone lines for internal communications, although it may well include such equipment to allow selected users to connect to the external environment.

–  –  –

Lockout Technique used to stop an (apparently) unauthorised attempt to gain access to the system. A typical example is the three tries limit on password entry. It may be a simple matter of a genuine user forgetting their ID and password, or making a mistake in trying to enter, but after three attempts, the system will Lockout that user and report an attempted intrusion to the Security Administrator.

Information Security will have to reset the user records to allow another logon attempt.

–  –  –

Logic bomb Also known as Slag Code and commonly associated with Disgruntled Employee Syndrome, a Logic Bomb is a piece of program code buried within another program, designed to perform some malicious act. Such devices tend to be the province of technical staff (non-technical staff rarely have the access rights and even more rarely the programming skills required) and operate in two ways:Triggered Event’ for example, the program will review the payroll records each day to ensure that the programmer responsible is still employed. If the programmers name is suddenly removed (by virtue of having been fired) the Logic Bomb will activate another piece of code to Slag (destroy) vital files on the organisation’s system. Smarter programmers will build in a suitable delay between these two events (say 2-3 months) so that investigators do not immediately recognise cause and effect.

2. ‘Still Here’ - in these case the programmer buries coding similar to the Triggered Event type but in this instance the program will run unless it is deactivated by the programmer (effectively telling the program - “I am still here - do not run”) at regular intervals, typically once each quarter. If the programmer’s employment is terminated unexpectedly, the program will not be deactivated and will attack the system at the next due date. This type of Logic Bomb is much more dangerous, since it will run even if the programmer is only

–  –  –

Logic Bombs demonstrate clearly the critical need for audit trails of activity on the system as well as strict segregation of duties and access rights between those staff who create systems - analysts, developers, programmers, - and the operations staff who actually run the system on a day-to-day basis.

Logical Access Logical access refers to the connection of one device or system to another through the use of software. The software may run, say as the result of a user powering a PC, which then executes the login sequence, or it may be the result of internal processing between systems.

Logical Security Software safeguards of the organisation's systems, for instance: IDs, Passwords, Access Rights, Authority levels, etc.

Luser Contraction of the words ‘Loser’ and ‘User’. A Luser is a member of staff with an uncanny ability to make a mess of the computer system quite innocently and without malice.

The type of individual who can really mess things up so badly that the damage is either irrecoverable, or the only hope is to restore from backup, is a ‘Power Luser’.

IT department fault logs should be used to identify any such individuals, and appropriate training or transfer to another function should be arranged at the earliest opportunity!

mAnother abbreviated prefix which will soon be overused, standing for ‘mobile’. It is being used to describe messaging and transactional activities which can be conducted using a mobile telephone, including access to E-mail, the Internet, and other communications. The term is often associated with WAP, and growing numbers of mobile telephones are being marketed as ‘WAP enabled’; m-functions raise the combined security concerns of e-functions and laptops.

m-commerce, m-banking, m-dealing, - the list will grow.

Macro A series of commands grouped together as a single command to automate repetitive and/or complex tasks. Technical purists argue as to whether or not writing macros is actually programming, but from the perspective of most end users, it amounts to pretty much the same thing. Macro recording facilities are now built in to most standard business/office software packages, covering word processing, spreadsheets, databases, graphics and presentations, etc.

Malicious macros are not unknown; they can be transmitted to other users through the document in which the macro is embedded. Whether or not creating a macro is regarded by an organisation as ‘programming’, it is advisable that all macros created or used within an organisation are checked for their function and compliance with security regulations.

–  –  –

Magic Smoke A substance trapped inside integrated circuit packages that enables them to function. Also known as ‘blue smoke’ it is similar to the archaic ‘phlogiston’ hypothesis about combustion. Its existence is proven by what happens when a chip burns up: the magic smoke gets out, so the computer doesn't work any more.


Mainframe Used originally as a term for almost any computer system, then to describe a large system, the term ‘mainframe’ is used less frequently as the numbers in use decline. This is due largely to the massive increase in processor power of smaller computers. A year 2000 home user desktop computer has more storage capacity and raw processing power than a 1966 vintage mainframe, and an entire organisation can now be run with just one desktop server connected to a number of PCs.

Mainframes (and Supercomputers) are still being built, installed and run, but their use tends to be restricted to the scientific/academic/government communities rather than the commercial world.

Pages:     | 1 |   ...   | 37 | 38 || 40 | 41 |   ...   | 47 |

Similar works:

«econstor A Service of zbw Leibniz-Informationszentrum Wirtschaft Make Your Publication Visible Leibniz Information Centre for Economics Caliendo, Marco Working Paper Start-up subsidies in East Germany: finally, a policy that works? IZA Discussion Papers, No. 3360 Provided in Cooperation with: Institute for the Study of Labor (IZA) Suggested Citation: Caliendo, Marco (2008) : Start-up subsidies in East Germany: finally, a policy that works?, IZA Discussion Papers, No. 3360 This Version is...»

«1 Swiss Skin Care Workshop “Arbonne is dedicated to bringing beauty, health and prosperity into your life, and the lives of others. The above is our mindset. It’s what we are all about. We are showing the sophistication of our product, company and how we do business. Make your workshop fun and educational. We want our guests to enjoy themselves. Preparation for the Workshop Goal of the Workshop • Create educated consumers. Help them achieve fast results and beautiful skin. Skin care is...»

«Green Growth: Economic Theory and Political Discourse Michael Jacobs October 2012 Centre for Climate Change Economics and Policy Working Paper No. 108 Grantham Research Institute on Climate Change and the Environment Working Paper No. 92 The Centre for Climate Change Economics and Policy (CCCEP) was established by the University of Leeds and the London School of Economics and Political Science in 2008 to advance public and private action on climate change through innovative, rigorous research....»

«Building the Business Case for a New Life Claims System A compelling business case is needed to provide the motivation and prioritization to introduce a new claims management system in any organization. The approach to such a business case involves assessing current business processes and performance, designing future processes, identifying the business benefits, calculating the IT system and related savings that can be made by retiring legacy software and finally calculating the ROI. Many...»


«PICA Vol.5 Page 16 Tommy Elliott and the Musical Elliotts1 VIONA ELLIOTT LANE, RANDALL MERRIS, and CHRIS ALGAR INTRODUCTION When Tommy Elliott (born Thomas Varley) first took the stage with his concertina, cinema was already making inroads into the British variety theatres. The glory days of music hall were passing away, but ‘live’ venues still had enough vitality to support the career of an energetic and talented multi-instrumentalist who, most prominently, played popular music on the...»

«Government spending on benefits and state pensions in Scotland: current patterns and future issues IFS Briefing Note BN139 David Phillips Government spending on benefits and state pensions in Scotland: current patterns and future issues1 David Phillips Institute for Fiscal Studies © The Institute for Fiscal Studies, July 2013 ISBN: 978-1-909463-11-0 Contents 1. Executive summary 2 1. Introduction 6 2. Benefit spending in Scotland (compared with England, Wales and Great Britain 7 2. as a whole...»

«1 Chapter 11: Television Commercials Television II: Television Commercials Media theorist Jean Kilbourne argues that the purpose of the mass media is to deliver an audience to advertisers. If so, the goal of television programs is to round-up viewers for commercials. Television’s dramatic entertainments, sports events, even the news and other information programs are all designed to make profits for the companies whose products are featured in commercials. Commercials are big business....»

«DOCUMENTO OCASIONAL LA POLÍTICA MONETARIA EN JAPÓN: LECCIONES A EXTRAER EN LA COMPARACIÓN CON LA DE LOS EEUU Documento Ocasional n.º 0305 Alicia García Herrero y César Martín Machuca BANCO DE ESPAÑA SERVICIO DE ESTUDIOS LA POLÍTICA MONETARIA EN JAPÓN: LECCIONES A EXTRAER EN LA COMPARACIÓN CON LA DE LOS EEUU (*) Documento Ocasional nº 0305 Alicia Garc ía Herrero y César Martín Machuca (**) (*) Este trabajo también aparece en un monográfico sobre la economía japonesa, publicado...»

«This research note is restricted to the personal use of cmckie@fortinet.com G00245469 Magic Quadrant for Unified Threat Management Published: 19 July 2013 Analyst(s): Greg Young, Jeremy D'Hoinne Unified threat management devices provide small or midsize businesses with multiple network security functions in a single appliance. Buyers should focus on performance when every targeted feature is enabled, and on total cost of ownership instead of initial purchase price. Strategic Planning...»

«Version: May 2013 The Real Effects of Hedge Fund Activism: Productivity, Asset Allocation, and Industry Concentration Alon Brava,b, Wei Jiangc, and Hyunseob Kimd a Duke University, Durham, NC 27708, USA b National Bureau of Economic Research, Cambridge, MA 02138, USA c Columbia University, New York, NY 10027, USA d Cornell University, Ithaca, NY 14853, USA The authors have benefited from comments from and discussions with Lucian Bebchuk, Christa Bouwman, Simon Gervais, Sandy Klasa, April Klein,...»

«Biographical Dictionary Of American Newspaper Columnists An state of knowledge is the lowest quantities, so that the who have no accuracy into staff by your strategic web. Those equipment for they thought in taking the donation convenience should only make done coupled as. Apologized to this privacy is the consolidation of likely products work percent knows completely done from you do as more behaviour money but served activities listed as coming insurance and access. Biographical Dictionary of...»

<<  HOME   |    CONTACTS
2016 www.theses.xlibx.info - Theses, dissertations, documentation

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.