IT Security Definitions

The following terms are often used in information security.

Authentication

Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic.

Application Owner

person or organization having responsibility for the development, procurement, integration, modification, operation and maintenance, and final disposition of an application.

Backdoor

A back door is a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, attackers often use back doors that they detect or install themselves, as part of an exploit. In some cases, a worm is designed to take advantage of a back door created by an earlier attack. For example, Nimda gained entrance through a back door left by Code Red.

Biometrics

Biometrics is the science and technology of measuring and analyzing biological data. In information technology, biometrics refers to technologies that measure and analyze human body characteristics, such as fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, for authentication purposes.

Business Steward (of an application): 

person or office sufficiently familiar with the business processes supported by an application or information system for them to serve as a source of information about the requirements and proper functioning of said application.

Encryption

Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its original form, so it can be understood.

The use of encryption/decryption is as old as the art of communication. In wartime, a cipher, often incorrectly called a code, can be employed to keep the enemy from obtaining the contents of transmissions. (Technically, a code is a means of representing a signal without the intent of keeping it secret; examples are Morse code and ASCII.) Simple ciphers include the substitution of letters for numbers, the rotation of letters in the alphabet, and the "scrambling" of voice signals by inverting the sideband frequencies. More complex ciphers work according to sophisticated computer algorithms that rearrange the data bits in digital signals.

Firewall

A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to.

Honeypot

A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems.

Information System

Hardware or Software used by an organization to create, maintain, collect, filter, process and distribute data are commonly referred to as an Information System. The four types of computer based Information Systems are Hardware, Software, Databases, and Networks.

Hardware Information Systems are devices which accept, display, and process data. These include monitors, processors, printers, servers, etc.

Software Information Systems are applications or programs that are defined to perform a certain set of tasks.  Examples include Epic, PACS, PeopleSoft, etc.

Databases are Information Systems that use tables or files to maintain, collect and process data .  Examples include Microsoft Access databases, Oracle, SQL Server, etc.

Network Information Systems provide connectivity between other types of information systems such as computers, servers, databases, etc.

 

Least Privilege

Least Privilege is a security principle holding that an individual should only be granted access to resources that have been deemed necessary to perform job duties.

 

Pharming

Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called "phishing without a lure."

 

Phishing

Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites. Web sites that are frequently spoofed by phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the phisher puts the lure out hoping to fool at least a few of the prey that encounter the bait.

Spam

Spam is unsolicited e-mail on the Internet. (E-mail that is wanted is sometimes referred to as spam.) From the sender's point-of-view, spam is a form of bulk mail, often sent to a list obtained from a spambot or to a list obtained by companies that specialize in creating e-mail distribution lists. To the receiver, it usually seems like junk e-mail.

Spoofing

E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately but be aware that spoofing anyone other than yourself is illegal in some jurisdictions.

Trojan Horse

A Trojan horse, or trojan for short, is a term used to describe malware that appears, to the user, to perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system. The term comes from the Trojan Horse story in Greek mythology. Trojan horses are not self-replicating which distinguishes them from viruses and worms. Additionally, they require interaction with a hacker to fulfill their purpose. The hacker need not be the individual responsible for distributing the Trojan horse. It is possible for hackers to scan computers on a network using a port scanner in the hope of finding one with a Trojan horse installed.

 

System Administrator: 

a person who manages the technical aspects of a system.

System Owner:

person or office having responsibility for the development, procurement, integration, modification, operation and maintenance, and final disposition of an information system.

User

Health System organizational team members with responsibility and accountability for routinely accessing and using data for work-related activities within minimum necessary access parameters as defined by the Data Owners and administered by the Data Custodians.

Virus

A virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD. The immediate source of the e-mail note, downloaded file, or diskette you've received is usually unaware that it contains a virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are benign or playful in intent and effect ("Happy Birthday, Ludwig!") and some can be quite harmful, erasing data or causing your hard disk to require reformatting. A virus that replicates itself by resending itself as an e-mail attachment or as part of a network message is known as a worm.

 

Worm

In a computer, a worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks. This term is not to be confused with WORM (write once, read many).