dhnzka: February 2014

Wednesday 26 February 2014

Glossary of IT Terms (E)

:::::::::::::::::Glossary E::::::::::

Eavesdropping
Listening to someone else's conversation. In its most basic form, it amounts to one person keeping within earshot of a conversation between two other persons, but in the security and IT worlds it extends to remote listening and recording devices, include the interception of telephone calls, fax transmissions, e-mails, data transmissions, data-scoping, and even radio scanning for mobile communications. The security implications for companies are primarily that user identification details or passwords can become known to criminally inclined individuals, or that confidential/sensitive information about the organization, its finances, or activity plans may leak to competitors.

EditorA program which allows a user to create, view, and amend, the contents of certain types of files. There are several types of editors, the most common being Text Editors, and Hex (Hexadecimal) Editors. Editors work at the lowest level, either in ASCII (Text Editor) or directly with disk contents (Hex Editor). Although text Editors, e.g. Notepad in Windows®, are common, companies should give consideration to staff access to Editors, particularly the more powerful types - such as Hex Editors. A Hex Editor can do considerable damage to the contents of computer files, which may not be recoverable.

Electronic EavesdroppingElectronic eavesdropping is the intentional surveillance of data - voice, data, fax, e-mail, mobile telephones etc, often for nefarious purposes.

Electronic Mail - E-mail
Electronic Mail - an electronically transmitted message which arrives as a computer file on your PC or organization's server. Originally conceived as a simple means of sending short messages from one computer to another, the Simple Mail Transfer Protocol (SMTP) was introduced without security in mind. Whilst standards have been agreed for the attachment of files to e-mail messages, be aware that such files can contain malicious code such a virus. Use extreme caution when opening an e-mail message with an attachment; even if the e-mail is from someone you know; it is better to leave it unopened and enquire whether the e-mail is bona fide. If in doubt; destroy the e-mail and advise the sender that you have been unable to verify the authenticity of the attachment and to advise its contents. If in doubt; destroy the e-mail; if it's genuinely important, they will either make contact again or you have the option to send them an explanatory email.

Why is e-mail insecure?

An e-mail message can purport to have been sent from a specific individual, but the message could have come from someone else entirely. Anyone can set up an e-mail address with anyone else's name as the sender. e.g. a Mr. Bill Clinton could easily setup and email address as George_Bush@hotmail.com. However, where email comes from a company or organization, the user name is likely to have been setup centrally, with the opportunity for misrepresentation, less likely.

Even where you have your own organization's domain name e.g. email@myorganizationname.com, this too can be modified, such that the "From" field in the e-mail is sent with a fallacious sender; all designed to deceive the recipient.

An e-mail message can be opened by anyone; and not only the intended recipient. There is no authentication such that only the intended recipients are able to read the mail. Like a postcard, an e-mail may be read by anyone who comes across it, either legitimately, or otherwise.

The safe transmission of e-mail to its destination is not secure. Whilst the use of a "Read-Receipt" can be useful, especially using e-mail on Local Area Networks where network traffic is within known boundaries. E-mail sent across the Internet will pass through multiple computer nodes as it "hops" and "bounces" towards its destination address. However, even if it reaches its destination mail server, delivery to the recipient may be delayed or may not necessarily occur. Therefore, when e-mail is sent, even using a Digital Certificate, certified delivery to the recipient(s) is lacking. Best Practice is to request safe receipt from the recipient(s).

It does not carry any legal validity. Unless sent using a Digital Signature an e-mail does not carry the legal validity as enjoyed by hard copy or signed fax transmission. However, legal reliance upon an e-mail sent using a Digital Signature cannot necessarily be relied upon as it was only in 2000 that the US accepted that such e-mails could be used as legally binding documents.

Encryption
The process by which data is temporarily re-arranged into an unreadable or unintelligible form for confidentiality, transmission, or other security purposes.

End User
Usually reduced simply to User. The person who actually uses the hardware or software that has been developed for a specific task.

Glossary Of IT Terms (D)

:::::::::::::::::Glossary D::::::::::::

Data Custodians
Individuals who have been officially designated as being accountable for protecting the confidentiality of specific data that is transmitted, used, and stored on a system or systems within a department or administrative agency of the City.

Data / InformationIn the area of Information Security, data (and the individual elements that comprise the data) is processed, formatted and re-presented, so that it gains meaning and thereby becomes information. Information Security is concerned with the protection and safeguard of that information which, in its various forms can be identified as Business Assets or Information Assets. The terms data and information can be used somewhat interchangeably; but, as a general rule, information always comprises data, but data is not always information.

Data Encryption
Data encryption is a means of scrambling the data so that is can only be read by the person(s) holding the 'key' - a password of some sort. Without the 'key', the cipher cannot be broken and the data remains secure. Using the key, the cipher is decrypted and the data is returned to its original value or state. Each time one wishes to encrypt data, a key from the 72,000,000,000,000,000 possible key variations, is randomly generated, and used to encrypt the data. The same key must be made known to the receiver if they are to decrypt the data.

Data Mining

Data Mining is the analysis of corporate data, for relationships and correlations which have yet to be discovered. Such relationship discoveries can identify significant marketing opportunities to target specific client segments. The term Data mining was coined by IBM who hold some related patents.

Spending numerous hours combing the Internet looking for specific pieces of information, and finding everything except what you are looking for!

Data Storage Device
A device that may or may not have intelligence that is connected to the City network via a network port, or by insertion into a computing device port that is connected to the network. These devices are generally used for data storage.

DatabaseA collection of files, tables, forms, reports, etc., held on computer media that have a predictable relationship with each other for indexing, updating, and retrieval purposes.

Database Administrator
DBAA 'DBA' is a highly technical person who has specialized in the development and maintenance of databases and database applications. The DBA is responsible for ensuring that all housekeeping routines are performed on the database, which may include designing and maintaining the structure and content of the (many) tables which together form the database, and the relationships between these tables. In addition, the DBA will usually be specialized in writing reports and querying the database, usually using Structured Query Language - or SQL.

Debug
To trace and fix faults (bugs) in computer software and, occasionally, hardware. The term derives from the same source as Bug.

Deciplegic
Mouse Potato suffering from Trigger Finger.

DecryptionThe process by which encrypted data is restored to its original form in order to be understood/usable by another computer or person.

Default Password
The password installed by a manufacturer and required to access a computer system when it is initially delivered, or a password required by software (typically shareware) to prove that the user is registered with the software vendor. Default passwords are not normally encountered on new PCs and have become relatively rare, but, in cases where such a password has been installed, the new owner of the equipment should change it at the earliest opportunity, to avoid it being known to third parties. There are a range of default passwords known to everyone; and these are the first ones tried by anyone hacking into, or merely attempting opportunistic access. Such passwords as 'password', '123456' and ' ' i.e. blank (nothing) must be changed immediately. If you have one of these or similar passwords; please change it now. RUSecure™ will still be here when you have finished!

Denial of ServiceA Denial of Service (DoS) attack, is an Internet attack against a Web site whereby a client is denied the level of service expected. In a mild case, the impact can be unexpectedly poor performance. In the worst case, the server can become so overloaded as to cause a crash of the system.
DoS attacks do not usually have theft or corruption of data as their primary motive and will often be executed by persons who have a grudge against the organization concerned. The following are the main types of DoS attack: :

Buffer Overflow Attacks; whereby data is sent to the server at a rate and volume that exceeds the capacity of the system; causing errors.

SYN Attack. This takes places when connection requests to the server are not properly responded to, causing a delay in connection. Although these failed connection will eventually time out, should they occur in volume, they can deny access to other legitimate requests for access.

Teardrop Attack. The exploitation of a features of the TCP/IP protocol whereby large packets of data are split into 'bite sized chunks' with each fragment being identified to the next by an 'offset' marker. Later the fragments are supposed to be re-assembled by the receiving system. In the teardrop attack, the attacker enters a confusing offset value in the second (or later) fragment which can crash the recipient's system.

Smurf Attack or Ping Attack. This is where an illegitimate 'attention request' or Ping is sent to a system, with the return address being that of the target host (to be attacked). The intermediate system responds to the Ping request but responds to the unsuspecting victim system. If the receipt of such responses becomes excessive, the target system will be unable to distinguish between legitimate and illegitimate traffic.

Viruses. Viruses are not usually targeted but where the host server becomes infected, it can cause a Denial of Service; or worse.

Physical Attacks. A physical attack may be little more that cutting the power supply, or perhaps the removal of a network cable.

DES / AESDES - The Data Encryption Standard and the AES - Advanced Encryption Standard are both data encryption standards for the scrambling of data to protect its confidentiality. It was developed by IBM in co-operation with the American National Security Agency and published in 1974. It has become extremely popular and, because it used to be so difficult to break, with 72,000,000,000,000,000 possible key variations, was banned from export from the USA. However, restrictions by the US Government, on the export of encryption technology was lifted in 2000 to the countries of the U.S. and a number of other countries. The AES - Advanced Encryption Standard, is a state of the art algorithm (developed by Rijndael) and chosen by the United States National Institute of Standards and Technology on October 2, 2000. Although selected, it will not become officially "approved" by the US Secretary of Commerce until Q2 2001. Meanwhile, products are already available which use the Rijndael algorithm within AES encryption tools.

Desktop

Verbal shorthand for Desktop Personal Computer, normally used to differentiate such a system from a 'Laptop' or portable PC.

In Windows 95®, and later releases, the screen visible on the computer monitor is known as the desktop and can be used to store programs and data as if it were a normal directory/folder. It is generally considered better practice to use the desktop as a place to store links to files and programs, rather than the files and programs themselves. This is partly because of the risk of accidental deletion, but - more importantly to companies - to avoid such files being visible to any curious passer-by.

Dial-up
A method of communicating via telephone lines. The modem modulates the digital data of computers into analog signals to send over the telephone lines, then demodulates back into digital signals to be read by a computer on the other end.

Digital
Employing the binary system of numbers (1 and 0 only) for processing purposes.

Digital CertificateA digital certificate is the electronic version of an ID card that establishes your credentials and authenticates your connection when performing e-Commerce transactions over the Internet, using the World Wide Web. To obtain Digital Certificate an organization must apply to a Certification Authority which is responsible for validating and ensuring the authenticity of requesting organization. The Certificate will identify the name of the organization, a serial number, the validity date ("from / to") and the organization's Public Key where encryption to / from that organization is required. In addition, the Digital Certificate will also contain the Digital Signature of the Certification Authority to allow any recipient to confirm the authenticity of the Digital Certificate. A global standard (X. 509 Public Key Infrastructure for the Internet) defines the requirements for Digital Certificates and the major Certificate Authorities conform to this. Such standards, and the integrity of the Certificate Authorities are vital for the establishment of 'digital trust', without which e-Commerce will never attain its potential.

Digital Signature
A digital signature is an electronic equivalent of an individual's signature. It authenticates the message to which it is attached and validates the authenticity of the sender. In addition, it also provides confirmation that the contents of the message to which it is attached, have not been tampered with, en route from the sender to the receiver. A further feature is that an e-mail 'signed' with a digital signature cannot easily be repudiated; i.e. the sender is not able to deny the sending and the contents of the message; plus it provides a digital time stamp to confirm the time and date of transmission. For a digital signature to be recognized, and acknowledged as something of integrity, it needs to be trusted by the recipient. It is for this reason that a Certification Authority will supply a digital signature to persons, the identity of whom, it has been able to verify; perhaps by having an Attorney's stamp on a document which validates the applicant's name, address, date of birth etc. To provide greater digital trust, the Digital Signature is packaged with the certificate of the Certification Authority, and this too may be inspected for validity and expiration. Most people expect digital signatures to totally replace the use of the ('old fashioned') pen and ink signature with orders and authorities being accepted via digitally signed e-mails, the contents of which may, or may not, be encrypted for additional security.

Digital Subscriber Line (DSL)
A form of high speed Internet access competing with cable modems. DSL works over standard telephone lines and supports data speeds of over 1.5 Mbps downstream (to the user) and slower speeds upstream (to the Internet).

Digital
Employing the binary system of numbers (1 and 0 only) for processing purposes.

Digital Versatile Disk (DVD)
Currently, these optical storage disks are being pioneered by the entertainment business; notably because the DVD is able to store a full length feature movie on a single CD size disk, with faithful reproduction of visual and audio quality. DVD, with a capacity (using both sides of the disk) of approx. 17GB, will doubtless replace the present CDs / CD-ROMs with their 'modest' 670MB capacity. At present consumer models are read only, but they will soon offer full record capability with integration into information systems.

Digital Watermark
A unique identifier that becomes part of a digital document and cannot be removed. The watermark is invisible to the human eye but a computer can analyze the document and extract the hidden data. Digital watermarks are being used for Classified/Top Secret documents - usually Military/Governmental - and highly confidential commercial material. The primary use of such marks is to allow different marks to be used when the document is copied to different persons and thereby establish an Audit Trail should there be any leakage of information.

Disable
The process by which hardware or software is deliberately prevented from functioning in some way. For hardware, it may be as simple as switching off a piece of equipment, or disconnecting a cable. It is more commonly associated with software, particularly shareware or promotional software, which has been supplied to a user at little or no cost, to try before paying the full purchase or registration fee. Such software may be described as 'crippled' in that certain functions, such as saving or printing files are not permitted. Some in-house development staff may well disable parts of a new program, so that the user can try out the parts which have been developed, while work continues on the disabled functions. Disabling is also often used as a security measure, for example the risk of virus infection through the use of infected floppy diskettes can be greatly reduced, by disconnecting a cable within the PC, thereby disabling the floppy drive. Even greater protection is achieved by removing the drive altogether, thereby creating a diskless PC.

Disaster Recovery Plan
The master plan needed by technical and non-technical staff to cope with a major problem - such as the Boeing Syndrome. Do not confuse and merge the DRP with the Business Continuity Plan. The DRP is the plan which is activated when there is an emergency. It is the plan which ensures that health and safety come first followed by damage limitation. Having contained the impact of the disaster, and having ensured that the situation is now under control e.g. through the Emergency Services, then the Business Continuity Plan will be activated. One of the most difficult aspects of a DRP is agreeing when it should be activated. In some circumstances it will be clear. For example, a tornado destroys part of the office block; or a serious fire reduces the premises to ashes. However, on many occasions, disasters have multiple warnings or indicators, and it is these which need to be considered and identified as the triggers to invoke your DRP. N.B. The skills required to prepare and manage a DRP are not necessarily the same as those required for a Business Continuity Plan.

Distributed Processing
Spreading the organization's computer processing load between two or more computers, often in geographically separate locations. If a organization has the necessary financial and technical resources, distributed processing, with mirroring between sites, is an excellent contingency plan for sudden disasters. Even if there is a total loss of one system, the remaining computer(s) can carry the load without disruption to users and without loss or corruption of data.

DMZ
A DMZ - De-Militarised Zone, is a separate part of an organization's network which is shielded and 'cut off ' from the main corporate network and its systems. The DMZ contains technical equipment to prevent access from external parties (say on the Internet) from gaining access to your main systems. The term comes from the buffer zone that was set up between North Korea and South Korea following their war in the early 1950s. A DMZ is not a single security component; it signifies a capability. Within the DMZ will be found firewalls, choke and access routers, front-end and back-end servers. Essentially, the DMZ provides multi-layer filtering and screening to completely block off access to the corporate network and data. And, even where a legitimate and authorized external query requests corporate data, no direct connection will be permitted from the external client, only a back-end server will issue the request (which may require additional authentication) from the internal corporate network. However, the extent to which you permit corporate data to be accessible from and by external sources will depend upon the value of the Business Assets which could be placed at (additional) risk by allowing access to (even) pre-specified data types.

DNS
Domain Name System (or Server). The DNS is the means by which user friendly Web addresses are translated into arcane IP addresses. The DNS ensures that a Web address is routed to the correct site.

Domain Name
The domain name identifies the location of an organization or entity on the Internet and, through Domain Name Service translates this to an IP Address, which is the real address to which traffic destined for that domain name is routed.

Dongle
A mechanical device used by software developers to prevent unlicensed use of their product. Typically, a Dongle is a small connector plug, supplied with the original software package, which fits into a socket on a PC - usually a parallel port, also known generally as the LPT1 Printer port. Without the Dongle present, the software will not run. Some older Dongles act as a terminator, effectively blocking the port for any other use, but later versions have a pass-through function, allowing a printer to be connected at the same time. Even though the PC can still communicate with the printer, there have been problems with more recent printers which use active two-way communications with the PC to notify printing status, ink levels, etc.

Driver
A driver is a small interface program which allows a computer to communicate with a peripheral device, such as a printer or a scanner. The driver will be automatically installed when you connect the device to the PC; hence the need for a CD-ROM or floppy disk when installing such peripherals.

Dual Homing

Having concurrent connectivity to more than one network from a computer or network device. Examples include, but are not limited to:

Connecting a server to two different networks using two network interface cards (NIC).

Connecting a computer to a City provided DSL, ISDN, or cable modem AND concurrently connecting to a public ISP, a bulletin board, or a family member's network via modem or publicly provisioned broadband.

Configuring an ISDN router to dial into the City network and an ISP, depending on packet destination.

Connecting a computing device to the City network and concurrently using a modem to connect to another network (whether wired or wireless)

Due Care
Due is the collective steps that an organization must take to properly protect its networks, computer systems and data that resides on them.

Dynamic Host Configuration Protocol (DHCP)
Software that automatically assigns IP addresses to client stations logging onto a TCP/IP network. It eliminates having to manually assign permanent IP addresses. DHCP software typically runs in servers and is also found in network devices such as ISDN routers and modem routers that allow multiple users access to the Internet. Newer DHCP servers dynamically update the DNS servers after making assignments.

Tuesday 25 February 2014

Glossary of IT Terms (C)

:::::::::::::::::Glossary C::::::::::::

Cable Modem

Cable companies, such as Comcast, provide Internet access over cable TV coaxial cable. A cable modem accepts this coaxial cable and can receive data from the Internet at over 1.5 Mbps. Cable access to the Internet is currently available in only certain communities.

Capacity Planning
Capacity Planning is the determination of the overall size, performance and resilience of a computer or system. The detailed components of a Capacity Planning initiative will vary, depending upon the proposed usage of the system, but the following should always be considered :

the expected storage capacity of the system and the amount of data retrieved, created and stored within a given cycle.
the number of on line processes and the estimated likely contention.
the required performance and response required from both the system and the network i.e. the end to end performance.
the level of resilience required and the and the planned cycle of usage - peaks, troughs and average.
the impact of security measures e.g. encryption and decryption of all data.
the need for 24x7 operations and the acceptability of downing the system for maintenance and other remedial work.

When capacity planning, the more information available about usage patterns and overall systems' loading, the better. Recently, with the exponential increase in Internet Web site usage, the results from any Capacity Planning have been, at best of limited use, and at worst, useless. The reason is because, it has been almost impossible to predict the possible volume of traffic (hence load) with the result that many sites have simply gone down under the excessive load conditions. Therefore, Capacity Planning needs to consider the real possibility of excess load scenarios and plan accordingly.

CCTV
Close Circuit Television, used as a security device and also a deterrent around office buildings, stores, campus sites, etc. CCTV cameras will usually have their output recorded onto video tape to enable any suspicious activity to be subsequently reviewed.

CD / CDROM
Since their introduction in the early 1980s, CDs - Compact Disks - have gradually replaced the older vinyl disks as a means of music storage. However, whilst the term 'CD' was adopted for CDs which store music, the term CD-ROM (CD Read Only Memory) was adopted by the computer word, despite using the same optical disks. Ironically, the term CDROM still persists despite the fact that CD read / writers have been available for years.

CERT
CERT - the Computer Emergency Response Team, is recognized as the Internet's official emergency team. It was established in the USA by the Defense Advanced Research Projects Agency (DARPA) in 1988 following the Morris computer Worm incident crippled approximately 10% of all computers connected to the Internet. CERT is located at the Software Engineering Institute - a US government funded research and development centre operated by Carnegie Mellon University - and focuses on security breaches, denial-of-service incidents, provides alerts and incident-handling and avoidance guidelines. CERT is also the publisher of Information Security alerts, training and awareness campaigns.

Certification Authority
A trusted third party clearing house that issues Digital Certificates and Digital Signatures. Such certificates include your organization's name, a serial number, and an expiry date. In addition, and to allow for the encryption and decryption of data, the public key of your organization. Finally, the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is valid.

Change Management
The process of scheduling changes (not implementation of changes) that categorizes the change based on risk and scope. Change Management is a process that manages changes for any part of an organization's enterprise IT systems while supporting the actual change by acceptable (customer notification) and approval process.

Chat Room
A feature of the Internet allowing users to 'talk', in real time, through a keyboard to one or more persons in a 'virtual environment'. Recent reports of viruses being transmitted through messages in Chat Rooms have raised the security profile of such activities, and organization's are advised to review the ability of staff to access such facilities.

Checksum
Checksum is a technique whereby the individual binary values of a string of storage locations on your computer are totalled, and the total retained for future reference. On subsequent accesses, the summing procedure is repeated, and the total compared to that derived previously. A difference indicates that an element of the data has changed during the intervening period. Agreement provides a high degree of assurance (but not total assurance) that the data has not changed during the intervening period.

A check sum is also used to verify that a network transmission has been successful. If the counts agree, it is safe to assume that the transmission was completed correctly.

Cipher
A cipher is the generic term used to describe a means of encrypting data. In addition, the term cipher can refer to the encrypted text itself. Encryption ciphers will use an algorithm, which is the complex mathematical calculation required to 'scramble' the text, and a 'key'. Knowledge of the key will allow the encrypted message to be de-crypted.

CISC / RISC
Complex Instruction Set Computer, refers to the instruction set (or pre-programmed commands) within microprocessors. Those from Intel's Pentium processors are referred to as CISC because they have a full and comprehensive instruction set; whereas those from IBM, powering their RS6000 mini-computers, are RISC - Reduced Instruction Set.

Client
A computer system or process that requests a service from another computer system or process, a 'server'. A client is part of a client-server software architecture. For example, a workstation requesting the contents of a file from a file server is a client of the file server.

'Thin Client': A simple client program or hardware device which relies on most of the function of the system being in the server. By the mid-1990s, the model of decentralized computing where each user has his own full-featured and independent microcomputer seemed to have displaced a centralized model in which multiple users use thin clients (e.g. dumb terminals) to work on a shared minicomputer or mainframe server. Networked PCs typically operate as 'fat clients', often providing everything except some file storage and printing locally.

By 1996, the reintroduction of thin clients was being proposed, especially for LAN-type environments. The main expected benefit of this is ease of maintenance: with fat clients, especially those suffering from the poor networking support of some operating systems, installing a new application for everyone is likely to mean having to go physically to every user's workstation to install the application, or having to modify client-side configuration options; whereas with thin clients the maintenance tasks are centralized on the server and so need only be done once.

Client-Server
A common form of distributed system in which software is split between server tasks and client tasks. A client sends requests to a server, according to some protocol, asking for information or action, and the server responds.

This is analogous to a customer (client) who sends an order (request) on an order form to a supplier (server) who dispatches the goods and an invoice (response). The order form and invoice are part of the "protocol" used to communicate in this case.

Command Line
The command line refers to the blinking cursor which, prior to the use of Microsoft Windows®, is at the heart of all operating systems. In the world of mini computers and UNIX®, the command line is often called the '$' prompt and signifies that the operating system is able to accept another command; e.g. to 'mount' a new disk-pack or to format a disk.

People familiar with Microsoft DOS environment will always recall the 'C' prompt, being the command line familiar to all PC users as C:\ (with optional parameters to include the current path).

Common Criteria for Information Security Evaluation
A comprehensive specification (aligned with the ISO IS 15408), that first defines the targeted environment and then specifies the security requirments necessary to counter threats inherent in the environment.

Code Division Multiple Access (CDMA)
A method for transmitting simultaneous signals over a shared portion of the spectrum. The foremost application of CDMA is the digital cellular phone technology from QUALCOMM that operates in the 800MHz band and 1.9GHz PCS band. CDMA phones are noted for their excellent call quality and long battery life.

Cold Site
Provides an empty, environmentally conditioned computer room with office space and other required items for computer equipment and people to be moved in. The customer provides and installs the equipment needed to resume operations. This equipment is often provided by another contract from a leasing company.

Communications Network
A system of communications equipment and communication links (by line, radio, satellite, etc.,), which enables computers to be separated geographically, while still 'connected' to each other.

Computer Abuse
Precursor of Computer Crime; the first reported instance occurred in 1958!

Computer System
One or more computers, with associated peripheral hardware, with one or more operating systems, running one or more application programs, designed to provide a service to users.

Computer Viruses
Computer Viruses are pieces of programming code which have been purposely written to inflict an unexpected result upon an innocent victim. There are now approximately 50,000 viruses and their variants for which known cures of 'vaccines' are available.

Viruses are transmitted within other (seemingly) legitimate files or programs, the opening, or execution of which, causes the virus to run and to replicate itself within your computer system, as well as performing some sort of action. Such actions can be as harmless as causing characters to 'fall off' the screen (early DOS based Virus in the 1980s), to the most malicious viruses which destroy data files and replicate themselves to everyone in your e-mail directory.
It is essential to guard against virus attacks by a combination of cautious, guarded, awareness, together with a modern anti-virus package and regular updates - every two weeks is recommended.

Computing Device
A device such as a desktop, laptop, handheld, or notebook computer. A server can be a computing device also.

Confidentiality
An attribute of information. Confidential information is sensitive or secret information, or information whose unauthorized disclosure could be harmful or prejudicial.

Console
The console, is the screen and keyboard which allows access and control of the server / mainframe in a networked environment. The console will usually be within a secure area with access only granted to system's administrators, with all actions being logged.
Users of the console will usually have highly privileged access such as Systems Operations, Super User or root.

Contention
Contention manifests itself in a slowing or reduction in response from a system. The cause of the problem results from increased loading on a system or network, such that requests for information and / or processing, are queued within the internal buffers of the system. Where contention becomes extreme, the buffers can overload and the system can fail/crash.
To reduce contention, and hence reduce the risk of system overload, an analysis of the load will need to be performed. A recent example of contention leading to overload was in mid 2,000 in the UK, where a leading Bank launched its e-Banking service. Within hours of the opening, the service was down due to massive contention and overload; concurrent demand had exceeded capacity by an unexpected order of magnitude. See Capacity Planning.

Contingency Planning
Contingency plans document how response to various external events that impact business processes and operations will be conducted. Plans should be tested on a regular basis to ensure plans stay current and represent best practices for a particular system or business process.

Controls
Procedures, which can reduce, or eliminate, the risk of a threat becoming an incident.

Cookie
A small identifier file placed on a user's computer by a Web site, which logs information about the user and their previous/current visits for the use of the site next time the user makes contact. The Web site owners claim that this is beneficial to the user, allowing faster access, and 'personalization' of the site for that user.

Copy Protection
Techniques used by software developers to (try to) prevent illegal use of their products. The unlicensed use of software (i.e. software piracy) is a major problem. It is not difficult for an organization to purchase, say, one licensed copy of a program and then install it on, say, 6 separate machines. Or install the program on a server and allow numerous users access through a network. This is illegal, rendering the organization liable to prosecution - even if the installation was carried out without management's knowledge.

Copy Protection comes in a number of forms:
Copyright
The function of copyright is to protect the skill and labor expended by the author, of a piece of work. As such, copyrighted material may not be printed, copied or distributed without permission from the owner of the copyright. In general, you cannot copyright facts but the consequential analysis, presentation and approach can certainly be copyrighted. Especially when information is downloaded from the Internet, it is dangerous to assume that it is in the 'public domain' unless it is explicit on the point.

Corrupt Data
Data that has been received, stored, or changed, so that it cannot be read or used by the program which originally created the data. Most common causes of corrupt data are disk failures (usually where the magnetic coating of the disk is breaking down, and the computer cannot read the disk properly) and power failures, where the computer loses power and shuts down unexpectedly with random writes to the hard drive, and loss of memory contents.

Cost-effective
To deliver desired results in beneficial financial terms.

Cracker
A cracker is either a piece of software (program) whose purpose is to 'crack' the code to, say, a password; or 'cracker' refers to a person who attempts to gain unauthorized access to a computer system. Such persons are usually ill intentioned and perform malicious acts of techno-crime and vandalism.

Code breaking software. A piece of software designed to decipher a code, but used most often to 'crack a password. Crackers operate quite simply by testing large numbers of possible passwords much faster than a human being could hope to perform. Passwords can be extraordinarily complex, but, given sufficient time, and sufficient computer power, ANY password can be broken - even one of 64 case-sensitive characters. Companies are well advised to ensure that, to prevent system penetration by a Cracker, there is a limit on the number of password tries permitted before the system locks and notifies the Security Officer and/or Network Administrator. Three attempts is fairly standard; other systems may be less strict, while some high security installations will permit only one attempt before locking and generating security alert messages.

Illegal entry into a computer system. These individuals often have malicious intent and can have multiple tools for breaking into a system. The term was adopted circa 1985 by hackers in defense against journalistic misuse of 'hacker'. Contrary to widespread myth, cracking does not usually involve some mysterious leap of intuition or brilliance, but rather the persistent repetition of a handful of fairly well-known tricks that exploit common weaknesses in the security of target systems. Accordingly, most crackers are only mediocre hackers. Crackers tend to gather in small, tight-knit, very secretive groups that have little overlap with the huge, open hacker poly-culture; though crackers often like to describe themselves as hackers, most true hackers consider crackers a separate and lower form of life, little better than virus writers.

Crash
System Failure, often accompanied by loss of data. The term stems largely from the days of the first Hard Disks which were prone to physical damage. The gaps between the surface of the disk and the drive heads which read and write the data are so small (considerably less than the thickness of a human hair) that, if disturbed while in use, the heads would, literally, crash into the surface of the disk thereby ruining the surface and destroying program files and/or data. The heads had to be 'parked' in a safe position before the disk pack or computer was moved. Manufacturing standards have improved dramatically since then, and true crashes are now quite rare, but the term remains as a general description of a system suddenly stopping for no immediately obvious reason.

Crawler
Also known as a Web Crawler, but sometimes described as an Agent, or a Bot. In essence a Crawler is a highly specialized search engine, designed to 'crawl' around the World Wide Web looking for particular pieces of information, addresses, references, etc., while the user is off-line, i.e. not connected to the Internet, and therefore not running up connection charges. The Crawler will search the Internet 24 hours a day, until the next time its user logs on, when the results/information obtained so far will be transmitted to the user, and the Crawler will continue.

Crippled
More commonly associated with software rather than hardware. The term indicates that the application is not capable of performing all functions normally expected of such a program, for example saving or printing files created by the user. Usually used in connection with shareware, or promotional software where some functions are deliberately crippled as an incentive for a user to pay for the fully-functional version.

Crippleware
Shareware, or promotional software, which has been crippled, i.e. some functions, such as printing or saving files, have been disabled by the developer. Whilst logical from the developer's perspective, its popularity has fallen, as it fails to allow the user to use the system properly and hence can avert sales, rather than promote them. Far better is the technique whereby the software is fully functional for, say, 30 days, and then refuses access until a license string is entered. Even the removal of the software and a re-install will not result in a further 30 days. Why? - because the developers are smarter than that! Upon installation, a tiny hidden file is created in a secret location. This file and its contents are read upon start up, and thus the user is forced to make a purchase decision.

CRT
CRT stands for Cathode Ray Tube, and is the traditional means of displaying pictures on a monitor or television. Indeed, the old green monitors used with the first PCs were called CRTs. Today, workstation monitors still used an electron beam as the core technology, but newer 'flat screen' technologies are set to revolutionize screen technology.

Cryptography
The subject of cryptography is primarily concerned with maintaining the privacy of communications, and modern methods use a number of techniques to achieve this. Encryption is the transformation of data into another usually unrecognizable form. The only means to read the data is to de-crypt the data using a (secret) key, in the form of a secret character string, itself encapsulated within a pre-formatted (computer) file.

Cutover
Sometimes known as 'going live'. Cutover is the point at which a new program or system, takes over - perhaps from a previous version, and the old program is no longer used. On major developments, this point is reached when the new software has been written, tested, and run satisfactorily, in parallel with the old, for an agreed period.

Cybercrime
Cyber crime is any criminal activity which uses network access to commit a criminal act. With the exponential growth of Internet connection, the opportunities for the exploitation of any weaknesses in Information Security are multiplying.

Cyber crime may be internal or external, with the former easier to perpetrate.
The term has evolved over the past few years since the adoption of Internet connection on a global scale with hundreds of millions of users. Cybercrime refers to the act of performing a criminal act using cyberspace (the Internet network), as the communications vehicle. Some would argue that a Cybercrime is not a crime as it is a crime against software and not against a person's person or property. However, whilst the legal systems around the world scramble to introduce laws to combat Cybercriminals, two types of attack are prevalent:

Techno-crime. A pre-meditated act against a system or systems, with the express intent to copy, steal, prevent access, corrupt or otherwise deface or damage parts or all of a computer system. The 24x7 connection to the Internet makes this type of Cybercrime a real possibility to engineer from anywhere in the world; leaving few if any, 'finger prints'.

Techno-vandalism. These acts of 'brainless' defacement of Websites, and/or other activities such as copying files and publicizing their contents publicly, are usually opportunistic in nature. Tight internal security, allied to strong technical safeguards should prevent the vast majority of such incidents.

Glossary Of IT Terms (B)

:::::::::::::::::Glossary B::::::::::::

Back Door
A back door is the name given to a 'secret' access route into the system. Such routes are usually undocumented and almost certainly were not originally specified. In fact, usually only the original developer would be aware of the back door(s) to their system. So why design a back door? Some boffin programmers, suspected that the end users would, at some point, make such a mess of the system, that normal ID and password routines would not allow access, and that another route into the system (known only to the programmers) would be required - the back door. In this particular context the existence of a Back Door can be a useful feature but, it does represent a significant risk in that a person - not necessarily on the staff of the Organization - could be in a position to penetrate the system with malicious intent without the Organization's knowledge. It is reasonable to assume that a programmer with sufficient skill to build the system in the first place will also have the skills necessary to penetrate the system and withdraw again without leaving any evidence of the incursion.
Name of several unpleasant viruses/Trojans which jeopardize network security and attempt to give malicious users access to the computer.

Backup
The process whereby copies of computer files are taken in order to allow recreation of the original, should the need arise. A backup is a spare copy of a file, file system, or other resource for use in the event of failure or loss of the original. The term is most commonly used to refer to a copy of all the files on a computer's disks which is made periodically and kept on magnetic tape or other removable medium (also called a 'dump'). This essential precaution is neglected by most new computer users until the first time they experience a crash or accidentally delete the only copy of the file they have been working on for the last six months. Ideally the backup copies should be kept at a different site or in a fire safe. Although hardware may be insured against fire, the data on it is almost certainly neither insured nor easily replaced. Consequential loss policies to insure against data loss can be expensive, but are well worth considering.

Backup and Restore / Recovery
Whilst backup is a routine that is well understood, the ability to restore data is usually only performed when data is lost, corrupted, or otherwise changed. It is extremely important to review and test the restore procedures, to ensure that, in an emergency, appropriate action can be taken. A real danger, when restoring files from the backup, is that of restoring additional files which then over-write newer files. Were this to happen to an order processing system, or other system which records transactions, such an error could result in severe loss. To avoid even the possibility of such an error, you should always restore files to a specific location that is separate from the live files. Then, having verified the integrity of the restored file(s), they may be copied to the required area; again, cautiously and with consideration for the risks involved.

Backup Files
Backup files are those files which are retained, often on high capacity tape or separate disk sub-system, which represent the Organization's protection against loss, damage or non-availability of the data held on information systems. Whilst it is important to have available the most recent few backups - to enable restore in case of need - it is also crucial that recent backup tapes / disks are stored safely off-site; sufficiently far away to reduce the risk of environmental damage (e.g. flood) destroying both the primary systems and the off site backups.

Backup Power Generators
Backup Power Generators are usually gasoline driven units which are linked to an Uninterruptible Power Supply (UPS), to prevent your systems crashing as a result of power failure. Power generators should be of adequate capacity to support the systems which require power. Bear in mind that backup power generators are used rarely. As a result, they can remain idle for years, as usually the UPS will bridge the gap until the power is either restored, or the systems have been safely shut down. As a result, when needed, the power generator may not have been tested for a considerable period. It is important that, periodically, the power generator is tested and serviced, in accordance with the manufacturer's recommendations. It is also vital to ensure that fresh gasoline replaces unused gasoline each year; and that there are adequate supplies available.

Batch
A term from the days before real-time processing when data was collected together throughout the day in batches waiting for the IT staff to run the End of Day routines which included 'batch processing'. This approach requires less computer power than real-time processing since account balances and other record are not changed until the end of the working day and, effectively the system is on 'enquiry only' status until the next processing run. In some ways batch processing is more secure than real-time since there is more time to check transaction data before it reaches the computer's files, however the advantages of having accurate, up-to-the-minute information (especially in banking and finance) are generally viewed as outweighing any benefits batch processing may offer. Batch files (files with the extension .bat) are small 'programs' instructing the computer to perform some processing, start another program running, recognize some hardware etc., The most common example is the autoexec.bat file (standing for AUTOmatic EXECution) found on virtually every PC which runs each time the PC is started.

Beta Software
Term used to describe software which is almost fully developed but not yet quite ready for release to the market, or internal users. The Beta version of the software is preceded by the alpha version. Beta versions of commercial programs are often made available to consumers at attractive prices on the basis that there are numerous bugs still to be sorted out, and the first batches of users to install the product are, effectively, taking part in an enormous acceptance testing program. The developer will take note of the findings and comments made by Beta users to incorporate modifications, fixes, patches, etc., in the version which is finally released. Beta versions of software, whether purchased or developed in-house, should not be installed on live systems and should never be used for mission critical processes.

Biometric Access Controls
Security Access control systems which authenticate (verify the identity of) users by means of physical characteristics, e.g. face, fingerprints, voice, or retina pattern.

BIOS
BIOS, the Basic Input Output System of a personal computer. The BIOS contains the code which results in the loading (booting) of a computer's operating system e.g. Microsoft Windows®. The BIOS also controls the flow of data to/from the operating system and peripheral devices, such as printer, hard disk, keyboard and mouse.

Boot
Starting up a PC or server. Verbal shorthand for 'Kick it 'til it wakes up'. The origin of this (strange) term is the recognition that booting or, system start up, is a process requiring a piece of 'bootstrap' code in the BIOS of the computer, which starts the loadup of the operating system.

Boot Disk
CD-ROM or Floppy disk used to start a PC or server when it cannot do so from the hard drive. Boot disks are often used when there is a problem with a Hard Drive, but, equally, may be used as a Key Disk security feature when a PC has been deliberately configured by technical staff to refuse to run without the Key Disk present.

Borg
From 'Star Trek: The Next Generation' in which the Borg is a species of cyborg that ruthlessly seeks to incorporate all sentient life into itself; their slogan is 'Resistance is futile. You will be assimilated.' In tech-speak, the Borg is usually Microsoft, which is thought to be trying just as ruthlessly to assimilate all computers and the entire Internet into itself - there is a widely circulated image of Bill Gates as a Borg - i.e. Borging the competition. Being forced to use Windows or NT is often referred to as being 'Borged'. It is reported that this term is in use within Microsoft itself. Other companies, notably Intel and UUNet, have also occasionally been equated to the Borg.

Bot
Short for Robot, - the term describes little programs designed to perform automated tasks on the Internet such as indexing, looking/watching for message contents, or to act as avatars (human surrogates). On IRC, Bots can be malicious by cloning themselves, (clonebots), or flooding the IRC channels with garbage (floodbots). There are hundreds of different types of Bots including, by some definitions, Agents and Crawlers.

Botrunner
A person who operates software robots on the Net.

Browser
Often known as a 'Web Browser', it is software used to make contact with Web sites on both the Internet and internal Intranets. The topic of software houses development and use of Browsers is controversial, and lies at the heart of the US Government anti-trust (monopoly) case against Microsoft. The only real effect of this case upon users is likely to be that, in future, Browser applications will have to be acquired and installed separately, rather than being supplied as part of an operating system.

Bug
A fault in a computer system, usually associated with software. The term apparently stems from the early (pre-transistor) days of computing when machines used myriad valves and miles of wire. An apocryphal tale has it that one machine refused to work and, on examination of its innards, revealed a moth which had expired across some terminals thereby causing a short circuit. Once 'debugged' the machine worked perfectly - or so it is said.

Business Continuity Planning (BCP)
BCP usually includes the following planning activities: Business Resumption Plan, Business Recovery Plan, Disaster Recovery Plan. BCP should also include Recovery Time Objectives (RTO), which is the amount of time an organization can do without an IT-based business process before the organization's mission is harmed.

Business Impact Assessment
It is the first phase of an overall approach to the development of business continuity plans. The assessment involves understanding the proportion of impact individual business units would sustain as a result of a significant interruption of IT services. These impacts may be a financial or operational.

Business Resumption Plan
The Business Resumption Plan includes work around procedures for business processes for use until production processes are fully recovered. Planning involves users, annual reviews, and testing of plans. Its purpose is to ensure the continuance of mission-critical processes at an alternative production site.

Business Recovery Plan
Plans for the complete recovery of the production business processes, including people, workspace, non-IT equipment and facilities.

Glossary of IT Terms (A)

:::::::::::::::::Glossary A::::::::::::

Abend / Application Crash
Abend (derived from 'abnormal end') is where an applications program aborts, or terminated abruptly and unexpectedly. One of the prime reasons for a thorough testing of an organization's applications systems is to verify that the software works as expected. A significant risk to your data is that, if an application crashes it can also corrupt the data file which was open at the time.

Abort
A computer is simultaneously running multiple programs, each of which require the execution of a number of processes, often simultaneously. However, processes will usually interact with other processes and, due to the differences in hardware and load on the system, will execute at varying speeds. A process may abort when it fails to receive the expected input, or is unable to pass the output to a linked process. When a process aborts, it has the same effect as though that process had crashed. Poorly written applications may freeze /hang when one or more processes abort.

Access
Two types of access - Physical and Logical.

Physical Access. The process of obtaining use of a computer system, - for example by sitting down at a keyboard, - or of being able to enter specific area(s) of the Organization where the main computer systems are located.
Logical Access. The process of being able to enter, modify, delete, or inspect, records and data held on a computer system by means of providing an ID and password (if required). The view that restricting physical access relieves the need for logical access restrictions is misleading. Any Organization with communications links to the outside world has a security risk of logical access. Hackers do not, generally, visit the sites they are hacking in person.- they do it from a distance!

Access Control
Physical, procedural, and/or electronic mechanism which ensures that only those who are authorized to view, update, and/or delete data can access that data.

Access Rights
The powers granted to users to create, change, delete, or simply view data and files within a system, according to a set of rules defined by IT and business management. It is not necessarily true that the more senior a person, the more power is granted. For example, most data capture - essentially creating new files or transactions, is performed at relatively junior level, and it is not uncommon for senior management to have access rights only to view data with no power to change it. There are very good Internal Control and Audit reasons for adopting this approach.

Accidental Damage
In relation to Information Security, accidental damage refers to damage or loss, that is caused as a result of a genuine error or misfortune. However, despite the genuine nature of the accident, such incidents can, and should be prevented by awareness, alertness and action. For example, whilst we can all sympathize with the person who has lost their 50 page document through a system crash, there is little excuse for not having made a suitable backup copy from which to recover the situation.

ADSL
ADSL (Asymmetric Digital Subscriber Line) is a relatively new technology for transmitting digital information at high speeds, using existing phone lines (POTS) to homes and business users alike. Unlike the standard dialup phone service, ADSL provides a permanent connection, at no additional cost. ADSL was specifically designed to exploit the one-way nature of most multimedia communication in which large amounts of information flow toward the user and only a small amount of interactive control information is returned. Several experiments with ADSL to real users began in 1996. In 1998, wide-scale installations began in several parts of the U.S. In 2000 and beyond, ADSL and other forms of DSL are expected to become generally available in urban areas. With ADSL (and other forms of DSL), telephone companies are competing with cable companies and their cable modem services.

Ad Hoc Connectivity
Plugging a non-City owned computing device directly into the network or another City owned workstation while on City premises for the purpose of accessing City applications, the Internet, and/or other City dats sources.

Ad Hoc Device
A City or non-City owned computing device that has not been connected to the City network for a designated period of time. Because it has not been connected, it is considered "untrusted", and assumed to be out of compliance with current operating system and anti-virus patching levels.

Ad Hoc User
Employees, contractors, business partners, etc. who are not normally authorized users, but have a need, on a temporary basis, to connect to the City network to conduct City business

Analog, Analogue
A description of a continuously variable signal or a circuit or device designed to handle such signals. The opposite is 'discrete' or 'digital'. Typical examples are the joysticks or steering wheels associated with flight and driving simulations or air/space combat games.

ANSIAmerican National Standards Institute which is the main Organization responsible for furthering technology standards within the USA. ANSI is also a key player with the International Standards Organization - ISO.

Anti-Virus ProgramSoftware designed to detect, and potentially eliminate, viruses before they have had a chance to wreak havoc within the system, as well as repairing or quarantining files which have already been infected by virus activity.

Archive
An area of data storage set aside for non-current (old, or historical) records in which the information can be retained under a restricted access regime until no longer required by law or Organization record retention policies. This is a field in which computers have a distinct advantage over older paper files, in that computer files can be 'compressed' when archived to take up far less space on the storage media. Paper records can only be compressed by using microfilm, microfiche, or, more recently, by scanning into a computer system. Whichever system is chosen, care must be exercised to ensure that the records retained meet legal requirements should it ever be necessary to produce these records in a court of law.

Audit LogComputer files containing details of amendments to records, which may be used in the event of system recovery being required. The majority of commercial systems feature the creation of an audit log. Enabling this feature incurs some system overhead, but it does permit subsequent review of all system activity, and provide details of: which User ID performed which action to which files when etc. Failing to produce an audit log means that the activities on the system are 'lost'.

Audit TrailA record, or series of records, which allows the processing carried out by a computer or clerical system to be accurately identified, as well as verifying the authenticity of such amendments, including details of the users who created and authorized the amendment(s).

AuditorPerson employed to verify, independently, the quality and integrity of the work that has been undertaken within a particular area, with reference to accepted procedures.

Authentication
A systematic method for establishing proof of identity.

AuthorizationThe process of giving someone permission to do or have something; a system administrator defines for the system which which users are allowed access and what privileges they are assigned.

AvailabilityThe assurance that a computer system is accessible by authorized users whenever it is needed or pre-defined.