Access control: limiting access to information systems resources only to authorized users, programs, processes or other systems.
Accreditation: authorization and approval granted to an application or system to process in an operational environment. It is made on the basis of a certification by designated technical personnel that the application or system meets a set of pre-specified technical requirements for achieving adequate system security.
Application: A software program or group of programs designed to meet a specific end user need or requirement.
Architecture: the design of an IT system, network, software or computer.
Authentication: security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information.
Availability: timely, reliable access to data and information services for authorized users.
Backup: copying files from the medium upon which they are primarily stored to a second medium (disk or tape) as a precaution in case the primary medium fails.
Bridge: a protocol-independent device that connects two or more local area networks (LANs) together.
Data: programs, files or other electronic information stored in, or processed by a computer system.
Download: to copy data (usually a complete file) from a remote source to another device (usually from an Internet site or file server to one's own computer).
Dynamic Host Configuration Protocol (DHCP): a protocol for assigning dynamic IP addresses to devices on a network.
email: the transmission of messages between computers via a network, including the Internet.
File: a collection of data or information that has an assigned name (filename).
File transfer protocol (FTP): an internet protocol used for moving files from one location to another (most common protocol used for downloading files).
Firewall: combination of computer hardware and software installed on a network to prevent access to specified network segments by unauthorized users.
Hypertext Markup Language (HTML): the authoring language used to create documents on the World Wide Web.
Hypertext Transfer Protocol (HTTP): the basic protocol used on the internet that defines how messages are formatted and transmitted and the actions that servers and web browsers take in response to various commands.
Information technology (IT) resources: computer hardware, software, databases, electronic message systems, computer networks and any electronic information that is used by a DC Agency to process, transfer, store or communicate electronic data.
Internet: a global "information highway" comprised of thousands of interconnected computer networks in over 100 countries.
Local Area Network (LAN): a computer network that spans a relatively small area, usually confined to a single building or floor.
Malicious code: any type of computer code intended to impair, destroy or delete a computer system, network, file or data.
Modem: a device that enables a computer to transmit data via a telephone line.
Network: a group of two or more interconnected computers, including the hardware, software and communications lines used to connect them.
Off-the-shelf: hardware or software already produced and available from a commercial vendor.
Password: an encoded set of alpha-numeric characters required to enable a user to access a file, computer or program.
Personal computer: a small, relatively inexpensive computer designed for a single user.
Pirated software: commercial and/or copyrighted software installed on a computer system for which a license has not been purchased.
Policy: a high-level statement of purpose used to guide and determine present and future decisions and actions.
Procedure: a series of steps to be followed or actions to be taken to implement specific policies or standards.
Protocol: a format for transmitting data between two computer devices. The protocol usually includes a determination as to how the sending device will indicate that it has finished sending a message and how the receiving device will indicate that it has received the message.
Return-on-investment (ROI): for a given use of funds in an organization, a calculation of the amount returned in cost savings, improved performance and/or productivity.
Router: a device that connects two or more local area networks and uses headers and a routing table to determine the destination of data packets transmitted over the network.
Secure Sockets Layer (SSL): a protocol from Netscape Communications which is designed to provide secure (encrypted) communications over an Internet link.
Security measures: processes, software and hardware used by system and network administrators to ensure the confidentiality, integrity and availability of the IT resources and data owned by the DC government and its authorized users.
Sensitive information: information that requires special protection due to the risk and impact of loss or harm that could result from inadvertent or deliberate disclosure, alteration or destruction of the information. The term includes information whose improper use or disclosure could adversely affect the ability of an agency to accomplish its mission or could reflect adversely on its public image.
Server: a computer or other network device that manages network resources, e.g., file server, print server or database server.
Software program: an organized list of electronically stored instructions that, when executed, causes a computer to behave in a predetermined manner.
Spoofing: a technique used to gain unauthorized access to a computer, whereby the intruder sends a message to the computer indicating that the message is coming from a trusted source.
Standard: a structure or set of guidelines, based on a policy, which has been established to serve as a model or example.
Telecommunications: the transmission of information over a communications line, i.e., transmission of voice, data, text or video over long distances.
Threat: an activity, deliberate or unintentional, with the potential for causing harm to an automated information system or activity.
Transmission Control Protocol/Internet Protocol (TCP/IP): primary protocol for transmitting data across computer networks. TCP enables two devices to establish a connection and exchange data. TCP also provides a "guarantee" that the data will be delivered and that the individual data packets will be delivered in the same order in which they were received. IP specifies that format for the data packets and how they are to be addressed.
Virus: a computer program or piece of computer code that is usually disguised as or attached to another program and that causes some unexpected and often undesirable event on the infected computer system.
Vulnerability: a flaw or weakness that may allow harm to occur to an automated information system or activity.
Web browser: a software application used to locate and display internet web pages.
World Wide Web: a system of Internet servers that support specifically formatted documents. The documents are formatted in a programming language (HTML) that supports links to other documents and files.
Policy Definitions A-Z