|
Cross-domain Solution
A cross-domain solution (CDS) is an integrated information assurance system composed of specialized software, and sometimes hardware, that provides a controlled interface to manually or automatically enable and/or restrict the access or transfer of information between two or more security domains based on a predetermined security policy. CDSs are designed to enforce domain separation and typically include some form of content filtering, which is used to designate information that is unauthorized for transfer between security domains or levels of classification, such as between different military divisions, intelligence agencies, or other operations which critically depend on the timely sharing of potentially sensitive information. The goal of a CDS is to allow a trusted network domain to exchange information with other domains, either one-way or bidirectionally, without introducing the potential for security threats that would normally come with network connectivity. Although the g ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Information Assurance
Information assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information. Information assurance includes protection of the integrity, availability, authenticity, non-repudiation and confidentiality of user data. IA encompasses not only digital protections but also physical techniques. These protections apply to data in transit, both physical and electronic forms, as well as data at rest . IA is best thought of as a superset of information security (i.e. umbrella term), and as the business outcome of information risk management. Overview Information assurance (IA) is the process of processing, storing, and transmitting the right information to the right people at the right time. IA relates to the business level and strategic risk management of information and related systems, rather than the creation and application of security controls. IA is used to benefit business through the use of information ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cross-domain Interoperability
Cross-domain interoperability exists when organizations or systems from different domains interact in information exchange, services, and/or goods to achieve their own or common goals. Interoperability is the method of systems working together (inter-operate). A domain in this instance is a community with its related infrastructure, bound by common purpose and interests, with consistent mutual interactions or rules of engagement that is separable from other communities by social, technical, linguistic, professional, legal or sovereignty related boundaries. The capability of cross-domain interoperability is becoming increasingly important as business and government operations become more global and interdependent. Cross-domain interoperability enables synergy, extends product utility and enables users to be more effective and successful within their own domains and the combined effort. Cross-domain interoperability is characterized by common understanding and agreements on both sides ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Antivirus Software
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other malware, antivirus software started to protect from other computer threats. In particular, modern antivirus software can protect users from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraud tools, adware, and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, advanced persistent threat (APT), and botnet DDoS attacks. History 1949–1980 period (pre-antivirus days) Although the roots of the computer ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Whitelisting
A whitelist, allowlist, or passlist is a mechanism which explicitly allows some identified entities to access a particular privilege, service, mobility, or recognition i.e. it is a list of things allowed when everything is denied by default. It is the opposite of a blacklist, which is a list of things denied when everything is allowed by default. Email whitelists Spam filters often include the ability to "whitelist" certain sender IP addresses, email addresses or domain names to protect their email from being rejected or sent to a junk mail folder. These can be manually maintained by the user or system administrator - but can also refer to externally maintained whitelist services. Non-commercial whitelists Non-commercial whitelists are operated by various non-profit organisations, ISPs, and others interested in blocking spam. Rather than paying fees, the sender must pass a series of tests; for example, their email server must not be an open relay and have a static IP address. The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Unidirectional Network
A unidirectional network (also referred to as a unidirectional gateway or data diode) is a network appliance or device that allows data to travel in only one direction. Data diodes can be found most commonly in high security environments, such as defense, where they serve as connections between two or more networks of differing security classifications. Given the rise of industrial IoT and digitization, this technology can now be found at the industrial control level for such facilities as nuclear power plants, power generation and safety critical systems like railway networks. After years of development, data diodes have evolved from being only a network appliance or device allowing raw data to travel only in one direction, used in guaranteeing information security or protection of critical digital systems, such as industrial control systems, from inbound cyber attacks, to combinations of hardware and software running in proxy computers in the source and destination networks. The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Nexor
Nexor Limited is a privately held company based in Nottingham, providing product and services to safeguard government, defence and critical national infrastructure computer systems. It was originally known as X-Tel Services Limited. History Nexor Limited was founded in 1989 as X-Tel Services Limited out of the University of Nottingham and UCL, following research into X.400 and X.500 systems for the ISODE project. In 1992 Stephen Kingan joined the business as CEO. In 1993 X-Tel Services Limited was renamed Nexor Limited. In 1996 3i invested in the business to launch Nexor Inc. In 2004 Kingan and Nigel Fasey acquired the business. In 2008 Colin Robbins was appointed to the board as CTO. In 2012 Kingan acquired 100% ownership of Nexor. October 2013, the company moved headquarters from Nottingham Science Park to the NG2 Business Park. Nexor customers include NATO, European Defence Agency, UK MoD, US DOD, Canadian DND, Foreign and Commonwealth Office and Met Office. Nexor d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
High Assurance Guard
{{Unreferenced stub, auto=yes, date=December 2009 A High Assurance Guard (HAG) is a Multilevel security computer device which is used to communicate between different Security Domains, such as NIPRNet to SIPRNet. A HAG is one example of a Controlled Interface between security levels. HAGs are approved through the Common Criteria process. Operation A HAG runs multiple virtual machines or physical machines - one or more subsystems for the lower classification, one (or more) subsystems for the higher classification. The hardware runs a type of Knowledge Management software that examines data coming out of the higher classification subsystem and rejects any data that is classified higher than the lower classification. In general, a HAG allows lower classified data that resides on a higher classified system to be moved to another lower classified system. For example, in the US, it would allow unclassified information residing on a Secret classified system to be moved to another Unclassif ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Multilevel Security
Multilevel security or multiple levels of security (MLS) is the application of a computer system to process information with incompatible classifications (i.e., at different security levels), permit access by users with different security clearances and needs-to-know, and prevent users from obtaining access to information for which they lack authorization. There are two contexts for the use of multilevel security. One is to refer to a system that is adequate to protect itself from subversion and has robust mechanisms to separate information domains, that is, trustworthy. Another context is to refer to an application of a computer that will require the computer to be strong enough to protect itself from subversion and possess adequate mechanisms to separate information domains, that is, a system we must trust. This distinction is important because systems that need to be trusted are not necessarily trustworthy. Trusted operating systems An MLS operating environment often requ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mandatory Access Control
In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system or database constrains the ability of a ''subject'' or ''initiator'' to access or generally perform some sort of operation on an ''object'' or ''target''. In the case of operating systems, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/ UDP ports, shared memory segments, IO devices, etc. Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. Any operation by any subject on any object is tested against the set of authorization rules (aka ''policy'') to determine if the operation is allowed. A database management system, in its access control mechanism, can also apply mandatory access control; in this case, the objec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Automated Information System
An automated information system (AIS) is an assembly of computer hardware, software, firmware, or any combination of these, configured to accomplish specific information-handling operations, such as communication, computation, dissemination, processing, and storage of information. Included are computers, word processing systems, networks, or other electronic information handling systems, and associated equipment. Management information systems are a common example of automated information systems. An example of this is an industrial robot. Also an Automated Information System (AIS) refers to any piece of equipment or interconnected system of equipment utilized in the automated collection, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or receiving of data, and includes computer software, firmware, and hardware. Computers, word processing systems, networks, or other electronic information handling systems, as well as accompanying ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Discretionary Access Control
In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria (TCSEC) as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control). Discretionary access control is commonly discussed in contrast to mandatory access control (MAC). Occasionally, a system as a whole is said to have "discretionary" or "purely discretionary" access control when that system lacks mandatory access control. On the other hand, systems can implement both MAC and DAC simultaneously, where DAC refers to one category of access controls that subjects can transfer among each other, and MAC refers to a second category of access controls that imposes constraint ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Unintended Consequences
In the social sciences, unintended consequences (sometimes unanticipated consequences or unforeseen consequences) are outcomes of a purposeful action that are not intended or foreseen. The term was popularised in the twentieth century by American sociologist Robert K. Merton and expanded by economist Thomas Sowell and psychologist Stuart Vyse.Robert K. Merton, Versatile Sociologist and Father of the Focus Group, Dies at 92 Michael T. Kaufman, '''' Unintended consequences can be grouped into three types: * ''Unexpected benefit'': ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
