Greynets |
|
Greynets are a significant and widespread threat to IT security particularly within commercial organisations where their use is popular and often undetected. The term greynet refers to communication applications which use internet protocol for their operation but often operate outside the controlled boundaries of network administration. |
|
[ View Detail ] |
|
|
Home Security |
|
Home Security describes both measures that prevent or deter attackers from accessing a home, resource, or information stored on physical media and guidance on how to design structures to resist various hostile acts1. It can be as simple as a locked door, alarm system or as elaborate as multiple layers of armed Security guards and Guardhouse placement. |
|
[ View Detail ] |
|
|
IACP |
|
The International Association of Chiefs of Police is an organisation for senior police officers throughout the world with its membership currently extending to around 90 nations in the world. The IACP operates as a means of sharing information and best practices with the intention of raising policing standards. |
|
[ View Detail ] |
|
|
ICAO |
|
Headquartered in Canada, the International Civil Aviation Organization is the standard setting body for international air navigation and helps to resolve border issues concerning the use of airspace at national boundaries. The ICAO is also active in the systematisation of the civil airline industry nomenclature with such activities as issuing and managing codes for aircraft and airports. |
|
[ View Detail ] |
|
|
IED |
|
An Improvised Explosive Device is a weapon usually associated with terrorism which is generally home made and can range in size and destructive capabilities from small, modified fireworks to extremely large devices consisting of adapted commercial vehicles packed with plastic explosives. |
|
[ View Detail ] |
|
|
|
IP Surveillance |
|
IP surveillance can be defined as using the Internet Protocol (IP) standard of communication for the storage, transmission and networking of surveillance images. As IP is an open standard, it enables manufacturers of surveillance equipment to standardise on this protocol providing the market with more flexibility in choosing best-of-breed solutions. |
|
[ View Detail ] |
|
|
IPv6 |
|
The current level of internet technology is designated IPv4 and IPv6 is the next iteration of this technology which has mainly come about due to the need for an inexhaustible addressing scheme. The current system is limited to around 4 and a quarter billion addresses whilst IPv6 is practically limitless. The letters stand for “Internet Protocol Version 6”. |
|
[ View Detail ] |
|
|
Iris Recognition |
|
Iris recognition is a biometric technology where identification is verified through scanning the person's iris.
The technology is favoured as a non-contact and non-intrusive method of identification and is widerly used in a number of applications including at airports and in the production of secure documentation.
Initially, the technology was used for short range scanning but is becoming increasingly viable for long-range scanning applications. |
|
[ View Detail ] |
|
|
IWF |
|
The Internet Watch Foundation is a UK based organisation which was set up specifically to combat worldwide hosting of images of child sexual abuse and UK hosted criminally obscene images or content designed to incite racial hatred. |
|
[ View Detail ] |
|
|
J-SOX |
|
J-SOX is the Japanese Financial Instruments and Exchange law which in some ways mirror the American Sarbanes-Oxley act. Its purpose is to provide additional regulatory measures into the Japanese financial industry in an attempt to improve reporting standards and prevent fraud. |
|
[ View Detail ] |
|
|
Keylogger |
|
A piece of malicious code that monitors a computer’s keyboard activity and sends it to the recipient without the computer user’s knowledge. This enables the recipient to gather intelligence data to build sufficient information concerning the user to commit crimes such as compromising passwords and accessing financial resources. |
|
[ View Detail ] |
|
|
Line scan camera |
|
A line scan camera uses charged coupled device sensors rather than field sensors and generates an image line by line sensing changes in light levels and colour from pixel to pixel for each line generated. These types of cameras are good for detailed image analysis and measurement and are therefore often used in machine vision applications and for inspection tasks. |
|
[ View Detail ] |
|
|
Link-16 |
|
Link-16 is a jam resistant communication protocol used by military forces to exchange data and was developed by NATO using American military standards. |
|
[ View Detail ] |
|
|
M-Payments |
|
M-Payment is a means of settling a financial transaction with a mobile phone or PDA using contactless near field communications technology. By holding the phone in proximity range of the receiver and entering a PIN, payment can be made at points of sale. |
|
[ View Detail ] |
|
|
MegaPixel |
|
Megapixel cameras in the surveillance industry are characterized by high definition imaging based on the density of pixels in the sensor. A 1 megapixel camera has 1 million pixels. As an IP surveillance technology, the advantages of megapixel cameras include image quality, the ability to segment images and zoom on portions of the field of view as well as cover wider fields of view that would otherwise need a greater number of cameras. |
|
[ View Detail ] |
|
|
MIDS |
|
Multifunctional Information Distribution System is the NATO term for Link-16 (See Link-16). |
|
[ View Detail ] |
|
|
Millimetre Wave |
|
Millimetre Wave scanning is a screening technology used for the detection of hidden items under the clothing. High frequency, non-ionising radiation is aimed at the subject and a three dimensional image is constructed from the reflections. The waves transmit through clothing but are reflected by human tissues.
The resulting image reveals the human form as well as any objects that have been hidden near to the body surface.
Health concerns are not as high as other imaging systems that involve the use of ionising radiation such as through-body imaging or backscatter X-Ray imaging. |
|
[ View Detail ] |
|
|
MINEX |
|
The Minutiae Interoperability Exchange Test was set up as a means of performing a wide and statistically significant range of trials to determine whether the use of minutiae information from fingerprints as a means of comparison and identification could be a successful alternative to using image data. This test is important in terms of fingerprint sample comparison using new technology and is vitally significant for the biometrics industry where minutiae data is used in preference to image data. |
|
[ View Detail ] |
|
|
MOTO |
|
Mail order telephone order is a card not present method of payment using credit or charge cards. This often involves the use of a web form or a fax sheet on which the card holder enters details or where the credit card owner narrates the details to a telephone operator. Web forms and fax transmissions pose a risk to the data contained on the form. |
|
[ View Detail ] |
|
|
NACOSS |
|
The National Approval Council for Security Systems is an independent regulatory and certification body which is now part of the NSI (National Security Inspectorate) and covers the approval of companies who supply and install intruder alarms, access control systems, CCTV surveillance systems and fire alarms. NACOSS inspectors examine the company’s technical capabilities, standards approvals and management structure before providing certification. |
|
[ View Detail ] |
|
|
NATO |
|
The North Atlantic Treaty Organisation was formed in 1948 shortly after the second world war and is a military union of European countries and America, formed to create a united defence against external threats from non-member countries. After the end of the cold war, NATO re-defined its strategies and continues to institute and maintain political programs for the maintenance of peace. |
|
[ View Detail ] |
|
|
NFC |
|
Near Field Communications refers to contactless and wireless communication between a transmitter and receiver in close proximity. |
|
[ View Detail ] |
|
|
NPPD |
|
The National Protection and Programs Directorate is part of the Department of Homeland Security and is responsible for risk analysis and management. |
|
[ View Detail ] |
|
|
NSI |
|
The National Security Inspectorate covers the whole of the UK security industry and acts as an approvals and accreditation body which ensures the highest standards in intruder alarms, CCTV surveillance, access control, fire systems, guarding and secure transport systems. |
|
[ View Detail ] |
|
|
NUWC |
|
The National Undersea Warfare Center is the US Navy’s research and development centre located in Rhode Island used for the development and support of submarines and underwater systems and weapons. |
|
[ View Detail ] |
|
|
NVR |
|
A Network Video Recorder is a device for storing digital CCTV images on an IP network. (For contrast, see DVR). The NVR is therefore a networked computing device and benefits from this in such aspects as location (which is independent of camera or control room location), security and network access and functionality. In this last respect, NVRs can be written to and read from simultaneously thus allowing the viewing and analysis of one stream of video whilst another stream is being written. |
|
[ View Detail ] |
|
|
ONVIF |
|
The Open Network Video Interface Forum (ONVIF) is an industry group dedicated to the development of standards relating to open IP video networking enabling the use of compliant products over non-proprietary networks.
The focus of the group is on interoperability enabling the use of cameras, storage systems, video analytics products and Video Management Systems from different suppliers on the same network. |
|
[ View Detail ] |
|
|
OTP |
|
One Time Passwords are used to improve information access security and are particularly useful when there are many users for one resource. By issuing each user with a token which generates passwords, the process of providing access authorisation is randomised thus reducing the probability of a memorised password being compromised. For higher security applications, one time passwords are more effective when combined with other authentication technology such as biometric identification. |
|
[ View Detail ] |
|
|
P2P |
|
A point to point protocol which allows the direct connection of two computers for the purposes of file sharing or messaging. It is a software protocol analogous to a pipe built in software that establishes a constant connection. This is often used in Instant Messaging applications and compromises the security features built into networks based on other protocols. Many IM users within companies are unaware of the security risks involved and if IM’s are not blocked or protected, they form a significant security risk to organisations. |
|
[ View Detail ] |
|
|
Phreaking |
|
This refers to telephone fraud where the victim is invariably the telephone company. Phreakers use a range of techniques such as phone card hacking to gain access to long distance networks without charge. With the more recent advent of VoIP and mobile networks, the focus of the phreakers has changed but still involves fraud and telephones. |
|
[ View Detail ] |
|
|
POC |
|
Proof Of Concept is a widely used term to describe the feasibility of an idea. In the field of IT security, a POC is a simulation of the effect of malicious software or the principle of a security solution. The POC approach is something that is becoming more familiar as malicious software is becoming more difficult to intercept especially at the early stages before a patch has been written. Anti-virus software is now generally made up of many components that act in different ways to provide a multiple approach to detecting viruses. |
|
[ View Detail ] |
|
|
PoE |
|
Power over Ethernet is a means of providing electrical energy using standard data communication infrastructure. In the security industry, many networked applications such as access control, alarm systems and cameras are linked to each other and computer systems using TCP/IP technology over standard Ethernet cabling. These devices also need power and so PoE allows power to be supplied to the devices using the same cabling as the data. This is particularly useful for temporary or difficult locations where minimum wiring overhead would be an advantage. |
|
[ View Detail ] |
|
|
PSIA |
|
The Physical Security Interoperability Alliance is a standards body created in 2008 with the purpose of creating an open standard for IP video surveillance networks enabling the interoperability of devices and components as well as management systems from different suppliers on the same network.
The standard also encompasses the integration of other physical security systems that use IP technology including access control and alarm systems. |
|
[ View Detail ] |
|
|
PSIM |
|
Physical Security Information Management (PSIM) systems comprised advanced software with multiple inputs from a range of sensors and other software products. They are typically used in control rooms and despatch centres for providing overall situational awareness and enabling top level control of responding resources.
Typical usages for PSIM are airport, sea port, railway station security management and despatch centres for road traffic management although the usage is not limited to these applications and can be extended to other areas where more inputs are required than can be handled by simpler video management systems. |
|
[ View Detail ] |
|
|
Pump and dump scam |
|
This refers to unwanted e-mails which contain recommendations for purchasing penny shares (also known as small cap investments in the USA). The e-mails originate from syndicates who have bought low value stock with the hope of making money by artificially inflating the price of the stock by creating demand through spamming campaigns. Once the stock price has risen, the originators of the spam sell their stock which results in a price collapse. |
|
[ View Detail ] |
|
|
|
Risk Management |
|
All businesses face risks and the effective management of these risks is fundamental to continued operations when faced by threats.
Risk management encompasses the identification, assessment and mitigation of risks that a business may face. Part of the risks that businesses face are mitigated to some extent through regulation with which companies are obliged to comply. |
|
[ View Detail ] |
|
|
|
Rootkits |
|
Rootkits are programmes which embed themselves into operating systems such as Windows, Linux or MAC OS X. They are usually stealthily deployed through other programmes unwittingly downloaded by unsuspecting users and change key system parameters that allow external access to the victim computer. |
|
[ View Detail ] |
|
|
ROV |
|
A remotely operated underwater vehicle which is an unmanned device operating off an offshore vessel . |
|
[ View Detail ] |
|
|
RPG |
|
Rocket Propelled Grenades have been in wide use in areas of conflict since the second world war and are still popular with terrorist groups for inflicting heavy damage from a relatively compact weapon. |
|
[ View Detail ] |
|
|
RVRC |
|
Remote Video Response Centre is a control room for surveillance systems that can cover multiple sites or even multiple customers for monitoring service providers. These centres can operate regionally or nationwide. |
|
[ View Detail ] |
|
|
SAR |
|
A Suspicious Activity Report is a submission to the Serious Organised Crime Agency to highlight financial transactions that could be indicators of money laundering and other financial crimes. These transactions could amount to innocent activity but unusual thus leading to an investigation prior to taking any appropriate action. Such reportable transactions include suspected misuse of business funds, early redemption on mortgages and large loans, large cash deposits or overseas transfers. |
|
[ View Detail ] |
|
|
Sarbanes-Oxley |
|
The US Sarbanes-Oxley act represents an array of financial reporting and accountability reforms designed to reduce the level of corporate financial fraud and stipulate responsibilities, disclosure requirements and penalties. The implications on IT are widespread particularly for accounting software for sale in the USA which now requires compliance with the requirements of the Sarbanes-Oxley act. |
|
[ View Detail ] |
|
|
SFST |
|
Standard Field Sobriety Test is used by American police officials to determine whether a person is fit to drive or whether they should be arrested and subjected to further quantifiable analysis. The SFST consists of three components, the Walk and turn test, the Standing on one leg test and the Horizontal gaze test. |
|
[ View Detail ] |
|
|
SIP |
|
Session Initiation Protocol is a communication control for voice over IP communications and multimedia broadcasts. As well as TCP/IP communications, it is also used over H. |
|
[ View Detail ] |
|
|
Smurf Attack |
|
A denial of service attack where maintenance signal messages (PING messages) are sent in serial at high volume overloading the targets access demand levels and slowing the system down. |
|
[ View Detail ] |
|
|
SOCA |
|
The Serious Organised Crime Agency is a UK Home Office sponsored public body which has the objective of reducing the risk of harm caused by the effects of organised crime. |
|
[ View Detail ] |
|
|
SSAIB |
|
The Security Systems and Alarms Inspection Board is a certification body for security industry service providers covering alarms, electronic security systems, fire services and guarding services. |
|
[ View Detail ] |
|
|