(1) Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. (2) It is the property that sensitive information is not disclosed to unauthorized individuals, entities, devices, or processes. (3) The secrecy of data that is transmitted in the clear. (4) Confidentiality covers data in storage, during processing, and in transit.
A mode that is used to encipher plaintext and decipher ciphertext. The confidentiality modes include electronic codebook (ECB), cipher block chaining (CBC), cipher feedback (CFB), output feedback (OFB), and counter (CTR) modes.
The relative or functional arrangement of components in a system.
The recording and reporting of configuration item descriptions and all departures from the baseline during design and production.
An independent review of computer software for the purpose of assessing compliance with established requirements, standards, and baseline.
The process for controlling modifications to hardware, firmware, software, and documentation to ensure that an information system is protected against improper modifications before, during, and after system implementation.
An established committee that is the final authority on all proposed changes to the computer system.
The identifying of the system configuration throughout the design, development, test, and production tasks.
(1) The smallest component of hardware, software, firmware, documentation, or any of its discrete portions, which is tracked by the configuration management system. (2) A collection of hardware or computer programs or any of its discrete portions that satisfies an end-user function.
(1) The management of security features and assurances through control of changes made to a system’s hardware, software, firmware, documentation, test cases, test fixtures, and test documentation throughout the development and operational life of the system. (2) The process of controlling the software and documentation so they remain consistent as they are developed or changed. (3) A procedure for applying technical and administrative direction and surveillance to (i) identify and document the functional and physical characteristics of an item or system, (ii) control any changes to such characteristics, and (iii) record and report the change, process, and implementation status. The configuration management process must be carefully tailored to the capacity, size, scope, phase of the life cycle, maturity, and complexity of the system involved. Compare with configuration control.
Conformance testing is a testing to determine if a product satisfies the criteria specified in a controlling standard document (e.g., RFC and ISO).
Occurs when an additional demand for service occurs in a network switch and when more subscribers attempt simultaneously to access the switch more than the switch can handle. Two types of congestion can take place: (1) network congestion, which is an undesirable overload condition caused by traffic in excess of its capacity to handle, and (2) reception congestion, which occurs at a data switching exchange place.
A service that has a single phase involving control mechanisms, such as addressing in addition to data transfer.
A service that has three distinct phases: establishment, in which two or more users are bound to a connection; data transfer, in which data are exchanged between the users; and release, in which binding is terminated.
Routers use the connectivity tree to track Internet group management protocol (IGMP) status and activity.
A connector is an electro-mechanical device on the ends of cables that permit them to be connected with, and disconnected from, other cables.
(1) A program that provides user and administrator interfaces to an intrusion detection and prevention system. (2) A terminal used by system and network administrators to issue system commands and to watch the operating system activities.
A small, usually mobile computer that does not run a standard PC-OS. Examples of consumer devices are networking-capable personal digital assistants (PDAs), cell phones, and video game systems.
