Information Technology Services


Defined Terms

Access Control: The prevention of Unauthorized Use of a resource, including the prevention of use of a resource in an unauthorized manner.

Access Control List: A means of determining the appropriate access rights to a given object given certain aspects of the user process that is requesting them, principally the process's user identity.

Algorithm: A finite set of well-defined instructions for accomplishing some task.

Anti-Virus Software: Computer Programs that attempt to identify, thwart and eliminate computer Viruses and other Malicious Software.

Asymmetric Cryptosystem: A method of Encryption in which two different Pass-phrases are used: one for encrypting and one for decrypting the data.

Authorized Use: The use of the University Information Technology Network by any person who is authorized to do so by the University within the limits of that person’s authorization, and as described in and permitted by the University Information Technology Policies and Procedures.

Authorized User(s): Person(s) authorized by the University to use the University Information Technology Network including but not limited to faculty, staff, Students, and guests, within the limits of such person’s authorization.

Backup: The process of periodically copying all of the files on a computer's disks onto a magnetic tape or other removable medium.

Blowfish: A method for encrypting information included in a large number of Encryption products, developed as a general-purpose Algorithm unencumbered by patents, non-proprietary, and open to the public.

Cable Modem: A type of Modem that allows people to access the Internet via their cable television service.

Certificate: A set of Security-relevant data issued by a trusted third-party organization, together with Security information which is used to provide the integrity and data origin authentication Services for the data (Security Certificate).

Chain Email: A term used to describe Emails that encourage you to forward them on to someone else.

Challenge Handshake Authentication Protocol (CHAP): An authentication Protocol used to log on a user to an Internet access provider.

Change Management: The process of developing a planned approach to change in an organization.

Cipher: A private alphabet, system of characters, or other mode of writing, contrived for the safe transmission of secrets.

Console Access: Communicating with an information technology resource through a locally-connected device, such as a keyboard / pointer device / monitor combination.

Cracking: The act of breaking into an information technology resource; what a cracker does.

Database: Any set of information may be called a Database. In this context, the term refers to computerized data, represented as an information set with a regular structure.

Data-Link Connection Identifier (DLCI): A unique number assigned to an end point in a Frame Relay Network.

Decryption: The reverse of Encryption by which the encrypted text is transformed to the readable text.

De-militarized Zone (DMZ): Any un-trusted Network connected to, but separated from, the University's Information Technology Network by a Firewall, used for external (Internet/partner, etc.) access from within the University, or to provide information to external parties.

Denial of Service (DoS): An attack on a computer system or Network that causes a loss of Service to users, typically the loss of Network connectivity and Services by overloading the computational resources of the victim system.

Data Encryption Standard (DES): A method for encrypting information selected as an official Federal Information Processing Standard for the United States, and which has enjoyed widespread use internationally, but is now considered to be insecure for many applications.

Digital Subscriber Line (DSL): A family of digital telecommunications Protocols designed to allow high speed data communication over the existing copper telephone lines between end-users and telephone companies.

Domain Name System (DNS): A system that stores information about computer and Network names in a kind of distributed Database on Networks, such as the Internet.

Dual Homing: Having concurrent connectivity to more than one Network from a computer or Network device.

Email: The electronic transmission of information through a mail Protocol such as SMTP.

Email Bomb: Causing a user’s Email account to reach maximum storage capacity by through the excessive sending of Email messages for the sole purpose of being malicious.

Encryption: The process of making data unreadable to unauthorized entities by applying a cryptographic Algorithm (an Encryption Algorithm).

Extranet: An interconnection between two or more organizations in order to create a private Network to share information.

File Transfer Protocol (FTP): A Software standard for transferring computer files between machines with widely different Operating Systems.

Firewall: A piece of Hardware or Software which functions in a Networked environment to prevent some communications forbidden by the Network policy. It has the basic task of preventing intrusion from a connected Network device into other Networked devices.

Forwarded Email: Email explicitly redirected from one account to another.

Frame Relay: An efficient data transmission technique used to send digital information quickly and cheaply to one or many destinations from one point.

Guest User: Any visitors to the University, not including faculty, staff, or Students who are properly authorized to use the University Information Technology Network.

Hardware: The physical, touchable, material parts of a computer or other system. The term is used to distinguish these fixed parts of a system from the more changeable Software or data components which it executes, stores, or carries.

HyperText Transfer Protocol (HTTP): The primary method used to communicate information on the World Wide Web.

Host: Any computing device attached to a computer Network.

Information Security: Information Security is the part of Information Technology Services that is responsible for coordinating and overseeing campus wide compliance with university policies and procedures regarding the confidentiality, integrity, and Security of its information assets.

Information Security Awareness Initiative: An educational initiative developed by Information Security that will train Authorized Users about the University Information Technology Policies and Procedures and how to stay in compliance with them. This will include, but is not limited to, teaching classes, sending alerts and reminders, and writing guidelines.

Information Security Guidelines: (in development) Attached to these policies are guidelines that help the user comply with the policies.

Instant Messaging: An on-line communication Service in which conversations happen in real-time, and the "on-line status" between users is conveyed such as if a contact is actively using the computer.

Integrated Services Digital Network (ISDN): A set of communications standards allowing a single wire or optical fibre to carry voice, digital Network Services and video.

Intellectual Property: A form of legal entitlement which allows its holder to control the use of certain intangible ideas and expressions.

International Data Encryption Algorithm (IDEA):

: A method for encrypting information which is patented but is free for non-commercial use, and is considered to be the best and most secure method available.

Internet: The publicly available worldwide system of interconnected computer Networks.

Internet Message Access Protocol (IMAP): A Protocol used for accessing Email on a remote server from a local client.

Internet Protocol (IP) Address: A unique number used by machines (usually computers) to refer to each other when sending information through the Internet.

IP Security (IPSec): A standard for securing Internet communications by encrypting and authenticating all data.

IP Security (IPSec) Concentrator: A device where IPSec connections merge into a Network and are no longer encrypted.

Intranet: An Intranet is a Network used internally in an organization.

Layer 2 Tunneling Protocol (L2TP): A Protocol used to support virtual private Networks.

Log: A chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event (also known as an audit trail).

MAC Address: A code on most forms of Networking equipment that allows for that device to be uniquely identified.

Malicious Software (malware): Any Software developed for the purpose of doing harm to a computer system.

Mass Emailing: An Email that is sent to a group of individuals.

Modem: An electronic device for converting between data from a computer and an audio signal suitable for transmission over a telephone line connected to another Modem.

Network: A system for communication among two or more computers.

Network Auto-Discovery: A process for automatically learning what information technology resources are available on a Network.

Network Closet: A physically-secured room where production network devices reside.

Network Drive: A computer storage medium accessible from a Network connection.

Network Sniffing: The act of watching Internet Protocol packets as they traverse a local Network.

Operating System (OS): The system Software responsible for the direct control and management of Hardware and basic system operations, as well as running application Software.

Packet Spoofing: To capture, alter, and retransmit a communication stream in a way that misleads the recipient.

Pass-phrase: A collection of 'words' used for access control, typically used to gain access to a computer system.

Patch: An update to an existing piece of Software that corrects errors or adds new features (also known as a hot-fix).

Phishing: The act of sending Email for the purpose of surrendering private information that will be used for identity theft.

Ping: Slang term for a small Network message sent by a computer to check for the presence and alertness of another computer.

Post Office Protocol version 3 (POP3): A Protocol used to retrieve Email from a remote server to a local client.

Pretty Good Privacy (PGP): A computer Program which provides cryptographic privacy and authentication.

Principle of Least Access: A user must have access to the resources necessary to accomplish a given task, but not to resources unnecessary for completing the task, thus minimizing potential Security risks.

Program: See Software.

Proprietary Encryption: An Encryption Algorithm that has not been made public and/or has not withstood public scrutiny.

Proprietary Information: Information on the University Network that is owned by the University, a form of Intellectual Property.

Protocol: A convention or standard that controls or enables the connection, communication, and data transfer between two computing endpoints.

Public Switched Telephone Network (PSTN): The concatenation of the world's public telephone Networks.

Public-key Cryptography: A form of modern cryptography which allows users to communicate securely without previously agreeing on a shared secret key.

Remote Access: Communicating with an information technology resource from different location.

Restoration: Action taken to repair and return to Service one or more information technology resources that have a degraded quality of Service or have a Service outage.

Risk Analysis: A process to ensure that the Security controls for a system are fully commensurate with its risks.

Risk Assessment: The process of assessing Security-related risks from internal and external Threats to an entity, its assets, or personnel.

Rivest Cipher 5 (RC5): A method of Encryption notable for its simplicity.

Router: A device that forwards data across Networks toward their destination Network.

Routing: Routing provides the means of discovering paths along which information can be sent.

RSA: A public-key method for both Encryption and authentication, the entire Security of which depends on the difficulty of factoring.

Scanning: Checking for Services presented on Networks, usually as part of a Cracking attempt or computer Security scan.

Secure Channel: A communication that uses strong Encryption.

Secure Shell (SSH): Both a computer Program and an associated Network Protocol designed for logging into and executing commands on a remote computer. It provides secure encrypted communications between two un-trusted Hosts over an insecure Network.

Secure Sockets Layer (SSL): A cryptographic Protocol to provide secure communications on the Internet.

Security: The term “Security” is used in the sense of minimizing the Vulnerabilities of assets and resources.

Security Audit: This function provides monitoring and collection of information about Security-related actions, and subsequent analysis of the information to review Security Policies, controls and procedures.

Security Guideline: A guideline is a collection of system specific or procedural specific “suggestions” for best practice. They are not requirements to be met, but are strongly recommended.

Security Policy: A policy is a document that outlines specific requirements or rules that must be met.

Security Standard: A standard is a collection of system-specific or procedural-specific requirements that must be met by everyone.

Sensitive Information: Information is considered sensitive if it can be damaging to University or its reputation.

Service: Work performed (or offered) by a server.

Service Set Identifier (SSID): A code attached to all data on a Wireless Network to identify the data as part of that Network.

Simple Mail Transfer Protocol (SMTP): The de facto standard for Email transmission across the Internet.

Simple Network Management Protocol (SNMP): Supports monitoring of Network-attached devices for any conditions that warrant administrative attention.

Software: A loadable set of instructions which determines how the computer will operate autonomously or in reaction to user input, when running.

SPAM: Unauthorized or unsolicited electronic mailings.

Split-tunneling: See Dual Homing.

Student(s): Person(s) enrolled in at least one credit class of the University.

Surge Protector: An appliance designed to protect electrical devices from power surges.

Symmetric Cryptosystem: A method of Encryption in which the same key is used for both Encryption and Decryption of the data.

Telecommunication Circuit: The complete path between two resources over which one-way or two-way communications may be provided.

Terminal Access Controller Access Control System (TACACS+): A remote authentication Protocol that is used to communicate with an authentication server.

Threat: A potential violation of Security.

Token: An abstract concept passed between cooperating agents to ensure synchronized access to a shared resource.

Traffic Flooding: To send an excessive amount of traffic to an information technology resource, causing a Denial of Service attack.

Trojan Horse: Malicious Software that is disguised as legitimate Software.

Trust Relationship: A relationship between two Networks that enables a user in one Network to access resources in the other.

Unauthorized Disclosure: The intentional or unintentional revealing of restricted information to people, both inside and outside the University, who are not authorized to know that information.

Unauthorized Use: Use of the University Network by Unauthorized Users in violation of the law or in violation of the University Information Security Policies and Procedures.

Unauthorized Users: Use of the University Network who are not Authorized Users, or use of the University Information Technology Network in violation of the law or in violation of the University Information Technology Policies and Procedures.

Uninterrupted Power Supplies (UPS): A device or system that maintains a continuous supply of electric power.

University: The Board of Trustees of Park University, a Missouri nonprofit corporation that does business as “Park University.”

University Address Management System: System that stores IP addresses routed within the University Technology Network.

University Change Management System: System that manages the approval process for any modifications to the University Information Technology Network, and that stores documentation for each modification.

University Password Management System: System that stores and manages passwords on the University Information Technology Network for all system-level and user-level accounts.

University Security Management System: System that stores information about the University Information Technology Network, including but not limited to contact information, Hardware, and Software (for every part of it).

University Information Technology Policies and Procedures: Policies and Procedures of the University that govern the use of the University Information Technology Network, as from time to time amended, all as approved by the board of trustees of the University or the boards delegates.

University Information Technology Network: Internet/Intranet/Extranet-related systems, including but not limited to computer/Networking equipment, Software, Operating Systems, storage media, Network accounts providing electronic mail, Instant Messaging, student information system, WWW browsing, and FTP, are the property of the University.

University Computer Labs: A collection of publicly accessible University computers that are connected to the University Information Technology Network, from which Authorized Users can access the University Information Technology Network.

University Data: Data that belongs to the University that is entered into the University Information Technology Network by University and other Authorized Users.

University Employees: Persons employed by the University including faculty members, staff, and student workers.

University Operational Group: Group responsible for system administration on all internal servers deployed at the University.

Un-Trusted Network: Any Network separated by a Firewall from the corporate Network to avoid impairment of production resources from irregular Network traffic, unauthorized access, or anything else identified as a potential Threat to those resources.

User Authentication: A method by which the user of a system can be verified as a legitimate user independent of the system being used.

Virtual Private Network (VPN): A method for accessing a remote Network via an encrypted "tunnel" through the Internet.

Virus: A self-replicating Program that spreads by inserting copies of itself into other Programs or documents.

Vulnerability: Any weakness that could be exploited to violate a system or the information it contains.

Wireless Networks: Telephone or computer Networks that use radio as their carrier or physical layer.

World Wide Web (WWW): A distributed system that operates over the Internet, primarily used for displaying documents which contain automated cross-references to other documents.

Worm: A self-replicating Program that is self-contained and does not need to be part of another Program to propagate itself.