Information Technology Reference
In-Depth Information
Term
Description
Security
A service or mechanism that provides a safeguard;
preserve functional intent; preserve mission
integrity.
Security domain
A domain when viewed for purposes of information
assurance consideration.
Security education,
training, and awareness
(SETA)
The conveyance of security throughout the
enterprise in varying detail. The intent of awareness
is to let the audience know about something.
Training conveys how to use that something.
Education conveys the theory behind, the why
about that something.
Security event
A noteworthy occurrence; an event that may be of
significance from a mission integrity perspective.
Security incident
An event confirmed to be of significance from a
mission integrity perspective.
Security management
program (SMP)
The initiative to formally define the organizational
approach to security.
Security region
A collection of security domains grouped by physical
proximity.
Security service
In context of IA
2
, a security service is a set of
processes to maintain confidentiality, integrity, and
availability; the main purpose is to distinguish from
mechanisms.
Service
The act of satisfying some demand (verb) or the
entity that satisfies some demand (noun); a service
may be a business service or a technical service; the
provision of a service may be manual (via person)
or automated (via technology).
Service-oriented
architecture (SOA)
SOA is a design philosophy that enables the ability
to add, modify, and remove services from an
enterprise environment; SOA is more specific than
Web services or technical services.
Solution
In context of IA
2
, consider the solution to be the final
result to the customer that solves the business
problem at hand; the solution may be product,
system, systemic aggregation, service, functional
operation, etc.
