Index for glossary I
An organisation that issues identity credentials to individuals, and validates those credentials when presented by a user attempting to access a protected resource. An identity Provider may be a government agency, an academic institution, or a commercial business, such as a bank.
Incident Response Plan
The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of an incident, such as a malicious cyber attacks, against an organisation’s information system(s).
Official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, dissemination, and disposal.
Information Security Management Systems (ISMS)
ISMS is a set of policies concerned with information security management or IT related risks. The governing principle behind an ISMS is that an organisation should design, implement and maintain a coherent set of policies, processes and systems to manage risks to its information assets, thus ensuring acceptable levels of information security risk.
To generate information or data about a file that can be used to verify the integrity of the file at a later time.
Injection flaw is a flaw in web application that allows an attacker to trick the web application into executing unintended commands or into changing system data.
Integrity is the need to ensure that information has not been changed accidentally or deliberately, and that it is accurate and complete.
Intrusion Detection System (IDS)
IDS detects the break-ins or attempts to attack via the use of software systems which operate on the network. It often combines the network monitoring with real-time capture and analysis in order to identify for attacks.
Intrusion Prevention System (IPS)
IPS helps to detect if there is an attack happening on the network. IPS also provides active response to stop the source of attacks or to minimize the impact of the attacks.
IPsec (IP Security)
IPsec provides interoperable, high quality and cryptographically based security services for traffic at the IP layer, such as authenticity, integrity, confidentiality and access control to each IP packet.