A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z

Index for glossary I

Identity Management

Identity management is a management process of deciding who should have access to resources, and to what resources; providing, changing and terminating such access when appropriate; managing the process and monitoring it for compliance with internal and external policies.

Top

Inoculate

To generate information or data about a file that can be used to verify the integrity of the file at a later time.

Top

Injection Flaws

Injection flaw is a flaw in web application that allows an attacker to trick the web application into executing unintended commands or into changing system data.

Top

Insider Attack

An attack originating from the inside of an organisation.

Top

Integrity

A condition in which the data has not been changed or destroyed in an unauthorised way, such that the current state is identical with the original state before transmission.

Top

Integrity Check

A mechanism to verify that the present state of data has not been tampered or modified, often using digital signatures or hashing algorithms.

Top

Intrusion Detection

A method or process to detect the break-ins or attempts to attack via the use of software systems which operate on the network. Intrusion detection systems often combine the network monitoring with real-time capture and analysis in order to identify for attacks.

Top

Intrusion Prevention System (IPS)

Intrusion Prevention System (IPS) helps to detect if there is an attack happening on the network. IPS also provides active response to stop the source of attacks or to minimise the impact of the attacks.

Top

IPsec (IP Security)

IPsec provides interoperable, high quality and cryptographically based security services for traffic at the IP layer, such as authenticity, integrity, confidentiality and access control to each IP packet.

Top

ISO/IEC 15408

ISO/IEC 15408 is the international standard that is commonly known as the “Common Criteria” (CC). It consists of three parts: ISO/IEC 15408-1:2005 (introduction and general model), ISO/IEC 15408-2:2005 (security functional requirements) and ISO/IEC 15408-3:2005 (security assurance requirements). This standard helps to evaluate, validate, and certify the security assurance of a technology product against a number of factors, such as the security functional requirements specified in the standard.

Top

ISO/IEC 27001:2005

ISO/IEC 27001:2005 is an international standard that specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System (ISMS) within an organisation.

Top

ISO/IEC 27002:2005

ISO/IEC 27002:2005 is an international code of practice for information security management, and is intended as a common basis and practical guideline for developing organisational security standards and effective management practices.

Top

Isolated Identity Management

Isolated identity management is a model of identity management which requires that each user possess an identifier for access to each isolated service.