Glossary
Term Description
Client
A workstation in a network that is set up to use the resources of a server. Individual or process acting on behalf of an individual who makes requests of a guard or dedicated server. The client’s requests to the guard or dedicated server can involve data transfer to, from, or through the guard or dedicated server.
Cold site
An inexpensive type of backup site with no IT infrastructure (e. g. , computing and network hardware) in place. An IS backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the users have to move from their main computing location to the alternative computer facility.
Collision
(1) A condition that is present when two or more terminals are in contention during simultaneous network access attempts. (2) InA collision occurs when two systems transmit data at the same time onto a connection medium that supports only a single transmission path.
Common Object Request Broker Architecture (CORBA)
An international standard for distributed computing. CORBA enables code operating on a computer to locate resources located elsewhere on the network. C O R B A i s the Object Management Group’s (OMG) answer to the need for interoperability among the rapidly proliferating number of hardware and software products available today. Simply stated, CORBA allows applications to communicate with one another no matter where they are located or who has designed them.
Compartmentalization
A nonhierarchical grouping of sensitive information used to control access to data more finely than with hierarchical security classification alone. The isolation of the operating system, user programs, and data files from one another in main storage to protect them against unauthorized or concurrent access by other users or programs. Also, the division of sensitive data into small, isolated blocks to reduce risk to the data.
Compartmented mode
INFOSec mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following: (1) valid security clearance for the most restricted information processed in the system; (2) formal access approval and signed nondisclosure agreements for that information which a user is to have access; and (3) valid needtoknow for information that a user is to have access. Mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following: (a) valid security clearance for the most restricted information processed in the system; (b) formal access approval and signed nondisclosure agreements for that information which a user is to have access; and (c) valid needtoknow for information which a user is to have access.
Compiler
A program that translates highlevel computer language instructions into machine code. A programming tool that converts higher-level language code into an executable file designed for use on a specific operating system.
Compromise
If system security has been broken, the system is considered compromised. Type of incident where information is disclosed to unauthorized individuals or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred. Unauthorized disclosure or loss of sensitive information.
Compromising emanations
Electromagnetic emanations that convey data and that, if intercepted and analyzed, could compromise sensitive information being processed by a computer system. Unintentional signals that, if intercepted and analyzed, would disclose the information transmitted, received, handled, or otherwise processed by information systems equipment. (. See TEMPEST. )
Computer Crime
Any crime that is perpetrated against or with the use of a computer. The act of using IT to commit an illegal act.