Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Object-Oriented Analysis and Design with the Unified Process 12-1 Chapter 12 - Key Terms Access control: an integrity control that determines who has access to a system and its data. Access control list: the list of users who have rights to access the system and data. Ad hoc reports: reports that are not predefined by a programmer but designed as needed by a user. Authentication: the process of identifying a user to verify that he or she can have access to the system. Authorization: the process of determining whether a user is permitted to have access to the system and data. Certificate (digital certificate): a text message that is encrypted by a verifying authority and used to broadcast an organization’s name and public key. Certifying authority: a well-known third party that sells digital certificates to organizations. Completeness control: an integrity control to ensure that all necessary fields on an input form have been entered. Control break report: a report that includes detailed and summary information. Data validation control: an integrity control to validate the input data for correctness and appropriateness. Decryption: the process of converting encrypted data back into a readable format. Destination controls: integrity controls to ensure that output information is channeled to the correct persons. Detailed report: a report containing detailed transactions or records. Digital signature: a technique in which a document is encrypted using a private key to verify who wrote the document. Drill down: to link a summary field to its supporting detail and enable users to view the detail dynamically. Encryption: the process of altering data so that they are unreadable by unauthorized users Encryption algorithm: a complex mathematical formula and process that encrypts or decrypts data. Encryption key: a binary field that the encryption algorithm uses to transform the data. Exception report: a report that contains only information about nonstandard, or exception, conditions. Executive report: a summary report from various information sources that is normally used for strategic decision. External output: printed documents—such as statements, notices, form letters, and legal documents— produced for use outside an organization. Field combination control: an integrity control that verifies the data in one field by checking them against data in another field or fields. Integrity control: mechanisms and procedures that are built into an application system to safeguard information contained within it. Internal output: a printed report or document produced for use inside an organization. Privileged user: a user who has special security access privileges to a system. Registered user: a user who is registered or known to the system and is authorized to access some part of it. Secure Hypertext Transport Protocol (HTTPS or HTTP-S): an Internet standard for transmitting Web pages securely. Secure Sockets Layer (SSL): a standard protocol to connect and transmit encrypted data. Security controls: mechanisms usually provided by the operating system or environment to protect the data and processing systems from malicious attack. Smart card: a computer-readable plastic card with security information embedded within it. Summary report: a report that recaps or summarizes detailed information over a period of time or belonging to some category. Symmetric key encryption: an encryption process that uses the same key to encrypt and to decrypt the data. Transaction logging: a technique whereby all updates to a database are recorded with the information on who performed the update, when, and how. Transport Layer Security (TLS): an updated version of SSL. Turnaround document: an external output that includes a portion that is returned to the system as an input. Unauthorized user: a person who does not have authorized access to a system. Value limit control: an integrity control that identifies when a value in a field is too large or too small.