Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
ICA An acronym for Citrix's Independent Computing Architecture, a three-part server-based computing technology that separates an application's logic from its user interface and allows 100 percent application execution on the server. ICE - Iris Challenge Evaluation A large-scale development and independent technology evaluation activity for iris recognition systems sponsored by the U.S. Government in 2005. .For more information visit http://iris.nist.gov/ICE/. IDEA (International Data Encryption Algorithm) A private key encryption-decryption algorithm that uses a key that is twice the length of a DES key. Identification A task where the biometric system searches a database for a reference matching a submitted biometric sample and if found, returns a corresponding identity. A biometric is collected and compared to all the references in a database. Identification is “closed-set” if the person is known to exist in the database. In “open-set” identification, sometimes referred to as a “watchlist,” the person is not guaranteed to exist in the database. The system must determine whether the person is in the database, then return the identity. See also closed-set identification, open-set identification, verification, watchlist. Identification Rate The rate at which an individual in a database is correctly identified. Identity An identity is the collection of information that uniquely identifies and/or locates an individual. Usually some combination of first and last name, mailing address, email address, phone number, and age can by used to uniquely identify an individual. [FTC] (see also personally identifiable information) (includes verifying identity) Identity theft The deliberate use of another person's name and other identifying information to commit theft or fraud or to access confidential information about an individual. This is a particularly troubling issue in that it can take years for a victim of identity theft to recover. [SSA] (see also phishing, pre-texting) (includes identity theft report) Identity theft report A report: (1) that alleges an identity theft; (2) that is filed by a consumer with an appropriate Federal, State, or local government agency, including the U.S. Postal Inspection Service and any law enforcement agency; and (3) the filing of which subjects the person filing the report to criminal penalties relating to the filing of false information if, in fact, the information in the report is false. [FTC] (see also identity theft) IDIOT Intrusion Detection In Our Time. A system that detects intrusions using patternmatching. IETF (The Internet Engineering Task Force) A public forum that develops standards and resolves operational issues for the Internet. IETF is purely voluntary. Impostor A person who submits a biometric sample in either an intentional or inadvertent attempt to claim the identity of another person to a biometric system. See also attempt. INCITS - International Committee for Information Technology Standards Organization that promotes the effective use of information and communication technology through standardization in a way that balances the interests of all stakeholders and increases the global competitiveness of the member organizations. For more information visit http://www.INCITS.org/. See also ANSI, ISO, NIST. Indicators & Warnings (I & W) I & W refer to how an event or series of events can provide enough information to classify it as an incident. Indifferent User An individual who knows his/her biometric sample is being collected and does not attempt to help or hinder the collection of the sample. For example, an individual, aware that a camera is being used for face recognition, looks in the general direction of the sensor, neither avoiding nor directly looking at it. See also cooperative user, noncooperative user, uncooperative user. Indirectly identifiable Data that does not include personal identifiers, but links the identifying information to the data through use of a code. This data is still considered identifiable by the common rule. [HIPAA] (see also anonymized, anonymous, coded, common rule, deidentified, directly identifiable, individually identifiable health information, protected health information) Individual Means a citizen of the United States or an alien lawfully admitted for permanent residence. [OMB] (see also privacy, privacy impact assessment) Individual participation principle An individual should have the right: a) to obtain from a data controller, or otherwise, confirmation of whether or not the data controller has data relating to him; b) to have communicated to him, data relating to him within a reasonable time; at a charge, if any, that is not excessive; in a reasonable manner; and in a form that is readily intelligible to him; c) to be given reasons if a request made under subparagraphs(a) and (b) is denied, and to be able to challenge such denial; and d) to challenge data relating to him and, if the challenge is successful to have the data erased, rectified, completed or amended. [OECD] (see also OECD privacy guidelines) Individual Profiling Refers to a site's or a service provider's use of personal data to create or build a record on the particular individual or computer for the purpose of compiling habits or personally identifiable information of that individual or computer. For example, online stores may recommend products based on the visitor's purchasing history on the specific Web site or online in general. Individually identifiable health information A subset of health information that identifies the individual or can reasonably be used to identify the individual. [HIPAA] (see also directly identifiable, electronic medical record, indirectly identifiable, protected health information, personally identifiable information) Information Assurance (IA) Information Operations that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities. (DODD S-3600.1 of 9 Dec 96). Information in identifiable form Is information in an IT system or online collection: (i) that directly identifies an individual (e.g., name, address, social security number or other identifying number or code, telephone number, email address, etc.) or (ii) by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., indirect identification. (These data elements may include a combination of gender, race, birth date, geographic indicator, and other descriptors). [OMB] (see also directly identifiable, personally identifiable information) Information Operations (IO) Actions taken to affect adversary information and information systems while defending one's own information and information systems. (DODD S-3600.1 of 9 Dec 96). Information Security The result of any system of policies and/or procedures for identifying, controlling, and protecting from unauthorized disclosure, information whose protection is authorized by executive order or statute. Information Superiority The capability to collect, process, and disseminate an uninterrupted flow of information while exploiting or denying an adversary's ability to do the same. (DODD S-3600.1 of 9 Dec 96). Information System Security Officer (ISSO) Person responsible to the designated approving authority for ensuring the security of an information system throughout its lifecycle, from design through disposal. [NS4009] Information systems technology The protection of information assets from accidental or intentional but unauthorized disclosure, modification, or destruction or the inability to process that information. Information technology (IT) Means, as defined in the Clinger-Cohen Act3, any equipment, software or interconnected system or subsystem that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. [OMB] (see also privacy impact assessment) Information Warfare (IW) 1) Actions taken to achieve information superiority by affecting adversary information, information based processes, and information systems, while defending our own information, information based processes, and information systems. Any action to deny, exploit, corrupt, or destroy the enemy's information and its functions, protect themselves against those actions; and exploiting their own military information functions. 2) Information Operations conducted during time of crisis or conflict to achieve or promote specific objectives over a specific adversary or adversaries. (DODD S-3600.1 of 9 Dec 96). Informed consent Required by the Common Rule. Refers to the requirement that all researchers explain the purposes, risks, benefits, confidentiality protections, and other relevant aspects of a research study to potential human subjects so that they may make an informed decision regarding their participation in the research. IRBs review the informed consent process and form documenting the consent to ensure compliance with research regulations and policies. The HIPAA Privacy Rule permits entities to include in the informed consent form for research an 'authorization' for use or disclosure of individually identifiable health care information. [HIPAA] (see also authorization, common rule, disclosure, institutional review board, consent) Informed Notice Notice of information practices cannot be truly effective unless it is clearly written and non-coercive. Users are "informed" when they know and understand who collects their personal information and the purposes for which it is collected. Notice of information practices is particularly important when an Internet user participates in a "passive" activity under the illusion of anonymity; it is also crucial to provide advance notice when personal information is used for purposes unrelated to those for which a user has initially disclosed it. Infrared Light that lies outside the human visible spectrum at its red (low frequency) end. Inside threat An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service. Insider attack An attack originating from inside a protected network. Institutional review board (IRB) Common Rule-mandated method of peer review to protect human subjects. HIPAA privacy regulations require an IRB also to protect the privacy rights of research subjects in specific ways. At Partners, the IRB will now review all HIPAA-required authorizations and waiver of authorizations for research use of identifiable health information. [HIPAA] (see also Health Insurance Portability and Accountability Act, authorization, common rule, informed consent, limited data set, tracking of disclosures, waiver of authorization, privacy board) Integrated Automated Fingerprint Identification System (IAFIS) The FBI’s large-scale ten fingerprint (open-set) identification system that is used for criminal history background checks and identification of latent prints discovered at crime scenes. This system provides automated and latent search capabilities, electronic image storage, and electronic exchange of fingerprints and responses. See also AFIS. Integrity Protection against unauthorized modification or destruction of information. [NS4009]. A state in which information has remained unaltered from the point it was produced by a source, during transmission, storage, and eventual receipt by the destination. Integrity Assuring information will not be accidentally or maliciously altered or destroyed. Intellectual Property Useful artistic, technical, and/or industrial information, knowledge or ideas that convey ownership and control of tangible or virtual usage and/or representation. Interactive Data Data actively generated from or reflecting explicit interactions with a service provider through its site -- such as queries to a search engine or logs of account activity. Intermediate CA A CA that is subordinate to another CA, and has a CA subordinate to itself. Internet A worldwide system of computer networks. Networks connected through the Internet use a particular set of communication standards, known as TCP/IP, to communicate. A web of different, intercommunicating networks funded by both commercial and government organizations. The Internet had its roots in early 1969 when the ARPANET was formed. ARPA stands for Advanced Research Projects Agency (which was part of the U.S. Department of Defense). One of the goals of ARPANET was research in distributed computer systems for military purposes. The first configuration involved four computers and was designed to demonstrate the feasibility of building networks using computers dispersed over a wide area. The advent of open networks in the late 1980s required a new model of communications. The amalgamation of many types of systems into mixed environments demanded a better translator between these operating systems and a non-proprietary approach to networking in general. Telecommunications Protocol/Internet Protocol (TCP/IP) provided the best solutions. Internet Worm A worm program (see: Worm) that was unleashed on the Internet in 1988. It was written by Robert T. Morris as an experiment that got out of hand. Intrusion Any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource. Intrusion Detection Pertaining to techniques which attempt to detect intrusion into a computer or network by observation of actions, security logs, or audit data. Detection of break-ins or attempts either manually or via software expert systems that operate on logs or other information available on the network. Intrusion detection system A system dedicated to the detection of break-ins or break-in attempts manually either via software expert systems that operate on logs or other information available on the network. IP Internet Protocol. The standards by which computers talk to each other over the Internet. IP Address A number or series of numbers that identify a computer linked to the Internet. As a general rule, the IP address is written as four numbers separated by periods. For example: 12.24.36.48 Local Area Network (LAN) A computer network limited to the immediate area, usually the same building or floor of a building. IP sniffing Stealing network addresses by reading the packets. Harmful data is then sent stamped with internal trusted addresses. IP Splicing / Hijacking An action whereby an active, established, session is intercepted and co-opted by the unauthorized user. IP splicing attacks may occur after an authentication has been made, permitting the attacker to assume the role of an already authorized user. Primary protections against IP splicing rely on encryption at the session or network layer. IP spoofing An attack whereby a system attempts to illicitly impersonate another system by using its EP network address. Iris Recognition A biometric modality that uses an image of the physical structure of an individual’s iris for recognition purposes, as illustrated below. The iris muscle is the coloured portion of the eye surrounding the pupil. IrisCode© A biometric feature format used in the Daugman iris recognition system. ISO - International Organization for Standardization A non-governmental network of the national standards institutes from 151 countries. The ISO acts as a bridging organization in which a consensus can be reached on solutions that meet both the requirements of business and the broader needs of society, such as the needs of stakeholder groups like consumers and users. For more information visit http://www.iso.org. See also ANSI, INCITS, NIST. ISO (International Standards Organization) Sets standards for data communications. ISSA Information Systems Security Association. Issuing organization Organization authorized to issue an official travel document (e.g. the United Nations Organization, issuer of the laissez-passer). Issuing State The country issuing the MRTD