Technical Security & Risk Glossary
A Glossary of Terms Used in Physical & Electronic
Security as well as Risk Management.
AACS
Automated Access Control System; An electronic or electro-mechanical system that requiring the entry of
personal identification information before allowing access to people/vehicles/objects to a site.
Access is only granted if this information matches data on the list of authorised users within a database.
Acknowledge
Action of a user to accept a message or indication.
Account Harvesting
Is the process of collecting all the legitimate account names on a system database.
AC Fail
Is when the power to a system, appliance or device fails and it is now supported by a back-up
battery or UPS.
Actionable intelligence
Data that has been gathered and collated in a way that makes sense and provides
context to the end user, enabling him or her to take appropriate action.
Analogue
Referring to a system or component that uses a system of measurement, response or storage in which
values are expressed as a magnitude using a continuous scale of measurement.
Anti-terrorism
Defensive measures used to reduce the vulnerability of individuals, forces, and property
to terrorist acts.
Anti-Pass-back
A security system feature that is used to prevent users from passing their credentials
back to a second person to enter a security-controlled area, such as a car park or employee building.
API
Application Programming Interface. A set of tools and procedures provided by the owner of an application
so that others can control, exchange data with, or extend the functionality of an application.
ASCII
American Standard Code for Information Interchange. A 7-bit character system that includes the alphanumeric
characters and printer control codes.
ASIO
Australian Security Intelligence Organisation.
Authentication
In access control technology, the process of confirming the correctness of a claimed identity.
Back Door
A backdoor is a tool installed after a compromise to give an attacker easier access to the
compromised system around any security mechanisms that are in place.
BACnet
Building Automation and Control Networks is a network communications protocol commonly used
in building automation and building management systems.
Ballast
Mass securely attached to a hostile vehicle.
BALUN
Balanced/Unbalanced. A device that links together dissimilar wire types and attempts to minimize
any negative effects to the signal that would normally result from the dissimilarity. Baluns are typically used to transmit
composite video signals over a twister pair cable instead of co-axial cable.
BCP
A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster
recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an
emergency.
Biometrics
In access control, the use of a person's physical characteristics, such as fingerprint
or iris pattern, to authenticate identity by using physiological and/or behavioral measurements.
BMS
An automated system used to maintain a balanced, efficient, and workable climate within the building
by monitoring and controlling lighting, temperature and security. Also alerts relevant staff teams when
maintenance or other actions
are required.
CCTV
Closed Circuit Television; Cameras linked to monitors for surveillance and security monitoring
on a site. The closed-circuit limits transmission of video signals to a connected group of authorised people.
CER
Communications Equipment Room.
CPTED
Crime prevention through environmental design. A method of improving security through strategic building
design, as well as the use of other environmental, organizational, or mechanical tactics.
DAS
Direct Attached Storage. A video storage technology used to connect hosts to storage devices via a direct,
one-to-one small computer system interface (SCSI) attachment.
Digital Footprint
The trail of information left behind whenever you access services online. This might
be passive (your personal information collected passively when search engines store your search history) or active (when you
share information on blogs or social media).
DOTL
Door Open Too Long (as in access control systems).
Double Knock
A system where a security detecting device must sense two "separate" events within a set
time frame before activating an alarm.
Duress alarm
Also known as a silent alarm; a device that enables a person to call for help without arousing suspicion.
DVI
Digital Video Interface. Used for connecting LED monitors to a PC.
DVR
Digital Video Recorder (now old technology).
Fault-line attack
An attack that exploits gaps in security coverage to gain access to a system or facility.
EOL
End of Line. In alarm systems it refers to a resistor network at the literal last point of the circuit
(installed inside the detector) to ensure monitoring of the detector
and
the integrity of the circuit itself.
Ethernet
The most widely installed LAN technology. Specified in a standard, IEEE 802.3, an Ethernet
LAN typically uses special grades of twisted pair wires. Devices are connected to the cable and compete
for access using a CSMA/CD protocol.
False Rejects
When an authentication system fails to recognize a valid user.
Fenestration Obscuration
Blocking the possible view through windows in order to prevent hostile surveillance
into the building on a secure site. Generally done by adding window frosting or using blinds.
FIFO
First In First Out (In reference to video data storage).
FOBOT
Fibre Optic Break Out Tray.
FDA
Forced Door Alarm.
GPRS
General Packet Radio Service is a packet oriented mobile data standard on the 2G and 3G cellular
communication network for mobile communications. Alarm systems and remote CCTV cameras often use this
technology to transmit signals back to a remote-control room.
GSM
Global System for Mobile Communications. Usually referred to as a signalling method for Intruder Detection
Systems and, even digital video surveillance via the mobile network.
GUI
Graphical User Interface (On a PC monitor).
Hardening
Is the process of identifying and fixing vulnerabilities on a system or building.
HLI
High Level Interface (Usually via software or database links).
Hostile Reconnaissance
The term given to the information gathering phase by those individuals or groups
with malicious intent, is a vital component of the attack planning process.
HR
Hostile Reconnaissance; Research and investigation into a site by a person/people with hostile intent,
who may use the information to harm the site, the people working there, its assets or reputation.
HVM
Hostile Vehicle Mitigation.
Hybrid NVR
A video recording device that incorporates functions of both network video recorders (NVRs)
and DVRs by accepting and converting video images from analogue cameras as well as IP video streams.
ICT
Information and Communications Technology.
IDS
Intruder Detection System.
Incident Management
The process of responding to an emergency event or reports of suspicious activity.
Infrared Illuminator
A light source that produces IR (invisible or barely visible) wavelengths of light.
IR illuminators are used as spotlights or floodlights for cameras
sensitive to reflected IR light (i.e. low light level conditions).
IP
Internet Protocol. The protocol through which information is sent from one
computer or mobile device to another via the Internet.
IP Monitoring
Refers to a new method of transmitting signals from an Intruder
Detection System directly to the remote alarm monitoring centre
via internet protocol; as opposed to the antiquated PSTN line or mobile network.
KVM
Keyboard Video Mouse.
LAN
Local Area Network.
LCD
Liquid Crystal Display.
LLI
Low Level Interface (Usually by physical relays and/or switches).
Lossless Compression
- Compression of a digital file (reducing the file size) that does not significantly
affect the quality or quantity of the data recovered when the
file is unzipped, so all of the data in the file can be restored.
Lossy Compression
- Compression of a digital file (reducing the file size) that results in a permanent loss
of data. This is sometimes acceptable and can be useful when sending a complex image as a .jpg,
for example. It’s up to the sender to decide which is a priority – reduced file size or
retaining the full quality and level of detail of the image.
Monitoring Centre Shell
All elements of the barrier surrounding an alarm monitoring centre including
the operations area, isolation department and amenities as required.
Multiplexing
To combine multiple signals from possibly disparate sources, in order to transmit them over
a single path.
NAS
Network Attached Storage (NAS). A network storage technology used to record and access data in
file format from one or more data storage devices.
NFC
Near Field Communication.
NTP
Network Time Protocol.
NVR
Network Video Recorder (has replaced the DVR).
ONVIF
A non-profit organization that works to advance the adoption of IP in the physical security market
using a global open standard.
OSI
OSI (Open Systems Interconnection) is a standard description or "reference model" for how messages
should be transmitted between any two points in a telecommunication network. Its purpose is to
guide product implementers so that their products will consistently work with other products. The
reference model defines seven layers of functions that take place at each end of a communication.
It is also valuable as a single reference view of communication that furnishes everyone a common
ground for education and discussion.
Panoramic View
An unbroken view of a wide
arc (often 180 degrees or more) of a horizon.
PIDS
Perimeter Intrusion Detection System.
PIN
Personal Identification Number.
PIR
Passive infra-red. A type of sensor technology that picks up infra-red heat from persons and triggers
an alarm.
PMG
Places of Mass Gathering.
PoE
Power over Ethernet. describes any of several standard or ad-hoc systems which pass electric power
along with data on twisted pair Ethernet cabling. This allows a single cable to provide both data
connection and electric power to devices such as IP cameras, sensors, VoIP intercoms and wireless
access points, etc. This configuration eliminates the need for a power supply & battery at the
remote end of cabling networks.
PoE+
Same as Power over Ethernet above but increases power capacity from 15.4 watts to 30 watts.
PPM
Planned Preventative Maintenance. In reference to security systems PPM should be carried out at
least once every six months.
PSIM
Physical Security Information Management. PSIM is software that provides a platform, and
applications, designed to integrate multiple unconnected security applications
and devices and control them through one comprehensive user interface.
RFID
Radio Frequency Identification. Used
in access control cards to transmit data to a proximity reader.
RS-485
Recommended standard in multi-drop communications. Commonly used in access control systems for
daisy-chaining up to 32 devices on one cable run.
RU
Rack Unit (44.45mm).
SAS
Server Attached Storage. A data sharing
storage technology that was developed as an alternative to DAS
to achieve a distributed video data approach through the use
of a LAN.
SAN
Storage Area Network. A data sharing storage technology that consists of communications infrastructure
and management layers.
SCEC
Security Construction and Equipment
Committee which is applicable for Australia only. The committee
reports directly to the Protective Security Policy Committee
(PSPC), established by the Australian Government to develop
guidelines for the protection of Australian Government resources.
SCR
Security Control Room.
SMOF
Single Mode Optical Fibre.
SMS
Short Message Service (used in mobile phones and tablets).
SMS
Security Management Systems.
SER
Security Equipment Room.
Tailgating
In access control, following an authorized individual into a secured area without gaining
authorized access yourself.
Target Hardening
Target hardening or mitigation is a process wherein a building is made into a more difficult
or less attractive target. It does not necessarily mean the construction of an impenetrable bunker,
although this would be the extreme case of target hardening.
UPS
Uninterruptible Power Supply.
USB
Universal Serial Bus.
UTC
Universal Time Coordinated.
UTP
Unshielded Twisted Pair.
VACP
Vehicle Access Control Point.
VBIED
Vehicle-borne improvised explosive device.
VCA
Video Content Analysis.
Video Analytics
A technology that uses software to analyse the video image stream. Video analytics
software may provide object detection, recognition, identification,
tracking, and analysis in a variety of surveillance applications.
Vigilance Decrement
- As people get tired in the course of the work, their attention wanes and they are
less likely to detect a person, object or other change in the
environment. This ‘vigilance decrement’ usually happens after
20-30 minutes of continuous work, depending on the level of concentration required.
VSB
Vehicle Security Barriers.
VMD
Video Motion Detection. When the current image changes beyond a threshold value, the system triggers
one or more pre-programmed actions and initiates an alarm.
VMS
Video Management System. PC based software to record, monitor and control video streams from remote
cameras and provide actionable intelligence to the operator.
VSS
Video Surveillance System.
VoIP
Voice over IP. Transmitting a voice over an IP network as opposed to an analogue telephone line.
Voice Code
A unique password used to swiftly identify authorized personnel.
Vulnerability Assessment
Is an in-depth analysis of building weaknesses and lack of redundancy to determine
mitigations or corrective actions that can be designed or implemented
to reduce vulnerabilities. The extent and depth of the analysis will depend upon the
size and function of the building and organization.
WAN
Wide Area Network.
Watermarking
Is the process of adding a semi-transparent layer of verbal or visual information onto
an image. Watermarking is often used as part of an authentication process in recorded video footage.
Wide Dynamic Range
When part of an image is extremely dark but another part is so bright you can't see any details,
that's dynamic range:—the difference in lighting.
