Technical Security & Risk Glossary
A Glossary of Terms Used in Physical & Electronic
Security as well as Risk Management.
AACS
Automated Access Control System; An electronic
or electro-mechanical system that requiring the entry of personal identification information before
allowing access to people/vehicles/objects to a site. Access is only granted if this information
matches data on the list of authorised users within a database.
Account Harvesting
Is the process of collecting all the legitimate account
names on a system database.
AC Fail
Is when the power to a system,
appliance or device fails and it is now supported by a back-up
battery or UPS.
Actionable intelligence
Data that has
been gathered and collated in a way that makes sense and provides
context to the end user, enabling him or her to take appropriate
action.
Analogue
Referring to a system or component
that uses a system of measurement, response or storage in which
values are expressed as a magnitude using a continuous scale
of measurement.
Anti-terrorism
Defensive measures used
to reduce the vulnerability of individuals, forces, and property
to terrorist acts.
Anti-Pass-back
A security system feature
that is used to prevent users from passing their credentials
back to a second person to enter a security-controlled area,
such as a car park or employee building.
API
Application Programming Interface.
A set of tools and procedures provided by the owner of an application
so that others can control, exchange data with, or extend the
functionality of an application.
ASCII
American Standard Code for Information
Interchange. A 7-bit character system that includes the alphanumeric
characters and printer control codes.
ASIO
Australian Security Intelligence
Organisation
Authentication
In access control technology,
the process of confirming the correctness of a claimed identity.
Back Door
A backdoor is a tool installed
after a compromise to give an attacker easier access to the
compromised system around any security mechanisms that are in
place.
BACnet
Building Automation and Control
Networks is a network communications protocol commonly used
in building automation and building management systems.
Ballast
Mass securely attached to a hostile
vehicle.
BALUN
Balanced/Unbalanced. A device that
links together dissimilar wire types and attempts to minimize
any negative effects to the signal that would normally result
from the dissimilarity. Baluns are typically used to transmit
composite video signals over a twister pair cable instead of
co-axial cable.
BCP
A Business Continuity Plan is the
plan for emergency response, backup operations, and post-disaster
recovery steps that will ensure the availability of critical
resources and facilitate the continuity of operations in an
emergency.
Biometrics
In access control, the use
of a person's physical characteristics, such as fingerprint
or iris pattern, to authenticate identity by using physiological
and/or behavioral measurements.
BMS
An automated system used to maintain
a balanced, efficient, and workable climate within the building
by monitoring and controlling lighting, temperature and security.
Also alerts relevant staff teams when maintenance or other actions
are required.
CCTV
Closed Circuit Television; Cameras
linked to monitors for surveillance and security monitoring
on a site. The closed-circuit limits transmission of video signals
to a connected group of authorised people.
CER
Communications Equipment Room
CPTED
Crime prevention through environmental
design. A method of improving security through strategic building
design, as well as the use of other environmental, organizational,
or mechanical tactics.
DAS
Direct Attached Storage. A video storage
technology used to connect hosts to storage devices via a direct,
one-to-one small computer system interface (SCSI) attachment.
Digital Footprint
The trail of information
left behind whenever you access services online. This might
be passive (your personal information collected passively when
search engines store your search history) or active (when you
share information on blogs or social media).
DOTL
Door Open Too Long (as in access
control systems).
Double Knock
A system where a security
detecting device must sense two "separate" events within a set
time frame before activating an alarm.
Duress alarm
Also known as a silent alarm;
a device that enables a person to call for help without arousing
suspicion.
DVI
Digital Video Interface. Used for
connecting LED monitors to a PC.
DVR
Digital Video Recorder (now old technology)
Fault-line attack
An attack that exploits
gaps in security coverage to gain access to a system or facility.
EOL
End of Line. In alarm systems it refers
to a resistor network at the literal last point of the circuit
(installed inside the detector) to ensure monitoring of the
detector
and
the integrity of the circuit itself.
Ethernet
The most widely installed LAN
technology. Specified in a standard, IEEE 802.3, an Ethernet
LAN typically uses special grades of twisted pair wires. Devices
are connected to the cable and compete for access using a CSMA/CD
protocol.
False Rejects
When an authentication system
fails to recognize a valid user.
Fenestration Obscuration
Blocking the
possible view through windows in order to prevent hostile surveillance
into the building on a secure site. Generally done by adding
window frosting or using blinds.
FIFO
First In First Out (In reference
to video data storage).
FOBOT
Fibre Optic Break Out Tray.
FDA
Forced Door Alarm.
GPRS
General Packet Radio Service is a
packet oriented mobile data standard on the 2G and 3G cellular
communication network for mobile communications. Alarm systems
and remote CCTV cameras often use this technology to transmit
signals back to a remote-control room.
GSM
Global System for Mobile Communications.
Usually referred to as a signalling method for Intruder Detection
Systems and, even digital video surveillance via the mobile
network.
GUI
Graphical User Interface (On a PC
monitor).
Hardening
Is the process of identifying
and fixing vulnerabilities on a system or building.
HLI
High Level Interface (Usually via
software or database links).
Hostile Reconnaissance
The term given
to the information gathering phase by those individuals or groups
with malicious intent, is a vital component of the attack planning
process.
HR
Hostile Reconnaissance; Research and
investigation into a site by a person/people with hostile intent,
who may use the information to harm the site, the people working
there, its assets or reputation.
HVM
Hostile Vehicle Mitigation.
Hybrid NVR
A video recording device that
incorporates functions of both network video recorders (NVRs)
and DVRs by accepting and converting video images from analogue
cameras as well as IP video streams.
ICT
Information and Communications Technology.
IDS
Intruder Detection System.
Incident Management
The process of responding
to an emergency event or reports of suspicious activity.
Infrared Illuminator
A light source that
produces IR (invisible or barely visible) wavelengths of light.
IR illuminators are used as spotlights or floodlights for cameras
sensitive to reflected IR light (i.e. low light level conditions).
IP
Internet Protocol. The protocol through
which information is sent from one computer or mobile device
to another via the Internet.
IP Monitoring
Refers to a new method of
transmitting signals from an Intruder Detection System directly
to the remote alarm monitoring centre via internet protocol;
as opposed to the antiquated PSTN line or mobile network.
KVM
Keyboard Video Mouse.
LAN
Local Area Network.
LCD
Liquid Crystal Display.
LLI
Low Level Interface (Usually by physical
relays and/or switches).
Lossless Compression
- Compression of a
digital file (reducing the file size) that does not significantly
affect the quality or quantity of the data recovered when the
file is unzipped, so all of the data in the file can be restored.
Lossy Compression
- Compression of a digital
file (reducing the file size) that results in a permanent loss
of data. This is sometimes acceptable and can be useful when
sending a complex image as a .jpg, for example. It’s up to the
sender to decide which is a priority – reduced file size or
retaining the full quality and level of detail of the image.
Monitoring Centre Shell
All elements of
the barrier surrounding an alarm monitoring centre including
the operations area, isolation department and amenities as required.
Multiplexing
To combine multiple signals
from possibly disparate sources, in order to transmit them over
a single path.
NAS
Network Attached Storage (NAS). A
network storage technology used to record and access data in
file format from one or more data storage devices.
NFC
Near Field Communication.
NTP
Network Time Protocol.
NVR
Network Video Recorder (has replaced
the DVR).
ONVIF
A non-profit organization that works
to advance the adoption of IP in the physical security market
using a global open standard.
OSI
OSI (Open Systems Interconnection)
is a standard description or "reference model" for how messages
should be transmitted between any two points in a telecommunication
network. Its purpose is to guide product implementers so that
their products will consistently work with other products. The
reference model defines seven layers of functions that take
place at each end of a communication. It is also valuable as
a single reference view of communication that furnishes everyone
a common ground for education and discussion.
Panoramic View
An unbroken view of a wide
arc (often 180 degrees or more) of a horizon.
PIDS
Perimeter Intrusion Detection System.
PIN
Personal Identification Number.
PIR
Passive infra-red. A type of sensor
technology that picks up infra-red heat from persons and triggers
an alarm.
PMG
Places of Mass Gathering
PoE
Power over Ethernet. describes any
of several standard or ad-hoc systems which pass electric power
along with data on twisted pair Ethernet cabling. This allows
a single cable to provide both data connection and electric
power to devices such as IP cameras, sensors, VoIP intercoms
and wireless access points, etc. This configuration eliminates
the need for a power supply & battery at the remote end
of cabling networks.
PoE+
Same as Power over Ethernet above
but increases power capacity from 15.4 watts to 30 watts.
PPM
Planned Preventative Maintenance.
In reference to security systems PPM should be carried out at
least once every six months.
PSIM
Physical Security Information Management.
PSIM is software that provides a platform, and applications,
designed to integrate multiple unconnected security applications
and devices and control them through one comprehensive user
interface.
RFID
Radio Frequency Identification. Used
in access control cards to transmit data to a proximity reader.
RS-485
Recommended standard in multi-drop
communications. Commonly used in access control systems for
daisy-chaining up to 32 devices on one cable run.
RU
Rack Unit (44.45mm).
SAS
Server Attached Storage. A data sharing
storage technology that was developed as an alternative to DAS
to achieve a distributed video data approach through the use
of a LAN.
SAN
Storage Area Network. A data sharing
storage technology that consists of communications infrastructure
and management layers.
SCEC
Security Construction and Equipment
Committee which is applicable for Australia only. The committee
reports directly to the Protective Security Policy Committee
(PSPC), established by the Australian Government to develop
guidelines for the protection of Australian Government resources.
SCR
Security Control Room.
SMOF
Single Mode Optical Fibre.
SMS
Short Message Service (used in mobile phones and tablets).
SMS
Security Management Systems.
SER
Security Equipment Room.
Tailgating
In access control, following
an authorized individual into a secured area without gaining
authorized access yourself.
Target Hardening
Target hardening or mitigation
is a process wherein a building is made into a more difficult
or less attractive target. It does not necessarily mean the
construction of an impenetrable bunker, although this would
be the extreme case of target hardening.
UPS
Uninterruptible Power Supply.
USB
Universal Serial Bus.
UTP
Unshielded Twisted Pair.
VACP
Vehicle Access Control Point
VBIED
Vehicle-borne improvised explosive
device
Video Analytics
A technology that uses
software to analyse the video image stream. Video analytics
software may provide object detection, recognition, identification,
tracking, and analysis in a variety of surveillance applications.
Vigilance Decrement
- As people get tired
in the course of the work, their attention wanes and they are
less likely to detect a person, object or other change in the
environment. This ‘vigilance decrement’ usually happens after
20-30 minutes of continuous work, depending on the level of
concentration required.
VSB
Vehicle Security Barriers.
VMD
Video Motion Detection. When the current
image changes beyond a threshold value, the system triggers
one or more pre-programmed actions and initiates an alarm.
VMS
PC Based Graphical Video Management
System.
VMS
Video Management System. PC based
software to record, monitor and control video streams from remote
cameras and provide actionable intelligence to the operator.
VoIP
Voice over IP. Transmitting a voice
over an IP network as opposed to an analogue telephone line.
Voice Code
A unique password used to swiftly
identify authorized personnel.
Vulnerability Assessment
Is an in-depth
analysis of building weaknesses and lack of redundancy to determine
mitigations or corrective actions that can be designed or implemented
to reduce vulnerabilities. The extent and depth of the analysis
will depend upon the size and function of the building and organization.
WAN
Wide Area Network.
Watermarking
Is the process of adding
a semi-transparent layer of verbal or visual information onto
an image. Watermarking is often used as part of an authentication
process in recorded video footage.
Wide Dynamic Range
When part of an image is extremely
dark but another part is so bright you can't see any details,
that's dynamic range:—the difference in lighting.
