Another Security Vocabulary bt IETF

There exist another vocabulary called “Internet Security Glossary, Version 2”. It is IETF RFC 4949 from 2007.

IETF=Internet Engineering Task Force

Note, in RFC 4949 the definitions might differ from the ITU and ISO definitions.

For example, “information security” is defined as:

$ information security (INFOSEC)
(N) Measures that implement and assure security services in
information systems, including in computer systems (see: COMPUSEC)
and in communication systems (see: COMSEC).

$ COMSEC
(I) See: communication security.

$ communication security (COMSEC)
(I) Measures that implement and assure security services in a
communication system, particularly those that provide data
confidentiality and data integrity and that authenticate
communicating entities.

Usage: COMSEC is usually understood to include (a) cryptography
and its related algorithms and key management methods and
processes, devices that implement those algorithms and processes,
and the lifecycle management of the devices and keying material.
Also, COMSEC is sometimes more broadly understood as further
including (b) traffic-flow confidentiality, (c) TRANSEC, and (d)
steganography [Kahn]. (See: cryptology, signal security.)

This entry was posted in ICT Terminology, Security Terminology, Security Training, Awareness and Reports. Bookmark the permalink.

Comments are closed.