Internal security audit

A security audit conducted by personnel responsible to the management of the organization being audited.

Internal security controls

Hardware, firmware, and software features within an information system that restrict access to resources (hardware, software, and data) only to authorized subjects (persons, programs, processes, or devices). Examples of internal security controls are encryption, digital signatures, digital certificates, and split knowledge. The security controls can be classified as (1) supporting, preventive, detective, corrective, and recovery controls, (2) management, technical, operational, and compensating controls, and (3) common controls, system-specific, and hybrid controls.

Internal testing (security)

It is similar to external (security) testing except that the testers are on the organization’s internal network behind the security perimeter.

Internet

The Internet is the single, interconnected, worldwide system of commercial, governmental educational, and other computer networks that share (1) the protocol suites and (2) the name and address spaces. The Internet is a decentralized, global network of computers (Internet hosts), linked by the use of common communications protocols (TCP/IP). The Internet allows users worldwide to exchange messages, data, and images. It is worldwide “network of networks” that uses the TCP/IP protocol suite for communications.

Internet-based EDI

Web EDI that operates on the Internet, and is widely accessible to most companies, including small-to-medium enterprises.

Internet control message protocol (ICMP)

A message control and error-reporting protocol between a host server and a gateway to the Internet. ICMP is used by a device, often a router, to report and acquire a wide-range of communications-related information.

Internet key exchange (IKE) protocol

Protocol used to negotiate, create, and manage security associations (SAs).

Internet message access protocol (IMAP)

A mailbox access protocol defined by IETF RFC 3501. IMAP is one of the most commonly used mailbox access protocols, and offers a much wider command set than post office protocol (POP). It is a method of communication used to read electronic messages stored in a remote server.

Internet protocol (IP)

The network-layer protocol in the TCP/IP stack used in the Internet. The IP is a connectionless protocol that fits well with the connectionless Ethernet protocol. However, the IP does not fit well with the connection-oriented ATM network.

Internet protocol (IP) address

An IP address is a unique number for a computer that is used to determine where messages transmitted on the Internet should be delivered. The IP address is analogous to a house number for ordinary postal mail.

Internet Protocol security (IPsec)

An IEEE Standard, RFC 2411, protocol that provides security capabilities at the Internet Protocol (IP) layer of communications. IPsec’s key management protocol is used to negotiate the secret keys that protect virtual private network (VPN) communications, and the level and type of security protections that will characterize the VPN. The most widely used key management protocol is the Internet key exchange (IKE) protocol. IPsec is a standard consisting of IPv6 security features ported over to the current version of IPv4. IPsec security features provide confidentiality, data integrity, and nonrepudiation services.

Internet service provider (ISP)

ISP is an entity providing a network connection to the global Internet.

Interoperability

(1) A measure of the ability of one set of entities to physically connect to and logically communicate with another set of entities. (2) The ability of two or more systems or components to exchange information and to use the information that has been exchanged. (3) The capability of systems, subsystems, or components to communicate with one another, to exchange services, and to use information including content, format, and semantics.

Interoperability testing

Testing to ensure that two or more communications products (hosts or routers) can interwork and exchange data.

Interpreted virus

A virus that is composed of source code that can be executed only by a particular application or service.

Interpreter

(1) A program that processes a script or other program expression and carries out the requested action, in accordance with the language definition. (2) A support program that reads a single source statement, translates that statement to machine language, executes those machine-level instructions, and then moves on to the next source statement. An interpreter operates on a “load and go” method.

Inter-procedural analysis

Analysis between calling and called procedures within a computer program.

Intranet

A private network that is employed within the confines of a given enterprise (e.g., internal to a business or agency). An organization’s intranet is usually protected from external access by a firewall. An intranet is a network internal to an organization but that runs the same protocols as the network external to the organization (i.e., the Internet). Every organizational network that runs the TCP/IP protocol suite is an Intranet.

Intrusion

Attacks or attempted attacks from outside the security perimeter of an information system, thus bypassing the security mechanisms.

Intrusion detection

(1) Detection of break-ins or break-in attempts either manually or via software expert systems that operate on logs or other information available on the network. (2) The process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents.

Intrusion detection and prevention system (IDPS)

Software that automates the process of monitoring the events occurring in a computer system or network, and analyzing them for signs of possible incidents and attempting to stop detected possible incidents.

Intrusion detection system (IDS)

Hardware or software product that gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include intrusions (attacks from outside the organization) and misuse (attacks from within the organization).

Intrusion detection system load balancer

A device that aggregates and directs network traffic to monitoring systems, such as intrusion detection and prevention sensors.

Intrusion prevention

The process of monitoring the events occurring in a computer system or network, analyzing them for signs of possible incidents, and attempting to stop detected possible incidents.

Intrusion prevention systems (IPS)

(1) Systems that can detect an intrusive activity and can also attempt to stop the activity, ideally before it reaches its targets. (2) Software that has all the capabilities of an intrusion detection system and can also attempt to stop possible incidents.

Inverse cipher

(1) A series of transformations that converts ciphertext to plaintext, using the cipher key. (2) The block cipher algorithm function that is the inverse of the forward cipher function when the same cryptographic key is used.