Fandom

The IT Law Wiki

Compromise

32,181pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definitions Edit

Computer security Edit

Compromise is

the disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.[1]
the unauthorized disclosure, modification, substitution, or use of sensitive information or to invade system by getting around its security.[2]

Compromise is "a loss of data confidentiality, integrity or availability."[3]

General Edit

Compromise is a

[t]ype of incident where information is disclosed to unauthorized individuals or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.[4]

Intelligence Edit

Compromise is

[t]he known or suspected exposure of clandestine personnel, installations, or other assets or of classified information or material, to an unauthorized person.[5]

National security Edit

Compromise is

[a]ny occurrence which results or can result in unauthorized persons gaining access to national security information.[6]
[t]he disclosure or release of classified information to unauthorized person(s).[7]

Power grid Edit

Compromise is

[t]he misuse or unauthorized modification of a Cyber Asset or supporting system.[8]

Security Edit

Compromise is

[a] security violation that has resulted in confirmed or suspected exposure of classified/ sensitive information to an unauthorized person.[9]
disclosure of information to unauthorized persons, or a violation of the security policy of a system, in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object, or the copying of information to unauthorized media may have occurred.[10]

Overview (Computer security) Edit

Out-of-date software, unsafe web browsing habits, or lack of appropriate anti-virus systems can all lead to the compromise of computer systems. Criminals and other adversaries often exploit weak identity solutions for individuals, websites, email, and the infrastructure that the Internet utilizes.

The collection of identity-related information across multiple service providers and user accounts, coupled with the sharing of personal information through the growth of social media, increases opportunities for data compromise. For example, personal data used to recover lost passwords (e.g., mother’s maiden name, the name of your first pet, etc.) is often publicly available.

In some cases, service providers have met consumer demand for online services, but they have provided inadequate identity assurances. Service providers have also deemed some highly desirable services that could provide further efficiencies and cost savings too risky to conduct online.

References Edit

  1. Information Security: Advances and Remaining Challenges to Adoption of Public Key Infrastructure Technology, at 71.
  2. DM3595-001, at 5.
  3. Report on Cybersecurity Practices, at 3.
  4. CNSSI 4009.
  5. Department of Defense Dictionary of Military and Associated Terms, at 45.
  6. Tempest Glossary, at 2.
  7. Intelligence Community Standard 700-01, at 6.
  8. Security Guideline for the Electricity Sector: Identifying Critical Cyber Assets, at 3. (full-text).
  9. Department of the Interior, Departmental Manual, Part 441, Chapter 1, §1.6(I) (Jan. 8, 2010).
  10. DFARS Clause 252.204-7012(a).

See also Edit

Also on Fandom

Random Wiki