Glossary of Definitions

AD	Active Directory login - Usually the same credentials as the BUnetID login.
ARIN	American Registry of Internet Numbers. The Regional Internet Registry (RIR) for Canada, many Caribbean and North Atlantic islands, and the United States. ARIN manages the distribution of Internet number resource (IP addresses) for the said regions.
Border Router Access Control Lists (ACLs)	Access control lists on the border routers provide another layer of security in addition to the firewall to protect the campus network as a whole, all zones, from unwanted activity from the Internet/outside world.
BUnetID	The ID (a.k.a. user name, login, user-id, and account name) used by Bradley to identify all users of network services.
Computer Peripherals	Peripheral devices such as printers and scanners. Peripheral devices may be attached to a computer directly or via the campus network.
Computer Workstations	General purpose computers which are utilized by individuals and include stationary and portable systems.
Confidential Data	Non-protected data which, if revealed, can result in financial, legal or significant privacy loss to members of the Bradley community.
Device Level Protection	Many other devices on the network, most commonly servers, have firewall protection installed locally on them, which is in addition to the network firewall.
Display Visibility	Individuals with access to protected data information shall ensure that any and all computer displays for which they are responsible are not visible to unauthorized viewing by others.
Electronic Identity	This term refers to a method of assuring that the person who authenticated using a particular set of credentials is the person who is identified by these credentials.
FERPA	Family Education and Privacy Act – http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html .
Firewall Access Control Lists (ACLs)	Access control lists on the firewall are used to permit certain devices in the lower security zones initiate network communications with the higher security zones, communications that would otherwise not be allowed per the zone’s security level number.
Firewall Security Zones	The firewall is segmented into zones, each with an assigned security level number relative to other zones. Devices are added to a specific zone based on who the user is, the protection needed for the device, and the required access to other network resources. For example, a student computer would be placed in a lower numbered zone than an admin machine, but a higher numbered zone than the Internet. Network devices in higher numbered/level security zones can automatically initiate network communication with devices in lower numbered/level security level zones by default. Lower security zones can respond back to already established network communications that were established by devices higher security zones. Devices in lower security level zones can only initiate network communication with devices in higher level zones when explicitly configured by an access control list (ACL) to allow this.
HIPAA	Health Insurance Portability and Accountability Act - http://www.hipaa.org/
IDS	Intrusion Detection System. Software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by crackers, malware and/or disgruntled employees.
Mobile Computing Devices	Handheld computing devices including personal digital assistants (PDAs) and cellular phones with data access.
MRTG	Multi Router Traffic Grapher.- Free software for monitoring and measuring the traffic load on network links. It allows the user to see traffic load on a network over time in graphical form.
Network Device	Anything on the Bradley network, not necessarily a computer. This includes workstations, servers, laptops, desktops, routers, switches, access points, IP video units, IP Phones, building security systems, Laundry Systems, QuickCard systems, hand held devices, gaming systems, etc.
Network Resources	Anything a user on campus accesses over the campus network including shared files, printers, databases, applications, network equipment, internal-only websites, etc.
One-time use secret PIN	One time password to be used for this procedure.
PCI	Payment Card Industry - https://www.pcisecuritystandards.org/ .
Proprietary Data	All data held by the University for operational, educational, and/or other purposes not appropriate or available for general public use.
Protected Data	Data required to be protected by FERPA, HIPAA, PCI, or other regulations.
Public	Information available to the public.
Secure Protocol Examples	128-bit or longer keys of AES, IPSEC, SSH, SSL, or TLS
Server	a computer device containing proprietary or protected data that is shared by a number of Bradley University computer users.
Server Custodian	see policy 3.01 Server Physical Access Policy.
Server Location	the physical site containing server.
System Registration	Care should be taken when registering computers on the network not to place them in a higher security zone than is needed, particularly in the case of computers that will be publicly accessible and/or used by students other than student employees authorized to access protected data.
VPN	(Virtual Private Network) - A method establishing secure network communication through an unsecure network, such as the Internet.
WHOIS	(pronounced who is) is a query/response protocol which is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name or an IP address.
Zone	A segment of the network that, in order to have network communication with other segments of the network, must communicate through the firewall to get there.
Zone	A logical area of the network whose ingress and egress traffic is sent through a firewall.

 

 

Created 10/24/08
Revised 6/5/09
Maintained by DRandall - SRenken