- Permission Aggregation Permission aggregation is a concept in access control where the system calculates the effective permissions of a user by combining all the rights granted directly to the user and those obtained through group memberships or role assignments. It's crucial in complex systems with layered security structures to understand a user's combined permissions, which helps in enforcing the principle of least privilege and preventing excessive access rights.
- Permissions The level of access that a user, group, or process has to a system or its resources. They are an essential component of access control, helping to ensure that only authorized individuals or processes can view, modify, or execute specific files or operations. The administration of permissions is a critical task in maintaining system security and data integrity, requiring ongoing oversight to account for changes in roles, responsibilities, or threat environments.
- Personal Area Network (PAN) A network arrangement that interconnects devices within the reach of an individual person, typically within a range of 10 meters. This could include devices such as smartphones, laptops, wearable devices, or smart home devices. The security considerations for a PAN involve ensuring secure communications between devices, controlling access to devices, and protecting the data stored or transmitted within the network.
- Personal Identification Number (PIN) A secret numeric password used to authenticate a user's identity and access certain services or systems. It is used in security to provide an additional layer of protection against unauthorized access. Examples include ATM PINs and phone unlock codes.
- Personal Identification Verification Card The Personal Identification Verification (PIV) Card is a United States federal government standard for secure and reliable forms of identification for federal employees and contractors. The PIV card serves as a government-issued identification card for access to federal buildings and information systems, and includes integrated security features such as cryptographic keys, personal identification numbers (PINs), and biometric data to ensure the cardholder's identity.
- Personal Information Protection and Electronic Documents Act (PIPEDA)The federal privacy legislation in Canada that sets out the rules for the collection, use, and disclosure of personal information in the course of commercial activities. This concept is used in the private sector, including businesses, organizations, and individuals, to protect the privacy rights of individuals and ensure the responsible handling of personal information. Examples include PIPEDA compliance, PIPEDA consent, and PIPEDA complaints.
- Personally Identifiable Information (PII) Information that can be used to uniquely identify an individual, such as their name, address, social security number, or biometric data. It is used in privacy and security to protect sensitive personal information from unauthorized access or use. Examples include medical records and financial information.
- Personnel redundancy The practice of having multiple employees with overlapping skills and responsibilities in order to ensure that essential functions can be carried out in the event of an employee absence, injury, or other disruption. This concept is used in various industries, including healthcare, transportation, and public safety, to maintain continuity of operations and avoid critical failures. Examples include cross-training, shift coverage, and job sharing.
- Pervasive encryption The widespread use of encryption techniques to secure data and communications at all times, regardless of whether it is being transmitted or stored. It is used in various industries, including healthcare, finance, and government, to protect sensitive information from being accessed or stolen by unauthorized parties. Examples include using encrypted emails to send sensitive documents or using encrypted storage devices to keep confidential data safe.
- Pharming A type of cyber-attack where a user is redirected to a fake or malicious website without their knowledge, often through the use of malware or DNS poisoning. It is used in cyber security to refer to the act of redirecting internet traffic to a fraudulent website. Examples include fake banking websites and malicious download links.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.