Technical Security & Risk Glossary
A Glossary of Terms Used in Physical & Electronic
Security as well as Risk Management.
Automated Access Control System; An electronic or electro-mechanical system that requiring the entry of
personal identification information before allowing access to people/vehicles/objects to a site.
Access is only granted if this information matches data on the list of authorised users within a database.
Action of a user to accept a message or indication.
Is the process of collecting all the legitimate account names on a system database.
Is when the power to a system, appliance or device fails and it is now supported by a back-up
battery or UPS.
Data that has been gathered and collated in a way that makes sense and provides
context to the end user, enabling him or her to take appropriate action.
Referring to a system or component that uses a system of measurement, response or storage in which
values are expressed as a magnitude using a continuous scale of measurement.
Defensive measures used to reduce the vulnerability of individuals, forces, and property
to terrorist acts.
A security system feature that is used to prevent users from passing their credentials
back to a second person to enter a security-controlled area, such as a car park or employee building.
Application Programming Interface. A set of tools and procedures provided by the owner of an application
so that others can control, exchange data with, or extend the functionality of an application.
American Standard Code for Information Interchange. A 7-bit character system that includes the alphanumeric
characters and printer control codes.
Australian Security Intelligence Organisation.
In access control technology, the process of confirming the correctness of a claimed identity.
A backdoor is a tool installed after a compromise to give an attacker easier access to the
compromised system around any security mechanisms that are in place.
Building Automation and Control Networks is a network communications protocol commonly used
in building automation and building management systems.
Mass securely attached to a hostile vehicle.
Balanced/Unbalanced. A device that links together dissimilar wire types and attempts to minimize
any negative effects to the signal that would normally result from the dissimilarity. Baluns are typically used to transmit
composite video signals over a twister pair cable instead of co-axial cable.
A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster
recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an
In access control, the use of a person's physical characteristics, such as fingerprint
or iris pattern, to authenticate identity by using physiological and/or behavioral measurements.
An automated system used to maintain a balanced, efficient, and workable climate within the building
by monitoring and controlling lighting, temperature and security. Also alerts relevant staff teams when
maintenance or other actions
Closed Circuit Television; Cameras linked to monitors for surveillance and security monitoring
on a site. The closed-circuit limits transmission of video signals to a connected group of authorised people.
Communications Equipment Room.
Crime prevention through environmental design. A method of improving security through strategic building
design, as well as the use of other environmental, organizational, or mechanical tactics.
Direct Attached Storage. A video storage technology used to connect hosts to storage devices via a direct,
one-to-one small computer system interface (SCSI) attachment.
The trail of information left behind whenever you access services online. This might
be passive (your personal information collected passively when search engines store your search history) or active (when you
share information on blogs or social media).
Door Open Too Long (as in access control systems).
A system where a security detecting device must sense two "separate" events within a set
time frame before activating an alarm.
Also known as a silent alarm; a device that enables a person to call for help without arousing suspicion.
Digital Video Interface. Used for connecting LED monitors to a PC.
Digital Video Recorder (now old technology).
An attack that exploits gaps in security coverage to gain access to a system or facility.
End of Line. In alarm systems it refers to a resistor network at the literal last point of the circuit
(installed inside the detector) to ensure monitoring of the detector and
the integrity of the circuit itself.
The most widely installed LAN technology. Specified in a standard, IEEE 802.3, an Ethernet
LAN typically uses special grades of twisted pair wires. Devices are connected to the cable and compete
for access using a CSMA/CD protocol.
When an authentication system fails to recognize a valid user.
Blocking the possible view through windows in order to prevent hostile surveillance
into the building on a secure site. Generally done by adding window frosting or using blinds.
First In First Out (In reference to video data storage).
Fibre Optic Break Out Tray.
Forced Door Alarm.
General Packet Radio Service is a packet oriented mobile data standard on the 2G and 3G cellular
communication network for mobile communications. Alarm systems and remote CCTV cameras often use this
technology to transmit signals back to a remote-control room.
Global System for Mobile Communications. Usually referred to as a signalling method for Intruder Detection
Systems and, even digital video surveillance via the mobile network.
Graphical User Interface (On a PC monitor).
Is the process of identifying and fixing vulnerabilities on a system or building.
High Level Interface (Usually via software or database links).
The term given to the information gathering phase by those individuals or groups
with malicious intent, is a vital component of the attack planning process.
Hostile Reconnaissance; Research and investigation into a site by a person/people with hostile intent,
who may use the information to harm the site, the people working there, its assets or reputation.
Hostile Vehicle Mitigation.
A video recording device that incorporates functions of both network video recorders (NVRs)
and DVRs by accepting and converting video images from analogue cameras as well as IP video streams.
Information and Communications Technology.
Intruder Detection System.
The process of responding to an emergency event or reports of suspicious activity.
A light source that produces IR (invisible or barely visible) wavelengths of light.
IR illuminators are used as spotlights or floodlights for cameras
sensitive to reflected IR light (i.e. low light level conditions).
Internet Protocol. The protocol through which information is sent from one
computer or mobile device to another via the Internet.
Refers to a new method of transmitting signals from an Intruder
Detection System directly to the remote alarm monitoring centre
via internet protocol; as opposed to the antiquated PSTN line or mobile network.
Keyboard Video Mouse.
Local Area Network.
Liquid Crystal Display.
Low Level Interface (Usually by physical relays and/or switches).
- Compression of a digital file (reducing the file size) that does not significantly
affect the quality or quantity of the data recovered when the
file is unzipped, so all of the data in the file can be restored.
- Compression of a digital file (reducing the file size) that results in a permanent loss
of data. This is sometimes acceptable and can be useful when sending a complex image as a .jpg,
for example. It’s up to the sender to decide which is a priority – reduced file size or
retaining the full quality and level of detail of the image.
Monitoring Centre Shell
All elements of the barrier surrounding an alarm monitoring centre including
the operations area, isolation department and amenities as required.
To combine multiple signals from possibly disparate sources, in order to transmit them over
a single path.
Network Attached Storage (NAS). A network storage technology used to record and access data in
file format from one or more data storage devices.
Near Field Communication.
Network Time Protocol.
Network Video Recorder (has replaced the DVR).
A non-profit organization that works to advance the adoption of IP in the physical security market
using a global open standard.
OSI (Open Systems Interconnection) is a standard description or "reference model" for how messages
should be transmitted between any two points in a telecommunication network. Its purpose is to
guide product implementers so that their products will consistently work with other products. The
reference model defines seven layers of functions that take place at each end of a communication.
It is also valuable as a single reference view of communication that furnishes everyone a common
ground for education and discussion.
An unbroken view of a wide
arc (often 180 degrees or more) of a horizon.
Perimeter Intrusion Detection System.
Personal Identification Number.
Passive infra-red. A type of sensor technology that picks up infra-red heat from persons and triggers
Places of Mass Gathering.
Power over Ethernet. describes any of several standard or ad-hoc systems which pass electric power
along with data on twisted pair Ethernet cabling. This allows a single cable to provide both data
connection and electric power to devices such as IP cameras, sensors, VoIP intercoms and wireless
access points, etc. This configuration eliminates the need for a power supply & battery at the
remote end of cabling networks.
Same as Power over Ethernet above but increases power capacity from 15.4 watts to 30 watts.
Planned Preventative Maintenance. In reference to security systems PPM should be carried out at
least once every six months.
Physical Security Information Management. PSIM is software that provides a platform, and
applications, designed to integrate multiple unconnected security applications
and devices and control them through one comprehensive user interface.
Radio Frequency Identification. Used
in access control cards to transmit data to a proximity reader.
Recommended standard in multi-drop communications. Commonly used in access control systems for
daisy-chaining up to 32 devices on one cable run.
Rack Unit (44.45mm).
Server Attached Storage. A data sharing
storage technology that was developed as an alternative to DAS
to achieve a distributed video data approach through the use
of a LAN.
Storage Area Network. A data sharing storage technology that consists of communications infrastructure
and management layers.
Security Construction and Equipment
Committee which is applicable for Australia only. The committee
reports directly to the Protective Security Policy Committee
(PSPC), established by the Australian Government to develop
guidelines for the protection of Australian Government resources.
Security Control Room.
Single Mode Optical Fibre.
Short Message Service (used in mobile phones and tablets).
Security Management Systems.
Security Equipment Room.
In access control, following an authorized individual into a secured area without gaining
authorized access yourself.
Target hardening or mitigation is a process wherein a building is made into a more difficult
or less attractive target. It does not necessarily mean the construction of an impenetrable bunker,
although this would be the extreme case of target hardening.
Uninterruptible Power Supply.
Universal Serial Bus.
Universal Time Coordinated.
Unshielded Twisted Pair.
Vehicle Access Control Point.
Vehicle-borne improvised explosive device.
Video Content Analysis.
A technology that uses software to analyse the video image stream. Video analytics
software may provide object detection, recognition, identification,
tracking, and analysis in a variety of surveillance applications.
- As people get tired in the course of the work, their attention wanes and they are
less likely to detect a person, object or other change in the
environment. This ‘vigilance decrement’ usually happens after
20-30 minutes of continuous work, depending on the level of concentration required.
Vehicle Security Barriers.
Video Motion Detection. When the current image changes beyond a threshold value, the system triggers
one or more pre-programmed actions and initiates an alarm.
Video Management System. PC based software to record, monitor and control video streams from remote
cameras and provide actionable intelligence to the operator.
Video Surveillance System.
Voice over IP. Transmitting a voice over an IP network as opposed to an analogue telephone line.
A unique password used to swiftly identify authorized personnel.
Is an in-depth analysis of building weaknesses and lack of redundancy to determine
mitigations or corrective actions that can be designed or implemented
to reduce vulnerabilities. The extent and depth of the analysis will depend upon the
size and function of the building and organization.
Wide Area Network.
Is the process of adding a semi-transparent layer of verbal or visual information onto
an image. Watermarking is often used as part of an authentication process in recorded video footage.
Wide Dynamic Range
When part of an image is extremely dark but another part is so bright you can't see any details,
that's dynamic range:—the difference in lighting.