A glossary of information security, cybersecurity, and digital technology terms relevant to Canadian publicly funded institutions, including the Higher Education sector, is available from the .
A glossary of information security, cybersecurity, and digital technology terms relevant to the NIST Cybersecurity Framework and other related frameworks used to guide the development develop Queen’s University Digital Information Security Policies and Standards is available from the .
Definitions
| Term | Definition | Type |
|---|---|---|
| Account | The aggregated information, data, and metadata on a digital service or technology to which access is granted following successful authentication. | Queen's-specific |
| Credentials | The combination of an identifier, such as a username, and a knowledge, possession, or inherence factor (or combinations thereof), that is used to authenticate access into a digital service or technology | Queen's-specific |
| Cybersecurity Incidents | Occurrences that actually or potentially increase the management of Information and Information Security Risk of digital assets operated by, or on behalf of, the university, or that constitute a threat of violation of the Policies, Standards, and other governance instruments. | Adapted from |
| Data | Data and/or information that is in the custody and/or control of the university and is processed or stored using digital assets operated by, or on behalf of, the university. | Queen's-specific |
| Digital Assets | An item of value to stakeholders. Discrete or aggregated data, digital services, digital identities, digital technologies, and endpoints within the information technology environment, both on and off University premises, that are provided by or purchased using university funds. | Queen's-specific |
| Digital Custodians | Authorized community members with responsibility for operating and protecting digital assets within, on behalf of their area of responsibility. | Queen's-specific |
| Digital Identity |
Aggregate information about a community member that describes their relationship with the University and is used to make access control decisions. Digital identities include, without limitation, NetID credentials, accounts, and their contents, that have been assigned to the community member. |
Queen's-specific |
| Digital Service Manager | Leaders within information technology delivery departments and teams that are accountable to Risk Owners for assessing and treating the management of Information and Information Security Risk related to digital assets operating within, on behalf of their area of responsibility. | Queen's-specific |
| Digital Services | Institutional functions that operate, or for which there is an intent to operate, using digital assets operated by, or on behalf of, the university. | Queen's-specific |
| Digital Technologies | A digital technology may be tangible (e.g., a physical item such as hardware, firmware, computing platform, network device, or other technology component) or intangible (e.g., data, information, software, or software license). | Adapted from |
| Endpoints | Client access devices, including, without limitation, laptops, desktops, and mobile devices. Endpoints may be personally owned or provided by the university (i.e., purchased using university funds). | Queen's-specific |
| Enterprise Standard | Documented minimum requirements for standard mitigating technical, physical, and administrative safeguards. The NIST Security and Privacy Controls for Information Systems and Organizations (SP800-53 Rev. 5) is the control catalogue upon which enterprise standards are developed. | Queen's-specific |
| Entitlement | A specific perֱ, privilege, or access right granted to an individual that defines what actions they are allowed to perform within a digital service, technology, or application. | Queen's-specific |
| Group accounts | Shared accounts created for access and use by an identified group of community members. | Queen's-specific |
| Guests | People who may have access to publicly available digital assets to which access has been granted by means of a trusted relationship with a partner or third-party, and for whom the university has not explicitly created a digital identity. | Queen's-specific |
| Inherence factor | An authentication factor that is inherent to the individual; something they are. Common examples include fingerprints, face, or iris patterns. | Queen's-specific |
| Institutional functions | Activities carried out by community members in support of the university's ֱ. These may include, without limitation, services, processes, procedures, functions, and workflows. | Queen's-specific |
| Interactive logon | Authentication wherein the community member directly engages with a technology by providing credentials to gain a session. The term is typically used to describe authentication to a computer, laptop, server, or virtual desktop environment, or to a mobile device. | Adapted from |
| Interactive local logon | An interactive logon wherein the community member is physically located with the technology to which they are authenticating. | Queen's-specific |
| Interactive remote logon | an interactive logon wherein the community member is not physically located with the technology to which they are authenticating, and must use remote access software or protocols (e.g., SSH, remote desktop, etc.) | Queen's-specific |
| Knowledge factor | An authentication factor that is known only to the individual; something they know. Common examples include passwords, passphrases, PINs, and security questions | Queen's-specific |
| Lifecycle | Evolution of a digital asset from conception through retirement. The stages may include, without limitation, acquisition, development, implementation, configuration, operation, maintenance, and decomֱ. | Adapted from |
| Personally assigned accounts | Accounts created for access and use by a unique, identified community member (e.g., a NetID). | Queen's-specific |
| Personally funded device | A device owned by the community member, and was not purchased, nor are ongoing subscription or maintenance costs paid for using a Queen's account code, a research grant managed by the university, or a professional expense allowance. Commonly referred to as a BYOD, or PFD. | Queen's-specific |
| Possession factor | An authentication factor that is held only by the individual; something they have. Common examples include smartphone apps, hardware tokens, and cryptographic keys. | Queen's-specific |
| Queen's-funded device | A device purchased or for which ongoing subscription or maintenance costs are paid for using a Queen's account code, a research grant managed by the University, or a professional expense allowance. Commonly referred to as a QFD. | Queen's-specific |
| ֱ Community | Members of the Queen’s University Community (“community members”) are people for whom the university explicitly creates and maintains a digital identity. | Queen's-specific |
| Risk Assessment | The process of identifying, evaluating, and prioritizing potential risks to digital assets operated by, or on behalf of, the University. Risk assessment is an activity within risk management, incorporates threat and vulnerability analyses, and considers mitigations provided by security safeguards planned or in place. | Adapted from |
| Risk Assessors | Leaders within departments, teams, and research units with decision making authority over operations within their area of responsibility and are accountable to Risk Owners for assessing and treating Management of Information and Information Security Risk related to services operating within, on behalf of their area of responsibility. | Queen's-specific |
| Risk Owners | Senior Leaders, Associate Vice-Principals, Vice-Provosts, Deans, Principal Investigators, Faculty members, or other leaders within faculties and departments that are accountable to the university for the management of information and Information Security Risk within their area of responsibility. | Queen's-specific |
| Shared accounts | Accounts created for access and use by multiple community members. | Queen's-specific |