O

Environment that does not provide sufficient assurance that applications and equipment are protected against the introduction of malicious logic prior to or during the operation of a system.

Provision of tools for the secure internetworking of open systems.

The protection of data from either accidental or unauthorized, but intentional modification, destruction, or disclosure during input, processing, or output operations.

1. The process of denying adversaries information about friendly capabilities and intentions by identifying, controlling, and protecting indicators associated with planning and conducting military operations and other activities.

2. An analytical process by which the U.S. Government and its supporting contractors can deny potential adversaries information about capabilities and intentions by identifying, controlling, and protecting evidence of the planning and execution of sensitive activities and operations.

3. A process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities to: (a) Identify those actions that can be observed by adversary intelligence systems. (b) Determine indicators hostile intelligence systems might obtain that could be interpreted or pieced together to derive critical information in time to be useful to adversaries. (c) Select and execute measures that eliminate or reduce to an acceptable level the vulnerabilities of friendly actions to adversary exploitation (JP 1-02).

See Trusted Computer System Evaluation Criteria (TCSEC).

Open Systems Interconnection—a set of internationally accepted and openly developed standards that meet the needs of network resource administration and integrated network utility.