operational security

System capabilities, or performance of system functions, that are needed either (a) to securely manage a system or (b) to manage security features of a system. (Compare: operations security (OPSEC).)

Usage: IDOCs that use this term SHOULD state a definition because (a) the definition provided here is general and vague and (b) the term could easily be confused with "operations security", which is a different concept.

Tutorial: For example, in the context of an Internet service provider, the term could refer to capabilities to manage network devices in the event of attacks, simplify troubleshooting, keep track of events that affect system integrity, help analyze sources of attacks, and provide administrators with control over network addresses and protocols to help mitigate the most common attacks and exploits. [R3871]

Synonym for "administrative security".

Deprecated Definition: IDOCs SHOULD NOT use this term as a synonym for "administrative security". Any type of security may affect system operations; therefore, the term may be misleading. Instead, use "administrative security", "communication security", "computer security", "emanations security", "personnel security", "physical security", or whatever specific type is meant. (See: security architecture. Compare: operational integrity, OPSEC.)