CPM Dictionary: O
OAS: Organization of American States
OAU: Organization for African Unity
Object: Passive entity that contains or receives information; access implies access to the information contained therein; examples include records, blocks, pages, segments, files, directories, directory trees, and programs, as well as bits, bytes, words, fields, processors, video displays, keyboards, clocks, printers, and network nodes
Object Reuse: Reassignment and reuse of a storage medium (e.g., page frame, disk sector, magnetic tape) that previously contained one or more objects
Occurrence: General term describing the frequency of a disease or other attribute or event in a population without distinguishing between incidence and prevalence. See also Incidence, Prevalence
Occurrence Measure: Likelihood that a threat will manifest itself within an organization
Octet: Eight bits; an eight-bit byte
ODP: Orderly Departure Program OECD: Organization for Economic Cooperation and Development
Off-Site: Area outside the boundaries defining a site that has been, or may become affected by a disaster or other incident
Off-Site Federal Support: Federal assistance in mitigating off-site consequences of an emergency that protects public health and safety; includes assistance with determining and implementing public protective action measures
Off-Site Location: Facility located at a safe distance from primary site where critical data (computerized or paper) and/ or equipment can be stored, and from where it can be recovered and used at the time of a emergency event if original data, material or equipment is lost or unavailable
Off-Site Storage: Alternate facility, aside from the primary production site, where duplicated vital records and documentation can be stored for use during disaster recovery
Off-Site Technical Director: Department of Energy or Environmental Protection Agency official responsible for coordinating Federal radiological monitoring and assessment activities under the Federal Radiological Monitoring and Assessment Plan (FRMAP)
Office of Emergency Services: Refers to a state-level agency that coordinates all aspects of emergency response and recovery
Ohnosecond: Fraction of time between hitting the "send" button and realizing that you have just sent information that should not have been transmitted
On-Access Scanner: Real-time virus scanner that scans disks and files automatically and often in the background; scans files for viruses as computer accesses the files
On-Demand Scanner: Virus scanner the user activates manually; can be invoked on certain conditions or a regular schedule; permit users to set various configurations and scan specific files, folders or disks
On-Scene: Refers to the total area that may be impacted by the effects of an extraordinary situation; divided into mutually exclusive on-site and off-site areas; boundaries are established by the State depending on the situation On-Scene Coordinator: Federal official designated by EPA and DHS/Coast Guard to coordinate and direct Federal response and removals under the National Oil and Hazardous Substances Pollution Contingency Plan
On-Site: Refers to the actual premises affected, as opposed to off-site; also refers to an area with a) boundaries established by owner/operator of a fixed nuclear facility; b) boundaries established post-emergency by state or local governments with jurisdiction for transportation or other types of accidents not occurring at a fixed nuclear facility and not involving nuclear weapons; or c) cognizant field activity (CFA) as defined by the National Defense Area or National Security Area in a nuclear weapon accident or significant incident
On-Site Federal Support: Primary responsibility of Federal agency that owns, authorizes, regulates, or is otherwise deemed responsible for radiological facility or material being transported; supports State and local efforts by supporting the owner or operator's efforts to bring the incident under control and thereby prevent or minimize on-site consequences
One-Time Pad: Encryption system based on a series of keys, each of which is used only once; considering limits on key length in relation to message length, and use of secure channels for pad transmission, these pads are considered unbreakable
One-Time Password: Authentication token meant to be used for a single instance, and then discarded
One-Way Encryption: Irreversible transformation of plaintext to cipher text, such that plaintext cannot be recovered from cipher text form by other than exhaustive procedures even if the cryptographic key is known
One-Way Function: Mathematical function in which it is easy to compute the output based on a given input
Onion Routing: Technique for making routing anonymous, and therefore making traffic analysis and tracing more difficult; packets transiting a chain of onion routers (from among the group in existence in a public network) have encrypted headers, and are passed from one to another before being sent to the eventual destination
Open Security Environment: Situation that includes systems where at least one of the following conditions holds true: l) application developers and maintainers do not have sufficient clearance or authorization to presume that they have not introduced malicious logic; or 2) configuration control provides insufficient assurances that applications are protected against introduction of malicious logic prior to and during operation of system applications
Open Shortest Path First (OSPF): Link state routing algorithm used in interior gateway routing; routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states
Open Source: Software development philosophy that assumes source code must be made available to users, and that restrictions cannot be made on user code modifications so long as user are also bound by the same rules. See also Shareware
Operation Restrictor: Alerts users on unusual or dangerous computer operations, and also actually restricts them; also known as activity blocker or behavior blocker
Operational Area: Intermediate level of a state emergency organization, consisting of a county and all political subdivisions within the county area
Operational Control: Implements tactical action plan by allocating specific tasks within determined areas of responsibility and command of allocated resources. See also Strategic, Tactical and Operational Control, Gold Silver and Bronze Control and Level 1,2 and 3 Control
Operational Definition: Embodies criteria used to identify and classify individual members of a set, or a concept, to facilitate classification and counting
Operational Exercise: Rehearsal process where participants perform some or all of the actions they would take in the event of plan activation; may involve one or more teams; typically performed under actual operating conditions at designated alternate location, using specific recovery configuration that would be available in a disaster
Operational Facilities: Assets required to support response and recovery operations points of arrival, points of departure, mobilization areas and staging areas
Operational Impact Analysis: Determines the impact of loss of operational or technological resources; presumes loss of systems, networks or other critical resources may affect business processes
Operational Period: Time frame scheduled for execution of specific operational actions as included in an incident or emergency plan; can be of various lengths, although usually not over 24 hours
Operational Research: Systematic study, by observation and experiment, of the processes associated with a system, e.g., health services, with a view to improvement
Operational Risk: Associated with deficiencies in information systems or internal controls, could result in unexpected loss; associated with human error, system failures and inadequate procedures and controls
Operational Test: Conducted on one or more components of a plan under actual operating conditions
Operations Center (NRC): Nuclear Regulatory Commission facility located in Bethesda, MD from which NRC officials manage their initial agency response to a nuclear incident or accident; the NRC Executive Team provides advice and assistance to licensees, the State, and other off-site authorities
Operations Coordination Center (OCC): Primary facility of Multi-Agency Coordination System; houses staff and equipment necessary to perform MACS functions
Operations Research: Process based on linking models to data, or the designing of models
Operations Section: Operating unit (ICS model) responsible for all tactical operations associated with an incident, or coordination of operational activities at an emergency operations center; can include branches, divisions and/or groups, task forces, teams, single resources and staging areas
Operations Security (OPSEC): Analytical process by which U.S. Government and its supporting contractors can restrict information about capabilities and intentions to potential adversaries by identifying, controlling, and protecting evidence of the planning and execution of sensitive activities and operations
OPLAN Garden Plot: DoD and subordinate headquarters operational plans addressing civil disturbance operations
Orange Book: Alternate name for DoD Trusted Computer Security Evaluation Criteria, given because of the color of the cover of the printed manual; books in this series are known as Rainbow books because of the various colors used for covers
Organization: Enterprise, a corporate entity; a firm, an establishment, a public or government body, department or agency; a business or a charity
Organization Risk Management: Process in which both current and emerging risks are managed in an integrated way across the entire organization
Organizational Unit: Group of associated systems whose hierarchy generally reflects the network topology; can be nested and can inherit their properties from parent units when not already associated with a configuration
OSC: See Federal On-Scene Commander
OSI (Open Systems Interconnection): Standard description or "reference model" for how messages should be transmitted between any two points in a telecommunication network; guides product developers so that their products will consistently work with other products; model defines seven functional layers that take place at each end of a communication
OSI Layers: Facilitates communication between two end points in a telecommunication network by dividing required actions into layers, with each layer adding its own set of special, related functions; 1) each device or program operates on a computer equipped with the seven functional layers; 2) in a given message between users, there will be a flow of data through each layer at one end down through the layers in that computer and, at the other end, when the message arrives, another flow of data up through the layers in the receiving computer and ultimately to the end user or program; 3) actual programming and hardware that addresses the seven layers is usually a combination of computer operating system, applications (such as Web browsers), TCP/IP or alternative transport and network protocols, and the software and hardware; 4) seven layers are divided into two groups: upper four layers are used for message transmission, while lower three layers (up to the network layer) are used when any message passes through the host computer or router; 5) seven layers are: Layer 7 – Application Layer, which defines communication partners, identifies quality of service, considers user authentication and privacy, and identifies any constraints on data syntax; Layer 6 – Presentation Layer, which converts incoming and outgoing data from one presentation format to another; Layer 5 – Session Layer, which sets up, coordinates, and terminates conversations, exchanges, and dialogs between applications at each end, and deals with session and connection coordination; Layer 4 – Transport Layer, which manages end-to-end control and error-checking and ensures complete data transfer; Layer 3 – Network Layer ,which handles data routing and forwarding; Layer 2 – Data Link Layer, which provides synchronization for physical level, bit-stuffing, and protocol knowledge and management; Layer 1 – Physical Layer, which conveys the bit stream through the network at the electrical and mechanical level, and defines hardware parameters for sending and receiving data via a carrier
Out of Band: Transfer of information using a channel that is outside or separate from the channel that is normally used; often used to distribute shared secrets (e.g., a symmetric key) or other sensitive information items (e.g., a root key) that are needed to initialize or otherwise enable the operation of cryptography or other security mechanisms. See also Covert Channel
Out-of-Service Resources: Assigned to an incident but unable to respond for mechanical, rest, or personnel reasons
Outage: Period of time that a service, system, process or business function is expected to be unusable or inaccessible; this can have an impact on the organization, compromising achievement of its business objectives; compare with downtime, where process or system failures happen as a part of normal operations. See also Maximum Acceptable Outage
Outbreak: Epidemic limited to localized increase in the incidence of a disease, e.g., in a village, town, or closed institution
Output Feedback (OFB): Block cipher mode that modifies electronic codebook mode to operate on plaintext segments of variable length less than or equal to the block length; directly uses algorithm's previously generated output block as its next input block
Outsourcing: Transfer of business functions to an independent (internal and/or external) third party supplier
Overhead Personnel: Staff assigned to supervisory positions which include Incident Commander, Command Staff, General Staff, Directors, Supervisors and Unit Leaders
Overlapping Safeguards: Two or more assigned safeguards that secure the same vulnerability
Overload: Hindrance or reduction of system operating capabilities by placing excess burdens on system component performance capabilities
Overt Channel: Path within a computer system or network designed for authorized data transfer. See also Covert Channel
Overt Release: Announced release of a biological agent, by terrorists or others; may provide sufficient time for treatment before onset of the disease. See also Covert Release
Overwrite Procedure: Process or stimulation to change the state of a bit or other data. See also Magnetic Remanence
CPM Dictionary
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z