The IT Law Wiki


Computer security (COMPUSEC) (also called automatic data processing security) is

the protection resulting from all measures to deny unauthorized access and exploitation of friendly computer systems.[1]
[t]he protection of information assets through the use of technology, processes, and training.[2]
[t]he application of hardware, firmware, and software security features to a computer system in order to protect against, or prevent, the unauthorised disclosure, manipulation, modification, or deletion of information, or denial of service.[3]
[t]he protection of automatic data processing assets from harm. This includes the protection of data, hardware, firmware, and software.[4]


"Computer security is a set of policies, procedures, and practices which are designed to assure that

- unauthorized uses of data processing resources (i.e., hardware, software and data) are prevented or at least significantly inhibited and
- authorized uses of these resources are carried out as reliably, accurately, and with as little interruption and loss as possible."[5]


  1. U.S. Department of Defense, Joint Pub. 1–02: DOD Dictionary of Military and Associated Terms (Nov. 8, 2010, as amended through May 15, 2011) (full-text).
  2. Privacy and Civil Liberties Policy Development Guide and Implementation Templates, App. E, Glossary.
  3. Glossary of Communication Electronic Terms, at 2-43.
  4. NIST Special Publication 800-4, App. D, Glossary.
  5. Information Technology: Security of Computer Systems, at 1.

See also[]