CUMC Security Requirements Report
CONFIDENTIAL
2
2.1 DEFINITIONS
N/A
2.2 CONVENTIONS
The following is a list of conventions used in this document
implemented whenever possible
May the use of
2.3 ABBREVIATIONS AND ACRONYMS
AD
Active Directory
AES
Advanced Encryption Standard
API
Application Programming Interface
CIS
Centre for Internet Security
CUMC
Chinese University Medical Centre Limited
DDoS
Distributed Denial-Of-Service
DMZ
Demilitarized Zone
DNSSEC
Domain Name System Extension
HMAC
Hash-based Message Authentication Code
HTTP(S)
Hypertext Transfer Protocol (Secure)
I(C)T
Information (and Communication) Technology
IDS
Intrusion Detection System
IOT
Internet of Things
IP
Internet Protocol
IPS
Intrusion Prevention System
ISM
Information Security Manager
LDAP
Lightweight Directory Access Protocol
Document Status
Thales Transport & Security (Hong Kong) Limited
Draft
Validated
7/30
CUMC Security Requirements Report
MAC
Media Access Control
NGFWs
Next-Generation Firewall
NIST
National Institute of Standards and Technology
NTP
Network Time Protocol
OGCIO
Office of the Government Chief Information Officer
OS
Operating System
OWASP
The Open Web Application Security Project
PDPO
Personal Data (Privacy) Ordinance
PR
Problem Report
RSA
Rivest-Shamir-Adleman
SHA
Secure Hash Algorithm
SNMP
Simple Network Management Protocol
SQL
Structured Query Language
SSH
Secure Shell
SSL
Secure Sockets Layer
SSO
Single Sign-on
Thales
Thales Transport and Security Hong Kong Limited
TLS
Transport Layer Security
USB
Universal Serial Bus
user-ID
User Identity
CONFIDENTIAL
Document Status
Thales Transport & Security (Hong Kong) Limited
Draft
Validated
8/30