C.O.I., Community of Interest is a means by which network assets and or network users are segregated by some technological means for some established purpose. COI's are a strategy that fall under the realm of Computer security which itself is a subset of Security engineering. Typically COI's are set up to protect a Network infrastructure from a group or groups of users who are performing some esoteric functions. COI's are also designed to protect their user community from the rest of the enclave user population. Computer security is a field of computer science concerned with the control of risks related to computer use. ... Security engineering is the field of engineering dealing with the security and integrity of real-world systems. ... Etymology Esoteric is an adjective originating during Hellenic Greece under the domain of the Roman Empire; it comes from the Greek esôterikos, from esôtero, the comparative form of esô: within. It is a word meaning anything that is inner and occult, a latinate word meaning hidden (from which...

For an alternate definition in a different domain, see Communities of Interest. Communities of Interest are communities of people who share a common interest or passion, such as rugby fans on Rugby365. ...

Definition

A COI can be defined as a collaborative group of users who must exchange information in pursuit of their shared goals, interests, missions or business processes and who thereform must have shared volcabulary for the informatin they exchange. It can be a logical or physical grouping of network devices or users with access to information that should not be made available to the general user population on a LAN or WAN infrastructure. A COI can be utilized to provide multiple levels of protection for a LAN or WAN infrastructure from the activities within a COI. A COI can consists of a logical perimeter around the community (or enclave). It can allow for separate security management and operational direction. COI's generally do not dictate separate internal security policies (e.g., password policies, , etc.) because they fall under the jurisdiction and management of the LAN or WAN owners. However, they can and often do have a laxed subset of the overall Network security policy. The terms "Segregation Mechanism" and "Security Mechanism" for the purposes of this article are interchangeable. The COI segrates in order to achieve security. Local area network scheme A local area network (LAN) is a covering a local area, like a home, office, or group of buildings. ... A wide area network or WAN is a computer network covering a wide geographical area, involving a vast array of computers. ... A security policy is a plan of action for tackling security issues, or a set of regulations for maintaining a certain level of security. ...

Typically Active Directory is managed using the graphical Microsoft Management Console. ... A virtual LAN, commonly known as a vLAN or as a VLAN, is a logically-independent network. ... The Open Systems Interconnection Reference Model (OSI Reference Model or OSI Model for short) is a layered, abstract description for communications and computer network protocol design, developed as part of the Open Systems Interconnection initiative. ... A D-Link Wi-Fi NAT router, popular for home and small office networks A router is a computer networking device that forwards data packets across a network toward their destinations, through a process known as routing. ... In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. ... During the conversation between a host on the internal network and a host on the external network, a firewall tracks the state of the conversation between the hosts. ... A virtual private network (VPN) is a private communications network often used within a company, or by several companies or organizations, to communicate confidentially over a publicly accessible network. ...

Security Mechanisms

COI security requirements can range in sophistication from simple network file shares to an interconnection of physically separate sites that are connected via dedicated communication circuits. COI security mechanisms and the respective basic characteristics are identified in the Table. These security mechanisms may be utilized individually and in combinations to provide the requisite security for each COI. COI architecture can overlay the existing LAN or WAN architecture in order to maximize the use of existing resources and to provide the required COI separation in the most efficient manner. File sharing is the activity of making files available to other users for download over the Internet, but also over smaller networks. ... A telecommunication circuit is defined as follows: The complete path between two terminals over which one-way or two-way communications may be provided. ...

COI's that require additional dedicated physical resources (e.g., dedicated Router, VPN and firewalls devices) are usually more complex in nature and expensive to operate because of the added network devices and the personnel to operate and manage them. They also add the benefit of more security utilizing the Defense in Depth approach. A COI does not necessarily imply a physical separation of the infrastructure, but can do so. A D-Link Wi-Fi NAT router, popular for home and small office networks A router is a computer networking device that forwards data packets across a network toward their destinations, through a process known as routing. ... A virtual private network (VPN) is a private communications network often used within a company, or by several companies or organizations, to communicate confidentially over a publicly accessible network. ... In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. ... Defence in depth is a military stategy sometimes also called elastic defence. ...

COI Construction

A standard approach to COI segregation can be through the use of group policies if the LAN or WAN infrastructure utilizes the Microsoft Windows Operating System utilizing the Active Directory service. Additional dedicated COI boundary security components such as a Router, VPN, firewall, and IDS can be provided depending upon the requirement needs of a COI. COI’s can be designed and deployed by employing the security mechanisms that are listed in the Table. Typically each individual COI may have unique characteristics and requirements. The security mechanisms listed above are the basic building blocks in the construction of all COI's. Microsoft Windows is a family of operating systems by Microsoft. ... To meet Wikipedias quality standards, this article or section may require cleanup. ... Typically Active Directory is managed using the graphical Microsoft Management Console. ... A D-Link Wi-Fi NAT router, popular for home and small office networks A router is a computer networking device that forwards data packets across a network toward their destinations, through a process known as routing. ... A virtual private network (VPN) is a private communications network often used within a company, or by several companies or organizations, to communicate confidentially over a publicly accessible network. ... In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. ... An Intrusion Detection System (or IDS) generally detects unwanted manipulations to systems. ...

See also

• Security engineering
• Policy
• Computer security policy
• Network security policy
• National security policy, Military strategy