COMPUSEC applies to those measures required to protect data against unauthorized (accidental or intentional) disclosure, modification, destruction, and the denial of services that process data. Security includes consideration of all hardware or software functions, characteristics, and features; operational and accountability procedures; access controls at the central computer facility, remote computer, and/or terminal; management constraints; physical structures and devices; and personnel and communications controls needed to provide an acceptable level of risk for the computer system and the data or information contained in the system.
COMSEC is the protection resulting from all measures designed to deny unauthorized persons information of value which might be derived from the possession and study of telecommunications, or to mislead unauthorized persons in their interpretation of the results of such possession and study. Communications security includes crypto security, transmission security, emission security and physical security of communications security materials and information.
TEMPEST is a highly evolved and well understood security discipline. It refers to the study of compromising emanations generated during classified operations. TEMPEST evaluations are concerned with studying conducted and radiated noise for meaningful information. All electronic devices generate electromagnetic fields when powered. Every electronic device inside a computer generates a field related to the information it is processing. When these fields are detectable and can be understood, even with extensive shielding and filtering implemented, a TEMPEST threat exists.