Indirect user

Definition
An indirect user is

{{Quote|one who is electronically connected to an IS by other than a direct, interactive link. An IS supporting indirect users does not have to withstand direct attacks against the system’s security controls because an intervening processor(s) between the user and the IS affords some protection and control. The processing capabilities of the IS must protect the data being processed from inadvertent control. The processing capabilities of the IS must protect the data being processed from inadvertent system spillage and misroutes; generally, the IS provides control over indirectly connected users who may attempt to gain unauthorized access to its protection facilities. While a wide range of security risks associated with this type of user exists, such risks are not considered to be as significant as those associated with directly connected users. There are no geographic restrictions on how far an indirectly connected user may be from an IS.