NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

More documents

Recommendations

Info

NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Management Client (MGC) – Management Controls – A configuration of a client node that enables a KMI external operational manager to manage KMI products and services by either 1) accessing a PRSN, or 2) exercising locally provided capabilities. An MGC consists of a client platform and an advanced key processor (AKP). SOURCE: CNSSI-4009 The security controls (i.e., safeguards or countermeasures) for an information system that focus on the management of risk and the management of information system security. SOURCE: SP 800-37; SP 800-53; SP 800-53A; FIPS 200 Actions taken to manage the development, maintenance, and use of the system, including system-specific policies, procedures and rules of behavior, individual roles and responsibilities, individual accountability, and personnel security decisions. SOURCE: CNSSI-4009 Management Security Controls – The security controls (i.e., safeguards or countermeasures) for an information system that focus on the management of risk and the management of information systems security. SOURCE: CNSSI-4009 Mandatory Access Control (MAC) – A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (i.e., clearance) of users to access information of such sensitivity. SOURCE: SP 800-44 Mandatory Access Control – Access controls (which) are driven by the results of a comparison between the user’s trust level or clearance and the sensitivity designation of the information. SOURCE: FIPS 191 A means of restricting access to objects based on the sensitivity (as represented by a security label) of the information contained in the objects and the formal authorization (i.e., clearance, formal access approvals, and need-to-know) of subjects to access information of such sensitivity. SOURCE: CNSSI-4009 Mandatory Modification – Change to a COMSEC end-item that NSA requires to be completed and reported by a specified date. See optional modification. SOURCE: CNSSI-4009 Pg 116
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Manipulative Communications Deception – Alteration or simulation of friendly telecommunications for the purpose of deception. See communications deception and imitative communications deception. SOURCE: CNSSI-4009 Manual Cryptosystem – Cryptosystem in which the cryptographic processes are performed without the use of crypto-equipment or auto-manual devices. SOURCE: CNSSI-4009 Manual Key Transport – A nonelectronic means of transporting cryptographic keys by physically moving a device, document, or person containing or possessing the key or a key component. SOURCE: SP 800-57 Manual Key Transport – A nonelectronic means of transporting cryptographic keys. SOURCE: FIPS 140-2 Manual Remote Rekeying – Procedure by which a distant crypto-equipment is rekeyed electronically, with specific actions required by the receiving terminal operator. Synonymous with cooperative remote rekeying. See also automatic remote keying. SOURCE: CNSSI-4009 Marking – See Security Marking. Masquerading – When an unauthorized agent claims the identity of another agent, it is said to be masquerading. SOURCE: SP 800-19 A type of threat action whereby an unauthorized entity gains access to a system or performs a malicious act by illegitimately posing as an authorized entity. SOURCE: CNSSI-4009 Master Cryptographic Ignition Key – Key device with electronic logic and circuits providing the capability for adding more operational CIKs to a keyset. SOURCE: CNSSI-4009 Match/matching – The process of comparing biometric information against a previously stored template(s) and scoring the level of similarity. SOURCE: FIPS 201; CNSSI-4009 Maximum Tolerable Downtime – The amount of time mission/business processes can be disrupted without causing significant harm to the organization’s mission. SOURCE: SP 800-34 Pg 117
Page 2 and 3:
NIST IR 7298 Revision 1 Glossary of
Page 4 and 5:
NIST IR 7298 Revision 1, Glossary o
Page 6 and 7:
Page 8 and 9:
Page 10 and 11:
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67: NIST IR 7298 Revision 1, Glossary o
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
NIST IR 7298, Glossary of Key Infor
show all

NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

Create successful ePaper yourself

Delete template?

Save as template?