NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

More documents

Recommendations

Info

NIST IR 7298 Revision 1, Glossary of Key Information Security Terms An information system account with authorizations of a privileged user. SOURCE: SP 800-53 Privileged Accounts – Individuals who have access to set “access rights” for users on a given system. Sometimes referred to as system or network administrative accounts. SOURCE: SP 800-12 Privileged Command – A human-initiated command executed on an information system involving the control, monitoring, or administration of the system including security functions and associated security-relevant information. SOURCE: SP 800-53; CNSSI-4009 Privileged Process – A computer process that is authorized (and, therefore, trusted) to perform security-relevant functions that ordinary processes are not authorized to perform. SOURCE: CNSSI-4009 Privileged User – A user that is authorized (and, therefore, trusted) to perform securityrelevant functions that ordinary users are not authorized to perform. SOURCE: SP 800-53; CNSSI-4009 Probability of Occurrence – See Likelihood of Occurrence. Probe – A technique that attempts to access a system to learn something about the system. SOURCE: CNSSI-4009 Product Source Node (PSN) – The Key Management Infrastructure core node that provides central generation of cryptographic key material. SOURCE: CNSSI-4009 Production Model – INFOSEC equipment in its final mechanical and electrical form. SOURCE: CNSSI-4009 Profiling – Measuring the characteristics of expected activity so that changes to it can be more easily identified. SOURCE: SP 800-61; CNSSI-4009 Promiscuous Mode – A configuration setting for a network interface card that causes it to accept all incoming packets that it sees, regardless of their intended destinations. SOURCE: SP 800-94 Pg 144
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Proof of Possession Protocol – (PoP Protocol) A protocol where a claimant proves to a verifier that he/she possesses and controls a token (e.g., a key or password). SOURCE: SP 800-63 Proprietary Information (PROPIN) – Material and information relating to or associated with a company's products, business, or activities, including but not limited to financial information; data or statements; trade secrets; product research and development; existing and future product designs and performance specifications; marketing plans or techniques; schematics; client lists; computer programs; processes; and know-how that has been clearly identified and properly marked by the company as proprietary information, trade secrets, or company confidential information. The information must have been developed by the company and not be available to the government or to the public without restriction from another source. SOURCE: CNSSI-4009 Protected Distribution System (PDS) – Wire line or fiber optic system that includes adequate safeguards and/or countermeasures (e.g., acoustic, electric, electromagnetic, and physical) to permit its use for the transmission of unencrypted information through an area of lesser classification or control. SOURCE: CNSSI-4009 Protection Philosophy – Informal description of the overall design of an information system delineating each of the protection mechanisms employed. Combination of formal and informal techniques, appropriate to the evaluation class, used to show the mechanisms are adequate to enforce the security policy. SOURCE: CNSSI-4009 Protection Profile – Common Criteria specification that represents an implementationindependent set of security requirements for a category of Target of Evaluations (TOE) that meets specific consumer needs. SOURCE: CNSSI-4009 Protective Distribution System – Wire line or fiber optic system that includes adequate safeguards and/or countermeasures (e.g., acoustic, electric, electromagnetic, and physical) to permit its use for the transmission of unencrypted information. SOURCE: SP 800-53 Protective Packaging – Packaging techniques for COMSEC material that discourage penetration, reveal a penetration has occurred or was attempted, or inhibit viewing or copying of keying material prior to the time it is exposed for use. SOURCE: CNSSI-4009 Pg 145
Page 2 and 3:
NIST IR 7298 Revision 1 Glossary of
Page 4 and 5:
NIST IR 7298 Revision 1, Glossary o
Page 6 and 7:
Page 8 and 9:
Page 10 and 11:
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95: NIST IR 7298 Revision 1, Glossary o
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
NIST IR 7298, Glossary of Key Infor
show all

NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

Create successful ePaper yourself

Delete template?

Save as template?