NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

More documents

Recommendations

Info

NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Public Seed – A starting value for a pseudorandom number generator. The value produced by the random number generator may be made public. The public seed is often called a “salt.” SOURCE: CNSSI-4009 Purge – Rendering sanitized data unrecoverable by laboratory attack methods. SOURCE: SP 800-88; CNSSI-4009 Quadrant – Short name referring to technology that provides tamper-resistant protection to cryptographic equipment. SOURCE: CNSSI-4009 Quality of Service – The measurable end-to-end performance properties of a network service, which can be guaranteed in advance by a Service-Level Agreement between a user and a service provider, so as to satisfy specific customer application requirements. Note: These properties may include throughput (bandwidth), transit delay (latency), error rates, priority, security, packet loss, packet jitter, etc. SOURCE: CNSSI-4009 Quarantine – Store files containing malware in isolation for future disinfection or examination. SOURCE: SP 800-69 Radio Frequency Identification – (RFID) Random Number Generator – (RNG) Random Number Generator – (RNG) A form of automatic identification and data capture (AIDC) that uses electric or magnetic fields at radio frequencies to transmit information. SOURCE: SP 800-98 A process used to generate an unpredictable series of numbers. Each individual value is called random if each of the values in the total population of values has an equal probability of being selected. SOURCE: SP 800-57; CNSSI-4009 Random Number Generators (RNGs) used for cryptographic applications typically produce a sequence of zero and one bits that may be combined into sub-sequences or blocks of random numbers. There are two basic classes: deterministic and nondeterministic. A deterministic RNG consists of an algorithm that produces a sequence of bits from an initial value called a seed. A nondeterministic RNG produces output that is dependent on some unpredictable physical source that is outside human control. SOURCE: FIPS 140-2 Pg 150
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Randomizer – Analog or digital source of unpredictable, unbiased, and usually independent bits. Randomizers can be used for several different functions, including key generation or to provide a starting state for a key generator. SOURCE: CNSSI-4009 RBAC – See Role-Based Access Control. Read – Fundamental operation in an information system that results only in the flow of information from an object to a subject. SOURCE: CNSSI-4009 Read Access – Permission to read information in an information system. SOURCE: CNSSI-4009 Real-Time Reaction – Immediate response to a penetration attempt that is detected and diagnosed in time to prevent access. SOURCE: CNSSI-4009 Recipient Usage Period – The period of time during the cryptoperiod of a symmetric key when protected information is processed. SOURCE: SP 800-57 Reciprocity – Mutual agreement among participating enterprises to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. SOURCE: CNSSI-4009 Mutual agreement among participating organizations to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. SOURCE: SP 800-37; SP 800-53; SP 800-53A Records – The recordings (automated and/or manual) of evidence of activities performed or results achieved (e.g., forms, reports, test results), which serve as a basis for verifying that the organization and the information system are performing as intended. Also used to refer to units of related data fields (i.e., groups of data fields that can be accessed by a program and that contain the complete set of information on particular items). SOURCE: SP 800-53; SP 800-53A; CNSSI-4009 Pg 151
Page 2 and 3:
NIST IR 7298 Revision 1 Glossary of
Page 4 and 5:
NIST IR 7298 Revision 1, Glossary o
Page 6 and 7:
Page 8 and 9:
Page 10 and 11:
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101: NIST IR 7298 Revision 1, Glossary o
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
NIST IR 7298, Glossary of Key Infor
show all

NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?