NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
NIST IR <strong>7298</strong> <strong>Revision</strong> 1, <strong>Glossary</strong> <strong>of</strong> <strong>Key</strong> <strong>Information</strong> <strong>Security</strong> <strong>Terms</strong><br />
Integrity –<br />
Guarding against improper information modification or destruction,<br />
and includes ensuring information non-repudiation and authenticity.<br />
SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-27; SP 800-<br />
37; SP 800-60; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542<br />
Integrity – The property that sensitive data has not been modified or deleted in<br />
an unauthorized and undetected manner.<br />
SOURCE: FIPS 140-2<br />
The property whereby an entity has not been modified in an<br />
unauthorized manner.<br />
SOURCE: CNSSI-4009<br />
Integrity Check Value – Checksum capable <strong>of</strong> detecting modification <strong>of</strong> an information<br />
system.<br />
SOURCE: CNSSI-4009<br />
Intellectual Property – Useful artistic, technical, and/or industrial information, knowledge or<br />
ideas that convey ownership and control <strong>of</strong> tangible or virtual usage<br />
and/or representation.<br />
SOURCE: SP 800-32<br />
Interconnection <strong>Security</strong><br />
Agreement (ISA) –<br />
Creations <strong>of</strong> the mind such as musical, literary, and artistic works;<br />
inventions; and symbols, names, images, and designs used in<br />
commerce, including copyrights, trademarks, patents, and related<br />
rights. Under intellectual property law, the holder <strong>of</strong> one <strong>of</strong> these<br />
abstract “properties” has certain exclusive rights to the creative work,<br />
commercial symbol, or invention by which it is covered.<br />
SOURCE: CNSSI-4009<br />
An agreement established between the organizations that own and<br />
operate connected IT systems to document the technical requirements<br />
<strong>of</strong> the interconnection. The ISA also supports a Memorandum <strong>of</strong><br />
Understanding or Agreement (MOU/A) between the organizations.<br />
SOURCE: SP 800-47<br />
A document that regulates security-relevant aspects <strong>of</strong> an intended<br />
connection between an agency and an external system. It regulates<br />
the security interface between any two systems operating under two<br />
different distinct authorities. It includes a variety <strong>of</strong> descriptive,<br />
technical, procedural, and planning information. It is usually<br />
preceded by a formal MOA/MOU that defines high-level roles and<br />
responsibilities in management <strong>of</strong> a cross-domain connection.<br />
SOURCE: CNSSI-4009<br />
Pg 99