Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
March, 2007<br />
2 Glossary of Terms and Acronyms<br />
The definitions provided below are defined as used in this document. The same terms may be<br />
defined differently in other documents.<br />
2.1 Glossary<br />
Access control Restricts access to resources only to privileged entities.<br />
Accountability A property that ensures that the actions of an entity may be traced<br />
uniquely to that entity.<br />
Algorithm Originator<br />
Usage Period<br />
Algorithm <strong>Security</strong><br />
Lifetime<br />
The period of time during which a specific cryptographic algorithm<br />
may be used by originators to apply protection to data.<br />
The estimated time period during which data protected by a specific<br />
cryptographic algorithm remains secure.<br />
Approved FIPS-Approved and/or NIST-recommended. An algorithm or<br />
technique that is either 1) specified in a FIPS or NIST<br />
Recommendation, or 2) specified elsewhere and adopted by reference<br />
in a FIPS or NIST Recommendation.<br />
Archive To place information into long term storage after its normal period of<br />
use has expired. See also Key management archive.<br />
Association A relationship for a particular purpose. For example, a key is<br />
associated with the application or process for which it will be used.<br />
Assurance of (private<br />
key) Possession<br />
Confidence that an entity possesses a private key and its associated<br />
keying material.<br />
Assurance of validity Confidence that a public key or domain parameter is arithmetically<br />
correct.<br />
Asymmetric key<br />
algorithm<br />
See Public key cryptographic algorithm.<br />
Attribute Information associated with a key that is not used in cryptographic<br />
algorithms but is required to implement applications and applications<br />
protocols.<br />
Authentication A process that establishes the origin of information, or determines an<br />
entity’s identity.<br />
Authentication code A cryptographic checksum based on an Approved security function<br />
(also known as a Message Authentication Code).<br />
Authorization Access privileges that are granted to an entity; conveying an “official”<br />
sanction to perform a security function or activity.<br />
Availability Timely, reliable access to information by authorized entities.<br />
19