Tài liệu glossary of key information security terms doc

2 sufficient protetion aginst intentional eros hy users software and 3 sufilcnt resistin ncaa penetration or by pm Source: SP 800-27 The ground for confidence thatthe set of inendes se

910110)

NIST IR 7298 Revision 1

Glossary of Key Information Security Terms

Richard Kissel, Editor

US Deparment of Commerce (Gary Lock, Secretary [ational site of Standans and eetnoloy

Paivick D Gallagher, Director

Introduction

We have received numerous requests to provide a summary glossary for our publications and other relevant sources, and to make the glossary available wo practitioners Asa result of the requests, this glossary of common security fxm has been extracted fro NIST Federal

Information Processing Standards (FIPS), the Special Publication (SP) 800 series, NIST

Interagency Reports (NISTIRS), und from the Commitee for National Security Systems

Insruction 4009 (CNSSI-1009) The glossary includes most ofthe terms inthe NIST

publications It also contains nearly all ofthe terms and definitions tom CNSSI-4008 The slossary provides a central resource of terms and definitions most commonly used in NIST

{information security publications and in CNSS information assurance publications Fora given term, we do not include al definitions in NIST documents ~ especially not from the older NIST publications Since draft documents are not stable, we do not refer to (ermsefinitions in ther

‘ay be found on pages 210-211 As we se coniuotsly refreving our publication suite, rms

‘included i the glossary come from our more eecent publicaions The NIST publieatos

referenced are the mos recent versions of those publications fas of the date oF this document)

It is our tention to keep the glossary curren! by providing updates online New definitions will

be added o the glossary 2s required, and updated versions willbe posted om the Computer

Security Resource Center (CSRC) Web site at ipsfese.nist gow

Tite Editor, Richard Kissel, would like fo express special thanks to MBs, Tanya Brewer for her

‘oustanding work in the desig ofthe cover page and in the overall design ans organization of the document, Special thanks are also given to Kelley Dempsey for her insightiul review and comments whieh made tis much better docursent Thanks also to all who provided comments during the public review period ofthis document The Faitor also expresses special thanks t0 the NSS Glossary Working Group for encouraging the inchusion of CNSSI-4009 terms and

definitions into this plossay

Aess Auodty~

Access Control —

Access Contol List (ACL) =

Access Cone Lists (ACLS) —

Ally © make use of any information syst (IS) esouce SGURCE: SPBI032

Ability ao! means to communicate wit or othervise interact With a sytem, to ane system resamees fo hone information, o in oleae ofthe information the system contains, oF contol sytem components and Santon

‘atablshoent, border erosingeatance)

2.8 mechanism that implements acess conta fr system resource

hy enumerating the system eto ha are permite acess the resourcing either imple er expilly, the sevens mands mm."

SoURCE: CNSI-4000

ups machines processes) ho have bo _iven permission to we pric stern resooe,ad 2th types of acces they hase Been ported,

Source: SP 80012

— ` ~

‘contol, operating procedures oanagenen procedures abd various

‘combinations ofthese) designed io detet and devs unauthorized ocean permit authorized access oan information system, SoURCE: CNSSI-009

A category within a given seu 1" oF system connectivity Yo only authorized persons

SOURCE: CNSSI-4008

nà

Access List=

Access Poin —

Access Pale

Access Type —

Account Management User —

Accounting Legend Code (ALC) —

Privilege to perform action on an object Read, write execu,

‘ppend, modify, dete, and create ar examples of access pes See SOURCE: CNSSI-AN09

Involves 1) the process of vaquesting, esublishing, issuing and closing wer

31 tai

39 mame S0URCE: SPN-I2

ng the lưnciem,

The security gol thal genértes the requirement for esion of a

ei tobe sce igh otha ei This sports nam

‘epullation deterrence, faut solaton, inusion detec std prevention and aftr-acion recovery and legal action

SouRCE: SP 800-27 Principle shat am invents to sfsguandand cone

‘intent, keying materi an information andi answerable to prone authority forte loss or asin of that esuipment oF lien

SGURCE: CNSSL-4000) Numer cade wie to indicate the minimum accounting controls rir foe ems of accountable commounistons security (COMSECH material within the CONISEC Material Control System, SoUKCE: CNSSI-09

Number assigns! a itr of COMSEC materia ta fae is SovRCE: CNSSI-400

mes

SoURCC: CNSSI-00 Syonyinows with Designated Accrediting Autocity DAA) Seo also Authoring Offic

SOURCE: ENSSI-1009 Prive data, other than keys; tha are equi to access

“eyplograpic modules, SouRce: SP 800-32

‘An tack that akan a system or data SovRCE: ENSSI-1009

Electronic documents that can carr out or trigger actions automatically on a compute platform without the itervention ofa SouRce: SP 800-28

Soften varoas forms tha is ale atomatcally carry out oF rigger detins on computer plato without th er cation of 4 SoURCE: CNSWI-I000

Sccurity testing that involves rt intention with a target such Sending packets to atarget

An assessment objzt that nels specific protectin related Pittuib or i0 suppvting a formation system that neo poople (ee comucting stem backup operations, monitoring etwork afi)

SOURCE: SP 800.554, Incorporation of now irdware, software, firmware safeguards in

an operaionlfofomtion syste SOURCE: CNSSI-1009

re

SoURCE: SP $00:53; FIPS 260; OMB Cirar A130, App IL

‘Scout commas withthe sk ad gait of arm esting

[Nowe This nelades ai ing hat information systems operate clftively and provide apprptite confidently meg and

‘vailbity dough th use of cost-efcetive management, personne

‘perational, and echnical conto

‘conduct ofthe covered entity's workforce in elation to proteting That information

SouRCE: SP 300-66 The Advanced Enéryption Standard specifies a US government approved ex plograie alsin ha ean De use wo potet lectonie dita The AES aloha symmee bck cipher that fan enrypt(neiphe) and decrypt (dcciphet iaformation This Saad specifies the jada! algorithm, symmeaie Mock eipher that ean proces data Docks of 128 hits, using cipher kes ih Tents ot 128,192, and 258 is

SoURCE: FIPS 197 AUS government approved eryplogrphic alin that eum be set poteteletonic dts, The AES algorithm ie axyomettic

‘Mock cpr that can encrypt encipher) abd decrypt dvips) SOURCE: ENSSI-H

‘cryptographic device that perfor ll erpographic functions for

a management clint ae and contigs the interfaces a I exchange Faformation witha een par, 2) iteract wih fil davies, tl 3)

‘ontet cle platform securely to te primary services ode PRSN),

SOURCE: ENSSI-IH

mr

‘orp, government-eoiellt exporaion orator

“sahlshiment in the exzeute hech ofthe governineat inluding the Executive Office of the Presiden) or any independent regulstry agency but doesnot actu: 1) the Goverament Aecountabiity (ies) the Federal Election Cominieson: 3 the goers of the Dist of Columbia snd of the tentorios and possessions af the United States an thir vrs sivisons or 4) government

‘ovine contractor-operate fies, nein laboratories engaged

in ational defense esearch and prction setivites, SOURCE: FIPS 200; 4 US.C See 3502

ALSO See Executive Ags ny ACA tha ae on Doha aan aboney and is under he operational

‘omtol ofan agency ounce: SP 800-32 {A program ase in issue denial of service (DDS) tacks ạt

‘rd alco trafic to hosts base on the ittions of aan, Also koown a a bt

SOUBCE: SP 8061

‘program aetng om bel ofa peson o ovpanization

Souece: SP 800-95,

‘Noviiaton hat a spofie tack has boca diected at an

‘enganiaton's information sytem, S0URCE- CNSSI-009

Alerade COMSPC Coston ~

_Alerate Work Site —

‘work a home ora gengraphicallyconvenion satelite clic for pat

‘ofthe work week (eg, lecommnatin)

‘Countesmeasuesensuving that eansmnited information ean be received despite libra jamming amps,

<enfeaion authority for aceite, but before the ert iksuance procedure x completed

Approval yo Operate (ATO) —

SOURCE: ENSSI-108 Federal Information Procesing Standan (FIPS)-appmoved or National Iastiute of Standards and Techaolgy (NIST) recornmended An algorithm o technique thats ther 1) specified in a FUS ve NIST Recmmmenation, 2) aleped in s FIPS oF NIST Reconnenation

‘Sources Fis 201 FIPS-appruved andor NIST-secommended Source: FIPS 140-2

FIPS approved anor NIST-reeommendes Au algorithm or technique that is ether 1) specified ina FIPS or NIST Recommendation, 2) adopted ina FIPS or NIST Recommendation, or 3) species in a list of NIST-approved security functions

SoURCE: FIPS 186

‘moe ofthe ny ptagraphi mode hat cmplays ony Approved Security functions fot be confused witha specific moe of an Approved security funcon, eg Data Encryption Standard Cipher: Bock Chaining (DES CBC) mos

"sessment objective the exceution oft detrminaton statement

‘within an assessment procedure by an assessor tha cess in either Asaiied or oer thon srised conden,

SOURCE: SP 800-538

‘One of hee typs of ations th, examine, interview, tes) taken by assessors in obtaining evidence dung an asessnen

SSouncE: SPSOO-S3A,

“Theitem Ge spovteatons mechanisns activities individuals)

‘upon which an ascessinent method i applied during assessment SoURCE: SP 800-530

1 set of dtersnation statements tht expresses he desired len forthe asesament of security cone or contol enkaneenen SovRcE: SP 00-530

A tet of usessmeot objectives and an associate set af assessment tncthods al astessment objets,

SOURCE: SP 800-534, Sve Security Control Assessor

A ejor aplication, general support stem high mpc program, Dhysial plant, mission erica system, personnel, sqsipment oF Fogialy related group of systems

SovRCE: CNSSI-00 Grounds for confidence thatthe other fa secutity goals (nti avalability, confidenaliy, and accountability have been adequately nist hy a spesifi implementation "Adequacy met” includes (1) Tunetionalty tha petforms ereety 2 sufficient protetion aginst intentional eros (hy users software) and (3) sufilcnt

resistin ncaa penetration or by pm

Source: SP 800-27 The ground for confidence thatthe set of inendes security controls

in an information sytem ae effective fa thee application SOURCE: SP 800-97; SPOO-53A,

Measure of confidence thi the security features, practi, procedures, and architecture ofan information system accurately trotates and eafores the sear pie

SoURCE: CNSSI-1009

“Two related kay public hey and private Key that ate wed perform complementary operations, such as encryption and

‘Seeryplion o signature generation and signature verification

SOURCE: FIPS 201

‘An atempt o gain unauthorized acceso sym services, resources,

‘orinformation oran die a compromise sysem neg Source: SP 800-32

‘Aus kin of maliiogs se) th sen 0 collet, dons, deny, Segrade, or dstoy information system resourees ce dhe ifernation| int

SOURCE: CNSSI-009 Detection, comelation, demilcwion, and characterization of intentional unauthorized act with notcation to decison makers

o that an sppropriste espouse canbe developed SOURCE: CRSSI-400

A specific sequence of events indicative ofan unauthorized access

— [SOURCE SPNOO2

1 characteristic byt pattern use in mci cage wr a indieton

‘rst ol ncators, ha allows the deniestion of malic SOURCE: CNSSI-109

Audit Redetion Tools

‘An catty, ougnize by de Fedral Publi Key lalzsvtetuee (PKI) Polky Authority or comparable agency Body as having the authority

to verify the association uiButex$oam ldenHy

Source: SP 800.83 [Access control asso atrihutes associated with and about subjects,

“objects targets, iniitrs resent environment An aeess

‘stblshed policies and operational provsdres ad recomend ecetsary changes in contol, plies, or posed,

SouRCE: SP 800.32 Independent review and examination of records and activities to asst the alyney of system conta, enere compliance with

‘wablshed policies an operational procedures, S0UECE: CNSSI-009

‘Chuonological econ of eyslem ative to euuble he reconstruction

sn amination of the sequence of evens and ch

SouRcE: SP 800.92

A chronologcal cond of system activities, Ins cond of System aocesses nl operations perforated im «given prin SoURCE: ENSSI-1009

Proprocesiors design to reduce the volume of ait record faciate manual review Before a sceurity evi, these tools ca remove many audit reco known to hav litle security significance

“These tools generally remove rconds generated by specified classes,

‘ofevent, sh a cons poner hy ety kip, SOURCE: SP 800-125 ENS

Ault Review —

Auhendeue~

‘The assessment ofa infowmtion system to evaluate the adequacy of implementelsccuriy contol, asare that they are functioning properly, identify vulnerabilities, and assist in implementation of new Setrty conto where requted_ This assesiect i eonduetd tnnualy or whenever siieat change has neste ad may ead

to recrtfieton ofthe infration sytem S0UBCE- CNSSI-I009

‘record shossing who has acessed a Information Technology (1) system and what operons the user has perform dariag a given pio

| chronological econ that reconstructs and examines the sequence

‘of actiiie sorsuading or eng ow spite poration, procedure

SOURCE: SP 800-95; SP SO0-834: SP 800-27; FIPS 200

“The proces of establishing contderes of autbetiy SOURCE: FIPS 201

Encompass identity vercation, message crginautentcation, al moss content sutheniation

SOURCE: FIPS 190 process hat esabises the origi of aforation o determines a cents deny

Sources SP 800-21

“The proves of verifying he identity or oer atsbuts claimed by of sued of a cay (asc, pressor device) ve fo very the so tnd inept of dt,

SOUBCE- CNSSI-00)

Hardware sftware-haved aechanisms tha force users to prove the tienlty bafore scceuing dala an s de ee

SovRCE: SP 800-72; SP 800-125 Hardware software-based mechanisms thet forces users de

emit Deore accessing dala on at

/Awelhspecifo nesage exchange process that vrifes possession

‘of toe 2 remotely andenticale a eine, Some auhenteation Procol also generate eryplographic Keys that reuse to protect an

‘mie erson, sa thấthe da arsfened inthe session it

‘eryplogaphically protected SoUkCE: SP 80043

| wel pif message exchange process beltcrn chín am

‘rir that enables the verifier confi tbe eshman's denty SOURCE: CRSSI-400

A pico bi strings second to data o provide assurance of ts tanhenicly

SOURCE: SP 800-380

Ahecsiclan cachanee mation conteyel ưng an alhenicuiom SouRcE: FIPS 196

SOURCE: SP 800-53; SP SOD-83A; CNSSI-4002

Person(s) established dies with sights and exposes exer contol in an adiminsratve sphere

SOURCE: CNSSI-N Access privileges pranted Wo a wer, mgr, a proses the set

At eomponoms ofan infonmation syde be authorize for

‘operation by a suring oficial sa exces separately forized systems, to whic the information system x comneced SOURCE: EN'SST-10: SP 00.53 SP 8-53 SPN0-37 See Authorization (o opeate

Manufacturer of information assurance equipment authorized produce quate n excess of contractual requiem for dec Sule tcligible buyers Eligible buyers are typically US, government

“rganirtions or US government contractor

SGURCE: CNSSI-00

Authorized Vendor Pragram(AVP)~ Program in which a vender, prolacing an information systems

Authorizing Oficial —

Authorizing Official

Designated Representative —

Automated Key Teanspoat—

Automated Password Generator —

security INFOSEC) pel under contrast NSA i authorized to produce that product in numbers exceeding the conta Fequirements for direct marketing and sale to cligile buyer

Elsie hers ae typically US government erpanization or US _ssscrmnent eonirictors Products approved for minkeng a se Through the AVP are placed on the Endorsed ry porapve Proxies List(ECPL

SOURCE: CNSSI-09 Otc with dhe authority to formally assume eesponsibty fr

‘operating a information systom al a aeoprale fevel of sk to tbency operation tncaine mision unstions, ima, oF reputation, agency sesets, or india, Spon enue with Axsradiolion Amburdn

SoURCE: FIPS 200 Senior felurl oficial or executive with de thority to formally

"sume responsibil for operating a information system at at feceptable level of usk to organizational operations cluding Issn, fanetions, image or epultion) cganizaonal asses indivi, other organizations an the Nation

SOURCE: CNSSI-009

A senior feral oficial or executive with he authority to formally sssune responsibility for operating a information system at a8 accepabl leva of tsk to eganietioal operations (ieludiag Issn, functions, image, o epataton) organ izaonal asses individ, other organizations an the Nation

SOURCE: SP 8-53: SPSNS3A; SP 8U0:57

An organizational offical acting a behalf of an authoring official inearryne ot anal evordinatins te equi aetivties esr ated wth security authorization

‘Use of automated procedures o ensue secutty contol are not

‘Stcuniventd othe ure of thes tools to track ations taken by Ssubjovts stepectod of misusing the information system

SOURCE: CNSST-1009 Proce to rekey a distant rypto-qipmenteectonicaly without specie actions bythe rcsiving ternal operator Soe manual

“The propory of ing accesible and useable upon dsmand by aa suhorize en

SOURCE: ENSST-09 Activities which seek to focus an individual's altention onan information cei) ante or st oF ses,

Source: SP 800-50

‘Typically wnauhorized hidden software oF hardware mcchasisea wed

tw circumvent security conta, SOURCE: CNSSI-009

‘An undocumented way ofgsining access oa computer system

‘copy offiles and programs ms flat eaeaver i 'S0UIEE: SP G34; CNSSI-089

Display on an information system tha sot parameters li ydem or

ua use SOURCC- CNSSI-009

SoURCE: CNSSI-400

‘The nôn secsty comes reguzed for safegueing a TE system based ons ietfied neds oe content ates andr availability protection

SOURCE: SP 800.16 Monitoring resources te termine typical ization pases so that pnifieant Sovatons can be deleted

SOURCE: SP 800-61

‘teat methodology that assumes ao knowledge of the internal Struture ad insplementation deal ofthe sasesement object Also own as ack be tating

‘What an inv! who has completed the specific raining module

is expected o be aloo accomplish in onus of IT security slated Job pesoctanes

SOURCE: SP-800:16 Condition oferypgranhie data tht earn he compronnse by SoURCE- CNSSI-009

‘A nom-bostte location protected fom external hostile elenens by pysial, porsonnel, an procedural security coumermeasres SOURCE: ENSST-

Process of associating two related cleats of information Source: SP 800-32

A physiodl or behavioral characteristic ofa human being, Source: SP 800-32

[A measurable physical haracteitc or personal behavioral ait used

to ecozniz the identity, or verify the claimed ietiy ofan applicant Faia images, fingorpri, ands sean samples are all samples of biometric,

te more references 4) deciding how well they mates; and 5) indicating whethcr or aot an Mentficaon verification of

"entity hasbeen achieved

`

Measurable phy sea characteristics or personal kehavioral its used

to denis or erty the elsimed eit, of am individual, Facial

me, ingerprns and hinting samples ae al evample of Wetevier

SOURCE: ENSSI-1009

‘Acomtaston of the term Binary Digit The smallest wot of information na bear system oF neato,

SOURCC: CNSSI-009

Designation applied wo enerypled information athe information systems dhe associated weds cells, conyponens ad equipment Jocessing that information Sev also RED

SoURCE: ENSST-008

‘See Basie Testing

‘A communication network architecture in which user dats tavesn gloal Totnes Procol (IP) aetverk fe cod-to-end encrypted athe ayer, Related to strpcd cone

“The proves of the system invalidating a user ID hase on the sors inapprgeie actions blacklisted wser 1D ann be ded 0 Topo tore stem, even withthe correct auhenteate, Backlsting ad Ting of« Baekistng are both security relevant evens

Blackistng also applies to Mocks placed again IP aldesses Prevent ingpproprite or unauthvized use of latent esouees

SOURCE: CNSSI-09 Maticious coe that uses maliple method t9 sprcat SoURCE: SP 800-61

‘A honle eloso spread malicious code via maple methods

Generating network tafe thats likely to triggsr many sets in a short period of me, to conceal alr triggered by a"eal” tack performed simaltancousy

Source: SP 800-14

source: SP800-90

‘A fanily of functions an hei inverss thas pramstrized hy

‘ryplogapie key the function aps ht strings ofa fixed length to bittrings of te sme enh

Source: SP 800-67

1 The group eesponsible fr defending an enterprise's use of information stems by maining is security posture aginst a troup of mock attackers (ie, the Red Team), Typcally the Blue

‘Team an ts supporters must defend aginst al oF smote, attacks 1 overs significant poo of time, 2am a rspreettatie

‘operational cones te 8 par of sh operations eres, ah 3) seeing to rules established aad wonitored with he belp ofa out ong rtereeig the simulation or excise i he White Team),

2 the teng Blue Team le used for deining «group of inaivials that conduct operational network valnerabiy {evaltions ad yovige mitigation techniques to customers who have

x nea fran indepeadent echnical reviews of thi ator seeusity peste The Blue Team Mente curt thats and risks inthe

‘Spetctiae envionment, and ia cooperation with the customer

talyzcs the network environment adits cent sate of security realness Hse nthe Be Team findings and expertise they provide recommentions that intgtate it am eral

‘omnmniy ster solution to increase the customer’ he city reainess posture Often tines Ble Team is employe by ill or prior toa Ret Team employment che tat he custom's betvorks ate as secure as possible Before havig the Rel Team es the spss

SOURCE: ENSST-IHH

re

tBaly of Fvidenes (BoE) —

` ¬

ondary Proeetion|

Boundary Protection Deviee-

rate Force Passion Asch

“The set of data that documents the ineemtion system's adherence

to the sceunty contols applied The BOE will nlude &

Reguitements Verification Traceability Matix (RVTM) delineating

‘where the selected security conto are met and evidence to that foot can he found The Bok content required hy an Atorizing (Otiil will he alas econo the pat levels elected SOURCE: CNSSI-1009

‘vis that pants sel a systm's hoot set ad infos the raster boot resend

SouRcE: SP 800-61 Physical ological perimeter ofa sytem, S0URCE: CNSSI-009

Monitoring and cont of communications tthe external boundary

‘of an infomation systza to prevent and detect malicious and other bnauthorized communication, tough te ws of boundary prosetion|

‘evices i provcs,gatewsys, routes, reals, uns, encrypted tunnels,

SovRCE: SP 800-53; CNSSI-I009 {device with appropriate mechanisons that (faites he djuication of dtereot inkeeonaectespstcm secur policies (oe

“onodlin te ow of information ino cr out ofan itercuanectef

‘System sal Gi proves inonmation sydem bendy protection, SouRce: SP 800-53,

{device with appropiste mechanisins that fiat the ajudcstion of dteret security policies for inereonacced syste SoURC:CNSSI-4000

Act of searching through information system storage or active

‘content lo loode or aotir information, without necessarily knowing the existence or frat of information Ren sou

S0UBCE- CNSSI-009

‘A metho o[ScseSing a abtroeteldeviee dong gietmng

‘uulple combinations of numeric anor iphanumerie paesvoik, SouRCE: SP 800-72

of Oxeflow —

ules Overflow: Atack

Bulk Eoeryption—

Fhusiness Continuity Plan (BCP)

TBeinsss Inpeet Analysis (BIA)

cal Back =

‘A condition at a intrtice under which nore input cam he placed ino abutfer oc daa holding ea than the capacity allocate

‘versritng other information Attackers exploit sucha condo to

‘eas a system ort inser specially erated code that allows them 9

‘ein contol a the sytem,

SoURCE: SP 800.39: CNSSI-4001

A method of overloading a predefined amount of spe in butler,

‘hh ea potentially veraritesindcomupt data i memory Source: SP 800-72

‘Simutaosous encryption of al cbaooel of a multichannel telecommunicaion ink,

S0URCE: CNSSI-009 Thế documentation ofa pregetermins 0 of instratons or rocedures that describe how a eegaeaion's mision/siness Fuetins wil sustained during sa ao ssieuiDeani gio SouECE: SP 800-34

“The documentation ofa predetermine se ngon pc procedures that describe how an ongabzation's busnce functions Wil Be sustained during and aera signiicae disruption

SoURCC- CNSSI-0M9

“Type of protective package used to comin and dispense keying ‘materia a punched or ponte ap for SOURCE: CNSST-1009

Contra ice of Record (COR) —

(Cental Secvices Node (CSN)

DDowinva ow of information through a ange of security levels

‘fete ha the accrition range ofa system, aetserk

——

SOURCE: CNSSI-M009 Restitive tel applied Wo elassifed ula information (0 SOURCE: ENSST-HH

Soe Cipher Block Chaining Message Authentication Co

‘See Counter with Cipher Block Chaining- Message Authentication ose

tice ofa federal department o agency that keeps rconds of accountable COME material held by slemeas subject ts

‘oversight S0URCE: CNSSI-009

“The Key MennaemtenlIaliadrueliecoye ve that provides cent

11 services SoURCE: CNSAI-I000

A digital presentation of information which a east 1) dentfics the cenificaion authority issuing 2) ames orients is subsriber

3) contains the subscriber's public key,

39 Hemtifes is operon peed, ao

A irusted pasty thereby ning the public key toe emt

Adfiona ntrmaton inthe erat ed speci ae the key | ved and it erplopedod

Source: SP800-21

‘ros erica — a cenificae sted rom aA tha signs the Public key of another CA not within is ust hierarchy that

“Ssablshes rst satonship Beas the to Cs

-nerypion cenifente a cnitieate coming public hey that ean

“encrypt or deerypt electronic messages is, documento dats transmesons, of esibish or exchange a session Ky for these same Purposes Key manascment sometimes refer othe press of Storing, proving, and escrowine the private component oft key Dur asa with he encryption create,

identity cemitieat— a enitieat tha provides auheatcation ofthe identi clei Within the National Seouty Systems (NSS) PKL idemiy cericates may be used only for authentication ot maybe tse for th authentication and digital signa

SOURCE: CNSST00

AN setof data ha aniquoly iene a key pean an awner thats authoricd use the Key pai, The cerca canta the owners Public key and possibly otter information, and is digitally sipned by {Certfation Authority (ea trusted party), hereby binding the Public key othe ower

SOURCE: FIRS 186 Process whershy crits fas defined shove) are ponerated, sored protected, translerred, loaded, used and destroyed

production, disbution, accountng, compromise recovery ad Mminiratin of dial ertieats Indie, acetic picy

an also govern the rnsactons condacted using communications System protected by a erifese-base security sytem By

contolingeical erficae extensions, such policies and associated

‘forcement technology can support provision ofthe security ves required hy particular applications

SoUic: CNSSI-009 SP 00.32

CCenifewe felded Intznadion—

111

CCntfcte Status Authority —

Information, such sa subseribor' postal address that not ieladed

in a emieas May be used by 2 Cratiaton Aulhodlỷ (CÀI anaging eoricas

SouRcE: SP 800.83 Danh sách as a subserber's postal aes thats not inl in

‘ofens, May be used hy 8 Ceriistion Authority (CA) manag

‘ist of rvoked public key ceritieats crated aa igtally signed

hy a Ceattcaion Aushosy SOURCE: ENS

Aras cotity that provides online verification toa Rely

‘subject erificat’s trustworthiness, and may als provide

‘mitonalatibate information forte subjct core,

‘of seouriy scoreditaton to determi the extent to which the

‘controls are impleietted correctly, operating gs intended and Producing the desire utcoane with respect fo mesting the security Firemen or the sÿdem

S0UECE: CNSSI-00

Cenifeuian Anayst~

Conifeuian Auhoft (CA)~

Conifeuioa Auhoity Fast —

Conifeulon Adthotty Nivkdstior

(AW)

CCenifiction Package —

‘The independent ssiical issn foal stakeholders involved a the CHA proces responsible for sbjcetively and independent

valuing a sytem as partoF the tsk management process Based

‘on the security requiemeats documented in the sccury plan performs a tchnica aml non-technical review of penta ilrerabiNie inthe spstetn snd detriines i he sccrity comtols aragonite

SOURCE: CNSSI-10

‘The collection of equipment, personnel, proceduaes and struts that ae uned by a Certification Authority to perform ceriicate issuance and revocation

SouRce: SP 800-82

‘Commer ofthe-shelf (COTS) workstagon with a trated

“operate system nd spscakparpene application sare thas edt ee certifies

SGURCE: CNSSI-009 Prot of the cotfication effort documenting the detailed resus of the cortifcaion activites,

S0URCE- CNSSI-009

Cenifeuion Practice Statement —

providing access other, in acenrdance with specific requirements

ti roquirements spoiled in this Cerca Policy, or requirements

‘specified in eomract for services) SOURCE: SP 800-32: CNSSI-4On0

Sotlaare an hance security tests conducted daring development

SOURCE: ENSSI-1008

‘An experienced, tcnically qualified U.S government employee

‘who has met established estifcalion requirments acordance

‘sith CNSS approved eieria ands boon appointed by a US _escrnnent depart or agency to Bl CTA responsi SOURCE: CNSSI-400

1 pees that tacks the movement of evidence tre collection, safeguarding, and analysis leeyee by docsmening psa who handle he evidence, the dete it ay collected Wanstead the purpose foe the waster

SoURCE: CNSSI-009 Treananesd presslureÌn ghích aahjestreguesds authentication of tot and helt stahlishos validity sity eet rep SOURCE: CNSSI-009

Challenge Respoase Protocol —

checksum —

‘Aw athoutieatin protocol whore the verifier ses de cline a

‘challenge (usally random value o¢ a aonce) that the claimant

‘combines with a shared sere oten by hashing the challenge and Secret together to generate aresponse that i seat othe xenlfet The

‘erie knows the shared sere an ean indepen compat he reo ad come ithe es eat y he a

siccessflly athenteaet inl When the shored sere t

‘rypographic ley, such prtocols are generally sce against

‘svesdnuppers, When the shared svtet fa passwond at

‘avendropper does ơi điệcHy intercept password isl but the

‘vendmpper may he able to find the passwd with an of-ine password eucesing tac,

SOURCE: SP 800-63, Cipher ext generate by exypuoraphic logic wo delet furs

— SGUCE: CNSSI-009 Valve computed on dats to detect srr ot ianjpnlsöon SOURCC- CNSSI-09

Chi taformaton Otizer 10) —

Ctict Information Sceurity Otior—

(CO)

Cipher

Agency official responsible fr:

1) Providing ave and other assistance to the hea ofthe executive e9 abd oer Senos management personae! of the agen 10 osu that information echnologis acquired and information Tesoarces are manage ina ner thas consistent with Ls [Exceuive Orders, dirsctives, plies, spultions, ard pois

“stalised hy the hea of the agen 2) Developing, maintaining, and Toitating he iypemnentation of a sound an tegrated afcemation wchnology achitectuce fr the

— 3) Promoting th effective and efit design a operation ofa

‘major information resources management processes fo the

‘gency, including improvements to work proceaes of the agency

200; Pub Law 104106, See, 312509)

‘manner thal consistent with laws, Executive Orders, ciectivs, Policies, eegulatons, and priorities established by the ed of he geacy: 2 developing mamaiing, and fociitating the

insplemsntaion of» sel and itera olormatin syste treet forthe agency’ and 3) promating the effective and cient design an operation of ak major formation reseunees taanagetnent processes fr Ihe age including improvements 0 work processes oF ue anes

source: FIPS 197 [Any cryptographic syst in which arity symbols or groups af symbols, rpeesea ais of pain text in Which aut of plan te

ae rearranged o both SOURCE: ENS

Cipher Black Chaing-Message

‘A seert-hey block-ciper algo sed to encrypt data ato

#enosile a Message Authentication Cite (MAC) 9 provide surance thatthe payoul andthe associated dat are authenie SouRCE: SP 800:38C

‘Negotiate alporiten identifiers Cipher sits re enti in Imran readable em trồng apeumosi coe

Source: SP 00-52 CCaypogrphic logic that uses previous cpr tat to generate a Key 'SOURCE: CRSSI-I809

Data utp rom the Cipro pat to the Invers Cipher

Source: F Data in its eneiphered form, SOURCE: SP 800-568 Data ints ner pled for [SOURCES SPS00.21; SP N1V-S7; ESSE Proves of enciphering audio information, esting in encrypted

— SoURCE- CNSSI-1009 {party whose Meni tobe verified using an aubenfedon peeol

SOURCE: SP 800-65; FIPS 201

An entity which sor represents a principal for the purposes of tuheatcaion, together with the functions involved in an tuihenscation exchange on behalf of that entity A claimant acting on Ishalf ot» principal most nae he fnetionsnecesary for

ising it athetcaion exchange, (ee, smaread flint

‘can ton behalf a hunan user (pcipl) SOURCE: FIPS 196

‘An ete (ase, device or proces) whose assertion i he verfed

‘sing an autheacationpeotcol

SoURCe- CNSSI-009

(Casi Inixnudian

Cssjiel fnluentdfan Spilage

Classified National Seeaity

‘unauthorized disclosre ans marked ta indies ts cased stats

‘show in documentry for, SOURCE: SP 800-60; E.0 13292 See elasfied national sect information

`

source: © 0 Information that hs been determined: porsuat to Exeewive Onde 12958 as amended by Excoutive Order 13292 on any predovesor Order, tobe clistited national scurty information ri) pursuant co the Atomic Enorpy Aet of 154 as amended

be Restricted Data (RD),

S0URCE- SP 800-53,

incident hat occurs whenever classifi datas pied ior canh án utclasiied information sytem orto an informtion sytere with a lower tevel of elasiestion

SOURCE: ENSST-1009 Infoumation tat hasbeen determined pursuant o Executive Oder

13526 or any predecessor order to regir protection aggizaL mauhordreddieloure mí nhyhet tự indise it reuliod du shen in oenentry for,

SovRcE: CNSSI-109

“To wse software or had are products to overwrite storage space on

‘he media with nonsensiive data This process may include

‘overwriting not ony the Inga storage Ioeatiow of ets (ca fe atone) ht also may inca all aresablelocstions, Sc

‘comments on sleaepungs convergence

Information thats 01 encrye Source: SP 800-82

Formal ceifiestion of authovication to have acess classified intormation other than that protect i «special access program including SCI) Clearances are of thee types: confide secre fang top seer A tp secret clearance petits acess top ese,

‘er at confor scat clearance, secret ah ontidentisl mates ad content clerates 19 confidential inser

SGURCE: CNSSI-009

Cha

(lien Applicaton) —

Clinger Cotten Aetot 1996 —

{Chose Security vironment

Coss Storage —

Removal of dts fom an intonation system, it storage devices, a

“athe peripheral devices with storage capacity in such a Way that the lta may eet be econsticed using common system capabilities tice through the keyboant; however the data may be reconstructed tảng abertory methods

SOURCE: ENSSI-1H

‘A system ent, usually a computer pocess acing on Behalf oF & human snr, hat makes une serve pow ied by serve Source: SP 800-32

Also kaon as Inforation Technology Management Reform Act A

‘statute that substantially coved th way that TT resources are Dnanaged and procured neluding a eguiement tat each agency sign and impliment a prowess for maximizing te valu and

‘assessing and manaping te sks of TT investments

SouRee: SP 800-64 nvironient providing slicen snare hat apieatons ant

‘ipment are protete spans! the intrusion 0 maicogs loge

‘Ging ab itormation spon He ele Closed seer is hase poo a system's developers operators, aud maintenance personnel hivingsuficient clearances, authorization, and conigurtion conto,

(oud Computing — ‘A tml for enabling on-demand network access to a shared poo of

‘sonfiguable TT capabilities esoures (6, nctworks, serve, Storage applications, and services} ut cane apy provisioned dnd released with minimal management tor or servie provider interaction, Walls users oases echnolgs-hased services rom {he netark la withosthrowledge of, epertve wil, or eto

‘fer the technology nastcte sha supper hem Ts lon rmodel serps of tke essential chirdterislics fon dem sll: service, ubiquitous network acess, locaton independent rescue pooling api elasticity and measired sencce): hace service Aelvery models (Cloud Sofware asa Service [1a] Cloud Platform {sa Serve [PaaS], and Cod ffrascture asa Service (lai

fn four models for enterprise aecese (Prive load, Comannity

‘lo, Pui load, and Hybrid le

Now: Bos he user's data and essential scurty serviees may reside

in and be etaniged within the network cloud, SotEt: Cả

Cúc Bock ~ TDoeuiteh cosring phi ot mổ cal edtaisnt lựa sÿdemdúc

srangentent, Or lehigue of machine enerypion using 4 word sabatition technique

SGURCE: CNSSE4009 Cal Group — Group of eters, numbers, oF both na oe system used to represent

aplaia text wort, phase, or sentence SOURCE: CNSSE-3009

coe Vocabulary Sot of plain text wend eral, phrasss of Semeness for which

‘od equivalents are signed i a eae sytem SGURCt: CNSSE-4009

cl Site — Backup ste that canbe up and operational i a eatvely shoe ie

span, such a dy of ovo, Provision of services, such ae ckptone Ties and power taken cae of am the base afce furniture ight ein place but teres unlky toe any computor equipment, even hog the building might well havea nctwork fraser atl rot realy to at 8a server ran In mt eases, eo sles provide

te phe locaton an base services source: € d0)

Common Aecess Card (CAC)

Atckup facility that ha he necessary electrical and physical

‘components ofa compte facility bul docs not have the computer

‘cvipmet in place The st is eady io recive the necessary

` " tnove fom ther main computing location te an ltrnae sit SouRce: SP 800-34

‘eveloped under the CCEP a inlade moles, subsystems,

‘ipment, ystems, and aciliny devs,

“reanvition maybe able wo negotiate service-level aereements the

“rzanivation is spay notin position ts eqs tat the pron Mer Implement specitc security eomtels

Source: SP 800-53 Standard identiicaton/sanrt cand sve by de Deparment of Defense hat as an embed iterated chip storing public Key inteastractare (PKI) cetiiets

S0URCE: CNNSE4I09

Cunmon Camtol

Common Control Provider —

Common Cater

Common Fill Device —

Comon Vulnerabilities ant

‘re unl subject to regulation by fedsral and stat regulatory

SoURCE: SP 800-97; SPSOO-S3A

‘Governing document that provides compechensic, genous

‘sth for specifying security function and assurance requirements

fo product and systems, SouRCE: ENSSI-AU09 (One ofa fanily of devioes developed to reaLin, transfer, o stone key

S0URCE: CNSSE-4009

A dictionary of common tes fr publicly known information system vlmerabiis,

SoURCE: SP 80-51; CNSSI-IM9 Concealing o altering of charctrstic communications pateras to ide information that could he of val oan adversary

Souke#s ENSSE-A009

“0amtotcalap lơ island uversay'sinleprtaion ofthe

SGURCE: CNSSE-4009 Analytic node of communications associated with an organization

‘racivity Theme! prepare fom asystomatic examination oF

1 " the commsnicaionsseurity measures app

SoURCE: CNSSE-4001

‘A component of Information Assurance that deals with measues and

‘controls taken to deny unauthorized pete information derived from tclecommuniations and nsire the athentcy of such

‘slecormmunicatons, COMSEC includes crypto scurty transmission ssity, emissions security, and physi security of COMSEC materia

SOURCE: CNS

00 collaborative group of wets who exchange information ia pans

‘oftheir sara soa interes, nssons, or business pees, ad who therefore must have a shad wocsbulary forthe information they exchange The group exchanges informatio within abd heswoen systems to nce cu dma,

SouRCE: ENSSE-A000 Teohabiliy tai partic suri il be exploited within | interacting population st adversely inact some ters of Ma Population

to ave access; and (3) valid heo ao fr ifort which

SoURCE: CNSSI-4i0)

Composting Security Canta —

Compensating Sscurity Conta —

Compacheasive Testing ~

Compromise

‘A management, operational, andioe tects conel (safeguard

‘or countermeasre) employed by an onzanization i Hew ofa recommend sccrity contol in the low moder, high baselines that provides equivalent or comparable prssetion for an information system

NIST SP800:55: A management operational sel echnical conta

Le, saeguaed or countermessare employed by an oeganizaton in Tou a the recommended contol i the baselines deseribod in NIST Special Publication 800-53 or in CNSS Instruction 1253, that provide

‘suivant or comparable proteston for an iaformtion sytem

SOURCE: CNSSE-A009

“The managsment, operation and echnical conto Gs, safeguans

‘recilermeasires) employed by an orzanization i et the tecommended controls in the low, moderate or high baselines

‘escihod in NIST Special Publiciion S0 5À that prove

‘suivant or comparable protection fora infornsion syste

SovRce: SP 800-97

“The management, operational and wchoial onto (i.e safepuans

‘orcountermeasures) employed by an organization i ea ofthe resommcaed conto hte bsones desi! in NIST Spa Publication NOI} and CNSS Trsbetion 1253, that provide

‘uivalent or eompsrabe pratetion for a8 intonation stem,

SOURCE: SP-00-55A: SP 800-53 test methodology that asumes explicit an substatal knowledge

‘ofthe internal structure and implementation detail ofthe assesment

‘jest Also Kaowa as white Box testing SOURCE: SP-800:53

Disclosure of information to wnsuthorized| persons, violation of the security policy of a system in which enautaried intentional or

‘unitentiona disclosure, aiiestion, destacion, ess of 3

‘object may have occured

CComparce Network Adack (CNA)

Compuse Network Defenss(CND) —

Disclwure of ofaemation wr wnathorized persons a vilation of the security policy ofa system in which unauthorized incitooalo

‘inentiona disclosure, modification, destruction of loss of a8

‘object may have occured SoURce: CNSSE-4009 nitentional signals hat, if intercepted and analyzed, would pwoceste by information systems equipment See TEMPEST ounce: €

SOURCE: SP 800-61; CNSSE-10n0 Group of individuals usoaly consisting of Seewity Analysts

“organized to devel recomcel, in ceordite evmedite Intigation ations for coataninent eradication and teeonery resting om computer security incidents Alo called 4 Computer Socusity Inidens Response Team (CSIRT) oe a CIRC (Computer Incident Response Center, Compater Incident Response Capability

‘orCyherInldent Response Test)

SOURCE: CNSSE-AU09 Actions take thro the we of compoter networks a disp, den

‘pn, Senay talento ecient in coniputertcd Cpe etvorks othe computes and actoeksthezaselves

SOURCE: CNSSI-A009 Actions taken to defend again! uoautoized activity within

‘computer networks, CND inelales monitoring, detection, analysis {sch as en an pers analysis), and reso aml restoration source: €

1009