GGG

Global Glossary Grid - Prepared as a joint research project by Identity Commons and ABA, Business Law Section, Cyberspace Law Committee

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

Source of Definitions Glossary

Incommon Federation Participant Operational Practices

E-Authentication Federation Interim Legal Document Suite

ID Commons: Identipedia

Cameron, Posch, Rannenberg: Proposal for a Common Identity Framework: User Centric Identity Metasystem

Wikipedia: Digital Identity

European Union eGovernment Unit: Modinis: Common Terminological Framework for Interop Electronic Identity Management

OpenPrivacy.org

Random Thoughts on Digital Identity Digital Identity Glossary

Milgate: The Identity Dictionary

National Security Telecom Advisory Comm.(NSTAC) Report to the President on Identity Management Strategy

Identity Management Task Force Report 2008

Electronic Authentication Partnership (EAP) Trust Framework

Smedinghoff: Federated Identity Management: Balancing Privacy Rights, Liability Risks and the Duty to Authenticate

Kantara Identity Assurance Framework - Glossary

Center for Democracy and Technology: Issues for Responsible User-Centric Identity

Aspen Institute: Identity in the Age of Cloud Computing***

ID Commons: Lexicon from IdCommons

ABA Identity Management Services Agreement

Oasis: Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0

Liberty Alliance Privacy and Security Best Practices

Liberty Glossary v.2.0

Liberty Identity Assurance Framework

ABA: Public Key Infrastructure (PKI) Assessment Guidelines

International Telecommunications Union (ITU)

RFID Application Privacy Impact Assessment Framework

ITU-T X.1252 Baseline Identity Management Terms and Definitions

Recommendation X.1252: Baseline Identity Management Terms and Definitions

Draft Recommendation X.1252: Baseline Identity Management Terms and Definitions

Draft Recommendation ITU-T X.priva, Criteria for assessing the level of protection for personally identifiable information in IdM

Draft Recommendation ITU-T X.1275, Guideline on Protection of Personally Identifiable information in the application of RFID Technology

Generally Accepted Privacy Principles: A Global Privacy Network

Glossary of Terms

2006 Identity Fraud Survey Report

Identity management Terminology

Federal Information Processing Standards Publication

Glossary of Key Information Security Terms

National Strategy for Trusted Identities in Cyberspace

abstract services

Architectural components that deliver useful services and can be described through high level goals, structures and behaviors. In practice, these abstract services are refined into concrete service definitions and instantiations.

abstract WSDL

An abstract WSDL service definition is that portion of a WSDL document [WSDLv1.1] â€” describing said service â€” comprised of the <wsdl:types>, <wsdl:message>, and <wsdl:portType> elements.

access

The ability to use a resource or a service. More specifically, the Permissions or Entitlements associated with an Identity.

To interact with a system entity in order to manipulate, use, gain knowledge of, and/or obtain a representation of some or all of a system entity's resources.

Opportunity to make use of an information system (IS) resource.

Ability to make use of any information system (IS) resource.

Ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions.

SOURCE: SP 800-32

access authority

An entity responsible for monitoring and granting access privileges for other authorized entities.

SOURCE CNSSI-4009

access certification

Over time, users may accumulate entitlements which are no longer needed or appropriate for their job function. Access certification is a process by which appropriate business stake-holders, such as users' managers or application owners, can periodically review entitlements and identify those that should be removed.

Access Control

Mechanisms and policies that restrict access to computer resources and/or facilities.

Access control is the protection of resources with technical, regulatory and organizational measures against access or use by unauthorized entities.

The management and authorisation process of controlling access to Roles, Resources and Services by Identities and Accounts. Roles are a pre-packaging of resources and services. Resources and services can be any object for which access can be controlled, such as hardware, software, devices, equipment, buildings, doors, and so on. If the role names (or descriptions) are based on one or more attributes directly related to the roles of an identity (e.g. a position title, location, function) it will enable dynamic role provisioning as a by-product of existing business processes - for example LAN access, email, building access. If the role names are not based on identity attributes (e.g. a particular software package, a PDA, internet access), they are a static role that is provisioned on a discretionary basis (i.e. an identity must request them in addition to the dynamic roles). The assigning of access rights may be permanent or temporary, and may only be valid for a single session. Also see Authorisation, RBAC and GBAC. This process is not to be confused with the registration and authentication of an identity; access is part of the risk/trust relationship that determines what a user is permitted to do, not who they are.

The prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner.

The prevention of unauthorized use of a resource, including

the prevention of use of a resource in an unauthorized manner.

Protection of resources against unauthorized access; a process by which use of resources is regulated according to a security policy and is permitted by only authorized system entities according to that policy.

The act of mediating requested access to a resource based on privilege attributes of the requester and control attributes of the requested resource.

Limiting access to information system resources only to authorized users, programs, processes, or other systems.

a procedure used to determine if an entity should be granted access to resources, facilities, services, or information based on pre-established rules and specific rights or authority associated with the requesting party

A procedure used to determine if an entity should be granted access to resources, facilities, services, or information based on pre-established rules and specific rights or authority associated with the requesting party.

a procedure used to determine if an entity should be granted access to resources, facilities, services, or information based on pre-established rules and specific rights or authority associated with the requesting party.

The process of granting or denying specific requests: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., Federal buildings, military establishments, border crossing entrances).

The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., Federal buildings, military establishments, border crossing entrances).

SOURCE: FIPS 201; CNSSI-4009

access control information

Any information used for access control purposes, including contextual information. Contextual information might include source IP address, encryption strength, the type of operation being requested, time of day, etc. Portions of access control information may be specific to a request itself, some may be associated with the connection via which a request is transmitted, and others (for example, time of day) may be â€œenvironmentalâ€.

access control list (ACL or ACI)

The security settings of an Application or Platform. Indicates the ability of an Account to read a file (or all the files) in a directory, to write to the files, and to execute the programs.

An access control list connects a user or group of users to one or more security entitlements. For example, users in group "accounting" are granted the entitlement "read-only" to the data "budget file."

1. A list of permissions associated with an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object.

2. A mechanism that implements access control for a system resource by enumerating the system entities that are permitted to access the resource and stating, either implicitly or explicitly, the access modes granted to each entity.

SOURCE: CNSSI-4009

A register of:

1. users (including groups, machines, processes) who have been given permission to use a particular system resource, and

2. the types of access they have been permitted.

SOURCE: SP800-12

access control mechanism

Security safeguards (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) designed to detect and deny unauthorized access and permit authorized access to an information system.

SOURCE: CNSSI-4009

access deactivation

When termination happens, user access rights relating to an organization's systems and applications must be removed. This removal is called access deactivation.

access level

A category within a given security classification limiting entry or system connectivity to only authorized persons.

SOURCE: CNSSI-4009

access list

Roster of individuals authorized admittance to a controlled area.

SOURCE: CNSSI-4009

Access Management System

The collection of systems and or services associated with specific on-line resources and/or services that together derive the decision about whether to allow a given individual to gain access to those resources or make use of those services.

access point

A device that logically connects wireless client devices operating in infrastructure to one another and provides access to a distribution system, if connected, which is typically an organization's enterprise wired network.

SOURCE: SP 800-48; SP 800-121

access profile

Association of a user with a list of protected objects the user may access.

SOURCE: CNSSI-4009

access rights

A description of the type of authorized interactions a subject can have with a resource. Examples include read, write, execute, add, modify, and delete.

access support

Users may sometimes experience difficulty in relation to their security privileges. They will then typically contact a support analyst for assistance, and that person will adjust their access rights.

access type

Privilege to perform action on an object. Read, write, execute, append, modify, delete, and create are examples of access types. See write.

SOURCE: CNSSI-4009

account

An instance of an Identity. An Identity may have multiple Accounts. Usually associated with a single computer application or platform, but also applies to such things as bank accounts, utilities and telephone accounts.

Typically a formal business agreement for providing regular dealings and services between a principal and business service providers.

A formal business agreement providing for regular dealings and services between a Principal and a service provider [Merriam-Webster]

account linkage

A method of relating accounts at two different providers that represent the same principal so that the providers can communicate about the principal. Account linkage can be established through the sharing of attributes or through identity federation.

See identity federation.

account management, user

Involves

1) the process of requesting, establishing, issuing, and closing user accounts;

2) tracking users and their respective access authorizations; and

3) managing these functions.

SOURCE: SP 800-12

account termination date

An account has a termination date if logins will not be possible after a given time/date.

accountability

Process allowing auditing of IS activities to be traced to a source that may then be held responsible.

The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports non-repudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.

SOURCE: SP 800-27

Principle that an individual is entrusted to safeguard and control equipment, keying material, and information and is answerable to proper authority for the loss or misuse of that equipment or information.

SOURCE: CNSSI-4009

accounting legend code (ALC)

Numeric code used to indicate the minimum accounting controls required for items of accountable communications security (COMSEC) material within the COMSEC Material Control System.

SOURCE: CNSSI-4009

accounting number

Number assigned to an item of COMSEC material to facilitate its control.

SOURCE: CNSSI-4009

accreditation

the process of mapping information contained in either the SAML Assertion or the public key certificate with the Agency Application's own database of users.

The process used to achieve formal recognition that an organization has agreed to the EAP operating rules and is competent to perform assessments using the Service Assessment Criteria.

The process used to achieve formal recognition that an organization has agreed to the operating rules defined in the AAS (Assurance Assessment Scheme) and is competent to perform assessments using the Service Assessment Criteria.

The process used to achieve formal recognition that an organization has agreed to the IAEG operating rules and is competent to perform assessments using the Service Assessment Criteria.

Procedure by which an authoritative body declares that an assessor has satisfied the designated criteria for

assessing a PKI component.

The official management decision given by a senior agency official to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. See Authorization.

SOURCE: FIPS 200

Formal declaration by a Designated Accrediting Authority (DAA) or Principal Accrediting Authority (PAA) that an information system is approved to operate at an acceptable level of risk, based on the implementation of an approved set of technical, managerial, and procedural safeguards. See Authorization.

SOURCE: CNSSI-4009

The authorization action; granting an authority to perform a defined service.

accreditation authority

See Authorizing Official.

Assesses and validates that identity providers, attribute providers, relying parties, and identity media adhere to an agreed upon Trust Framework.

accreditation boundary

1. Identifies the information resources covered by an accreditation decision, as distinguished from separately accredited information resources that are interconnected or with which information is exchanged via messaging. Synonymous with Security Perimeter.

2. For the purposes of identifying the Protection Level for confidentiality of a system to be accredited, the system has a conceptual boundary that extends to all intended users of the system, both directly and indirectly connected, who receive output from the system. See authorization boundary.

SOURCE: CNSSI-4009

accreditation package

The evidence provided to the authorizing official to be used in the security accreditation decision process. Evidence includes, but is not limited to: 1) the system security plan; 2) the assessment results from the security certification; and 3) the plan of action and milestones.

SOURCE: SP 800-37

Product comprised of a System Security Plan (SSP) and a report documenting the basis for the accreditation decision.

SOURCE: CNSSI-4009

accrediting authority

Synonymous with Designated Accrediting Authority (DAA). See also Authorizing Official.

SOURCE: CNSSI-4009

accrediting body

A recognized entity that accredits an assessor or evaluator as being qualified to perform assessments of CAs or other PKI components, applying designated criteria (such as standards derived from the certificate policies adopted by the policy-adopting body).

activation data

Data values, other than keys, that are required to operate cryptographic modules and that need to be protected e.g., a PIN, a pass-phrase, or a key share.

Private data, other than keys, that are required to access cryptographic modules.

SOURCE: SP 800-32

active attack

An attack that alters a system or data.

SOURCE: CNSSI-4009

active content

Electronic documents that can carry out or trigger actions automatically on a computer platform without the intervention of a user.

SOURCE: SP 800-28

Software in various forms that is able to automatically carry out or trigger actions on a computer platform without the intervention of a user.

SOURCE: CNSSI-4009

active role

A role that a system entity has donned when performing some operation, for example accessing a resource.

active security testing

Security testing that involves direct interaction with a target, such as sending packets to a target.

SOURCE: SP 800-115

add-on security

Incorporation of new hardware, software, or firmware safeguards in an operational information system.

SOURCE: CNSSI-4009

address

An address is the identifier for a specific termination point

and is used for routing to this termination point.

An address is the identifier for a specific termination point (and is used for routing to this termination point).

An identifier for a specific termination point that is used for routing.

An address is the identifier for a specific termination point (and is used for routing to this termination point).

adequate security

Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information.

SOURCE: SP 800-53; FIPS 200; OMB Circular A-130, App. III

Security commensurate with the risk and magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information.

Note: This includes assuring that information systems operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of cost-effective management, personnel, operational, and technical controls.

SOURCE: CNSSI-4009

administrative account

A user account with full privileges on a computer.

SOURCE: SP-800-69

administrative authority

An organization responsible for the management of an administrative domain.

administrative domain

A boundary for the management of all business and technical aspects related to:

1. A claims provider;

2. A relying party; or

3. A relying party that serves as its own claims provider.

An environment or context that is defined by some combination of one or more administrative policies, Internet Domain Name registrations, civil legal entities (for example, individuals, corporations, or other formally organized entities), plus a collection of hosts, network devices and the interconnecting networks (and possibly other traits), plus (often various) network services and applications running upon them. An administrative domain may contain or define one or more security domains. An administrative domain may encompass a single site or multiple sites. The traits defining an administrative domain may, and in many cases will, evolve over time. Administrative domains may interact and enter into agreements for providing and/or consuming services across administrative domain boundaries.

administrative safeguards

Administrative actions, policies, and procedures to manage the selection, development, implementation, and maintenance of security measures to protect electronic health information and to manage the conduct of the covered entity's workforce in relation to protecting that information.

SOURCE: SP 800-66

administrator

A person who installs or maintains a system (for example, a SAML-based security system) or who uses it to manage system entities, users, and/or content (as opposed to application purposes; see also End User). An administrator is typically affiliated with a particular administrative domain and may be affiliated with more than one administrative domain.

administrator lockout

An administrator lockout is a flag set by an administrator to disable logins on an account.

Administrator lockouts normally precede permanent deletion of the account, and provide an opportunity to retrieve data from the account before it is removed.

Note that on some systems and applications, intruder lockouts and administrator lockouts are entangled (they use the same flag). This is a poor but common design.

advance encryption standard (AES)

The Advanced Encryption Standard specifies a U.S. Government-approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. This standard specifies the Rijndael algorithm, a symmetric block cipher that can process data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits.

SOURCE: FIPS 197

A U.S. Government-approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information.

SOURCE: CNSSI-4009

advance key processor (AKP)

A cryptographic device that performs all cryptographic functions for a management client node and contains the interfaces to 1) exchange information with a client platform, 2) interact with fill devices, and 3) connect a client platform securely to the primary services node (PRSN).

SOURCE: CNSSI-4009

advisory

Notification of significant new trends or developments regarding the threat to the information systems of an organization. This notification may include analytical insights into trends, intentions, technologies, or tactics of an adversary targeting information systems.

SOURCE: CNSSI-4009

affected individual

In the context of key recovery, a person whose private or commercial interest is affected by the use, misuse, or inability to access the information.

affiliate

An entity that controls, is controlled by, or is under common control with another entity.

affiliation, affiliation group

A set of system entities that share a single namespace (in the federated sense) of identifiers for principals.

An affiliation is a set of one or more entities, described by providerID's, who may perform Liberty interactions as a member of the set. An affiliation is referenced by exactly one affiliationID, and is administered by exactly one entity identified by their providerID. Members of an affiliation may invoke services either as a member of the affiliation (using affiliationID), or individually (using their providerID). Affiliation and affiliation group are equivalent terms.

agency

A Government owned corporation, which is considered a RP or CSP in regard to the Federation.

Agency is a relationship between two parties in which one party (agent) has the authority to act on behalf of another (principal), and any acts by an agent on behalf of the principal legally bind the principal.

Any executive department, military department, government corporation, government controlled corporation, or other establishment in the executive branch of the government (including the Executive Office of the President), or any independent regulatory agency, but does not include: 1) the Government Accountability Office; 2) the Federal Election Commission; 3) the governments of the District of Columbia and of the territories and possessions of the United States, and their various subdivisions; or 4) government-owned contractor-operated facilities, including laboratories engaged in national defense research and production activities.

SOURCE: FIPS 200; 44 U.S.C., Sec. 3502

ALSO SEE Executive Agency.

agency application (AA)

E-Government applications that perform some business function online. If an E-Government application has multiple interfaces (e.g., administration and service application), each interface with distinct authentication requirements is considered a stand-alone AA. AAs manage all Business Transactions and all End-User authorization decisions.

agency certification authority

A CA that acts on behalf of an Agency, and is under the operational control of an Agency.

SOURCE: SP 800-32

agent

A computer system or device that has been delegated (authority, responsibility, a function, etc.) by and acts for a Party (in exercising the authority, carrying out the responsibility, performing the function, etc.).

Any individual, organization or electronic entity that creates, filters, gathers and/or publishes reputation data. Doing so enables entrance into the OpenPrivacy system for purposes of joining the anonymous demographics marketplace. Agents have an internal state and can initiate communications with peers when set conditions are met.

A computer system or device that has been delegated (authority, responsibility, a function, etc.) by and acts for a legal entity/party (in exercising the authority, carrying out the responsibility, performing the function, etc.).

A computer system or device that has been delegated (authority, responsibility, a function, etc.) by and acts for a Party (in exercising the authority, carrying out the responsibility, performing the function, etc.).

An entity that acts on behalf of another entity

An entity that acts on behalf of another entity.

An agent is another term for a target connector.

A program used in distributed denial of service (DDoS) attacks that sends malicious traffic to hosts based on the instructions of a handler.

SOURCE: SP 800-61

A program acting on behalf of a person or organization.

SOURCE: SP 800-95

agreement

Means this Identity Management Services Agreement, including all schedules and exhibits, as amended from time to time.

AL

See assurance level Applicant. An individual or person acting as a proxy for a machine or corporate entity who is the subject of an identity proofing process.

See Assurance Level

See assurance level.

alert

Notification that a specific attack has been directed at an organization's information systems.

SOURCE: CNSSI-4009

alias

An alias is a local ID that a user has on a given system which is different from the user's global ID.

alliance

An agreement between two or more independent Entities that defines how they will relate to each other and how they jointly conduct activities.

An agreement between two or more independent entities that defines how they relate to each other and how they jointly conduct activities.

An agreement between two or more independent Entities that defines how they will relate to each other and how they jointly conduct activities.

alternate COMSEC custodian

Individual designated by proper authority to perform the duties of the COMSEC custodian during the temporary absence of the COMSEC custodian.

SOURCE: CNSSI-4009

alternate work site

Governmentwide, national program allowing Federal employees to work at home or at geographically convenient satellite offices for part of the work week (e.g., telecommuting).

SOURCE: CNSSI-4009

analysis

The examination of acquired data for its significance and probative value to the case.

SOURCE: SP 800-72

ancillary services

Services other than certificate lifecycle services, performed in support of digital signatures and other uses of certificates, and in support of other related areas of secure electronic commerce.

annual conformity review (ACR)

Review undertaken annually by the ARB (Assurance Review Board) of all Grantees as a positive check and reminder that their conformity to the appropriate agreement, and therefore the requirements of the AAS, remains their obligation.

anomaly-based detection

The process of comparing definitions of what activity is considered normal against observed events to identify significant deviations.

SOURCE: SP 800-94

anonym

An anonym is an anonymous identifier. This means that the identifier is not linked to it's owning legal entity. So long as there is some information that links an identifier to its owning legal entity, it is not an anonym â€” at best, the identifier can be a pseudonym.

anonymity

Anonymity refers to the quality or state of being not identifiable within the set of all possible entities that could cause an action and that might be addressed.

Anonymity is an attribute of an identity within an interaction which indicates if the identity is anonymous or unanonymous.

The ability of an Identity to keep its Entity secret from everyone. Literally means "no name". It must be â€œpersistentâ€ which makes it difficult, if not impossible, to remain truly anonymous because details deduced over time may be joined with other details and republished (unless there are privacy laws preventing it). For example, a prepaid mobile phone can allow the purchaser to remain anonymous until a pattern of use is established. Also see Pseudonym.

a. Ability to allow anonymous access to services, which avoid tracking of user's personal information and user behavior such as user location, frequency of a service usage, and soon.

b. Lack of any capability to ascertain identity.

c. The quality or state of being anonymous which is the condition of having a name or identity that is unknown or concealed.

i. Ability to allow anonymous access to services, which avoid tracking of user's personal information and user behaviour such as user location, frequency of a ser-vice usage, and so on.

ii. Lack of any capability to ascertain identity.

iii. The quality or state of being anonymous, which is the condition of having a name or identity that is unknown or concealed.

The quality or state of being anonymous, which is the condition of having a name or identity that is unknown or concealed.

The property that an entity cannot be identified within a set of entities.

A situation where an entity cannot be identified within a set of entities.

The property that an entity cannot be identified within a set of entities.

anonymize

The removal of any person-related information that could be used to identify a specific individual.

anonymous

Not named or identified. Anonymous transactions allow for information exchange between parties without the need to identify the parties involved.

anonymous identity

An anonymous identity is an identity that is not bound or linked to an entity.

anti-jam

Countermeasures ensuring that transmitted information can be received despite deliberate jamming attempts.

SOURCE: CNSSI-4009

anti-spoof

Countermeasures taken to prevent the unauthorized use of legitimate Identification & Authentication (I&A) data, however it was obtained, to mimic a subject different from the attacker.

SOURCE: CNSSI-4009

antispyware software

A program that specializes in detecting both malware and non-malware forms of spyware.

SOURCE: SP 800-69

antivirus software

A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents.

SOURCE: SP 800-83

applicant

An individual or person acting as a proxy for a machine or corporate entity who is the subject of an identity proofing process.

An individual or person acting as a proxy for a machine or

corporate entity who is the subject of an identity proofing process.

An individual or person acting as a proxy for a machine or corporate entity who is the subject of an identity proofing process.

An individual applying for a PIV Card/credential. The Applicant may be a current or prospective Federal hire, a Federal employee, or a contractor.

The subscriber is sometimes called an â€œapplicantâ€ after applying to a certification authority for a certificate, but before the certificate issuance procedure is completed.

SOURCE: SP 800-32

applicant (accreditation)

An Audit Organization applying to Kantara Initiative for accreditation under the AAS.

application

A software system, usually a business solution or end user tool.

A hardware/software system implemented to satisfy a particular set of requirements. In this context, an application incorporates a system used to satisfy a subset of requirements related to the verification or identification of an end user's identity so that the end user's identifier can be used to facilitate the end user's interaction with the system.

The use of information resources (information and information technology) to satisfy a specific set of user requirements.

SOURCE: SP 800-37

Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring, or administrative privileges.

SOURCE: CNSSI-4009

application content filtering

Application content filtering is performed by a software proxy agent to remove or quarantine viruses that may be contained in email attachments, to block specific Multipurpose Internet Mail Extensions (MIME) types, or to filter other active content such as Java, JavaScript, and ActiveX Controls.

SOURCE: SP 800-41

application migration

Vendors release new versions of their software all the time. When this happens, customers often choose to upgrade. Upgrades may require data from the old system, including data about users, to be migrated to the new system. An identity management system can be used to aid in this migration process.

application owner

An application's owner is a person in a business organization who may have authorized purchase of the application and is in any case responsible for the use of that system. This is a business rather than technical role.

application specific identifier (ASID)

An identifier that is used in an application to link a specific subject to data in the application.

applications inventory

A comprehensive repository of information about each Application, such as name, id, locations, business owner, system manager, platform, language, frequency of revalidation, users, and so on. Used to assist management in licensing, distribution, support, provisioning and auditing.

approval

The process by which the EAP Board accepts the compliance of a certified service and the ETSP responsible for that service commits to upholding the EAP Rules.

The process by which the ARB accepts the compliance of a certified service and the CSP responsible for that service commits to upholding the Rules as defined in the AAS.

The process by which the IAEG Board accepts the compliance of a certified service and the CSP responsible for that service commits to upholding the IAEG Rules.

approval to operate (ATO)

The official management decision issued by a DAA or PAA to authorize operation of an information system and to explicitly accept the residual risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals.

SOURCE: CNSSI-4009

approval workflow

An approval workflow is a business process where human actors may enter, review, approve, reject and/or implement a change request.

approve

Procedure by which an assessor/evaluator declares that a certification authority or other PKI component has satisfied designated criteria.

approved

Acceptance by the GSA to participate in the E-Authentication Federation, or other inclusion or use in the E-Authentication Federation.

FIPS approved or NIST recommended. An algorithm or technique that is either (1) specified in a FIPS or a NIST recommendation or (2) adopted in a FIPS or NIST recommendation.

Federal Information Processing Standard (FIPS)-approved or National Institute of Standards and Technology (NIST)-recommended. An algorithm or technique that is either

1) specified in a FIPS or NIST Recommendation, or

2) adopted in a FIPS or NIST Recommendation.

SOURCE: FIPS 201

FIPS-approved and/or NIST-recommended.

SOURCE: FIPS 140-2

FIPS-approved and/or NIST-recommended. An algorithm or technique that is either 1) specified in a FIPS or NIST Recommendation, 2) adopted in a FIPS or NIST Recommendation, or 3) specified in a list of NIST-approved security functions.

SOURCE: FIPS 186

approved credential

A Credential issued to an End-User by an Approved Credential Service of an Approved Credential Service Provider.

approved credential service provider

A Credential Service Provider or authorized agent that has been Approved by the GSA to participate in the E-Authentication Federation.

approved encryption

Any cryptographic algorithm or method specified in a FIPS or a NIST recommendation.

Any cryptographic algorithm or method specified in a FIPS or a NIST recommendation or equivalent, as established by a recognized national technical authority.

approved exception

An approved exception is a role violation which has been flagged as acceptable, and which consequently may be removed from violation reports and/or not corrected.

approved mode of operation

A mode of the cryptographic module that employs only Approved security functions (not to be confused with a specific mode of an Approved security function, e.g., Data Encryption Standard Cipher-Block Chaining (DES CBC) mode).

SOURCE: FIPS 140-2

approved party

An Approved Relying Party, Credential Service Provider, or authorized agent.

approved relying party

A Relying Party or authorized agent that has been approved by the GSA to participate in the E-Authentication Federation.

approved security function

A security function (e.g., cryptographic algorithm, cryptographic key management technique, or authentication technique) that is either

a) specified in an Approved Standard;

b) adopted in an Approved Standard and specified either in an appendix of the Approved Standard or in a document referenced by the Approved Standard; or

c) specified in the list of Approved security functions.

SOURCE: FIPS 140-2

approved service

A certified service which has been granted an approval by the EAP Board.

A certified service which has been granted an approval by the Kantara Initiative Board of Trustees.

A certified service which has been granted an approval by the IAEG Board.

architecture

A highly structured specification of an acceptable approach within a framework for solving a specific problem. An architecture contains descriptions of all the components of a selected, acceptable solution while allowing certain details of specific components to be variable to satisfy related constraints (e.g., costs, local environment, user acceptability).

archival record

The key elements (e.g., data, metadata, and security tokens) that comprise the information pertaining to a business event such as enrollment, use, maintenance, and destruction of certificates. These elements typically need to be preserved for legal, regulatory, dispute resolution, auditing, investigation of potential security breaches, other operational, or historical purposes.

artifact

See SAML Artifact.

asserting entity

An Entity making an identity representation or claim to a relying party within some request context.

asserting identity

An entity making an identity representation or claim to a relying party within some request context.

An entity making an identity representation or claim to a

relying party within some request context.

asserting party

Formally, the administrative domain that hosts one or more SAML authorities. Informally, an instance of a SAML authority.

assertions

The identity information provided by an Identity Provider to a Service Provider.

an assertion is synonymous with a credential.

A claim, such as to be a particular Identity or a member of a Group. Usually requires proof via a credential, such as in a user-id and password pair. Also see Authentication.

i. A representation of an entity's identity or claim. (Compare with manifestation.)

ii. The identity information provided by an Identity Provider to a Service Provider.

A statement from a verifier to a relying party that contains identity or other information about a subscriber.

A communication from Credential Service Provider to Relying Party confirming that the Subject qualifies for access to Relying Party's website or services in accordance with certain preestablished criteria as described on in Schedule A to this Agreement.

A piece of data produced by a SAML authority regarding either

an act of authentication performed on a subject, attribute

information about the subject, or authorization data applying to

the subject with respect to a specified resource.

An XML-based data structure defined by SAML. Assertions are collections of one or more statements, made by a SAML authority (also known as an issuer), such as an authentication statement or attribute statement. As used in Liberty, assertions typically concern things such as: an act of authentication performed by a Principal, attribute information about a Principal, or authorization permissions applying to a Principal with respect to a specified resource.

A statement from a verifier to a relying party that contains identity or other information about a subscriber.

a statement made (by an entity) without accompanying evidence of its validity.

A statement made by an entity without accompanying evidence of its validity.

A statement made (by an entity) without accompanying evidence of its validity.

assessment

A process used to evaluate an electronic trust service and the service provider using the requirements specified by one or more Service Assessment Criteria for compliance with all applicable requirements.

A procedure for determining whether an assessor, or a certification authority (or another PKI component) meets defined criteria.

assessment findings

Results produced by the application of assessment procedures to security controls or control enhancements to achieve an assessment objective; the execution of a determination statement within an assessment procedure by an assessor that results in either a satisfied or other than satisfied condition.

SOURCE: SP 800-53A

assessment method

One of three types of actions (i.e., examine, interview, test) taken by assessors in obtaining evidence during an assessment.

SOURCE: SP 800-53A

assessment object

The item (i.e., specifications, mechanisms, activities, individuals) upon which an assessment method is applied during an assessment.

SOURCE: SP 800-53A

assessment objective

A set of determination statements that expresses the desired outcome for the assessment of a security control or control enhancement.

SOURCE: SP 800-53A

assessment procedure

A set of assessment objectives and an associated set of assessment methods and assessment objects.

SOURCE: SP 800-53A

assessment report

The result of an assessment of the specified security features of a PKI component.

assessor

A person or corporate entity who performs an assessment.

One who undertakes an assessment of a certification authority (or another PKI component).

Assessor of IPs/CSPs

A person or corporate entity who performs an assessment.

asset

Anything that has value to the organization, its business,

its operations and its continuity.

A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems.

SOURCE: CNSSI-4009

assurance

A level of risk associated with an Authentication.

A measure of confidence that the security features and architecture of the Identity Management capabilities accurately mediate and enforce the security policies understood between the Relying Party and the identity provider.

A measure of confidence that the security features and architecture

of the Identity Management capabilities accurately mediate and enforce the security policies understood between the Relying Party and the Identity Provider.

Grounds for confidence that an entity meets specified security requirements.

see authentication assurance and identity assurance

See authentication assurance and identity assurance.

Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. "Adequately met" includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass.

SOURCE: SP 800-27

Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.

SOURCE: CNSSI-4009

assurance assessment scheme (AAS)

A program which defines the process for assessing the operating standards of certain players in the Identity and Credential Assurance Management space against strict criteria, and grants to candidates of the Scheme the right to use the Kantara Initiative Mark, a symbol of trustworthy identity and credential management services, at specified Assurance Levels.

assurance case

A structured set of arguments and a body of evidence showing that an information system satisfies specific claims with respect to a given quality attribute.

SOURCE: SP 800-53A

assurance framework

A methodology for managing Transaction Risk within a Channel, based on the combination of Registration strength and Credential strength. Usually presented as a simple model with X and Y axes. For example; the Australian Government Assurance Framework (AGAF).

assurance levels

The degree of certainty that the user has presented an identifier (a Credential in this context) that refers to his or her identity.

A level of risk associated with an Authentication.

A measure of confidence that the security features and architecture of the Identity

A quantitative expression of Assurance agreed between a Relying Party and an Identity Provider.

A degree of certainty that a claimant has presented a credential that refers to the claimant's identity. Each assurance level expresses a degree of confidence in the process used to establish the identity of the individual to whom the credential was issued and a degree of confidence that the individual who uses the credential is the individual to whom the credential was issued.

describes the strength of the identification and authentication

processes "“ i.e., it provides a basis for determining the degree to which a party to an electronic

business transaction can be confident: (1) that the identity information being presented actually represents the person named in it (e.g., that the person who was identified as Bill Gates really was Bill Gates, and not an imposter), and (2) that the person identified in the credential is the person who is actually engaging in the electronic transaction (e.g., that it is really Bill Gates on the remote device who is seeking access to a company's system, and not someone who stole his

password).

A degree of certainty that a claimant has presented a credential that refers to the claimant's identity. Each assurance level expresses a degree of confidence in the process used to establish

the identity of the individual to whom the credential was issued

and a degree of confidence that the individual who uses the credential is the individual to whom the credential was issued.

A degree of certainty that a claimant has presented a credential that refers to the claimant's identity. Each assurance level expresses a degree of confidence in the process used to establish the identity of the individual to whom the credential was issued and a degree of confidence that the individual who uses the credential is the individual to whom the credential was issued.

A particular point on a relative scale of assurance.

A quantitative expression that indicates the level of confidence in the binding between an entity and the presented identity information.

A level of confidence in the binding between an entity and the presented identity information.

A quantitative expression that indicates the level of confidence in the binding between an entity and the presented identity information.

assurance review board (ARB)

The Assurance Review Board (ARB) is a sub-committee of the Board of Trustees, and is the operational authoritative body of the Kantara Identity Assurance Framework Assurance Assessment Scheme (AAS) certification program. It has delegated authority from the Kantara Initiative Board of Trustees (KIBoT) to undertake assessments of all types of applications for a Grant of Rights of Use of the Kantara Initiative Mark and shall make recommendations to the KIBoT for the award or denial of such Grants.

assured information sharing

The ability to confidently share information with those who need it, when and where they need it, as determined by operational need and an acceptable level of security risk.

SOURCE: CNSSI-4009

assured software

Computer application that has been designed, developed, analyzed, and tested using processes, tools, and techniques that establish a level of confidence in it.

SOURCE: CNSSI-4009

asymmetric authentication method

A method of authentication, in which not all authentication information is shared by both entities.

asymmetric cryptography

SEE Public Key Cryptography.

SOURCE: CNSSI-4009

asymmetric crypotsystem

A system using two different but mathematically related keys, one for creating a digital signature or decrypting data, and another key for verifying a digital signature or encrypting data. Computer equipment and software utilizing such key pairs are often collectively termed an "asymmetric cryptosystem." For at least one key of the key pair, it should be computationally infeasible to calculate the complementary key of that pair.

asymmetric encryption

Asymmetric encryption is encryption where matching pairs of keys are used. What is encrypted with one key in a matched pair can only be decrypted by the other key -- it cannot be decrypted with the original key, or with any other key.

asymmetric keys

Two related keys, a public key and a private key, that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification.

Two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification.

SOURCE: FIPS 201

attack

An attempt to obtain a subscriber's token or to fool a verifier into believing that an unauthorized individual possesses a claimant's token.

An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity.

SOURCE: SP 800-32

Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

SOURCE: CNSSI-4009

attack sensing and warning (AS&W)

Detection, correlation, identification, and characterization of intentional unauthorized activity with notification to decision makers so that an appropriate response can be developed.

SOURCE: CNSSI-4009

attack signature

A specific sequence of events indicative of an unauthorized access attempt.

SOURCE: SP 800-12

A characteristic byte pattern used in malicious code or an indicator, or set of indicators, that allows the identification of malicious network activities.

SOURCE: CNSSI-4009

attestation

The confirmation, corroboration or formal acceptance that something is correct. It is increasingly required by good corporate governance. For example; the "Sarbanes-Oxley" Act (SOX) requirements. Also see Revalidation.

Attestation is synonymous with access certification. This term highlights the aspect of certification where stake-holders attest to the appropriateness of entitlements, rather than flagging those that should be removed. Both signing off on appropriate entitlements and flagging inappropriate ones should be done in tandem.

attribute

Information bound to an entity that specifies a characteristic of the entity.

A named quality or characteristic inherent in or ascribed to someone or something. Attributes

can include personal qualities (e.g. age), ambient information such as location, or certifications

that serve as proof of a given capability.

attribute assertion

An assertion that conveys information about attributes of a subject.

attribute authority

A system entity that produces attribute assertions.

An entity, recognized by the Federal Public Key Infrastructure (PKI) Policy Authority or comparable Agency body as having the authority to verify the association of attributes to an identity.

SOURCE: SP 800-32

attribute-based access control

Access control based on attributes associated with and about subjects, objects, targets, initiators, resources, or the environment. An access control rule set defines the combination of attributes under which an access may take place.

SOURCE: SP 800-53; CNSSI-4009

attribute-based authorization

A structured process that determines when a user is authorized to access information, systems, or services based on attributes of the user and of the information, system, or service.

SOURCE: CNSSI-4009

attribute class

A predefined set of attributes, such as the constituents of a Principal's name (prefix, first name, middle name, last name, and suffix). Liberty entities may standardize such classes.

A predefined set of attributes, such as the constituents of a Principal's name (prefix, first name, middle name, last name, and suffix).

attribute container

A module comprised of a collection of attributes grouped together according to expected use patterns.

attribute provider (AP)

The attribute provider (AP) provides ID-PP information. Sometimes called a ID-PP provider, the AP is an ID-WSF web service that hosts the ID-PP.

An attribute provider (AP) provides Identity Personal Profile (ID-PP) information. Sometimes referred to as an ID-PP provider.

Responsible for all the processes associated with establishing and maintaining a subject's identity attributes; they provide assertions of the attributes to the individuals, other providers,

and relying parties.

attribute type

That component of an attribute which indicates the class of

information given by that attribute.

That component of an attribute which indicates the class of information given by that attribute.

A component of an attribute that indicates the class of information given by that attribute.

That component of an attribute which indicates the class of information given by that attribute.

attribute value

A particular instance of the class of information indicated by an attribute type.

attribute(s)

the information data elements in an attribute assertion you might make to another Federation participant concerning the identity of a person in your identity management system.

A single piece of information associated with an electronic identity database record.? Some attributes are general; others are personal.? Some subset of all attributes defines a unique individual.

An attribute is a distinct, measurable, physical or abstract named property belonging to an entity.

A type/value pair of information related to an Entity or Identity. It may be shared (eg nationality), or unique (eg DNA). A combination of attributes may be sufficient to satisfy an assertion. Usually a value in an identity repository (directory or database) collected directly or indirectly through registration, enrolment or access control. Also see Role.

1. Descriptive information bound to an entity that specifies a characteristic of an entity such as condition, quality or other information associated with that entity

2. Information of a particular type. In IdM, objects and object classes are composed of attributes

3. A distinct characteristic of an object. An object's attributes are said to describe the object. Objects' attributes are often specified in terms of their physical traits, such as size, shape, weight, and color, for real-world objects. Objects in

cyberspace might have attributes describing size, type of encoding, and network address.

i. Descriptive information bound to an entity that specifies a characteristic of an entity such as condition, quality or other information associated with that entity

ii. Information of a particular type. In the IdM, objects and object classes are composed of attributes.

iii. A distinct characteristic of an object. An object's attributes are said to describe the object. Objects' attributes are often specified in terms of their physical traits, such as size, shape, weight, and color, etc., for real-world objects. Objects in cyberspace might have attributes describing size, type of encoding, network address, etc.

A property associated with an individual.

Personal information concerning a specific category or characteristics of a given

identity, such as name, address, age, gender, title, salary, health, net worth, driver's license

number, Social Security number, etc.

A property associated with an individual.

A distinct characteristic of an object (in SAML, of a subject). An object's attributes are said to describe it. Attributes are often

specified in terms of physical traits, such as size, shape, weight, and color, etc., for real-world objects. Objects in cyberspace might have attributes describing size, type of encoding, network

address, and so on. Attributes are often represented as pairs of

"attribute name" and "attribute value(s)", e.g. "foo" has the value

'bar', "count" has the value 1, "gizmo" has the values "frob" and "2", etc. Often, these are referred to as "attribute value pairs". Note that Identifiers are essentially "distinguished attributes". See also Identifier and XML attribute.

A distinct characteristic of a Principal. A Principal's attributes are said to describe it.

A module comprised of a collection of attributes grouped together according to expected use patterns.

A property associated with an individual.

Information bound to an entity that specifies a characteristic of the entity.

attribution

In a legal context, the determination that a message or record was originated by a particular party. See authentication.

A process to achieve sufficient confidence in the binding between the entity and the presented identity.

audit

Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures.

SOURCE: SP 800-32

Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures.

SOURCE: CNSSI-4009

audit data

Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.

SOURCE: SP 800-32

audit log

A chronological record of system activities. Includes records of system accesses and operations performed in a given period.

SOURCE: CNSSI-4009

audit reduction tools

Preprocessors designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tools can remove many audit records known to have little security significance. These tools generally remove records generated by specified classes of events, such as records generated by nightly backups.

SOURCE: SP 800-12; CNSSI-4009

audit (secret)

An independent review and examination of system records

and activities in order to test for adequacy of system controls,

to ensure compliance with established policy and operational procedures, to detect breaches in security, and to recommend any indicated changes in control, policy and procedures.

audit organization

An organization which undertakes assessments of entities and their services to establish their conformity to or compliance with specific standards or other widely-recognized criteria. Specifically, in the context of the AAS, entities providing credentialing or identity management services which are claiming conformance to the IAF.

audit review

The assessment of an information system to evaluate the adequacy of implemented security controls, assure that they are functioning properly, identify vulnerabilities, and assist in implementation of new security controls where required. This assessment is conducted annually or whenever significant change has occurred and may lead to recertification of the information system.

SOURCE: CNSSI-4009

audit trail

A record showing who has accessed an Information Technology (IT) system and what operations the user has performed during a given period.

SOURCE: SP 800-47

A chronological record that reconstructs and examines the sequence of activities surrounding or leading to a specific operation, procedure, or event in a security relevant transaction from inception to final result.

SOURCE: CNSSI-4009

authenticate

To confirm the identity of an entity when that identity is presented.

SOURCE: SP 800-32

To verify the identity of a user, user device, or other entity.

SOURCE: CNSSI-4009

authenticated identity

A distinguishing identifier of a principal that has been assured through authentication.

A distinguishing identifier of a principal that has been assured

through authentication.

An identity, representing a system entity, which often is a Principal, that is asserted to have been the subject of a successful authentication.

authenticated principal

A Principal who has had his identity authenticated by an Identity Provider.

authenticating authority

Synonymous with authenticating identity provider or authenticating IdP. An identity provider that authenticated a Principal (see also authentication). In [LibertyAuthnContext], the authenticating authority is identified by the first occurring <AuthenticatingAuthority> element instance.

authenticating entity

A system entity that engages in the process of authenticating itself to another system entity, the latter typically being an Identity Provider (see also authentication). More formally, an authenticating system entity.

A process to achieve sufficient confidence in the binding between the entity and the presented identity.

authentication

The process by which a person verifies or confirms their association with an electronic identifier.? For example, entering a password that is associated with an UserID or account name is assumed to verify that the user is the person to whom the UserID was issued.

Assertion-based authentication (i.e., authentication of PINs and Passwords) and certificate-based authentication.

providing a codified assurance of the identity of one entity to another.

Authentication is the corroboration of a claimed set of attributes or facts with a specified, or understood, level of confidence.

1. Authentication is the process of validating that it is indeed the owning entity that is using or deploying the owned identity in an interaction.

2. Authentication is the process whereby confidence is established in an assertion of identity. It is performed by cross-checking against one or more authenticators.

3. Authentication is the act of verifying that identity, where a verification consists in establishing, to the satisfaction of the verifier, that the sign signifies the entity.

The process of establishing an Identity to be used in a particular instance, by verifying an assertion (eg claiming to be the owner of a set of credentials). See Assertion. In principle the original issuer of a credential should be the one to authenticate it; in practice this may be problematic and methods have been devised to share the authentication process. Also see re-authentication, and mutual authentication.

The provision of assurance of the claimed identity of an entity.

Authentication simply establishes identity, not what that identity is authorized to do or what access privileges he or she has.

The process of establishing or confirming that someone is who they claim to be.

Authentication simply establishes identity, not what that identity is authorized to do or what access privileges he or she has.

The process to verify that the

identification is, in fact, true.

To confirm a system entity's asserted principal identity with a

specified, or understood, level of confidence. [CyberTrust]

[SAMLAgree]

The process of verifying the ability of a communication party to "talk" in the name of a Principal.

Authentication is the process of confirming a system entity's asserted identity with a specified, or understood, level of confidence.

Authentication simply establishes identity, not what that identity is authorized to do or what access privileges he or she has.

The process of confirming an identity claimed by or for an entity. An authentication process is the second of two steps comprising: the identification step "“ presenting an identifier to the security system and the authentication step "“ presenting or generating authentication information that corroborates the binding between the entity and the identifier.

A process used to achieve sufficient confidence in the binding between the entity and the presented identity.

Authentication is a process by which a user proves his identity to a system -- normally when logging in.

The process of establishing confidence of authenticity; in this case, in the validity of a person's identity and the PIV Card.

Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.

SOURCE: SP 800-53; SP 800-27; FIPS 200

The process of establishing confidence of authenticity.

SOURCE: FIPS 201

Encompasses identity verification, message origin authentication, and message content authentication.

SOURCE: FIPS 190

A process that establishes the origin of information or determines an entity's identity.

SOURCE: SP 800-21

The process of verifying the identity or other attributes claimed by or assumed of an entity (user, process, or device), or to verify the source and integrity of data.

SOURCE: CNSSI-4009

Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to

resources in an information system.

authentication (entity)

A process used to achieve sufficient confidence in the binding between the entity and the presented identity.

authentication assertion

An assertion that conveys information about a successful act of authentication that took place for a subject.

A SAML-based assertion that, in the Liberty specification suite, contains a <lib:AuthenticationStatement>. Note that the foregoing element is defined in a Liberty namespace. Also known as Liberty authentication assertion and ID-FF authentication assertion.

Liberty authentication assertions are formal XML extensions of SAML assertions [SAMLCore11].

Semantically, an assertion issuer is stating that the subject of the assertion authenticated with it (the issuer) at some point in time. Assertions are typically time-limited.

authentication assurance

Confidence reached in the authentication process, that the communication partner is the entity which it claims to be or is expected to be.

The degree of confidence reached in the authentication process, that the communication partner is the entity that it claims to be or is expected to be.

Confidence reached in the authentication process, that the communication partner is the entity which it claims to be or is expected to be.

authentication authority

A system entity that produces authentication assertions.

A system entity that produces authentication assertions [SAMLGloss2]. In the Liberty architecture, it is typically an Identity Provider.

authentication certificate

A security certificate that is guaranteed by an authentication

authority and that may be used to assure the identity of an entity.

authentication code

A cryptographic checksum based on an Approved security function (also known as a Message Authentication Code [MAC]).

SOURCE: FIPS 140-2

authentication context (AC)

Authentication Context is an extensible XML-based "schematic" description of authentication event characteristics [LibertyAuthnContext].

authentication domain (AD)

A formal community of Liberty-enabled entities that interact using a set of well-established common rules.

An Authentication Domain (AD) is a formal community of Liberty-enabled entities that interact using a set of well-known common rules.

authentication, electronic

The process of establishing confidence in user identities electronically presented to an information system.

SOURCE: SP 800-63

authentication exchange

A sequence of one or more transfers of exchange authentication

information (AI) for the purposes of performing an authentication.

See authentication protocol exchange.

authentication factor

An authentication factor is something a user presents to a system in order to prove his identity. It may be something he (and hopefully only he) knows, or proof of possession of a physical object, or a measurement of some physical characteristic (biometric) of the living human user. In other words, something the user knows, or something he has, or something he is.

authentication information

i. Information used to establish the validity of a claimed identity.

ii. Information used for authentication purposes.

authentication initiator

The entity that starts an authentication exchange.

authentication mechanism

An authentication mechanism is a particular, identifiable, process or technique that results in a confirmation of a system entity's asserted identity with a specified, or understood, level of confidence. See also SASL mechanism. An authentication mechanism may be employed in the process of generating security tokens attesting to the authenticated identity of an authenticating entity. The ID-WSF Authentication Protocol specifies such a process [LibertyAuthn].

Hardware-or software-based mechanisms that force users to prove their identity before accessing data on a device.

SOURCE: SP 800-72; SP 800-124

Hardware or software-based mechanisms that forces users, devices, or processes to prove their identity before accessing data on an information system.

SOURCE: CNSSI-4009

authentication mode

A block cipher mode of operation that can provide assurance of the authenticity and, therefore, the integrity of data.

SOURCE: SP 800-38B

authentication period

The maximum acceptable period between any initial authentication process and subsequent reauthentication processes during a single terminal session or during the period data is being accessed.

SOURCE: CNSSI-4009

authentication protocol

A well-specified message exchange process that verifies possession of a token to remotely authenticate a claimant. Some authentication protocols also generate cryptographic keys that are used to protect an entire session, so that the data transferred in the session is cryptographically protected.

SOURCE: SP 800-63

A well-specified message exchange process between a claimant and a verifier that enables the verifier to confirm the claimant's identity.

SOURCE: CNSSI-4009

authentication protocol exchange

Authentication protocol exchange is the term used in [RFC4422] to refer to the sequence of messages exchanged between the client and server as specified and governed by the particular SASL mechanism being employed to effect an act of authentication.

authentication quality

The level of assurance that a service provider can place in an authentication assertion it receives from an identity provider.

authentication server

The precise, specific role played by a server in the protocol message exchanges defined in the ID-WSF Authentication Protocol.

authentication service consumer (AS consumer)

A Web Service Consumer (WSC) implementing the client-side of the ID-WSF Authentication Service [LibertyAuthn].

authentication service provider (AS provider)

A Web Service Provider (WSP) implementing the server-side of the ID-WSF Authentication Service [LibertyAuthn].

authentication session

The period of time starting after A has authenticated B and until A stops trusting B's identity assertion and requires reauthentication. Also known as "session," it is the state between a successful login and a successful logout by the Principal.

The period of time starting after A has authenticated B and until A stops trusting B's identity assertion and requires reauthentication. Also known simply as a session, it is the state between a successful login and a successful logout by a Principal.

authentication support

Users may sometimes experience difficulty signing into a system or application. They may have forgotten their password or triggered an intruder lockout. In these cases, they may contact a support analyst for assistance, such as a password reset.

authentication tag

A pair of bit strings associated to data to provide assurance of its authenticity.

SOURCE: SP 800-38B

authentication token

Authentication information conveyed during an authentication exchange.

SOURCE: FIPS 196

authenticator

An authenticator is something which determines authenticity or which guarantees validity. An authenticator is usually an object, a piece of knowledge, or some characteristic of it's possessor. It is typically uniquely in the possession of an entity so that the entity can prove it's authenticity, in an interaction, by demonstrating that it has possession of the authenticator.

Something (usually uniquely in the possession of a person) that is used to determine authenticity; usually an object, an item of knowledge, or some characteristic of its possessor that is used to tie a person to an identity credential (such as by demonstrating that such person has possession of the authenticator). Also called a token. A password functions as an authenticator.

The means used to confirm the identity of a user, process, or device (e.g., user password or token).

SOURCE: SP 800-53; CNSSI-4009

authenticity

The property that data originated from its purported source.

The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. See Authentication.

SOURCE: SP 800-53; CNSSI-4009

authoritative identity provider

The Identity Provider responsible by law, industry practice, or system implementation for the definitive identity response to a query.

authority

Person(s) or established bodies with rights and responsibilities to exert control in an administrative sphere.

SOURCE: CNSSI-4009

authorization

The process of determining whether a specific person should be allowed to gain access to an application or function, or to make use of a resource.? The resource manager then makes the access control decision, which also may take into account other factors such as time of day, location of the user, and/or load on the resource system.

Occurs when management authorizes a System based on an assessment of management, operational and technical controls.

Authorisation refers to

1. the permission of an authenticated entity to perform a defined action or to use a defined service/resource;

2. the process of determining, by evaluation of applicable permissions, whether an authenticated entity is allowed to have access to a particular resource.

What the Identity can do, in a given instance, as a result of proving an assertion.

The granting of rights, which includes the granting of access based on access rights.

Process of deciding what an individual ought to be allowed to do.

A process of controlling access to information or resources only to those specifically permitted to use them. The actions that an authenticated person or entity is permitted as a result of the authentication.

Process of deciding what an individual ought to be allowed to do.

The process of determining, by evaluating applicable access

control information, whether a subject is allowed to have the

specified types of access to a particular resource. Usually,

authorization is in the context of authentication. Once a subject is authenticated, it may be authorized to perform different types of access. [Taxonomy]

A right or a permission that is granted to a system entity to perform an action.

The process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource. Usually, authorization is in the context of authentication. Once a subject is authenticated, it may be authorized to perform different types of access.

Process of deciding what an individual ought to be allowed to do.

The granting of rights, and, based on these rights, the granting of access.

The granting of rights and, based on these rights, the granting of access.

The granting of rights, and, based on these rights, the granting of access.

The official management decision given by a senior agency official to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls.

SOURCE: SP 800-37

Access privileges granted to a user, program, or process or the act of granting those privileges.

SOURCE: CNSSI-4009

The official management decision to authorize operation of an information system and explicitly

accept the risk operations (including mission, functions, image, or reputation), assets, or

individuals, based on the implementation of an agreed-upon set of security controls.

The act of approving or giving consent.

authorization boundary

All components of an information system to be authorized for operation by an authorizing official and excludes separately authorized systems, to which the information system is connected.

SOURCE: CNSSI-4009; SP 800-53

authorization decision

The result of an act of authorization. The result may be negative, that is, it may indicate that the subject is not allowed any access to the resource.

authorization decision assertion

Assertion An assertion that conveys information about an authorization decision.

authorization reminders

Authorizers in an approvals process may not respond to invitations to review a change request in a timely manner. When this happens, automatic reminders may be sent to them, asking them again to review change requests.

authorization (to operate)

The official management decision given by a senior organizational official to authorize operation of an information system and to explicitly accept the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation based on the implementation of an agreed-upon set of security controls.

SOURCE: SP 800-53; CNSSI-4009

authorize processing

See Authorization.

SOURCE: SP 800-53

authorized assessor

In the context of key recovery, an entity that accesses information when authorized by either criminal or civil justice systems.

authorized purposes

The purposes for which the Relying Party may use the Credential as described in Schedule B to this Agreement.

authorized vendor

Manufacturer of information assurance equipment authorized to produce quantities in excess of contractual requirements for direct sale to eligible buyers. Eligible buyers are typically U.S. Government organizations or U.S. Government contractors.

SOURCE: CNSSI-4009

authorized vendor program (AVP)

Program in which a vendor, producing an information systems security (INFOSEC) product under contract to NSA, is authorized to produce that product in numbers exceeding the contracted requirements for direct marketing and sale to eligible buyers. Eligible buyers are typically U.S. Government organizations or U.S. Government contractors. Products approved for marketing and sale through the AVP are placed on the Endorsed Cryptographic Products List (ECPL).

SOURCE: CNSSI-4009

authorizer

Changes to user profiles or entitlements may be subject to approval before they are acted on. In cases where approval is required, one or more authorizers are assigned that responsibility.

authorizing official

Official with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals. Synonymous with Accreditation Authority.

SOURCE: FIPS 200

Senior federal official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.

SOURCE: CNSSI-4009

A senior (federal) official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.

SOURCE: SP 800-53

authorizing official designated representative

Individual selected by an authorizing official to act on their behalf in coordinating and carrying out the necessary activities required during the security certification and accreditation of an information system.

SOURCE: SP 800-37

An organizational official acting on behalf of an authorizing official in carrying out and coordinating the required activities associated with security authorization.

SOURCE: CNSSI-4009

automated key transport

The transport of cryptographic keys, usually in encrypted form, using electronic means such as a computer network (e.g., key transport/agreement protocols).

SOURCE: FIPS 140-2

automated password generator

An algorithm which creates random passwords that have no association with a particular user.

SOURCE: FIPS 181

automated provisioning

Automated provisioning systems typically operate on a data feed from a system of record, such as a human relations (HR) system and automatically create login IDs and related logical access rights for newly hired employees or contractors.

It should be noted that automated provisioning normally operates without a user interface -- i.e., data flows in from one system and out to one or more other systems, without any further user input in between.

Auto-provisioning reduces IT support costs and can shorten the time required to provision new users with requisite access rights.

automated security monitoring

Use of automated procedures to ensure security controls are not circumvented or the use of these tools to track actions taken by subjects suspected of misusing the information system.

SOURCE: CNSSI-4009

automated termination

Automated termination systems typically operate on a data feed from a system of record, such as a human relations (HR) system and automatically disable access rights for existing users when they have left an organization.

It should be noted that automated termination normally operates without a user interface -- i.e., data flows in from one system and out to one or more other systems, without any further user input in between.

Auto-termination reduces IT support costs and can make access deactivation both faster and more reliable than manual processes.

automatic escalation

In the event that an authorizer has been invited to review a change request, has not responded, has been sent reminders, has nonetheless not responded, and has not delegated his authority, an identity management system may automatically select an alternate authorizer, rather than allow the approvals process to stall. Automatically rerouting requests to alternate authorizers is called escalation.

automatic password synchronization

Automatic password synchronization is a synonym for transparent password synchronization.

automatic remote rekeying

Procedure to rekey a distant crypto-equipment electronically without specific actions by the receiving terminal operator. See manual remote rekeying.

SOURCE: CNSSI-4009

autonomous system (AS)

One or more routers under a single administration operating the same routing policy.

SOURCE: SP 800-54

availability

State of usability and functionality to provide operational effectiveness.

Timely, reliable access to data and information services for authorized users.

Ensuring timely and reliable access to and use of information.

SOURCE: SP 800-53; SP 800-53A; SP 800-27; SP 800-60; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542

The property of being accessible and useable upon demand by an authorized entity.

SOURCE: CNSI-4009

Ensuring timely and reliable access to and use of information.

awareness (information security)

Activities which seek to focus an individual's attention on an (information security) issue or set of issues.

SOURCE: SP 800-50

back channel

Back channel refers to direct communications between two system entities without "redirecting" messages through another system entity such as an HTTP client (e.g. A user agent). See also front channel.

back door

Typically unauthorized hidden software or hardware mechanism used to circumvent security controls.

SOURCE: CNSSI-4009

backdoor

An undocumented way of gaining access to a computer system.

SOURCE: SP 800-82

backup

A copy of files and programs made to facilitate recovery, if necessary.

SOURCE: SP 800-34; CNSSI-4009

banner

Display on an information system that sets parameters for system or data use.

SOURCE: CNSSI-4009

banner grabbing

The process of capturing banner information"”such as application type and version"”that is transmitted by a remote port when a connection is initiated.

SOURCE: SP 800-115

baseline

Hardware, software, databases, and relevant documentation for an information system at a given point in time.

SOURCE: CNSSI-4009

baseline security

The minimum security controls required for safeguarding an IT system based on its identified needs for confidentiality, integrity, and/or availability protection.

SOURCE: SP 800-16

baselining

Monitoring resources to determine typical utilization patterns so that significant deviations can be detected.

SOURCE: SP 800-61

bastion host

A bastion host is typically a firewall implemented on top of an operating system that has been specially configured and hardened to be resistant to attack.

SOURCE: SP 800-41

A special-purpose computer on a network specifically designed and configured to withstand attacks.

SOURCE: CNSSI-4009

bearer token

A bearer token is a form of security token having the property of connoting some attribute(s) to its holder, or bearer. In [LibertySecMech], bearer tokens connote identity and they consist essentially of credentials of some form, e.g., SAML assertions [wss-saml11].

behavioral outcome

What an individual who has completed the specific training module is expected to be able to accomplish in terms of IT security-related job performance.

SOURCE: SP 800-16

benign

Condition of cryptographic data that cannot be compromised by human access.

SOURCE: CNSSI-4009

benign environment

Condition of cryptographic data that cannot be compromised by human access.

SOURCE: CNSSI-4009

bias

While reputations generally reflect the sum of many opinions of a single reference, a bias is an accumulation of opinions that represent the views of a single principal. Biases may be divided by area or type of reference (such as groups of political or demographically descriptive opinions). A RCE uses one or more Bias collections in the course of its calculations.

binding

An explicit established association, bonding, or tie.

Process of associating two related elements of information.

SOURCE: SP 800-32

An acknowledgement by a trusted third party that associates an entity's identity with its public key. This may take place through (1) a certification authority's generation of a public key certificate, (2) a security officer's verification of an entity's credentials and placement of the entity's public key and identifier in a secure database, or (3) an analogous method.

SOURCE: SP 800-21

Process of associating a specific communications terminal with a specific cryptographic key or associating two related elements of information.

SOURCE: CNSSI-4009

binding documents

E-Authentication Federation documents, in addition to the Participation Agreements, Business Rules and Operating Rules, that RPs and CSPs are required to adhere to and comply with.

binding, protocol binding

An explicit established association, bonding, or tie.

Generically, a specification of the mapping of some given protocol's messages, and perhaps message exchange patterns, onto another protocol, in a concrete fashion. For example, the mapping of the SAML <AuthnRequest> message onto HTTP is one example of a binding. The mapping of that same SAML message onto SOAP is another binding. In the SAML context, each binding is given a name in the pattern "SAML xxx binding".

Process of associating two related elements of information. For example, a certificate binds its subject to a particular public key.

An explicit established association, bonding, or tie.

biometric authentication

Biometric authentication requires that some measurement of the user's body, metabolism or behaviour is compared to a similar measurement enrolled earlier. A successful match is used as a successful authentication.

biometric information

The stored electronic information pertaining to a biometric. This information can be in terms of raw or compressed pixels or in terms of some characteristic (e.g., patterns).

The stored electronic information pertaining to a biometric. This information can be in terms of raw or compressed pixels or in terms of some characteristic (e.g., patterns.)

SOURCE: FIPS 201

biometric recognition

Automated recognition of individuals based on observation of behavioural and biological characteristics.

biometric system

An automated system capable of the following:

+ Capturing a biometric sample from an end user

+ Extracting biometric data from that sample

+ Comparing the extracted biometric data with data contained in one or more references

+ Deciding how well they match

+ Indicating whether or not an identification or verification of identity has been achieved.

An automated system capable of:

1) capturing a biometric sample from an end user;

2) extracting biometric data from that sample;

3) comparing the extracted biometric data with data contained in one or more references;

4) deciding how well they match; and

5) indicating whether or not an identification or verification of identity has been achieved.

SOURCE: FIPS 201

biometric verification

Any means by which a person can be either a) Identified or b) Verified (authenticated), by evaluating one or more distinguishing biological traits. An identification system (eg AFIS) consists of the original trait and a database of stored traits, by comparing of a sample for close matches. On the other hand, a verification system consists of an assertion by using a username and a biometric that generates a "˜password' string from the minutiae for an exact single match. Note: for verification, a biometric should not be used as a single-factor solution (see Factor).

biometric(s)

A physical trait or behavioural characteristic that can be used for the purposes of identification or verification. A good biometric should be unique to an individual, stable over time, quick and easy to present and verify, and not be easily duplicated by artificial means.

The use of measurable biological characteristics, such as fingerprint recognition, voice recognition, retina and iris scans to provide authentication.

A general term used alternatively to describe a characteristic

or a process.

As a characteristic:

A measurable biological (anatomical and physiological) and behavioral characteristic that can be used for automated recognition.

As a process:

Automated methods of recognizing an individual based on measurable biological (anatomical and physiological) and behavioral characteristics.

Automated methods of authenticating or verifying an individual based upon a physical or behaviorial characteristic.

Automated recognition of living persons based on observation of behavioural and biological (anatomical and physiological) characteristics.

A measurable, physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an Applicant. Facial images, fingerprints, and iriscan samples are all examples of biometrics.

A physical or behavioral characteristic of a human being.

SOURCE: SP 800-32

A measurable physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an applicant. Facial images, fingerprints, and iris scan samples are all examples of biometrics.

SOURCE: FIPS 201

Measurable physical characteristics or personal behavioral traits used to identify, or verify the claimed identity, of an individual. Facial images, fingerprints, and handwriting samples are all examples of biometrics.

SOURCE: CNSSI-4009

bit

A binary digit: 0 or 1

A binary digit: 0 or 1.

A binary digit: 0 or 1

A contraction of the term Binary Digit. The smallest unit of information in a binary system of notation.

SOURCE: CNSSI-4009

bit error rate

Ratio between the number of bits incorrectly received and the total number of bits transmitted in a telecommunications system.

SOURCE: CNSSI-4009

black

Designation applied to encrypted information and the information systems, the associated areas, circuits, components, and equipment processing that information. See also RED.

SOURCE: CNSSI-4009

black core

A communication network architecture in which user data traversing a global Internet Protocol (IP) network is end-to-end encrypted at the IP layer. Related to striped core.

SOURCE: CNSSI-4009

blacklist

A list of email senders who have previously sent span to a user.

SOURCE: SP 800-114

A list of discrete entities, such as hosts or applications, that have been previously determined to be associated with malicious activity.

SOURCE: SP 800-94

blacklisting

The process of the system invalidating a user ID based on the user's inappropriate actions. A blacklisted user ID cannot be used to log on to the system, even with the correct authenticator. Blacklisting and lifting of a blacklisting are both security-relevant events. Blacklisting also applies to blocks placed against IP addresses to prevent inappropriate or unauthorized use of Internet resources.

SOURCE: CNSSI-4009

blended attack

Malicious code that uses multiple methods to spread.

SOURCE: SP 800-61

A hostile action to spread malicious code via multiple methods.

SOURCE: CNSSI-4009

blinding

Generating network traffic that is likely to trigger many alerts in a short period of time, to conceal alerts triggered by a "real" attack performed simultaneously.

SOURCE: SP 800-94

block

Sequence of binary bits that comprise the input, output, State, and Round Key. The length of a sequence is the number of bits it contains. Blocks are also interpreted as arrays of bytes.

SOURCE: FIPS 197

block cipher

A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm, the length of the input block is the same as the length of the output block.

SOURCE: SP 800-90

block cipher algorithm

A family of functions and their inverses that is parameterized by a cryptographic key; the function maps bit strings of a fixed length to bit strings of the same length.

SOURCE: SP 800-67

blue team

1. The group responsible for defending an enterprise's use of information systems by maintaining its security posture against a group of mock attackers (i.e., the Red Team). Typically the Blue Team and its supporters must defend against real or simulated attacks 1) over a significant period of time, 2) in a representative operational context (e.g., as part of an operational exercise), and 3) according to rules established and monitored with the help of a neutral group refereeing the simulation or exercise (i.e., the White Team).

2. The term Blue Team is also used for defining a group of individuals that conduct operational network vulnerability evaluations and provide mitigation techniques to customers who have a need for an independent technical review of their network security posture. The Blue Team identifies security threats and risks in the operating environment, and in cooperation with the customer, analyzes the network environment and its current state of security readiness. Based on the Blue Team findings and expertise, they provide recommendations that integrate into an overall community security solution to increase the customer's cyber security readiness posture. Often times a Blue Team is employed by itself or prior to a Red Team employment to ensure that the customer's networks are as secure as possible before having the Red Team test the systems.

SOURCE: CNSSI-4009

boarding process

Includes all the activities involved in converting a Federation member candidate into an official Federation member. It includes an assessment to verify all applicable agreements and rules have been complied with (or waived), acceptance testing to ensure interface specification compliance, change control board (CCB) approval of member system integration, and CCB recommendation of the member candidate's request for a production E-GCA certificate.

body of evidence (BoE)

The set of data that documents the information system's adherence to the security controls applied. The BoE will include a Requirements Verification Traceability Matrix (RVTM) delineating where the selected security controls are met and evidence to that fact can be found. The BoE content required by an Authorizing Official will be adjusted according to the impact levels selected.

SOURCE: CNSSI-4009

boot sector virus

A virus that plants itself in a system's boot sector and infects the master boot record.

SOURCE: SP 800-61

bootstrap

See discovery bootstrap.

boundary

Physical or logical perimeter of a system.

SOURCE: CNSSI-4009

boundary protection

Monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communication, through the use of boundary protection devices (e.g., proxies, gateways, routers, firewalls, guards, encrypted tunnels).

SOURCE: SP 800-53; SP 800-53A

Monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications, through the use of boundary protection devices (e.g., proxies, gateways, routers, firewalls, guards, encrypted tunnels).

SOURCE: CNSSI-4009

boundary protection device

A device with appropriate mechanisms that: (i) facilitates the adjudication of different interconnected system security policies (e.g., controlling the flow of information into or out of an interconnected system); and/or (ii) monitors and controls communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications. Boundary protection devices include such components as proxies, gateways, routers, firewalls, guards, and encrypted tunnels.

SOURCE: SP 800-53A

A device with appropriate mechanisms that: (i) facilitates the adjudication of different interconnected system security policies (e.g., controlling the flow of information into or out of an interconnected system); and/or (ii) provides information system boundary protection.

SOURCE: SP 800-53

A device with appropriate mechanisms that facilitates the adjudication of different security policies for interconnected systems.

SOURCE: CNSSI-4009

boundary router

A boundary router is located at the organization's boundary to an external network.

SOURCE: SP 800-41

brand

See EAP Branded Credential.

See IAEG Branded Credential.

broker group

A broker group is a group of entities which together act as a broker.

broker or broadcatch infomediary

A broker is a reputation server that has added intelligence for some domain. Generally, a broker is capable of adding value to profile and reputation information by collecting, sorting, indexing, matching or otherwise enhancing connections between data. Note: Brokers are built on top of the OpenPrivacy platform and therefore are generally outside the scope its requirements.

A broker is an entity represented by an unanonymous identity that serves to facilitate two or more anonymous identities in an interaction.

browsing

Act of searching through information system storage or active content to locate or acquire information, without necessarily knowing the existence or format of information being sought.

SOURCE: CNSSI-4009

brute force password attack

A method of accessing an obstructed device through attempting multiple combinations of numeric and/or alphanumeric passwords.

SOURCE: SP 800-72

buffer overflow

A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.

SOURCE: SP 800-28; CNSSI-4009

buffer overflow attack

A method of overloading a predefined amount of space in a buffer, which can potentially overwrite and corrupt data in memory.

SOURCE: SP 800-72

bulk encryption

Simultaneous encryption of all channels of a multichannel telecommunications link.

SOURCE: CNSSI-4009

burden of proof

A legal evidentiary principle of evidence that loosely refers to the obligation that proof of a fact that falls on the party who is the proponent of that fact. There are two separate components. First is the production burden, or the obligation to come forward with some evidence in support of a claim in order to avoid dismissal of that claim. Second is the risk of non-persuasion, the obligation to convince the finder of fact (jury or judge) of the fact, by the applicable standard of proof, e.g., preponderance of the evidence, clear and convincing evidence, or proof beyond a reasonable doubt.

business continuity plan (BCP)

The documentation of a predetermined set of instructions or procedures that describe how an organization's business functions will be sustained during and after a significant disruption.

SOURCE: SP 800-34; CNSSI-4009

business impact analysis (BIA)

An analysis of an information technology (IT) system's requirements, processes, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption.

SOURCE: SP 800-34

An analysis of an enterprise's requirements, processes, and interdependencies used to characterize information system contingency requirements and priorities in the event of a significant disruption.

SOURCE: CNSSI-4009

business recovery-resumption plan (BRP)

The documentation of a predetermined set of instructions or procedures that describe how business processes will be restored after a significant disruption has occurred.

SOURCE: SP 800-34

business rules

Core E-Authentication Federation principles (i.e., interoperability, auditing, and privacy) that RPs and CSPs must comply with.

business transaction

Business Transaction refers to the functionality of an Agency Application that was the basis of that applications Risk Assessment.

CA certificate

A certificate issued by one CA to another CA. CA certificates are issued within a PKI and, to facilitate interoperation, where a new CA is included within a PKI via unilateral or cross-certification.

A data record in digital form containing the public digital signature verification key, belonging to a certification authority (CA), that has been signed by the private signing key of another (certifying) CA.

CA domain

A CA domain consists of as CA and its subjects. Sometimes referred to as a PKI domain.

CA system

The collection of the information technology components (including one or more trustworthy systems), along with the procedures and operations of the CA System, as specified in the CPS.

call back

Procedure for identifying and authenticating a remote information system terminal, whereby the host system disconnects the terminal and reestablishes contact.

SOURCE: CNSSI-4009

canister

Type of protective package used to contain and dispense keying material in punched or printed tape form.

SOURCE: CNSSI-4009

CAP

Credential Assessment Profile.

capture

The method of taking a biometric sample from an end user. [INCITS/M1-040211]

The method of taking a biometric sample from an end user.

SOURCE: FIPS 201

cardholder

An individual possessing an issued PIV Card.

An individual possessing an issued Personal Identity Verification (PIV) card.

SOURCE: FIPS 201

cardspace aka infocard

Microsoft's answer to remembering multiple passwords and other levels of security data. An Identity is represented by an icon representing a (digitally signed) set of claims. These are held in an XML security token called a card (.crd file, encrypted and password-protected). The cards can be "self-issued" ('add a card') which you can link to an existing account, or they can be uneditable third-party "Authority issued". The card doesn't hold any credentials, only pointers to them - think of a business-card. The cards are stored on the user's PC, and tell it how to contact each Identity provider to get an Identity token each time one is needed (usually initiated by a web-browser) and what it will look like (Kerberos, SAML, X.509, etc), using WS-Security protocols to deliver the different token types. You can export one or more cards from the Cardspace client and then import them into another client, email them or put them onto a USB key or mobile device. Also see MS-Passport.

cascading

Downward flow of information through a range of security levels greater than the accreditation range of a system, network, or component.

SOURCE: CNSSI-4009

category

Restrictive label applied to classified or unclassified information to limit access.

SOURCE: CNSSI-4009

CBC/MAC

SEE Cipher Block Chaining-Message Authentication Code.

CCM

SEE Counter with Cipher-Block Chaining-Message Authentication Code.

central office of record (COR)

Office of a federal department or agency that keeps records of accountable COMSEC material held by elements subject to its oversight

SOURCE: CNSSI-4009

central services note (CSN)

The Key Management Infrastructure core node that provides central security management and data management services.

SOURCE: CNSSI-4009

certificate

Security accreditation is the official management decision given by a senior Agency official to authorize operation of an information System.

an electronic "˜document' based on the International Telecommunications Union (ITU) X.509 (1988) standard consisting of a public/private key pair; their usage is governed by a Policy and a Practice Statement. They can be used for verification, encryption and digital signing. A digital certificate can also serve as an electronic notary seal (stamp). A certificate contains a digital signature, verified by another certificate - this creates a chain of certificates that ends with the 'root' certificate (which is self-signed); the owner of the root certificate is called the Root CA.

A set of security-relevant data issued by a security authority or a trusted third party, together with security information which is used to provide the integrity and data origin authentication services for the data.

1. A Public Key Certificate is a message that at least:

i. identifies the certification authority issuing it,

ii. names or identifies its subscriber,

iii. contains the subscriber's public key,

iv. identifies its operational period, and

v. is digitally signed by the certification authority issuing it.

2. A data record in digital form that at a minimum names the subscriber that is the subject of that certificate, contains the public key of that subscriber that corresponds to the subscriber's private key, names the CA issuing the certificate, is digitally signed by the private key of the issuing CA, contains a serial number unique to that certificate, and specifies the certificate's operational period.

A set of security-relevant data issued by a security authority or a trusted third party, together with security information which is used to provide the integrity and data origin authentication services for the data.

A set of security-relevant data issued by a security authority or a trusted third party, that, together with security information, is used to provide the integrity and data origin authentication services for the data.

A set of security-relevant data issued by a security authority or a trusted third party, together with security information which is used to provide the integrity and data origin authentication services for the data.

A certificate is a public key that has been encrypted by a certificate authority (CA). Since the CA's public key is well known, anyone can decrypt the certificate to find the original public key.

Since the CA's business is to verify that a given public key was generated by the user it purportedly comes from, public keys signed by the CA can be trusted to really belong to their stated owner.

Certificates are useful for signature verification (a document is encrypted by the user's private key, and this is verified using the user's certificate) and authentication (a user is asked to encrypt something, and if the user's certificate can decrypt it, then the user must have possessed the matching private key).

A digital representation of information which at least

1) identifies the certification authority issuing it,

2) names or identifies its subscriber,

3) contains the subscriber's public key,

4) identifies its operational period, and

5) is digitally signed by the certification authority issuing it.

SOURCE: SP 800-32

A set of data that uniquely identifies an entity, contains the entity's public key and possibly other information, and is digitally signed by a trusted party, thereby binding the public key to the entity. Additional information in the certificate could specify how the key is used and its cryptoperiod.

SOURCE: SP 800-21

A digitally signed representation of information that 1) identifies the authority issuing it, 2) identifies the subscriber, 3) identifies its valid operational period (date issued / expiration date). In the information assurance (IA) community, certificate usually implies public key certificate and can have the following types:

cross certificate "“ a certificate issued from a CA that signs the public key of another CA not within its trust hierarchy that establishes a trust relationship between the two CAs.

encryption certificate "“ a certificate containing a public key that can encrypt or decrypt electronic messages, files, documents, or data transmissions, or establish or exchange a session key for these same purposes. Key management sometimes refers to the process of storing, protecting, and escrowing the private component of the key pair associated with the encryption certificate.

identity certificate "“ a certificate that provides authentication of the identity claimed. Within the National Security Systems (NSS) PKI, identity certificates may be used only for authentication or may be used for both authentication and digital signatures.

SOURCE: CNSSI-4009

A set of data that uniquely identifies a key pair and an owner that is authorized to use the key pair. The certificate contains the owner's public key and possibly other information, and is digitally signed by a Certification Authority (i.e., a trusted party), thereby binding the public key to the owner.

SOURCE: FIPS 186

certificate authority (CA)

certification authority

The issuer of a public/private key pair belonging to one identity.

A person who issues a certificate.

An entity responsible for registering and issuing, revoking and generally managing certificates.

An authority trusted by one or more users to create and issue certificates.

An authority trusted by one or more users to create and assign certificates. Optionally, the CA may generate end-user subscribers' keys.

A certificate authority is an organization whose public key is very well known, whose private key is very well protected, and whose business function is to encrypt the public keys belonging to users and systems with its own private key and to publish the resulting encrypted public keys ().

certificate management

Process whereby certificates (as defined above) are generated, stored, protected, transferred, loaded, used, and destroyed.

SOURCE: CNSSI-4009

certificate management authority

A PKI component that performs back-end functions on behalf of a CA, consisting of processes whereby certificates are generated, stored, protected, transferred, loaded, used and destroyed.

A Certification Authority (CA) or a Registration Authority (RA).

SOURCE: SP 800-32

certificate policy (CP)

A named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements.

A Certificate Policy is a specialized form of administrative policy tuned to electronic transactions performed during certificate management. A Certificate Policy addresses all aspects associated with the generation, production, distribution, accounting, compromise recovery, and administration of digital certificates. Indirectly, a certificate policy can also govern the transactions conducted using a communications system protected by a certificate-based security system. By controlling critical certificate extensions, such policies and associated enforcement technology can support provision of the security services required by particular applications.

SOURCE: SP 800-32

A specialized form of administrative policy tuned to electronic transactions performed during certificate management. A Certificate Policy addresses all aspects associated with the generation, production, distribution, accounting, compromise recovery, and administration of digital certificates. Indirectly, a certificate policy can also govern the transactions conducted using a communications system protected by a certificate-based security system. By controlling critical certificate extensions, such policies and associated enforcement technology can support provision of the security services required by particular applications.

SOURCE: CNSSI-4009

certificate-related information

Information, such as a subscriber's postal address, that is not included in a certificate. May be used by a Certification Authority (CA) managing certificates.

SOURCE: SP 800-32

Data, such as a subscriber's postal address that is not included in a certificate. May be used by a Certification Authority (CA) managing certificates.

SOURCE: CNSSI-4009

certificate revocation list (CRL)

The published list of revoked certificates from the CA.

A list of revoked certificates, which is digitally signed and made available by the CA to relying parties.

A list of revoked public key certificates created and digitally signed by a Certification Authority. [RFC 3280]

A list of revoked public key certificates created and digitally signed by a Certification Authority.

SOURCE: SP 800-63; FIPS 201

A list of revoked but un-expired certificates issued by a CA.

SOURCE: SP 800-21

A list of revoked public key certificates created and digitally signed by a Certification Authority.

SOURCE: CNSSI-4009

certificate status authority

A trusted entity that provides online verification to a Relying Party of a subject certificate's trustworthiness, and may also provide additional attribute information for the subject certificate.

SOURCE: SP 800-32; CNSSI-4009

certificate verification service (CVS)

The process used to verify a Digital Certificate via the CA.

certification analyst

The independent technical liaison for all stakeholders involved in the C&A process responsible for objectively and independently evaluating a system as part of the risk management process. Based on the security requirements documented in the security plan, performs a technical and non-technical review of potential vulnerabilities in the system and determines if the security controls (management, operational, and technical) are correctly implemented and effective.

SOURCE: CNSSI-4009

certification and accreditation (C&A)

A comprehensive assessment of the management, operational, and technical security controls in an information system, made in support of security accreditation, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. Accreditation is the official management decision given by a senior agency official to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls.

SOURCE: SP 800-37

certification authority

A trusted entity that issues and revokes public key certificates.

SOURCE: FIPS 201

The entity in a public key infrastructure (PKI) that is responsible for issuing certificates and exacting compliance to a PKI policy.

SOURCE: SP 800-21; FIPS 186

1. For Certification and Accreditation (C&A) (C&A Assessment): Official responsible for performing the comprehensive evaluation of the security features of an information system and determining the degree to which it meets its security requirements

2. For Public Key Infrastructure (PKI): A trusted third party that issues digital certificates and verifies the identity of the holder of the digital certificate.

SOURCE: CNSSI-4009

certification authority certificate

A certificate that lists a certification authority as subscriber and contains a public key corresponding to a private key used by the subject certification authority to digitally sign certificates and certificate status information.

certification authority facility

The collection of equipment, personnel, procedures and structures that are used by a Certification Authority to perform certificate issuance and revocation.

SOURCE: SP 800-32

certification authority software

The cryptographic software required to manage the keys of End-Entities.

certification authority workstation (CAW)

Commercial off-the-shelf (COTS) workstation with a trusted operating system and special-purpose application software that is used to issue certificates.

SOURCE: CNSSI-4009

certification body

An organization which has been deemed competent to perform assessments of a particular type. Such assessments may be formal evaluations or testing and be based upon some defined set of standards or other criteria.

certification package

Product of the certification effort documenting the detailed results of the certification activities.

SOURCE: CNSSI-4009

certification path

An ordered sequence of certificates which, together with the public key of the initial object in the path, can be processed to obtain via a chaining of signature key bindings.

certification practice statement (CPS)

A statement of the practices that a certification authority employs in issuing certificates.

A statement of the practices that a Certification Authority employs in issuing, suspending, revoking, and renewing certificates and providing access to them, in accordance with specific requirements (i.e., requirements specified in this Certificate Policy, or requirements specified in a contract for services).

SOURCE: SP 800-32; CNSSI-4009

certification/certify

The EAP's affirmation that a particular credential service provider can provide a particular credential service at a particular assurance level.

The ARB's affirmation that a particular credential service provider can provide a particular credential service at a particular assurance level based on a certification report from an accredited assessor.

The IAEG's affirmation that a particular credential service provider can provide a particular credential service at a particular assurance level.

See Approve.

The process of verifying the correctness of a statement or claim and issuing a certificate as to its correctness.

A comprehensive assessment of the management, operational, and technical security controls in an information system, made in support of security accreditation, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.

SOURCE: FIPS 200

The process of verifying the correctness of a statement or claim and issuing a certificate as to its correctness.

SOURCE: FIPS 201

Comprehensive evaluation of the technical and nontechnical security safeguards of an information system to support the accreditation process that establishes the extent to which a particular design and implementation meets a set of specified security requirements. See security control assessment.

SOURCE: CNSSI-4009

certification test and evaluation (CT&E)

Software and hardware security tests conducted during development of an information system.

SOURCE: CNSSI-4009

certified service

An electronic trust service which has been assessed by an EAP recognized certification body and found to be compliant with the applicable SACs.

An electronic trust service which has been assessed by a Kantara-accredited assessor and found to be compliant with the applicable SACs.

An electronic trust service which has been assessed by an IAEG-recognized certification body and found to be compliant with the applicable SACs.

certified TEMPEST technical authority (CTTA)

An experienced, technically qualified U.S. Government employee who has met established certification requirements in accordance with CNSS-approved criteria and has been appointed by a U.S. Government Department or Agency to fulfill CTTA responsibilities.

SOURCE: CNSSI-4009

certifier

Individual responsible for making a technical judgment of the system's compliance with stated requirements, identifying and assessing the risks associated with operating the system, coordinating the certification activities, and consolidating the final certification and accreditation packages.

SOURCE: CNSSI-4009

chain of custody

A set of procedure(s)/document(s) to account for the Integrity of an object by tracking its handling and storage from point of instantiation through the current or final disposition of the object.

A process that tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle by documenting each person who handled the evidence, the date/time it was collected or transferred, and the purpose for the transfer.

SOURCE: SP 800-72; CNSSI-4009

chain of evidence

A process and record that shows who obtained the evidence; where and when the evidence was obtained; who secured the evidence; and who had control or possession of the evidence. The "sequencing" of the chain of evidence follows this order: collection and identification; analysis; storage; preservation; presentation in court; return to owner.

SOURCE: CNSSI-4009

challenge and reply authentication

Prearranged procedure in which a subject requests authentication of another and the latter establishes validity with a correct reply.

SOURCE: CNSSI-4009

challenge/response authentication

Often used as a backup for passwords, challenge/response authentication is where users are asked to answer a series of personal questions where no-one else is likely to know the answer. While individual personal questions may be poor forms of authentication, correct answers to a whole series of such questions may be sufficiently robust to be used as an authentication factor.

challenge-response protocol

An authentication protocol where the verifier sends the claimant a challenge (usually a random value or a nonce) that the claimant combines with a shared secret (often by hashing the challenge and secret together) to generate a response that is sent to the verifier. The verifier knows the shared secret and can independently compute the response and compare it with the response generated by the claimant. If the two are the same, the claimant is considered to have successfully authenticated himself. When the shared secret is a cryptographic key, such protocols are generally secure against eavesdroppers. When the shared secret is a password, an eavesdropper does not directly intercept the password itself, but the eavesdropper may be able to find the password with an off-line password guessing attack.

SOURCE: SP 800-63

change request

A change request consists of one or more proposed changes to user profiles, such as creating new profiles, adding new accounts to existing profiles, changing identity attributes, Requests may be subject to authorization before being implemented.

channel

The instance or form of communication between identities and service providers, each with its own set or security processes and risks. Similar to "context" where the circumstances (where, when, how) of an authentication can influence its assurance level. For example; face-to-face, proxy/representative, legal documents, telephone, mail, on-line network, email, FTP, internet, world wide web, unusual location, unusual time of day.

characteristic

A characteristic of an entity is an attribute specific to a particular context.

check word

Cipher text generated by cryptographic logic to detect failures in cryptography.

SOURCE: CNSSI-4009

checkin/checkout

Password disclosure may be limited, in the sense that a password is regularly changed, and only a limited number of users are allowed to have access to the current password value at any given time.

For example, only a single person might be granted administrative privileges (via disclosure of an administrator password) to a given system at once.

A checkin/checkout process is one where a user "checks out" a password, much like a library book, and "checks it back in" when finished. The password may be changed at checkin time.

checksum

Value computed on data to detect error or manipulation.

SOURCE: CNSSI-4009

chief information officer (CIO)

Agency official responsible for:

1) Providing advice and other assistance to the head of the executive agency and other senior management personnel of the agency to ensure that information technology is acquired and information resources are managed in a manner that is consistent with laws, Executive Orders, directives, policies, regulations, and priorities established by the head of the agency;

2) Developing, maintaining, and facilitating the implementation of a sound and integrated information technology architecture for the agency; and

3) Promoting the effective and efficient design and operation of all major information resources management processes for the agency, including improvements to work processes of the agency.

SOURCE: SP 800-53; FIPS 200; Public Law 104-106, Sec. 5125(b)

Agency official responsible for: 1) providing advice and other assistance to the head of the executive agency and other senior management personnel of the agency to ensure that information systems are acquired and information resources are managed in a manner that is consistent with laws, Executive Orders, directives, policies, regulations, and priorities established by the head of the agency; 2) developing, maintaining, and facilitating the implementation of a sound and integrated information system architecture for the agency; and 3) promoting the effective and efficient design and operation of all major information resources management processes for the agency, including improvements to work processes of the agency.

Note: Organizations subordinate to federal agencies may use the term Chief Information Officer to denote individuals filling positions with similar security responsibilities to agency-level Chief Information Officers.

SOURCE: CNSSI-4009

chief information security officer (CISO)

SEE Senior Agency Information Security Officer.

choice-based

Case in which end users have a clear choice in whether to participate in an IdM federation and over the degree of Authentication reflecting the level of sensitivity of their transaction.

cipher

Series of transformations that converts plaintext to ciphertext using the Cipher Key.

SOURCE: FIPS 197

Any cryptographic system in which arbitrary symbols or groups of symbols, represent units of plain text, or in which units of plain text are rearranged, or both.

SOURCE: CNSSI-4009

cipher block chaining-message authentication code (CBC-MAC)

A secret-key block-cipher algorithm used to encrypt data and to generate a Message Authentication Code (MAC) to provide assurance that the payload and the associated data are authentic.

SOURCE: SP 800-38C

cipher suite

Negotiated algorithm identifiers. Cipher suites are identified in human-readable form using a pneumonic code.

SOURCE: SP 800-52

cipher text auto-key (CTAK)

Cryptographic logic that uses previous cipher text to generate a key stream.

SOURCE: CNSSI-4009

ciphertext

Data output from the Cipher or input to the Inverse Cipher.

SOURCE: FIPS 197

Data in its enciphered form.

SOURCE: SP 800-56B

ciphertext/cipher text

Data in its encrypted form.

SOURCE: SP 800-21; SP 800-57; CNSSI-4009

ciphony

Process of enciphering audio information, resulting in encrypted speech.

SOURCE: CNSSI-4009

circle of trust (CoT)

i. A set of criteria established for joining organizations within a federation for the purposes of trusted access to each other's resources

ii. Federation of service providers and identity providers that have business relationships based on Liberty architecture, and operational agreements, with whom users can

transact business in a secure and seamless environment.

A federation of service providers and identity providers that have business relationships based on Liberty architecture and operational agreements and with whom users can transact business in a secure and apparently seamless environment. Also known as a Trust Circle.

CISO

SEE Senior Agency Information Security Officer.

civil law regime

The legal tradition of jurisdictions that base fundamental legal principles primarily upon statutory codes such as the Code NapolÃ©on.

claim authentication information

Information used by a claimant to generate exchange AI needed to authenticate a principal.

claim(s)

An assertion made by a Claimant of the value or values of one or more Identity Attributes of a Digital Subject, typically an assertion which is disputed or in doubt.

an assertion made by one subject about itself or another subject that a relying party considers to be "in doubt" until it passes "Claims Approval"

An assertion made by a claimant of the value or values of one or more identity attributes of a digital subject, typically an assertion which is disputed or in doubt.

An assertion made by a Claimant of the value or values of one or more Identity. Attributes of a Digital Subject, typically an assertion which is disputed or in doubt.

An assertion made by a Claimant of the value or values of one or more Identity Attributes of a Digital Subject, typically an assertion which is disputed or in doubt.

An assertion made by a person with respect to one or more identity attributes of a Subject, which assertion typically is disputed or in doubt.

An assertion made by a Claimant of the value or values of one or more Identity Attributes of a Digital Subject, typically an assertion which is disputed or in doubt.

To state as being the case, without being able to give proof.

claimant

A Digital Subject representing a Party that makes a Claim

A digital subject representing a party that makes a claim.

i. An entity which is or represents a principal for the purposes of authentication. A claimant includes the functions necessary for engaging in authentication exchanges on behalf of a principal.

ii. A Digital Subject representing a Party that makes a Claim.

A party whose identity is to be verified.

A Digital Subject representing a Party that makes a Claim.

A party whose identity is to be verified.

An entity which is or represents a principal for the purposes of authentication. A claimant includes the functions necessary for engaging in authentication exchanges on behalf of a principal.

An entity that is or represents a principal for the purposes of authentication.

An entity which is or represents a principal for the purposes of authentication. A claimant includes the functions necessary for engaging in authentication exchanges on behalf of a principal.

A party whose identity is to be verified using an authentication protocol.

SOURCE: SP 800-63; FIPS 201

An entity which is or represents a principal for the purposes of authentication, together with the functions involved in an authentication exchange on behalf of that entity. A claimant acting on behalf of a principal must include the functions necessary for engaging in an authentication exchange. (e.g., a smartcard [claimant] can act on behalf of a human user [principal])

SOURCE: FIPS 196

An entity (user, device or process) whose assertion is to be verified using an authentication protocol.

SOURCE: CNSSI-4009

claims approval

The process of evaluating a set of claims associated with a security presentation to produce claims trusted in a specific environment so it can used for automated decision making and/or mapped to an application specific identifier.

claims provider

An individual, organization or service that:

1. registers subjects and associates them with primordial claims, with the goal of subsequently exchanging their primordial claims for a set of substantive claims about the subject that can be presented at a relying party; or

2. interprets one set of substantive claims and produces a second set (this specialization of a claims provider is called a claims transformer). A claims set produced by a claims provider is not a primordial claim.

claims selector

A software component that gives the user control over the production and release of sets of claims issued by claims providers.

claims transformer

A claims provider that produces one set of substantive claims from another set.

classified information

Information that has been determined pursuant to Executive Order (E.O.) 13292 or any predecessor order to require protection against unauthorized disclosure and is marked to indicate its classified status when in documentary form.

SOURCE: SP 800-60; E.O. 13292

See classified national security information.

SOURCE: SP 800-53; CNSSI-4009

classified information spillage

Security incident that occurs whenever classified data is spilled either onto an unclassified information system or to an information system with a lower level of classification.

SOURCE: CNSSI-4009

classified national security information

Information that has been determined pursuant to Executive Order 13526 or any predecessor order to require protection against unauthorized disclosure and is marked to indicate its classified status when in documentary form.

SOURCE: CNSSI-4009

clear

To use software or hardware products to overwrite storage space on the media with nonsensitive data. This process may include overwriting not only the logical storage location of a file(s) (e.g., file allocation table) but also may include all addressable locations. See comments on clear/purge convergence.

SOURCE: 800-88

clear text

Information that is not encrypted.

SOURCE: SP 800-82

clearance

Formal certification of authorization to have access to classified information other than that protected in a special access program (including SCI). Clearances are of three types: confidential, secret, and top secret. A top secret clearance permits access to top secret, secret, and confidential material; a secret clearance, to secret and confidential material; and a confidential clearance, to confidential material.

SOURCE: CNSSI-4009

clearing

Removal of data from an information system, its storage devices, and other peripheral devices with storage capacity, in such a way that the data may not be reconstructed using common system capabilities (i.e., through the keyboard); however, the data may be reconstructed using laboratory methods.

SOURCE: CNSSI-4009

clickwrap consent

In a legal context, the technique of giving approval or consent to an agreement presented online with opportunity to review it, by a mouseclick on a button stating "I Agree" or words to that effect.

client

A role assumed by a system entity who makes a request of another system entity, often termed a server [RFC2828]. A client is at varying times a sender or a receiver.

Individual or process acting on behalf of an individual who makes requests of a guard or dedicated server. The client's requests to the guard or dedicated server can involve data transfer to, from, or through the guard or dedicated server.

SOURCE: CNSSI-4009

client (application)

A system entity, usually a computer process acting on behalf of a human user, that makes use of a service provided by a server.

SOURCE: SP 800-32

client device

A client device is a networked entity which a user employs to access resources on the network. A client device has at least one identity (e.g. an IP address) separate from it's users' identities. A client device's identities can be anonymous or not. A client device is not a legal entity, but the identities of the client device is sometimes used to represent a legal entity (which is usually a bad idea because the device then cannot be shared). A client device can also act as a server, so long as it has at least one unanonymous identity on-line. Examples of client devices are PC's, laptop computers, wireless PDA's, phones, Blackberries.

Clinger-Cohen Act of 1996

Also known as Information Technology Management Reform Act. A statute that substantially revised the way that IT resources are managed and procured, including a requirement that each agency design and implement a process for maximizing the value and assessing and managing the risks of IT investments.

SOURCE: SP 800-64

closed security environment

Environment providing sufficient assurance that applications and equipment are protected against the introduction of malicious logic during an information system life cycle. Closed security is based upon a system's developers, operators, and maintenance personnel having sufficient clearances, authorization, and configuration control.

SOURCE: CNSSI-4009

closed storate

Storage of classified information within an accredited facility, in General Services Administration-approved secure containers, while the facility is unoccupied by authorized personnel.

SOURCE: CNSSI-4009

cloud computing

A model for enabling on-demand network access to a shared pool of configurable IT capabilities/ resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. It allows users to access technology-based services from the network cloud without knowledge of, expertise with, or control over the technology infrastructure that supports them. This cloud model is composed of five essential characteristics (on-demand self-service, ubiquitous network access, location independent resource pooling, rapid elasticity, and measured service); three service delivery models (Cloud Software as a Service [SaaS], Cloud Platform as a Service [PaaS], and Cloud Infrastructure as a Service [IaaS]); and four models for enterprise access (Private cloud, Community cloud, Public cloud, and Hybrid cloud).

Note: Both the user's data and essential security services may reside in and be managed within the network cloud.

SOURCE: CNSSI-4009

coarse-grained user provisioning

Coarse grained user provisioning is a process where new accounts are created for new users, with basic entitlements rather than all of the required entitlements.

This may be easier to automate and faster to deploy, but requires further, manual intervention before a new user can be fully productive.

code

System of communication in which arbitrary groups of letters, numbers, or symbols represent units of plain text of varying length.

SOURCE: CNSSI-4009

code book

Document containing plain text and code equivalents in a systematic arrangement, or a technique of machine encryption using a word substitution technique.

SOURCE: CNSSI-4009

code group

Group of letters, numbers, or both in a code system used to represent a plain text word, phrase, or sentence.

SOURCE: CNSSI-4009

code vocabulary

Set of plain text words, numerals, phrases, or sentences for which code equivalents are assigned in a code system.

SOURCE: CNSSI-4009

cold site

Backup site that can be up and operational in a relatively short time span, such as a day or two. Provision of services, such as telephone lines and power, is taken care of, and the basic office furniture might be in place, but there is unlikely to be any computer equipment, even though the building might well have a network infrastructure and a room ready to act as a server room. In most cases, cold sites provide the physical location and basic services.

SOURCE: CNSSI-4009

A backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event that the user has to move from their main computing location to an alternate site.

SOURCE: SP 800-34

cold start

Procedure for initially keying crypto-equipment.

SOURCE: CNSSI-4009

collision

Two or more distinct inputs produce the same output.

SOURCE: CNSSI-4009

command authority

Individual responsible for the appointment of user representatives for a department, agency, or organization and their key ordering privileges.

SOURCE: CNSSI-4009

commercial COMSEC evaluation program (CCEP)

Relationship between NSA and industry in which NSA provides the COMSEC expertise (i.e., standards, algorithms, evaluations, and guidance) and industry provides design, development, and production capabilities to produce a type 1 or type 2 product. Products developed under the CCEP may include modules, subsystems, equipment, systems, and ancillary devices.

commodity service

An information system service (e.g., telecommunications service) provided by a commercial service provider typically to a large and diverse set of consumers. The organization acquiring and/or receiving the commodity service possesses limited visibility into the management structure and operations of the provider, and while the organization may be able to negotiate service-level agreements, the organization is typically not in a position to require that the provider implement specific security controls.

SOURCE: SP 800-53

common access card (CAC)

Standard identification/smart card issued by the Department of Defense that has an embedded integrated chip storing public key infrastructure (PKI) certificates.

SOURCE: CNSSI-4009

common carrier

In a telecommunications context, a telecommunications company that holds itself out to the public for hire to provide communications transmission services. Note: In the United States, such companies are usually subject to regulation by federal and state regulatory commissions.

SOURCE: SP 800-53

common control

A security control that is inherited by one or more organizational information systems. See Security Control Inheritance.

SOURCE: SP 800-53; CNSSI-4009

common criteria

Governing document that provides a comprehensive, rigorous method for specifying security function and assurance requirements for products and systems.

SOURCE: CNSSI-4009

common fill device

One of a family of devices developed to read-in, transfer, or store key.

SOURCE: CNSSI-4009

common law regime

The legal tradition of Anglo-American jurisdictions that accumulates legal principles primarily in reaction to actual cases that are used as precedent in future cases, supplemented by statutes.

common security control

Security control that can be applied to one or more agency information systems and has the following properties:

1) the development, implementation, and assessment of the control can be assigned to a responsible official or organizational element (other than the information system owner); and

2) the results from the assessment of the control can be used to support the security certification and accreditation processes of an agency information system where that control has been applied.

SOURCE: SP 800-53A

common vulnerabilities and exposures (CVE)

A dictionary of common names for publicly known information system vulnerabilities.

SOURCE: SP 800-51; CNSSI-4009

communication standards

The procedures and protocols for transmitting requests form Relying Party to Credential Service Provider, as contemplated in Section 2.2 of this Agreement, as described in Schedule C to this Agreement.

communications cover

Concealing or altering of characteristic communications patterns to hide information that could be of value to an adversary.

SOURCE: CNSSI-4009

communications deception

Deliberate transmission, retransmission, or alteration of communications to mislead an adversary's interpretation of the communications.

SOURCE: CNSSI-4009

communications profile

Analytic model of communications associated with an organization or activity. The model is prepared from a systematic examination of communications content and patterns, the functions they reflect, and the communications security measures applied.

SOURCE: CNSSI-4009

communications security (COMSEC)

A component of Information Assurance that deals with measures and controls taken to deny unauthorized persons information derived from telecommunications and to ensure the authenticity of such telecommunications. COMSEC includes crypto security, transmission security, emissions security, and physical security of COMSEC material.

SOURCE: CNSSI-4009

community of interest (COI)

A collaborative group of users who exchange information in pursuit of their shared goals, interests, missions, or business processes, and who therefore must have a shared vocabulary for the information they exchange. The group exchanges information within and between systems to include security domains.

SOURCE: CNSSI-4009

community risk

Probability that a particular vulnerability will be exploited within an interacting population and adversely impact some members of that population.

SOURCE: CNSSI-4009

comparison

The process of comparing a biometric with a previously stored reference. See also "Identification" and "Identity Verification". [INCITS/M1-040211]

The process of comparing a biometric with a previously stored reference.

SOURCE: FIPS 201

compartmentalization

A nonhierarchical grouping of sensitive information used to control access to data more finely than with hierarchical security classification alone.

SOURCE: CNSSI-4009

compartmented mode

Mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following: (1) valid security clearance for the most restricted information processed in the system; (2) formal access approval and signed nondisclosure agreements for that information which a user is to have access; and (3) valid need-to-know for information which a user is to have access.

SOURCE: CNSSI-4009

compatible

Two Federation Members are considered Compatible if:

1. the CS has an equal or higher Assurance Level than the RP,

2. the CS is willing and able to provide all optional attributes required by the RP,

3. and the Federation Members are currently using the same interface specification version.

compensating security control

A management, operational, and/or technical control (i.e., safeguard or countermeasure) employed by an organization in lieu of a recommended security control in the low, moderate, or high baselines that provides equivalent or comparable protection for an information system.

SOURCE: CNSSI-4009

compensating security controls

The management, operational, and technical controls (i.e., safeguards or countermeasures) employed by an organization in lieu of the recommended controls in the low, moderate, or high baselines described in NIST Special Publication 800-53, that provide equivalent or comparable protection for an information system.

SOURCE: SP 800-53; SP 800-53A

competent authority

An agent responsible, within the legal jurisdiction, for:

Issuing licenses, setting minimum CP requirements and giving formal recognition to standards, authorization, regulations or other government or legal recognition to open community CAs as managed by the respective CA Policy Authorities and Operational Authorities.

complexity rules

Password complexity rules are those parts of a password policy designed to ensure that users choose hard-to-guess passwords. Examples are requirements to use long passwords, to use mixed case or to avoid dictionary words.

component

An element of a large system, such as an identity card, PIV Issuer, PIV Registrar, card reader, or identity verification support, within the PIV system.

compromise

Disclosure of information to unauthorized persons or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.

Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.

SOURCE: SP 800-32

The unauthorized disclosure, modification, substitution, or use of sensitive data (including plaintext cryptographic keys and other CSPs).

SOURCE: FIPS 140-2

Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.

SOURCE: CNSSI-4009

compromising emanations

Unintentional signals that, if intercepted and analyzed, would disclose the information transmitted, received, handled, or otherwise processed by information systems equipment. See TEMPEST.

SOURCE: CNSSI-4009

computer abuse

Intentional or reckless misuse, alteration, disruption, or destruction of information processing resources.

SOURCE: CNSSI-4009

computer cryptography

Use of a crypto-algorithm program by a computer to authenticate or encrypt/decrypt information.

SOURCE: CNSSI-4009

computer forensics

The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.

SOURCE: SP 800-61; CNSSI-4009

computer incident response team (CIRT)

Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery resulting from computer security incidents. Also called a Computer Security Incident Response Team (CSIRT) or a CIRC (Computer Incident Response Center, Computer Incident Response Capability, or Cyber Incident Response Team).

SOURCE: CNSSI-4009

computer network attack (CAN)

Actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.

SOURCE: CNSSI-4009

computer network defense (CND)

Actions taken to defend against unauthorized activity within computer networks. CND includes monitoring, detection, analysis (such as trend and pattern analysis), and response and restoration activities.

SOURCE: CNSSI-4009

computer network exploitation (CNE)

Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary information systems or networks.

SOURCE: CNSSI-4009

computer network operations (CNO)

Comprised of computer network attack, computer network defense, and related computer network exploitation enabling operations.

SOURCE: CNSSI-4009

computer security (COMPUSEC)

Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware, and information being processed, stored, and communicated.

Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed, stored, and communicated.

SOURCE: CNSSI-4009

computer security incident

A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.

SOURCE: SP 800-61

See Incident.

SOURCE: CNSSI-4009

computer security incident response team (CSIRT)

A capability set up for the purpose of assisting in responding to computer security-related incidents; also called a Computer Incident Response Team (CIRT) or a CIRC (Computer Incident Response Center, Computer Incident Response Capability).

SOURCE: SP 800-61

computer security object (CSO)

A resource, tool, or mechanism used to maintain a condition of security in a computerized environment. These objects are defined in terms of attributes they possess, operations they perform or are performed on them, and their relationship with other objects.

SOURCE: FIPS 188; CNSSI-4009

computer security objects register

A collection of Computer Security Object names and definitions kept by a registration authority

SOURCE: FIPS 188; CNSSI-4009

computer security subsystem

Hardware/software designed to provide computer security features in a larger system environment.

SOURCE: CNSSI-4009

computer virus

SEE Virus.

computing environment

Workstation or server (host) and its operating system, peripherals, and applications.

SOURCE: CNSSI-4009

COMSEC

Communications Security.

SOURCE: CNSSI-4009

COMSEC account

Administrative entity, identified by an account number, used to maintain accountability, custody, and control of COMSEC material.

SOURCE: CNSSI-4009

COMSEC account audit

Examination of the holdings, records, and procedures of a COMSEC account ensuring all accountable COMSEC material is properly handled and safeguarded.

SOURCE: CNSSI-4009

COMSEC aid

COMSEC material that assists in securing telecommunications and is required in the production, operation, or maintenance of COMSEC systems and their components. COMSEC keying material, callsign/frequency systems, and supporting documentation, such as operating and maintenance manuals, are examples of COMSEC aids.

SOURCE: CNSSI-4009

COMSEC assembly

Group of parts, elements, subassemblies, or circuits that are removable items of COMSEC equipment.

SOURCE: CNSSI-4009

COMSEC boundary

Definable perimeter encompassing all hardware, firmware, and software components performing critical COMSEC functions, such as key generation, handling, and storage.

SOURCE: CNSSI-4009

COMSEC chip set

Collection of NSA-approved microchips.

SOURCE: CNSSI-4009

COMSEC control program

Computer instructions or routines controlling or affecting the externally performed functions of key generation, key distribution, message encryption/decryption, or authentication.

SOURCE: CNSSI-4009

COMSEC custodian

Individual designated by proper authority to be responsible for the receipt, transfer, accounting, safeguarding, and destruction of COMSEC material assigned to a COMSEC account.

SOURCE: CNSSI-4009

COMSEC demilitarization

Process of preparing COMSEC equipment for disposal by extracting all CCI, classified, or cryptographic (CRYPTO) marked components for their secure destruction, as well as defacing and disposing of the remaining equipment hulk.

SOURCE: CNSSI-4009

COMSEC element

Removable item of COMSEC equipment, assembly, or subassembly; normally consisting of a single piece or group of replaceable parts.

SOURCE: CNSSI-4009

COMSEC end-item

Equipment or combination of components ready for use in a COMSEC application.

SOURCE: CNSSI-4009

COMSEC equipment

Equipment designed to provide security to telecommunications by converting information to a form unintelligible to an unauthorized interceptor and, subsequently, by reconverting such information to its original form for authorized recipients; also, equipment designed specifically to aid in, or as an essential element of, the conversion process. COMSEC equipment includes crypto-equipment, crypto-ancillary equipment, cryptographic production equipment, and authentication equipment.

SOURCE: CNSSI-4009

COMSEC facility

Authorized and approved space used for generating, storing, repairing, or using COMSEC material.

SOURCE: CNSSI-4009

COMSEC incident

Occurrence that potentially jeopardizes the security of COMSEC material or the secure electrical transmission of national security information or information governed by 10 U.S.C. Section 2315.

SOURCE: CNSSI-4009

COMSEC insecurity

COMSEC incident that has been investigated, evaluated, and determined to jeopardize the security of COMSEC material or the secure transmission of information.

SOURCE: CNSSI-4009

COMSEC manager

Individual who manages the COMSEC resources of an organization.

SOURCE: CNSSI-4009

COMSEC material

Item designed to secure or authenticate telecommunications. COMSEC material includes, but is not limited to key, equipment, devices, documents, firmware, or software that embodies or describes cryptographic logic and other items that perform COMSEC functions.

SOURCE: CNSSI-4009

COMSEC material control system (CMCS)

Logistics and accounting system through which COMSEC material marked "CRYPTO" is distributed, controlled, and safeguarded. Included are the COMSEC central offices of record, crypto logistic depots, and COMSEC accounts. COMSEC material other than key may be handled through the CMCS.

SOURCE: CNSSI-4009

COMSEC modification

SEE Information Systems Security Equipment Modification.

SOURCE: CNSSI-4009

COMSEC module

Removable component that performs COMSEC functions in a telecommunications equipment or system.

SOURCE: CNSSI-4009

COMSEC monitoring

Act of listening to, copying, or recording transmissions of one's own official telecommunications to analyze the degree of security.

SOURCE: CNSSI-4009

COMSEC profile

Statement of COMSEC measures and materials used to protect a given operation, system, or organization.

SOURCE: CNSSI-4009

COMSEC survey

Organized collection of COMSEC and communications information relative to a given operation, system, or organization.

SOURCE: CNSSI-4009

COMSEC system data

Information required by a COMSEC equipment or system to enable it to properly handle and control key.

SOURCE: CNSSI-4009

COMSEC training

Teaching of skills relating to COMSEC accounting, use of COMSEC aids, or installation, use, maintenance, and repair of COMSEC equipment.

SOURCE: CNSSI-4009

consept of operations (CONOP)

SEE Security Concept of Operations.

SOURCE: CNSSI-4009

concrete WSDL

A concrete WSDL document (which includes at least the <wsdl:binding>, <wsdl:service>, and <wsdl:port> elements) that contains the protocol endpoint information necessary for a client to communicate with a particular service instance.

confidentiality

System and data Confidentiality refers to the protection of information from unauthorized disclosure. The impact of unauthorized disclosure of confidential information can range from the jeopardizing of national security to the disclosure of Privacy Act data. Unauthorized, unanticipated, or unintentional disclosure could result in loss of public confidence, embarrassment, or legal action against the organization.

Confidentiality refers to the state of keeping the content of information secret from all entities but those authorised to have access to it.

Assurance that information is not disclosed to unauthorized persons, processes, or devices.

The protection of nonpersonal information and data from unauthorized disclosure.

Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.

SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-27; SP 800-60; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542

The property that sensitive information is not disclosed to unauthorized individuals, entities, or processes.

SOURCE: FIPS 140-2

The property that information is not disclosed to system entities (users, processes, devices) unless they have been authorized to access the information.

SOURCE: CNSSI-4009

Preserving authorized restrictions on information access and disclosure to prevent disclosure

to unauthorized individuals, entities or processes, including means for protecting personal

privacy and proprietary information.

configuration control

Process of controlling modifications to hardware, firmware, software, and documentation to ensure that the information system is protected against improper modifications prior to, during, and after system implementation.

SOURCE: SP 800-53

Process of controlling modifications to hardware, firmware, software, and documentation to protect the information system against improper modification prior to, during, and after system implementation.

SOURCE: CNSSI-4009

configuration control board (CCB)

A group of qualified people with responsibility for the process of regulating and approving changes to hardware, firmware, software, and documentation throughout the development and operational life cycle of an information system.

SOURCE: CNSSI-4009

configuration management (CM)

CM is conducted using the two interrelated functions:

"¢ Configuration control

"¢ Baseline management

Configuration control addresses CM policy and procedures, while baseline management is used to record changes over the life cycle.

confinement channel

SEE Covert Channel.

SOURCE: CNSSI-4009

confirm

To ascertain through appropriate inquiry and investigation.

conformance testing

A process established by NIST within its responsibilities of developing, promulgating, and supporting FIPS for testing specific characteristics of components, products, and services, as well as people and organizations for compliance with a FIPS.

connected members

Connected Members are Federation Members that have directly connected their Systems to allow SAML exchanges. Every Member of the Federation is not connected to every other Federation Member, for example CSs are not connected to other CSs, higher Risk AAs are not connected to lower assurance CSs, etc.

connector

An agent or interface that enables changes to Identity data to be collected from trusted sources in near real-time and made available (published or subscribed) to identity directories or other systems. For example; details of a new employee published by the HR application to the Identity repository, for the purpose of provisioning. Some interfaces are termed "agent-less" when they don't use a permanent connection between sources; instead they acquire the most up-to-date identity information only when it is required (ie event-based), usually by prior indexing or schema matching of the sources of the data; this is the way a 'virtual directory' work.

consensus authorization

Approval by consensus is a form of parallel authorization where not all authorizers must respond before a change request is implemented. For example, any two of three authorizers may be sufficient to approve a request.

Consensus authorization is implemented in order to expedite the approvals process and make sure that it is completed even in cases where some authorizers are unavailable to respond.

consent

Provision of opt-in or opt-out agreement for a data controller to collect, transfer, use, store, archive, or dispose (of) particular PII, meaning individual, limited agreement.

Agreement by the individual for the entity to collect, use, and disclose personal information in accordance with the privacy notice. Such agreement can be explicit or implied. Explicit consent is given orally, electronically, or in writing, is unequivocal and does not require any inference on the part of the entity seeking consent. Implicit consent may reasonably be inferred from the action or inaction of the individual such as not having opted out, or providing credit card information to complete a transaction. (see opt in and opt out).

consolidated administration

A consolidated administration system allows a security administrator to create, modify or delete user records on multiple systems at once. It acts as a more efficient replacement for the native user management tools in each of the systems with which it has been integrated.

container

The file used by a virtual disk encryption technology to encompass and protect other files.

SOURCE: SP 800-111

contamination

Type of incident involving the introduction of data of one security classification or security category into data of a lower security classification or different security category.

SOURCE: CNSSI-4009

content filtering

The process of monitoring communications such as email and Web pages, analyzing them for suspicious content, and preventing the delivery of suspicious content to users.

SOURCE: SP 800-114

context

a context is a sphere of activity, a geographic region, a communication platform, an application, a logical or physical domain.

(1) The surrounding environment and circumstances that determine meaning of digital identities and the policies and protocols that govern their interactions. [Identity Gang: DaveK, PaulT] (2) A context is a sphere of activity, a geographical region, a communication platform, an application, a logical or physical domain. [Source: Stefan Brands.] Practically, a context is only relevant in an interaction. (3) A context might also be referred to as presence.

A property that can be associated with a user attribute value to specify information that can be used to determine the applicability of the value.

The environment with defined boundary conditions in which entities exist and interact.

An environment with defined boundary conditions in which entities exist and interact.

The environment with defined boundary conditions in which entities exist and interact.

contingency key

Key held for use under specific operational conditions or in support of specific contingency plans. See reserve keying material.

SOURCE: CNSSI-4009

contingency plan

Management policy and procedures designed to maintain or restore business operations, including computer operations, possibly at an alternate location, in the event of emergencies, system failures, or disaster.

SOURCE: SP 800-34

Management policy and procedures used to guide an enterprise response to a perceived loss of mission capability. The Contingency Plan is the first plan used by the enterprise risk managers to determine what happened, why, and what to do. It may point to the Continuity of Operations Plan (COOP) or Disaster Recovery Plan for major disruptions.

SOURCE: CNSSI-4009

continuity of government (COG)

A coordinated effort within the Federal Government's executive branch to ensure that national essential functions continue to be performed during a catastrophic emergency.

SOURCE: CNSSI-4009

continuity of operations plan (COOP)

A predetermined set of instructions or procedures that describe how an organization's essential functions will be sustained for up to 30 days as a result of a disaster event before returning to normal operations.

SOURCE: SP 800-34

Management policy and procedures used to guide an enterprise response to a major loss of enterprise capability or damage to its facilities. The COOP is the third plan needed by the enterprise risk managers and is used when the enterprise must recover (often at an alternate site) for a specified period of time. Defines the activities of individual departments and agencies and their sub-components to ensure that their essential functions are performed. This includes plans and procedures that delineate essential functions; specifies succession to office and the emergency delegation of authority; provide for the safekeeping of vital records and databases; identify alternate operating facilities; provide for interoperable communications, and validate the capability through tests, training, and exercises. See also Disaster Recovery Plan and Contingency Plan.

SOURCE: CNSSI-4009

continuity of support plan

The documentation of a predetermined set of instructions or procedures mandated by Office of Management and Budget (OMB) A-130 that describe how to sustain major applications and general support systems in the event of a significant disruption.

SOURCE: SP 800-34

continuous monitoring

The process implemented to maintain a current security status for one or more information systems or for the entire suite of information systems on which the operational mission of the enterprise depends. The process includes: 1) he development of a strategy to regularly evaluate selected IA controls/metrics, 2) Recording and evaluating IA relevant events and the effectiveness of the enterprise in dealing with those events, 3) Recording changes to IA controls, or changes that affect IA risks, and 4) Publishing the current security status to enable information-sharing decisions involving the enterprise.

SOURCE: CNSSI-4009

contract

A promise or set or promises for the breach of which the law gives a remedy, or the performance of which the law recognizes as a duty.

contractor

Person or entity that is under contract to provide the Federal Government with services, supplies, or other needs.

control information

Information that is entered into a cryptographic module for the purposes of directing the operation of the module.

SOURCE: FIPS 140-2

controlled access area

Physical area (e.g., building, room, etc.) to which only authorized personnel are granted unrestricted access. All other personnel are either escorted by authorized personnel or are under continuous surveillance.

SOURCE: CNSSI-4009

controlled access protection

Minimum set of security functionality that enforces access control on individual users and makes them accountable for their actions through login procedures, auditing of security-relevant events, and resource isolation.

SOURCE: CNSSI-4009

controlled area

Any area or space for which the organization has confidence that the physical and procedural protections provided are sufficient to meet the requirements established for protecting the information and/or information system.

SOURCE: SP 800-53; SP 800-53A

controlled cryptographic item (CCI)

Secure telecommunications or information system, or associated cryptographic component, that is unclassified and handled through the COMSEC Material Control System (CMCS), an equivalent material control system, or a combination of the two that provides accountability and visibility. Such items are marked "Controlled Cryptographic Item," or, where space is limited, "CCI".

SOURCE: CNSSI-4009

controlled cryptographic item (CCI) assembly

Device embodying a cryptographic logic or other COMSEC design that NSA has approved as a Controlled Cryptographic Item (CCI). It performs the entire COMSEC function, but depends upon the host equipment to operate.

SOURCE: CNSSI-4009

controlled cryptographic item (CCI) component

Part of a Controlled Cryptographic Item (CCI) that does not perform the entire COMSEC function but depends upon the host equipment, or assembly, to complete and operate the COMSEC function.

SOURCE: CNSSI-4009

controlled cryptographic item (CCI) equipment

Telecommunications or information handling equipment that embodies a Controlled Cryptographic Item (CCI) component or CCI assembly and performs the entire COMSEC function without dependence on host equipment to operate.

SOURCE: CNSSI-4009

controlled interface

A boundary with a set of mechanisms that enforces the security policies and controls the flow of information between interconnected information systems.

SOURCE: CNSSI-4009

controlled space

Three-dimensional space surrounding information system equipment, within which unauthorized individuals are denied unrestricted access and are either escorted by authorized individuals or are under continuous physical or electronic surveillance.

SOURCE: CNSSI-4009

controlled unclassified information (CUI)

A categorical designation that refers to unclassified information that does not meet the standards for National Security Classification under Executive Order 12958, as amended, but is (i) pertinent to the national interests of the United States or to the important interests of entities outside the Federal Government, and (ii) under law or policy requires protection from unauthorized disclosure, special handling safeguards, or prescribed limits on exchange or dissemination. Henceforth, the designation CUI replaces "Sensitive But Unclassified" (SBU).

SOURCE: SP 800-53

controlling authority

Official responsible for directing the operation of a cryptonet and for managing the operational use and control of keying material assigned to the cryptonet.

SOURCE: CNSSI-4009

cookies

Cookies are pieces of information generated by a Web server and stored in the user's computer, ready for future access. The information can then be used to identify the user when returning to the Web site, to personalize Web content, and suggest items of potential interest based on previous buying habits. Certain advertisers use tracking methods, including cookies, to analyze the patterns and paths through a site.

A piece of state information supplied by a Web server to a browser, in a response for a requested resource, for the browser to store temporarily and return to the server on any subsequent visits or requests.

SOURCE: SP 800-28

Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use.

SOURCE: CNSSI-4009

cooperative key generation

Electronically exchanging functions of locally generated, random components, from which both terminals of a secure circuit construct traffic encryption key or key encryption key for use on that circuit. See per-call key.

SOURCE: CNSSI-4009

cooperative remote rekeying

Synonymous with manual remote rekeying.

SOURCE: CNSSI-4009

corporate subscriber (Privacy and Electronic Communications Regulations)

This includes corporate bodies such as a limited company in the UK, a limited liability partnership in England, Wales and N. Ireland or any partnership in Scotland. It also includes schools, government departments and agencies, hospitals and other public bodies eg the Information Commissioner's Office.

correctness proof

A mathematical proof of consistency between a specification and its implementation.

SOURCE: CNSSI-4009

correspond

To belong to the same key pair.

corroboration

Corroboration is the confirmation by provision of sufficient evidence and examination thereof that specified requirements have been fulfilled.

counter with cipher block chaining-message authentication code (CCM)

A mode of operation for a symmetric key block cipher algorithm. It combines the techniques of the Counter (CTR) mode and the Cipher Block Chaining-Message Authentication Code (CBC-MAC) algorithm to provide assurance of the confidentiality and the authenticity of computer data.

SOURCE: SP 800-38C

countermeasure

Actions, devices, procedures, or techniques that meet or oppose (i.e., counters) a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.

SOURCE: CNSSI-4009

countermeasures

Actions, devices, procedures, techniques, or other measures that reduce the vulnerability of an information system. Synonymous with security controls and safeguards.

SOURCE: SP 800-53; SP 800-53A; FIPS 200

covenant

One type of contractual responsibility, being a promise to perform certain tasks (affirmative covenant) or to refrain from certain conduct (negative covenant), to be distinguished from a representation and a warranty.

cover-coding

A technique to reduce the risks of eavesdropping by obscuring the information that is transmitted.

SOURCE: SP 800-98

covert channel

An unauthorized communication path that manipulates a communications medium in an unexpected, unconventional, or unforeseen way in order to transmit information without detection by anyone other than the entities operating the covert channel.

SOURCE: CNSSI-4009

covert channel analysis

Determination of the extent to which the security policy model and subsequent lower-level program descriptions may allow unauthorized access to information.

SOURCE: CNSSI-4009

covert storage channel

Covert channel involving the direct or indirect writing to a storage location by one process and the direct or indirect reading of the storage location by another process. Covert storage channels typically involve a finite resource (e.g., sectors on a disk) that is shared by two subjects at different security levels.

SOURCE: CNSSI-4009

covert testing

Testing performed using covert methods and without the knowledge of the organization's IT staff, but with the full knowledge and permission of upper management.

SOURCE: SP 800-115

covert timing channel

Covert channel in which one process signals information to another process by modulating its own use of system resources (e.g., central processing unit time) in such a way that this manipulation affects the real response time observed by the second process.

SOURCE: CNSSI-4009

credential database

Most enterprise SSO systems work by storing the various login IDs and passwords for a user in a database of some form and retrieving this information when the time comes to auto-populate a login prompt. This database should be protected, as it contains sensitive information. It may be physically local to the user's workstation, or stored in a directory, or in an enterprise relational database (ERDB). The credential database should definitely be encrypted.

credential management

DEFINITION REQUIRED

A service that supports the lifecycle of identity credentials from issuance to revocation, including renewal, status checks and authentication services.

credential service (CS)

System that authenticates an End-User who has a PIN or Password based identity Credential. The Credential Service then issues an identity assertion to the relying party. A Credential Service is a Verifier.

A type of electronic trust service that supports the verification of identities (identity proofing), the issuance of identity-related assertions/credentials/tokens, and the subsequent management of those credentials (for example, renewal, revocation and the provision of related status and authentication services).

A reliable, efficient means of disseminating credential information.

A type of electronic trust service that supports the verification of identities (identity proofing), the issuance of identity related assertions/credentials/tokens, and the subsequent management of those credentials (for example, renewal, revocation, and the provision of related status and authentication services).

A type of electronic trust service that supports the verification of identities (identity proofing), the issuance of identity related assertions/credentials/tokens, and the subsequent management of those credentials (for example, renewal, revocation and the provision of related status and authentication services).

credential service provider (CSP)

An organization that offers one or more Approved Credential Services.

An electronic trust service provider that operates one or more credential services. A CSP can include a Registration Authority.

A trusted entity that issues or registers subscriber tokens and issues electronic credentials to subscribers. The CSP may encompass Registration Authorities and verifiers that it operates. A CSP may be an independent third party, or may issue credentials for its own use.

SOURCE: SP 800-63

credential standards

The policies and procedures used by Credential Service Provider to issue Credentials as described in Schedule E to this Agreement.

credential(s)

Digital documents used in authentication that bind an identity or an attribute to a subscriber's Token. Note that this document uses "Credential" broadly, referring to both electronic Credentials and Tokens.

The private part of a paired Identity assertion (user-id is usually the public part). The thing(s) that an Entity relies upon in an Assertion at any particular time, usually to authenticate a claimed Identity. Credentials can change over time and may be revoked. Examples include; a signature, a password, a drivers licence number (not the card itself), an ATM card number (not the card itself), data stored on a smart-card (not the card itself), a digital certificate, a biometric template.

A credential is a piece of information attesting to the integrity of certain stated facts.

The private part of a paired Identity assertion (user-id is usually the public part). The thing(s) that an Entity relies upon in an Assertion at any particular time, usually to authenticate a claimed Identity. Credentials can change over time and may be revoked. Examples include; a signature, a password, a drivers licence number (not the card itself), an ATM card number (not the card itself), data stored on a smart-card (not the card itself), a digital certificate, a biometric template.

a. An identifiable object that can be used to authenticate the claimant is what it claims to be and authorize the claimant's access rights.

b. Data that is transferred to establish the claimed identity of any entity.

c. The private part of a paired Identity assertion (user-id is usually the public part). The thing(s) that an entity relies upon in an assertion at any particular

time, usually to authenticate a claimed identity. Credentials can change over time and may be revoked. Examples include; a signature, a password, a drivers

license number (not the card itself), an ATM card number (not the card itself), data stored on a smart-card (not the card itself), a digital certificate, a biometric

template.

i. An identifiable object that can be used to authenticate the claimant is what it claims to be and authorize the claimant's access rights

ii. Data that is transferred to establish the claimed identity of an entity.

iii. The private part of a paired Identity assertion (user-id is usually the public part). The thing(s) that an Entity relies upon in an Assertion at any particular time, usually to authenticate a claimed Identity. Credentials can change over time and may be revoked. Examples include; a signature, a password, a drivers licence number (not the card itself), an ATM card number (not the card itself), data stored on a smart-card (not the card itself), a digital certificate, a bio-metric template.

An object to be verified when presented in an authentication transaction. A credential can be bound in some way to the individual to whom it was issued, or it can be a bearer credential. Electronic credentials are digital documents that bind an identity or an attribute to a subscriber's token.

A digital document that binds a person's identity (and optionally, additional attributes) to a token possessed and controlled by a person. Data that is used to establish the claimed attributes or identity of a person or an entity. Paper credentials are documents that attest to the identity or other attributes of an individual or entity called the Subject of the credentials. Some common paper credentials include passports, birth certificates, driver's licenses, and employee identity cards.

An object to be verified when presented in an authentication

transaction. A credential can be bound in some way to the

individual to whom it was issued, or it can be a bearer credential. Electronic credentials are digital documents that bind an identity

or an attribute to a subscriber's token.

A secure message stating "Identity Provider X certifies that the holder of the credential satisfies Y," where Y might be "user name is Ê»JohnDoeÊ¼," or even "the user works for Widgets

Inc."

An electronic token, device or process provided to an individual for the purpose of authenticating their identity in connection with a transaction or series of transactions. The Credential(s) Credential Service Provider will issue to Subjects are more fully described in Schedule D to this Agreement.

Data that is transferred to establish a claimed principal identity. [X.800] [SAMLAgree]

Known data attesting to the truth of certain stated facts.

Data that is transferred or presented to establish either a claimed identity or the authorizations of a system entity.

An object to be verified when presented in an authentication transaction. A credential can be bound in some way to the individual to whom it was issued, or it can be a bearer credential. Electronic credentials are digital documents that bind an identity or an attribute to a subscriber's token.

A set of data presented as evidence of a claimed identity and/or entitlements.

Evidence attesting to one's right to credit or authority; in this standard, it is the PIV Card and data elements associated with an individual that authoritatively binds an identity (and, optionally, additional attributes) to that individual.

An object that authoritatively binds an identity (and optionally, additional attributes) to a token possessed and controlled by a person.

SOURCE: SP 800-63

Evidence attesting to one's right to credit or authority.

SOURCE: FIPS 201

Evidence or testimonials that support a claim of identity or assertion of an attribute and usually are intended to be used more than once.

SOURCE: CNSSI-4009

An information object created by a credential provider that provides evidence of the subject's authority, roles, rights, privileges, and other attributes. The credential is normally bound to an acceptable identity medium.

critical infrastructures

Physical and cyber-based systems that are essential to the minimum operations of the economy and government.

System and assets, whether physical or virtual, so vital to the U.S. that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. [Critical Infrastructures Protection Act of 2001, 42 U.S.C. 5195c(e)]

SOURCE: CNSSI-4009

critical security parameter (CSP)

Security-related information (e.g., secret and private cryptographic keys, and authentication data such as passwords and Personal Identification Numbers [PINs]) whose disclosure or modification can compromise the security of a cryptographic module.

SOURCE: FIPS 140-2; CNSSI-4009

criticality

A measure of the degree to which an organization depends on the information or information system for the success of a mission or of a business function.

SOURCE: SP 800-60

criticality level

Refers to the (consequences of) incorrect behavior of a system. The more serious the expected direct and indirect effects of incorrect behavior, the higher the criticality level.

SOURCE: CNSSI-4009

cross-certification/cross certificate

Before a user can verify a digital signature generated by a subscriber of another CA he must obtain the verification public key of the generating CA. To prevent various masquerade attacks this public key must be provided to the user in a manner that will assure its integrity. This is accomplished by having the user's CA and the signer's CA cross-certify whereby each CA provides the other with a verification certificate "“ called a crosscertificate "“ containing the other CA's public verification key. The user is then able to verify the integrity of the cross-certificate generated by its own CA for the other and, with the public key it contains, verify the integrity of the signer's certificate.

A certificate used to establish a trust relationship between two Certification Authorities.

SOURCE: SP 800-32; CNSSI-4009

cross domain capabilities

The set of functions that enable the transfer of information between security domains in accordance with the policies of the security domains involved.

SOURCE: CNSSI-4009

cross-domain solution (CDS)

A form of controlled interface that provides the ability to manually and/or automatically access and/or transfer information between different security domains.

SOURCE: CNSSI-4009

cryptanalysis

1) Operations performed in defeating cryptographic protection without an initial knowledge of the key employed in providing the protection.

2) The study of mathematical techniques for attempting to defeat cryptographic techniques and information system security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the algorithm itself.

SOURCE: SP 800-57; CNSSI-4009

cryptographic

Pertaining to, or concerned with, cryptography.

SOURCE: CNSSI-4009

cryptographic alarm

Circuit or device that detects failures or aberrations in the logic or operation of crypto-equipment. Crypto-alarm may inhibit transmission or may provide a visible and/or audible alarm.

SOURCE: CNSSI-4009

cryptographic algorithm

A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output.

SOURCE: SP 800-21; CNSSI-4009

cryptographic ancillary equipment

Equipment designed specifically to facilitate efficient or reliable operation of cryptographic equipment, without performing cryptographic functions itself.

SOURCE: CNSSI-4009

cryptographic binding

Associating two or more related elements of information using cryptographic techniques.

SOURCE: CNSSI-4009

cryptographic boundary

An explicitly defined continuous perimeter that establishes the physical bounds of a cryptographic module and contains all the hardware, software, and/or firmware components of a cryptographic module.

SOURCE: FIPS 140-2

cryptographic component

Hardware or firmware embodiment of the cryptographic logic. A cryptographic component may be a modular assembly, a printed wiring assembly, a microcircuit, or a combination of these items.

SOURCE: CNSSI-4009

cryptographic equipment

Equipment that embodies a cryptographic logic.

SOURCE: CNSSI-4009

cryptographic hash function

A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties:

1) (One-way) It is computationally infeasible to find any input which maps to any pre-specified output, and

2) (Collision resistant) It is computationally infeasible to find any two distinct inputs that map to the same output.

SOURCE: SP 800-21

cryptographic ignition key (CIK)

Device or electronic key used to unlock the secure mode of crypto-equipment.

SOURCE: CNSSI-4009

cryptographic initialization

Function used to set the state of a cryptographic logic prior to key generation, encryption, or other operating mode.

SOURCE: CNSSI-4009

cryptographic key (key)

A parameter used in conjunction with a cryptographic algorithm that determines the specific operation of that algorithm.

A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification.

SOURCE: SP 800-63

A binary string used as a secret parameter by a cryptographic algorithm.

SOURCE: SP 800-108

A parameter used in conjunction with a cryptographic algorithm that determines the specific operation of that algorithm.

SOURCE: FIPS 201; FIPS 198

A parameter used in conjunction with a cryptographic algorithm that determines

w the transformation of plaintext data into ciphertext data,

w the transformation of ciphertext data into plaintext data,

w a digital signature computed from data,

w the verification of a digital signature computed from data,

w an authentication code computed from data, or

w an exchange agreement of a shared secret.

SOURCE: FIPS 140-2

cryptographic logic

The embodiment of one (or more) cryptographic algorithm(s) along with alarms, checks, and other processes essential to effective and secure performance of the cryptographic process(es).

SOURCE: CNSSI-4009

cryptographic material (slang CRYPTO)

COMSEC material used to secure or authenticate information.

SOURCE: CNSSI-4009

cryptographic module

The set of hardware, software, firmware, or some combination thereof that implements cryptographic logic or processes, including cryptographic algorithms, and is contained within the cryptographic boundary of the module.

SOURCE: SP 800-32; FIPS 196

The set of hardware, software, and/or firmware that implements Approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.

SOURCE: FIPS 140-2

cryptographic module security policy

A precise specification of the security rules under which a cryptographic module will operate, including the rules derived from the requirements of this standard (FIPS 140-2) and additional rules imposed by the vendor.

SOURCE: FIPS 140-2

cryptographic module validation program (CMVP)

Validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-2 and other cryptography-based standards. The CMVP is a joint effort between National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE) of the Government of Canada. Products validated as conforming to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive information (United States) or Designated Information (Canada). The goal of the CMVP is to promote the use of validated cryptographic modules and provide Federal agencies with a security metric to use in procuring equipment containing validated cryptographic modules.

SOURCE: FIPS 140-2

cryptographic net

Stations holding a common key.

SOURCE: CNSSI-4009

cryptographic period

Time span during which each key setting remains in effect.

SOURCE: CNSSI-4009

cryptographic product

A cryptographic key (public, private, or shared) or public key certificate, used for encryption, decryption, digital signature, or signature verification; and other items, such as compromised key lists (CKL) and certificate revocation lists (CRL), obtained by trusted means from the same source which validate the authenticity of keys or certificates. Protected software which generates or regenerates keys or certificates may also be considered a cryptographic product.

SOURCE: CNSSI-4009

cryptographic randomization

Function that randomly determines the transmit state of a cryptographic logic.

SOURCE: CNSSI-4009

cryptographic security

Component of COMSEC resulting from the provision of technically sound cryptographic systems and their proper use.

SOURCE: CNSSI-4009

cryptographic strength

A measure of the expected number of operations required to defeat a cryptographic mechanism.

SOURCE: SP 800-63

cryptographic synchornization

Process by which a receiving decrypting cryptographic logic attains the same internal state as the transmitting encrypting logic.

SOURCE: CNSSI-4009

cryptographic system

Associated information assurance items interacting to provide a single means of encryption or decryption.

SOURCE: CNSSI-4009

cryptographic system analysis

Process of establishing the exploitability of a cryptographic system, normally by reviewing transmitted traffic protected or secured by the system under study.

SOURCE: CNSSI-4009

cryptographic system evaluation

Process of determining vulnerabilities of a cryptographic system and recommending countermeasures.

SOURCE: CNSSI-4009

cryptographic system review

Examination of a cryptographic system by the controlling authority ensuring its adequacy of design and content, continued need, and proper distribution.

SOURCE: CNSSI-4009

cryptographic system survey

Management technique in which actual holders of a cryptographic system express opinions on the system's suitability and provide usage information for technical evaluations.

SOURCE: CNSSI-4009

cryptographic token

A token for which the secret is a cryptographic key.

A token where the secret is a cryptographic key.

SOURCE: SP 800-63

A portable, user-controlled physical device (e.g., smart card or PCMCIA card) used to store cryptographic information and possibly also perform cryptographic functions.

SOURCE: CNSSI-4009

cryptography

The discipline which embodies principles, means and methods for the transformation of data to hide its information content, prevent its undetected modification, prevent its unauthorized use or a combination thereof. [ANSI X9.31] Cryptography deals with the transformation of ordinary text (plaintext) into coded form (ciphertext) by encryption and transformation of ciphertext into plaintext by decryption. [NIST SP 800-2]

The mathematical methods of protecting and keeping private of shared secrets, usually in a message. Literally means "hidden writing" (greek). For example; ROT13 (a rotation cipher) and Code (word replacement). Modern techniques include algorythms, hashes and keys. Qantum cryptography allows only a single recipient, as the act of reading alters the contents and so allows detection of a passive eavesdropper - most systems use single photons from a laser. Fibre lasers can provide secure transmissions over long distances. Not to be confused with steganography (the act of hiding the existence of a message, such as in pictures or sounds).

The discipline that embodies the principles, means, and methods for the transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.

SOURCE: SP 800-59; ANSDIT

The discipline that embodies principles, means, and methods for providing information security, including confidentiality, data integrity, non-repudiation, and authenticity.

SOURCE: SP 800-21

Is categorized as either secret key or public key. Secret key cryptography is based on the use of a single cryptographic key shared between two parties. The same key is used to encrypt and decrypt data. This key is kept secret by the two parties. Public key cryptography is a form of cryptography which makes use of two keys: a public key and a private key. The two keys are related but have the property that, given the public key, it is computationally infeasible to derive the private key [FIPS 140-1]. In a public key cryptosystem, each party has its own public/private key pair. The public key can be known by anyone; the private key is kept secret.

SOURCE: FIPS 191

Art or science concerning the principles, means, and methods for rendering plain information unintelligible and for restoring encrypted information to intelligible form.

SOURCE: CNSSI-4009

cryptology

The science that deals with hidden, disguised, or encrypted communications. It includes communications security and communications intelligence.

SOURCE: SP 800-60

The mathematical science that deals with cryptanalysis and cryptography.

SOURCE: CNSSI-4009

crypto officer

An operator or process (subject), acting on behalf of the operator, performing cryptographic initialization or management functions.

SOURCE: FIPS 140-2

CVE

SEE Common Vulnerabilities and Exposures.

cyber attack

An attack, via cyberspace, targeting an enterprise's use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.

SOURCE: CNSSI-4009

cyber incident

Actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein. See incident.

SOURCE: CNSSI-4009

cybersecurity

The ability to protect or defend the use of cyberspace from cyber attacks.

The collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies that can be used to protect the cyber environment and organization and user's assets.

(Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment.)

SOURCE: ITU-T X.1205, "Overview of Cybersecurity"

Measures taken to protect computers, computer systems and networks, and data against

unauthorized access or attack.

cyberspace

A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.

SOURCE: CNSSI-4009

The interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, mobile devices, and embedded processors and controllers in critical industries. Common usage of the term also refers to the virtual environment of information and interactions between people.

cyclical redundancy check

A method to ensure data has not been altered after being sent through a communication channel.

SOURCE: SP 800-72

Error checking mechanism that verifies data integrity by computing a polynomial algorithm based checksum.

SOURCE: CNSSI-4009

DAA

SEE Designated Approving/Approval/Accrediting Authority.

data

A relationship that someone claims to exist between two entities.

Any information that a Principal provides to an Identity Provider or a service provider.

A subset of information in an electronic format that allows it to be retrieved or transmitted.

SOURCE: CNSSI-4009

data aggregation

Compilation of individual data systems and data that could result in the totality of the information being classified, or classified at a higher level, or of beneficial use to an adversary.

SOURCE: CNSSI-4009

data asset

1. Any entity that is comprised of data. For example, a database is a data asset that is comprised of data records. A data asset may be a system or application output file, database, document, or Web page. A data asset also includes a service that may be provided to access data from an application. For example, a service that returns individual records from a database would be a data asset. Similarly, a Web site that returns data in response to specific queries (e.g., www.weather.com) would be a data asset.

2. An information-based resource.

SOURCE: CNSSI-4009

data authentication

Data authentication is the corroboration that the origin and integrity of data is as claimed.

data controller (Data Protection Act)

An entity linking the object information recorded in the RFID tag to PII, or recording PII in the RFID tag or collecting PII recorded in the RFID tag.

A person who determines the purposes for which, and the manner in which, personal information is to be processed. This may be an individual or an organisation and the processing may be carried out jointly or in common with other persons.

data element

A basic unit of information that has a unique meaning and subcategories (data items) of distinct value. Examples of data elements include gender, race, and geographic location.

SOURCE: SP 800-47; CNSSI-4009

data encryption algorithm (DEA)

The cryptographic engine that is used by the Triple Data Encryption Algorithm (TDEA).

SOURCE: SP 800-67

data encryption standard (DES)

Cryptographic algorithm designed for the protection of unclassified data and published by the National Institute of Standards and Technology (NIST) in Federal Information Processing Standard (FIPS) Publication 46. (FIPS 46-3 withdrawn 19 May 2005) See Triple DES.

SOURCE: CNSSI-4009

data flow control

Synonymous with information flow control.

SOURCE: CNSSI-4009

data integrity

The property that data has not been altered by an unauthorized entity.

Condition existing when data is unchanged from its source and has not been accidentally or maliciously modified, altered, or destroyed.

The property that data has not been altered in an unauthorized manner. Data integrity covers data in storage, during processing, and while in transit.

SOURCE: SP 800-27

The property that data has not been changed, destroyed, or lost in an unauthorized or accidental manner.

SOURCE: CNSSI-4009

data origin authentication

Corroboration that the source of data received is as claimed.

The process of verifying that the source of the data is as claimed and that the data has not been modified.

SOURCE: CNSSI-4009

data owner

A data owner is a business role associated with responsibility for a given set of data. Normally this comes with responsibility to decide what users in the organization may access the data in question and for the quality of the data.

data processor (Data Protection Act)

A person, who processes personal information on a data controller's behalf. Anyone responsible for the disposal of confidential waste is also included under this definition.

data quality

A measure of the timely correctness of information. New IAM solutions usually highlight that existing data and processes are inadequate, even though they remain suitable for existing business needs as reflected in the source application's objectives. Also see Trusted Source.

data security

Protection of data from unauthorized (accidental or intentional) modification, destruction, or disclosure.

SOURCE: CNSSI-4009

data subject (Data Protection Act)

An entity who can be identified by one or more pieces of data related to his or her physical, physiological, mental, financial, cultural, or social attributes.

This is the living individual who is the subject of the personal information (data).

data transfer device (DTD)

Fill device designed to securely store, transport, and transfer electronically both COMSEC and TRANSEC key, designed to be backward compatible with the previous generation of COMSEC common fill devices, and programmable to support modern mission systems.

SOURCE: CNSSI-4009

deactivation

Any process that stops interactions of an RFID Tag with its environment which does not require the active involvement of the consumer.

decertification

Revocation of the certification of an information system item or equipment for cause.

SOURCE: CNSSI-4009

decipher

Convert enciphered text to plain text by means of a cryptographic system.

SOURCE: CNSSI-4009

decode

Convert encoded text to plain text by means of a code.

SOURCE: CNSSI-4009

decrypt

Generic term encompassing decode and decipher.

SOURCE: CNSSI-4009

decryption

The process of converting encrypted data back into its original form, so it can be understood.

The process of transforming ciphertext into plaintext.

SOURCE: SP 800-67

The process of changing ciphertext into plaintext using a cryptographic algorithm and key.

SOURCE: SP 800-21

Conversion of ciphertext to plaintext through the use

of a cryptographic algorithm.

SOURCE: FIPS 185

dedicated mode

Information systems security mode of operation wherein each user, with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts, has all of the following: 1. valid security clearance for all information within the system, 2. formal access approval and signed nondisclosure agreements for all the information stored and/or processed (including all compartments, subcompartments, and/or special access programs), and 3. valid need-to-know for all information contained within the information system. When in the dedicated security mode, a system is specifically and exclusively dedicated to and controlled for the processing of one particular type or classification of information, either for full-time operation or for a specified period of time.

SOURCE: CNSSI-4009

default classification

Classification reflecting the highest classification being processed in an information system. Default classification is included in the caution statement affixed to an object.

SOURCE: CNSSI-4009

defederate, defederate identity

To eliminate linkage between a Principal's accounts at an identity provider and a service provider.

defence in depth (DID)

This is a concept that refers to implementing layers of technical, organizational, and operational security controls, requiring breaches to penetrate several layers in sequence beginning at the border or perimeter of the network. Can be used in conjunction with an Assurance Framework's credential strength.

defense-in-breadth

A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or sub-component life cycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).

SOURCE: CNSSI-4009

defense-in-depth

Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and dimensions of the organization.

SOURCE: CNSSI-4009; SP 800-53

degauss

Procedure that reduces the magnetic flux to virtual zero by applying a reverse magnetizing field. Also called demagnetizing.

SOURCE: CNSSI-4009

delegated administration

To act on behalf of the administrator of an Identity repository. This is usually achieved by partitioning and filtering the directory and providing simple tools such as web-based functions to add/modify/delete a subset of accounts. It is particularly useful for trusted organisations working as agents on behalf of the owner of the repository, to manage its own staffs access.

A delegated administration system allows a some users to manage the accounts of other users on some systems. Delegated administration is intended to move user management out of a central IT function, decentralizing it so that it is performed by IT or business users who are more closely familiar with the users whose profiles are being managed.

Delegated user administration may be thought of as consolidated user administration plus filters that limit what one user can see of and do to another.

delegated authorizer

A given authorizer may not always be available. For example, authorizers may take holidays, be ill, be too busy to respond, etc. In these cases, an authorizer may wish to delegate his authority to another user -- temporarily or permanent. The new authorizer is a delegated one.

delegated development program

INFOSEC program in which the Director, NSA, delegates, on a case-by-case basis, the development and/or production of an entire telecommunications product, including the INFOSEC portion, to a lead department or agency.

SOURCE: CNSSI-4009

delegation

Delegation is the process in which an identified entity issues a mandate to another identified entity.

i. Conveyance of privilege from one entity that holds such privilege, to another entity.

ii. The action that assigns authority, responsibility or a function to another object.

iii. An act of transferring of privileges to perform some

action on behalf of one entity to another.

Enabling a system entity to operate on behalf of a principal to access an identity service.

The action that assigns authority, responsibility or a function to another entity.

An action that assigns authority, responsibility, or a function to another entity.

The action that assigns authority, responsibility or a function to another entity.

delegation of approval authority

Authorizers may wish to schedule periods of time during which they will be unavailable (example: vacations), and during which their authority to approve change requests should be transferred to others. The process by which an authorizer transfers authority -- temporarily or permanently -- is delegation.

deleted file

A file that has been logically, but not necessarily physically, erased from the operating system, perhaps to eliminate potentially incriminating evidence. Deleting files does not always necessarily eliminate the possibility of recovering all or part of the original data.

SOURCE: SP 800-72

demilitarized zone (DMZ)

A network created by connecting two firewalls. Systems that are externally accessible but need some protections are usually located on DMZ networks.

SOURCE: SP 800-41

A host or network segment inserted as a "neutral zone" between an organization's private network and the Internet.

SOURCE: SP 800-45

Perimeter network segment that is logically between internal and external networks. Its purpose is to enforce the internal network's Information Assurance policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding the internal networks from outside attacks.

SOURCE: CNSSI-4009

denial of service (DoS)

An attack that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources.

SOURCE: SP 800-61

The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.)

SOURCE: CNSSI-4009

descriptive top-level specification (DTLS)

A natural language descriptive of a system's security requirements, an informal design notation, or a combination of the two.

SOURCE: CNSSI-4009

designated approval authority (DAA)

Official with the authority to formally assume responsibility for operating a system at an acceptable level of risk. This term is synonymous with authorizing official, designated accrediting authority, and delegated accrediting authority.

SOURCE: CNSSI-4009

designated approving (accrediting) authority (DAA)

The individual selected by an authorizing official to act on their behalf in coordinating and carrying out the necessary activities required during the security certification and accreditation of an information system. (Synonymous with Authorizing Official.)

SOURCE: SP 800-37

designated financial agent

Selected by a RP or CSP to provide financial related services in regard to the E-Authentication Federation.

device

A physical construct, generally electronic, that is capable of storing and processing information, e.g., a Personal Computer, web server, mobile phone, or smart card.

device distribution profile

An approval-based Access Control List (ACL) for a specific product that 1) names the user devices in a specific key management infrastructure (KMI) Operating Account (KOA) to which PRSNs distribute the product, and 2) states conditions of distribution for each device.

SOURCE: CNSSI-4009

device ID

The unique serial number or "˜fingerprint' that a particular device has embedded in it. Thus a particular PC or PDA can be "something you have" in a two-factor solution. It can be the combination of several components (eg CPU + graphics card) and can include a threshold (ie less than 100% matching) to allow for partial upgrades, such as with the iPass (proprietary) solution. It may be a temporary identification for a session for ensuring compatible device usage, or it may be a permanent registration of the ID for inclusion as a trusted credential in an Assurance Framework and in a subsequent authentication process.

device registration manager

The management role that is responsible for performing activities related to registering users that are devices.

SOURCE: CNSSI-4009

dial-back

Dial back validates a user's physical location using the telephone system. In its original form, when users connected their PCs to the network with telephone modems, a user would connect to a corporate network, identify himself, hang-up and wait for a corporate server to call him back at home.

With more modern technology, a user may sign into a corporate network, identify himself and wait for a single-use random PIN to be phoned or text messaged to his home or cellular telephone. This PIN is subsequently used to authenticate to a network service.

Synonymous with call back.

SOURCE: CNSSI-4009

differential power analysis (DPA)

An analysis of the variations of the electrical power consumption of a cryptographic module, using advanced statistical methods and/or other techniques, for the purpose of extracting information correlated to cryptographic keys used in a cryptographic algorithm.

SOURCE: FIPS 140-2

digital certificate

an electronic "˜document' based on the International Telecommunications Union (ITU) X.509 (1988) standard consisting of a public/private key pair; their usage is governed by a Policy and a Practice Statement. They can be used for verification, encryption and digital signing. A digital certificate can also serve as an electronic notary seal (stamp). A certificate contains a digital signature, verified by another certificate - this creates a chain of certificates that ends with the 'root' certificate (which is self-signed); the owner of the root certificate is called the Root CA.

digital contract

A contract made in digital form and signed by two entities between whom an agreement is reached.

digital evidence

Electronic information stored or transferred in digital form.

SOURCE: SP 800-72

digital forensics

The application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data.

SOURCE: SP 800-86

digital identity/subject/provider/etc.

A digital representation of a set of Claims made by one Party about itself or another Digital Subject. An Agent that issues a Digital Identity. An Entity represented or existing in the digital realm which is being described or dealt with.

The consumer of a digital service (a digital representation of a natural or juristic person, persona, group, organization, software service or device) described through claims.

1. the digital representation of a set of claims made by one digital subject about itself or another digital subject.

2. A digital subject is an entity represented or existing in the digital realm which is being described or dealt with. Every digital subject has a finite, but unlimited number of identity attributes

A digital identity is a partial identity in an electronic form.

Same as identity. An entity represented or existing in the digital realm which is being described or dealt with.

a. The digital representation of the information known about a specific individual, group, or organization.

b. A digital representation of a set of claims made by one party about itself or another digital subject.

c. A set of claims made by one digital subject about itself or another digital subject.

i. The digital representation of the information known about a specific individual, group or organization

ii. A digital representation of a set of Claims made by one Party about itself or another Digital Subject.

iii. A set of claims made by one digital subject about itself or another digital subject.

An Entity represented or existing in the digital realm which is being described or dealt with.

An Agent that issues a Digital Identity.

The person that is identified in a particular credential and that can be authenticated and vouched for by an Identity Provider.

An entity that is able to use an electronic trust service subject to agreement with an associated subscriber. A subject and a subscriber can be the same entity.

A digital representation of a set of Claims made by one Party about itself or another Digital Subject.

An Entity represented or existing in the digital realm which is being described or dealt with.

An individual to whom Credential Service Provider issues a Credential.

An entity that is able to use an electronic trust service subject to agreement with an associated subscriber. A subject and a subscriber can be the same entity.

The digital representation of the information known about a specific individual, group or organization

A digital representation of the information known about a specific individual, group or organization.

A digital representation of the information known about a specific individual, group or organization

The digital representation of the information known about a specific individual, group or organization.

The electronic representation of an entity (e.g., a device, software, service, organization or individual) in cyberspace that is comprised of an information artifact or correlated information

sets.

digital object architecture (DOA)

Digital Object Architecture (DOA) [2] provides a means of managing digital information in a network environment. A digital object has a machine and platform independent structure that allows it to be identified, accessed and protected, as appropriate. A digital object may incorporate not only informational elements, i.e., a digitized version of a paper, movie or sound recording, but also the unique identifier of the digital object and other metadata about the digital object. The metadata may include restrictions on access to digital objects, notices of ownership, and identifiers for licensing agreements, if appropriate.

digital signature

An electronic signature that can be used to authenticate the identity of the sender of an electronic message or the signer of a digital document, and to ensure that the original content of the message or document that has been sent is unchanged. Not to be confused with a digital certificate.

A transformation of a message using an asymmetric crypto-system and a hash function such that a person having the initial message and the signer's public key can accurately determine (1) whether the transformation was created using the private key that corresponds to the signer's public key, and (2) whether the initial message has been altered since the transformation was made.

"A cryptographic process used to assure message originator authenticity, integrity, and nonrepudiation."

An asymmetric key operation where the private key is used to digitally sign an electronic document and the public key is used to verify the signature. Digital signatures provide authentication and integrity protection.

SOURCE: SP 800-63

A nonforgeable transformation of data that allows the proof of the source (with non-repudiation) and the verification of the integrity of that data.

SOURCE: FIPS 196

The result of a cryptographic transformation of data which, when properly implemented, provides the services of:

1. origin authentication,

2. data integrity, and

3. signer non-repudiation.

SOURCE: FIPS 140-2

The result of a cryptographic transformation of data that, when properly implemented, provides a mechanism for verifying origin authentication, data integrity, and signatory non-repudiation.

SOURCE: FIPS 186

The result of a cryptographic transformation of data that, when properly implemented, provides origin authentication, data integrity, and signatory non-repudiation.

SOURCE: SP 800-89

Cryptographic process used to assure data object originator authenticity, data integrity, and time stamping for prevention of replay.

SOURCE: CNSSI-4009

digital signature algorithm

Asymmetric algorithms used for digitally signing data.

SOURCE: SP 800-49

digital signature key pair

A pair of asymmetric keys composed of a private signing key and a corresponding public digital signature verification key.

digital subject

An Entity represented or existing in the digital realm which is being described or dealt with.

directed identity

A unifying identity system must support both "omnidirectional" identifiers for public entities and "unidirectional" identifiers for private entities.

direct shipment

Shipment of COMSEC material directly from NSA to user COMSEC accounts.

SOURCE: CNSSI-4009

See also ID-WSF Endpoint Reference.

end-to-end encryption

Communications encryption in which data is encrypted when being passed through a network, but routing information remains visible.

SOURCE: SP 800-12

Encryption of information at its origin and decryption at its intended destination without intermediate decryption.

SOURCE: CNSSI-4009

end-to-end security

Safeguarding information in an information system from point of origin to point of destination.

SOURCE: CNSSI-4009

end-user

Any citizen, Government employee, contractor, or business that authenticates to an AA using a Credential issued by a CS.

A natural person who makes use of resources for application purposes (as opposed to system management purposes; see Administrator, User).

enforcement notice (Data Protection Act)

The Information Commissioner has the power to serve an enforcement notice if he is satisfied that a data controller has contravened or is contravening the data protection principles. The notice must set out the steps that the data controller must take to comply with the relevant requirements of the Act. The notice may be appealed to the Information Tribunal which may confirm, amend or overturn it. However, in the absence of an appeal, if the data controller fails to comply with a notice, a criminal offence is committed.

enrollment

An enrolment is synonymous with a registration.

The process of adding a Permission to an Identity. It may result in the issuing of a new identity or an additional account. The link between Registration and Enrolment must remain unbroken.

The enrolment of an entity is the process in which the entity is identified and/or other attributes are corroborated.

The process by which organizations verify an individual's identity claims before

issuing digital credentials.

The process of inauguration of an entity into a context. Enrolment may include verification of the entity's identity and establishment of a contextual identity.

The process of inauguration of an entity into a context.

The process of inauguration of an entity into a context. Enrolment may include verification of the entity's identity and establishment of a contextual identity.

enrollment manager

The management role that is responsible for assigning user identities to management and non-management roles.

SOURCE: CNSSI-4009

enterprise

An organization with a defined mission/goal and a defined boundary, using information systems to execute that mission, and with responsibility for managing its own risks and performance. An enterprise may consist of all or some of the following business aspects: acquisition, program management, financial management (e.g., budgets), human resources, security, and information systems, information and mission management.

SOURCE: CNSSI-4009

enterprise architecture (EA)

The description of an enterprise's entire set of information systems: how they are configured, how they are integrated, how they interface to the external environment at the enterprise's boundary, how they are operated to support the enterprise mission, and how they contribute to the enterprise's overall security posture.

SOURCE: CNSSI-4009

enterprise role

An enterprise role is a collection of entitlements spanning multiple systems or applications. Like simple roles, enterprise roles are used to simplify security administration on systems and applications, by encapsulating popular sets of entitlements and assigning them as packages, rather than individually, to users.

enterprise risk management

The methods and processes used by an enterprise to manage risks to its mission and to establish the trust necessary for the enterprise to support shared missions. It involves the identification of mission dependencies on enterprise capabilities, the identification and prioritization of risks due to defined threats, the implementation of countermeasures to provide both a static risk posture and an effective dynamic response to active threats; and it assesses enterprise performance against threats and adjusts countermeasures as necessary.

SOURCE: CNSSI-4009

enterprise service

A set of one or more computer applications and middleware systems hosted on computer hardware that provides standard information systems capabilities to end users and hosted mission applications and services.

SOURCE: CNSSI-4009

enterprise single signon

A technology which reduces the number of times that a user must sign into systems and applications by automatically populating login ID and password fields when applications ask for user authentication. This is done by monitoring what is displayed on a user's desktop and - when appropriate - typing keystrokes on behalf of the user. In short -- "screen scraping" the user's desktop.

In short, applications are unmodified and continue to perform user authentication. Reduced sign-on is achieved by auto-populating rather than removing login prompts.

entitlement

See Permissions.

entitlement management

Entitlement management refers to a set of technologies and processes used to coherently manage security rights across an organization. The objectives are to reduce the cost of administration, to improve service and to ensure that users get exactly the security rights they need.

These objectives are attained by creating a set of robust, consistent processes to grant and revoke entitlements across multiple systems and applications:

1. Create and regularly update a consolidated database of entitlements.

2. Define roles, so that entitlements can be assigned to users in sets that are easier for business users to understand.

3. Enable self-service requests and approvals, so that decisions about entitlements can be made by business users with contextual knowledge, rather than by IT staff.

4. Synchronize entitlements between systems, where appropriate.

5. Periodically invite business stake-holders to review entitlements and roles assigned to users and identify no-longer-appropriate ones for further examination and removal.

entitlement model

Entitlement (or privilege) model is a synonym for role model.

entity

A person, physical object, animal, or juridical entity

An entity is anyone (natural or legal person) or anything that shall be characterised through the measurement of its attributes.

1. An entity is a human person, a non-human legal entity (e.g. a company, a government), a virtual artifact (e.g. a computer process, an application, a text file), a tangible object (e.g. a book, a device, a tree), a location (e.g. a town, a CPU memory address), or a grouping of other entities (e.g. an organization).

2. A person, physical object, animal, or juridical entity. In an identity system implementation an Identity Gang]

anyone (a natural or legal "˜person') or anything with a separate existence that can be characterised through the dimension of its attributes. Usually requires a cognitive ability, such as human cognition, whereas an Identity doesn't - refer to the Turin Test, the Deep Blue chess program and the HAL9000 of "2001 -A Space Odyssey". An Entity may not need an Identity to access a "˜free' service, but needs at least one Identity to access a restricted service. In general an Entity cannot be owned, in the way that an identity can be owned, except in some legislative sense. Shareholders of a company may claim "˜ownership', when they in fact only have some legal entitlement to the assets. Animals (eg horses) and humans (eg slaves) cannot actually be owned in the Identity sense, only possessed due to legal arrangements. Given that access credentials are issued to identities, why does this matter? Because it is the entity that applies for each identity, and the entity is legally responsible for the actions of the identity. It is often the entity that federates multiple identities.

a. Anything that has separate and distinct existence that can be uniquely identified. In the context of IdM, examples of entities include subscribers, users, network elements, networks, software applications, services and devices. An entity may have multiple identifiers.

b. An entity is anyone (natural or legal person) or anything that shall be characterized through the measurement of its attributes.

c. A person, physical object, animal, or judicial entity.

d. A particular thing, such as a person, place, process, object, concept, association, or event.

i. Anything that has separate and distinct existence that can be uniquely identified. In the context of IdM, examples of entities include subscribers, users, network elements, networks, software applications, services and devices. An entity may have multiple identifiers.

ii. An entity is anyone (natural or legal person) or any-thing that shall be characterised through the measurement of its attributes.

iii. A person, physical object, animal, or juridical entity.

iv. A particular thing, such as a person, place, process, object, concept, association, or event.

A person, physical object, animal, or juridical entity.

Any autonomous element within a public key infrastructure. An entity is not necessarily an individual, but may be a computer or a particular application. For example, a CA, an RA, a subscriber, a relying party, a Web server

application are all entities.

Anything that has separate and distinct existence and that can be identified in context.

Something that has separate and distinct existence and that can be identified in context.

Anything that has separate and distinct existence and that can be identified in context.

An organization that collects, uses, retains, and discloses personal information.

Either a subject (an active element that operates on information or the system state) or an object (a passive element that contains or receives information).

SOURCE: SP 800-27

An active element in an open system.

SOURCE: FIPS 188

Any participant in an authentication exchange; such a participant may be human or nonhuman, and may take the role of a claimant and/or verifier.

SOURCE: FIPS 196

entity authentication

Entity authentication is the corroboration of the claimed identity of an entity and a set of its observed attributes.

A process to achieve sufficient confidence in the binding between the entity and the presented identity.

entrapment

Deliberate planting of apparent flaws in an IS for the purpose of detecting attempted penetrations.

SOURCE: CNSSI-4009

entropy

A measure of the amount of uncertainty that an attacker faces to determine the value of a secret.

SOURCE: SP 800-63

environment

Aggregate of external procedures, conditions, and objects affecting the development, operation, and maintenance of an information system.

SOURCE: FIPS 200; CNSSI-4009

ephemeral key

A cryptographic key associated with an expiration time. The ability to encrypt data in such a way that ensures it cannot be decrypted after a given date/time. This results in "˜ephemeral data'. One party establishes a number of ephemeral public/private key pairs, each of which will be destroyed at a time in the future and makes them publicly available; a second party then selects one of these key pairs having an expiration time appropriate for its needs. The requesting party first encrypts the data using an encryption key of the party which will receive the message, and then encrypts the resulting encrypted data again using the acquired ephemeral encryption key. It is not necessary to encrypt an entire message using an ephemeral encryption key; it may simply be used to encrypt another key contained within the message header.

A cryptographic key that is generated for each execution of a key establishment process and that meets other requirements of the key type (e.g., unique to each message or session).

SOURCE: SP 800-57

erasure

Process intended to render magnetically stored information irretrievable by normal means.

SOURCE: CNSSI-4009

error detection code

A code computed from data and comprised of redundant bits of information designed to detect, but not correct, unintentional changes in the data.

SOURCE: FIPS 140-2; CNSSI-4009

escalated authorizer

A given authorizer may not always be available. In cases where an authorizer fails to respond to a request to approve or reject a requested change, and where the authorizer has not named a delegated authorizer, an automatic escalation process may select a replacement authorizer after a period of time. This replacement is the escalated authorizer.

User profiles are created, changed and deleted in response to business processes. This section captures the most important processes that drive identity management.

escrow

Something (e.g., a document, an encryption key) that is "delivered to a third person to be given to the grantee only upon the fulfillment of a condition."

SOURCE: FIPS 185

estoppel

Following misrepresentations by one party that have induced detrimental reliance by the other party, a legal theory that rejects a subsequent attempt by the first party to deny those misrepresentations.

evaluation

In the context of a PKI, an evaluation is generally a analysis of a CA or its components (such as an RA, repository, or cryptomodule) in relation to specified criteria. The target of an evaluation may be either a product or a service. Note: Given the complexity of PKIs, it is generally thought that a comprehensive evaluation is neither cost effective nor necessarily feasible.

evaluation assurance level (EAL)

Set of assurance requirements that represent a point on the Common Criteria predefined assurance scale.

SOURCE: CNSSI-4009

evaluation products list (EPL)

List of validated products that have been successfully evaluated under the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS).

evaluator

The Evaluator is an entity that actually evaluates a CA or its components.

event

Any observable occurrence in a network or system.

SOURCE: SP 800-61

Any observable occurrence in a system and/or network. Events sometimes provide indication that an incident is occurring.

SOURCE: CNSSI-4009

event logging

The recording of details of an end-to-end enterprise-wide process, for audit purposes. It should have the ability to give a single picture of the actions of any identity over time. The file should be encrypted, and digitally signed to detect tampering. It may include capture of web-based actions, authentication, accesses and database activity related to an application or a session. It may also include real-time alerts, as well as after-the-event reports.

evidence of identity (EOI or POI)

The items and documents used to prove an Entity's identity.

examination

A technical review that makes the evidence visible and suitable for analysis; tests performed on the evidence to determine the presence or absence of specific data.

SOURCE: SP 800-72

exculpatory evidence

Evidence that tends to decrease the likelihood of fault or guilt.

SOURCE: SP 800-72

executive agency

An executive department specified in 5 United States Code (U.S.C.), Sec. 101; a military department specified in 5 U.S.C., Sec. 102; an independent establishment as defined in 5 U.S.C., Sec. 104(1); and a wholly owned Government corporation fully subject to the provisions of 31 U.S.C., Chapter 91.

SOURCE: SP 800-53; FIPS 200; FIPS 199; 41 U.S.C., Sec. 403; CNSSI-4009

exercise key

Cryptographic key material used exclusively to safeguard communications transmitted over-the-air during military or organized civil training exercises.

SOURCE: CNSSI-4009

expired password

An account is said to have an expired password if the user will be forced to change passwords after the next successful login.

explicit role assignment

A role may be explicitly assigned to a user -- i.e., some database will include a record of the form "user X should have role Y."

exploit code

A program that allows attackers to automatically break into a system.

SOURCE: SP 800-40

expoitable channel

Channel that allows the violation of the security policy governing an information system and is usable or detectable by subjects external to the trusted computing base. See covert channel.

SOURCE: CNSSI-4009

extended assessment procedure

A type of assessment procedure that is applied to an individual security control or a group of controls (e.g., the set of security controls in a particular security control family or the set of controls in a security plan) and is used in conjunction with other assessment procedures in providing the necessary information for determining control effectiveness.

SOURCE: SP 800-53A

eXtensible Markup Language (XML)

Extensible Markup Language, abbreviated XML, describes a class of data objects called XML documents and partially describes the behavior of computer programs which process them.

A W3C technology for encoding information and documents for exchange over the Web. See [XML], [XMLCanon], [XMLDsig], [xmlenc-core], [Schema1-2], and [Schema2-2]

external information system (or component)

An information system or component of an information system that is outside of the accreditation boundary established by the organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.

SOURCE: SP 800-53; SP 800-53A; CNSSI-4009

external information system service

An information system service that is implemented outside of the accreditation boundary of the organizational information system (i.e., a service that is used by, but not a part of, the organizational information system.

SOURCE: SP 800-53A

An information system service that is implemented outside of the authorization boundary of the organizational information system (i.e., a service that is used by, but not a part of, the organizational information system) and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.

SOURCE: SP 800-53; CNSSI-4009

external information system service provider

A provider of external information system services to an organization through a variety of consumer-producer relationships, including but not limited to: joint ventures; business partnerships; outsourcing arrangements (i.e., through contracts, interagency agreements, lines of business arrangements); licensing agreements; and/or supply chain exchanges.

SOURCE: SP 800-53; SP 800-53A

external network

A network not controlled by the organization.

SOURCE: SP 800-53; CNSSI-4009

external security testing

Security testing conducted from outside the organization's security perimeter.

SOURCE: SP 800-115

extraction resistance

Capability of crypto-equipment or secure telecommunications equipment to resist efforts to extract key.

SOURCE: CNSSI-4009

extranet

A private network that uses Web technology, permitting the sharing of portions of an enterprise's information or operations with suppliers, vendors, partners, customers, or other enterprises.

SOURCE: CNSSI-4009

factor

The fundamental classification of credential types. There are actually only three factors: what you "˜know', what you "˜have', and what you "˜are'. Combining two, or three, into a multiple-factor solution is a means of stronger authentication. There are suggestions from time to time of new factor classifications such as "˜what you do' or "˜where you are', but they always resolve into the basic three.

fail safe

Automatic protection of programs and/or processing systems when hardware or software failure is detected.

SOURCE: CNSSI-4009

fail soft

Selective termination of affected nonessential processing when hardware or software failure is determined to be imminent.

SOURCE: CNSSI-4009

failover

The capability to switch over automatically (typically without human intervention or warning) to a redundant or standby information system upon the failure or abnormal termination of the previously active system.

SOURCE: SP 800-53; CNSSI-4009

failure access

Type of incident in which unauthorized access to data results from hardware or software failure.

SOURCE: CNSSI-4009

failure control

Methodology used to detect imminent hardware or software failure and provide fail safe or fail soft recovery.

SOURCE: CNSSI-4009

false acceptance

When a biometric system incorrectly identifies an individual or incorrectly verifies an impostor against a claimed identity.

SOURCE: SP 800-76

In biometrics, the instance of a security system incorrectly verifying or identifying an unauthorized person. It typically is considered the most serious of biometric security errors as it gives unauthorized users access to systems that expressly are trying to keep them out.

SOURCE: CNSSI-4009

false acceptance rate (FAR)

The probability that a biometric system will incorrectly identify an individual or will fail to reject an impostor. The rate given normally assumes passive impostor attempts.

SOURCE: SP 800-76

The measure of the likelihood that the biometric security system will incorrectly accept an access attempt by an unauthorized user. A system's false acceptance rate typically is stated as the ratio of the number of false acceptances divided by the number of identification attempts.

SOURCE: CNSSI-4009

false positive

An alert that incorrectly indicates that malicious activity is occurring.

SOURCE: SP 800-61

false rejection

When a biometric system fails to identify an applicant or fails to verify the legitimate claimed identity of an applicant.

SOURCE: SP 800-76

In biometrics, the instance of a security system failing to verify or identify an authorized person. It does not necessarily indicate a flaw in the biometric system; for example, in a fingerprint-based system, an incorrectly aligned finger on the scanner or dirt on the scanner can result in the scanner misreading the fingerprint, causing a false rejection of the authorized user.

SOURCE: CNSSI-4009

false rejection rate (FRR)

The probability that a biometric system will fail to identify an applicant, or verify the legitimate claimed identity of an applicant.

SOURCE: SP 800-76

The measure of the likelihood that the biometric security system will incorrectly reject an access attempt by an authorized user. A system's false rejection rate typically is stated as the ratio of the number of false rejections divided by the number of identification attempts.

SOURCE: CNSSI-4009

federal agency

SEE Agency, SEE Executive Agency.

federal bridge certification authority (FBCA)

The Federal Bridge Certification Authority consists of a collection of Public Key Infrastructure components (Certificate Authorities, Directories, Certificate Policies and Certificate Practice Statements) that are used to provide peer-to-peer interoperability among Agency Principal Certification Authorities.

SOURCE: SP 800-32; CNSSI-4009

federal bridge certification authority membrane

The Federal Bridge Certification Authority Membrane consists of a collection of Public Key Infrastructure components including a variety of Certification Authority PKI products, Databases, CA specific Directories, Border Directory, Firewalls, Routers, Randomizers, etc.

SOURCE: SP 800-32

federal bridge certification authority operational authority

The Federal Bridge Certification Authority Operational Authority is the organization selected by the Federal Public Key Infrastructure Policy Authority to be responsible for operating the Federal Bridge Certification Authority.

SOURCE: SP 800-32

federal enterprise architecture

A business-based framework for governmentwide improvement developed by the Office of Management and Budget that is intended to facilitate efforts to transform the federal government to one that is citizen-centered, results-oriented, and market-based.

SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-60; CNSSI-4009

federal information processing standards (FIPS)

Standards and guidelines issued by the National Institute of Standards and Technology (NIST) for use governmentwide.

Standards and guidelines issued by the National Institute of Standards and Technology (NIST) for use government-wide in the United States. NIST develops FIPS when the U.S. Federal government has compelling requirements, such as for security and interoperability, for which no industry standards or solutions are acceptable.

A standard for adoption and use by Federal departments and agencies that has been developed within the Information Technology Laboratory and published by NIST, a part of the U.S. Department of Commerce. A FIPS covers some topic in information technology to achieve a common level of quality or some level of interoperability.

A standard for adoption and use by Federal departments and agencies that has been developed within the Information Technology Laboratory and published by the National Institute of Standards and Technology, a part of the U.S. Department of Commerce. A FIPS covers some topic in information technology in order to achieve a common level of quality or some level of interoperability.

SOURCE: FIPS 201

federal information security management act (FISMA)

A statute (Title III, P.L. 107-347) that requires agencies to assess risk to information systems and provide information security protections commensurate with the risk. FISMA also requires that agencies integrate information security into their capital planning and enterprise architecture processes, conduct annual information systems security reviews of all programs and systems, and report the results of those reviews to OMB.

SOURCE: CNSSI-4009

federal information system

An information system used or operated by an executive agency, by a contractor of an executive agency, or by another organization on behalf of an executive agency.

SOURCE: SP 800-53; FIPS 200; FIPS 199; 40 U.S.C., Sec. 11331; CNSSI-4009

federal information systems security educators' assocaition (FISSEA)

An organization whose members come from federal agencies, industry, and academic institutions devoted to improving the IT security awareness and knowledge within the federal government and its related external workforce.

SOURCE: 800-16

federal public key infrastructure policy authority (FPKI PA)

The Federal PKI Policy Authority is a federal government body responsible for setting, implementing, and administering policy decisions regarding interagency PKI interoperability that uses the FBCA.

SOURCE: SP 800-32

federate

To link or bind two or more entities together [Merriam].

To link accounts at two or more entities together.

To link or bind two or more entities together.

federated architecture

An architecture that supports multiple entities provisioning Principals among peers within the Liberty Authentication Domain.

federated identity

A federated identity is a credential of an entity that links an entity's partial entity from one context to a partial entity from another context.

A shared Identity and/or authentication, as the result of federation by either the Entity or by two or more organisations. In a federated identity management scenario, an organisation may assume the role of an identity provider, or requestor / service provider, or both - they are not mutually exclusive. An identity provider "˜owns' the relationship, directly manages end users and is the authoritative source for issuing and validating identities and credentials for a set of users. Identity providers "vouch" for the user identity in a federated interaction with service providers. A service provider does not have a vested business interest in managing the user, but acts as a "relying party" to validate credentials issued by a trusted identity partner. Key standards are SAML, Liberty, WS-Federation, WS-Security and WS-Trust. Also see Federation. A "Circle of Trust" is used to describes the legal agreements made between the parties.

a. A collective term describing agreements standards and technologies that make identity and entitlements portable across autonomous domains.

b. A single user identity that can be used to access a group of services or applications that are bounded by the ties and conditions of a federation.

c. A shared identity and/or authentication, as the result of federation by either the Entity or by two or more organizations.

i. A collective term describing agreements standards and technologies that make identity and entitlements portable across autonomous domains

ii. A single user identity that can be used to access a group of services or applications that are bounded by the ties and conditions of a federation.

iii. A shared Identity and/or authentication, as the result of federation by either the Entity or by two or more organisations.

A principal's identity is said to be federated between a set of Providers when there is an agreement between the providers on a set of identifiers and/or attributes to use to refer to the Principal Federate To link or bind two or more entities together [Merriam].

federated identity management

A system that allows individuals to use the same user name, password, or other personal identification to sign on to the networks of more than one enterprise in order to conduct transactions.

federation

A method of linking together the Identities of an Entity, to provide shared services as a matter of convenience, efficiency and trust.

a. An act of establishing a relationship between two or more entities or an association compromising any number of service providers and identity providers.

b. An established relationship among a domain of a single service provider or among next generation network providers.

c. A federation is a collection of realms that have established a producer-consumer relationship whereby one realm can provide authorized access to a resource it manages based on an identity, and possibly associated attributes, that are asserted in another realm. A federation requires trust such that a Relying Party can make a well-informed access control decision based on the credibility of identity and attribute data that is vouched for by another realm.

i. An act of establishing a relationship between two or more entities or an association compromising any number of service providers and identity providers

ii. An established relationship among a domain of a single service provider or among NGN providers.

iii. A federation is a collection of realms that have established a producer-consumer relationship whereby one realm can provide authorized access to a resource it manages based on an identity, and possibly associated attributes, that are asserted in another realm. A federation requires trust such that a Relying Party can make a well-informed access control decision based on the credibility of identity and attribute data that is vouched for by another realm.

This term is used in two senses in SAML: a) The act of establishing a relationship between two entities [Merriam]. b) An association comprising any number of service providers and identity providers.

An association comprising any number of Service Providers and Identity Providers.

1. (1) The act of establishing a relationship between two entities.

2. (2) An association comprising any number of service providers and identity providers.

An association of users, service providers and identity service providers.

An association of users, service providers, and identity service providers.

An association of users, service providers and identity service providers.

Federation is both a technology and a business relationship. The business relationship is one where one organization (A) trusts a partner (B) to authenticate and authorize users who will subsequently be allowed to access A's resources (typically web applications) without having user records on A's network.

This technology depends on a business relationship with implicit trust of B by A.

federation change management

Policies and processes agreed to by Federation Members to review, approve, and roll out architecture changes to production.

federation member

A Relying Party or Credential Service Provider that has successfully completed the preparation phase and the boarding phase. A Federation Member's System (Agency Application or Credential Service) is integrated into the production Authentication Service Component in the third and final phase of joining the Federation "“ the rollout phase.

federation operations center

Organization within the PMO that operates and maintains the ASC production environment, and manages integration of Member Systems into the production ASC.

federation operator

An individual or group that defines standards for its respective federation, or trust community and evaluates participation in the community or network to ensure compliance with policy, including the ability to request audits of participants for verification.

federation portal (Portal)

A website that helps End-Users locate the CSs and AAs they need to complete their transactions. The Portal also maintains information about CSs and AAs referred to as Metadata, which includes technical interface data as well as descriptive information. When the End-User opts into single sign-on, the Portal assigns a session cookie.

federation style guide

Guidelines pertaining to Federation Member use of E-Authentication logos, branding, and providing E-Authentication instructions and information to End-Users via Federation Member System web pages.

file encryption

The process of encrypting individual files on a storage medium and permitting access to the encrypted data only after proper authentication is provided.

SOURCE: SP 800-111

file infector virus

A virus that attaches itself to a program file, such as a word processor, spreadsheet application, or game.

SOURCE: SP 800-61

file integrity checker

Software that generates, stores, and compares message digests for files to detect changes to the files.

SOURCE: SP 800-61

file name anomaly

1. A mismatch between the internal file header and its external extension; or

2. A file name inconsistent with the content of the file (e.g., renaming a graphics file with a non-graphical extension.

SOURCE: SP 800-72

file protection

Aggregate of processes and procedures designed to inhibit unauthorized access, contamination, elimination, modification, or destruction of a file or any of its contents.

SOURCE: CNSSI-4009

file security

Means by which access to computer files is limited to authorized users only.

SOURCE: CNSSI-4009

fill device

COMSEC item used to transfer or store key in electronic form or to insert key into a cryptographic equipment.

SOURCE: CNSSI-4009

final SASL response

The final <SASLResponse> message sent from the server to the client in an authentication exchange [LibertyAuthn].

fine-grained user provisioning

Fine-grained user provisioning is a process where new accounts are created for new users, with all of the entitlements that a new user will require -- identity attributes, group memberships and other objects, such as home directories and mail folders, already created.

This may be more complex to automate and longer to deploy, but eliminates further, manual intervention before a new user can be fully productive.

finger print

A fingerprint is a form of biometric authentication where the characteristic being measured is the pattern of ridges on one or more of a user's fingers.

finger vein

Finger vein authentication is a measurement of the pattern of living veins inside one or more of a user's fingers.

FIPS

SEE Federal Information Processing Standard.

FIPS-approved security method

A security method (e.g., cryptographic algorithm, cryptographic key generation algorithm or key distribution technique, random number generator, authentication technique, or evaluation criteria) that is either a) specified in a FIPS, or b) adopted in a FIPS.

SOURCE: FIPS 196

FIPS-validated cryptography

A cryptographic module validated by the Cryptographic Module

Validation Program (CMVP) to meet requirements specified in

FIPS 140-2 (as amended). As a prerequisite to CMVP validation,

the cryptographic module is required to employ a cryptographic

algorithm implementation that has successfully passed validation

testing by the Cryptographic Algorithm Validation Program

(CAVP). See NSA-Approved Cryptography.

SOURCE: SP 800-53

FIPS PUB

An acronym for Federal Information Processing Standards Publication. FIPS publications (PUB) are issued by NIST after approval by the Secretary of Commerce.

SOURCE: SP 800-64

FIREFLY

Key management protocol based on public key cryptography.

SOURCE: CNSSI-4009

firewall

A gateway that limits access between networks in accordance with local security policy.

SOURCE: SP 800-32

A hardware/software capability that limits access between networks and/or systems in accordance with a specific security policy.

SOURCE: CNSSI-4009

firewall control proxy

The component that controls a firewall's handling of a call. The firewall control proxy can instruct the firewall to open specific ports that are needed by a call, and direct the firewall to close these ports at call termination.

SOURCE: SP 800-58

firewall environment

A firewall environment is a collection of systems at a point on a network that together constitute a firewall implementation. A firewall environment could consist of one device or many devices such as several firewalls, intrusion detection systems, and proxy servers.

SOURCE: SP 800-41

firewall platform

A firewall platform is the system device upon which a firewall is implemented. An example of a firewall platform is a commercial operating system running on a personal computer.

SOURCE: SP 800-41

firewall ruleset

A firewall ruleset is a table of instructions that the firewall uses for determining how packets should be routed between its interfaces. In routers, the ruleset can be a file that the router examines from top to bottom when making routing decisions.

SOURCE: SP 800-41

firmware

The programs and data components of a cryptographic module that are stored in hardware within the cryptographic boundary and cannot be dynamically written or modified during execution.

SOURCE: FIPS 140-2

Computer programs and data stored in hardware - typically in read-only memory (ROM) or programmable read-only memory (PROM) - such that the programs and data cannot be dynamically written or modified during execution of the programs.

SOURCE: CNSSI-4009

FISMA

Federal Information Security Management Act - requires agencies to integrate IT security into their capital planning and enterprise architecture processes at the agency, conduct annual IT security reviews of all programs and systems, and report the results of those reviews to the Office of Management and Budget (OMB).

SOURCE: SP 800-65

fixed COMSEC facility

COMSEC facility located in an immobile structure or aboard a ship.

SOURCE: CNSSI-4009

flaw

Error of commission, omission, or oversight in an information system that may allow protection mechanisms to be bypassed.

SOURCE: CNSSI-4009

flaw hypothesis methodology

System analysis and penetration technique in which the specification and documentation for an information system are analyzed to produce a list of hypothetical flaws. This list is prioritized on the basis of the estimated probability that a flaw exists, on the ease of exploiting it, and on the extent of control or compromise it would provide. The prioritized list is used to perform penetration testing of a system.

SOURCE: CNSSI-4009

flooding

An attack that attempts to cause a failure in a system by providing more input than the system can process properly.

SOURCE: CNSSI-4009

forensic copy

An accurate bit-for-bit reproduction of the information contained on an electronic device or associated media, whose validity and integrity has been verified using an accepted algorithm.

SOURCE: SP 800-72; CNSSI-4009

forensic specialist

A professional who locates, identifies, collects, analyzes, and examines data while preserving the integrity and maintaining a strict chain of custody of information discovered.

SOURCE: SP 800-72

forensically clean

Digital media that is completely wiped of all data, including nonessential and residual data, scanned for malware, and verified before use.

SOURCE: SP 800-86

forensics

Process of gathering, processing, and interpreting digital and other evidence to conclusively solve a problem and/or derive a conclusion.

The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.

SOURCE: SP 800-61; CNSSI-4009

formal access approval

A formalization of the security determination for authorizing access to a specific type of classified or sensitive information, based on specified access requirements, a determination of the individual's security eligibility and a determination that the individual's official duties require the individual be provided access to the information.

SOURCE: CNSSI-4009

formal development methodology

Software development strategy that proves security design specifications.

SOURCE: CNSSI-4009

formal method

Mathematical argument which verifies that the system satisfies a mathematically-described security policy.

SOURCE: CNSSI-4009

formal proof

Complete and convincing mathematical argument presenting the full logical justification for each proof step and for the truth of a theorem or set of theorems.

SOURCE: CNSSI-4009

formal security policy

Mathematically-precise statement of a security policy.

SOURCE: CNSSI-4009

formatting function

The function that transforms the payload, associated data, and nonce into a sequence of complete blocks.

SOURCE: SP 800-38C

forward cipher

One of the two functions of the block cipher algorithm that is determined by the choice of a cryptographic key.

SOURCE: SP 800-67

framework

A structured description of a topic of interest, including a detailed statement of the problem(s) to be solved and the goal(s) to be achieved. An annotated outline of all the issues that must be addressed while developing acceptable solutions to the problem(s). A description and analysis of the constraints that must be satisfied by an acceptable solution and detailed specifications of acceptable approaches to solving the problems(s).

frequency hopping

Repeated switching of frequencies during radio transmission according to a specified algorithm, to minimize unauthorized interception or jamming of telecommunications.

SOURCE: CNSSI-4009

front channel

Front channel refers to the "communications channel" that can be effected between two HTTP-speaking servers by employing "HTTP redirect" messages and thus passing messages to each other via a user agent, e.g. a web browser, or any other HTTP client.

full disk encryption (FDE)

The process of encrypting all the data on the hard disk drive used to boot a computer, including the computer's operating system, and permitting access to the data only after successful authentication with the full disk encryption product.

SOURCE: SP 800-111

full maintenance

Complete diagnostic repair, modification, and overhaul of COMSEC equipment, including repair of defective assemblies by piece part replacement. See limited maintenance.

SOURCE: CNSSI-4009

functional testing

Segment of security testing in which advertised security mechanisms of an information system are tested under operational conditions.

SOURCE: CNSSI-4009

gateway

Interface providing compatibility between networks by converting transmission speeds, protocols, codes, or security measures.

SOURCE: CNSSI-4009

general support system

An interconnected set of information resources under the same direct management control that shares common functionality. It normally includes hardware, software, information, data, applications, communications, and people.

SOURCE: OMB Circular A-13, App. III

An interconnected set of information resources under the same direct management control which shares common functionality. A system normally includes hardware, software, information, data, applications, communications, and people. A system can be, for example, a local area network (LAN) including smart terminals that supports a branch office, an agency-wide backbone, a communications network, a departmental data processing center including its operating system and utilities, a tactical radio network, or a shared information processing service organization (IPSO).

SOURCE: CNSSI-4009

generic web service (gWS)

A generic web service is defined by sense (1) of the web service definition.

generic web service provider (gWSP)

A generic Web Service Provider (gWSP) an entity providing generic web services.

GINA extension

A GINA extension is software installed on a Windows computer that adds a user interface element to the normal GINA screen. This user interface activates a self-service password reset screen, enabling users who are locked out of the Windows login screen to resolve their own problem.

global ID

A global ID is a unique identifier that spans two or more systems. A truly global ID -- one that is guaranteed to be unique among every system in the world, is a user's fully qualified SMTP e-mail address. Another truly global ID might be a user's country code followed by that country's local equivalent of a social security number, social insurance number or resident number. Global IDs may be global only over a few systems, rather than every system on Earth.

global information grid (GIG)

The globally interconnected, end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information on demand to warfighters, policy makers, and support personnel. The GIG includes owned and leased communications and computing systems and services, software (including applications), data, security services, other associated services, and National Security Systems. Non-GIG IT includes stand-alone, self-contained, or embedded IT that is not, and will not be, connected to the enterprise network.

SOURCE: CNSSI-4009

global information infrastructure (GII)

Worldwide interconnections of the information systems of all countries, international and multinational organizations, and international commercial communications.

SOURCE: CNSSI-4009

global password policy

A global password policy is a policy designed to combine the policies of multiple target systems. It the product of combining the strongest of each type of complexity rule and the most limited representation capabilities of the systems where passwords will be synchronized.

governance based access control (GBAC)

Information assets can be managed based on their governing legislation. GBAC considers the larger issue of why information is being held in the first place, and takes into account that multiple authorities may be required to determine access control or information sharing decisions. Rules can be enforced based on key governance issues: Jurisdiction, Collection Legislation, Collection Purpose, Security Designation, Disclosure Legislation and Disposition Authority. By classifying information according to governance and specifying the rules of governance, an organization may share information without knowing the recipient, the intended use or the specific contents. Also see Privacy and RBAC.

graduated security

A security system that provides several levels (e.g., low, moderate, high) of protection based on threats, risks, available technology, support services, time, human concerns, and economics.

SOURCE: FIPS 201

grant (of rights of use)

The Granting, by the Kantara Initiative Board of Trustees (KIBoT) or another authoritative body to which the KIBoT has given a delegated authority (itself via a Grant), to use of the Kantara Initiative Mark for a specific Grant Category.

grant category

One of the specific purposes for which the Kantara Initiative Mark may be used by a third party, being one of: Approved Service; Accredited Assessor; Service Approval Authority (future work focus); or Certified Federation Operator.

grantee

An organization to which a Grant of Rights of Use of the Kantara Initiative Mark has been awarded.

graphical identification and authentication (GINA)

The Graphical Identification and Authentication (GINA) is a subsystem on Windows 2000 and XP computers which handles user authentication at the login screen and screen saver and which intercepts the Ctrl-Alt-Delete key sequence.

When users forget their Windows password, some mechanism is required to present them a user interface despite the fact that they cannot get by the GINA and access their desktop.

group

A group is a collection or organization of objects (entities, identities, etc.).

A set of one or more Identities that can be authorised under one Rule. An Identity may belong to zero, one or more groups. Grouping is usually done for ease of management. See RBAC.

group authenticator

Used, sometimes in addition to a sign-on authenticator, to allow access to specific data or functions that may be shared by all members of a particular group.

SOURCE: CNSSI-4009

group membership

A group membership is the assignment of a given user to a given security group.

group owner

Access to data, to applications and to features within applications is often controlled using security groups. Groups normally have owners -- people in an organization responsible for managing membership in the group.

guard (system)

A mechanism limiting the exchange of information between information systems or subsystems.

SOURCE: SP 800-53; CNSSI-4009

guessing entropy

A measure of the difficulty that an attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution.

SOURCE: SP 800-63

hacker

Unauthorized user who attempts to or gains access to an IS.

Unauthorized user who attempts to or gains access to an information system.

SOURCE: CNSSI-4009

handle system, the

The Handle System is a general purpose distributed information system that provides efficient, extensible, and secure identifier and resolution services for use on networks such as the internet. It includes an open set of protocols, a namespace, and a reference implementation of the protocols. The protocols enable a distributed computer system to store identifiers, known as handles, of arbitrary resources and resolve those handles into the information necessary to locate, access, contact, authenticate, or otherwise make use of the resources. This information can be changed as needed to reflect the current state of the identified resource without changing its identifier, thus allowing the name of the item to persist over changes of location and other related state information. The original version of the Handle System technology was developed with support from the Defense Advanced Research Projects Agency (DARPA).

handler

A type of program used in DDoS attacks to control agents distributed throughout a network. Also refers to an incident handler, which refers to a person who performs incident response work.

SOURCE: SP 800-61

handshaking procedures

Dialogue between two information systems for synchronizing, identifying, and authenticating themselves to one another.

SOURCE: CNSSI-4009

hard certificate

A digital certificate where the private key is generated directly onto a token, from where it cannot be copied. This does not stop it being exported and imported using the PKCS standard #12. Also see Soft Certificate.

hard copy key

Physical keying material, such as printed key lists, punched or printed key tapes, or programmable, read-only memories (PROM).

SOURCE: CNSSI-4009

hardening

Configuring a host's operating systems and applications to reduce the host's security weaknesses.

SOURCE: SP 800-123

hardware

The physical components of an information system. See software and firmware.

SOURCE: CNSSI-4009

hardware token

A hardware token is a small device, typically either the size of a credit card or suitable for attaching to a user's key chain, which computes a one time password. Users use a hardware token to prove possession of a device (i.e., something they have) as an authentication factor.

hardwired key

Permanently installed key.

SOURCE: CNSSI-4009

hash function

An algorithm mapping or translating one sequence of bits into another, generally smaller set (the hash result), such that (1) a message yields the same hash result every time the algorithm is executed using the same message as input, (2) it is computationally infeasible that a message can be derived or reconstituted from the hash result produced by the algorithm, and (3) it is computationally infeasible that two different messages can be found that produce the same hash result using the same algorithm.

A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties:

1. One-Way. It is computationally infeasible to find any input that maps to any pre-specified output.

2. Collision Resistant. It is computationally infeasible to find any two distinct inputs that map to the same output.

A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties:

1) One-Way. It is computationally infeasible to find any input that maps to any prespecified output.

2) Collision Resistant. It is computationally infeasible to find any two distinct inputs that map to the same output.

SOURCE: SP 800-63; FIPS 201

A mathematical function that maps a string of arbitrary length (up to a predetermined maximum size) to a fixed length string.

SOURCE: FIPS 198

A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions are specified in FIPS 180 and are designed to satisfy the following properties:

1. (One-way) It is computationally infeasible to find any input that maps to any new prespecified output, and

2. (Collision resistant) It is computationally infeasible to find any two distinct inputs that map to the same output.

SOURCE: FIPS 186

hash result

The output produced by a hash function upon processing a message.

"Hash Total" is the value computed on data to detect error or manipulation.

hash-based message authentication code (HMAC)

A message authentication code that uses a cryptographic key in conjunction with a hash function.

A symmetric key authentication method using hash functions.

SOURCE: SP 800-63

A message authentication code that uses a cryptographic key in conjunction with a hash function.

SOURCE: FIPS 201; CNSSI-4009

A message authentication code that utilizes a keyed hash.

SOURCE: FIPS 140-2

hash total

Value computed on data to detect error or manipulation. See checksum.

SOURCE: CNSSI-4009

hash value

The result of applying a cryptographic hash function to data (e.g., a message).

SOURCE: SP 800-106

hash value/result

See Message Digest.

SOURCE: FIPS 186; CNSSI-4009

hashing

The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data.

SOURCE: SP 800-72; CNSSI-4009

hashword

Memory address containing hash total.

SOURCE: CNSSI-4009

header, header block, header element

See SOAP header block.

high assurance guard (HAG)

An enclave boundary protection device that controls access between a local area network that an enterprise system has a requirement to protect, and an external network that is outside the control of the enterprise system, with a high degree of assurance.

SOURCE: SP 800-32

A guard that has two basic functional capabilities: a Message Guard and a Directory Guard. The Message Guard provides filter service for message traffic traversing the Guard between adjacent security domains. The Director Guard provides filter service for directory access and updates traversing the Guard between adjacent security domains.

SOURCE: CNSSI-4009

high availability

A failover feature to ensure availability during device or component interruptions.

SOURCE: SP-800-113

high impact

The loss of confidentiality, integrity, or availability that could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, individuals, other organizations, or the national security interests of the United States; (i.e., 1) causes a severe degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; 2) results in major damage to organizational assets; 3) results in major financial loss; or 4) results in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries).

SOURCE: FIPS 199; CNSSI-4009

high-impact ystem

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a FIPS 199 potential impact value of high.

SOURCE: SP 800-53; SP 800-60; FIPS 200

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a potential impact value of high.

SOURCE: CNSSI-4009

hold a private key

To use or be able to use a private key.

honeypot

A system (e.g., a Web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders and has no authorized users other than its administrators.

SOURCE: CNSSI-4009

hosted ASC components

GSA Preferred hosting of ASC components. Unisys to host ASC components in the same facility, environment, and infrastructure. Each hosted component will be operated with the same direct management control. In addition, Unisys will support all hardware, operating Systems, and basic Network connectivity. Accordingly, Hosted ASC components are considered a single System.

hot site

A fully operational off-site data processing facility equipped with hardware and system software to be used in the event of a disaster.

SOURCE: SP 800-34

Backup site that includes phone systems with the phone lines already connected. Networks will also be in place, with any necessary routers and switches plugged in and turned on. Desks will have desktop PCs installed and waiting, and server areas will be replete with the necessary hardware to support business-critical functions. Within a few hours, a hot site can become a fully functioning element of an organization.

SOURCE: CNSSI-4009

hot wash

A debrief conducted immediately after an exercise or test with the staff and participants.

SOURCE: SP 800-84

human password disclosure

This is password disclosure to a human being - for example using on a web page.

hybrid security control

A security control for an information system where one part of the control is deemed to be common, while another part of the control is deemed to be system-specific.

SOURCE: SP 800-53A

A security control that is implemented in an information system in part as a common control and in part as a system-specific control. See also Common Control and System-Specific Security Control.

SOURCE: SP 800-53; CNSSI-4009

IA architecture

A description of the structure and behavior for an enterprise's security processes, information security systems, personnel and organizational sub-units, showing their alignment with the enterprise's mission and strategic plans.

SOURCE: CNSSI-4009

IA infrastructure

The underlying security framework that lies beyond an enterprise's defined boundary, but supports its IA and IA-enabled products, its security posture and its risk management plan.

SOURCE: CNSSI-4009

IAEG assessor

An organization that has agreed to the IAEG Rules and that has been accredited to conduct assessments of credential service providers.

IAEG credential service provider

Organization that has agreed to the IAEG Operating Rules and other applicable Rules, and that has been Certified to issue, process, validate, etc., an IAEG branded credential.

IAEG-branded credential

Information indicating the individual identity of a natural person, according to a CSP certified by the IAEG to issue, process, validate or otherwise purvey such credential.

IAEG-recognized assessor

A body that has been granted an accreditation to perform assessments against Service Assessment Criteria, at the specified assurance level(s).

IAEG-recognized certification body

A certification body which has been accredited by, or whose qualifications have been otherwise established by, a scheme which the IAEG Board has deemed to be appropriate for the purposes of determining an CSP's competence to perform assessments against IAEG's criteria.

IA-enabled information technology product

Product or technology whose primary role is not security, but which provides security services as an associated feature of its intended operating capabilities. Examples include such products as security-enabled Web browsers, screening routers, trusted operating systems, and security-enabled messaging systems.

IA-enabled product

Product whose primary role is not security, but provides security services as an associated feature of its intended operating capabilities.

Note: Examples include such products as security-enabled Web browsers, screening routers, trusted operating systems, and security enabling messaging systems.

SOURCE: CNSSI-4009

IAM

An acronym for Identity and Access Management, its techniques, tools and solutions.

IA Product

Product whose primary purpose is to provide security services (e.g., confidentiality, authentication, integrity, access control, non-repudiation of data); correct known vulnerabilities; and/or provide layered defense against various categories of non-authorized or malicious penetrations of information systems or networks.

SOURCE: CNSSI-4009

ID data base

A collection of application specific identifiers used with automatic claims approval

ID name space

A name space for unique identifiers is a system or domain within which no two users may have the same ID. Every system has its own namespace. Another example is mail domains (i.e., the part of an SMTP e-mail address following the @ sign), where the part of each user ID preceding the @ sign must be unique within its domain.

ID reconciliation

ID reconciliation is a process by which an organization maps local IDs in different name spaces to one-another, and to the global profile IDs of the users that own them. For example, ID reconciliation may be required to map IDs such as "smithj" on a mainframe system to IDs such as "john.w.smith" on an Active Directory domain.

ID-*

A shorthand designator referring to the Liberty ID-WSF, ID-FF, and ID-SIS specification sets. For example, one might say that the former specification sets are all part of the Liberty ID-* specification suite.

ID-* fault message

An ID- fault message is a SOAP [SOAPv1.1] <S:Fault> element containing a <Status> element, with the attributes and attribute values of both elements configured as specified herein, or as specified in other specification(s) in the ID-WSF or ID-SIS specification sets.

ID-* header block

One of the header blocks defined in this specification, or defined in any of the other Liberty ID-* specification suite.

ID-*message

Equivalent to ordinary ID-* message.

identifiable entity

An identifiable entity is an entity whose identity can be established.

identification

Identification is the process of using claimed or observed attributes of an entity to deduce who the entity is.

1. Identification is the process whereby data is associated with a particular identity. It is performed by acquiring an identifier.

2. Within a designated context, identifiers enable relying parties to distinguish between the entities they interact with. This is known as identification.

3. Identification is the act of claiming an identity, where an identity is a set of one or more signs signifying a distinct entity.

The process of establishing an Entity, rather than an Identity. For example; any one-to-many matching of characteristics or features of a group to derive "best fits" to raw data (not a yes/no outcome), such as in an AFIS (the law-enforcement Automated Fingerprint Identification System) or DNA matching process. Usually not performed in real-time due to the processing overheads. Contrasts with Verification.

The process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to re-sources in an IT system.

Process of using claimed or observed attributes of an individual to infer who the individual is.

The process of verifying and associating attributes with a particular person designated by an identifier.

Process of using claimed or observed attributes of an individual to infer who the individual is.

Identification is the first of two steps comprising "I&A": the identification step "“ presenting an identifier to the security system. The second step is the authentication step "“ presenting or generating authentication information that corroborates the binding between the entity and the identifier.

The process of recognizing an entity by contextual characteristics.

The process of recognizing_ an entity by contextual characteristics.

The process of discovering the true identity (i.e., origin, initial history) of a person or item from the entire collection of similar persons or items.

The process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system.

SOURCE: SP 800-47

The process of discovering the true identity (i.e., origin, initial history) of a person or item from the entire collection of similar persons or items.

SOURCE: FIPS 201

An act or process that presents an identifier to a system so that the system can recognize a system entity (e.g., user, process, or device) and distinguish that entity from all others.

SOURCE: CNSSI-4009

identification services

Services that aggregate an entity's identities to provide trust levels in the bindings between those identities and the entity.

identification verification

The process of affirming that a claimed identity is correct by comparing the offered claims of identity with previously proven information.

identified entity

An identified entity is an identifiable entity the identity of which has been corroborated.

identifier

An identifier is an attribute or a set of attributes of an entity which uniquely identifies the entity within a certain context.

(1) An identifier is information that names or indicates an entity or grouping of entities. [Source: Stefan Brands.] (2) An identifier is a signifier for an identity ; it is one or more data items that distinguishes an identity from other identities. Examples of identifiers: name, id-number, username, IP-address.

a. An identifier is a series of digits, characters and symbols or any other form of data used to identify subscriber(s), user(s), network element(s), function(s), network entity(ies) providing services/applications, or other entities (e.g., physical or logical objects).

b. A data object (for example, a string) mapped to a system entity that uniquely refers to the system entity. A system entity may have multiple distinct identifiers referring to it. An identifier is essentially a "distinguished attribute" of an entity.

c. Either an "http" or "https" URI, (commonly referred to as a "URL" within this document), or an XRI (Reed, D. and D. McAlpin, "Extensible Resource Identifier (XRI) Syntax V2.0,".)

i. An identifier is a series of digits, characters and symbols or any other form of data used to identify subscriber(s), user(s), network element(s), function(s), network entity(ies) providing services/applications, or other entities (e.g., physical or logical objects).

ii. A data object (for example, a string) mapped to a system entity that uniquely refers to the system entity. A system entity may have multiple distinct identifiers referring to it. An identifier is essentially a "distinguished attribute" of an entity.

iii. Either an "http" or "https" URI, (commonly referred to as a "URL" within this document), or an XRI (Reed, D. and D. McAlpin, "Extensible Resource Identifier (XRI) Syntax V2.0,".)

iv. Strings or tokens that are unique within a given scope (globally or locally within a specific domain, community, directory, application, etc.). Identifiers are the key used by the parties to an identification relationship to agree on the entity being represented. Identifiers may be classified

as omnidirectional and unidirectional. Omnidirectional identifiers are intended to be public and easily discoverable, while unidirectional identifiers are intended to be private and used only in the context of a specific identity relationship. Identifiers may also be classified as

resolvable or non-resolvable. Resolvable identifiers, such as a domain name or e-mail address, may be dereferenced into the entity they represent. Non-resolvable identifiers, such as a person's real-world name, or a subject or topic name, can be compared for equivalence but are not otherwise machine-understandable. There are many different schemes and formats for digital identifiers. The most widely used is Uniform Resource Identifier (URI) and its internationalized version Internationalized Resource Identifier (IRI)"”the standard for identifiers on the World Wide

Web. OpenID and Light-Weight Identity (LID) are two web authentication protocols that use standard HTTP URIs (often called URLs), for example. A new OASIS standard for abstract, structured identifiers, XRI (Extensible Resource Identifiers), adds new features to URIs and IRIs

that are especially useful for digital identity systems. OpenID v. An attribute or a set of attributes of an entity which uniquely identifies the entity within a certain context. (For the sake of clarity, identifiers consisting of one attribute are also characteristics; they distinguish an entity from

other entities. An entity may have multiple distinct identifiers referring to it. Identifiers uniquely identify an entity, while characteristics do not need to. However, it should be noted that identifiers can consist of a combination of attributes, whereas characteristics are always one single attribute.)

Something that points to an individual, such as a name, a serial number or some other pointer to the party being identified.

Something that points to an individual, such as a name, a serial number, or some other pointer to the party being identified.

This term is used in two senses in SAML: 3) One that identifies [Merriam]. 4) A data object (for example, a string) mapped to a system entity that uniquely refers to the system entity. A system entity may have multiple distinct identifiers referring to it. An identifier is essentially a "distinguished attribute" of an entity.

Something that points to an individual, such as a name, a serial number, or some other pointer to the party being identified.

One or more attributes used to identify an entity within a context.

Unique data used to represent a person's identity and associated attributes. A name or a card number are examples of identifiers.

SOURCE: FIPS 201

A data object - often, a printable, non-blank character string - that definitively represents a specific identity of a system entity, distinguishing that identity from all others.

SOURCE: CNSSI-4009

identity

Identity is the set of information associated with a specific physical person or other entity.? Typically an Identity Provider will be authoritative for only a subset of a person's identity information.? What identity attributes might be relevant in any situation depend on the context in which it is being questioned.

The fact of being what a person or a thing is, and the characteristics determining this.

The identity of an entity is the dynamic collection of all of the entity's attributes. An entity has only one identity.

1. An identity is a set of information that is attributable to a given entity.

2. Identity is a presentation or role of an entity.

3. An identity is the set of the properties of an entity that allows the entity to be distinguished from other entities.

4. a digital representation of a set of claims made by one party about itself or another digital subject.

A much abused or misunderstood term. In the IAM context it generally refers to the particulars of an authentication. More specifically, it can mean:

Identity [1] - the established relationship between an Entity and a particular Registration (eg a regsistered user's EOI details). An Entity can have multiple Identities, usually one per Registration. An Identity may have multiple Accounts, usually one per environment or platform. Also see Entity.

Identity [2] - an instance of an Entity. A user (username and password), an account.

Identity [3] [lesser usage] - the identifier (username, customer number) used as a means of identifying an Entity. If this usage is adopted, then "˜Digital Identity' is the term to be used to mean the relationship between an Entity and a particular Registration, or the instance of an Entity (ie Identity [1] or [2] above). But this is regarded as a clumsy invocation that does not add to understanding or communication.

a. Structured representations of an entity in the form of one or more credentials, identifiers, attributes, or patterns in a relevant context. Such representations can take any physical or electro-optical (digital or analog) form or syntax, and may have associated implicit or explicit time-stamp and location specifications.

b. The properties of an entity that allows it to be distinguished from other entities.

c. The attributes by which an entity is described, recognized or known.

d. The essence of an entity and often described by its characteristics.

e. The essence of an entity [Merriam]. One's identity is often described by one's characteristics, among which may be any number of identifiers.

f. The fundamental concept of uniquely identifying an object (person, computer, etc.) within a context. That context might be local (within a department), corporate (within an enterprise), national (within the bounds of a country), global (all such object instances on the planet), and possibly universal (extensible to environments not yet known). Many identities exist for local, corporate, and national domains. Some globally unique identifiers exist for technical environments, often computer-generated.

g. A collection of attributes which helps to distinguish one entity from another.

i. Structured representations of an entity in the form of one or more credentials, identifiers, attributes, or patterns in a relevant context. Such representations can take any physical or electro-optical (digital or analog) form or syntax, and may have associated implicit or explicit time-stamp and location specifications.

ii. The properties of an entity that allows it to be distinguished from other entities.

iii. The attributes by which an entity is described, recognized or known.

iv. The essence of an entity and often described by its characteristics.

v. The essence of an entity [Merriam]. One's identity is often described by one's characteristics, among which may be any number of identifiers.

vi. The fundamental concept of uniquely identifying an object (person, computer, etc.) within a context. That context might be local (within a department), corporate (within an enterprise), national (within the bounds of a country), global (all such object instances on the planet), and possibly universal (extensible to environments not yet known). Many identities exist for local, corporate, and national domains. Some globally unique identifiers exist for technical environments, often computer-generated.

vii. A collection of attributes which helps to distinguish one entity from another.

A unique name for single person. Because a person's legal name is not necessarily unique, identity must include enough additional information (for example, an address or some unique identifier such as an employee or account

number) to make a unique name.

A unique name of an individual person (an identifier), and any associated attributes; the set of the properties of a person that allows the person to be distinguished from other persons.

A unique name for a single person. Because a person's legal name is not necessarily unique, identity must include enough additional information (for example, an address or some unique identifier

such as an employee or account number) to make a unique name.

A claim or set of claims about the user.

The essence of an entity [Merriam]. One's identity is often described by one's characteristics, among which may be any number of identifiers.

The essence of an entity, often described by its characteristics.

The essence of an entity. One's identity is often described by one's characteristics, among which may be any number of identifiers.

A Principal may wield one or more identities. See also Principal identity.

A unique name for single person. Because a person's legal name is not necessarily unique, identity must include enough additional information (for example, an address or some unique identifier such as an employee or account number) to make a unique name.

The representation of an entity in the form of one or more information elements which allow the entity(s) to be sufficiently distinguished within context. For IdM purposes the term identity is understood as contextual identity (subset of attributes) i.e. the variety of attributes is limited by a framework with defined boundary conditions (the context) in which the entity exists and interacts.

A representation of an entity in the form of one or more attributes that allow the entity or entities to be sufficiently distinguished within context. For identity management (IdM) purposes the term identity is understood as contextual identity (subset of attributes), i.e., the variety of attributes is limited by a framework with defined boundary conditions (the context) in which the entity exists and interacts.

The representation of an entity in the form of one or more information elements which allow the entity(s) to be sufficiently distinguished within context. For IdM purposes the term identity is understood as contextual identity (subset of attributes) i.e. the variety of attributes is limited by a framework with defined boundary conditions (the context) in which the entity exists and interacts.

Structured representations of an entity in the form of one or more credentials, identifiers, attributes, or patterns in a relevant context. Such representations can take any physical or electropitcal (digital or analog) form or syntax, and may have associated implicit or explicit time-stamp and location specifications.

The set of physical and behavioral characteristics by which an individual is uniquely recognizable.

A unique name of an individual person. Since the legal names of persons are not necessarily unique, the identity of a person must include sufficient additional information to make the complete name unique.

SOURCE: SP 800-63

The set of physical and behavioral characteristics by which an individual is uniquely recognizable.

SOURCE: FIPS 201

The set of attribute values (i.e., characteristics) by which an entity is recognizable and that, within the scope of an identity manager's responsibility, is sufficient to distinguish that entity from any other entity.

SOURCE: CNSSI-4009

A unique physical being that identifies somebody or something. Identities can apply to persons

or non-persons.

identity agent

Manages and supports a consistent user experience (and in some cases other kinds of interactions) with a Service Provider.

identity assertion

An electronic record sent by an Identity Provider to a Relying Party that contains the Subject's identifier (e.g., name, account number, etc.), authentication status, and identity attributes. The attributes are typically personal information about the Subject relevant to the transaction that is required by the Relying Party.

identity assurance

the degree of confidence in the identity proofing process used to establish the identity of the entity to whom the credential was issued, and the degree of confidence that the entity that uses the credential is the entity or entity to whom the credential was issued or assigned.

The degree of confidence in the process of identity validation and verification used to establish the identity of the entity to which the credential was issued, and the degree of confidence that the entity that uses the credential is that entity or the entity to which the credential was issued or assigned.

The degree of confidence in the identity proofing process used to establish the identity of the entity to whom the credential was issued, and the degree of confidence that the entity that uses the credential is the entity or entity to whom the credential was issued or assigned.

Means to ensure the integrity and authenticity of identity information.

Identity Assurance Expert Group (IAEG)

The multi-industry Liberty Alliance partnership working on enabling interoperability among public and private electronic identity authentication systems.

identity assurance framework (IAF)

The body of work that collectively defines the industry-led self-regulatory Framework for electronic trust services in the United States and around the globe, as operated by the Kantara Initiative. The Identity Assurance Framework includes documents which contain descriptions of criteria, rules, procedures, and processes.

The body of work that collectively defines the industry-led self-regulatory framework for electronic trust services in the United States and around the globe, as operated by the IAEG. The Identity Assurance Framework includes descriptions of criteria, rules, procedures, processes, and other documents.

identity assurance work group (IAWG)

The multi-industry Kantara Initiative partnership working on enabling interoperability among public and private electronic identity authentication systems to foster the adoption of trusted on-line identity services.

identity attribute

A property of a digital subject that may have zero or more values.

A property of a Digital Subject that may have zero or more values.

Each piece of identifying information about a user can be thought of as an attribute of that user. Users have identity attributes, each of which may be stored on one or more target systems.

identity authentication

Process of establishing an understood level of confidence that an identifier refers to an identity. It may or may not be possible to link the authenticated identity to an individual.

identity-based access control

Access control based on the identity of the user (typically relayed as a characteristic of the process acting on behalf of that user) where access authorizations to specific objects are assigned based on user identity.

SOURCE: SP 800-53; CNSSI-4009

identity based security policy

A security policy based on the identities and/or attributes of users, a group of users, or entities acting on behalf of the users and the resources/objects being accessed.

A security policy based on the identities and/or attributes of the object (system resource) being accessed and of the subject (user, group of users, process, or device) requesting access.

SOURCE: SP 800-33

identity binding

The extent to which an electronic credential can be trusted to be a proxy for the entity named in it.

Binding of the vetted claimed identity to the individual (through biometrics) according to the issuing authority. Represented by an identity assertion from the issuer that is carried by a PIV credential.

Binding of the vetted claimed identity to the individual (through biometrics) according to the issuing authority.

SOURCE: FIPS 201

identity bridge provider

An Identity Provider that acts as a trusted intermediary among other Identity Providers.

identity change

User identity information may change for time to time. For example, people change their names after marriage or divorce, their phone number and address changes periodically, etc. Where systems and applications track this data, it must be changed whenever the real-world information changes. Such changes are called identity changes.

identity context

The surrounding environment and circumstances that determine

meaning of Digital Identities and the policies and protocols that govern their interactions.

The surrounding environment and circumstances that determine meaning of Digital Identities and the policies and protocols that govern their interactions.

identity defederation

The action occurring when Providers agree to stop referring

to an entity via a certain set of identifiers and/or attributes.

The action occurring when Providers agree to stop referring to a Principal via a certain set of identifiers and/or attributes.

identity ecosystem

It is an online environment where individuals, organizations, services, and devices can trust

each other because authoritative sources establish and authenticate their digital identities.

Similar to ecosystems that we find in nature, it requires disparate organizations and individuals to function together and fulfill unique roles and responsibilities, governed by an overarching set of standards and rules.

identity ecosystem framework

Overarching set of interoperability standards, risk models, privacy and liability policies, trustmark requirements, and enforcement mechanisms that govern the Identity Ecosystem.

identity fabrication

The creation of one or more fictitious identities. This is usually achieved by fabricating an entity, or by an existing entity altering one of it's identities, for fraudulent purposes.

identity federation

The act of creating a federated identity on behalf of an entity.

Associating, connecting, or binding multiple accounts for a given Principal at various Liberty-enabled entities within an Authentication Domain.

Creating associations between a given system entity's identifiers or accounts.

identity information

All the information identifying a user, including trusted (network generated) and/or untrusted (user generated)addresses. Identity information shall take the form of either a SIP URI (see RFC 2396) or a "tel" URI (see RFC 3966).

All the information identifying a user, including trusted (network generated) and/or untrusted (user generated) addresses. Identity information shall take the form of either a SIP URI (see RFC 2396) or a "tel" URI (see RFC 3966).

identity layer

Information can be exchanged between different systems.

A common layer where identity information can be exchanged

between different systems.

identity management (IDM)

Identity management is the managing of partial identities of entities, i.e., definition, designation and administration of identity attributes as well as choice of the partial identity to be (re-) used in a specific context.

Formal standardised enterprise-wide or community-wide processes for managing multitudes of Identities.

The structured creation, capture, syntactical expression, storage, tagging, maintenance, retrieval, use and destruction of identities by means of diverse arrays of different technical, operational, and legal systems and practices.

The combination of technical systems, rules and procedures that define the ownership, utilization, and safeguard of personal identity information. The primary goal of the Identity Management process is to assign attributes to a digital identity, and to connect that identity to an individual.

A set of functions and capabilities (e.g. administration, management and maintenance, discovery, communication exchanges, correlation and binding, policy enforcement, authentication and assertions) used for: Assurance of identity information (e.g., identifiers, credentials, attributes); assurance of the identity of an entity (e.g., users/subscribers, groups, user devices, organizations, network and service providers, network elements and objects, and virtual objects); and supporting business and security applications.

A set of functions and capabilities (e.g., administration, management and maintenance, discovery, communication exchanges, correlation and binding, policy enforcement, authentication and assertions) used for assurance of identity information (e.g., identifiers, credentials, attributes); assurance of the identity of an entity and supporting business and security applications.

A set of functions and capabilities (e.g. administration, management and maintenance, discovery, communication exchanges, correlation and binding, policy enforcement, authentication and assertions) used for: - Assurance of identity information (e.g., identifiers, credentials, attributes); - assurance of the identity of an entity (e.g., users/subscribers, groups, user devices, organizations, network and service providers, network elements and objects, and virtual objects); and - supporting business and security applications.

identity management application

An identity management application is a tool used by an entity to manage partial identities.

identity management system (IDMS)

A set of standards, procedures and technologies that provide electronic credentials to individuals and maintain authoritative information about the holders of those credentials.

An identity management system is the organisational and technical infrastructure used for the definition, designation and administration of identity attributes.

Identity management system comprised of one or more systems or applications that manages the identity verification, validation and issuance process.

identity mapping service (IMS)

An ID-WSF-based service that enables a requester to obtain one or more identity tokens (see identity token). It translates references to a principal into alternative formats or identifier namespaces. This service exposes a generalization of the Name Identifier Mapping protocol defined in [SAMLCore2] [LibertyAuthn].

identity medium

A device or object storing one or more credentials, claims, or attributes related to a single

subject, and in the case of a device, capable of transforming these information objects for

specific uses.

Any credential, card, badge, USB, smart phone or other media, regardless of form factor,

issued or authorized for identification purposes within online transactions.

identity pattern

A structured expression derived from the behaviour of an entity that contributes to the recognition process; this may include the reputation of the entity. Identity patterns may be uniquely associated with an entity, or a class with which the entity is associated.

A structured expression of attributes of an entity (e.g. the behaviour of an entity) that could be used in some identification processes.

A structured expression of attributes of an entity (e.g., the behaviour of an entity) that could be used in some identification processes.

A structured expression of attributes of an entity (e.g. the behaviour of an entity) that could be used in some identification processes.

identity proofing

A shareable, identity management component by which the credential issuer validates sufficient information to uniquely identify a person applying for the credential.

The process by which identity-related information is validated so as to identify a person with a degree of uniqueness and certitude sufficient for the purposes for which that identity is to be used.

The process by which an Identity provider validates sufficient information to uniquely identify a person.

The process by which identity related information is validated so as to identify a person with a degree of uniqueness and certitude sufficient for the purposes for which that identity is to be used.

A process by which the credential issuer validates sufficient information to identify uniquely, an entity that applies for the credential.

A process which validates and verifies sufficient information to confirm the claimed identity of the entity.

A process by which the credential issuer validates sufficient information to identify uniquely, an entity that applies for the credential.

The process of providing sufficient information (e.g., identity history, credentials, documents) to a PIV Registrar when attempting to establish an identity.

The process by which a Credentials Service Provider (CSP) and a Registration Authority (RA) validate sufficient information to uniquely identify a person.

SOURCE: SP 800-63

The process of providing sufficient information (e.g., identity history, credentials, documents) to a Personal Identity Verification Registrar when attempting to establish an identity.

SOURCE: FIPS 201

The process of providing sufficient information (e.g., identity history, credentials, documents) to a service provider for the purpose of proving that a person or object is the same person or object it claims to be.

identity proofing policy

A set of rules that defines identity-proofing requirements (required evidence, format, manner of presentation, validation), records actions required of the registrar, and describes any other salient aspects of the identity proofing function that are applicable to a particular community or class of applications with common security requirements. An identity proofing policy is designed to accomplish a stated assurance level.

A set of rules that defines identity proofing requirements (required evidence, format, manner of presentation, validation), records actions required of the registrar, and describes any other salient aspects of the identity proofing function that are applicable to a particular community or class of applications with common security requirements. An identity proofing policy is designed to accomplish a stated assurance level.

identity proofing practice statement

A statement of the practices that an identity proofing service provider employs in providing its services in accordance with the applicable identity proofing policy.

identity proofing service provider

An electronic trust service provider which offers, as a standalone service, the specific electronic trust service of identity proofing. This service provider is sometimes referred to as a Registration Agent/Authority (RA).

Identity Provider/Credentials Service Provider (IP or CSP) (IdP)

A campus or other organization that manages and operates an identity management system and offers information about members of its community to other InCommon participants.

Same as: identity provider. (1) An identity provider is an entity which issues identifiers to other entities. A typical identity provider is an internet site which manages its own directory of accounts of its users. (2) An agent that issues an identity.

a. An entity that creates, maintains, and manages trusted identity information for entities. An Identity Provider may include a Trusted Third Party as well as Relying Parties and entities themselves in different contexts.

b. A type of service provider that creates, maintains, and manages identity information for users/devices and provides user/device authentication.

c. A service provider that authenticates a user and that creates, maintains, and manages identity information for users and asserts user authentication and other identity related information to other trusted service providers.

d. An entity in an AAI that performs Identity Management.

e. Kind of service provider that creates, maintains, and manages identity information for principals and provides authentication to other service providers within a federation, such as with web browser profiles.

An Agent that issues a Digital Identity.

i. An entity that creates, maintains, and manages trusted identity information for entities. An Identity Provider may include a Trusted Third Party as well as Relying Parties and entities themselves in different contexts.

ii. A type of service provider that creates, maintains, and manages identity information for users/devices and provides user/device authentication.

iii. A service provider that authenticates a user and that creates, maintains, and manages identity information for users and asserts user authentication and other identity related information to other trusted service providers.

iv. An entity in an AAI that performs Identity Management.

v. Kind of service provider that creates, maintains, and manages identity information for principals and provides authentication to other service providers within a federation, such as with web browser profiles.

An electronic trust service provider that operates one or more credential services. A CSP can include a Registration Authority.

An entity that creates, maintains, and manages identity information for Subjects. It authenticates and vouches for the Subject to Relying Parties.

An electronic trust service provider that operates one or more credential services. A CSP can include a Registration Authority.

Manages the user's identity information and provides

authentication of the user to service providers.

The service provider, also referred to as the relying party, provides a service to the user, based on identity information provided by an identity provider.

An Agent that issues a Digital Identity.

A kind of service provider that creates, maintains, and manages identity information for principals and provides principal

authentication to other service providers within a federation, such as with web browser profiles.

A Liberty-enabled entity that creates, maintains, and manages identity information for Principals and provides Principal authentication to other Service Providers within an Authentication Domain. An Identity Provider may also be a Service Provider.

A Liberty-enabled system entity that manages identity information on behalf of Principals and provides assertions of Principal authentication to other providers.

An electronic trust service provider that operates one or more credential services. A CSP can include a Registration Authority.

See identity service provider (IdSP).

An entity that verifies, maintains, manages, and may create and assign identity information of other entities.

See identity service provider (IdSP).

An entity that verifies, maintains, manages, and may create and assign identity information of other entities.

See identity service provider (IdSP).

An entity that verifies, maintains, manages, and may create and assign identity information of other entities.

See identity service provider (IdSP).

An entity that verifies, maintains, manages, and may create and assign identity information of other entities.

An entity that creates, maintains, and manages trusted identity information for entities. An Identity Provider may include a Trusted Third Party, as well as Relying Parties and entities themselves in different contexts.

Responsible for the processes associated with enrolling a subject, and establishing and

maintaining the digital identity associated with an individual or NPE. These processes include

identity vetting and proofing, as well as revocation, suspension, and recovery of the digital

identity. The IDP is responsible for issuing a credential, the information object or device used

during a transaction to provide evidence of the subject's identity; it may also provide linkage to

authority, roles, rights, privileges, and other attributes.

identity registration

The process of making a person's identity known to the (Personal Identity Verification) system, associating a unique identifier with that identity, and collecting and recording the person's relevant attributes into the system.

The process of making a person's identity known to the PIV system, associating a unique identifier with that identity, and collecting and recording the person's relevant attributes into the system.

The process of making a person's identity known to the Personal Identity Verification (PIV) system, associating a unique identifier with that identity, and collecting and recording the person's relevant attributes into the system.

SOURCE: FIPS 201; CNSSI-4009

identity service

See identity web service.

identity service bridge provider

An Identity Service Provider that acts as a trusted intermediary among other Identity Service Providers.

An identity service provider that acts as a trusted intermediary among other identity service providers.

An Identity Service Provider that acts as a trusted intermediary among other Identity Service Providers.

identity synchronisation

A process of updating disseminated user's identity information to a relying party when the source of the identity information in an identity service provider is changed.

Identity synchronization systems map identity attributes between different systems and automatically propagate changes from one system to another.

It should be noted that identity synchronization normally operates without a user interface -- i.e., data flows in from one system and out to one or more other systems, without any further user input in between.

For example, an e-mail system may be authoritative for each user's SMTP e-mail address, an HR system for the same users' employee number and department code, a white pages application for each user's phone number and so on. An identity synchronization system makes sure that all of these systems have correct and up-to-date information in each of these fields.

identity takeover

This is usually the creation of a new Identity without the permission of the Entity. It is actually the theft of the Entity, because the aim is to create a new identity that is linked to someone else, and this is the only way of doing that. It is commonly but incorrectly called "identity theft" (see above). It is mostly done off-line by acquaintances, by mail intercept, credit card receipt dockets or by "dumpster diving". It occurs by accumulating information and documents about the entity, usually accompanied by some social engineering. It is then followed by registration of new identities with different service providers under the other entity's name. The original entity may not lose any existing identities, but is generally presumed responsible for the actions of the new identity. Also see Owner.

identity theft

This is the use of an existing Identity without the permission of the Entity. Usually achieved by guessing or stealing the credentials, enabling authenticating to a service provider. For example ATM card skimming. The original entity may or may not lose the particular Identity. Often confused with Identity Takeover. Also see Owner.

identity through relationship

An observer's perception of the digital identity of an entity is inevitably mediated by the subjective viewpoint of that observer (just as it is with physical identity). In order to attribute a digital representation to an entity, and so to elide the two as a digital subject, the attributing party (the observer) must trust that the representation does indeed pertain to the entity (see Authentication below). Conversely, the entity may only grant the observer selective access to its informational attributes (according to the identity of the observer from the perspective of the entity). In this way, digital identity is better understood as a particular viewpoint within a mutually-agreed relationship than as an objective property. This contextual nature of digital identity is referred to as contextual identity.

identity token

Identity tokens [LibertySecMech20SAML][LibertySecMech] are a means for conveying the identity of a Principal involved in an ID-WSF interaction, by means of stipulating one of the Principal's identifiers, as well as (typically) an ID-WSF EPR denoting the Principal's Discovery Service.

Smart card, metal key, or other physical object used to authenticate identity.

SOURCE: CNSSI-4009

identity validation

Tests enabling an information system to authenticate users or resources.

SOURCE: CNSSI-4009

identity verification

The process of confirming that a claimed identity is correct by comparing the offered claims of identity with previously proven information.

The process of confirming that a claimed identity is correct by

comparing the offered claims of identity with previously proven information.

The process of confirming that a claimed identity is correct by

comparing the offered claims of identity with previously proven information.

The process of confirming that a claimed identity is correct by comparing the offered claims of identity with previously proven information.

The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in the PIV Card or system and associated with the identity being claimed.

The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in the PIV Card of system and associated with the identity being claimed.

SOURCE: FIPS 201

The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in the PIV Card or system and associated with the identity being claimed.

SOURCE: SP 800-79

identity web service

A type of web service whose operations are indexed by identity. Such services maintain information about, or on behalf of, Principals "” as represented by their identities "” and/or perform actions on behalf of Principals. They are also sometimes referred to as simply identity services.

In Liberty ID-WSF, such services are both mapped on a per-principal basis and discoverable "” meaning that once a Principal authenticates, the authenticating party possesses a reference to the Principal's Discovery Service instance, which it may use to discover the Principal's other identity services. See also "discoverable."

See also Discovery Service, discoverable, web service (2), and [LibertyDisco].

ID-FF

The Identity Federation Framework (ID-FF) is the title for a subset of the Liberty specification suite which defines largely HTTP-based protocols for web single sign-on and identity federation [LibertyProtSchema].

ID-FF authentication assertion

See authentication assertion.

IDM

An acronym for Identity Management tools and solution.

ID-PP

The "ID Personal Profile" is an ID-SIS -based service which can provide profile information regarding Principals, typically subject to policy established by said Principals [LibertyIDPP].

IDS

See Intrusion Detection System.

ID-SIS

Liberty Identity Service Interface specification set.

ID-SIS service

See ID-SIS-based service.

ID-SIS-based service

ID-SIS-based services are identity services typically built on ID-WSF "” i.e., they are essentially ID-WSF-based services "” and are often also built on the [LibertyDST] specification. [LibertyIDEP] and [LibertyIDPP] are examples of ID-SIS service specifications.

ID-WSF

Liberty Identity Web Services Framework specification set.

ID-WSF endpoint reference (ID-WSF EPR)

An ID-WSF Endpoint Reference (ID-WSF EPR) is a reference to a service instance. It contains the address, security context, and other metadata necessary for contacting the identified service instance. The underlying structure of an ID-WSF EPR is based on wsa:EndpointReference [WSAv1.0-SOAP] [WSAv1.0], and conceptually is similar to the Resource Offering from earlier versions of the Discovery Service specification.

ID-WSF-based service (ID-WSF service)

An ID-WSF-based service is an identity service that is at least discoverable in principle, and is based on [LibertySOAPBinding] and [LibertySecMech].

image

An exact bit-stream copy of all electronic data on a device, performed in a manner that ensures that the information is not altered.

SOURCE: SP 800-72

imitative communications deception

Introduction of deceptive messages or signals into an adversary's telecommunications signals. See communications deception and manipulative communications deception.

SOURCE: CNSSI-4009

impact

The magnitude of harm that could be caused by a threat's exercise of a vulnerability.

The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of information, or loss of information or information system availability.

SOURCE: SP 800-60

impact level

The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of information, or loss of information or information system availability.

SOURCE: CNSSI-4009

implant

Electronic device or electronic equipment modification designed to gain unauthorized interception of information-bearing emanations.

SOURCE: CNSSI-4009

implicit role assignment

A role may be implicitly assigned to a user -- i.e., some database will include a rule of the form "users matching requirements X should be automatically assigned role Y."

inadvertent disclosure

Type of incident involving accidental exposure of information to an individual not authorized access.

SOURCE: CNSSI-4009

in all material respects

In the context of the Evaluator's report, the attestation that requirements are satisfied "in all material respects" is based upon a determination that there are no facts or circumstances known or should have been known by the evaluator that would cause a user of the evaluator's report to come to a different conclusion then that described in the evaluator's report. In addition, the use of the term "material" recognizes that there may be a negative observations that do not significantly impact the Balanced Approach to Security and the overall achievement of the CP or other criteria.

inappropriate usage

A person violating acceptable computing use policies.

SOURCE: SP 800-61

incident

A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.

SOURCE: SP 800-61

An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.

SOURCE: FIPS 200; SP 800-53; SP 800-53A

An assessed occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system; or the information the system processes, stores, or transmits; or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.

SOURCE: CNSSI-4009

incident handling

The mitigation of violations of security policies and recommended practices.

SOURCE: SP 800-61

incident response plan

The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber attacks against an organization's IT system(s).

SOURCE: SP 800-34

The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of an incident against an organization's IT system(s).

SOURCE: CNSSI-4009

incorporated by reference

To make one message a part of another message by (1) identifying the message to be incorporated, (2) providing information that enables the receiving party to access and obtain the incorporated message in its entirety, and (3) expressing the intention that it be part of the incorporating message. The incorporated message shall have the same effect as if it had been fully stated in the incorporating message, to the extent permitted by law.

incomplete parameter checking

System flaw that exists when the operating system does not check all parameters fully for accuracy and consistency, thus making the system vulnerable to penetration.

SOURCE: CNSSI-4009

inculpatory evidence

Evidence that tends to increase the likelihood of fault or guilt.

SOURCE: SP 800-72

indemnification

A legal remedy under which the damaged party is compensated completely and held harmless against any or all damages or expenses caused by a breach of contractual or other responsibility.

independent validation authority (IVA)

Entity that reviews the soundness of independent tests and system compliance with all stated security controls and risk mitigation actions. IVAs will be designated by the Authorizing Official as needed.

SOURCE: CNSSI-4009

independent verification & validation (IV&V)

A comprehensive review, analysis, and testing (software and/or hardware) performed by an objective third party to confirm (i.e., verify) that the requirements are correctly defined, and to confirm (i.e., validate) that the system correctly implements the required functionality and security requirements.

SOURCE: CNSSI-4009

indication

A sign that an incident may have occurred or may be currently occurring.

SOURCE: SP 800-61

indicator

Recognized action, specific, generalized, or theoretical, that an adversary might be expected to take in preparation for an attack.

SOURCE: CNSSI-4009

individual

A natural person who interacts with or is otherwise involved with one or more components of an RFID Application (e.g., back-end system, communications infrastructure, RFID Tag), but who does not operate an RFID Application or exercise one of its functions. In this respect, an Individual is different from a User. An Individual may not be directly involved with the functionality of the RIFD Application, but rather, for example, may merely possess an item that has an RFID Tag.

The person about whom the personal information is being collected (sometimes referred to as the data subject).

A citizen of the United States or an alien lawfully admitted for permanent residence. Agencies may, consistent with individual practice, choose to extend the protections of the Privacy Act and E-Government Act to businesses, sole proprietors, aliens, etc.

SOURCE: SP 800-60

individual accountability

Ability to associate positively the identity of a user with the time, method, and degree of access to an information system.

SOURCE: CNSSI-4009

individual subscriber (Privacy and Electronic Communications Regulations)

Is a residential subscriber, a sole trader or a non-limited liability partnership in England, Wales and N. Ireland.

industrial control system

An information system used to control industrial processes such as manufacturing, product handling, production, and distribution. Industrial control systems include supervisory control and data acquisition systems (SCADA) used to control geographically dispersed assets, as well as distributed control systems (DCS) and smaller control systems using programmable logic controllers to control localized processes.

SOURCE: SP 800-53; SP 800-53A

informal security policy

Natural language description, possibly supplemented by mathematical arguments, demonstrating the correspondence of the functional specification to the high-level design.

SOURCE: CNSSI-4009

information

An instance of an information type.

SOURCE: FIPS 200; FIPS 199; SP 800-60; SP 800-53

Any communication or representation of knowledge such as facts, data, or opinions in any medium or form, including textual, numerical, graphic, cartographic, narrative, or audiovisual.

SOURCE: CNSSI-4009

information assurance (IA)

Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.

SOURCE: SP 800-59; CNSSI-4009

information assurance component (IAC)

An application (hardware and/or software) that provides one or more Information Assurance capabilities in support of the overall security and operational objectives of a system.

SOURCE: CNSSI-4009

information assurance manager (IAM)

SEE information systems security manager.

SOURCE: CNSSI-4009

information assurance officer (IAO)

SEE information systems security officer.

SOURCE: CNSSI-4009

information assurance (IA) professional

Individual who works IA issues and has real-world experience plus appropriate IA training and education commensurate with their level of IA responsibility.

SOURCE: CNSSI-4009

information assuance vulnerability alert (IAVA)

Notification that is generated when an Information Assurance vulnerability may result in an immediate and potentially severe threat to DoD systems and information; this alert requires corrective action because of the severity of the vulnerability risk.

SOURCE: CNSSI-4009

information custodian

In the context of private key recovery, the Information Custodian is the person or organization with legal ownership of the information.

information domain

A three-part concept for information sharing, independent of, and across information systems and security domains that

1) identifies information sharing participants as individual members, 2) contains shared information objects, and 3) provides a security policy that identifies the roles and privileges of the members and the protections required for the information objects.

SOURCE: CNSSI-4009

information environment

Aggregate of individuals, organizations, and/or systems that collect, process, or disseminate information, also included is the information itself.

SOURCE: CNSSI-4009

information flow control

Procedure to ensure that information transfers within an information system are not made in violation of the security policy.

SOURCE: CNSSI-4009

information in identifiable form (IIF)

Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means. [E-Gov]

information management

The planning, budgeting, manipulating, and controlling of information throughout its life cycle.

SOURCE: CNSSI-4009

information notice (Data Protection Act and Freedom of Information Act)

An information notice is a written notice from the Information Commissioner to a data controller or a public authority seeking information that the Commissioner needs to carry out his functions. Failure to comply with an information notice is an offence.

information operations (IO)

The integrated employment of the core capabilities of electronic warfare, computer network operations, psychological operations, military deception, and operations security, in concert with specified supporting and related capabilities, to influence, disrupt, corrupt, or usurp adversarial human and automated decision-making process, information, and information systems while protecting our own.

SOURCE: CNSSI-4009

information owner

In the context of private key recovery, the Information Owner is the person or organization with legal ownership of the information.

Official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, dissemination, and disposal.

SOURCE: FIPS 200; SP 800-53; SP 800-60; SP 800-18

Official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, classification, collection, processing, dissemination, and disposal.

SOURCE: CNSSI-4009

information padlock/signpost (Data Protection Act)

This symbol (designed by the Information Commissioner and the National Consumer Council) acts as a signpost, so that people can tell at a glance that personal information about them is being collected and processed.

information resources

Information and related resources, such as personnel, equipment, funds, and information technology.

SOURCE: FIPS 200; FIPS 199; SP 800-53; SP 800-18; SP 800-60; 44 U.S.C., Sec. 3502; CNSSI-4009

information resources management (IRM)

The planning, budgeting, organizing, directing, training, controlling, and management activities associated with the burden, collection, creation, use, and dissemination of information by agencies.

SOURCE: CNSSI-4009

information security

The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.

SOURCE: SP 800-53; SP 800-18; SP 800-60; CNSSI-4009; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542

Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide"”

1) integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity;

2) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and

3) availability, which means ensuring timely and reliable access to and use of information.

SOURCE: SP 800-66; 44 U.S.C., Sec. 3541

information security management systems (ISMS)

A system of management concerned with information security. The key concept of ISMS is the design, implement, and maintain a coherent suite of processes and systems for effectively managing information security, thus ensuring the confidentiality, integrity, and availability of information assets and minimizing information security risks.

Preservation of the confidentiality, integrity and availability of information.

information security policy

Aggregate of directives, regulations, rules, and practices that prescribes how an organization manages, protects, and distributes information.

SOURCE: sp 800-53; sp 800-18; CNSSI-4009

information security program plan

Formal document that provides an overview of the security

requirements for an organization-wide information security program and describes the program management controls and common controls in place or planned for meeting those requirements.

SOURCE: SP 800-53

information sharing

The requirements for information sharing by an IT system with one or more other IT systems or applications, for information sharing to support multiple internal or external organizations, missions, or public programs.

SOURCE: SP 800-16

information sharing environment

1. An approach that facilitates the sharing of terrorism and homeland security information; or

2. ISE in its broader application enables those in a trusted partnership to share, discover, and access controlled information.

SOURCE: CNSSI-4009

information steward

An agency official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, dissemination, and disposal.

SOURCE: CNSSI-4009

information system (IS)

The entire infrastructure, organization, personnel, and components for the collection, processing, storage, transmission, display, dissemination, and disposition of information.

A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

SOURCE: FIPS 200; FIPS 199; SP 800-53A; SP 800-60; SP 800-18; 44 U.S.C., Sec. 3502; OMB Circular A-130, App. III

A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Note: Information systems also include specialized systems such as industrial/process controls systems, telephone switching and private branch exchange (PBX) systems, and environmental control systems.

SOURCE: SP 800-53; CNSSI-4009

information system life cycle

The phases through which an information system passes, typically characterized as initiation, development, operation, and termination (i.e., sanitization, disposal and/or destruction).

SOURCE: CNSSI-4009

information system owner (or program manager)

Official responsible for the overall procurement, development, integration, modification, or operation and maintenance of an information system.

SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-60

information system owner

Official responsible for the overall procurement, development, integration, modification, or operation and maintenance of an information system.

SOURCE: FIPS 200

information system security officer (ISSO)

Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.

SOURCE: SP 800-53; SP 800-53A; SP 800-60

Individual assigned responsibility by the senior agency information security officer, authorizing official, management official, or information system owner for ensuring that the appropriate operational security posture is maintained for an information system or program.

SOURCE: SP 800-18

information systems security (INFOSEC)

Protection of information systems against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users, including those measures necessary to detect, document, and counter such threats.

SOURCE: CNSSI-4009

information systems security engineer (ISSE)

Individual assigned responsibility for conducting information system security engineering activities.

SOURCE: CNSSI-4009

information systems security engineering (ISSE)

Process of capturing and refining information protection requirements to ensure their integration into information systems acquisition and information systems development through purposeful security design or configuration.

SOURCE: CNSSI-4009

information systems security equipment modification

Modification of any fielded hardware, firmware, software, or portion thereof, under NSA configuration control. There are three classes of modifications: mandatory (to include human safety); optional/special mission modifications; and repair actions. These classes apply to elements, subassemblies, equipment, systems, and software packages performing functions such as key generation, key distribution, message encryption, decryption, authentication, or those mechanisms necessary to satisfy security policy, labeling, identification, or accountability.

SOURCE: CNSSI-4009

information systems security manager (ISSM)

Individual responsible for the information assurance of a program, organization, system, or enclave.

SOURCE: CNSSI-4009

information systems security officer (ISSO)

Individual assigned responsibility for maintaining the appropriate operational security posture for an information system or program.

SOURCE: CNSSI-4009

information systems security product

Item (chip, module, assembly, or equipment), technique, or service that performs or relates to information systems security.

SOURCE: CNSSI-4009

information technology

Any equipment or interconnected system or subsystem of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency. For purposes of the preceding sentence, equipment is used by an executive agency if the equipment is used by the executive agency directly or is used by a contractor under a contract with the executive agency which"”

1) requires the use of such equipment; or

2) requires the use, to a significant extent, of such equipment in the performance of a service or the furnishing of a product.

The term information technology includes computers, ancillary equipment, software, firmware and similar procedures, services (including support services), and related resources.

SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-60; FIPS 200; FIPS 199; CNSSI-4009; 40 U.S.C., Sec. 11101

information tribunal (Data Protection Act and Freedom of Information Act)

The Information Tribunal hears appeals by data controllers against notices issued by the Information Commissioner under the Data Protection Act and appeals by a public authority against enforcement notices and information notices under the Freedom of Information Act. It will also hear appeals against decision notices by a complainant or a public authority.

information type

A specific category of information (e.g., privacy, medical, proprietary, financial, investigative, contractor sensitive, security management), defined by an organization or in some instances, by a specific law, Executive Order, directive, policy, or regulation.

SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-60; FIPS 200; FIPS 199; CNSSI-4009

information value

A qualitative measure of the importance of the information based upon factors such as: level of robustness of the Information Assurance controls allocated to the protection of information based upon: mission criticality, the sensitivity (e.g., classification and compartmentalization) of the information, releasability to other countries, perishability/longevity of the information (e.g., short life data versus long life intelligence source data), and potential impact of loss of confidentiality and integrity and/or availability of the information.

SOURCE: CNSSI-4009

informed consent

Consent voluntarily signified by an End-User who is competent and who understands the terms of the consent and who has been provided in a clear statement with the appropriate knowledge needed to freely decide without the intervention of any element of force, fraud, deceit, duress, over-reaching or other ulterior form of constraint of coercion. Informed Consent may be signified by any method, including electronically, in a form or otherwise as provided by the party requesting the consent.

infrastructure

Consists of the integrated technical components (e.g., hardware, software, networks,

applications and protocols) required to deliver online services in accordance with the trust

framework and the programs necessary to support them.

ingress filtering

The process of blocking incoming packets that use obviously false IP addresses, such as reserved source addresses.

SOURCE: SP 800-61

inheritance

SEE security control inheritance.

initial response

A [RFC4422] term referring to authentication exchange data sent by the client in the initial SASL request. It is used by a subset of SASL mechanisms. See Section 5.1 of [RFC4422].

initial SASL request

The initial <SASLRequest> message sent from the client to the server in an authentication exchange [LibertyAuthn].

initial SOAP sender

The SOAP sender that originates a SOAP message at the starting point of a SOAP message path.

initialization vector (IV)

A vector used in defining the starting point of an encryption process within a cryptographic algorithm.

SOURCE: FIPS 140-2

initialize

Setting the state of a cryptographic logic prior to key generation, encryption, or other operating mode.

SOURCE: CNSSI-4009

initiator

The entity that initiates an authentication exchange.

SOURCE: FIPS 196

inside threat

An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.

SOURCE: SP 800-32

inside(r) threat

An entity with authorized access (i.e., within the security domain) that has the potential to harm an information system or enterprise through destruction, disclosure, modification of data, and/or denial of service.

SOURCE: CNSSI-4009

inspectable space

Three dimensional space surrounding equipment that processes classified and/or sensitive information within which TEMPEST exploitation is not considered practical or where legal authority to identify and remove a potential TEMPEST exploitation exists. Synonymous with zone of control.

SOURCE: CNSSI-4009

inspection

An assessment performed on a regular basis to ensure ongoing compliance with a CP (or other applicable requirement or documents). A formal inspection is normally referred to as an audit.

integrity

Integrity refers to the requirement that information be protected from improper modification. Integrity is lost if unauthorized changes are made to the data or IT System by either intentional or accidental acts. If the loss of System or Data Integrity is not corrected, continued use of the contaminated System or corrupted data could result in inaccuracy, fraud, or erroneous decisions. Also, violation of Integrity may be the first step in a successful attack against System Availability or Confidentiality. For all these reasons, loss of Integrity reduces the assurance of an IT System.

Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity.

SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-27; SP 800-60; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542

The property that sensitive data has not been modified or deleted in an unauthorized and undetected manner.

SOURCE: FIPS 140-2

The property whereby an entity has not been modified in an unauthorized manner.

SOURCE: CNSSI-4009

Assurance that data has not been modified or deleted in an unauthorized or undetected

manner.

integrity check value

Checksum capable of detecting modification of an information system.

SOURCE: CNSSI-4009

intellectual proeprty

Useful artistic, technical, and/or industrial information, knowledge or ideas that convey ownership and control of tangible or virtual usage and/or representation.

SOURCE: SP 800-32

Creations of the mind such as musical, literary, and artistic works; inventions; and symbols, names, images, and designs used in commerce, including copyrights, trademarks, patents, and related rights. Under intellectual property law, the holder of one of these abstract "properties" has certain exclusive rights to the creative work, commercial symbol, or invention by which it is covered.

SOURCE: CNSSI-4009

interaction

(1) An interaction is an event involving two or more entities, via their identities. Each participating identity in an interaction is either anonymous or unanonymous to the interaction. (2) An interaction could also be referred to as a projection. [Source: Jaco Aizenman.] Note: We avoid the term transaction because it has a strict definition in the database world. (3) Synonym to identity context. The surrounding environment and circumstances that determine meaning of identities and the policies and protocols that govern their interactions.

interaction service (IS)

An ID-WSF service that allows providers to pose simple questions to Principals in order to, for instance, clarify that Principal's preferences for data sharing, or to supply some needed attribute.

interconnection, system

SEE System Interconnection.

interconnection security agreement (ISA)

An agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection. The ISA also supports a Memorandum of Understanding or Agreement (MOU/A) between the organizations.

SOURCE: SP 800-47

A document that regulates security-relevant aspects of an intended connection between an agency and an external system. It regulates the security interface between any two systems operating under two different distinct authorities. It includes a variety of descriptive, technical, procedural, and planning information. It is usually preceded by a formal MOA/MOU that defines high-level roles and responsibilities in management of a cross-domain connection.

SOURCE: CNSSI-4009

interface

Common boundary between independent systems or modules where interactions take place.

SOURCE: CNSSI-4009

interface control document

Technical document describing interface controls and identifying the authorities and responsibilities for ensuring the operation of such controls. This document is baselined during the preliminary design review and is maintained throughout the information system life cycle.

SOURCE: CNSSI-4009

interim approval to operate (IATO)

Temporary authorization granted by a DAA for an information system to process information based on preliminary results of a security evaluation of the system.

SOURCE: CNSSI-4009

interim approval to test (IATT)

Temporary authorization to test an information system in a specified operational information environment within the time frame and under the conditions or constraints enumerated in the written authorization.

SOURCE: CNSSI-4009

intermediate certification authority (CA)

A Certification Authority that is subordinate to another CA, and has a CA subordinate to itself.

SOURCE: SP 800-32

internal network

A network where: (i) the establishment, maintenance, and provisioning of security controls are under the direct control of organizational employees or contractors; or (ii) cryptographic encapsulation or similar security technology provides the same effect. An internal network is typically organization-owned, yet may be organization-controlled while not being organization-owned.

SOURCE: SP 800-53

A network where 1) the establishment, maintenance, and provisioning of security controls are under the direct control of organizational employees or contractors; or 2) cryptographic encapsulation or similar security technology implemented between organization-controlled endpoints provides the same effect (at least with regard to confidentiality and integrity). An internal network is typically organization-owned, yet may be organization-controlled while not being organization-owned.

SOURCE: CNSSI-4009

internal personnel

Employees, contractors, agents, and others acting on behalf of the entity and its affiliates.

internal security controls

Hardware, firmware, or software features within an information system that restrict access to resources only to authorized subjects.

SOURCE: CNSSI-4009

internal security testing

Security testing conducted from inside the organization's security perimeter.

SP 800-115

internationalization

The process of planning and implementing Identity Management specifications, products, services, and administrative implementations so that they can easily be adapted to specific local technical platforms, languages, and cultures, a process called localization.

The process of planning and implementing Identity Management

specifications, products, services, and administrative implementations so that they can easily be adapted to specific local technical platforms, languages, and cultures, a process called localization.

internet

a. A worldwide interconnection of individual networks a) with an agreement on how to talk to each other, and b) operated by Government, industry, academia, and private parties.

b. The international computer network of both federal and nonfederal interoperable packet switched data networks. [47 USC 230]

The Internet is the single, interconnected, worldwide system of commercial, governmental, educational, and other computer networks that share (a) the protocol suite specified by the Internet Architecture Board (IAB), and (b) the name and address spaces managed by the Internet Corporation for Assigned Names and Numbers (ICANN).

SOURCE: CNSSI-4009

internet protocol (IP)

Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks.

SOURCE: CNSSI-4009

interoperability

The ability of independent systems to exchange meaningful information and initiate actions from each other, in order to operate together to mutual benefit. In particular, it envisages the ability for loosely-coupled independent systems to be able to collaborate and communicate; the possibility of use in services outside the direct control of the issuing assigner.

The ability of independent systems to exchange meaningful

information and initiate actions from each other, in order to operate together to mutual benefit. In particular, it envisages the ability for loosely-coupled independent systems to be able to collaborate and communicate; the possibility

of use in services outside the direct control of the issuing assigner.

For the purposes of this standard, interoperability allows any government facility or information system, regardless of the PIV Issuer, to verify a cardholder's identity using the credentials on the PIV Card.

SOURCE: FIPS 201

The capability of two or more networks, systems, devices, applications, or components to

exchange and readily use information"”securely, effectively, and with little or no inconvenience to the user.

The ability of independent implementations of systems, devices, applications, or components to be used interchangeably.

intranet

A private network that is employed within the confines of a given enterprise (e.g., internal to a business or agency).

SOURCE: CNSSI-4009

An intranet is a network internal to an organization but that runs the same protocols as the network external to the organization. Every organizational network that runs the TCP/IP protocol suite is an intranet.

SOURCE: SP 800-41

intruder lockout

An intruder lockout is a flag set on a login account when too many consecutive, failed login attempts have been made in too short a time period. Intruder lockouts are intended to prevent attackers from carrying out brute force password guessing attacks.

On some systems, intruder lockouts are cleared automatically, after a period of time has elapsed. On others, administrative intervention is required to clear a lockout.

Note that on some systems and applications, intruder lockouts and administrator lockouts are entangled (they use the same flag). This is a poor but common design.

intrusion

Unauthorized act of bypassing the security mechanisms of a system.

SOURCE: CNSSI-4009

intrusion detection system (IDS)

Hardware or software product that gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organizations) and misuse (attacks from within the organizations.)

SOURCE: CNSSI-4009

intrusion detection systems (IDS) (hot-based)

IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the Operating System. Furthermore, unlike network-based IDSs, host-based IDSs can more readily "see" the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks.

SOURCE: SP 800-36; CNSSI-4009

intrusion detection systems (IDS) (network-based)

IDSs which detect attacks by capturing and analyzing network packets. Listening on a network segment or switch, one network-based IDS can monitor the network traffic affecting multiple hosts that are connected to the network segment.

SOURCE: SP 800-36; CNSSI-4009

intrusion detection and prevention system (IDPS)

Software that automates the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents and attempting to stop detected possible incidents.

SOURCE: SP 800-61

intrusion prevention system(s) (IPS)

System(s) which can detect an intrusive activity and can also attempt to stop the activity, ideally before it reaches its targets.

SOURCE: SP 800-36; CNSSI-4009

inverse cipher

Series of transformations that converts ciphertext to plaintext using the Cipher Key.

SOURCE: FIPS 197

invocation identity

The identity of the system entity invoking a service.

IP security (Ipsec)

Suite of protocols for securing Internet Protocol (IP) communications at the network layer, layer 3 of the OSI model by authenticating and/or encrypting each IP packet in a data stream. IPsec also includes protocols for cryptographic key establishment.

SOURCE: CNSSI-4009

iris scan

An iris scan is an image of a user's iris pattern in one or both eyes.

issue a certificate

The acts of a certification authority in creating a certificate and notifying the subscriber listed in the certificate of the contents of the certificate.

issuer

Somebody or something that supplies or distributes something officially.

The organization that is issuing the PIV Card to an Applicant. Typically this is an organization for which the Applicant is working.

issuing CA

In the context of a particular certificate, the issuing CA is the CA that issued the certificate.

IT-related risk

The net mission/business impact considering

1) the likelihood that a particular threat source will exploit, or trigger, a particular information system vulnerability, and

2) the resulting impact if this should occur. IT-related risks arise from legal liability or mission/business loss due to, but not limited to:

w Unauthorized (malicious, non-malicious, or accidental) disclosure, modification, or destruction of information;

w Non-malicious errors and omissions;

w IT disruptions due to natural or man-made disasters; or

w Failure to exercise due care and diligence in the implementation and operation of the IT.

SOURCE: SP 800-27

IT security architecture

A description of security principles and an overall approach for complying with the principles that drive the system design; i.e., guidelines on the placement and implementation of specific security services within various distributed computing environments.

SOURCE: SP 800-27

IT security awareness

The purpose of awareness presentations is simply to focus attention on security. Awareness presentations are intended to allow individuals to recognize IT security concerns and respond accordingly.

SOURCE: SP 800-50

IT security awareness and training program

Explains proper rules of behavior for the use of agency IT systems and information. The program communicates IT security policies and procedures that need to be followed.

SOURCE: SP 800-50

Explains proper rules of behavior for the use of agency information systems and information. The program communicates IT security policies and procedures that need to be followed (i.e., NSTISSD 501, NIST SP 800-50).

SOURCE: CNSSI-4009

IT security education

IT Security Education seeks to integrate all of the security skills and competencies of the various functional specialties into a common body of knowledge, adds a multidisciplinary study of concepts, issues, and principles (technological and social), and strives to produce IT security specialists and professionals capable of vision and proactive response.

SOURCE: SP 800-50

IT security investment

An IT application or system that is solely devoted to security. For instance, intrusion detection systems (IDS) and public key infrastructure (PKI) are examples of IT security investments.

SOURCE: SP 800-65

IT security metrics

Metrics based on IT security performance goals and objectives.

SOURCE: SP 800-55

IT security policy

The "documentation of IT security decisions" in an organization.

NIST SP 800-12 categorizes IT Security Policy into three basic types:

1) Program Policy"”high-level policy used to create an organization's IT security program, define its scope within the organization, assign implementation responsibilities, establish strategic direction, and assign resources for implementation.

2) Issue-Specific Policies"”address specific issues of concern to the organization, such as contingency planning, the use of a particular methodology for systems risk management, and implementation of new regulations or law. These policies are likely to require more frequent revision as changes in technology and related factors take place.

3) System-Specific Policies"”address individual systems, such as establishing an access control list or in training users as to what system actions are permitted. These policies may vary from system to system within the same organization. In addition, policy may refer to entirely different matters, such as the specific managerial decisions setting an organization's electronic mail (e-mail) policy or fax security policy.

SOURCE: SP 800-35

IT security training

IT Security Training strives to produce relevant and needed security skills and competencies by practitioners of functional specialties other than IT security (e.g., management, systems design and development, acquisition, auditing). The most significant difference between training and awareness is that training seeks to teach skills, which allow a person to perform a specific function, while awareness seeks to focus an individual's attention on an issue or set of issues. The skills acquired during training are built upon the awareness foundation, in particular, upon the security basics and literacy material.

SOURCE: SP 800-50

jamming

An attack in which a device is used to emit electromagnetic energy on a wireless network's frequency to make it unusable.

SOURCE: SP 800-48

An attack that attempts to interfere with the reception of broadcast communications.

SOURCE: CNSSI-4009

JPEG

A standardized image compression function originally established by the Joint Photographic Experts Group.

Kantara initiative board of trustees

The Kantara Initiative Board of Trustees (KIBoT) is comprised of trustee-level members of the Kantara Initiative, who have the responsibility of reviewing ARB recommendations and awarding the Kantara Initiative Mark to applying assessors and CSPs.

Kantara initiative mark

A symbol of trustworthy identity and credential management services at specified Assurance Levels, awarded by the Kantara Initiative Board of Trustees.

Kantara trust status list

Online record of Accredited Assessors and Certified Services, maintained on the Kantara Initiative website, listing organizations and services that have received the Kantara Initiative Mark and the associated assurance levels achieved.

Kantara-accredited service

A service which has applied for accreditation and completed a certified assessment at the specified assurance level(s).

Kantara-approved assessor

A body that has been granted an accreditation to perform assessments against Service Assessment Criteria, at the specified assurance level(s).

kerberos

(Greek mythology: the three-headed dog that guarded the gates of Hades). An authentication service that issues a ticket-granting ticket and a one-way hashed session-key (for encryption), stored in a cache. It requires the continuous availability of the kerberos server and synchronised clocks, and can support SSO to other 'kerberised' services. It provides mutual authentication, and many-to-many communications. Created by MIT, used by MS-Windows, Mac, SUN, Linux and others.

A technology, originally developed at MIT but over time also adopted by Microsoft and made available on Windows, Unix, database and mainframe platforms, which separates authentication from applications. A user signs into the Kerberos system and is issued a cryptographic ticket -- containing assertions about the user's identity and security group memberships. The Kerberos software on the user's computer forwards this ticket to other applications which the user wishes to access, instead of requiring the user to sign into each application separately.

A widely used authentication protocol developed at the Massachusetts Institute of Technology (MIT). In "classic" Kerberos, users share a secret password with a Key Distribution Center (KDC). The user, Alice, who wishes to communicate with another user, Bob, authenticates to the KDC and is furnished a "ticket" by the KDC to use to authenticate with Bob. When Kerberos authentication is based on passwords, the protocol is known to be vulnerable to off-line dictionary attacks by eavesdroppers who capture the initial user-to-KDC exchange.

SOURCE: SP 800-63

A means of verifying the identities of principals on an open network. It accomplishes this without relying on the authentication, trustworthiness, or physical security of hosts while assuming all packets can be read, modified and inserted at will. It uses a trust broker model and symmetric cryptography to provide authentication and authorization of users and systems on the network.

SOURCE: SP 800-95

key

See "Cryptographic Key".

A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification.

sp 800-63

A numerical value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification.

SOURCE: CNSSI-4009

A parameter used in conjunction with a cryptographic algorithm that determines its operation.

Examples applicable to this Standard include:

1. The computation of a digital signature from data, and

2. The verification of a digital signature.

SOURCE: FIPS 186

key bundle

The three cryptographic keys (Key1, Key2, Key3) that are used with a Triple Data Encryption Algorithm mode.

SOURCE: SP 800-67

key distribution center (KDC)

COMSEC facility generating and distributing key in electronic form.

SOURCE: CNSSI-4009

key escrow

A deposit of the private key of a subscriber and other pertinent information pursuant to an escrow agreement or similar contract binding upon the subscriber, the terms of which require one or more agents to hold the subscriber's private key for the benefit of the subscriber, an employer, or other party, upon provisions set forth in the agreement.

SOURCE: SP 800-32

The processes of managing (e.g., generating, storing, transferring, auditing) the two components of a cryptographic key by two key component holders.

SOURCE: FIPS 185

1. The processes of managing (e.g., generating, storing, transferring, auditing) the two components of a cryptographic key by two key component holders.

2. A key recovery technique for storing knowledge of a cryptographic key, or parts thereof, in the custody of one or more third parties called "escrow agents," so that the key can be recovered and used in specified circumstances.

SOURCE: CNSSI-4009

key escrow system

A system that entrusts the two components comprising a cryptographic key (e.g., a device unique key) to two key component holders (also called "escrow agents").

SOURCE: FIPS 185; CNSSI-4009

key establishment

The process by which cryptographic keys are securely established among cryptographic modules using manual transport methods (e.g., key loaders), automated methods (e.g., key transport and/or key agreement protocols), or a combination of automated and manual methods (consists of key transport plus key agreement).

SOURCE: FIPS 140-2

The process by which cryptographic keys are securely established among cryptographic modules using key transport and/or key agreement procedures. See key distribution.

SOURCE: CNSSI-4009

key exchange

The process of exchanging public keys in order to establish secure communications.

SOURCE: SP 800-32

Process of exchanging public keys (and other information) in order to establish secure communications.

SOURCE: CNSSI-4009

key expansion

Routine used to generate a series of Round Keys from the Cipher Key.

SOURCE: FIPS 197

key generation material

Random numbers, pseudo-random numbers, and cryptographic parameters used in generating cryptographic keys.

SOURCE: SP 800-32; CNSSI-4009

key list

Printed series of key settings for a specific cryptonet. Key lists may be produced in list, pad, or printed tape format.

SOURCE: CNSSI-4009

key loader

A self-contained unit that is capable of storing at least one plaintext or encrypted cryptographic key or key component that can be transferred, upon request, into a cryptographic module.

SOURCE: FIPS 140-2

A self-contained unit that is capable of storing at least one plaintext or encrypted cryptographic key or a component of a key that can be transferred, upon request, into a cryptographic module.

SOURCE: CNSSI-4009

key logger

A program designed to record which keys are pressed on a computer keyboard used to obtain passwords or encryption keys and thus bypass other security measures.

SOURCE: SP 800-82

key management

The activities involving the handling of cryptographic keys and other related security parameters (e.g., IVs and passwords) during the entire life cycle of the keys, including their generation, storage, establishment, entry and output, and zeroization.

SOURCE: FIPS 140-2; CNSSI-4009

key management device

A unit that provides for secure electronic distribution of encryption keys to authorized users.

SOURCE: CNSSI-4009

key management infrastructure (KMI)

All parts "“ computer hardware, firmware, software, and other equipment and its documentation; facilities that house the equipment and related functions; and companion standards, policies, procedures, and doctrine that form the system that manages and supports the ordering and delivery of cryptographic material and related information products and services to users.

SOURCE: CNSSI-4009

key pair

In an asymmetric cryptosystem, a private key and its mathematically related public key, having the property that the public key can verify a digital signature that the private key creates, or in the case of data encryption, keys having the property that the private key can decrypt data encrypted with the public key. For encryption, the public key is used to encrypt; the corresponding private key to decrypt. A signature is generated with the private key and verified with the corresponding public key.

Two mathematically related keys having the properties that (1) one key can be used to encrypt a message that can only be decrypted using the other key, and 2) even knowing one key, it is computationally infeasible to discover the other key.

SOURCE: SP 800-32

A public key and its corresponding private key; a key pair is used with a public key algorithm.

SOURCE: SP 800-21; CNSSI-4009

key production key (KPK)

Key used to initialize a keystream generator for the production of other electronically generated key.

SOURCE: CNSSI-4009

key recovery

Mechanisms and processes that allow authorized parties to retrieve the cryptographic key used for data confidentiality.

SOURCE: CNSSI-4009

key recovery agent

In the context of private key recovery, the Key Recovery Agent is the entity that performs the key recovery function as a function of agreement or contract, or on another stakeholder's information as a byproduct of a primary agreement or contract.

key stream

Sequence of symbols (or their electrical or mechanical equivalents) produced in a machine or auto-manual cryptosystem to combine with plain text to produce cipher text, control transmission security processes, or produce key.

SOURCE: CNSSI-4009

key tag

Identification information associated with certain types of electronic key.

SOURCE: CNSSI-4009

key tape

Punched or magnetic tape containing key. Printed key in tape form is referred to as a key list.

SOURCE: CNSSI-4009

key transport

The secure transport of cryptographic keys from one cryptographic module to another module.

SOURCE: FIPS 140-2; CNSSI-4009

key updating

Irreversible cryptographic process for modifying key.

SOURCE: CNSSI-4009

key uploading

key wrap

A method of encrypting keying material (along with associated integrity information) that provides both confidentiality and integrity protection using a symmetric key algorithm.

SOURCE: 800-56A

key-auto-key (KAK)

Cryptographic logic using previous key to produce key.

SOURCE: CNSSI-4009

key-encryption-key (KEK)

Key that encrypts or decrypts other key for transmission or storage.

SOURCE: CNSSI-4009

keyed-hash based message authentication code (HMAC)

A message authentication code that uses a cryptographic key in conjunction with a hash function.

SOURCE: FIPS 198; CNSSI-4009

keying material

Key, code, or authentication information in physical, electronic, or magnetic form.

SOURCE: CNSSI-4009

keystroke monitoring

The process used to view or record both the keystrokes entered by a computer user and the computer's response during an interactive session. Keystroke monitoring is usually considered a special case of audit trails.

SOURCE: SP 800-12; CNSSI-4009

KMI operating account (KOA)

A KMI business relationship that is established 1) to manage the set of user devices that are under the control of a specific KMI customer organization, and 2) to control the distribution of KMI products to those devices.

SOURCE: CNSSI-4009

KMI protected channel (KPC)

A KMI Communication Channel that provides 1) Information Integrity Service; 2) either Data Origin Authentication Service or Peer Entity Authentication Service, as is appropriate to the mode of communications; and 3) optionally, Information Confidentiality Service.

SOURCE: CNSSI-4009

KMI-aware device

A user device that has a user identity for which the registration has significance across the entire KMI (i.e., the identity's registration data is maintained in a database at the PRSN level of the system, rather than only at an MGC) and for which a product can be generated and wrapped by a PSN for distribution to the specific device.

SOURCE: CNSSI-4009

known customer

A level of trust, it may be peer-generated or be determined by the service provider. Biased towards recent actions, it is an indication of a regular customer acting as expected at a predetermined registration strength or level of trust. This is usually only applicable within one organisation, or in a "community of interest" such as a group of government agencies or in "user-centric" identity management. A good example is how a user earns 'karma' at slashdot.org. Similar to Reputation or Character, it may be based on the recommendations of others whose opinions may have a trust value to the relying party, but it should be limited to within a given context. Social networking is a similar term. The results can be manipulated and even purchased, e.g. on My Space. Also see Trust, and the Federation "˜invitation' approach. Social networking where ones reputation or friends.

KOA agent

A user identity that is designated by a KOA manager to access PRSN product delivery enclaves for the purpose of retrieving wrapped products that have been ordered for user devices that are assigned to that KOA.

SOURCE: CNSSI-4009

KOA manager

The Management Role that is responsible for the operation of one or KOA's (i.e., manages distribution of KMI products to the end cryptographic units, fill devices, and ADPs that are assigned to the manager's KOA).

SOURCE: CNSSI-4009

KOA registration manager

The individual responsible for performing activities related to registering KOAs.

SOURCE: CNSSI-4009

label

SEE Security Label.

labeled security protections

Access control protection features of a system that use security labels to make access control decisions.

SOURCE: CNSSI-4009

laboratory attack

Use of sophisticated signal recovery equipment in a laboratory environment to recover information from data storage media.

SOURCE: SP 800-88; CNSSI-4009

layer network

A "topological component" that represents the complete set of access groups of the same type which may be associated for the purpose of transferring information.

LDAP over SSL

LDAPS is the short name for LDAP connections made over secure socket layers (SSL). Where LDAP is a plaintext protocol, LDAPS is encrypted and so more secure.

least privilege

The security objective of granting users only those accesses they need to perform their official duties.

SOURCE: SP 800-12

The principle that a security architecture should be designed so that each entity is granted the minimum system resources and authorizations that the entity needs to perform its function.

SOURCE: CNSSI-4009

least trust

The principal that a security architecture should be designed in a way that minimizes 1) the number of components that require trust, and 2) the extent to which each component is trusted.

SOURCE: CNSSI-4009

legal entity

A legal entity is an entity that can be a party to legal contracts. [See also: Wikipedia on Legal Entity.] By definition, all persons, all legally registered companies, and all countries are legal entities.

level of assurance (LOA)

See assurance level.

See Assurance Level.

See assurance level.

The degree of confidence in the vetting process used to establish the identity of the individual(s) or device(s) participating in the transaction.

The degree of confidence that the individual who uses the credential is, in fact, the individual to whom the credential was issued.

level of concern

Rating assigned to an information system indicating the extent to which protection measures, techniques, and procedures must be applied. High, Medium, and Basic are identified levels of concern. A separate Level-of-Concern is assigned to each information system for confidentiality, integrity, and availability.

SOURCE: CNSSI-4009

level of protection

Extent to which protective measures, techniques, and procedures must be applied to information systems and networks based on risk, threat, vulnerability, system interconnectivity considerations, and information assurance needs. Levels of protection are: 1. Basic: information systems and networks requiring implementation of standard minimum security countermeasures.

2. Medium: information systems and networks requiring layering of additional safeguards above the standard minimum security countermeasures. 3. High: information systems and networks requiring the most stringent protection and rigorous security countermeasures.

SOURCE: CNSSI-4009

liability limitation provisions

Contractual provisions that purport to limit liability, consisting of disclaimers of liability, provisions limiting certain elements of damages, and provisions limiting the amount of damages recoverable.

liability/liabilities

costs, claims, charges, demands, suits, damages, actions, causes of action, losses or liability, including attorneys' fees.

The legal consequence of having breached responsibilities (contractual, tort or other) and having caused damage to another.

liberty authentication assertion

See authentication assertion.

liberty-enable user agent or device (LUAD)

A user agent or device that has specific support for one or more profiles of the Liberty specifications. It should be noted that although a standard web browser can be used in many Liberty-specified scenarios, it does not provide specific support for the Liberty protocols, and thus is not a LUAD.

No particular claims of specific functionality should be implied about a system entity solely based on its definition as a LUAD. Rather, a LUAD may perform one or more Liberty system entity roles as defined by the Liberty specifications it implements. For example, a LUAD-LECP is a user agent or device that supports the Liberty LECP profile, and a LUAD-DS would define a user agent or device offering a Liberty ID-WSF Discovery Service.

liberty-enabled client (LEC)

An entity that has, or knows how to obtain, knowledge about the identity provider that the Principal wishes to use with the service provider.

liberty-enabled client and proxy profile

This profile specifies interactions between Liberty-enabled clients and/or proxies, service providers, and identity providers [LibertyBindProf].

liberty-enabled client or proxy (LECP)

A Liberty-enabled client is a client that has, or knows how to obtain, knowledge about the identity provider that the Principal wishes to use with the service provider. A Liberty-enabled proxy is an HTTP proxy (typically a WAP gateway) that emulates a Liberty-enabled client.

liberty-enabled provider

As used herein, and only herein, LEP may be either an Attribute Provider (AP), Discovery Service (DS), Service provider (SP), or Identity Provider (IdP) who collects, transfers, or receives the Personally Identifiable Information (PII) of a Principal.

An umbrella term referring to any Provider offering any ID-FF-, ID-WSF-, or ID-SIS-based services.

liberty-enabled proxy (LEP)

A Liberty-enabled proxy is a HTTP proxy (typically a WAP gateway) that emulates a Liberty-enabled client.

license

See accreditation.

lightweight directory access protocol (LDAP)

LDAP is a simple and standardized network protocol used by applications to connect to a directory, search for objects and add, edit or remove objects.

likelihood of occurrence

In Information Assurance risk analysis, a weighted factor based on a subjective analysis of the probability that a given threat is capable of exploiting a given vulnerability.

SOURCE: CNSSI-4009

limited maintenance

COMSEC maintenance restricted to fault isolation, removal, and replacement of plug-in assemblies. Soldering or unsoldering usually is prohibited in limited maintenance. See full maintenance.

SOURCE: CNSSI-4009

line conditioning

Elimination of unintentional signals or noise induced or conducted on a telecommunications or information system signal, power, control, indicator, or other external interface line.

SOURCE: CNSSI-4009

line conduction

Unintentional signals or noise induced or conducted on a telecommunications or information system signal, power, control, indicator, or other external interface line.

SOURCE: CNSSI-4009

line of business

The following OMB-defined process areas common to virtually

all federal agencies: Case Management, Financial Management,

Grants Management, Human Resources Management, Federal

Health Architecture, Information Systems Security, Budget

Formulation and Execution, Geospatial, and IT Infrastructure.

SOURCE: SP 800-53; SP 800-60

link encryption

Link encryption encrypts all of the data along a communications path (e.g., a satellite link, telephone circuit, or T1 line). Since link encryption also encrypts routing data, communications nodes need to decrypt the data to continue routing.

SOURCE: SP 800-12

Encryption of information between nodes of a communications system.

SOURCE: CNSSI-4009

list-oriented

Information system protection in which each protected object has a list of all subjects authorized to access it.

SOURCE: CNSSI-4009

local access

Access to an organizational information system by a user (or

process acting on behalf of a user) communicating through a

direct connection without the use of a network.

SOURCE: SP 800-53; CNSSI-4009

local administrator password

A local administrator password is the password to an account used by system administrators to install, configure and manage a system or application. Examples are Administrator on Windows, root on Unix/Linux and sa on Microsoft SQL Server.

local agent

A local agent is an agent installed on the target system itself.

Installation of local agents requires change control on the target system itself -- something which may be difficult and/or undesirable on a production system or application.

Local agents are well positioned to detect changes to user objects on a target system in real time, forwarding these changes to an identity management system which may act on them.

Communication between an identity management system and a local agent can always be protected, even if the native communication protocols of the target system are insecure.

local authority

Organization responsible for generating and signing user certificates in a PKI-enabled environment.

SOURCE: CNSSI-4009

local ID

A local ID is a user's unique identifier within the context of a single system. It may be the same as that user's profile ID, or it may be an alias.

local management device/key processor (LMD/KP)

EKMS platform providing automated management of COMSEC material and generating key for designated users.

SOURCE: CNSSI-4009

local registration authority (LRA)

A Registration Authority with responsibility for a local community.

SOURCE: SP 800-32

A Registration Authority with responsibility for a local community in a PKI-enabled environment.

SOURCE: CNSSI-4009

local session state

In the Liberty context, this term refers to a notion of session state "local" to, i.e., maintained by, a provider, with respect to an interaction with another system entity, typically a user agent. Note that the concrete techniques used to maintain session state vary; cookies [RFC2965], so-called "URL re-writing", and so-called "hidden form fields" are the most viable techniques in the HTTP, aka "web," world.

log file

Audit trail of actions and/or exceptions.

logic bomb

A piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.

SOURCE: CNSSI-4009

logical completeness measure

Means for assessing the effectiveness and degree to which a set of security and access control mechanisms meets security specifications.

SOURCE: CNSSI-4009

logical perimeter

A conceptual perimeter that extends to all intended users of the system, both directly and indirectly connected, who receive output from the system without a reliable human review by an appropriate authority. The location of such a review is commonly referred to as an "air gap."

SOURCE: CNSSI-4009

login accounts

Systems and applications where users have the ability to login and access features and data generally assign a login account to each user. Login accounts usually include a unique identifier for the user, some means of authentication, security entitlements and other, personally identifying information such as the user's name, location, etc.

login ID

The unique identifier that a user types to sign into a system or application is that user's login ID on that system.

login, logon, sign-on

The process whereby a user presents credentials to an authentication authority, establishes a simple session, and optionally establishes a rich session.

The act of a Principal proving their identity to a system entity, which typically establishes a session.

logout, logoff, sign-off

The process whereby a user signifies desire to terminate a simple session or rich session.

The termination of a session.

long title

Descriptive title of a COMSEC item.

SOURCE: CNSSI-4009

low impact

The loss of confidentiality, integrity, or availability that could be expected to have a limited adverse effect on organizational operations, organizational assets, individuals, other organizations, or the national security interests of the United States; (i.e., 1) causes a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; 2) results in minor damage to organizational assets; 3) results in minor financial loss; or 4) results in minor harm to individuals).

SOURCE: CNSSI-4009

low-impact system

An information system in which all three security objectives (i.e., confidentiality, integrity, and availability) are assigned a FIPS 199 potential impact of low.

SOURCE: SP 800-53; SP 800-60; FIPS 200

An information system in which all three security properties (i.e., confidentiality, integrity, and availability) are assigned a potential impact value of low.

SOURCE: CNSSI-4009

low probability of detection

Result of measures used to hide or disguise intentional electromagnetic transmissions.

SOURCE: CNSSI-4009

low probability of intercept

Result of measures to prevent the intercept of intentional electromagnetic transmissions. The objective is to minimize an adversary's capability of receiving, processing, or replaying an electronic signal.

SOURCE: CNSSI-4009

(LUAD)-WSC

A Web Service Consumer (WSC), that may or may not also be a Liberty-enabled User Agent or Device.

macro virus

A virus that attaches itself to documents and uses the macro programming capabilities of the document's application to execute and propagate.

SOURCE: SP 800-61; CNSSI-4009

magnetic remanence

Magnetic representation of residual information remaining on a magnetic medium after the medium has been cleared. See clearing.

SOURCE: CNSSI-4009

mail preference service (MPS) (Data Protection Act)

The Mail Preference Service (MPS) is a non- profit making body set up by the direct marketing industry to help people who do not wish to receive junk mail.

When an individual provides their surname and address to the MPS, the MPS will place the information on their consumer. This is then made available to those members of the direct marketing industry who subscribe to the MPS scheme. They undertake to ensure that the mailing lists they use and supply are "˜cleaned' of any names and addresses that appear on the MPS file. The result is that an individual should not, in future, receive their mailings.

maintenance hook

Special instructions (trapdoors) in software allowing easy maintenance and additional feature development. Since maintenance hooks frequently allow entry into the code without the usual checks, they are a serious security risk if they are not removed prior to live implementation.

SOURCE: CNSSI-4009

maintenance key

Key intended only for in-shop use.

SOURCE: CNSSI-4009

major application

An application that requires special attention to security due to the risk and magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of the information in the application. Note: All federal applications require some level of protection. Certain applications, because of the information in them, however, require special management oversight and should be treated as major. Adequate security for other applications should be provided by security of the systems in which they operate.

SOURCE: OMB Circular A-130, App. III

major information system

An information system that requires special management attention because of its importance to an agency mission; its high development, operating, or maintenance costs; or its significant role in the administration of agency programs, finances, property, or other resources.

SOURCE: OMB Circular A-130, App. III

malicious applets

Small application programs that are automatically downloaded and executed and that perform an unauthorized function on an information system.

SOURCE: CNSSI-4009

malicious code

Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. A virus, worm, Trojan horse, or other code-based entity that infects a host. Spyware and some forms of adware are also examples of malicious code.

SOURCE: SP 800-53; SP 800-53A; SP 800-61; CNSSI-4009

malicious logic

Hardware, firmware, or software that is intentionally included or inserted in a system for a harmful purpose.

SOURCE: CNSSI-4009

malware

A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system or of otherwise annoying or disrupting the victim.

SOURCE: 800-83; SP 800-41

See malicious code. See also malicious applets and malicious logic.

SOURCE: SP 800-53; SP 800-53A; CNSSI-4009

management chain

In a business setting, users normally have managers, who in turn have their own managers. The sequence of managers, starting with a given user and ending with the highest individual in an organization is that user's management chain. Management chains are relevant to identity management as they are often used to authorize security changes.

management client (MGC)

A configuration of a client node that enables a KMI external operational manager to manage KMI products and services by either

1) accessing a PRSN, or

2) exercising locally provided capabilities. An MGC consists of a client platform and an advanced key processor (AKP).

SOURCE: CNSSI-4009

management controls

The security controls (i.e., safeguards or countermeasures) for an information system that focus on the management of risk and the management of information system security.

SOURCE: SP 800-53; SP 800-53A; FIPS 200

Actions taken to manage the development, maintenance, and use of the system, including system-specific policies, procedures and rules of behavior, individual roles and responsibilities, individual accountability, and personnel security decisions.

SOURCE: CNSSI-4009

management security controls

The security controls (i.e., safeguards or countermeasures) for an information system that focus on the management of risk and the management of information systems security.

SOURCE: CNSSI-4009

mandate

A mandate (or proxy) is a revocable role or a set of revocable roles which refer(s) to one or more permissions granted by an identified entity to another identified entity to perform well-defined actions with legal consequences in the name and for the account of the former.

mandatory access control (MAC)

A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (i.e., clearance) of users to access information of such sensitivity.

SOURCE: SP 800-44

Access controls (which) are driven by the results of a comparison between the user's trust level or clearance and the sensitivity designation of the information.

SOURCE: FIPS 191

A means of restricting access to objects based on the sensitivity (as represented by a security label) of the information contained in the objects and the formal authorization (i.e., clearance, formal access approvals, and need-to-know) of subjects to access information of such sensitivity.

SOURCE: CNSSI-4009

mandatory modification

Change to a COMSEC end-item that NSA requires to be completed and reported by a specified date. See optional modification.

SOURCE: CNSSI-4009

manifestation

An observed or discovered (i.e., not self-asserted) representation of an entity's identity or claim. (Compare with assertion.)

An observed or discovered (i.e., not self-asserted) representation of an entity.

An observed or discovered (i.e., not self-asserted) representation of an entity. (Compare with assertion.)

man-in-the-middle (MITM)

An intermediate party acting as a proxy for clients on either side. Also a method of attacking a secure transmission, whereby the MITM intercepts and forwards messages without either party knowing it. This gives the potential to eavesdrop, change the message or collect private information. Applies to any message, encrypted or not. Mutual authentication is one form of protection. Trusted agents (eg a Root Certificate Authority) are another.

man-in-the-middle attack (MitM)

An attack on the authentication protocol run in which the attacker positions himself in between the claimant and verifier so that he can intercept and alter data traveling between them.

SP 800-63

A form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association.

SOURCE: CNSSI-4009

manipulative communications deception

Alteration or simulation of friendly telecommunications for the purpose of deception. See communications deception and imitative communications deception.

SOURCE: CNSSI-4009

manual cryptosystem

Cryptosystem in which the cryptographic processes are performed without the use of crypto-equipment or auto-manual devices.

SOURCE: CNSSI-4009

manual key transport

A nonelectronic means of transporting cryptographic keys by physically moving a device, document, or person containing or possessing the key or a key component.

SOURCE: SP 800-57

A nonelectronic means of transporting cryptographic keys.

SOURCE: FIPS 140-2

manual remote rekeying

Procedure by which a distant crypto-equipment is rekeyed electronically, with specific actions required by the receiving terminal operator. Synonymous with cooperative remote rekeying. See also automatic remote keying.

SOURCE: CNSSI-4009

marking

SEE Security Marking.

markup language

A set of XML elements and XML attributes to be applied to the structure of an XML document for a specific purpose. A markup language is typically defined by means of a set of XML schemas and accompanying documentation. For example, the Security Assertion Markup Language (SAML) is defined by two schemas and a set of normative SAML specification text.

masquerading

When an unauthorized agent claims the identity of another agent, it is said to be masquerading.

SOURCE: SP 800-19

A type of threat action whereby an unauthorized entity gains access to a system or performs a malicious act by illegitimately posing as an authorized entity.

SOURCE: CNSSI-4009

master cryptographic ignition key

Key device with electronic logic and circuits providing the capability for adding more operational CIKs to a keyset.

SOURCE: CNSSI-4009

match/matching

The process of comparing biometric information against a previously stored biometric data and scoring the level of similarity.

The process of comparing biometric information against a previously stored template(s) and scoring the level of similarity.

SOURCE: CNSSI-4009

mechanism

A process or technique for achieving a result [Merriam-Webster].

media

Physical devices or writing surfaces including but not limited to magnetic tapes, optical disks, magnetic disks, Large Scale Integration (LSI) memory chips, and printouts (but not including display media) onto which information is recorded, stored, or printed within an information system.

SOURCE: FIPS 200; SP 800-53; CNSSI-4009

media sanitization

A general term referring to the actions taken to render data written on media unrecoverable by both ordinary and extraordinary means.

SOURCE: SP 800-88

The actions taken to render data written on media unrecoverable by both ordinary and extraordinary means.

SOURCE: CNSSI-4009

memo of understanding

Executing an MOU begins the process of joining the E-Authentication Federation, and formally establishes an ongoing working relationship with the Initiative for an Agency. The MOU covers your commitments as an Agency, as well as the Initiative's commitment to your Agency.

memorandum of understanding/agreement (MOU/A)

A document established between two or more parties to define their respective responsibilities in accomplishing a particular goal or mission. In this guide, an MOU/A defines the responsibilities of two or more organizations in establishing, operating, and securing a system interconnection.

SOURCE: SP 800-47

A document established between two or more parties to define their respective responsibilities in accomplishing a particular goal or mission, e.g., establishing, operating, and securing a system interconnection.

SOURCE: CNSSI-4009

memory scavenging

The collection of residual information from data storage.

SOURCE: CNSSI-4009

message

A digital representation of information.

message authentication code (MAC)

A cryptographic checksum on data that uses a symmetric key to detect both accidental and intentional modifications of the data.

SOURCE: SP 800-63; FIPS 201

A cryptographic checksum that results from passing data through a message authentication algorithm.

SOURCE: FIPS 198

1. See Checksum.

2. A specific ANSI standard for a checksum.

SOURCE: CNSSI-4009

message digest

A cryptographic checksum, typically generated for a file that can be used to detect changes to the file; Secure Hash Algorithm-1 (SHA-1) is an example of a message digest algorithm.

SOURCE: SP 800-61

The result of applying a cryptographic hash function to a message.

SOURCE: SP 800-107

A digital signature that uniquely identifies data and has the property that changing a single bit in the data will cause a completely different message digest to be generated.

SOURCE: SP 800-92

A cryptographic checksum, typically generated for a file that can be used to detect changes to the file. Synonymous with hash value/result.

SOURCE: CNSSI-4009

message exchange patter (MEP)

A term, borrowed from [SOAPv1.2], for the overall notion of various patterns of message exchange between SOAP nodes. For example, request-reply and one-way are two MEPs used in this specification.

message externals

Information outside of the message text, such as the header, trailer, etc.

SOURCE: CNSSI-4009

message indicator

Sequence of bits transmitted over a communications system for synchronizing cryptographic equipment.

SOURCE: CNSSI-4009

message integrity

The assurance of unaltered transmission of a message from the sender to the intended recipient.

message thread

A message thread is a synchronous exchange of messages in a request-response MEP between two SOAP nodes. All the messages of a given message thread are "linked" via each message's <wsa:RelatesTo> header block value being set, by the sender, from the previous successfully received message's <wsa:MessageID> header block value.

meta directory

A meta directory is an application that collects information from two or more physical directories, to create a master copy with all relevant data about every object of interest. Conflicts, errors and omissions in the data may be corrected during this merge process, and the resulting data, which should be clean and correct, can then be sent back to the original directories.

Meta directories are used to implement auto-provisioning, auto-termination and identity synchronization.

metadata

Information necessary for Nodes (Federation Member Systems) to technically interoperate. Metadata encompasses:

"¢ E-Authentication specific information"“ scheme independent information pertaining to E-Authentication Federation Members (e.g., AA identifiers and CS identifiers) and EAuthentication policies (e.g., Assurance Levels, issuers, client/server certificates)

"¢ Scheme specific information "“ information that directly supports technical interoperability for this scheme. Some or all of the Metadata for this scheme may not be used for a different E-Authentication scheme.

A Node must be configured with both E-Authentication specific Metadata and scheme specific Metadata. Failure to completely and correctly configure Metadata can preclude technical interoperation, or result in unexpected consequences or negative impacts to any number of Nodes. Metadata is not considered secret information.

The information that describes another set of data (ie data about data). It is used to establish a common naming terminology and/or a common repository for instances of the same data. Applicable mainly to IDM attributes, data warehousing cubes and data exchange events. For example; surname, last name, family name, employee name, customer name, staff-surname may all be described as "sn" in an IDM repository or in XML.

Definitional data that provides information about other data or system entities managed within an application or environment. In Liberty, metadata is Provider information that is necessary for interacting with Providers [LibertyMetadata].

metrics

Tools designed to facilitate decisionmaking and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data.

SOURCE: 800-55

MIME

SEE Multipurpose Internet Mail Extensions.

mimicking

SEE Spoofing.

min-entropy

A measure of the difficulty that an attacker has to guess the most commonly chosen password used in a system.

SOURCE: SP 800-63

minimalist cryptography

Cryptography that can be implemented on devices with very limited memory and computing capabilities, such as RFID tags.

SOURCE: SP 800-98

minor application

An application, other than a major application, that requires attention to security due to the risk and magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of the information in the application. Minor applications are typically included as part of a general support system.

SOURCE: SP 800-18 Rev 1

misnamed files

A technique used to disguise a file's content by changing the file's name to something innocuous or altering its extension to a different type of file, forcing the examiner to identify the files by file signature versus file extension.

SOURCE: SP 800-72; CNSSI-4009

mission assurance category (MAC)

A Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) term primarily used to determine the requirements for availability and integrity.

SOURCE: CNSSI-4009

mission critical

Any telecommunications or information system that is defined as a national security system (Federal Information Security Management Act of 2002 - FISMA) or processes any information the loss, misuse, disclosure, or unauthorized access to or modification of, would have a debilitating impact on the mission of an agency.

SOURCE: SP 800-60

mobile code

Software programs or parts of programs obtained from remote information systems, transmitted across a network, and executed on a local information system without explicit installation or execution by the recipient.

SOURCE: SP 800-53; SP 800-53A; SP 800-18

A program (e.g., script, macro, or other portable instruction) that can be shipped unchanged to a heterogeneous collection of platforms and executed with identical semantics.

SOURCE: SP 800-28

Software programs or parts of programs obtained from remote information systems, transmitted across a network, and executed on a local information system without explicit installation or execution by the recipient.

Note: Some examples of software technologies that provide the mechanisms for the production and use of mobile code include Java, JavaScript, ActiveX, VBScript, etc.

SOURCE: CNSSI-4009

mobile code technologies

Software technologies that provide the mechanisms for the production and use of mobile code (e.g., Java, JavaScript, ActiveX, VBScript).

SOURCE: SP 800-53; SP 800-53A; SP 800-18

mobile device

Portable cartridge/disk-based, removable storage media (e.g., floppy disks, compact disks, USB flash drives, external hard drives, and other flash memory cards/drives that contain nonvolatile memory).

Portable computing and communications device with information storage capability (e.g., notebook/laptop computers, personal digital assistants, cellular telephones, digital cameras, and audio recording devices).

SOURCE: SP 800-53

mobile passwords

Mobile passwords are passwords stored in the security database on a portable device, such as a PDA or smart phone. Mobile devices typically have dynamic addresses, are sometimes turned off and may not respond to requests they receive from the network, other than special cases such as phone calls and text messages.

mobile site

A self-contained, transportable shell custom-fitted with the specific IT equipment and telecommunications necessary to provide full recovery capabilities upon notice of a significant disruption.

SOURCE: SP 800-34

mobile software agent

Programs that are goal-directed and capable of suspending their execution on one platform and moving to another platform where they resume execution.

SOURCE: SP 800-19

mode of operation

An algorithm for the cryptographic transformation of data that features a symmetric key block cipher algorithm.

SOURCE: SP 800-38C

Description of the conditions under which an information system operates based on the sensitivity of information processed and the clearance levels, formal access approvals, and need-to-know of its users. Four modes of operation are authorized for processing or transmitting information: dedicated mode, system high mode, compartmented/partitioned mode, and multilevel mode.

SOURCE: CNSSI-4009

model

A very detailed description or scaled representation of one component of a larger system that can be created, operated, and analyzed to predict actual operational characteristics of the final produced component.

moderate impact

The loss of confidentiality, integrity, or availability that could be expected to have a serious adverse effect on organizational operations, organizational assets, individuals, other organizations, or the national security interests of the United States; (i.e., 1) causes a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; 2) results in significant damage to organizational assets; 3) results in significant financial loss; or 4) results in significant harm to individuals that does not involve loss of life or serious life threatening injuries).

SOURCE: CNSSI-4009

moderate-impact system

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a FIPS 199 potential impact value of moderate and no security objective is assigned a FIPS 199 potential impact value of high.

SOURCE: SP 800-53; SP 800-53A; SP 800-60; FIPS 200

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a potential impact value of moderate and no security objective is assigned a potential impact value of high.

SOURCE: CNSSI-4009

monitor

Carrying out an activity for the purpose of detecting, observing, copying or recording the location, movement, activities, or state of an Individual.

multi-factor authentication

Multi-factor authentication means authentication using multiple factors. For example, a user might sign into a system with a combination of two things he knows, or a combination of something he knows and something he has, or perhaps something he knows, something he has and something he is.

The premise is that adding authentication factors makes it more difficult for a would-be attacker to simulate a legitimate authentication and consequently impersonate a legitimate user.

multifactor authentication

Authentication using two or more factors to achieve

authentication. Factors include: (i) something you know (e.g.

password/PIN); (ii) something you have (e.g., cryptographic

identification device, token); or (iii) something you are (e.g.,

biometric). See Authenticator.

SOURCE: SP 800-53

multi-hop problem

The security risks resulting from a mobile software agent visiting several platforms.

SOURCE: SP 800-19

multi-key password release

Password disclosure may require authorization. For example, system administrator A may need a password, but might not be allowed to see the password until other people -- say B and C, approve the disclosure. Multi-key password disclosure refers to any process where the actions of more than one person are required to disclose a password.

multilevel device

Equipment trusted to properly maintain and separate data of different security domains.

SOURCE: CNSSI-4009

multilevel mode

Mode of operation wherein all the following statements are satisfied concerning the users who have direct or indirect access to the system, its peripherals, remote terminals, or remote hosts: 1) some users do not have a valid security clearance for all the information processed in the information system; 2) all users have the proper security clearance and appropriate formal access approval for that information to which they have access; and 3) all users have a valid need-to-know only for information to which they have access.

SOURCE: CNSSI-4009

multi-releasable

A characteristic of an information domain where access control mechanisms enforce policy-based release of information to authorized users within the information domain.

SOURCE: CNSSI-4009

multilevel security (MLS)

Concept of processing information with different classifications and categories that simultaneously permits access by users with different security clearances and denies access to users who lack authorization.

SOURCE: CNSSI-4009

multiple component incident

A single incident that encompasses two or more incidents.

SOURCE: SP 800-61

multiple security levels (MSL)

Capability of an information system that is trusted to contain, and maintain separation between, resources (particularly stored data) of different security domains.

SOURCE: CNSSI-4009

multipurpose internet mail extensions (MIME)

An extensible mechanism for email. A variety of MIME types exist for sending content such as audio using the Simple Mail Transfer Protocol (SMTP) protocol.

SOURCE: SP 800-41

mutual authentication

This requires that both the service provider and the user positively identify each other. In this way the authentication is strengthened for both parties; it cannot be phished or spoofed as users aren't tricked into entering personal information on fake sites.

Requirement that both the service provider and the user identify each other.

the process by which two entities (such as a client and a server) authenticate each other such that each is assured of the other's identity.

A process by which two entities (e.g., a client and a server) authenticate each other such that each is assured of the other's identity.

The process by which two entities (such as a client and a server) authenticate each other such that each is assured of the other's identity.

Occurs when parties at both ends of a communication activity authenticate each other.

SOURCE: SP 800-32

The process of both entities involved in a transaction verifying each other.

SOURCE: CNSSI-4009

mutual suspicion

Condition in which two information systems need to rely upon each other to perform a service, yet neither trusts the other to properly protect shared data.

SOURCE: CNSSI-4009

N out of M

"N out of M" describes a multi-person control technique. An example would be the case in which multiple persons each have only a portion of the data necessary to activate the private key that enables operation of the system. Thus if N is 3, then 3 individuals would be required to be present to activate the system (e.g., enable the CA to sign certificates or CRLs). To ensure that the unavailability of one or more of the individuals does not prevent the operation of the system, it is possible to distribute portions of material to more than 3 individuals (for example, 5 people) and have the system operable when any 3 of the 5 people are available.

name

A name is the identifier of an entity (e.g., subscriber, network

element) that may be resolved/ translated into an address.

A name is an identifier of an entity (e.g., subscriber, network element) that may be resolved/translated into an address.

An expression by which an entity is known addressed or referred to.

A name is an identifier of an entity (e.g., subscriber, network element) that may be resolved/translated into an address.

name qualifier

A string that disambiguates an identifier that may be used in more than one namespace (in the federated sense) to represent different principals.

namespace

This term is used in several senses in SAML: 5) (In discussing federated names) A domain in which an identifier is unique in representing a single principal. 6) (With respect to authorization decision actions) A URI that identifies the set of action values from which the supplied action comes. 7) (In XML) See XML namespace.

naming authority

An organizational entity responsible for assigning distinguished names (DNs) and for assuring that each DN is meaningful and unique within its domain.

SOURCE: SP 800-32

national archives and records administration (NARA)

The National Archives and Records Administration Act of 1984 amended the records management statutes to divide records management responsibilities between the National Archives and Records Administration (NARA) and the General Services Administration (GSA). Under the Act, NARA is responsible for adequacy of documentation and records disposition and GSA is responsible for economy and efficiency in records management.

Section 3101 of title 44 U.S.C. requires the head of each Federal Agency to make and preserve records containing adequate and proper documentation of the organization, functions, policies, decisions, procedures and essential transactions of the Agency and designed to furnish the information necessary to protect the legal and financial rights of the Government and of persons directly affected by the Agency's activities.

national information assurance partnership (NIAP)

A U.S. Government initiative established to promote the use of evaluated information systems products and champion the development and use of national and international standards for information technology security. NIAP was originally established as a collaboration between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) in fulfilling their respective responsibilities under P.L. 100-235 (Computer Security Act of 1987). NIST officially withdrew from the partnership in 2007 but NSA continues to manage and operate the program. The key operational component of NIAP is the Common Criteria Evaluation and Validation Scheme (CCEVS) which is the only U.S. Government-sponsored and endorsed program for conducting internationally recognized security evaluations of commercial off-the-shelf (COTS) Information Assurance (IA) and IA-enabled information technology products. NIAP employs the CCEVS to provide government oversight or "validation" to U.S. CC evaluations to ensure correct conformance to the International Common Criteria for IT Security Evaluation (ISO/IEC 15408).

SOURCE: CNSSI-4009

national information infrastructure

Nationwide interconnection of communications networks, computers, databases, and consumer electronics that make vast amounts of information available to users. It includes both public and private networks, the Internet, the public switched network, and cable, wireless, and satellite communications.

SOURCE: CNSSI-4009

national security emergency preparedness telecommunications services

Telecommunications services that are used to maintain a state of readiness or to respond to and manage any event or crisis (local, national, or international) that causes or could cause injury or harm to the population, damage to or loss of property, or degrade or threaten the national security or emergency preparedness posture of the United States.

SOURCE: SP 800-53; CNSSI-4009; 47 C.F.R., Part 64, App A

national security information

Information that has been determined pursuant to Executive Order 12958 as amended by Executive Order 13292, or any predecessor order, or by the Atomic Energy Act of 1954, as amended, to require protection against unauthorized disclosure and is marked to indicate its classified status.

SOURCE: SP 800-53A; SP 800-60; FIPS 200

national security information (NSI)

See classified national security information.

SOURCE: CNSSI-4009

national security system

Any information system (including any telecommunications system) used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency"”(i) the function, operation, or use of which involves intelligence activities; involves cryptologic activities related to national security; involves command and control of military forces; involves equipment that is an integral part of a weapon or weapons system; or is critical to the direct fulfillment of military or intelligence missions (excluding a system that is to be used for routing administrative and business applications, for example, payroll, finance, logistics, and personnel management applications); or (ii) is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept classified in the interest of national defense or foreign policy. [44 U.S.C., SEC. 3542]

SOURCE: FIPS 200; SP 800-53; SP 800-53A; SP 800-60

Any information system (including any telecommunications system) used or operated by an agency or by a contractor of any agency, or other organization on behalf of an agency, the function, operation, or use of which: I. involves intelligence activities; II. involves cryptologic activities related to national security; III. Involves command and control of military forces; IV. involves equipment that is an integral part of a weapon or weapon system; or V. subject to subparagraph (B), is critical to the direct fulfillment of military or intelligence missions; or is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept classified in the interest of national defense or foreign policy.

Subparagraph (B). Does not include a system that is to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications). (Title 44 U.S. Code Section 3542, Federal Information Security Management Act of 2002.)

SOURCE: CNSSI-4009

national vulnerability database (NVD)

The U.S. government repository of standards-based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g., FISMA).

SOURCE: http://nvd.nist.gov/

natural person

A human being

need-to-know

A method of isolating information resources based on a user's need to have access to that resource in order to perform their job but no more. The terms "˜need-to know" and "least privilege" express the same idea. Need-to-know is generally applied to people, while least privilege is generally applied to processes.

SOURCE: CNSSI-4009

need to know determination

Decision made by an authorized holder of official information that a prospective recipient requires access to specific official information to carry out official duties.

SOURCE: CNSSI-4009

needs assessment (IT security awareness and training)

A process that can be used to determine an organization's awareness and training needs. The results of a needs assessment can provide justification to convince management to allocate adequate resources to meet the identified awareness and training needs.

SOURCE: SP 800-50

nested groups

Nested groups are groups that contain, among their members, other groups. This is a powerful construct but it can be complicated for applications to support and may cause performance problems if not implemented well. Active Directory is one system that effectively supports nested groups.

netID

An electronic identifier created specifically for use with on-line applications. It is often an integer and typically has no other meaning.

network

An open communications medium, typically the Internet, that is used to transport messages between the claimant and other parties. Unless otherwise stated no assumptions are made about the security of the Network; it is assumed to be open and subject to active (e.g., impersonation, man-in-the-middle, session hijacking"¦) and passive (e.g., eavesdropping) attack at any point between the parties (claimant, verifier, CSP or relying party).

An open communications medium, typically, the Internet, that is used to transport messages between the claimant and other parties.

An open communications medium, typically the Internet, that is used to transport messages between the claimant and other parties.

An open communications medium, typically, the Internet, that is used to transport messages between the claimant and other parties.

Information system(s) implemented with a collection of interconnected components. Such components may include routers, hubs, cabling, telecommunications controllers, key distribution centers, and technical control devices.

network access

Access to an organizational information system by a user (or a process acting on behalf of a user) communicating through a network (e.g., local area network, wide area network, Internet).

SOURCE: SP 800-53; CNSSI-4009

network access control

Network access control is a technology that validates the security settings, location, ownership, anti-malware software installation or other characteristics of a network endpoint before allowing that device to access network services.

network endpoint

A network endpoint is a device with which a user accessed network services. Examples include corporate or home PCs, smart phones, PDAs, Internet and Intranet kiosks, etc.

network front-end

Device implementing protocols that allow attachment of a computer system to a network.

SOURCE: CNSSI-4009

network identity

Identity relationships within a digital network may include multiple identity entities. However, in a decentralised network like the Internet, such extended identity relationships effectively require both (a) the existence of independent trust relationships between each pair of entities in the relationship and (b) a means of reliably integrating the paired relationships into larger relational units. And if identity relationships are to reach beyond the context of a single, federated ontology of identity (see Taxonomies of identity above), identity attributes must somehow be matched across diverse ontologies. The development of network approaches that can embody such integrated "compound" trust relationships is currently a topic of much debate in the blogosphere. See additional info at website.

An abstraction, consisting of a Principal's global set of attributes, which is composed from a "union" of the Principal's accounts. See also identity.

network reference monitor

SEE Reference Monitor.

network resilience

A computing infrastructure that provides continuous business operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged), rapid recovery if failure does occur, and the ability to scale to meet rapid or unpredictable demands.

SOURCE: CNSSI-4009

network security

SEE Information Assurance.

network security officer

SEE Information Systems Security Officer.

network sniffing

A passive technique that monitors network communication, decodes protocols, and examines headers and payloads for information of interest. It is both a review technique and a target identification and analysis technique.

SOURCE: SP 800-115

network sponsor

Individual or organization responsible for stating the security policy enforced by the network, designing the network security architecture to properly enforce that policy, and ensuring that the network is implemented in such a way that the policy is enforced.

SOURCE: CNSSI-4009

network system

System implemented with a collection of interconnected components. A network system is based on a coherent security architecture and design.

SOURCE: CNSSI-4009

network transparency

The ability of a protocol to transmit data over the network in a manner which is transparent to those using the applications that are using the protocol.

network weaving

Penetration technique in which different communication networks are linked to access an information system to avoid detection and trace-back.

SOURCE: CNSSI-4009

node

Synonym for "Federation Member System" in context of rolling out the System to or operating the System in the production Authentication Service Component (ASC) federated Network of interconnected Systems (Nodes).

node information form

Form to be filled out by the Agency that documents essential information about the Agency's Node. Essential information includes Metadata values, assertion engine information, and E-GCA production certificate information.

no-lone zone (NLZ)

Area, room, or space that, when staffed, must be occupied by two or more appropriately cleared individuals who remain within sight of each other. See two-person integrity.

SOURCE: CNSSI-4009

nonlocal maintenance

Maintenance activities conducted by individuals communicating through a network; either an external network (e.g., the Internet) or an internal network.

SOURCE: SP 800-53

non-organizational user

A user who is not an organizational user (including public users).

SOURCE: SP 800-53

non-person entity (NPE)

An entity with a digital identity that acts in cyberspace, but is not a human actor. This can include organizations, hardware devices, software applications, and information artifacts.

(non)repudiation

The ability through historical logs and logical analysis to prevent or discourage an Entity from denying that it had acted as an Identity in a given transaction, especially in a legal sense. It may need to be based on a biometric and include encrypted audit trails to be successful in a court of law; otherwise the offender could be able to plead guilty to the lesser charge of leaving their password on a Post-It Note.

Non-repudiation of origin is the ability to prevent an acting entity from denying at a later stage that it performed that specific action.

The ability through historical logs and logical analysis to prevent or discourage an Entity from denying that it had acted as an Identity in a given transaction, especially in a legal sense. It may need to be based on a biometric and include encrypted audit trails to be successful in a court of law; otherwise the offender could be able to plead guilty to the lesser charge of leaving their password on a Post-It Note.

i. The ability to prove an action or event has taken place, so that this event or action cannot be repudiated later

ii. The ability through historical logs and logical analysis to prevent or discourage an Entity from denying that it had acted as an Identity in a given transaction, especially in a legal sense.

Strong and substantial evidence of the identity of the signer of a message and of message integrity, sufficient to prevent a party from successfully denying the origin, submission or delivery of the message and the integrity of its contents.

In a legal context, sufficient evidence to persuade the ultimate authority (judge, jury or arbiter) as to such origin, submission, delivery, and integrity, despite an attempted denial by the purported sender.

Contrast the above legal definition with the following technical definition: "Assurance the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender's identity, so neither can later deny having processed the data."

A name is an identifier of an entity (e.g., subscriber, network element) that may be resolved/translated into an address.

The ability to protect against denial by one of the entities involved in an action of having participated in all or part of the action.

Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender's identity, so neither can later deny having processed the information.

SOURCE: CNSSI-4009

Protection against an individual falsely denying having performed a particular action. Provides the capability to determine whether a given individual took a particular action such as creating information, sending a message, approving information, and receiving a message.

SOURCE: SP 800-53; SP 800-53A; SP 800-60; SP 800-18

Is the security service by which the entities involved in a communication cannot deny having participated. Specifically, the sending entity cannot deny having sent a message (non-repudiation with proof of origin), and the receiving entity cannot deny having received a message (non-repudiation with proof of delivery).

SOURCE: FIPS 191

A service that is used to provide assurance of the integrity and origin of data in such a way that the integrity and origin can be verified and validated by a third party as having originated from a specific entity in possession of the private key (i.e., the signatory).

SOURCE: FIPS 186

non-transitive proxy capability

The ability to act for another entity based on Trusted Authority Policy. The capability is non-transferable.

nonce

A value used in security protocols that is never repeated with the same key. For example, challenges used in challenge-response authentication protocols generally must not be repeated until authentication keys are changed, or there is a possibility of a replay attack. Using a nonce as a challenge is a different requirement than a random challenge, because a nonce is not necessarily unpredictable.

SOURCE: SP 800-63

A random or non-repeating value that is included in data exchanged by a protocol, usually for the purpose of guaranteeing the transmittal of live data rather than replayed data, thus detecting and protecting against replay attacks.

SOURCE: CNSSI-4009

notarial service

Notarial services are undertaken by notaries. There are two different major types of notaries: common law notaries and Latin notaries. Common law notaries are found mostly in the English speaking world; i.e., America and the UK. Latin notaries are predominately found in the rest of the world. We expand on these definitions and the differences between the two because each provides a different service to the requestor. Latin notaries are responsible for the correctness of the notarized data; they may also act as an archivist of the document. Common law notaries authenticate the execution of the document but do not authenticate the accuracy of the data in the notarized document.

notary

A notary is an entity which can attest to the authenticity of an identifier within an interaction.

notification (Data Protection Act)

Notification is the process by which a data controller's processing details are added to a register. Under the Data Protection Act every data controller who is processing personal information needs to notify unless they are exempt. Failure to notify is a criminal offence. Even if a data controller is exempt from notification, they must still comply with the data protection principles. The Commissioner maintains a public register of data controllers available at www.ico.gov.uk. A register entry only shows what a data controller has told the Commissioner about the type of data being processed. It does not name the people about whom information is held.

notify

To communicate or make available information to another person as required under the circumstances.

NSA-approved cryptography

Cryptography that consists of: (i) an approved algorithm; (ii) an

implementation that has been approved for the protection of

classified information in a particular environment; and (iii) a

supporting key management infrastructure.

SOURCE: SP 800-53

null

Dummy letter, letter symbol, or code group inserted into an encrypted message to delay or prevent its decryption or to complete encrypted groups for transmission or transmission security purposes.

SOURCE: CNSSI-4009

nym

A nym is synonymous with a pseudonym.

Short for "pseudonym," a nym is a fictitious name that can refer to an entity without using any of its directly identifiable characteristics, such as name, location, etc. OpenPrivacy uses public-key pairs to represent a nym, with the owner having sole access to the private part and the public part being published to at least one external party. A long-lived nym is useful in that it allows for trust (or "reputation") to accumulate over time and usage. Often, we refer to the public key as the "nym," as it is how the entity is know in the outside world.

A nym is an identifier that cannot be readily linked to the underlying entity. An anonym can't. A pseudonym can't easily.

object

A well-defined piece of information, definition, or specification which requires a name in order to identify its use in an instance of communication and identity management processing. Entity within the scope of the DOI system; the entity may be abstract, physical or digital, as any of these forms of entity may be of relevance in content management (e.g. people, resources, agreements).

i. A well-defined piece of information, definition, or

specification which requires a name in order to identify its use in an instance of communication and identity management processing.

ii. Entity within the scope of the DOI system; the entity may be abstract, physical or digital, as any of these forms of entity may be of relevance in content management (e.g.,

people, resources, agreements).

A passive entity that contains or receives information.

SOURCE: SP 800-27

Passive information system-related entity (e.g., devices, files, records, tables, processes, programs, domains) containing or receiving information. Access to an object implies access to the information it contains.

SOURCE: CNSSI-4009

Passive information system-related entity (e.g., devices, files, records, tables, processes, programs, domains) containing or receiving information. Access to an object (by a subject) implies access to the information it contains. See Subject.

SOURCE: SP 800-53

object identifier (OID)

Object identifier.

The unique alphanumeric/numeric identifier registered under the ISO registration standard to reference a specific object or object class. They are used to uniquely identify a policy, which policy is subject to change, despite the constancy of the identifier.

A specialized formatted number that is registered with an internationally recognized standards organization. The unique alphanumeric/numeric identifier registered under the ISO registration standard to reference a specific object or object class. In the federal government PKI, they are used to uniquely identify each of the four policies and cryptographic algorithms supported.

SOURCE: 800-32

object reuse

Reassignment and reuse of a storage medium containing one or more objects after ensuring no residual data remains on the storage medium.

SOURCE: CNSSI-4009

off-card

Refers to data that is not stored within the PIV Card or to a computation that is not performed by the Integrated Circuit Chip (ICC) of the PIV Card.

Refers to data that is not stored within the PIV card or computation that is not done by the Integrated Circuit Chip (ICC) of the PIV card.

SOURCE: FIPS 201

offer template

A set of seemingly disparate opinions can be grouped together (in a bias-like structure) for the purpose of finding best matches in a universe of unconnected data. A reputation service that receives an offer template may advertise prizes for parent nyms that can validate ownership of a subset of the template.

off-line attack

An attack where the attacker obtains some data (typically by eavesdropping on an authentication protocol run, or by penetrating a system and stealing security files) that he/she is able to analyze in a system of his/her own choosing.

SOURCE: SP 800-63

off-line cryptosystem

Cryptographic system in which encryption and decryption are performed independently of the transmission and reception functions.

SOURCE: CNSSI-4009

official information

All information in the custody and control of a U.S. Government department or agency that was acquired by U.S. Government employees as a part of their official duties or because of their official status and has not been cleared for public release.

SOURCE: CNSSI-4009

on-card

Refers to data that is stored within the PIV card or computation that is done by the ICC of the PIV card.

SOURCE: FIPS 201

onboarding

This is the process where users join an organization. It may refer to hiring new employees, bringing in contractors or signing up visitors to a web portal.

one-card

Refers to data that is stored within the PIV Card or to a computation that is performed by the Integrated Circuit Chip (ICC) of the PIV Card.

one-part code

Code in which plain text elements and their accompanying code groups are arranged in alphabetical, numerical, or other systematic order, so one listing serves for both encoding and decoding. One-part codes are normally small codes used to pass small volumes of low-sensitivity information.

SOURCE: CNSSI-4009

one-time cryptosystem

Cryptosystem employing key used only once.

SOURCE: CNSSI-4009

one-time pad

Manual one-time cryptosystem produced in pad form.

SOURCE: CNSSI-4009

one-time password (OTP)

A temporary password generated by a time-based algorithm that is then compared to a server-calculated password. It is only valid within a short time "˜window' (such as one minute) and can (preferably) only be used once within that time window. Also known as Time Synchronisation. The server and the token clocks need to remain synchronised over time and processes are usually implemented to adjust for that. The passwords are usually 6-digit codes and usually generated by a device, either after the entry of a PIN or with a continuous display of the next OTP (ie no PIN required). For example; a hardware token with a display screen, either with or without a keypad. Those with a keypad are two-factor devices ("˜have' the device and "˜know' the PIN), whereas those without a keypad are really only a single-factor device. For the latter to become a two-factor solution a PIN/Password can be keyed into the PC along with the OTP during the logon process. Some would argue that constant-display tokens are still only a "˜single-factor' solution because two passwords are needed (both "˜know') for authentication (and only one password is needed in the case of a stolen or found OTP constant-display token).

A one-time password (OTP) is an algorithm used to produce a different password every time a user needs to authenticate. OTP passwords may be time-based (i.e., the password for any given minute/hour/date is different and may be computed both by the user and the system into which the user wishes to authenticate). OTP passwords may also be series based (the password value depends on the number of times the user has signed on before), or may be computed by the user in response to a challenge presented by the server.

one-time tape

Punched paper tape used to provide key streams on a one-time basis in certain machine cryptosystems.

SOURCE: CNSSI-4009

one-to-many

Synonym for "Identification". [INCITS/M1-040211]

one-way hash algorithm

Hash algorithms which map arbitrarily long inputs into a fixed-size output such that it is very difficult (computationally infeasible) to find two different hash inputs that produce the same output. Such algorithms are an essential part of the process of producing fixed-size digital signatures that can both authenticate the signer and provide for data integrity checking (detection of input modification after signature).

SOURCE: SP 800-49; CNSSI-4009

online

The state associated with the ability to connect and communicate with other networks, systems, computers, subjects or components in real time through the Internet.

online attack

An attack against an authentication protocol where the attacker either assumes the role of a claimant with a genuine verifier or actively alters the authentication channel. The goal of the attack may be to gain authenticated access or learn authentication secrets.

SOURCE: SP 800-63

online certificate status protocol (OCSP)

This is the real-time method of establishing the status (current, expired or unknown) of a Digital Certificate, using HTTP. An older method, which OCSP has superseded in some scenarios, is known as Certificate Revocation Lists (CRL).

A specification for online and real-time inquiries concerning the status of a particular certificate and for online and real-time responses to such inquiries communicating the status of that certificate. An alternative to a CRL.

The OCSP protocol, RFC 2560, enables online validation of the reliability of a digital certificate. RFC 2560 defines a mandatory-to-implement mechanism supporting the revocation status of the certificate and defines an optional extension mechanism to support a richer set of semantics (e.g., full path validation by the OCSP server).

An online protocol used to determine the status of a public key certificate. [RFC 2560]

An online protocol used to determine the status of a public key certificate.

SOURCE: SP 800-63; FIPS 201

online cryptosystem

Cryptographic system in which encryption and decryption are performed in association with the transmitting and receiving functions.

SOURCE: CNSSI-4009

opaque handle

An identifier that has meaning only in the context between a specific identity provider and specific service provider.

open storage

Any storage of classified national security information outside of approved containers. This includes classified information that is resident on information systems media and outside of an approved storage container, regardless of whether or not that media is in use (i.e., unattended operations).

SOURCE: CNSSI-4009

operating rules

Day to day practices and policies Federation Members agree to in order to ensure Federation security, consistency, and service standards.

operating system (OS) fingerprinting

Analyzing characteristics of packets sent by a target, such as packet headers or listening ports, to identify the operating system in use on the target.

SOURCE: SP 800-115

operational authority

Personnel who are responsible for the overall operation of a CA. Their responsibility may cover areas such as staffing, finances, dispute resolution, and policy decisions.

operational controls

The security controls (i.e., safeguards or countermeasures) for an information system that primarily are implemented and executed by people (as opposed to systems).

SOURCE: SP 800-53; SP 800-53A; SP 800-18; FIPS 200

The security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by people (as opposed to systems).

SOURCE: CNSSI-4009

operational key

Key intended for use over-the-air for protection of operational information or for the production or secure electrical transmission of key streams.

SOURCE: CNSSI-4009

operational period of certificate

The operational period of a certificate begins on the date and time it is issued by a certification authority (or on a later date and time certain if stated in the certificate), and ends on the date and time it expires or is earlier revoked or suspended.

operational readiness review

Federation Operations Center conducts an operational readiness review to determine whether the Federation member candidate's system is ready to be integrated into the production ASC. It includes final verification of the readiness of: Security, metadata, servers, node configuration, production scripts, capacity plans, escalation plans, Help desk, contact information, monitoring, training readiness, user support, documentation of testing, participation agreements, and production date coordination.

operational vulnerability information

Information that describes the presence of an information vulnerability within a specific operational setting or network.

SOURCE: CNSSI-4009

operational waiver

Authority for continued use of unmodified COMSEC end-items pending the completion of a mandatory modification.

SOURCE: CNSSI-4009

operations code

Code composed largely of words and phrases suitable for general communications use.

SOURCE: CNSSI-4009

operations security (OPSEC)

Systematic and proven process by which potential adversaries can be denied information about capabilities and intentions by identifying, controlling, and protecting generally unclassified evidence of the planning and execution of sensitive activities. The process involves five steps: identification of critical information, analysis of threats, analysis of vulnerabilities, assessment of risks, and application of appropriate countermeasures.

SOURCE: CNSSI-4009

Operator of Framework

Establish the conditions under which individual identity providers will qualify for participation in a federated system for collection, exchange, and authentication of user information. Determines how trustworthy a given credential is.

opinion

A unique description of something (pointed to by a reference). Uniqueness is satisfied by attaching a hash, generally created from the principal's signature, to the opinion such that no two opinions are exactly the same. An opinion may be clearly subjective (as in "openssl is a good cryptography package") or appear as a statement (as in "I live in San Francisco," where the reference is "San Francisco" and the description is "where I live").

optional modification

NSA-approved modification not required for universal implementation by all holders of a COMSEC end-item. This class of modification requires all of the engineering/doctrinal control of mandatory modification but is usually not related to security, safety, TEMPEST, or reliability. See mandatory modification.

SOURCE: CNSSI-4009

opt-in

An individual's explicit consent for a PII controller to collect, transfer, use, store, archive, or dispose (of) particular PII for a specific purpose.

Personal information may not be collected, used, retained and disclosed by the entity without the explicit consent of the individual.

opt-out

An individual's exercise of choice through a request that a particular collection, transfer, usage, storage, archiving, or disposal of data does not occur.

Implied consent exists for the entity to collect, use, retain, and disclose personal information unless the individual explicitly denies permission.

orange book

Trusted Computer System Evaluation Criteria (TCSEC).

ordinary ID-* message

An ordinary ID-* message is a Liberty Identity Web Services Framework (ID-WSF) or Service Interface Specification (ID-SIS) message as defined in the [LibertyDST], [LibertyDisco], and [LibertyIDPP] specifications and others. It is "ordinary" as opposed to being a ID-* fault message message.

It has the characteristics of being designed to be conveyed by essentially any transport or transfer protocol, notably SOAP [SOAPv1.1]. It is also known among the ID-* specifications as a service request, or an ID-WSF (service) request, or an ID-SIS (service) request.

organization

A federal agency, or, as appropriate, any of its operational elements.

SOURCE: FIPS 200

An entity of any size, complexity, or positioning within an organizational structure (e.g., a federal agency, or, as appropriate, any of its operational elements).

SOURCE: SP 800-53

organizational hierarchy

An organizational hierarchy is an organization of user profiles that identifies zero or one managers for each user. This hierarchy may be useful in the context of access certification, change authorization or automated escalation.

organizational maintenance

Limited maintenance performed by a user organization.

SOURCE: CNSSI-4009

organization registration authority (ORA)

Entity within the PKI that authenticates the identity and the organizational affiliation of the users.

SOURCE: CNSSI-4009

organizational user

An organizational employee or an individual the organization deems to have equivalent status of an employee (e.g., contractor, guest researcher, individual detailed from another organization, individual from allied nation).

SOURCE: SP 800-53

outside threat

An unauthorized entity from outside the domain perimeter that has the potential to harm an Information System through destruction, disclosure, modification of data, and/or denial of service.

SOURCE: SP 800-32

outside(r) threat

An unauthorized entity outside the security domain that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.

SOURCE: CNSSI-4009

outsourcing

The use and handling of personal information by a third party that performs a business function for the entity.

over-the-air key distribution

Providing electronic key via over-the-air rekeying, over-the-air key transfer, or cooperative key generation.

SOURCE: CNSSI-4009

over-the-air key transfer

Electronically distributing key without changing traffic encryption key used on the secured communications path over which the transfer is accomplished.

SOURCE: CNSSI-4009

over-the-air rekeying (OTAR)

Changing traffic encryption key or transmission security key in remote cryptographic equipment by sending new key directly to the remote cryptographic equipment over the communications path it secures.

SOURCE: CNSSI-4009

overt channel

Communications path within a computer system or network designed for the authorized transfer of data. See covert channel.

SOURCE: CNSSI-4009

overt testing

Security testing performed with the knowledge and consent of the organization's IT staff.

SOURCE: SP 800-115

overwrite procedure

A software process that replaces data previously stored on storage media with a predetermined set of meaningless data or random patterns.

SOURCE: CNSSI-4009

owner

The registered Entity for an Identity. An Entity owns an Identity (and therefore its access rights) due solely to the ability to authenticate it.

The registered entity for an identity.

The registered Entity for an Identity.

packet sniffer

Software that observes and records network traffic.

SOURCE: SP 800-61; CNSSI-4009

palm print

A palm print is a form of biometric authentication where the characteristic being measured is the pattern of ridges on the skin of a user's whole hand.

palm vein

Palm vein authentication is a measurement of the pattern of living veins inside one or more of a user's whole hands.

PAOS

A Reversed HTTP binding for SOAP [SOAPv1.1] The primary difference from the normal HTTP binding for SOAP is that here a SOAP request is bound to a HTTP response and vice versa. "PAOS" is "SOAP" spelled backwards (pun intended).

parallel approvals

A parallel authorization process is one where multiple authorizers are invited to comment concurrently -- i.e., the identity management system does not wait for one authorizer to respond before inviting the next.

Parallel authorization has the advantage of completing more quickly, as the time required to finish an authorization process is the single longest response time, rather than the sum of all response times.

parity

Bit(s) used to determine whether a block of data has been altered.

SOURCE: CNSSI-4009

partial identity

A partial identity is a certain subset of one or more attributes that does not necessarily uniquely identify the entity.

participant

An End-User of the Federation.

partitioned security mode

***

party

A natural person or a juridical entity

A natural person or a juridical entity.

A natural person or a legal entity.

A natural person or a juridical entity.

Informally, one or more principals participating in some process or communication, such as receiving an assertion or accessing a resource.

passive attack

passive security testing

passive wiretapping

pass phrase

A pass phrase is a longer password, where users are encouraged to type multiple words, rather than just one, in order to make it more difficult for a would-be attacker to guess the password value.

password

A secret that a claimant memorizes and uses to authenticate his or her identity. Passwords are typically character strings. See also PIN.

A credential, something only you know and that the authenticator can confirm.

A shared secret character string used in authentication protocols. In many cases the claimant is expected to memorize the password.

password age

Password age is the number of days since a password was last changed.

password authentication

The most common authentication factor is a password. It is a strong of characters that is known to the user and to the system into which the user signs in, but (hopefully) kept secret from other users and systems.

password change

A routine password change is a process where a user authenticates to a system using his login ID and password, and chooses a new password -- either voluntarily or because the old password has expired.

The only credentials involved in a routine password change are the user's identifier, old password and new password.

password disclosure

Password disclosure is a process where a stored copy of a password, matching a password in a target system's security database, is revealed to a human or machine user. For example, it might the process of revealing a stored copy of an administrator password to a system administrator.

password expiry

Password expiry is a process whereby users are forced to periodically change their passwords. An expiration policy may be represented as the longest number of days for which a user may use the same password value.

The reason for password expiry is the notion that, given enough time, an attacker could guess a given password. To avoid this, passwords should be changed periodically and not reused.

password expiry date

An password has an expiry date if the user will be forced to change it on the first successful login after a given time/date.

password history

A password history is some representation of one or more previously used passwords for a given user. These passwords are stored in order that they may be compared to new passwords chosen by the user, to prevent the user from reusing old passwords.

The reason for password history is the notion that, given enough time, an attacker could guess a given password. To avoid this, passwords should be changed periodically and not reused.

password policy

A password policy is a set of rules regarding what sequence of characters constitutes an acceptable password. Acceptable passwords are generally those that would be too difficult for another user or an automated program to guess (thereby defeating the password mechanism).

Password policies may require a minimum length, a mixture of different types of characters (lowercase, uppercase, digits, punctuation marks, etc.), avoidance of dictionary words or passwords based on the user's name, etc.

Password policies may also require that users not reuse old passwords and that users change their passwords regularly.

password recovery

Many applications offer weak encryption of data, such as office documents or spreadsheets. Such encryption is susceptible to brute force to key recovery, and such key recovery is offered by password recovery applications, most often offered to users who forgot the passwords they used to protect their own documents.

password representation constraints

Most systems have limits regarding what can be stored in the password field. Limits generally break down into two types -- which characters may be incorporated into a password, and how long a password can be.

password reset

A password reset is a process where a user who has either forgotten his own password or triggered an intruder lockout

on his own account can authenticate with something other than his password and have a new password administratively set on his account.

Password resets may be performed by a support analyst or by the user himself (self-service).

password synchronization

Password synchronization technology helps users to maintain the same password on two or more systems. This, in turn, makes it easier for users to remember their passwords, reducing the need to write down passwords or to call an IT help desk to request a new password, to replace a forgotten one.

password synchronization trigger

A password synchronization trigger is the component of a transparent password synchronization system which detects the initial password change event and starts the synchronization process.

password wallet

A password wallet is an application used by a single user to store that user's various passwords, typically in encrypted form.

path layer network

A "layer network" which is independent of the transmission

media and which is concerned with the transfer of information between path layer network "access points."

pattern

see identity pattern.

See identity pattern.

PDA

Personal Digital Assistant.

peer-entity authentication

The corroboration that a peer entity in an association is the one claimed.

people service (PS)

A web-services framework by which one identity can track the other identities it "˜knows', via entries in its list, typically to manage their accesses to its resources. For example; the Liberty Alliance ID-WSF People Service (PS) is a "federated social identity".

An ID-WSF service that allows a Principal to share their social network information with different applications. The PS allows a Principal to manage, track, and group the relationships with their friends, family, and colleagues.

permission(s)

Permission describes the privileges granted to an authenticated entity with respect to low-level operations that may be performed on some resource (e.g., read, write, delete, execute, create"¦).

The profile, or Entitlements, or combined Authorisation rights and Access Levels, of an Enrolment or a Role.

Privileges granted to each user with respect to what data that the user is allowed to access and what menus options or commands he or she is allowed to use.

Privileges granted to a system entity with respect to operations that may be performed on some resource.

persistent

Existing, and able to be used in services outside the direct control of the issuing assigner, without a stated time limit.

Existing and able to be used in services outside the direct control of the issuing assigner, without a stated time limit.

Existing, and able to be used in services outside the direct control of the issuing assigner, without a stated time limit.

persistent pseudonym

A privacy-preserving name identifier assigned by a provider to identify a principal to a given relying party for an extended period of time that spans multiple sessions; can be used to represent an identity federation.

person

an entity recognized by the legal system. In the context of eID, a person who can be digitally identified.

A human being or an organization (or a device under the control thereof that is capable of signing a message or verifying a digital signature).

persona

1. A preexisting Digital Identity that a user through an Agent has the ability to select and use to represent themselves in a given Identity Context.

2. A super-identity or "˜avatar' of an entity; a persona may be the result of federating several existing identities. Literally means "mask" (greek). The result is intended to convey a special purpose or role, such as the incarnation of a higher being. See Identity.

The fact of being what a person or a thing is, and the characteristics determining this.

A character deliberately assumed by a natural person.

A persona is a pre-existing digital identity that an entity can select and use to represent itself in a given context.

A preexisting identity that a user through an agent has the ability to select and use to represent themselves in a given identity context.

a super-identity or "˜avatar' of an entity; a persona may be the result of federating several existing identities. Literally means "mask" (greek). The result is intended to convey a special purpose or role, such as the incarnation of a higher being. See Identity.

A preexisting Digital Identity that a user through an Agent has the ability to select and use to represent themselves in a given Identity Context.

personal data

Any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

See personally identifiable information. It is synonymous of personal identifiable information.

Personal data means information about a living individual who can be identified from that information and other information which is in, or likely to come into, the data controller's possession.

personal identification number (PIN)

A Password consisting only of decimal digits.

A PIN is a short, numeric password. PINs are commonly used with bank debit cards and as a secondary authentication factor accompanying technologies such as biometrics or hardware tokens.

A secret that a claimant memorizes and uses to authenticate his or her identity. PINs are generally only decimal digits.

personal identity verification (PIV) card

A physical artifact (e.g., identity card, "smart" card) issued to an individual that contains stored identity credentials (e.g., photograph, cryptographic keys, digitized fingerprint representation) so that the claimed identity of the cardholder can be verified against the stored credentials by another person (human readable and verifiable) or an automated process (computer readable and verifiable).

personal information

Personal information provided by a Subject to the Credential Service Provider which is either (1) used by the Credential Service Provider in the process of issuing the Credential, and/or (2) provided with the expectation that the information will be transmitted to third parties to whom the Subject presents the Credential.

Information that is or can be about or related to an identifiable individual.

personal information cycle

The collection, use, retention, disclosure, disposal, or anonymization of personal information.

personal secret

Used in the context of this document, is synonymous with password, pass phrase or PIN.? It enables the holder of an electronic identifier to confirm that s/he is the person to whom the identifier was issued.

personally identifiable information (PII)

Any information that identifies or can be used to identify, contact, or locate the person to whom such information pertains. This includes information that is used in a way that is personally identifiable, including linking it with identifiable information from other sources, or from which other Personally Identifiable Information can easily be derived, including, but not limited to, name, address, phone number, fax number, email address, financial profiles, and social security number, and credit card information.

Personally identifiable information is any data that identifies or refers to a particular natural or legal person.

a. The information pertaining to any person which makes it possible to identify such individual (including the information capable of identifying a person when combined with other information even if the information does not clearly identify the person). Note: Information that can be used to identify an individual should be defined by national legislation.

b. Any information that identifies a person to any degree.

i. The information pertaining to any person which makes it possible to identify such individual (including the

information capable of identifying a person when combined with other information even if the information does not clearly identify the person). Note: Information that can be used to identify an individual should be defined by national legislation.

ii. Any information which identifies a person to any degree.

Any data that identifies or locates a particular person, consisting primarily of name, address, telephone number, e-mail address, bank accounts, or other unique identifiers such as Social Security numbers.

The information pertaining to any living person which makes it possible to identify such individual (including the information capable of identifying a person when combined with other information even if the information does not clearly identify the person).

Any information (a) that identifies or can be used to identify, contact, or locate the person to whom such information pertains, (b) from which identification or contact information of an individual person can be derived, or (c) that is or can be linked to a natural person directly or indirectly.

The information pertaining to any living person which makes it possible to identify such individual (including the information capable of identifying a person when combined with other information even if the information does not clearly identify the person).

The information pertaining to any living person, which makes it possible to identify such individual (including the information capable of identifying a person when combined with other information even if the information does not clearly identify the person).

PIA

Privacy Impact Assessment.

PIV Issuer

An authorized identity card creator that procures FIPS-approved blank identity cards, initializes them with appropriate software and data elements for the requested identity verification and access control application, personalizes the cards with the identity credentials of the authorized subjects, and delivers the personalized cards to the authorized subjects along with appropriate instructions for protection and use.

PIV registrar

An entity that establishes and vouches for the identity of an Applicant to a PIV Issuer. The PIV Registrar authenticates the Applicant's identity by checking identity source documents and identity proofing, and ensures a proper background check has been completed, before the credential is issued.

PIV sponsor

An individual who can act on behalf of a department or agency to request a PIV Card for an Applicant.

PKCS

A set of Public Key Cryptographic Standards. It usually forms part of other security standards.

PKI domain

A PKI Domain consists of a CA and its subjects. Sometimes referred to as a CA Domain.

PKIX

The Public Key Infrastructure X.509 Working Group of the Internet Engineering Task Force.

plastic card

A standard-sized card token. It may also have a credential such as a serial number, photo and other information printed on it. It may have embossed information. It may have a tamper-resistant lamination, including a logo or a watermark or other holographic images. It may also have a magnetic stripe with credentials recorded on it. For example, a club membership card, a Credit/ATM card. Also see Smart Card.

platform

A class of infrastructure. For example; Mainframe, Mid-range, Desktop, LAN.

policy

A set of Rules, usually associated with a Role or other dynamic attributes. It is normally used for access provisioning and access reconciliation.

A set of Rules, usually associated with a Role or other dynamic

attributes.

A logically defined, enforceable, and testable set of rules.

A written statement that communicates management's intent, objectives, requirements, responsibilities, and standards.

policy aspects of digital identity

There are proponents of treating self-determination and freedom of expression of digital identity as a new human right. Some have speculated that digital identities could become a new form of legal entity.

policy authority

An agent of the CA domain or enterprise that may perform one or more of the following functions: (a) selecting and/or defining certificate policies for use in a PKI; (b) approving any cross-certification or interoperability agreements with external CA Domains; (c) approving practices that a CA must follow by reviewing the CPS to ensure consistency with the Certificate Policies; and (d) providing policy direction to the Operational Authority.

policy decision point (PDP)

A system entity that makes authorization decisions for itself or for other system entities that request such decisions. For example, a SAML PDP consumes authorization decision requests, and produces authorization decision assertions in response. A PDP is an "authorization decision authority".

A system entity that evaluates decision requests in light of applicable policy and information describing the requesting entity or entities and renders an authorization decision.

policy enforcement point (PEP)

A system entity that requests and subsequently enforces authorization decisions. [PolicyTerm] For example, a SAML PEP sends authorization decision requests to a PDP, and consumes the authorization decision assertions sent in response.

A system entity that performs access control by making decision requests and enforcing authorization decisions. If the authorization decision is pushed to the PEP there will be no need for it to create a request.

policy management authority

A body responsible for setting, implementing, and administering policy decisions regarding CPs and CPSs throughout the PKI.

policy qualifier

Field within the certificate policies extension of an X.509 certificate that conveys policy information in addition to the identification of the applicable CP.

policy-adopting body

An entity that adopts certificate policies for a particular class of certificates applicable to a particular community.

population

The set of users for the application. [INCITS/M1-040211]

portal

A personalisable, dynamic web-page based service. Usually the main or "˜home' page of a web site.

PPII

Protection for PII.

practice statement

A formal statement of the practices followed by an authentication entity (e.g., RA, CSP or verifier) that typically defines the specific steps taken to register and verify identities, issue credentials and authenticate claimants.

A formal statement of the practices followed by an authentication entity (e.g., RP, CSP, or verifier) that typically defines the specific steps taken to register and verify identities, issue credentials, and authenticate claimants.

A formal statement of the practices followed by an authentication entity (e.g., RA, CSP, or verifier) that typically defines the specific steps taken to register and verify identities, issue credentials and authenticate claimants.

presence

i. A set of attributes that characterize an entity (maintained by a "presentity") relating to current activity, environment, geolocation, communication means and contact

addresses.

ii. A set of data representing the status and availability of a user or a group of users for communication.

presentity (presence entity)

An entity that makes presence information available for

use by others.

i. Any uniquely identifiable entity that is capable of providing presence information to presence service. Examples of presentities are devices, services etc.

presumption

In a legal context, an evidentiary rule that eases the burden of proof as to a particular fact, usually so that the proponent of the fact is relieved of the burden of coming forward with evidence in support of such fact.

Presumptions are usually rebuttable, so that the presumption may be overcome by introduction of sufficient contrary evidence of the fact by the opposing party. For example, the Utah Digital Signature Law sets forth a presumption that a digital signature verified by a certificate issued by a licensed CA is attributed to the subscriber named as subject in the certificate. One method of rebutting this presumption might be to introduce evidence that the applicant for the certificate was an imposter who fraudulently convinced the CA to issue the certificate to the imposter in the name of the subscriber.

primordial claim

A proof "“ based on secret(s) and/or biometrics "“ that only a single subject is able to present to a specific claims provider for the purpose of being recognized and obtaining a set of substantive claims1.

principal

A principal is synonymous with an identifiable entity.

An identifiable, pseudonymous, or anonymous entity. A principal can be uniquely referenced by its public key. Any static entity that can be referenced can in theory be a principal, the only requirement being that it can store a private key and perform signature operations.

An entity whose identity can be authenticated.

A system entity whose identity can be authenticated.

A Principal is an entity that can acquire a federated identity, that is capable of making decisions, and to which authenticated actions are performed on its behalf. Examples of Principals include an individual user, a group of individuals, a corporation, other legal entities, or a component of the Liberty architecture.

Succinctly, a principal is a system entity whose identity can be authenticated. In Liberty usage, the term Principal is often synonymous with "natural person" or "user". A Principal's identity may be federated. Examples of Principals include individual users, groups of individuals, organizational entities, e.g. corporations, or a component of the Liberty architecture.

An entity whose identity can be authenticated.

principal identity

A representation of a principal's identity, typically an identifier.

An identity being wielded by a Principal, or that is mapped to a Principal in some fashion.

privacy

a right to control the dissemination of the attributes of an entity. Attributes can be given up, after which it is difficult to restrict their use in the absence of any specific legal remedy. Some would argue that there is no privacy other than that artificially created by legislature.

Privacy is the right of an entity "“ in this context usually a natural person "“ to decide for itself when and on what terms its attributes should be revealed.

Privacy is the ability of a person to control the availability of information about and exposure of himself or herself. It is related to being able to function in society anonymously (including pseudonymous or blind credential identification).

a right to control the dissemination of the attributes of an entity. Attributes can be given up, after which it is difficult to restrict their use in the absence of any specific legal remedy. Some would argue that there is no privacy other than that artificially created by legislature. See Anonymity, Pseudonym and Registration.

a. The right of entities to control or influence what information related to them may be collected and stored also by whom and to whom that information may be disclosed.

b. Ensuring that information about a person is protected in accordance with national, regional, or global regulations. Such information may be contained within a message, but may also be inferred from patterns of communication; e.g. when communications happen, the types of resource accessed the parties with whom communication occurs, etc.

c. A right to control the dissemination of the attributes of an entity.

d. The rights and limitations of access to and processing of personal data.

e. Proper handling of personal information throughout its life cycle, consistent with the preferences of the subject.

i. The right of entities to control or influence what information related to them may be collected and stored also by whom and to whom that information may be disclosed.

ii. Ensuring that information about a person is protected in accordance with national, regional, or global regulations. Such information may be contained within a message, but may also be inferred from patterns of communication; e.g., when communications happen, the types of resource accessed, the parties with whom communication occurs, etc.

iii. A right to control the dissemination of the attributes of an entity.

iv. The rights and limitations of access to and processing of personal data.

v. Proper handling of personal information throughout its life cycle, consistent with the preferences of the subject.

Proper handling of personal information throughout its life cycle, consistent with the preferences of the data subject.

Proper handling of personal information throughout its life cycle, consistent with the preferences of the subject.

The legal right of an entity (particularly a person, and even more so when the person is a consumer) to be free from intentional or unintentional disclosure of his or her identifiable personal information without consent. Cf.,

confidentiality, which is the assurance that the system has the capability to resist disclosure and therefore protect

privacy.

The right of individuals to control or influence what personal information related to them may be collected, managed, retained, accessed and used or distributed.

The right of individuals to control or influence what personal information related to them may be collected, managed, retained, accessed, and used or distributed.

The right of individuals to control or influence what personal information related to them may be collected, managed, retained, accessed and used or distributed.

The rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure, and destruction of personal information.

The appropriate use of personal information under the circumstances. What is appropriate will depend on context, law, and the individual's expectations; also, the right of an individual to control the collection, use, and disclosure of personal information.

privacy breach

A privacy breach occurs when personal information is collected, retained, accessed, used, or disclosed in ways that are not in accordance with the provisions of the enterprise's policies, applicable privacy laws, or regulations.

privacy enhancing technology (PET)

A privacy enhancing technology is hardware or software which increases the ability of a natural person to actively influence the availability of information about and exposure of itself.

privacy impact assessment (PIA)

Privacy Impact Assessments are required by the E-Government Act of 2002 whenever "developing or procuring information technology . . . or initiating a new collection of information . . . in an identifiable form . . . ." The purpose of a Privacy Impact Assessment is to ensure there is no collection, storage, access, use or dissemination of identifiable personal information (and for some organizations business information) that is not both needed and permitted.

privacy policy

i. The policy statement that defines the rules for protecting access to and dissemination of personal privacy information

ii. A set of rules and practices that specify or regulate how a person or organization collects, processes (uses) and discloses another party's personal data as a result of an interaction.

The policy that defines the requirements for protecting access to, and dissemination of, personally identifiable information (PII) and the rights of individuals with respect to how their personal information is used.

A policy that defines the requirements for protecting access to, and dissemination of, personally identifiable information (PII) and the rights of individuals with respect to how their personal information is used.

The policy that defines the requirements for protecting access to, and dissemination of, personally identifiable information (PII) and the rights of individuals with respect to how their personal information is used.

privacy program

The policies, communications, procedures, and controls in place to manage and protect personal information in accordance with business and compliance risks and requirements.

private (subscriber) identity

A profile of an entity or a group of entities is an organized set of attributes that characterizes the specific properties of that entity or entities within a given context for a specific purpose.

A collection of pseudonymous opinions (also in a bias-like structure) that an entity claims that it can prove belong to a single (parent) entity. (The proof itself is called validation.)

An identity derived from the IMSI.

private decryption key

See Encryption key pair.

private identifier

A Claimed Identifier that is intended to be private information used only the context of the End User's relationship with one or more specific Relying Parties (typically one or a small number). The use of Private Identifiers reduces or

eliminates the ability of multiple Relying Parties to do correlation

of an End User.

private key

The key of a key pair used to create a digital signature or to decrypt data.466 Also, the key of an asymmetric key pair that is kept secret.

A private key is one of a two matched keys, which a user or system keeps secret and makes an effort to protect. No-one but the user who generated a public/private key pair should have access to the user's private key.

private signing key

See Digital signature key pair.

privilege

i. A right to carry out a particular permission (act) that is assigned to a role with some constraints or conditions. A role is (can be) associated with multiple privileges.

ii. An attribute or property assigned to an entity by an authority.

iii. An authorization or set of authorizations to perform

security-relevant functions.

A right to carry out a particular permission (act).

A right that, when granted to an entity, permits the entity to perform an action.

A right to carry out a particular permission (act).

privileged account

A privileged account is a login ID on a system or application which has more privileges than a normal user. Privileged accounts are normally used by system administrators to manage the system, or to run services on that system, or by one application to connect to another.

processing (Data Protection Act)

Processing means obtaining, recording or holding the data or carrying out any operation or set of operations on data.

processing context

A processing context is the collection of specific circumstances under which a particular processing step or set of steps take place.

processing context facet

A processing context facet is an identified aspect, inherent or additive, of a processing context.

profile

A set of rules for one of several purposes; each set is given a name in the pattern "xxx profile of SAML" or "xxx SAML profile". 1) Rules for how to embed assertions into and extract them from a protocol or other context of use. 2) Rules for using SAML protocol messages in a particular context of use. 3) Rules for mapping attributes expressed in SAML to another attribute representation system. Such a set of rules is known as an "attribute profile".

Data comprising the broad set of attributes that may be maintained for an identity, over and beyond its identifiers and the data required to authenticate under that identity. At least some of those attributes (for example, addresses, preferences, card numbers) are provided by the Principal.

Profile is used in two distinct senses in Liberty specifications:

1. Data comprising the broad set of attributes that may be maintained on behalf of a system entity (typically a Principal), over and beyond the entity's various identifiers. At least some of this information (for example, addresses, preferences, and card numbers) is typically provided by the Principal.

2. A profile of some specification. For example, the Discovery Service specification [LibertyDisco] profiles

Web Services Addressing specifications [WSAv1.0] [WSAv1.0-SOAP], and the Security Mechanisms specifications [LibertySecMech] profile SAML [SAMLCore2].

profile ID

A profile ID is a globally unique identifier for a human user.

profiling

Profiling is the practice of collecting and analysing data related to an entity with the aim of creating its profile.

program management office (PMO)

Established by the Government to issue certificates that allow Agency Applications to retrieve SAML Assertions from Credential Services over a client and server authenticated SSL channel, effectively controlling which entities can participate.

proofing

The verification or validation of information when enrolling new entities into identity systems.

The verification and validation of information when enrolling new entities into identity systems.

The verification or validation of information when enrolling new entities into identity systems.

protection profile (PP)

A statement conforming to the CC that clearly expresses a particular community's security needs, together with a derived set of implementation-independent security measures that have been shown to meet those needs.

protocol endpoint

A communication point from which data may be sent or received.

See also endpoint, ID-WSF Endpoint Reference.

provider

A generic way to refer to both identity providers and service providers.

A provider is a Liberty-enabled entity that performs one or more of the provider roles in the Liberty architecture, for example Service Provider or Identity Provider. Providers are identified in Liberty protocol interactions by their Provider IDs or optionally their Affiliation ID if they are a member of an affiliation(s) and are acting in that capacity.

provider ID

A Provider ID identifies an entity known as a provider. It is schematically represented by the providerID attribute of the <EntityDescriptor> metadata element [LibertyMetadata].

provisioning

This is automatically providing an Identity with access to a role, resource or service, or automatically changing or removing that access, based on the life cycle of events or work requests or changed attributes. For example; the first-day, second-day, on-going provisioning and last-day deprovisioning of the access rights of an employee.

Automatically providing an Identity with access to a role, resource or service, or automatically changing or removing that access, based on the life cycle of events or work requests or changed attributes.

proxy

A proxy is synonymous with a mandate.

An entity authorized to act for another. a) Authority or power to act for another. b) A document giving such authority. [Merriam]

1. (1) An entity authorized to act for another [Merriam-Webster].

2. (2) A system entity whose authenticated identity, according to the recipient, differs from that of the system entity making the invocation under consideration.

proxy server

A computer process that relays a protocol between client and server computer systems, by appearing to the client to be the server and appearing to the server to be the client.

pseudonym

A fictitious identity that an Entity creates for itself, whereby the Entity can remain pseudonymous, or perhaps even fully anonymous, in certain contexts. Literally means "false name". It may be persistent or temporary. But it must be "persistent" if you will want to reuse it; this makes it difficult to remain fully anonymous because any details provided or collected over time may be joined with other details and republished (unless there are privacy laws preventing it).

A Pseudonym (syn.: nym) is an arbitrary identifier of an identifiable entity, by which a certain action can be linked to this specific entity. The entity that may be identified by the pseudonym is the holder of the pseudonym.

A pseudonym is a fictitious name (or identifier) used by an individual as an alternative to their legal name. In some cases, the pseudonym has become the legal name of the person using it. Practically, a pseudonym is an identifier which is not immediately associated to an entity.

A fictitious identity that an Entity creates for itself, whereby the Entity can remain pseudonymous, or perhaps even fully anonymous, in certain contexts. Literally means "false name". It may be persistent or temporary. But it must be "persistent" if you will want to reuse it; this makes it difficult to remain fully anonymous because any details provided or collected over time may be joined with other details and republished (unless there are privacy laws preventing it).

A fictitious identity that an Entity creates for itself, whereby the Entity can remain pseudonymous, or perhaps even fully anonymous, in certain contexts.

An arbitrary identifier assigned by the identity or service provider to identify a Principal to a given relying party so that the name has meaning only in the context of the relationship between the parties.

An identifier, whose binding to an entity is not known or is known to only a limited extent, within the context in which it is used.

An identifier whose binding to an entity is not known or is known to only a limited extent, within the context in which it is used.

An identifier, whose binding to an entity is not known or is known to only a limited extent, within the context in which it is used.

public (subscriber) identity

Either a SIP URI or a tel URI.

public authority (Freedom of Information Act)

Any body, any person, or the holder of any office listed in the Freedom of Information Act, or designated by order, and publicly owned companies. Examples of some of the public authorities covered by the scheme are, government departments, local authorities, NHS bodies (hospitals, doctors, dentists, pharmacists and opticians), schools, colleges and universities, the police, the House of Commons and the House of Lords, the Northern Ireland Assembly and the National Assembly for Wales.

public digital signature verification key

See Digital signature key pair.

public encryption key

See Encryption key pair.

public key

The public part of the asymmetric key pair that is typically used to verify signatures or encrypt data.

The key of an asymmetric key pair that is typically made available to the "public." Also, the key of a key pair used to verify a digital signature or to encrypt.

A public key is one of a two matched keys, which a user or system distributes widely and publicly. This key is well known to as many users and systems as possible as the user's public key.

The public part of an asymmetric key pair that is typically used to verify signatures or encrypt data.

public key certificate

A digital document issued and digitally signed by the private key of a Certification Authority that binds the name of a subscriber to a public key. The certificate indicates that the subscriber identified in the certificate has sole control and access to the private key. See also [RFC 3280].

public key infrastructure (PKI)

A set of technical and procedural measures used to manage public keys embedded in digital certificates. The keys in such certificates can be used to safeguard communication and data exchange over potentially unsecure networks.

The sum total of the hardware, software, people, processes, and policies that, together, using the technology of asymmetric cryptography, facilitate the creation of a verifiable association between a public key (the public component of an asymmetric key pair) and the identity (and/or other attributes) of the holder of the corresponding private key (the private component of that pair), for uses such as authenticating the identity of a specific entity, ensuring the integrity of information, providing support for nonrepudiation, and establishing an encrypted communications section.

A support service to the PIV system that provides the cryptographic keys needed to perform digital signature-based identity verification and to protect communications and storage of sensitive verification system data within identity cards and the verification system.

public service identifier

Either a SIP URI or a tel URI.

public/private key cryptography (PKC)

A mechanism of encrypting and decrypting data using two different but related keys - hence they are termed asymmetric. While the two keys are related, one cannot be computed from the other. Something encrypted with one key can only be decrypted with the other. One key is kept secret - the private key - and the other can be given to anyone - the public key. With this system, any two people can communicate securely after exchanging their public keys. Each recipient uses the corresponding private key to decrypt the session key.

Encryption system using a mathematically linked pair of keys. What one key encrypts, the other key decrypts.

publication schemes (Freedom of Information Act)

The Freedom of Information Act places a duty on public authorities to adopt and maintain a publication scheme that must be approved by the Information Commissioner. The scheme lists and defines the classes of information that will be published, indicates how information is or is intended to be published, and states whether charges apply to supplying the information.

publish

To record or file in one or more repositories.

pull

To actively request information from a system entity.

purpose

The reason personal information is collected by the entity.

push

To provide information to a system entity that did not actively request it.

quality of assurance

See "assurance level."

re-authentication

The same authentication is resubmitted by the known Identity, in order to "commit" a transaction that has been fully prepared during the session under the same assurance strength (this is deemed to be further protection from "session hijacking"). Alternately, the re-authentication may be required to "˜step up' the assurance strength, so as to enact a transaction that requires higher security (such as two or three factors).

receiver

A role taken by a system entity when it receives a message sent by another system entity. See also SOAP receiver in [SOAPv1.2].

recipient

An entity that receives a message and acts as the message's ultimate processor.

Changes to user profiles or entitlements always have a recipient -- that user profile which will be created, modified or deleted.

recommendation

A special publication of the ITL stipulating specific characteristics of technology to use or procedures to follow to achieve a common level of quality or level of interoperability.

record

The term "˜record' means Information that is inscribed on a tangible medium or that is stored in an electronic or other medium and is retrievable in perceivable form.

redact

To delete or black out personal information from a document or file.

reduced signon

A synonym for single sign-on which recognizes that authentication is normally reduced but often not to just one step.

reference

A pointer to an entity (generally a URI, often a URL). Examples include a physical or virtual object, place, person, pseudonym, web page or site, opinion, reputation, bias, profile, and reputation calculation engine.

reference implementation

An implementation of a FIPS or a recommendation available from NIST/ITL for demonstrating proof of concept, implementation methods, technology utilization, and operational feasibility.

registration

The process through which a primordial claim is associated with a subject so that a claims provider can subsequently issue a set of claims about that subject.

The registration of an entity is the process in which the entity is identified and/or other attributes are corroborated. As a result of the registration, a partial identity is assigned to the entity for a certain context.

The process of an entity (re)establishing an Identity with a service provider. For example; a bank's 100-point check, an employment background check, an RA process for generating a Digital Certificate. Usually results in the issuing of a Credential that is associated with the Identity. Registration strength also has a "˜time value', in that recent registrations may provide a greater assurance than old registrations (re-registration will uncover any errors, expiries and changes). Not to be confused with the "˜registration' of a device "“ see Device ID.

An entry in a register, or somebody or something whose name or designation is entered in a register.

The process in which an entity requests and is assigned privileges to use a service or resource.

A process in which an entity requests and is assigned privileges to use a service or resource.

The process in which an entity requests and is assigned privileges to use a service or resource.

See "Identity Registration".

registration authority (RA)

The party that verifies identities using an agreed registration strength model and process, and may also advise a CA (Certificate Authority) to issue a digital document confirming the identity. Also see Digital Certificate.

An entity that is responsible for validating the identity (or other attributes) of certificate applicants but does not issue or manage certificates (i.e., an RA is delegated to perform certain tasks on behalf of a CA, such as approving certificate applications). The extent to which an RA is [exclusively] responsible for its acts depends on the applicable CP and agreements.

An entity that relies on an identity representation or claim by a Requesting/ Asserting entity within some request context.

relationship

A relationship is a function which results in a measurement (true/false, yes/no, integer, etc.) when applied to two or more identities (not entities).

Relying Party

A Federal Agency that relies upon the End-User's Credentials, typically to process a transaction or grant access to information or a System.

1. A Party that makes known through its Agent one or more alternative sets of Claims that it desires or requires, and receives through this same Agent a Digital Identity purportedly including the required Claims from a Digital Identity Provider or other Agent of another Party.

2. The entity that relies on the result of an authentication. Usually, but not always, the same as the authenticating party and service provider.

An individual, organization or service that depends on claims issued by a claims provider about a subject to control access to and personalization of a service.

A party that makes known through its agent one or more alternative sets of claims that it desires or requires, and receives through this same agent an identity purportedly including the required claims from an identity provider or other agent of another party.

The entity that relies on the result of an authentication. Usually, but not always, the same as the authenticating party and service provider.

i. An entity that relies on an identity representation or claim by a Requesting/ Asserting entity within some request context.

ii. A user or agent that relies on the data in a certificate in making decisions.

iii. A Party that makes known through its Agent one or more alternative sets of Claims that it desires or requires, and receives through this same Agent a Digital Identity purportedly including the required Claims from a Digital Identity Provider or other Agent of another Party.

iv. The entity that relies on the result of an authentication. Usually, but not always, the same as the authenticating party and service provider.

v. Recipient of a certificate who acts in reliance on that certificate and/or digital signatures verified using that certificate (see IETF RFC 3647).

An entity that relies upon a subscriber's credentials, typically to process a

transaction or grant access to information or a system.

An entity that provides services to a Subject, or otherwise has a need to authenticate the identity of the Subject, and that relies on an Identity Provider for identity and authentication of the Subject, typically to process a transaction or grant access to information or a system. The entity or person that is relying on an identity credential or assertion of identity to make a decision as to what action to take in a given application context.

An entity that relies upon a subscriber's credentials, typically to process a transaction or grant access to information or a system.

Provides a service to the user, based on identity information provided by an identity provider.

A Party that makes known through its Agent one or more alternative sets of Claims that it desires or requires, and receives through this same Agent a Digital Identity purportedly including the required Claims from a Digital Identity Provider or other Agent of another Party.

A system entity that decides to take an action based on

information from another system entity. For example, a SAML

relying party depends on receiving assertions from an asserting party (a SAML authority) about a subject.

The recipient of a message that relies on a request message and associated assertions to determine whether to provide a requested service.

An entity that relies upon a subscriber's credentials, typically to process a transaction or grant access to information or a system.

The recipient of a certificate and a digital signature verifiable with reference to a public key listed in the certificate, and is in a position to rely on them or person who otherwise relies on the binding in a certificate between the public key appearing in it and the identity (and/or other attributes) of the person named in the certificate.

An entity that relies on an identity representation or claim by a requesting/asserting entity within some request context.

An entity that relies on an identity representation or claim by a Requesting/ Asserting entity within some request context.

An entity that relies on an identity representation or claim by a Requesting/Asserting entity within some request context.

A relying party is a provider of online services to a subject. Within the ecosystem, a relying

party is responsible for interacting with credential, identity, and attribute providers as needed to verify parties with whom they exchange information.

relying party agreement

An agreement between a certification authority and relying party that typically establishes the rights and obligations between those parties regarding the verification of digital signatures or other uses of certificates.

remedy

In the legal context, one of several methods by which a party can redress wrongs and reimburse damage caused by a breach of responsibilities. Examples of remedies include the payment of money damages, and specific enforcement by an affirmative or negative injunction.

remote agent

A remote agent is an agent installed on an identity management server, rather than on the target system.

Installation of remote agents requires no change control on the target system itself, making them easier to deploy and possibly more scalable, when hundreds or thousands or target systems are involved.

Local agents normally cannot detect changes to user objects on a target system in real time, so must poll target systems for changes periodically.

Communication between an identity management system and a local agent may not be secure, since it relies on the native communication protocols of the target system, which in some cases may be vulnerable to eavesdropping or data injection.

repository

A digital store, usually an LDAP directory or a relational database.

A trustworthy system for storing and retrieving certificates or other information relevant to certificates.

representation

One category of a party's contractual responsibilities, being a promise that a fact is true at the present time and/or was true as of an earlier time, to be distinguished from a warranty and a covenant, but sometimes also loosely used to also refer to the truth of a fact at a time in the future.

repudiation

i. Denial by one of the entities involved in a communication of having participated in all or part of the communication

ii. An ability to provide public notice that identity credentials, identifiers, attributes, or patterns have been revoked or not valid.

iii. An entity involved in a communication exchange subsequently denies the fact.

Denial by one of the entities involved in an action of having participated in all or part of the action.

Denial in having participated in all or part of an action by one of the entities involved.

Denial by one of the entities involved in an action of having participated in all or part of the action.

reputation

A value that represents the collective opinion of some reference. A reputation is really just another name for an Opinion, as it is the calculated opinion of a Reference by the issuing Reputation Calculation Engine. Reputations are ephemeral, and the weight applied to an Opinion representing the reputation of some Reference is subjectively applied by the end user (person or program) that requests it. As Principals add their Opinion to a Reference, it accrues (positive or negative) reputation capital that has several useful properties:

Secure

Reputations cannot be subverted, and the source of reputation assertions can always be traced. This provides non-repudiation as well as the mechanism with which to decide which reputation information to trust.

Transitive

Reputations are transitive (within the constraints of a well-defined domain). For example, if A trusts B as a source of local news, and B trusts C for local news, then it could be determined that A trusts C for local news.

reputation calculation engine (RCE)

In order to make full use of the OpenPrivacy platform, use of and calculation with reputations is called for. Human users act as intelligent reputation calculation engines and add value to the system by adding reputations to entities and objects. An automated reputation calculation, part of an infomediary agent, has the ability to:

incrementally refine Reputation/Opinion accumulation into a Bias

use Bias to (pre-)calculate responses

modify (edit) one's own Bias or create a Bias

attach confidence quotient to returned results

reputation server

A Reputation Server is an agent that can respond to reputation requests such as putReputation() and getReputation(). In addition, reputation servers provide the communications and storage platform for Reputation Calculation Engines.

requester, SAML requester

A system entity that utilizes the SAML protocol to request services from another system entity (a SAML authority, a responder). The term "client" for this notion is not used because many system entities simultaneously or serially act as both clients and servers. In cases where the SOAP binding for SAML is being used, the SAML requester is architecturally distinct from the initial SOAP sender.

A system entity which sends a service request to a provider.

Changes to user profiles or entitlements are often initiated by a requester -- literally a person who makes a change request. In other cases they may be initiated by an automated process, which may or may not have a "virtual" (i.e., nonhuman) ID.

requesting entity

An Entity making an identity representation or claim to a

relying party within some request context.

An Entity making an identity representation or claim to a relying party within some request context.

An entity making an identity representation or claim to a relying party within some request context.

An Entity making an identity representation or claim to a relying party within some request context.

resilient

Capable of withstanding change (e.g., attacks) without suffering permanent damage. The ability of a solution or service to return to its original state after a disruption occurs.

resource

a resource is either data related to some identity or identifiers, or a service acting on behalf of some identity or group of identities.

Data contained in an information system (for example, in the form of files, information in memory, etc), as well as: 1) A service provided by a system. 2) An item of system equipment (in other words, a system component such as hardware, firmware, software, or documentation). 3) A facility that houses system operations and equipment. SAML uses resource in the first two senses, and refers to resources by means of URI references.

Resource is one of those terribly overloaded terms in the computer science and distributed systems realms. As used in various Liberty specifications, it has (at least) two definitions, depending on whether one is using the term in an identity-based context (1) or not (2):

1, Resource refers to either data related to some identity or identities, or a service acting on behalf of some identity or group of identities. An example of an identity-based resource is a Principal's calendar service.

2. A resource is whatever might be identified with a URI, although often there is a connotation that one might be able to obtain information of some sort from said "resource."

resource offering

The association of a resource and a service instance.

This term is superseded in ID-WSFv2 by ID-WSF Endpoint Reference (ID-WSF EPR).

responder, SAML responder

A system entity (a SAML authority) that utilizes the SAML protocol to respond to a request for services from another system entity (a requester). The term "server" for this notion is not used because many system entities simultaneously or serially act as both clients and servers. In cases where the SOAP binding for SAML is being used, the SAML responder is architecturally distinct from the ultimate SOAP receiver.

responsibilities

Contractual provisions (representations, warranties and covenants), or a duty to meet a behavior standard imposed by tort or some other source of law.

retina scan

A retina scan is an image of the blood vessel pattern in one or both of a user's retinas.

revalidation

The periodic automated reassessment of existing access privileges to establish that security policy is being complied with, usually by workflows to the persons or roles responsible for the original approvals. Access may be reviewed down to the individual menu or transaction level within an application; especially for internal staff and outsourced management. Revalidation is an essential part of IAM solutions, increasingly required by corporate governance regulations (eg SOX). Note that some proprietary solutions (eg IBM TIM) do continuous reconciliation of entitlements within rules (using policy), thereby making this periodic revalidation redundant. Also see Attestation.

reverse web proxy

A reverse web proxy intercepts user attempts to access one or more web applications, may modify the HTTP or HTTPS requests (for instance, inserting credentials), and requests web pages on behalf of the user.

Reverse web proxies act on behalf of one or more web servers.

WebSSO systems may be implemented using a reverse web proxy architecture, which insert user application credentials into each HTTP stream.

The reverse web proxy architecture has the advantage of not requiring software to be installed on each web application -- attractive when a WebSSO system is integrated with a large number of web applications.

revocation

The act (by someone having the authority) of annulling something previously done.

The annulment by someone having the authority, of something previously done.

The act (by someone having the authority) of annulling something previously done.

revoke a certificate

To permanently end the operational period of a certificate from a specified time forward.

RFID - Radio Frequency Identification

The use of radio waves to transfer data wirelessly between a transponder (such as a plastic card) and a transceiver, for contactless access like "˜proximity' door-access cards, supply-chain tracking tags, shipping containers, luggage

tags, livestock, motorway toll collections, an so on. Passing the aerial in the card though a magnetic field can generate an electrical current with sufficient power for the chip to transmit a fixed message a short distance. Some cards

have an active emitter that uses an internal power supply and can transmit signals up to 100 metres. These transmissions can (and should) be encrypted, but this adds to the cost of a card (up from about 1, to over 5 US dollars).

The use of electromagnetic radiating waves or reactive field coupling in the radio frequency portion of the spectrum to communicate to or from a tag through a variety of modulation and encoding schemes to uniquely read the identity of a

radio frequency tag or other data stored on it.

RFID application

An application that processes data through the use of tags and readers, and which is supported by a back-end system and a networked communication infrastructure.

RFID application operator

The natural or legal person, public authority, agency, or any other body, which, alone or jointly with others, determines the purposes and means of operating an application, including controllers of personal data using an RFID

application.

RFID manufacturer

Any entity manufacturing and selling RFID chips/tags or manufacturing (including processing or packaging) and selling objects with built-in attached RFID tags.

RFID reader

A fixed or mobile data capture and identification device using a radio frequency electromagnetic wave or reactive field coupling to stimulate and effect a modulated data response from a tag or group of tags.

RFID service provider

Any entity offering a service based on objects that have built-in or attached RFID tags.

RFID system

Automatic identification system and data capture system comprising one or more RFID readers/interrogators and one or more RFID tags wherein data transfer is achieved by means of suitably modulated inductive or radiating electromagnetic

carriers.

RFID tag

Either a RIFD device having the ability to produce a radio signal or a RFID device which re-couples, back-scatters or reflects (depending on the type of device) and modulates a carrier signal received from a reader or writer.

Any transponder plus the information storage mechanism attached to the object.

RFID tag information or information on the RFID tag

The information contained in an RFID Tag and transmitted when the RFID Tag is queried by an RFID Reader.

rights expression languages (RELs)

A machine-based language that enables communication about usage directives. RELs allow an information provider to request intended uses of information before the information is exchanged and to designate approved uses for information

exchanged during a particular transaction.

A Rights Expression Language facilitates the expression of who are the "rights holders" for a resource, who is authorized to use a resource and their applicable permissions, and any constraints or conditions imposed on such permissions.

They also may express "rights entities" and "rights transactions".

risk

Risk is a function of the likelihood of a given threat-source's exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organization.

A measure of the (potential) impact that may be caused by the failure of an activity. By identifying the "˜primary risk' and its probability of occurring, then by proper planning it may be mitigated into a "˜residual risk' that can be

more easily managed if it should occur. Also see Trust and Assurance.

risk assessment

Risk Assessment is the first process in the Risk management methodology, used to determine the extent of the potential threat and the Risk associated with an IT System throughout its Software Development Life Cycle (SDLC). The output of

this process helps to identify appropriate controls for reducing or eliminating Risk during the Risk mitigation process.

risk management

Process concerned with the identification, measurement, control, and minimization of security risks in information systems to a level commensurate with the value of the assets protected.

role

A role is a set of one or more authorisations related to a specific application or service.

A role is a set of capabilities that it's possessor has.

The dynamic or logical associations, privileges or capabilities applying to multiple Identities, based on a set of one or more current Attributes. A role may have multiple identities, and an identity may have multiple roles.

A set of properties or attributes that describes the capabilities of an entity that can be performed. An activity per-formed by an entity; each entity can play many roles. A position or function of an organization that describes the

authority and responsibility conferred on an entity assigned to the role.

The usual or expected function of somebody or something, or the part somebody or something plays in a particular action or event.

A type of participant in a federated identity system, such as a Subject, Identity Provider, or Relying Party. Note that each such role does not necessarily represent a different entity. For example, with respect to the identification of

its employees, an employer may function as both an Identity Provider and a Relying Party.

The usual or expected function of somebody or something, or the part somebody or something plays in a particular action or event.

Dictionaries define a role as "a character or part played by a

performer" or "a function or position." System entities don various types of roles serially and/or simultaneously, for example, active roles and passive roles. The notion of an Administrator is often an example of a role.

A function or part performed, especially in a particular operation or process.

The usual or expected function of somebody or something, or the part somebody or something plays in a particular action or event.

A set of properties or attributes that describes the capabilities of an entity that can be performed. An activity performed by an entity; each entity can play many roles.

A set of properties or attributes that describe the capabilities or the functions performed by an entity.

A set of properties or attributes that describes the capabilities of an entity that can be performed. An activity performed by an entity; each entity can play many roles.

role based access control (RBAC)

This reduces the complexity and cost of security administration in large networked applications by grouping accesses into functional roles. A Role is a common purpose of a group of users. Within an organization, roles are created for

various job functions, usually based on attributes (static job role or dynamic functional role) that are the by-product of normal business. For example; a role such as a Bank Teller or a Manager. The permission to perform certain

operations are assigned to specific roles. Management of individual user rights becomes a simple matter of assigning the appropriate roles to the user. Identities are assigned particular roles, and thus acquire the permissions to perform

particular application functions. An identity can have multiple roles; a role can have multiple identities; a role can have many permissions; a permission can be assigned to many roles. RBAC reduces the complexity and cost of security

administration by grouping accesses into separable functional roles and discretionary rights. ANSI-INCITS 359-2004 is the fundamental RBAC standard and XACML is the access-control mark-up language standard.

role change

A role change is a business process where a user's job function changes and consequently the set of roles and entitlements that the user is assigned should also change. Some old entitlements should be removed (immediately or after a

period of time), some old entitlements should be retained, and some new entitlements should be added.

GGG

Navigation menu

Search