Comprehensive Cyber Security - CCS

You are here: Home Cyber Security Glossary

The Cyber Security Glossary

There are 1525 entries in this glossary.
Search for glossary terms (regular expression allowed)
Begins with Contains Exact term Sounds like
All | 0-9 | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W
Page:  1 2 3 4 5 6 7 8 9 10 11... Next »

All

Term Definition
3-way handshake

Machine A sends a packet with a SYN flag set to Machine B. B acknowledges A's SYN with a SYN/ACK. A acknowledges B's SYN/ACK with an ACK.
Access

A specific type of interaction between a subject and an object that results in the flow of information from one to the other. The capability and opportunity to gain knowledge of, or to alter information or materials including the ability and means to communicate with (i.e., input or receive output), or otherwise make use of any information, resource, or component in a computer system.
Access authority

An entity responsible for monitoring and granting access privileges for other authorized entities.
Access Control

A computer system supposed to be used only by those authorized must attempt to detect and exclude the unauthorized. Access to it is therefore usually controlled by insisting on an authentication procedure to establish with some established degree of confidence the identity of the user, thence granting those privileges as may be authorized to that identity.
Access Control 1 (AC-1)

The organization develops, disseminates, and reviews/updates [Assignment: organization-defined frequency]: a. A formal, documented access control policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and b. Formal, documented procedures to facilitate the implementation of the access control policy and associated access controls.
Access Control 4 (AC-4)

The information system enforces approved authorizations for controlling the flow of information within the system and between interconnected systems in accordance with applicable policy.
Access Control List (ACL)

A mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted to access the resource.
Access control mechanism

Security safeguards (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) designed to detect and deny unauthorized access and permit authorized access to an information system.
Access Control Service

A security service that provides protection of system resources against unauthorized access. The two basic mechanisms for implementing this service are ACLs and tickets.
Access level

A category within a given security classification limiting entry or system connectivity to only authorized persons.
Access list

Roster of individuals authorized admittance to a controlled area.
Access Matrix

An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.
Access profile

Association of a user with a list of protected objects the user may access.
Access type

Privilege to perform action on an object. Read, write, execute, append, modify, delete, and create are examples of access types.
Account Harvesting

Account Harvesting is the process of collecting all the legitimate account names on a system.
Accountability

Principle that an individual is entrusted to safeguard and control equipment, keying material, and information and is answerable to proper authority for the loss or misuse of that equipment or information.
Accounting Legend Code (ALC)

Numeric code used to indicate the minimum accounting controls required for items of accountable COMSEC material within the COMSEC Material Control System.
Accounting number

Number assigned to an item of COMSEC material to facilitate its control.
Accreditation

he official management authorization for operation of an MIS. It provides a formal declaration by an Accrediting Authority that a computer system is approved to operate in a particular security mode using a prescribed set of safeguards. Accreditation is based on the certification process as well as other management considerations. An accreditation statement affixes security responsibility with the Accrediting Authority and shows that proper care has been taken for security.
Accreditation boundary

  1. Identifies the information resources covered by an accreditation decision, as distinguished from separately accredited information resources that are interconnected or with which information is exchanged via messaging. Synonymous with Security Perimeter.

  2. For the purposes of identifying the Protection Level for confidentiality of a system to be accredited, the system has a conceptual boundary that extends to all intended users of the system, both directly and indirectly connected, who receive output from the system. See authorization boundary.
Page:  1 2 3 4 5 6 7 8 9 10 11... Next »
All | 0-9 | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W
Glossary 2.64 is technology by Guru PHP

CCS Consortium Clients

QuickNav

CCS News Center

brightglobe.gif
CCS Practice Launch

Cyber Security has never been more important than it is now. Over the past few decades, IT capabilities have changed nearly every aspect of modern life, from popular culture to national defense. The personal computer and the Internet have become as revolutionary as the telephone and airplane were a 100 years ago. We understand the revolutionary and disruptive nature of Cyber Security and for that reason a partnership of several small businesses have chosen to develop an entirely new IT practice based upon a more holistic approach.

This year, several small business leaders joined forces to launch a revolutionary new IT security practice - Comprehensive Cyber Security (CCS). The Teksouth Corporation and Sumaria Systems, Inc are the two pillars of the CCS foundation.  Together these companies have developed a new consulting group dedicated to providing unified solutions for enterprise security. The CCS practice launches in September 2009.