An organizational entity responsible for assigning distinguished names (DNs) and for assuring that each DN is meaningful and unique within its domain.
- Browse Related Terms: assurance, Baseline Security, Cybersecurity, High Impact System, Incident, Information Assurance, Information Security, IT Security Goal, IT Security Metrics, Low Impact System, Malware, Moderate Impact System, Naming Authority, Potential Impact, Safeguards, Security Category, Security Controls, Security Goals, Security Objective, Security Requirements, sensitivity, Trustworthy System
Also listed in:
A U.S. Government initiative originated to meet the security testing needs of both information technology (IT) consumers and producers. NIAP is a collaboration between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) in fulfilling their respective responsibilities under Public Law (PL) 100-235 (Computer Security Act of 1987). The partnership combines the extensive IT security experience of both agencies to promote the development of technically sound security requirements for IT products and systems and appropriate measures for evaluating those products and systems.
- Browse Related Terms: Agency, Cryptographic Module Validation Program (CMVP), Cyber Command, Federal Information Processing Standard (FIPS), Federal Information Systems Security Educators Association (FISSEA), Individual, National Information Assurance Partnership (NIAP), Privacy
Telecommunications services that are used to maintain a state of readiness or to respond to and manage any event or crisis (local, national, or international) that causes or could cause injury or harm to the population, damage to or loss of property, or degrade or threaten the national security or emergency preparedness posture of the United States.
- Browse Related Terms: access control, Audit Data, Audit Reduction Tools, cold site, Disaster Recovery Plan (DRP), Disruption, Executive Agency, hot site, National Security Emergency Preparedness Telecommunications Services, Security Policy
A process that can be used to determine an organizations awareness and training needs. The results of a needs assessment can provide justification to convince management to allocate adequate resources to meet the identified awareness and training needs.
- Browse Related Terms: Information Security Policy, Information Type, IT Security Policy, Memorandum of Understanding/Agreement (MOU/A), Needs Assessment (IT Security Awareness and Training), Plan of Action and Milestones (POA&M), policy, Registration Authority (RA), Trustworthiness, Validation
A type of algorithm that learns from past experience to make decisions. See also algorithm.
- Browse Related Terms: Closed-set Identification, Cumulative Match Characteristic (CMC), Detection and Identification Rate, Gallery, Identification Rate, Neural Net/Neural Network, Open-set Identification, Operational Evaluation, Scenario Evaluation, Technology Evaluation, Threshold, US-VISIT (U.S. Visitor and Immigrant Status Indicator Technology), Watchlist
A non-regulatory federal agency within the U.S. Department of Commerce that develops and promotes measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life. NIST's measurement and standards work promotes the well-being of the nation and helps improve, among many others things, the nation's homeland security. For more information visit www.nist.gov. See also ANSI, INCITS, ISO.
- Browse Related Terms: ANSI (American National Standards Institute), API (application programming interface), BioAPI (Biometrics Application Programming Interface), Biometric Consortium (BC), FERET (FacE REcognition Technology program), FpVTE - Fingerprint Vendor Technology Evaluation (2003), FRGC (Face Recognition Grand Challenge), FRVT (Face Recognition Vendor Test), ICE (Iris Challenge Evaluation), INCITS (International Committee for Information Technology Standards), ISO (International Organization for Standardization), NIST (National Institute of Standards and Technology), Speaker Recognition Evaluations, Speech Recognition, Voice Recognition
Unwanted components in a signal that degrade the quality of data or interfere with the desired signals processed by a system.
Also listed in:
An individual who is not aware that his/her biometric sample is being collected. Example: A traveler passing through a security line at an airport is unaware that a camera is capturing his/her face image. See also cooperative user, indifferent user, uncooperative user.
- Browse Related Terms: Capture, Cooperative User, Covert, database, Eavesdropping, end user, Failure to Acquire (FTA), Failure to Enroll (FTE), Indifferent User, Non-cooperative User, Overt, record, Skimming, Submission, Uncooperative User, user
Is the security service by which the entities involved in a communication cannot deny having participated. Specifically the sending entity cannot deny having sent a message (non-repudiation with proof of origin) and the receiving entity cannot deny having received a message (non-repudiation with proof of delivery).
- Browse Related Terms: Authentication Token, Claimant, Distinguishing Identifier, Initiator, Key Exchange, mutual authentication, Non-repudiation, Object, Principal, Protocol Entity, Responder, Spoofing, steganography, verifier
A value used in security protocols that is never repeated with the same key. For example, challenges used in challenge-response authentication protocols generally must not be repeated until authentication keys are changed, or there is a possibility of a replay attack. Using a nonce as a challenge is a different requirement than a random challenge, because a nonce is not necessarily unpredictable.
- Browse Related Terms: Authentication Code, Challenge-Response Protocol, File Integrity Checker, Hash-based Message Authentication Code (HMAC), IP address, Keyed-hash based message authentication code (HMAC), Message Authentication Code (MAC), Message Digest, nonce, Secure Hash Algorithm (SHA-1), SHA-1, Traffic Analysis, Virus Hoax
Also listed in: