throbber
NISTIR 7298
`Revision 2
`
`Glossary of Key Information
`Security Terms
`
`Richard Kissel, Editor
`
`This publication is intended to be informative, guiding users to term definitions that exist
`in various NIST standards and guidelines (along with terms in external publications like
`CNSSI-4009). This document is out-of-date, and does not reflect additions, deletions, or
`modifications of term definitions that have occurred since May 2013.
`
`Although this publication is being reviewed and updated, NIST encourages users to
`review the more up-to-date online glossary, available at
`https://csrc.nist.gov/glossary.
`
`Cellspin Ex. 2005 - Pg. 1
`
`http://dx.doi.org/10.6028/NIST.IR.7298r2
`
`Petition for Inter Parties Review
`of U.S. Patent No. 9,258,698
`EXHIBIT
`
`Cellspin-2005
`
`IPR2019-00131
`
`exhibitsticker.com
`
`

`

`NISTIR 7298
`Revision 2
`
`Glossary of Key Information Security
`Terms
`
`
`Richard Kissel, Editor
` Computer Security Division
`Information Technology Laboratory
`
`
`
`
`
`
`
`
`
`
`
`May 2013
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Department of Commerce
`Rebecca Blank, Acting Secretary
`
`National Institute of Standards and Technology
`Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director
`
`
`
`
`
`
`Cellspin Ex. 2005 - Pg. 2
`
`http://dx.doi.org/10.6028/NIST.IR.7298r2
`
`

`

`National Institute of Standards and Technology Interagency or Internal Report 7298r2
`222 pages (May 2013)
`
`
`
`
`
`Certain commercial entities, equipment, or materials may be identified in this document in order to
`describe an experimental procedure or concept adequately. Such identification is not intended to imply
`
`recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or
`
`
`equipment are necessarily the best available for the purpose.
`
`There may be references in this publication to other publications currently under development by NIST
`in accordance with its assigned statutory responsibilities. The information in this publication, including
`
`concepts and methodologies, may be used by Federal agencies even before the completion of such
`companion publications. Thus, until each publication is completed, current requirements, guidelines,
`
`and procedures, where they exist, remain operative. For planning and transition purposes, Federal
`agencies may wish to closely follow the development of these new publications by NIST.
`
`Organizations are encouraged to review all draft publications during public comment periods and
`provide feedback to NIST. All NIST Computer Security Division publications, other than the ones
`
`noted above, are available at http://csrc.nist.gov/publications.
`
`
`
`National Institute of Standards and Technology
`Attn: Computer Security Division, Information Technology Laboratory
`100 Bureau Drive (Mail Stop 8930) Gaithersburg, MD 20899-8930
`Email: secglossary@nist.gov
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ii
`
`
`
`
`
`
`
`
`
`Cellspin Ex. 2005 - Pg. 3
`
`

`

`Reports on Computer Systems Technology
`
`The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology
`(NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s
`measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of
`concept implementations, and technical analyses to advance the development and productive use of
`information technology. ITL’s responsibilities include the development of management, administrative,
`technical, and physical standards and guidelines for the cost-effective security and privacy of other than
`national security-related information in Federal information systems.
`
`
`
`
`
`
`Abstract
`
`The National Institute of Standards and Technology (NIST) has received numerous requests to
`provide a summary glossary for our publications and other relevant sources, and to make the
`glossary available to practitioners. As a result of these requests, this glossary of common
`security terms has been extracted from NIST Federal Information Processing Standards (FIPS),
`the Special Publication (SP) 800 series, NIST Interagency Reports (NISTIRs), and from the
`Committee for National Security Systems Instruction 4009 (CNSSI-4009). This glossary
`includes most of the terms in the NIST publications. It also contains nearly all of the terms and
`definitions from CNSSI-4009. This glossary provides a central resource of terms and definitions
`most commonly used in NIST information security publications and in CNSS information
`assurance publications. For a given term, we do not include all definitions in NIST documents –
`especially not from the older NIST publications. Since draft documents are not stable, we do not
`refer to terms/definitions in them.
`
`Each entry in the glossary points to one or more source NIST publications, and/or CNSSI-4009,
`and/or supplemental sources where appropriate. The NIST publications referenced are the most
`recent versions of those publications (as of the date of this document).
`
`
`
`
`Keywords
`
`Cyber Security; Definitions; Glossary; Information Assurance; Information Security; Terms
`
`
`
`
`
`
`iii
`
`Cellspin Ex. 2005 - Pg. 4
`
`

`

`Introduction
`
`We have received numerous requests to provide a summary glossary for our publications and
`other relevant sources, and to make the glossary available to practitioners. As a result of these
`requests, this glossary of common security terms has been extracted from NIST Federal
`Information Processing Standards (FIPS), the Special Publication (SP) 800 series, NIST
`Interagency Reports (NISTIRs), and from the Committee for National Security Systems
`Instruction 4009 (CNSSI-4009). The glossary includes most of the terms in the NIST
`publications. It also contains nearly all of the terms and definitions from CNSSI-4009. The
`glossary provides a central resource of terms and definitions most commonly used in NIST
`information security publications and in CNSS information assurance publications. For a given
`term, we do not include all definitions in NIST documents – especially not from the older NIST
`publications. Since draft documents are not stable, we do not refer to terms/definitions in them.
`
`Each entry in the glossary points to one or more source NIST publications, and/or CNSSI-4009,
`and/or supplemental sources where appropriate. A list of the supplemental (non-NIST) sources
`may be found on pages 221-222. As we are continuously refreshing our publication suite, terms
`included in the glossary come from our more recent publications. The NIST publications
`referenced are the most recent versions of those publications (as of the date of this document).
`
`It is our intention to keep the glossary current by providing updates online. New definitions will
`be added to the glossary as required, and updated versions will be posted on the Computer
`Security Resource Center (CSRC) Web site at http://csrc.nist.gov/.
`
`The Editor, Richard Kissel, would like to express special thanks to Ms. Tanya Brewer for her
`outstanding work in the design of the original cover page and in the overall design and
`organization of the document. Thanks also to all who provided comments during the public
`review period of this document. The Editor also expresses special thanks to the CNSS Glossary
`Working Group for encouraging the inclusion of CNSSI-4009 terms and definitions into this
`glossary.
`
`Comments and suggestions on this publication should be sent to secglossary@nist.gov.
`
`
`
`
`
`1
`
`Cellspin Ex. 2005 - Pg. 5
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`
`Access –
`
`
`
`Access Authority –
`
`Access Control –
`
`Access Control List (ACL) –
`
`
`Access Control Lists (ACLs) –
`
`
`Access Control Mechanism –
`
`Access Level –
`
`
`
`Ability to make use of any information system (IS) resource.
`SOURCE: SP 800-32
`
`Ability and means to communicate with or otherwise interact with a
`system, to use system resources to handle information, to gain
`knowledge of the information the system contains, or to control
`system components and functions.
`SOURCE: CNSSI-4009
`
`An entity responsible for monitoring and granting access privileges
`for other authorized entities.
`SOURCE: CNSSI-4009
`
`The process of granting or denying specific requests to: 1) obtain and
`use information and related information processing services; and 2)
`enter specific physical facilities (e.g., federal buildings, military
`establishments, border crossing entrances).
`SOURCE: FIPS 201; CNSSI-4009
`
`1. A list of permissions associated with an object. The list specifies
`who or what is allowed to access the object and what operations are
`allowed to be performed on the object.
`
`2. A mechanism that implements access control for a system resource
`by enumerating the system entities that are permitted to access the
`resource and stating, either implicitly or explicitly, the access modes
`granted to each entity.
`SOURCE: CNSSI-4009
`
`A register of:
`1. users (including groups, machines, processes) who have been
`given permission to use a particular system resource, and
`2. the types of access they have been permitted.
`SOURCE: SP 800-12
`
`Security safeguards (i.e., hardware and software features, physical
`controls, operating procedures, management procedures, and various
`combinations of these) designed to detect and deny unauthorized
`access and permit authorized access to an information system.
`SOURCE: CNSSI-4009
`
`A category within a given security classification limiting entry or
`system connectivity to only authorized persons.
`SOURCE: CNSSI-4009
`
`2
`
`Cellspin Ex. 2005 - Pg. 6
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Access List –
`
`Access Point –
`
`Access Profile –
`
`Access Type –
`
`Account Management, User –
`
`Accountability –
`
`
`
`Roster of individuals authorized admittance to a controlled area.
`SOURCE: CNSSI-4009
`
`A device that logically connects wireless client devices operating in
`infrastructure to one another and provides access to a distribution
`system, if connected, which is typically an organization’s enterprise
`wired network.
`SOURCE: SP 800-48; SP 800-121
`
`Association of a user with a list of protected objects the user may
`access.
`SOURCE: CNSSI-4009
`
`Privilege to perform action on an object. Read, write, execute,
`append, modify, delete, and create are examples of access types. See
`Write.
`SOURCE: CNSSI-4009
`
`Involves
`1) the process of requesting, establishing, issuing, and closing user
`accounts;
`2) tracking users and their respective access authorizations; and
`3) managing these functions.
`SOURCE: SP 800-12
`
`The security goal that generates the requirement for actions of an
`entity to be traced uniquely to that entity. This supports non-
`repudiation, deterrence, fault isolation, intrusion detection and
`prevention, and after-action recovery and legal action.
`SOURCE: SP 800-27
`
`Principle that an individual is entrusted to safeguard and control
`equipment, keying material, and information and is answerable to
`proper authority for the loss or misuse of that equipment or
`information.
`SOURCE: CNSSI-4009
`
`Accounting Legend Code (ALC) – Numeric code used to indicate the minimum accounting controls
`required for items of accountable communications security
`(COMSEC) material within the COMSEC Material Control System.
`SOURCE: CNSSI-4009
`
`Accounting Number –
`
`Number assigned to an item of COMSEC material to facilitate its
`control.
`SOURCE: CNSSI-4009
`
`
`
`3
`
`Cellspin Ex. 2005 - Pg. 7
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Accreditation –
`
`See Authorization.
`
`Accreditation Authority –
`
`See Authorizing Official.
`
`Accreditation Boundary –
`
`See Authorization Boundary.
`
`Accreditation Package –
`
`Accrediting Authority –
`
`Activation Data –
`
`Active Attack –
`
`Active Content –
`
`
`
`Active Security Testing –
`
`Activities –
`
`
`
`Product comprised of a System Security Plan (SSP) and a report
`documenting the basis for the accreditation decision.
`SOURCE: CNSSI-4009
`
`Synonymous with Designated Accrediting Authority (DAA). See
`also Authorizing Official.
`SOURCE: CNSSI-4009
`
`Private data, other than keys, that are required to access
`cryptographic modules.
`SOURCE: SP 800-32
`
`An attack that alters a system or data.
`SOURCE: CNSSI-4009
`
`An attack on the authentication protocol where the Attacker
`transmits data to the Claimant, Credential Service Provider,
`Verifier, or Relying Party. Examples of active attacks include
`man-in-the-middle, impersonation, and session hijacking.
`SOURCE: SP 800-63
`
`Electronic documents that can carry out or trigger actions
`automatically on a computer platform without the intervention of a
`user.
`SOURCE: SP 800-28
`
`Software in various forms that is able to automatically carry out or
`trigger actions on a computer platform without the intervention of a
`user.
`SOURCE: CNSSI-4009
`
`Security testing that involves direct interaction with a target, such as
`sending packets to a target.
`SOURCE: SP 800-115
`
`An assessment object that includes specific protection-related
`pursuits or actions supporting an information system that involve
`people (e.g., conducting system backup operations, monitoring
`network traffic).
`SOURCE: SP 800-53A
`
`4
`
`Cellspin Ex. 2005 - Pg. 8
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Ad Hoc Network –
`
`Add-on Security –
`
`Adequate Security –
`
`
`
`
`Administrative Account –
`
`Administrative Safeguards –
`
`Advanced Encryption Standard –
` (AES)
`
`A wireless network that dynamically connects wireless client devices
`to each other without the use of an infrastructure device, such as an
`access point or a base station.
`SOURCE: SP 800-121
`
`Incorporation of new hardware, software, or firmware safeguards in
`an operational information system.
`SOURCE: CNSSI-4009
`
`Security commensurate with the risk and the magnitude of harm
`resulting from the loss, misuse, or unauthorized access to or
`modification of information.
`SOURCE: SP 800-53; FIPS 200; OMB Circular A-130, App. III
`
`Security commensurate with the risk and magnitude of harm resulting
`from the loss, misuse, or unauthorized access to or modification of
`information.
`
`Note: This includes assuring that information systems operate
`effectively and provide appropriate confidentiality, integrity, and
`availability, through the use of cost-effective management, personnel,
`operational, and technical controls.
`SOURCE: CNSSI-4009; SP 800-37
`
`A user account with full privileges on a computer.
`SOURCE: SP 800-69
`
`Administrative actions, policies, and procedures to manage the
`selection, development, implementation, and maintenance of security
`measures to protect electronic health information and to manage the
`conduct of the covered entity's workforce in relation to protecting
`that information.
`SOURCE: SP 800-66
`
`The Advanced Encryption Standard specifies a U.S. government-
`approved cryptographic algorithm that can be used to protect
`electronic data. The AES algorithm is a symmetric block cipher that
`can encrypt (encipher) and decrypt (decipher) information. This
`standard specifies the Rijndael algorithm, a symmetric block cipher
`that can process data blocks of 128 bits, using cipher keys with
`lengths of 128, 192, and 256 bits.
`
`SOURCE: FIPS 197
`
`
`
`5
`
`Cellspin Ex. 2005 - Pg. 9
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`
`
`Advanced Key Processor (AKP) –
`
`A U.S. government-approved cryptographic algorithm that can be
`used to protect electronic data. The AES algorithm is a symmetric
`block cipher that can encrypt (encipher) and decrypt (decipher)
`information.
`SOURCE: CNSSI-4009
`
`A cryptographic device that performs all cryptographic functions for
`a management client node and contains the interfaces to 1) exchange
`information with a client platform, 2) interact with fill devices, and 3)
`connect a client platform securely to the primary services node
`(PRSN).
`SOURCE: CNSSI-4009
`
`Advanced Persistent Threats(APT) – An adversary that possesses sophisticated levels of expertise and
`significant resources which allow it to create opportunities to achieve
`its objectives by using multiple attack vectors (e.g., cyber, physical,
`and deception). These objectives typically include establishing and
`extending footholds within the information technology infrastructure
`of the targeted organizations for purposes of exfiltrating information,
`undermining or impeding critical aspects of a mission, program, or
`organization; or positioning itself to carry out these objectives in the
`future. The advanced persistent threat: (i) pursues its objectives
`repeatedly over an extended period of time; (ii) adapts to defenders’
`efforts to resist it; and (iii) is determined to maintain the level of
`interaction needed to execute its objectives.
`SOURCE: SP 800-39
`
`Adversary –
`
`Advisory –
`
`Individual, group, organization, or government that conducts or has
`the intent to conduct detrimental activities.
`SOURCE: SP 800-30
`
`Notification of significant new trends or developments regarding the
`threat to the information systems of an organization. This
`notification may include analytical insights into trends, intentions,
`technologies, or tactics of an adversary targeting information
`systems.
`SOURCE: CNSSI-4009
`
`
`
`6
`
`Cellspin Ex. 2005 - Pg. 10
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Agency –
`
`Any executive department, military department, government
`corporation, government-controlled corporation, or other
`establishment in the executive branch of the government (including
`the Executive Office of the President), or any independent regulatory
`agency, but does not include: 1) the Government Accountability
`Office; 2) the Federal Election Commission; 3) the governments of
`the District of Columbia and of the territories and possessions of the
`United States, and their various subdivisions; or 4) government-
`owned contractor-operated facilities, including laboratories engaged
`in national defense research and production activities.
`SOURCE: FIPS 200; 44 U.S.C., Sec. 3502
`
`ALSO See Executive Agency.
`
`Agency Certification Authority –
`(CA)
`
`A CA that acts on behalf of an agency and is under the operational
`control of an agency.
`SOURCE: SP 800-32
`
`Agent –
`
`Alert –
`
`Allocation –
`
`Alternate COMSEC Custodian –
`
`Alternate Work Site –
`
`Analysis –
`
`
`
`A program acting on behalf of a person or organization.
`SOURCE: SP 800-95
`
`Notification that a specific attack has been directed at an
`organization’s information systems.
`SOURCE: CNSSI-4009
`
`The process an organization employs to determine whether security
`controls are defined as system-specific, hybrid, or common.
`
`The process an organization employs to assign security controls to
`specific information system components responsible for providing a
`particular security capability (e.g., router, server, remote sensor).
`SOURCE: SP 800-37
`
`Individual designated by proper authority to perform the duties of the
`COMSEC custodian during the temporary absence of the COMSEC
`custodian.
`SOURCE: CNSSI-4009
`
`Governmentwide, national program allowing federal employees to
`work at home or at geographically convenient satellite offices for part
`of the work week (e.g., telecommuting).
`SOURCE: CNSSI-4009
`
`The examination of acquired data for its significance and probative
`value to the case.
`SOURCE: SP 800-72
`
`7
`
`Cellspin Ex. 2005 - Pg. 11
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Anomaly-Based Detection –
`
`Anti-jam –
`
`Anti-spoof –
`
`Antispyware Software –
`
`Antivirus Software –
`
`Applicant –
`
`Application –
`
`
`
`
`Approval to Operate (ATO) –
`
`The process of comparing definitions of what activity is considered
`normal against observed events to identify significant deviations.
`SOURCE: SP 800-94
`
`Countermeasures ensuring that transmitted information can be
`received despite deliberate jamming attempts.
`SOURCE: CNSSI-4009
`
`Countermeasures taken to prevent the unauthorized use of legitimate
`Identification & Authentication (I&A) data, however it was obtained,
`to mimic a subject different from the attacker.
`SOURCE: CNSSI-4009
`
`A program that specializes in detecting both malware and non-
`malware forms of spyware.
`SOURCE: SP 800-69
`
`A program that monitors a computer or network to identify all major
`types of malware and prevent or contain malware incidents.
`SOURCE: SP 800-83
`
`The subscriber is sometimes called an “applicant” after applying to a
`certification authority for a certificate, but before the certificate
`issuance procedure is completed.
`SOURCE: SP 800-32
`
`A software program hosted by an information system.
`SOURCE: SP 800-37
`
`Software program that performs a specific function directly for a user
`and can be executed without access to system control, monitoring, or
`administrative privileges.
`SOURCE: CNSSI-4009
`
`The official management decision issued by a DAA or PAA to
`authorize operation of an information system and to explicitly accept
`the residual risk to agency operations (including mission, functions,
`image, or reputation), agency assets, or individuals.
`SOURCE: CNSSI-4009
`
`
`
`8
`
`Cellspin Ex. 2005 - Pg. 12
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Approved –
`
`Approved –
`
`
`
`Approved Mode of Operation –
`
`Approved Security Function –
`
`Federal Information Processing Standard (FIPS)-approved or
`National Institute of Standards and Technology (NIST)-
`recommended. An algorithm or technique that is either
`1) specified in a FIPS or NIST Recommendation, or
`2) adopted in a FIPS or NIST Recommendation.
`SOURCE: FIPS 201
`
`FIPS-approved and/or NIST-recommended.
`SOURCE: FIPS 140-2
`
`FIPS-approved and/or NIST-recommended. An algorithm or
`technique that is either 1) specified in a FIPS or NIST
`Recommendation, 2) adopted in a FIPS or NIST
`Recommendation, or 3) specified in a list of NIST-approved
`security functions.
`SOURCE: FIPS 186
`
`A mode of the cryptographic module that employs only Approved
`security functions (not to be confused with a specific mode of an
`Approved security function, e.g., Data Encryption Standard Cipher-
`Block Chaining (DES CBC) mode).
`SOURCE: FIPS 140-2
`
`A security function (e.g., cryptographic algorithm, cryptographic key
`management technique, or authentication technique) that is either
`
`
`a) specified in an Approved Standard;
`b) adopted in an Approved Standard and specified either in an
`appendix of the Approved Standard or in a document
`referenced by the Approved Standard; or
`c) specified in the list of Approved security functions.
`SOURCE: FIPS 140-2
`
`Assessment –
`
`See Security Control Assessment.
`
`Assessment Findings –
`
`Assessment Method –
`
`
`
`Assessment results produced by the application of an assessment
`procedure to a security control or control enhancement to achieve an
`assessment objective; the execution of a determination statement
`within an assessment procedure by an assessor that results in either
`a satisfied or other than satisfied condition.
`SOURCE: SP 800-53A
`
`One of three types of actions (i.e., examine, interview, test) taken by
`assessors in obtaining evidence during an assessment.
`SOURCE: SP 800-53A
`
`9
`
`Cellspin Ex. 2005 - Pg. 13
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Assessment Object –
`
`Assessment Objective –
`
`Assessment Procedure –
`
`Assessor –
`
`Asset –
`
`Asset Identification –
`
`Asset Reporting Format (ARF) –
`
`Assurance –
`
`
`
`
`
`
`
`The item (i.e., specifications, mechanisms, activities, individuals)
`upon which an assessment method is applied during an assessment.
`SOURCE: SP 800-53A
`
`A set of determination statements that expresses the desired outcome
`for the assessment of a security control or control enhancement.
`SOURCE: SP 800-53A
`
`A set of assessment objectives and an associated set of assessment
`methods and assessment objects.
`SOURCE: SP 800-53A
`
`See Security Control Assessor.
`
`A major application, general support system, high impact program,
`physical plant, mission critical system, personnel, equipment, or a
`logically related group of systems.
`SOURCE: CNSSI-4009
`
`Security Content Automation Protocol (SCAP) constructs to uniquely
`identify assets (components) based on known identifiers and/or
`known information about the assets.
`SOURCE: SP 800-128
`
`SCAP data model for expressing the transport format of information
`about assets (components) and the relationships between assets and
`reports.
`SOURCE: SP 800-128
`
`Grounds for confidence that the other four security goals (integrity,
`availability, confidentiality, and accountability) have been adequately
`met by a specific implementation. “Adequately met” includes (1)
`functionality that performs correctly, (2) sufficient protection against
`unintentional errors (by users or software), and (3) sufficient
`resistance to intentional penetration or by-pass.
`SOURCE: SP 800-27
`
`The grounds for confidence that the set of intended security controls
`in an information system are effective in their application.
`SOURCE: SP 800-37; SP 800-53A
`
`Measure of confidence that the security features, practices,
`procedures, and architecture of an information system accurately
`mediates and enforces the security policy.
`SOURCE: CNSSI-4009; SP 800-39
`
`10
`
`Cellspin Ex. 2005 - Pg. 14
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`
`
`Assurance Case –
`
`Assured Information Sharing –
`
`Assured Software –
`
`In the context of OMB M-04-04 and this document, assurance is
`defined as 1) the degree of confidence in the vetting process used
`to establish the identity of an individual to whom the credential
`was issued, and 2) the degree of confidence that the individual
`who uses the credential is the individual to whom the credential
`was issued.
`SOURCE: SP 800-63
`
`A structured set of arguments and a body of evidence showing that an
`information system satisfies specific claims with respect to a given
`quality attribute.
`SOURCE: SP 800-53A; SP 800-39
`
`The ability to confidently share information with those who need it,
`when and where they need it, as determined by operational need and
`an acceptable level of security risk.
`SOURCE: CNSSI-4009
`
`Computer application that has been designed, developed, analyzed,
`and tested using processes, tools, and techniques that establish a level
`of confidence in it.
`SOURCE: CNSSI-4009
`
`Asymmetric Cryptography –
`
`See Public Key Cryptography.
`SOURCE: CNSSI-4009
`
`Asymmetric Keys –
`
`Attack –
`
`
`
`Attack Sensing and Warning
`(AS&W) –
`
`
`
`Two related keys, a public key and a private key that are used to
`perform complementary operations, such as encryption and
`decryption or signature generation and signature verification.
`SOURCE: FIPS 201
`
`An attempt to gain unauthorized access to system services, resources,
`or information, or an attempt to compromise system integrity.
`SOURCE: SP 800-32
`
`Any kind of malicious activity that attempts to collect, disrupt, deny,
`degrade, or destroy information system resources or the information
`itself.
`SOURCE: CNSSI-4009
`
`Detection, correlation, identification, and characterization of
`intentional unauthorized activity with notification to decision makers
`so that an appropriate response can be developed.
`SOURCE: CNSSI-4009
`
`11
`
`Cellspin Ex. 2005 - Pg. 15
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Attack Signature –
`
`
`
`Attribute Authority –
`
`Attribute-Based Access Control –
`
`Attribute-Based Authorization –
`
`Audit –
`
`
`
`Audit Data –
`
`Audit Log –
`
`
`
`A specific sequence of events indicative of an unauthorized access
`attempt.
`SOURCE: SP 800-12
`
`A characteristic byte pattern used in malicious code or an indicator,
`or set of indicators, that allows the identification of malicious
`network activities.
`SOURCE: CNSSI-4009
`
`An entity, recognized by the Federal Public Key Infrastructure (PKI)
`Policy Authority or comparable agency body as having the authority
`to verify the association of attributes to an identity.
`SOURCE: SP 800-32
`
`Access control based on attributes associated with and about subjects,
`objects, targets, initiators, resources, or the environment. An access
`control rule set defines the combination of attributes under which an
`access may take place.
`SOURCE: SP 800-53; CNSSI-4009
`
`A structured process that determines when a user is authorized to
`access information, systems, or services based on attributes of the
`user and of the information, system, or service.
`SOURCE: CNSSI-4009
`
`Independent review and examination of records and activities to
`assess the adequacy of system controls, to ensure compliance with
`established policies and operational procedures, and to recommend
`necessary changes in controls, policies, or procedures.
`SOURCE: SP 800-32
`
`Independent review and examination of records and activities to
`assess the adequacy of system controls, to ensure compliance with
`established policies and operational procedures.
`SOURCE: CNSSI-4009
`
`Chronological record of system activities to enable the reconstruction
`and examination of the sequence of events and changes in an event.
`SOURCE: SP 800-32
`
`A chronological record of system activities. Includes records of
`system accesses and operations performed in a given period.
`SOURCE: CNSSI-4009
`
`12
`
`Cellspin Ex. 2005 - Pg. 16
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Audit Reduction Tools –
`
`Audit Review –
`
`Audit Trail –
`
`
`
`Authenticate –
`
`
`
`Authentication –
`
`Authentication –
`
`Authentication –
`
`
`
`Preprocessors designed to reduce the volume of audit records to
`facilitate manual review. Before a security review, these tools can
`remove many audit records known to have little security significance.
`These tools generally remove records generated by specified classes
`of events, such as records generated by nightly backups.
`SOURCE: SP 800-12; CNSSI-4009
`
`The assessment of an information system to evaluate the adequacy of
`implemented security controls, assure that they are functioning
`properly, identify vulnerabilities, and assist in implementation of new
`security controls where required. This assessment is conducted
`annually or whenever significant change has occurred and may lead
`to recertification of the information system.
`SOURCE: CNSSI-4009
`
`A record showing who has accessed an Information Technology (IT)
`system and what operations the user has performed during a given
`period.
`SOURCE: SP 800-47
`
`A chronological record that reconstructs and examines the sequence
`of activities surrounding or leading to a specific operation, procedure,
`or event in a security relevant transaction from inception to final
`result.
`SOURCE: CNSSI-4009
`
`To confirm the identity of an entity when that identity is presented.
`SOURCE: SP 800-32
`
`To verify the identity of a user, user device, or other entity.
`SOURCE: CNSSI-4009
`
`Verifying the identity of a user, process, or device, often as a
`prerequisite to allowing access to resources in an information system.
`SOURCE: SP 800-53; SP 800-53A; SP 800-27; FIPS 200; SP 800-30
`
`The process of establishing confidence of authenticity.
`SOURCE: FIPS 201
`
`Encompasses identity verification, message origin authentication, and
`message content authentication.
`SOURCE: FIPS 190
`
`13
`
`Cellspin Ex. 2005 - Pg. 17
`
`

`

`NIST IR 7298 Revision 2, Glossary of Key Information Security Terms
`
`Authentication –
`
`
`
`
`
`Authentication Code –
`
`Authentication Mechanism –
`
`
`
`Authentication Mode –
`
`Authentication Period –
`
`Authentication Protocol –
`
`
`
`
`
`A process that establishes the origin of information or determines an
`entity’s identity.
`SOURCE: SP 800-21
`
`The process of verifying the identity or other attributes claimed by or
`assumed of an entity (user, process, or device), or to verify the source
`and integrity of data.
`SOURCE: CNSSI-4009
`
`The process of establishing confidence in the identity of users or
`information systems.
`SOURCE: SP 800-63
`
`A cryptographic checksum based on an Approved security function
`(also known as a Message Authentication Code [MAC]).
`SOURCE: FIPS 140-2
`
`Hardware-or software-based mechanisms that force users to prove
`their identity before accessing data on a device.
`SOURCE: SP 800-72; SP 800-124
`
`Hardware or software-based mechanisms that forces users, devices,
`or processes to prove their identity before accessing data

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket