Glossary E
Exfiltration

Exfiltration

The unauthorized transfer of information from an information system.See CNSSI 4009-2015  for more information

Read More

Extranet

Extranet

A computer network that an organization uses for application data traffic between the organization and its business partners.See CNSSI 4009-2015 from IETF RFC 4949 Ver ...

Read More

Evaluation Assurance Level

Evaluation Assurance Level

Set of assurance requirements that represent a point on the Common Criteria predefined assurance scale. Rationale: NIAP has switched to a “protection profile” program to ...

Read More

anonymozation

Enclave Boundary

Point at which an enclave’s internal network service layer connects to an external network’s service layer, i.e., to another enclave or to a wide area ...

Read More

Encryption Certificate

Encryption Certificate

A certificate containing a public key that can encrypt or decrypt electronic messages, files, documents, or data transmissions, or establish or exchange a session key ...

Read More

ECC

ECC

Elliptic Curve Cryptography, the public-key cryptographic methods using operations in an elliptic curve group. See NIST SP 800-56A Rev. 2 and NIST SP 800-56C  for more information.  

Read More

E-commerce

E-commerce

The use of network technology (especially the internet) to buy or sell goods and services. See NIST SP 800-32 for more information. 

Read More

Egress Filtering

Egress Filtering

Filtering of outgoing network traffic. See NIST SP 800-41 Rev. 1 for more information. 

Read More

EMI

EMI

An electromagnetic disturbance that interrupts, obstructs, or otherwise degrades or limits the effective performance of electronics/electrical equipment. See NIST SP 800-101 Rev. 1 and NIST SP 800-72 for more information. 

Read More

Encryption Algorithm

Encryption Algorithm

Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.See  CNSSI 4009-2015 for more information.

Read More

EPHI

EPHI

Electronic Protected Health Information Individually identifiable health information: that is: (i) Transmitted by electronic media; ...

Read More

Encryption

Encryption

Encryption provides confidentiality and prevents unauthorized disclosure of data. Encrypted data is in a ciphertext format that is unreadable. Attackers can’t read encrypted traffic sent ...

Read More

ECDSA

ECDSA

Elliptic Curve Digital Signature Algorithm (ECDSA) A digital signature algorithm that is an analog of DSA using elliptic curve mathematics and specified in ANSI draft standard X9.62. See NIST SP ...

Read More

Emergency-action-plan

Emergency Action Plan

A plan developed to prevent loss of national intelligence; protect personnel, facilities, and communications; and recover operations damaged by terrorist attack, natural disaster, or similar ...

Read More

Emissin-Security

Emission Security (EMSEC)

The component of communications security that results from all measures taken to deny unauthorized persons information of value that might be derived from intercept and ...

Read More

ESPP

ESPP

Encapsulating Security Payload Protocol IPsec security protocol that can provide encryption and/or integrity protection for packet headers and data. See  NIST SP 800-77 for more information. 

Read More

encipher

Encipher

Cryptographically transform data to produce cipher text.See  CNSSI 4009-2015 under encrypt (IETF RFC 4949 Ver 2) for more information.  See encrypt. Rationale: Deprecated Term: Encrypt is the preferred term. See  CNSSI ...

Read More

Enclave

Enclave

A set of system resources that operate in the same security domain and that share the protection of a single, common, continuous security perimeter. See IETF RFC ...

Read More

Encode

Encode

Use a system of symbols to represent information, which might originally have some other representation. Example: Morse code.See IETF RFC 4949 Ver 2 for more information.

Read More

Encrypt

Encrypt

Cryptographically transform data to produce cipher text. See CNSSI 4009-2015 (IETF RFC 4949 Ver 2) for more information. 

Read More

Encryption

Encryption

Cryptographic transformation of data (called “plaintext”) into a form (called “ciphertext”) that conceals the data’s original meaning to prevent it from being known or used. ...

Read More

Endpoint Protection Platform

Endpoint Protection Platform

Safeguards implemented through software to protect end-user machines such as workstations and laptops against attack (e.g., antivirus, antispyware, antiadware, personal firewalls, host-based intrusion detection and prevention ...

Read More

End-to-End Encryption

End-to-End Encryption

Communications encryption in which data is encrypted when being passed through a network, but routing information remains visible. See NIST SP 800-12 and NIST SP 800-12 Rev. 1 under End-to-End ...

Read More

Enterprise

Enterprise

An organization with a defined mission/goal and a defined boundary, using information systems to execute that mission, and with responsibility for managing its own risks ...

Read More

Ephemeral Key

Ephemeral Key

A cryptographic key that is generated for each execution of a key-establishment process and that meets other requirements of the key type (e.g., unique to ...

Read More

Ephemeral Key Pair

Ephemeral Key Pair

A key pair, consisting of a public key (i.e., an ephemeral public key) and a private key (i.e., an ephemeral private key) that is intended ...

Read More

Erasure

Erasure

Process intended to render magnetically stored information irretrievable by normal means. See NIST SP 800-88 Rev. 1 under Erasure for more information.

Read More

Error Detection Code

Error Detection Code

A code computed from data and comprised of redundant bits of information designed to detect, but not correct, unintentional changes in the data. See  NIST SP 800-152 under ...

Read More

Event

Event

Any observable occurrence in an information system. See the following under Event for more information:  NIST SP 800-53 Rev. 4. NIST SP 800-61 Rev. 2. NIST SP 800-61 Rev. ...

Read More

Event Aggregation

Event Aggregation

The consolidation of similar log entries into a single entry containing a count of the number of occurrences of the event. See NIST SP 800-92 under Aggregation for ...

Read More

Event Correlation

Event Correlation

Finding relationships between two or more log entries. See NIST SP 800-92 under Correlation for more information. 

Read More

Event Filtering

Event Filtering

The suppression of log entries from analysis, reporting, or long-term storage because their characteristics indicate that they are unlikely to contain information of interest. See NIST SP ...

Read More

Evidence

Evidence

Grounds for belief or disbelief; data on which to base proof or to establish truth or falsehood.  Note 1: Evidence can be objective or subjective. Evidence ...

Read More

Exclusive OR

Exclusive OR

Exclusive-OR operation. See the following for detailed information: FIPS 197 under XOR. FIPS 197 under ⊕.  Bitwise logical “exclusive-or”, where 0⊕ 0 = 0, 0⊕ 1 = 1, 1⊕ 0 = ...

Read More