Glossary F
Fingerprint

Fingerprint

A hash value of a (public) key encoded into a string (e.g., into hexadecimal). Several fingerprint formats are in use by different SSH implementations.See NISTIR ...

Read More

FIPS

FIPS

A standard for adoption and use by federal departments and agencies that has been developed within the Information Technology Laboratory and published by NIST, a ...

Read More

Firewall

Firewall

An inter-network connection device that restricts data communication traffic between two connected networks. A firewall may be either an application installed on a general-purpose computer ...

Read More

Firmware

Firmware

Computer programs and data stored in hardware - typically in read-only memory (ROM) or programmable read-only memory (PROM) - such that the programs and data ...

Read More

Log compression

Flooding

An attack that attempts to cause a failure in a system by providing more input than the system can process properly.See CNSSI 4009-2015 from IETF ...

Read More

Forensics

Forensics

The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.See CNSSI 4009-2015 for ...

Read More

Format

Format

Pre-established layout for data.See NIST SP 800-88 Rev. 1 for more information.

Read More

FDCC

FDCC

Federal Desktop Core ConfigurationOMB-mandated set of security configurations for all federal workstation and laptop devices that run either Windows XP or Vista. See NIST SP 800-128 for more ...

Read More

Fail-Safe-Fail-Secure

Fail Safe

A mode of termination of system functions that prevents damage. See fail secure and fail soft for comparison.  To specified system resources and system entities (i.e., specified data, property, ...

Read More

Fail Secure

Fail Secure

A mode of termination of system functions that prevents loss of secure state when a failure occurs or is detected in the system (but ...

Read More

Fail Soft

Fail Soft

Selective termination of affected, non-essential system functions when a failure occurs or is detected in the system. See CNSSI 4009-2015 and (IETF RFC 4949 Ver 2) for more information. See fail ...

Read More

Fail to Known State

Fail to Known State

Upon a disruption event that causes the system to fail, it fails to a pre-determined state. Failure in a known safe state helps to prevent ...

Read More

failover-1

Failover

The capability to switch over automatically (typically without human intervention or warning) to a redundant or standby information system upon the failure or abnormal termination ...

Read More

Fault Injection Testing

Fault Injection Testing

Attempting to artificially cause an error with an app during execution by forcing it to experience corrupt data or corrupt internal states to see how ...

Read More

Fault Tolerant

Fault Tolerant

Of a system, having the built-in capability to provide continued, correct execution of its assigned function in the presence of a hardware and/or software fault. See  NIST ...

Read More

Fault Tolerance

Fault Tolerance

Fault Tolerance is the capability of a system to suffer a fault, but continue to operate. In other way, the system can tolerate the fault ...

Read More

Fault Tree Analysis

Fault Tree Analysis

A top-down, deductive failure analysis in which an undesired state of a system (top event) is analyzed using Boolean logic to combine a series of ...

Read More

Flash ROM

Flash ROM

Non-volatile memory that is writable. See the following for more information: NIST SP 800-101 Rev. 1.NIST SP 800-72.

Read More

Framework

Framework

The CKMS requirements specified in [NIST SP 800-130].See NIST SP 800-152 under Framework (for CKMS) for more information. A layered structure indicating what kind of programs ...

Read More

Fail-Accept-Rate

False Accept Rate (FAR)

Proportion of verification transactions with wrongful claims of identity that are incorrectly confirmed. See CNSSI 4009-2015 (ISO/IEC 19795-1:2006) for more information. Defined over an authentication transaction. ...

Read More

False-acceptance

False Acceptance

When a biometric system incorrectly identifiesa biometric subject or incorrectly authenticates a biometric subject against aclaimed identity.See CNSSI 4009-2015 (DoD BiometricsEnterprise Architecture (Integrated) v2.0)  for moreinformation.

Read More

False-negative

False Negative

Incorrectly classifying malicious activity as benign.See NIST SP 800-86 for more information.An instance in which a security tool intended to detect a particular threat fails to ...

Read More

False Positive

False Positive

An erroneous acceptance of the hypothesis that a statistically significant event has been observed. This is also referred to as a type 1 error. When ...

Read More

False Reject Rate (FRR)

False Reject Rate (FRR)

Proportion of verification transactions with truthful claims of identity that are incorrectly denied. See CNSSI 4009-2015 (ISO/IEC 19795-1:2006) for more information. False Reject Rate (defined over an authentication transaction).See NIST SP ...

Read More

False Rejection

False Rejection

The failure of a biometric system to identify a biometric subject or to verify the legitimate claimed identity of a biometric subject. See  CNSSI 4009-2015 (NIAP 7298 ) for more ...

Read More

Federal Acquisition Regulation

Federal Acquisition Regulation

The Federal Acquisition Regulations System is established for the codification and publication of uniform policies and procedures for acquisition by all executive agencies. See NISTIR 7622 under Federal ...

Read More