I - Cybersecurity Glossary

This page is having a slideshow that uses Javascript. Your browser either doesn't support Javascript or you have it turned off. To see this page as it is meant to appear please use a Javascript enabled browser.Verticalis WordPress Slider Plugin.

Glossary I

Intranet

A computer network, especially one based on Internet technology, that an organization uses for its own internal (and usually private) purposes and that is closed ...

Interface

In a service-oriented architecture, a specification of the operations that a service offers its clients. In WSDL 2.0 an interface component describes sequences of messages ...

Individuals

An assessment object that includes people applying specifications, mechanisms, or activities.See the following under Individuals for more information.CNSSI 4009-2015 NIST SP 800-39.NIST SP 800-137 (NISTIR ...

IA

Identification and AuthenticationIdentification and Authentication (NIST SP 800-53 security control family) Information Assurance Measures that protect and defend information and information systems by ensuring ...

Identifiable Person

One who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his ...

Identification

The process of discovering the true identity (i.e., origin, initial history) of a person or item from the entire collection of similar persons or items. See CNSSI ...

Identified Information

Information that explicitly identifies an individual See NISTIR 8053 for more information.

Identifier

Unique data used to represent a person’s identity and associated attributes. A name or a card number are examples of identifiers. See NIST SP 800-79-2 under Identifier and NIST SP ...

Identity

The set of physical and behavioral characteristics by which an individual is uniquely recognizable. See FIPS 201 under Identity [Withdrawn] and NIST SP 800-79-2 under Identity for more information. A set ...

Identity Assurance Level (IAL)

A category that conveys the degree of confidence that the applicant’s claimed identity is their real identity. See NIST SP 800-63-3 for more information.

Identity Provider (IdP)

The party that manages the subscriber’s primary authentication credentials and issues assertions derived from those credentials. This is commonly the CSP as discussed within this ...

Identity Registration

The process of making a person’s identity known to the personal identity verification (PIV) system, associating a unique identifier with that identity, and collecting and ...

Identity Proofing

Verifying the claimed identity of an applicant by authenticating the identity source documents provided by the applicant. See NIST SP 800-79-2 for more information. The process by which a ...

Identity Token

Smart card, metal key, or other physical object used to authenticate identity. See CNSSI 4009-2015 for more information.

Identity Verification

The process of testing the media to ensure the information cannot be read. See NIST SP 800-88 Rev. 1 under Verification for more information. Confirmation, through the provision of objective ...

Image

A package that contains all the files required to run a container. See NIST SP 800-190 for more information. A file or directory that contains, at a minimum, the ...

Impact

The effect on organizational operations, organizational assets, individuals, other organizations, or the Nation (including the national security interests of the United States) of a loss ...

IMAP

Internet Message Access ProtocolInternet Message Access Protocol Mail Delivery AgentA method of communication used to read electronic messages stored in a remote server. See NISTIR ...

IMEI

International Mobile Equipment IdentifierInternational Mobile Equipment IdentityA unique number programmed into GSM and UMTS mobile phones.See NISTIR 7250 and NISTIR 7387 under International Mobile Equipment Identity for more ...

Impact Level

The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of ...

Impact Value

The assessed potential impact resulting from a compromise of the confidentiality, integrity, or availability of information expressed as a value of low, moderate ...

Incident

An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits ...

Incident Handling

An IT security incident is an adverse event in a computer system or network caused by the failure of a security mechanism or an attempted ...

Incident Response

The mitigation of violations of security policies and recommended practices. See CNSSI 4009-2015 under incident handling (NIST SP 800-61 Rev. 2) for more information.

Incident Response Plan

The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber attacks against ...

Incineration

A physically Destructive method of sanitizing media; the act of burning completely to ashes. See NIST SP 800-88 Rev. 1 for more information.

Indirect Identifier

Information that can be used to identify an individual through association with other information.See NISTIR 8053 for more information.

Individual

A citizen of the United States or an alien lawfully admitted for permanent residence. Agencies may, consistent with individual practice, choose to extend the protections ...

Individual Accountability

Ability to associate positively the identity of a user with the time, method, and degree of access to an information system. See CNSSI 4009-2015 for more information.

IIHI

Individually Identifiable Health InformationInformation that is a subset of health information, including demographic information collected from an individual, and: (1) Is created or received by a ...

Industrial Control System (ICS)

An information system used to control industrial processes such as manufacturing, product handling, production, and distribution. Industrial control systems include supervisory control and data acquisition ...

Inference

This refers to the ability to deduce the identity of a person associated with a set of data through clues contained in that information. This ...

Information

An instance of an information type. See the following under Information for more details: NIST SP 800-53 Rev. 4(FIPS 199). FIPS 200 (FIPS 199). NIST SP 800-137 (FIPS 199). NIST ...

Integrity

Integrity provides assurances that data has not changed. This includes ensuring that no one has modified, tampered with, or corrupted the data. Ideally, only authorized ...

Information Leakage

The intentional or unintentional release of information to an untrusted environment. See NIST SP 800-53 Rev. 4 for more information.

Information Management Policy

The high-level policy of an organization that specifies what information is to be collected or created, and how it is to be managed. See NIST SP 800-152 for ...

Information Owner

Official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, classification, collection, processing, dissemination, and disposal. See ...

Information Security Policy

A high-level policy of an organization that is created to support and enforce portions of the organization’s Information Management Policy by specifying in more detail ...

Internet

The single, interconnected, worldwide system of commercial, governmental, educational, and other computer networks that share (a) the protocol suite specified by the Internet Architecture Board (IAB) ...

Internet of Things

As used in this publication, user or industrial devices that are connected to the internet. IoT devices include sensors, controllers, and household appliances.See the following ...