The means used to confirm the identity of a user, processor, or device
Threat Intelligence
Threat information that has been aggregated, transformed, analyzed, interpreted
Timestamp
A token or packet of information that is used to provide assurance of timeliness
Hybrid Security Control
A security control that is implemented in an information system
Hotfix
Updated code from Microsoft that addresses a specific security problem.
Jitter
The time or phase difference between the data signal and the ideal clock.
Information Management Policy
The high-level policy of an organization that specifies what information is to be collected
Information Leakage
The intentional or unintentional release of information to an untrusted environment.
IIHI
Individually Identifiable Health Information Information that is a subset of health information
Key Pair
A public key and its corresponding private key; a key pair is used with a public key
Key Rotation
Changing the key, i.e., replacing it by a new key. The places that use the key or keys
Industrial Control System (ICS)
An information system used to control industrial processes such as manufacturing
Key Recovery
A function in the lifecycle of keying material; mechanisms and processes
Life Cycle
Evolution of a system, product, service, project, or other human-made entity
Key Revocation
A function in the lifecycle of keying material; a process whereby a notice is made
Limited User Account
A user account with limited privileges on a computer. See NIST SP 800-69
Likelihood
A weighted factor based on a subjective analysis of the probability that a given threat
Masquerading
A type of threat action whereby an unauthorized entity gains access to a system
OpenPGP
A protocol defined in IETF RFCs 2440 and 3156 for encrypting messages
OCSP
An online protocol used to determine the status of a public key certificate.
Development Life Cycle
The scope of activities associated with a system, encompassing the system’s initiation
Degauss
To reduce the magnetic flux to virtual zero by applying a reverse magnetizing field.
Quantitative Assessment
Use of a set of methods, principles, or rules for assessing risks based on the use
Ephemeral Key Pair
A key pair, consisting of a public key and a private key that is intended
Ephemeral Key
A cryptographic key that is generated for each execution of a key-establishment
End-to-End Encryption
Communications encryption in which data is encrypted when being passed
Demilitarized Zone (DMZ)
Perimeter network segment that is logically between internal and external networks.