2. An individual who is required to use COMSEC material in the performance of his/her official duties and who is responsible for safeguarding that COMSEC material.
An individual (person), organization, device or a combination thereof. “Party” is a synonym. In this Recommendation, an entity may be a functional unit that executes certain processes.
Individual, or (system) process acting on behalf of an individual, authorized to access an information system. [Note: With respect to SecCM, an information system user is an individual who uses the information system functions, initiates change requests, and assists with functional testing.]
See NIST SP 800-128 under Information System User for more information.
The term user refers to an individual, group, host, domain, trusted communication channel, network address/port, another netwoik, a remote system (e.g., operations system), or a process (e.g., service or program) that accesses the network, or is accessed by it, including any entity that accesses a network support entity to perform OAM&Prelated tasks. Regardless of their role, users must be required to successfully pass an identification and authentication (I&A) mechanism. For example, I&A would be required for a security or system administrator. For customers, I&A could be required for billing purposes. For some services (e.g.. Emergency Services) a customer may not need to be authenticated by the system.
The entity, human or machine, that is identified by the userID, authenticated prior to system access, the subject of all access control decisions, and held accountable via the audit reporting system.
