Continuous surveillance and control of positive control material at all times
by a minimum of two authorized individuals, each capable of detecting
incorrect and/or unauthorized procedures with respect to the task being
performed, and each familiar with established security and safety
requirements. [CNSS4009]
Assurance that the sender is provided with proof of delivery and that the
recipient is provided with proof of the sender's identity so that neither can
later deny having processed the data. [CNSS 4009]
An entity with a digital identity that acts in cyberspace, but is not a human actor. This can include organizations, hardware devices, software applications, and information artifacts. [CNSS 4009]
Protection against unauthorized modification or destruction of information.
[CNSS 4009]
Ability to make use of any information system (IS) resource. [CNSS 4009]
The process of exchanging public keys (and other information) in order to
establish secure communication. [DoD CP]
The set of hardware, software, firmware, or some combination thereof that implements cryptographic logic or processes, including cryptographic algorithms, and is contained within the cryptographic boundary of the module. [FIPS 140]
In a hierarchical PKI, the CA whose public key serves as the most trusted
datum (i.e., the beginning of trust paths) for a security domain. [DoD CP]
Security measure designed to establish the validity of a transmission,
message, or originator, or a means of verifying an individual's authorization
to receive specific categories of information. [CNSS 4009]
Unclassified router-based data network system, part of the Defense
Information Infrastructure. [DoD CP]
The globally interconnected, end-to-end set of information capabilities, and associated processes for collecting, processing, storing, disseminating, and managing information on-demand to warfighters, policy makers, and support personnel, including owned and leased communications and computing systems and services, software (including applications), data, security services, other associated services, and national security systems.
[JP 1-02, JP 3-12]
Time span during which each key setting remains in effect. [CNSS 4009]
Copy of files and programs made to facilitate recovery if necessary. [CNSS 4009]
Disclosure of information to unauthorized persons, or a violation of the
security policy of a system in which unauthorized intentional or
unintentional disclosure, modification, destruction, or loss of an object may
have occurred. [CNSS 4009]