An access policy determined by the owner of a file or other resource. See also MAC.
A database of databases.
A special-purpose database used for decision support or research purposes.
Restricts access by different subjects to various objects in a database.
Data communications equipment. See also DTE.
The process of transforming ciphertext into plaintext.
The principle of protecting assets by using layers of dissimilar mechanisms.
Used to aid the court’s understanding of a legal case.
An attack on a system or network with the intention of making the system or network unavailable for use.
A commonly used symmetric key algorithm that uses a 56-bit key and operates on 64-bit blocks. See also AES.
Controls that identify violations and incidents.
Controls that discourage violations.
The next-generation RADIUS protocol. See also RADIUS.
A more focused type of brute force attack in which a predefined word list is used. See also Brute force attack.
A key agreement algorithm based on discrete logarithms.
A certificate that binds an identity with a public encryption key.
Oral testimony or a written statement based on information gathered through the witness’s five senses that proves or disproves a specific fact or issue.
A duplicate copy of all data is written to another disk or set of disks.
Data is written across multiple disks but does-n’t provide redundancy or fault tolerance.
Data is written across multiple disks along with parity data that provides fault tolerance should one disk fail.
A software application in which its components reside in several systems or locations.
Formalizes the certification and accreditation process for U.S. Department of Defense information systems.
Includes originals and copies of business records, computer-generated and computer-stored records, manuals, policies, standards, procedures, and log files.
A collection of users, computers, and resources with a common security policy and single administration.
Published by NIST (see also NIST) in Federal Information Processing Standard (FIPS) 186-1, specifies two acceptable algorithms in its standard: The RSA Digital Signature Algorithm and the Digital Signature Algorithm (DSA). See also RSA.
Data Terminal Equipment. See also DCE.
The steps that an organization takes to implement security best practices.
The prudent management and execution of due care.
The process of examining garbage with the intention of finding valuable goods or information.
A password that changes at some regular interval or event.