Glossary of Key Information Security Terms (NIST) part 28 / F - G - H

Formal Method –

Mathematical argument which verifies that the system satisfies a mathematically-described security policy.

Formal Proof –

Complete and convincing mathematical argument presenting the full logical justification for each proof step and for the truth of a theorem or set of theorems.

Formal Security Policy –

Mathematically-precise statement of a security policy.

Formatting Function –

The function that transforms the payload, associated data, and nonce into a sequence of complete blocks.

Forward Cipher –

One of the two functions of the block cipher algorithm that is determined by the choice of a cryptographic key. The term “forward cipher operation” is used for TDEA, while the term “forward transformation” is used for DEA.

Frequency Hopping –

Repeated switching of frequencies during radio transmission according to a specified algorithm, to minimize unauthorized interception or jamming of telecommunications.

Full Disk Encryption (FDE) –

The process of encrypting all the data on the hard disk drive used to boot a computer, including the computer’s operating system, and permitting access to the data only after successful authentication with the full disk encryption product.

Full Maintenance –

Complete diagnostic repair, modification, and overhaul of COMSEC equipment, including repair of defective assemblies by piece part replacement. See Limited Maintenance.

Functional Testing –

Segment of security testing in which advertised security mechanisms of an information system are tested under operational conditions.

Gateway –

Interface providing compatibility between networks by converting transmission speeds, protocols, codes, or security measures.

General Support System –

An interconnected set of information resources under the same direct management control that shares common functionality. It normally includes hardware, software, information, data, applications, communications, and people.

Global Information Grid (GIG) –

The globally interconnected, end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information on demand to warfighters, policy makers, and support personnel. The GIG includes owned and leased communications and computing systems and services, software (including applications), data, security services, other associated services, and National Security Systems. Non-GIG IT includes stand-alone, self-contained, or embedded IT that is not, and will not be, connected to the enterprise network.

Global Information Infrastructure – (GII)

Worldwide interconnections of the information systems of all countries, international and multinational organizations, and international commercial communications.

Graduated Security –

A security system that provides several levels (e.g., low, moderate, high) of protection based on threats, risks, available technology, support services, time, human concerns, and economics.

Group Authenticator –

Used, sometimes in addition to a sign-on authenticator, to allow access to specific data or functions that may be shared by all members of a particular group.

Guard (System) –

A mechanism limiting the exchange of information between information systems or subsystems.

Guessing Entropy –

A measure of the difficulty that an Attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution.

Hacker –

Unauthorized user who attempts to or gains access to an information system.

Handshaking Procedures –

Dialogue between two information systems for synchronizing, identifying, and authenticating themselves to one another.

Hard Copy Key –

Physical keying material, such as printed key lists, punched or printed key tapes, or programmable, read-only memories (PROM).