Glossary of Key Information Security Terms (NIST) part 30 / I

IA Infrastructure –

The underlying security framework that lies beyond an enterprise’s defined boundary, but supports its IA and IA-enabled products, its security posture and its risk management plan.

IA Product –

Product whose primary purpose is to provide security services (e.g., confidentiality, authentication, integrity, access control, non-repudiation of data); correct known vulnerabilities; and/or provide layered defense against various categories of non-authorized or malicious penetrations of information systems or networks.

IA-Enabled Information Technology Product –

Product or technology whose primary role is not security, but which provides security services as an associated feature of its intended operating capabilities. Examples include such products as security-enabled Web browsers, screening routers, trusted operating systems, and security-enabled messaging systems.

IA-Enabled Product –

Product whose primary role is not security, but provides security services as an associated feature of its intended operating capabilities. Note: Examples include such products as security-enabled Web browsers, screening routers, trusted operating systems, and security enabling messaging systems.

Identification –

The process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system.

Identification –

The process of discovering the true identity (i.e., origin, initial history) of a person or item from the entire collection of similar persons or items. An act or process that presents an identifier to a system so that the system can recognize a system entity (e.g., user, process, or device) and distinguish that entity from all others.

Identifier –

Unique data used to represent a person’s identity and associated attributes. A name or a card number are examples of identifiers. A data object - often, a printable, non-blank character string - that definitively represents a specific identity of a system entity, distinguishing that identity from all others.

Identity –

A set of attributes that uniquely describe a person within a given context. The set of physical and behavioral characteristics by which an individual is uniquely recognizable. The set of attribute values (i.e., characteristics) by which an entity is recognizable and that, within the scope of an identity manager’s responsibility, is sufficient to distinguish that entity from any other entity.

Identity-Based Access Control –

Access control based on the identity of the user (typically relayed as a characteristic of the process acting on behalf of that user) where access authorizations to specific objects are assigned based on user identity.

Identity-Based Security Policy –

A security policy based on the identities and/or attributes of the object (system resource) being accessed and of the subject (user, group of users, process, or device) requesting access.

Identity Binding –

Binding of the vetted claimed identity to the individual (through biometrics) according to the issuing authority.

Identity Proofing –

The process by which a Credentials Service Provider (CSP) and a Registration Authority (RA) collect and verify information about a person for the purpose of issuing credentials to that person.

Identity Proofing –

The process of providing sufficient information (e.g., identity history, credentials, documents) to a Personal Identity Verification Registrar when attempting to establish an identity.

Identity Registration –

The process of making a person’s identity known to the Personal Identity Verification (PIV) system, associating a unique identifier with that identity, and collecting and recording the person’s relevant attributes into the system.

Identity Token –

Smart card, metal key, or other physical object used to authenticate identity.

Identity Validation –

Tests enabling an information system to authenticate users or resources.

Identity Verification –

The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in the PIV Card of system and associated with the identity being claimed.

Identity Verification –

The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in the PIV Card or system and associated with the identity being claimed.

Image –

An exact bit-stream copy of all electronic data on a device, performed in a manner that ensures that the information is not altered.

Imitative Communications Deception –

Introduction of deceptive messages or signals into an adversary's telecommunications signals. See also Communications Deception and Manipulative Communications Deception.