Glossary of Key Information Security Terms (NIST) part 23 / E

Electronic Key Management System (EKMS) –

Interoperable collection of systems being developed by services and agencies of the U.S. government to automate the planning, ordering, generating, distributing, storing, filling, using, and destroying of electronic key and management of other types of COMSEC material.

Electronic Messaging Services –

Services providing interpersonal messaging capability; meeting specific functional, management, and technical requirements; and yielding a business-quality electronic mail service suitable for the conduct of official government business.

Electronic Signature –

The process of applying any mark in electronic form with the intent to sign a data object. See also Digital Signature.

Electronically Generated Key –

Key generated in a COMSEC device by introducing (either mechanically or electronically) a seed key into the device and then using the seed, together with a software algorithm stored in the device, to produce the desired key.

Emanations Security (EMSEC) –

Protection resulting from measures taken to deny unauthorized individuals information derived from intercept and analysis of compromising emissions from crypto-equipment or an information system. See TEMPEST.

Embedded Computer –

Computer system that is an integral part of a larger system.

Embedded Cryptographic System –

Cryptosystem performing or controlling a function as an integral element of a larger system or subsystem.

Embedded Cryptography –

Cryptography engineered into an equipment or system whose basic function is not cryptographic.

Encipher –

Convert plain text to cipher text by means of a cryptographic system.

Enclave –

Collection of information systems connected by one or more internal networks under the control of a single authority and security policy. The systems may be structured by physical proximity or by function, independent of location.

Enclave Boundary –

Point at which an enclave’s internal network service layer connects to an external network’s service layer, i.e., to another enclave or to a Wide Area Network (WAN).

Encode –

Convert plain text to cipher text by means of a code.

Encrypt –

Generic term encompassing encipher and encode.

Encrypted Key –

A cryptographic key that has been encrypted using an Approved security function with a key encrypting key, a PIN, or a password in order to disguise the value of the underlying plaintext key.

Encrypted Network –

A network on which messages are encrypted (e.g., using DES, AES, or other appropriate algorithms) to prevent reading by unauthorized parties.

Encryption 1 –

Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.

Encryption 2 –

The process of changing plaintext into ciphertext for the purpose of security or privacy.

Encryption Algorithm –

Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.

Encryption Certificate –

A certificate containing a public key that is used to encrypt electronic messages, files, documents, or data transmissions, or to establish or exchange a session key for these same purposes.

End-Item Accounting –

Accounting for all the accountable components of a COMSEC equipment configuration by a single short title.