Term
|
Definition
| the method by which systems determine whether and how to admit a user into a trusted area of the organization. |
|
|
Term
| mandatory access controls (MAC) |
|
Definition
| use data classification schemes; they give users and data owners limited control over access to information resources. |
|
|
Term
| lattice-based access control |
|
Definition
| users are assigned a matrix of authorizations for particular areas of access. |
|
|
Term
| Access control list (ACL) |
|
Definition
| the column of attributes associated with a particular object |
|
|
Term
| non discretionary controls |
|
Definition
| a strictly-enforced version of MACs that are managed by a central authority in the organization and can be based on an individual's role. |
|
|
Term
|
Definition
| controls that are tied to the role a user performs in an organization |
|
|
Term
|
Definition
| controls that are tied to a particular assignment or responsibility |
|
|
Term
| Discretionary access controls (DACs) |
|
Definition
| controls that are implemented at the discretion or option of the data user. |
|
|
Term
|
Definition
| a mechanism whereby an unverified entity that seeks access to a resource proposes a label by which they are known to the system. |
|
|
Term
|
Definition
| the process of validating a supplicant's purported identity |
|
|
Term
|
Definition
| a private word or combination of characters that only the user should know |
|
|
Term
|
Definition
Something you know
something you have
something you are |
|
|
Term
|
Definition
| a series of characters, typically longer than a password, from which a virtual password is derived. |
|
|
Term
|
Definition
| ID cards or ATM cards with magnetic stripes containing the digital user PIN, against which the number a user input is compared. |
|
|
Term
|
Definition
| contains computer chip that can verify and validate a number of pieces of information instead of just a PIN. |
|
|
Term
|
Definition
| the process of using two different authentication mechanisms drawn from two different factors of authentication |
|
|
Term
|
Definition
| the matching of an authenticated entity to a list of information assets and corresponding access levels. |
|
|
Term
|
Definition
| an information security program is similar to a building's firewall in that it prevents specific types of information from moving between the outside world. |
|
|
