Glossary of Security Terms
Methods of limiting access to an information system resources based on any number of criteria.
The process of identifying an individual is usually based on a username and password, or certificate.
The process of permitting access to information system resources based on an individual's identity, group, or role.
Encryption is a method which:
- Scrambles messages and stored content to prevent it from being read by anyone but the intended recipients.
- Hash messages to prove their original content.
- Sign messages to prove the user that sent them.
The practice of limiting access to the minimal level that will allow normal functioning. This means giving a user account only those privileges that are essential to that user's work.
A predefined authorization to perform a task. A set of permissions can be assigned to roles.
A role is a collection of permissions.
System Security is a process by which computer-based equipment, information, and services are protected from unintended or unauthorized access, change, or damage.
A unique identity by which people and processes are granted access to system resources via authorizations. User identities are also recorded as the origin for specific transactions.