Skip to main content

Glossary of Security Terms

Access Controls

Methods of limiting access to an information system resources based on any number of criteria.


The process of identifying an individual is usually based on a username and password, or certificate.


The process of permitting access to information system resources based on an individual's identity, group, or role.


Encryption is a method which:

  • Scrambles messages and stored content to prevent it from being read by anyone but the intended recipients.

  • Hash messages to prove their original content.

  • Sign messages to prove the user that sent them.

Least Privilege

The practice of limiting access to the minimal level that will allow normal functioning. This means giving a user account only those privileges that are essential to that user's work.


A predefined authorization to perform a task. A set of permissions can be assigned to roles.


A role is a collection of permissions.

System Security

System Security is a process by which computer-based equipment, information, and services are protected from unintended or unauthorized access, change, or damage.


A unique identity by which people and processes are granted access to system resources via authorizations. User identities are also recorded as the origin for specific transactions.