expand for answer
Capability List
Each row of an access control matrix is a capability list. A capability list is tied to the subject; it lists valid actions that can be taken on each object.
Similar items:
A table of subjects and objects that indicates the actions or functions that each subject can perform on each object. Each column of the matrix is an ACL. Each row of the matrix is a capability list.
[view]
[view]
INFOSec mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following: (1) valid security clearance for the most restricted information processed in the system; (2) formal access approval and signed nondisclosure agreements for that information which a user is to have access; and (3) valid needtoknow for information that a user is to have access. Mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following: (a) valid security clearance for the most restricted information processed in the system; (b) formal access approval and signed nondisclosure agreements for that information which a user is to have access; and (c) valid needtoknow for information which a user is to have access.
[view]
[view]
Information system security mode of operation wherein each user, with direct or indirect access to the information system, its peripherals, remote terminals, or remote hosts, has all of the following: a. valid security clearance for all information within an information system; b. formal access approval and signed nondisclosure agreements for all the information stored and/or processed (including all compartments, subcompartments and/or special access programs); and c. valid needto know for some of the information contained within the information system. IS security mode of operation wherein each user, with direct or indirect access to the IS, its peripherals, remote terminals, or remote hosts, has all of the following: (a) valid security clearance for all information within an IS; (b) formal access approval and signed nondisclosure agreements for all the information stored and processed (including all compartments and special access programs); and (c) valid needtoknow for some of the information contained within the IS. See system-high security mode.
[view]
[view]
<p>(1) A security principle stating that individuals must be able to be identified. With accountability, violations or attempted violations can be traced to individuals who can be held responsible for their actions. </p><p>(2) The ability to map a given activity or event back to the responsible party; the property that ensures that the actions of an entity can be traced to that entity. </p><p>(IS) Process of tracing information system activities to a responsible source. </p><p>(COMSEC) Principle that an individual is entrusted to safeguard and control equipment, keying material, and information and is answerable to proper authority for the loss or misuse of that equipment or information. </p><p>The process of holding someone responsible (accountable) for something. In this context, accountability is possible if a subject’s identity and actions can be tracked and verified.</p>
[view]
[view]
An identifiable set of data values treated as a unit, an occurrence of a schema in a database, or collection of atomic data items describing a specific object, event, or tuple (e. g. , row of a table).
[view]
[view]
There are no comments yet.