expand for answer
Accountability
(1) A security principle stating that individuals must be able to be identified. With accountability, violations or attempted violations can be traced to individuals who can be held responsible for their actions.
(2) The ability to map a given activity or event back to the responsible party; the property that ensures that the actions of an entity can be traced to that entity.
(IS) Process of tracing information system activities to a responsible source.
(COMSEC) Principle that an individual is entrusted to safeguard and control equipment, keying material, and information and is answerable to proper authority for the loss or misuse of that equipment or information.
The process of holding someone responsible (accountable) for something. In this context, accountability is possible if a subject’s identity and actions can be tracked and verified.
Similar items:
Administrative entity, identified by an account number, used to maintain accountability, custody, and control of COMSEC material. Administrative entity, identified by an account number, used to maintain accountability, custody, and control of COMSec material.
[view]
[view]
Analysis, assessment, and review of audit trails and other information collected for the purpose of searching out system events that may constitute violations of system security. The analysis assessment and review of audit trails and other data collected to search out system events that may constitute violations or precipitate incidents involving data privacy.
[view]
[view]
A routing protocol that maintains a topography map of all connected networks and uses this map to determine the shortest path to the destination.
[view]
[view]
(1) The process, generally employing unique machinereadable names, that enables recognition of users or resources as identical to those previously described to the computer system. (2) The assignment of a name by which an entity can be referenced. The entity may be high level (such as a user) or low level (such as a process or communication channel). Process an information system uses to recognize an entity. The process by which a subject professes an identity and accountability is initiated. The identification process can consist of a user providing a username, a logon ID, a PIN, or a smart card or a process providing a process ID number.
[view]
[view]
<p>FIPS 140-2, Security Requirements for Cryptographic Modules, May 2001.</p><p>This term refers to the accreditation used to distinguish between secure and well-established crypto modules produced in the private sector. It stands as a certification for those producers who need them to be used in regulated industries that typically collect, store, transfer, and share data that is deemed to be sensitive in nature but not classified.<br></p><p>FIPS 140-2 defines four levels of security, simply named "Level 1" to "Level 4". It does not specify in detail what level of security is required by any particular application.</p><p>Level 1<br>Security Level 1 provides the lowest level of security. Basic security requirements are specified for a cryptographic module (e.g., at least one Approved algorithm or Approved security function shall be used). No specific physical security mechanisms are required in a Security Level 1 cryptographic module beyond the basic requirement for production-grade components. An example of a Security Level 1 cryptographic module is a personal computer (PC) encryption board.</p><p>Level 2<br>Security Level 2 improves upon the physical security mechanisms of a Security Level 1 cryptographic module by requiring features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access.</p><p>Level 3<br>In addition to the tamper-evident physical security mechanisms required at Security Level 2, Security Level 3 attempts to prevent the intruder from gaining access to CSPs held within the cryptographic module. Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module. The physical security mechanisms may include the use of strong enclosures and tamper-detection/response circuitry that zeroes all plaintext CSPs when the removable covers/doors of the cryptographic module are opened</p><p>Level 4<br>Security Level 4 provides the highest level of security. At this security level, the physical security mechanisms provide a complete envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access. Penetration of the cryptographic module enclosure from any direction has a very high probability of being detected, resulting in the immediate deletion of all plaintext CSPs.<br>Security Level 4 cryptographic modules are useful for operation in physically unprotected environments. Security Level 4 also protects a cryptographic module against a security compromise due to environmental conditions or fluctuations outside of the module's normal operating ranges for voltage and temperature. Intentional excursions beyond the normal operating ranges may be used by an attacker to thwart a cryptographic module's defenses. A cryptographic module is required to either include special environmental protection features designed to detect fluctuations and delete CSPs, or to undergo rigorous environmental failure testing to provide a reasonable assurance that the module will not be affected by fluctuations outside of the normal operating range in a manner that can compromise the security of the module.</p>
[view]
[view]
There are no comments yet.