Page 354

AUDITING—the process of making and keeping the records necessary to support accountability. See audit trail.

AUDIT TRAIL—the results of monitoring each operation of subjects on objects; for example, an audit trail might be a record of all actions taken on a particularly sensitive file or a record of all users who viewed that file.

AUTHENTICATION (OF IDENTITY)—an adjunct step to identification that confirms an asserted identity with a specified, or understood, level of confidence. Authentication can be used to provide high assurance that the purported identity is, in fact, the correct identity associated with the entity that provides it. The authentication mechanism can be based on something that the entity knows, has, or is (e.g., a password, a smart card that uses some encryption or random number for a challenge-response scheme, or a fingerprint).

AUTHENTICATION OF A MESSAGE (OR A FILE)—the process of adding one or more additional data elements to communications traffic (or files) to ensure the integrity of the traffic (or files). Such additional elements are often called ''message authenticator(s)" and would be an example of an integrity lock.

AUTHENTICITY—a security service that provides a user with a means of verifying the identity of the sender of a message, a file, a computer system, a software process, or even a database or individual software component.

AUTHORIZATION—determining whether a subject (a user or system) is trusted to act for a given purpose, for example, allowed to read a particular file.

AVAILABILITY—the property that a given resource will be usable during a given time period, for example, that an encrypted file can be decrypted when necessary.


BACK DOOR—an aspect of a system's mechanism that can be exploited to circumvent the system's security.

BINARY DIGIT—one of the two symbols (0 and 1) that are commonly used to represent numerical entries in the binary number system.

BIT—a contraction of the term "binary digit."

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement