Glossary

From "Acceptance" to "XSLT," use this alphabetical listing to get familiar with commonly used acronyms and terms related to ISE.

Access Control

Limiting access to information system resources only to authorized users, programs, processes, or other systems.

Source:
CNSSI 4009
Accessibility

A measure of the relative ease of admission to the various areas of an item for the purpose of operation or maintenance.

Source:
DoDI 5000.02
Accessible

Data and services can be accessed via the Global InformatioN Grid (GIG) by users and applications in the Enterprise. Data and services are made available to any user of application except where limited by law, policy, security classification, or operational necessity.

Source: DIEA Glossary

Source:
Acquisition Plan (AP)

A formal written document reflecting the specific actions necessary to execute the approach established in the approved acquisition strategy and guiding contractual implementation.

Source:
DoDI 5000.02
Acquisition Program

A directed, funded effort that provides a new, improved, or continuing materiel, weapon or information system, or service capability in response to an approved need.

Source:
DoDD 5000.1
Act

1) A bill or measure after it passes one or both Houses of Congress. 2) A law in place.

Source:
DoDI 5000.02
Adequate Security

Security commensurate with the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of information. This includes assuring that systems and applications operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of cost-effective management, acquisition, development, installation, operational, and technical controls.

Source:
ISM Handbook
Adversary

Any individual, group, organization, or government that conducts activities, or has the intention and capability to conduct activities, detrimental to critical assets.

Source:
ISM Handbook
AFEI

Association for Enterprise Information

Source:
Association for Enterprise Information
Agent

A kind of intermediary service which acts on behalf of another service (service provider or requester) according to rules established upon its invocation.

Source:
OGC Glossary of Terms
Aggregation

The ability to get a more complete picture of the information by analyzing several different types of records at once

Source:
EBK2008
Alias

A name that points to a resource with a different name. In the context of email, an alias is an email address which, when it receives email, directs that mail to an email account on the same domain with a different address. In the context of domain names, a domain alias is a domain name that points to a website at a different address, such as mydomain.net pulling up mydomain.com. mydomain.net would be an alias of mydomain.com.

Source:
TrustMeher Glossary
All Hazards Consortium (AHC)

The All Hazards Consortium exists to create a new approach to addressing complex, persistent public/private issues in disaster management, business continuity and cyber security.

Source - www.ahcusa.org

Source:
All-Source

Intelligence product or analysis that uses all the sources of intelligence available to come to a conclusion, instead of just relying on one primary source. This may also be referred to as multi-INT reporting.

Source:
National Intelligence: A Consumer’s Guide
Amendment

Modification, addition or deletion of specific parts of the content of a normative document. NOTE: The results of amendment are usually presented by issuing a separate amendment sheet to the normative document.

Source:
ISO/IEC Guide 2
American National Standards Institute (ANSI)

The voice of the U.S. standards and conformity assessment system that empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment

Source:
American National Standards Institute
American Standard Code for Information Interchange (ASCII)

The ASCII format provides computer systems with a common language for exchanging information.

Source:
OGC Glossary of Terms
ANSI

American National Standards Institute

Source:
American National Standards Institute
API

Application Programming Interface

Source:
OGC Glossary of Terms
Applet

A small application, with limited functionality, designed to operate in a componentware and/or middleware environment.

Source:
OGC Glossary of Terms
Application

Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring, or administrative privileges.

Source:
CNSSI 4009
Application Platform

The collection of hardware and software components that provide the infrastructure services used by application programs. APIs make the specific characteristics of the platform transparent and accessible to the application.

Source:
OGC Glossary of Terms
Application Portability

The ability to move software among computers without rewriting it. This may be provided in three ways; as source code portability, pseudocode portability, or binary code portability.

Source:
OGC Glossary of Terms
Application Programming Interface (API)

An interface definition that permits invoking services from application programs without knowing details of their internal implementation.

Source:
OGC Glossary of Terms
Application Schema

A set of conceptual schema for data required by one or more applications. An application schema contains selected parts of the base schemas presented in the ORM Information Viewpoint. Designers of application schemas may extend or restrict the types defined in the base schemas to define appropriate types for an application domain. Application schemas are information models for a specific information community.

Source:
OGC Glossary of Terms
Application Software

The computing elements supporting users’ particular needs. Frequently includes data, documentation, and training, as well as programs.

Source:
OGC Glossary of Terms
Architectural Artifacts

The relevant documentation, models, diagrams, depictions, and analyses, including a baseline repository and standards and security profiles.

Source:
A Practical Guide to Federal Enterprise Architecture
Architectural Framework

Identifies key interfaces and services, and provides a context for identifying and resolving policy, management and strategic technical issues. Constrains implementation by focusing on interfaces, but does not dictate design or specific technical solutions.

Source:
OGC Glossary of Terms
Architecture

The organizational structure and associated behavior of a system. An architecture can be recursively decomposed into parts that interact through interfaces, relationships that connect parts, and constraints for assembling parts. Parts that interact through interfaces include classes, components, and subsystems.

Source:
CJCSI 6212.01E]
Architecture Product

The structure of components, their interrelationships, and the principles and guidelines governing their design and evolution over time.

Source:
A Practical Guide to Federal Enterprise Architecture
ASCII

American Standard Code for Information Interchange

Source:
OGC Glossary of Terms
Association of State Criminal Investigative Agencies (ASCIA)

Association of State Criminal Investigative Agencies is a professional association consisting of the senior executives of the state wide criminal investigative agencies in the United States whether they are independent bureau within the state or a state police agency with both criminal and other enforcement responsibilities.

Source – www.ascia.org

Source:
Assurance

Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.

Source:
CNSSI 4009
Attack

Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

Source:
CNSSI 4009
Attribute Based Access Control (ABAC)

Attribute based access control represents a point on the spectrum of logical access control from simple access control lists to more capable role-based access, and finally to a highly flexible method for providing access based on the evaluation of attributes.

Source – NIST.gov

Source:
Authentication

The process of verifying the identity or other attributes claimed by or assumed of an entity (user, process, or device), or to verify the source and integrity of data.

Source:
CNSSI 4009
Authenticator

The means used to confirm the identity of a user, processor, or device (e.g., user password or token).

Source:
NIST SP 800-53
Authenticity

The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. See Authentication.

Source:
CNSSI 4009
Authoritative Body

The recognized, sustainable organization empowered to speak for stakeholders within the context of a given subject area.

Source:
PCI TT
Authoritative Source

The recognized primary supplier of reliable, accurate, and current data, information, or knowledge about some thing for subsequent use by consumers.

Source:
PCI TT
Authorization

Access privileges granted to a user, program, or process or the act of granting those privileges.

Source:
CNSSI 4009