Glossary

Glossary


Access Control


Limiting access to information system resources only to authorized users, programs, processes, or other systems.


Back to top


Accessibility


A measure of the relative ease of admission to the various areas of an item for the purpose of operation or maintenance.


Back to top


Accessible


Data and services can be accessed via the Global Information Grid (GIG) by users and applications in the Enterprise. Data and services are made available to any user of application except where limited by law, policy, security classification, or operational necessity.

Source: DIEA Glossary


Back to top


Acquisition Plan (AP)


A formal written document reflecting the specific actions necessary to execute the approach established in the approved acquisition strategy and guiding contractual implementation.


Back to top


Acquisition Program


A directed, funded effort that provides a new, improved, or continuing materiel, weapon or information system, or service capability in response to an approved need.


Back to top


Act


1) A bill or measure after it passes one or both Houses of Congress. 2) A law in place.


Back to top


Adequate Security


Security commensurate with the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of information. This includes assuring that systems and applications operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of cost-effective management, acquisition, development, installation, operational, and technical controls.


Back to top


Adversary


Any individual, group, organization, or government that conducts activities, or has the intention and capability to conduct activities, detrimental to critical assets.


Back to top


AFEI


Association for Enterprise Information


Back to top


Agent


A kind of intermediary service which acts on behalf of another service (service provider or requester) according to rules established upon its invocation.


Back to top


Aggregation


The ability to get a more complete picture of the information by analyzing several different types of records at once.


Back to top


Alias


A name that points to a resource with a different name. In the context of email, an alias is an email address which, when it receives email, directs that mail to an email account on the same domain with a different address. In the context of domain names, a domain alias is a domain name that points to a website at a different address, such as mydomain.net pulling up mydomain.com. mydomain.net would be an alias of mydomain.com.


Back to top


All-Source


Intelligence product or analysis that uses all the sources of intelligence available to come to a conclusion, instead of just relying on one primary source. This may also be referred to as multi-INT reporting.


Back to top


All Hazards Consortium (AHC)


The All Hazards Consortium exists to create a new approach to addressing complex, persistent public/private issues in disaster management, business continuity and cyber security.


Source: www.ahcusa.org


Back to top


Amendment


Modification, addition or deletion of specific parts of the content of a normative document. NOTE: The results of amendment are usually presented by issuing a separate amendment sheet to the normative document.


Back to top


American National Standards Institute (ANSI)


The voice of the U.S. standards and conformity assessment system that empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.


Back to top


American Standard Code for Information Interchange (ASCII)


The ASCII format provides computer systems with a common language for exchanging information.


Back to top


ANSI


American National Standards Institute


Back to top


API


Application Programming Interface


Back to top


Applet


A small application, with limited functionality, designed to operate in a componentware and/or middleware environment.


Back to top


Application


Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring, or administrative privileges.


Back to top


Application Platform


The collection of hardware and software components that provide the infrastructure services used by application programs. APIs make the specific characteristics of the platform transparent and accessible to the application.


Back to top


Application Portability


The ability to move software among computers without rewriting it. This may be provided in three ways; as source code portability, pseudocode portability, or binary code portability.


Back to top


Application Programming Interface (API)


An interface definition that permits invoking services from application programs without knowing details of their internal implementation.


Back to top


Application Schema


A set of conceptual schema for data required by one or more applications. An application schema contains selected parts of the base schemas presented in the ORM Information Viewpoint. Designers of application schemas may extend or restrict the types defined in the base schemas to define appropriate types for an application domain. Application schemas are information models for a specific information community.


Back to top


Application Software


The computing elements supporting users’ particular needs. Frequently includes data, documentation, and training, as well as programs.


Back to top


Architectural Artifacts


The relevant documentation, models, diagrams, depictions, and analyses, including a baseline repository and standards and security profiles.


Back to top


Architectural Framework


Identifies key interfaces and services, and provides a context for identifying and resolving policy, management and strategic technical issues. Constrains implementation by focusing on interfaces, but does not dictate design or specific technical solutions.


Back to top


Architecture


The organizational structure and associated behavior of a system. An architecture can be recursively decomposed into parts that interact through interfaces, relationships that connect parts, and constraints for assembling parts. Parts that interact through interfaces include classes, components, and subsystems.


Back to top


Architecture Product


The structure of components, their interrelationships, and the principles and guidelines governing their design and evolution over time.


Back to top


Association of State Criminal Investigative Agencies (ASCIA)


Association of State Criminal Investigative Agencies is a professional association consisting of the senior executives of the state wide criminal investigative agencies in the United States whether they are independent bureau within the state or a state police agency with both criminal and other enforcement responsibilities.


Source: www.ascia.org


Back to top


ASCII


American Standard Code for Information Interchange


Back to top


Assurance


Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.


Back to top


Attack


Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.


Back to top


Attribute Based Access Control (ABAC)


Attribute based access control represents a point on the spectrum of logical access control from simple access control lists to more capable role-based access, and finally to a highly flexible method for providing access based on the evaluation of attributes.


Source: NIST.gov


Back to top


Authentication


The process of verifying the identity or other attributes claimed by or assumed of an entity (user, process, or device), or to verify the source and integrity of data.


Back to top


Authenticator


The means used to confirm the identity of a user, processor, or device (e.g., user password or token).


Back to top


Authenticity


The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. See Authentication.

Back to top


Authoritative Body


The recognized, sustainable organization empowered to speak for stakeholders within the context of a given subject area.


Back to top


Authoritative Source


The recognized primary supplier of reliable, accurate, and current data, information, or knowledge about some thing for subsequent use by consumers.


Back to top


Authorization


Access privileges granted to a user, program, or process or the act of granting those privileges.


Back to top