Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Glossary

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z  |  Symbols

Authorize Processing

Acronym(s):

None

Definition(s):

  See authorization.
Source(s): CNSSI 4009-2015 (NIST SP 800-53 Rev. 4, NIST SP 800-37 Rev. 1)

Synonym(s):
Authorization
  Access privileges granted to a user, program, or process or the act of granting those privileges.
Source(s): CNSSI 4009-2015   A procedure to verify whether an entity is eligible to access a requested network or service.
Source(s): NIST SP 800-120   The process that takes place after authentication is complete to determine which resources/services are available to a WiMAX device.
Source(s): NIST SP 800-127   The process of verifying that a requested action or service is approved for a specific entity.
Source(s): NIST SP 800-152   The granting or denying of access rights to a user, program, or process.
Source(s): NIST SP 800-27 Rev. A NIST SP 800-33   The process of defining and maintaining the allowed actions.
Source(s): NIST SP 800-36   Access privileges that are granted to an entity; conveying an “official” sanction to perform a security function or activity.
Source(s): NIST SP 800-57 Part 1 Rev. 3   Access privileges granted to an entity; conveys an “official” sanction to perform a security function or activity.
Source(s): NIST SP 800-57 Part 2   Access privileges granted to an entity; conveys an “official” sanction to perform a given security function or activity.
Source(s): NIST SP 800-57 Part 3 Rev. 1   The right or a permission that is granted to a system entity to access a system resource.
Source(s): NIST SP 800-82 Rev. 2
Accreditation
  The official management decision given by a senior agency official to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls.
Source(s): FIPS 200 NIST SP 800-18 Rev. 1 NIST SP 800-82 Rev. 2   Also known as authorize processing (OMB Circular A-130, Appendix III), and approval to operate. Accreditation (or authorization to process information) is granted by a management official and provides an important quality control. By accrediting a system or application, a manager accepts the associated risk. Accreditation (authorization) must be based on a review of controls. (See Certification.).
Source(s): NIST SP 800-16   Formal declaration by a Designated Approving Authority that an Information System is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.
Source(s): NIST SP 800-32
See Also:

None