Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Object, Assessment

Abbreviation(s) and Synonym(s):

Assessment Object
Object

Definition(s):

  The item (i.e., specifications, mechanisms, activities, individuals) upon which an assessment method is applied during an assessment.
Source(s):
NIST SP 800-53A Rev. 4 under Assessment Object

  The item (specifications, mechanisms, activities, individuals) upon which an assessment method is applied during an assessment.
Source(s):
NIST SP 800-137 under Assessment Object (NISTIR 7298)

  Passive information system-related entity (e.g., devices, files, records, tables, processes, programs, domains) containing or receiving information. Access to an object (by a subject) implies access to the information it contains. See Subject.
Source(s):
NIST SP 800-53 Rev. 4 under Object

  See Object, Assessment.
Source(s):
NISTIR 8011 Vol. 1 under Assessment Object
NISTIR 8011 Vol. 1 under Object

  Assessment objects identify the specific items being assessed, and as such, can have one or more security defects. Assessment objects include specifications, mechanisms, activities, and individuals which in turn may include, but are not limited to, devices, software products, software executables, credentials, accounts, account-privileges, things to which privileges are granted (including data and physical facilities), etc. See SP 800-53A.
Source(s):
NISTIR 8011 Vol. 1

  the set of passive entities within the system, protected from unauthorized use.
Source(s):
NISTIR 6192 under Object

  A passive entity that contains or receives information.
Source(s):
NISTIR 7316 under Object