access control

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviations / Acronyms / Synonyms:

NIST SP 800-12 Rev. 1, NIST SP 800-162, NIST SP 800-203, NIST SP 800-55 Rev. 1, NISTIR 8403

authorization

NIST SP 800-162

Definitions:

  The process of granting or denying specific requests to 1) obtain and use information and related information processing services and 2) enter specific physical facilities (e.g., federal buildings, military establishments, border crossing entrances).
Sources:
FIPS 201-3 under Access Control

  The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., federal buildings, military establishments, border crossing entrances).
Sources:
NIST SP 1800-10B under Access Control from CNSSI 4009-2015
NIST SP 1800-25B under Access Control from CNSSI 4009-2015
NIST SP 1800-26B under Access Control from CNSSI 4009-2015
NIST SP 800-12 Rev. 1 under Access Control

  Access privileges granted to a user, program, or process or the act of granting those privileges.
Sources:
CNSSI 4009-2015 under authorization
NIST SP 800-160 Vol. 2 Rev. 1 under authorization from CNSSI 4009-2015
NIST SP 800-53 Rev. 5 under authorization from CNSSI 4009-2015
NIST SP 800-53A Rev. 5 under authorization from CNSSI 4009-2015

  The process of permitting or restricting access to applications at a granular level, such as per-user, per-group, and per-resources.
Sources:
NIST SP 800-113 under Access Control

  Procedures and controls that limit or detect access to critical information resources. This can be accomplished through software, biometrics devices, or physical access to a controlled space.
Sources:
NIST SP 800-192 under Access Control
NISTIR 7316 under Access Control

  The process of granting or denying specific requests to: (i) obtain and use information and related information processing services; and (ii) enter specific physical facilities (e.g., Federal buildings, military establishments, and border-crossing entrances).
Sources:
NIST SP 800-79-2 under Access Control

  As used in this Recommendation, the set of procedures and/or processes that only allow access to information in accordance with pre-established policies and rules.
Sources:
NIST SP 800-57 Part 2 Rev.1 under Access control

  Restricts resource access to only authorized entities.
Sources:
NIST SP 800-57 Part 1 Rev. 5 under Access control

  The process of granting or denying specific requests for obtaining and using information and related information processing services; and to enter specific physical facilities (e.g., Federal buildings, military establishments, and border crossing entrances).
Sources:
NIST SP 800-53 Rev. 5

  The decision to permit or deny a subject access to system objects (network, data, application, service, etc.)
Sources:
NIST SP 800-162

  The right or a permission that is granted to a system entity to access a system resource.
Sources:
NIST SP 800-82r3 under authorization from RFC 4949 - adapted

  The process of limiting access to resources of a system only to authorized programs, processes, or other systems (in a network).
Sources:
NISTIR 4734 under Access Control

  The process of granting or denying specific requests for obtaining and using information and related information processing services.
Sources:
NISTIR 7711 under Access Control

  To ensure that an entity can only access protected resources if they have the appropriate permissions based on the predefined access control policies.
Sources:
NISTIR 7497 under Access Control

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.