A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

assurance

Abbreviation(s) and Synonym(s): Definition(s):

  Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.
Source(s):
NIST SP 800-39 under Assurance CNSSI 4009
NIST SP 800-53 Rev. 4 under Assurance CNSSI 4009

  The grounds for confidence that the set of intended security controls in an information system are effective in their application.
Source(s):
CNSSI 4009-2015 NIST SP 800-27 Rev. A <span id='term-def-src-src-note-1-0-0'> - Adapted</span>
NIST SP 800-137 under Assurance NISTIR 7298
NIST SP 800-37 Rev. 1 under Assurance

  Grounds for confidence that the set of intended security controls in an information system are effective in their application.
Source(s):
NIST SP 800-39 under Assurance NIST SP 800-53

  Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. “Adequately met” includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass.
Source(s):
NIST SP 800-12 Rev. 1 under Assurance NIST SP 800-27 Rev. A
NIST SP 800-27 Rev. A [Withdrawn]

  Grounds for confidence that the other four security objectives (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. “Adequately met” includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass.
Source(s):
NIST SP 800-33

  See Assurance.
Source(s):
NIST SP 800-53 Rev. 4 under Security Assurance

  The grounds for confidence that the set of intended security controls or privacy controls in an information system or organization are effective in their application.
Source(s):
NIST SP 800-53A Rev. 4 under Assurance

  Grounds for justified confidence that a [security or privacy] claim has been or will be achieved.
Source(s):
NIST SP 800-37 Rev. 2

  The grounds for confidence that an entity meets its security objectives.
Source(s):
NISTIR 7316 under Assurance

  In the context of OMB M-04-04 and this document, assurance is defined as 1) the degree of confidence in the vetting process used to establish the identity of an individual to whom the credential was issued, and 2) the degree of confidence that the individual who uses the credential is the individual to whom the credential was issued.
Source(s):
NIST SP 800-63-2 under Assurance [Superseded]

  Grounds for justified confidence that a claim has been or will be achieved. Note 1: Assurance is typically obtained relative to a set of specific claims. The scope and focus of such claims may vary (e.g., security claims, safety claims) and the claims themselves may be interrelated. Note 2: Assurance is obtained through techniques and methods that generate credible evidence to substantiate claims.
Source(s):
NIST SP 800-160 [Superseded] ISO/IEC 15026

  Grounds for justified confidence that a claim has been or will be achieved. Note 1: Assurance is typically obtained relative to a set of specific claims. The scope and focus of such claims may vary (e.g., security claims, safety claims) and the claims themselves may be interrelated. Note 2: Assurance is obtained through techniques and methods that generate credible evidence to substantiate claims.
Source(s):
NIST SP 800-160 [Superseded] ISO/IEC 15026