whitelist

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

NIST is striving to use more inclusive language. Although present in current NIST publications, this potentially biased term will no longer be used in NIST's new or revised cybersecurity and privacy publications. The deprecated term will be removed from this online glossary once it's no longer defined in a NIST publication.

Alternative language that NIST is using includes:

allowlist

Definition(s):

  A list of discrete entities, such as hosts or applications that are known to be benign and are approved for use within an organization and/or information system. Also known as “clean word list”.
Source(s):
CNSSI 4009-2015 under white list from NIST SP 800-128

  A list of discrete entities, such as hosts or applications that are known to be benign and are approved for use within an organization and/or information system.
Source(s):
NIST SP 800-128 under Whitelist from NIST SP 800-94 - Adapted
NIST SP 800-82 Rev. 2 under Whitelist from NIST SP 800-128

  A list of discrete entities, such as hosts, email addresses, network port numbers, runtime processes, or applications that are authorized to be present or active on a system according to a well-defined baseline.
Source(s):
NIST SP 800-128 from NIST SP 800-167
NIST SP 800-167

  An approved list or register of entities that are provided a particular privilege, service, mobility, access or recognition.
Source(s):
NISTIR 7621 Rev. 1 under Whitelist from CNSSI 4009-2015 - “whitelisting”

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.