Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

whitelisting

Abbreviation(s) and Synonym(s):

None

Definition(s):

  The process used to identify: (i) software programs that are authorized to execute on an information system; or (ii) authorized Universal Resource Locators (URL)/websites.
Source(s):
NIST SP 800-53 Rev. 4 under Whitelisting

  A list of discrete entities, such as hosts or applications that are known to be benign and are approved for use within an organization and/or information system.
Source(s):
NIST SP 800-128 under Whitelist (NIST SP 800-94 - Adapted)
NIST SP 800-82 Rev. 2 under Whitelist (NIST SP 800-128)

  A process used to identify software programs that are authorized to execute on a system or authorized Universal Resource Locators (URL)/websites.
Source(s):
NIST SP 800-171 Rev. 1

  A list of email senders known to be benign, such as a user’s coworkers, friends, and family.
Source(s):
NIST SP 800-114 under Whitelist [Superseded]

  A list of discrete entities, such as hosts or applications, that are known to be benign and are approved for use within an organization and/or information system.
Source(s):
NIST SP 800-179 under Whitelist (NISTIR 7298 Rev. 2)

  A list of discrete entities, such as hosts or applications that are known to be benign and are approved for use within an organization and/or information system. Also known as “clean word list”.
Source(s):
CNSSI 4009-2015 under white list (NIST SP 800-128)

  1). An approved list or register of entities that are provided a particular privilege, service, mobility, access or recognition.
Source(s):
CNSSI 4009-2015

  2). An implementation of a default deny all or allow by exception policy across an enterprise environment, and a clear, concise, timely process for adding exceptions when required for mission accomplishments.
Source(s):
CNSSI 4009-2015 (CNSSI 1011)

  An approved list or register of entities that are provided a particular privilege, service, mobility, access or recognition.
Source(s):
NISTIR 7621 Rev. 1 under Whitelist (CNSSI 4009-2015 - “whitelisting”)