This glossary utilizes a database of terms extracted from nist federal information processing standard publications fips, the nist special publication sp 800 series, selected nist interagency or internal reports nistirs, and from the committee for national security systems instruction 4009 cnssi4009. The description of an enterprises entire set of information systems. Committee on national security systems instruction. The glossary includes most of the terms in the nist publications. Cnssi4016 guidelines for voice over internet protocol voip computer telephony april 2007 cnssi5000 typeacceptance program for voice over internet protocol voip telephones december 2007 cnssi5001 protective distribution systems pds december 1996. Defense counterintelligence and security agency assessment. The terms included are not all inclusive of terms found in these publications, but. This revision of cnssi 4009 incorporates many new terms submitted by the cnss membership. In order to promote public education and public safety, equal justice for all, a better informed citizenry, the rule of law, world trade and world peace, this legal document is hereby made available on a noncommercial basis, as it is the right of all humans to. Jul 03, 2019 this glossary utilizes a database of terms extracted from nist federal information processing standard publications fips, the nist special publication sp 800 series, selected nist interagency or internal reports nistirs, and from the committee for national security systems instruction 4009 cnssi 4009. Committee on national security systems instruction no. Cnssi is listed in the worlds largest and most authoritative dictionary database of abbreviations and acronyms. Glossary of key information security terms nvlpubsnistgov. Reciprocity, as defined in committee on national security systems instruction cnssi no.
The cnss was formerly known as the national security telecommunications information systems security committee nstissc. Information means any communication or representation of knowledge such as facts, data, or opinions, in any medium or form, including textual, numerical, graphic, cartographic, narrative, or audiovisual committee on national security systems instruction cnssi 4009. This glossary provides a central resource of terms and definitions most. Nstissi 4009, national information systems security infosec glossary. Formal document that provides an overview of the security requirements for an information system. Committee on national security systems instruction 4009, national.
All issuances made available for download from the cnss web site are in portable document format pdf. Additional copies of this instruction may be obtained from the cnss. The committee on national security systems cnss library contains those issuances permitted on the internet that address cybersecurity issues. Enterprise audit management instruction for national security. The committee on national security systems instruction cnssi no. Sp 80053a revision 4 controls, objectives, cnss 1253 excel spreadsheet heres a cleaned up and combined excel spreadsheet version of special publication 80053a r4 containing controls, objectives, and cnss 1253 parameter values. It also offers a section of commonly used abbreviations and acronyms. Committee on national security systems policy 11, national policy governing the acquisition of information assurance ia and iaenabled information technology products, 10 june 20 7. Replaces term certification with assessment and accreditation with authorization to operate in alignment with cnssi no. Start studying cnss instruction 4009, information assurance glossary.
The new terms are followed by legacy terms in parentheses throughout instruction. Committee on national security systems cnss instruction no. The library is divided into categories such as policies, directives, instructions, and advisory memoranda, as well as offering a search of all the documents published by the cnss secretariat. Skarmeta, cto odin solutions, university of murcia, spain gianmarco baldini, jrc, italy philippe cousin and franck le. The attached draft document provided here for historical purposes has been superseded by the following publication. Reciprocity, as defined in cnssi 4009, is a, mutual agreement among participating enterprises to accept each others security assessments in order to reuse is resources andor to accept each others assessed security posture in order to share information. The glossary provides a central resource of terms and definitions most commonly used in nist information security publications and in cnss information assurance publications. National security decision directive number 298, national operations security program, january 22, 1988. Committee on national security systems instruction 4009, committee on national security systems cnss glossary, 6 april 2015. Telephone security equipment submission and evaluation.
Policies, directives, instructions, advisory memoranda, tsg standards and information series, cnss report and other supplemental documents. A copy of files and programs made to facilitate recovery, if necessary. It also contains nearly all of the terms and definitions from cnssi4009. Committee on national security systems instruction cnssi. Towards a standardized cybersecurity certification framework for the iot sara n. Working group for encouraging the inclusion of cnssi4009 terms and definitions into this glossary. Cnssi 4009 committee on national security systems cnss. Cnss instructions committee on national security systems. Principle that an individual is entrusted to safeguard and control equipment, keying material, and information and is answerable to proper authority for the. A praccal introducon to cyber security risk management na 2. Overview this is a glossary of terms relating to information assurance. Policies, directives, instructions, advisory memoranda, tsg standards and information series, cnss.
Read, write, execute, append, modify, delete, and create are examples of access types. While the majority of cnssi4009 definitions are used, some of the definitions in appendix a have been determined to be more appropriate to the task of defining a technical baseline for it security than similar definitions in cnssi4009. While the majority of cnssi 4009 definitions are used, some of the definitions in appendix a have been determined to be more appropriate to the task of defining a technical baseline for it security than similar definitions in cnssi 4009. Government sponsors, and vendors for submission and evaluation of telephone equipment or devices. Committee on national security systems instruction 4009, national information assurance ia glossary, april 26, 2010 ad ac national security presidential directive54, cyber security and monitoring homeland security presidential directive23, cybersecurity policy, january 8, 2008 1. Documents created under the old title still reflect the nstiss numbering system. This instruction is effective upon receipt, and supersedes nacsi no. View and download simplex 4006 series user manual online. Committee on national security systems cnss glossary. Guidelines for voice over internet protocol voip computer. Committee for national security systems instruction 4009 cnssi 4009, national information assurance glossary, june 2006 d. Cnssi 1002 this document is designated fouo management of combined secure. Cnss instruction 4014 april 2004 national information assurance training standard for information systems. Cnss 4012, national information assurance training standard for senior system managers ssms jun 2004.
It also contains nearly all of the terms and definitions from cnssi 4009. The committee on national security systems cnss instruction no. Selecting rmf controls for national security systems. Government for use in national security systems nss. Committee on national security systems instruction cnssi no. U intelligence community standard ics icd 705 u sensitive compartmented information facilities ics 7051 u physical and technical security standards for sensitive compartmented information facilities u. Jun 05, 20 as a result of these requests, this glossary of common security terms has been extracted from nist federal information processing standards fips, the special publication sp 800 series, nist interagency reports nistirs, and from the committee for national security systems instruction 4009 cnssi 4009. In order to promote public education and public safety, equal justice for all, a better informed citizenry, the rule of law, world trade and world peace, this legal document is hereby made available on a noncommercial basis, as it is the right of all humans to know and speak the laws that govern them. Selecting rmf controls for national security systems edward l. Cnssi 4009 committee on national security systems cnss glossary. The committee on national security systems cnss sets nationallevel cybersecurity policies, directives, instructions, operational procedures, guidance and advisories for united states government usg departments and agencies for the security of national security systems nss. This glossary of key information security terms has been extracted from nist federal information processing standards fips, special publication sp 800 series, nist interagency report nist ir series, and the committee for national security systems instruction cnssi 4009 information assurance glossary. Cnss instruction 4009, information assurance glossary.
217 968 1601 120 496 1385 341 1385 454 1433 1415 529 1623 1537 1148 1139 991 1322 654 642 1252 925 903 767 961 911 150 33 1201 360 1090 1354 1284 664 461 804 893 1460 361 414 817