Protection from unauthorized access to information. Terms and definitions.

logo11d 4 1

Protection from unauthorized access to information. Terms and definitions. Guidance document.

This guidance document establishes terms and definitions of concepts in the field of protection of computing equipment and automated systems from unauthorized access to information.

The established terms are mandatory for use in all types of documentation.

One ​​term is established for each concept. The use of synonyms for a term is not allowed.

For individual terms, short forms are given (in brackets), which may be used in cases that exclude the possibility of their different interpretation.

For reference, foreign equivalents of Russian terms in English are provided, as well as alphabetical indexes of terms in Russian and English.

1. TERMS AND DEFINITIONS

Term

Definition

1. Access to information
(Access)
Access to information

Familiarization with information, its processing, in particular, copying, modification or destruction of information

2. Access control rules
(PRD)
Security policy

A set of rules governing the access rights of access subjects to access objects

3. Authorized access to information
Authorized access to information

Access to information that does not violate access control rules

4. Unauthorized access to information
(UAI)
Unauthorized access to information

Access to information that violates the rules for access control using standard tools provided by computer technology or automated systems

Note. Standard tools are understood to be a set of software, firmware and hardware for computing equipment or automated systems.

5. Protection from unauthorized access
(Protection from unauthorized access)
Protection from unauthorized access

Prevention or significant hindrance of unauthorized access

6. Access subject
(Subject)
Access subject

A person or process whose actions are regulated by access control rules

7. Access object
(Object)
Access object

A unit of information resource of an automated system, access to which is regulated by access control rules

8. Access matrix
Access matrix

Table displaying access control rules

9. Access subject authority level
Subject privilege

Aggregate of access rights of the access subject

10. Violator of access control rules
(Violator of access control rules)
Security policy violator

Access subject exercising unauthorized access to information

11. Model of violator of access control rules
(Model of violator of access control rules)
Security policy violator's model

Abstract (formalized or non-formalized) description of the violator of access control rules

12. Complex of protection tools
(KPS)
Trusted computing base

A set of software and hardware tools created and maintained to ensure the protection of computing equipment or automated systems from unauthorized access to information

13. Access control system
(ACS)
Security policy realization

A set of implemented rules for access control in computing equipment or automated systems

14. Access identifier
Access identifier

Unique attribute of the access subject or object

15. Identification
Identification

Assigning an identifier to access subjects and objects and (or) comparing the presented identifier with the list of assigned identifiers

16. Password
Password

The access subject's identifier, which is the subject's (the subject's) secret

17. Authentication
Authentication

Checking that the access subject owns the identifier presented by him; confirming authenticity

18. Trusted computer system (trusted automated system)
Trusted computer system

Computer system (automated system) in which a set of security tools is implemented

19. Unauthorized access protection facility
(Unauthorized access protection facility)
Protection facility

Software, hardware, or software-hardware means designed to prevent or significantly hinder unauthorized access

20. Protection model
Protection model

Abstract (formalized or non-formalized) description of a set of software-hardware means and (or) organizational measures to protect against unauthorized access

21. Information security
Information security

The state of security of information processed by means of computing equipment or an automated system from internal or external threats

22. Information integrity
Information integrity

The ability of a computer or automated system to ensure the immutability of information in the event of accidental and/or intentional distortion (destruction)

23. Confidential information
Sensitive information

Information requiring protection

24. Discretionary access control
Discretionary access control

Access control between named subjects and named objects. A subject with a certain access right can delegate this right to any other subject

25. Mandatory access control
Mandatory access control

Access control of subjects to objects based on the information contained in the objects, characterized by a confidentiality label, and the official permission (admission) of subjects to access information of such confidentiality level

26. Multilevel security
Multilevel security

Security that ensures access control of subjects with different access rights to objects of different confidentiality levels

27. Reference Monitor Concept
Reference monitor concept

An access control concept that refers to an abstract machine that mediates all accesses from subjects to objects

28. Access Manager (Security Kernel)
Security kernel

Technical, software and firmware elements of a set of security tools that implement the concept of an access manager

29. Security administrator
Security administrator

Access subject responsible for protecting the automated system from unauthorized access to information

30. Sensitivity Label
(Label)
Sensitivity label

An element of information that characterizes the confidentiality of information contained in an object

31. Verification
Verification

The process of comparing two specification levels of computing equipment or automated systems for proper compliance

32. Protection class of computer equipment, automated system
Protection class of computer systems

A certain set of requirements for the protection of computer equipment (automated system) from unauthorized access to information

33. Security criterion of computer equipment
(Security indicator)
Protection criterion of computer systems

Characteristic of computer equipment that affects security and is described by a specific group of requirements that vary in level and depth depending on the security class of the computer equipment

34. Secret information security system (SISS)
Secret information security system

A set of organizational measures and software and hardware (including cryptographic) means of ensuring information security in automated systems

35. System for protecting information from unauthorized access (SIS NSD)
System of protection from unauthorized access to information

A set of organizational measures and software and hardware (including cryptographic) means of protection against unauthorized access to information in automated systems

36. Cryptographic information protection facility
(CIPF)
Cryptographic information protection facility

A computer tool that performs cryptographic transformation of information to ensure its security

37. Protection certificate
(Certificate)
Protection certificate

A document certifying the compliance of a computing device or automated system with a set of specific requirements for protection against unauthorized access to information and giving the developer the right to use and (or) distribute them as protected

38. Protection Level Certification
(Certification)
Protection level certification

The process of establishing the compliance of a computing device or automated system with a set of specific protection requirements

 

2. ALPHABETICAL INDEX OF TERMS
IN RUSSIAN
No. 3. ALPHABETICAL INDEX OF TERMS
IN ENGLISH
No.
Security Administrator 29 Access identifier 14
Authentication 17 Access matrix 8
Information security 21 Access object 7
Verification 31 Access subject 6
Discretionary access control 24 Access to information 1
Access manager (security core) 28 Authorized access to information 3
Access to information 1 Authentication 17
Protection from unauthorized access 5 Cryptographic information protection facility 36

Protected computing facility (protected automated system)

18 Discretionary access control 24
Access identifier 14 Identification 15
Identification 15 Information integrity 22

Security class of computing equipment of the automated system

32 Information security 21
Complex of protective equipment 12 Mandatory access control 25
Confidential information 23 Multilevel security 26
Access Manager Concept 27 Password 16
Mandatory access control 25 Protection certificate 37
Access matrix 8 Protection class of computer systems 32
Sensitivity label 30 Protection criterion of computer systems 33
Multi-level protection 26 Protection facility 19
Protection model 20 Protection from unauthorized access 5
Model of access control rule violator 11 Protection level certification 38
Violator of access control rules 10 Protection model 20
Unauthorized access to information 4 Reference monitor concept 27
Access object 7 Secret information security system 34
Password 16 Security administrator 29
Computer security index 33 Security kernel 28
Access control rules 2 Security policy 2
Authorized access to information 3 Security policy implementation 13
Security certificate 37 Security policy violator 10
Security Level Certification 38 Security policy violator’s model 11
System for protecting information from unauthorized access 35 Sensitive information 23
Secret information protection system 34 Sensitivity label 30
Access control system 13 Subject privilege 9
Unauthorized access protection 19 System of protection from unauthorized access to information 35
Cryptographic information protection tool 36 Trusted computing base 12
Access subject 6 Trusted computer system 18
Access subject authority level 9 Unauthorized access to information 4
Information integrity 22 Verification 31
Мы используем cookie-файлы для наилучшего представления нашего сайта. Продолжая использовать этот сайт, вы соглашаетесь с использованием cookie-файлов.
Принять