Since the release of Federal Information Processing Standard (FIPS) 39 in 1976, NIST has published a glossary of computer/information security terminology.  Now, NIST has created an easily accessible repository of terms and definitions extracted verbatim from NIST’s FIPS, Special Publications (SPs), and Internal or Interagency Reports (IRs), as well as from the Committee on National Security Systems Instruction 4009 (CNSSI-4009).

This repository—an online database whose methodology is described in Draft NISTIR 7298 Revision 3, Glossary of Key Information Security Terms—is intended to help users understand terminology, recognize when and where multiple definitions may exist, and identify a definition that they can use.

We encourage careful review of the online glossary database as well as the methodology described in the draft NISTIR. Specifically, we request feedback on any areas that may need changes to improve their accuracy and long-term usability.

A public comment period for this document—including the associated database and online glossary—is open until December 21, 2018.