U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Security Authorization

Abbreviation(s) and Synonym(s):

Authorization

Definition(s):

  The right or a permission that is granted to a system entity to access a system resource.
Source(s):
NIST SP 800-82 Rev. 2 under Authorization RFC 4949

  The official management decision given by a senior official to authorize operation of a system or the common controls inherited by designated organizations systems and to explicitly accept the risk to organizational operations (including mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation based on the implementation of an agreed-upon set of security and privacy controls. Also known as authorization to operate.
Source(s):
NIST SP 800-12 Rev. 1 under Authorization

  The process that takes place after authentication is complete to determine which resources/services are available to a WiMAX device.
Source(s):
NIST SP 800-127 under Authorization [Withdrawn]

  The process of verifying that a requested action or service is approved for a specific entity.
Source(s):
NIST SP 800-152 under Authorization

  Access privileges that are granted to an entity; conveying an “official” sanction to perform a security function or activity.
Source(s):
NIST SP 800-57 Part 1 Rev. 4 under Authorization [Superseded]
NIST SP 800-57 Part 1 Rev. 3 under Authorization [Superseded]

  Access privileges granted to an entity; conveys an “official” sanction to perform a security function or activity.
Source(s):
NIST SP 800-57 Part 2 under Authorization [Superseded]

  Access privileges granted to an entity; conveys an “official” sanction to perform a cryptographic function or other sensitive activity.
Source(s):
NIST SP 800-57 Part 2 Rev.1 under Authorization

  The process of verifying that a requested action or service is approved for a speciic entity.
Source(s):
NIST SP 800-57 Part 2 Rev.1 under Authorization

  See authorization.
Source(s):
NIST SP 800-137
NIST SP 800-37 Rev. 1
NIST SP 800-53 Rev. 4
NIST SP 800-53A Rev. 4

  Access privileges that are granted to an entity that convey an “official” sanction to perform a security function or activity.
Source(s):
NIST SP 800-57 Part 1 Rev. 5 under Authorization

  The granting or denying of access rights to a user, program, or process.
Source(s):
NISTIR 7316 under Authorization

  The process of initially establishing access privileges of an individual and subse­quently verifying the acceptability of a request for access.
Source(s):
NISTIR 4734 under Authorization