U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

access control

Abbreviation(s) and Synonym(s):

Definition(s):

  The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., federal buildings, military establishments, border crossing entrances).
Source(s):
NIST SP 800-12 Rev. 1 under Access Control from FIPS 201-2
NIST SP 1800-25B under Access Control from FIPS 201-2, CNSSI 4009-2015
NIST SP 1800-26B under Access Control from FIPS 201-2, CNSSI 4009-2015

  The process of granting or denying specific requests: 1) for obtaining and using information and related information processing services; and 2) to enter specific physical facilities (e.g., Federal buildings, military establishments, and border crossing entrances).
Source(s):
CNSSI 4009-2015 from FIPS 201-1 - Adapted
NIST SP 1800-27B under Access Control from CNSSI 4009-2015
NIST SP 1800-27C under Access Control from CNSSI 4009-2015

  The process of permitting or restricting access to applications at a granular level, such as per-user, per-group, and per-resources.
Source(s):
NIST SP 800-113 under Access Control

  Procedures and controls that limit or detect access to critical information resources. This can be accomplished through software, biometrics devices, or physical access to a controlled space.
Source(s):
NIST SP 800-192 under Access Control
NISTIR 7316 under Access Control

  The process of granting or denying specific requests to: (i) obtain and use information and related information processing services; and (ii) enter specific physical facilities (e.g., Federal buildings, military establishments, and border-crossing entrances).
Source(s):
NIST SP 800-79-2 under Access Control

  As used in this Recommendation, the set of procedures and/or processes that only allow access to information in accordance with pre-established policies and rules.
Source(s):
NIST SP 800-57 Part 2 Rev.1 under Access control

  Restricts resource access to only authorized entities.
Source(s):
NIST SP 800-57 Part 1 Rev. 5 under Access control

  The process of granting or denying specific requests for obtaining and using information and related information processing services; and to enter specific physical facilities (e.g., Federal buildings, military establishments, and border crossing entrances).
Source(s):
NIST SP 800-53 Rev. 5 from FIPS 201-2

  The process of limiting access to resources of a system only to authorized programs, processes, or other systems (in a network).
Source(s):
NISTIR 4734 under Access Control

  To ensure that an entity can only access protected resources if they have the appropriate permissions based on the predefined access control policies.
Source(s):
NISTIR 7497 under Access Control

  The process of granting or denying specific requests for obtaining and using information and related information processing services.
Source(s):
NISTIR 7711 under Access Control

  The process of granting or denying specific requests: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., Federal buildings, military establishments, border crossing entrances).
Source(s):
FIPS 201 [version unknown] under Access Control

  Enable authorized use of a resource while preventing unauthorized use or use in an unauthorized manner.
Source(s):
NIST SP 800-27 Rev. A [Withdrawn]
NIST SP 800-33 [Withdrawn]

  Process of granting access to information system resources only to authorized users, programs, processes, or other systems.
Source(s):
NIST SP 800-32 [Withdrawn] under Access Control

  The process of granting access to information technology (IT) system resources only to authorized users, programs, processes, or other systems.
Source(s):
NIST SP 800-47 [Superseded] under Access Control

  Restricts access to resources to only privileged entities.
Source(s):
NIST SP 800-57 Part 1 Rev. 3 [Superseded] under Access control

  Restricts resource access to only privileged entities.
Source(s):
NIST SP 800-57 Part 1 Rev. 4 [Superseded] under Access control

  Restricts access to resources only to privileged entities.
Source(s):
NIST SP 800-57 Part 2 [Superseded] under Access control