U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

compromise

Definition(s):

  The unauthorized disclosure, modification, substitution, or use of sensitive data (e.g., keys, metadata, or other security-related information) or the unauthorized modification of a security-related system, device or process in order to gain unauthorized access.
Source(s):
NIST SP 800-152 under Compromise (noun)

  To reduce the trust associated with a key, its metadata, a system, device or process.
Source(s):
NIST SP 800-152 under Compromise (verb)

  Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.
Source(s):
NIST SP 1800-25B under Compromise from NIST SP 800-32
NIST SP 1800-26B under Compromise from NIST SP 800-32
NIST SP 800-32 [Withdrawn] under Compromise

  The unauthorized disclosure, modification, substitution, or use of sensitive information (e.g., a secret key, private key or secret metadata).
Source(s):
NIST SP 800-57 Part 2 Rev.1 under Compromise

  The unauthorized disclosure, modification, substitution, or use of sensitive data (e.g., a secret key, private key, or secret metadata).
Source(s):
NIST SP 800-175B Rev. 1 under Compromise

  The unauthorized disclosure, modification, substitution or use of sensitive key information (e.g., a secret key, private key, or secret metadata).
Source(s):
NIST SP 800-57 Part 1 Rev. 5 under Compromise

  The unauthorized disclosure, modification, or use of sensitive data (e.g., keying material and other security-related information).
Source(s):
NIST SP 800-133 Rev. 2 under Compromise

  1. Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.
Source(s):
CNSSI 4009-2015 [Superseded] from NIST SP 800-32

  2. a. (General) the disclosure of classified data to persons not authorized to receive that data. b. (Automated Information Systems) A violation of the security policy of a system such that an unauthorized disclosure, modification, or destruction of sensitive information has occurred.
Source(s):
CNSSI 4009-2015 [Superseded] from NSA/CSS Manual Number 3-16 (COMSEC)

  The unauthorized disclosure, modification or use of sensitive data (e.g., keying material and other security-related information).
Source(s):
NIST SP 800-133 [Superseded] under Compromise
NIST SP 800-133 Rev.1 [Superseded] under Compromise

  The unauthorized disclosure, modification, substitution or use of sensitive data (e.g., keying material and other security-related information).
Source(s):
NIST SP 800-57 Part 1 Rev. 3 [Superseded] under Compromise
NIST SP 800-57 Part 1 Rev. 4 [Superseded] under Compromise

  The unauthorized disclosure, modification, substitution, or use of sensitive data (e.g., keying material and other security related information).
Source(s):
NIST SP 800-57 Part 2 [Superseded] under Compromise