U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

compromise

Definition(s):

  The unauthorized disclosure, modification, substitution, or use of sensitive data (e.g., keys, metadata, or other security-related information) or the unauthorized modification of a security-related system, device or process in order to gain unauthorized access.
Source(s):
NIST SP 800-152 under Compromise (noun)

  To reduce the trust associated with a key, its metadata, a system, device or process.
Source(s):
NIST SP 800-152 under Compromise (verb)

  Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.
Source(s):
NIST SP 1800-25B under Compromise from NIST SP 800-32
NIST SP 1800-26B under Compromise from NIST SP 800-32
NIST SP 800-32 [Withdrawn] under Compromise

  The unauthorized disclosure, modification, substitution, or use of sensitive information (e.g., a secret key, private key or secret metadata).
Source(s):
NIST SP 800-57 Part 2 Rev.1 under Compromise

  The unauthorized disclosure, modification, substitution, or use of sensitive data (e.g., a secret key, private key, or secret metadata).
Source(s):
NIST SP 800-175B Rev. 1 under Compromise

  The unauthorized disclosure, modification, substitution or use of sensitive key information (e.g., a secret key, private key, or secret metadata).
Source(s):
NIST SP 800-57 Part 1 Rev. 5 under Compromise

  The unauthorized disclosure, modification, or use of sensitive data (e.g., keying material and other security-related information).
Source(s):
NIST SP 800-133 Rev. 2 under Compromise

  1. Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred.
Source(s):
CNSSI 4009-2015 [Superseded] from NIST SP 800-32

  2. a. (General) the disclosure of classified data to persons not authorized to receive that data. b. (Automated Information Systems) A violation of the security policy of a system such that an unauthorized disclosure, modification, or destruction of sensitive information has occurred.
Source(s):
CNSSI 4009-2015 [Superseded] from NSA/CSS Manual Number 3-16 (COMSEC)

  The unauthorized disclosure, modification or use of sensitive data (e.g., keying material and other security-related information).
Source(s):
NIST SP 800-133 [Superseded] under Compromise
NIST SP 800-133 Rev.1 [Superseded] under Compromise

  The unauthorized disclosure, modification, substitution or use of sensitive data (e.g., keying material and other security-related information).
Source(s):
NIST SP 800-57 Part 1 Rev. 3 [Superseded] under Compromise
NIST SP 800-57 Part 1 Rev. 4 [Superseded] under Compromise

  The unauthorized disclosure, modification, substitution, or use of sensitive data (e.g., keying material and other security related information).
Source(s):
NIST SP 800-57 Part 2 [Superseded] under Compromise