U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Information System User

Abbreviation(s) and Synonym(s):

ISU
User

Definition(s):

  A person or entity with authorized access.
Source(s):
NIST SP 800-66 Rev. 1 under User from 45 C.F.R., Sec. 164.304

  Individual or (system) process authorized to access an information system.
Source(s):
NIST SP 800-18 Rev. 1 under User from CNSSI 4009

  Individual, or (system) process acting on behalf of an individual, authorized to access an information system. See Organizational User and Non-Organizational User.
Source(s):
NIST SP 800-53 Rev. 4 under User from CNSSI 4009 - Adapted

  Individual, or (system) process acting on behalf of an individual, authorized to access an information system. See Organizational User and Non-Organizational User.
Source(s):
NIST SP 800-53 Rev. 4 under User from CNSSI 4009 - Adapted

  See Information System User
Source(s):
NIST SP 800-128 under User

  The term user refers to an individual, group, host, domain, trusted communication channel, network address/port, another netwoik, a remote system (e.g., operations system), or a process (e.g., service or program) that accesses the network, or is accessed by it, including any entity that accesses a network support entity to perform OAM&Prelated tasks. Regardless of their role, users must be required to successfully pass an identification and authentication (I&A) mechanism. For example, I&A would be required for a security or system administrator. For customers, I&A could be required for billing purposes. For some services (e.g.. Emergency Services) a customer may not need to be authenticated by the system.
Source(s):
NIST SP 800-13 [Withdrawn] under User

  An FCKMS role that utilizes the key-management services offered by an FCKMS service provider.
Source(s):
NIST SP 800-152 under User

  See Entity.
Source(s):
NIST SP 800-57 Part 1 Rev. 4 [Superseded] under User
NIST SP 800-57 Part 1 Rev. 3 [Superseded] under User

  A human entity.
Source(s):
NIST SP 800-57 Part 2 Rev.1 under User

  Individual, or (system) process acting on behalf of an individual, authorized to access an information system. [Note: With respect to SecCM, an information system user is an individual who uses the information system functions, initiates change requests, and assists with functional testing.]
Source(s):
NIST SP 800-128 from CNSSI 4009

  An individual (person). Also see Entity.
Source(s):
NIST SP 800-57 Part 1 Rev. 5 under User

  Person who interacts with the product.
Source(s):
NISTIR 8040 under User from ISO 9241-11:1998

  A person, organization, or other entity which requests access to and uses the resources of a computer system or network.
Source(s):
NISTIR 4734 under User

  The entity, human or machine, that is identified by the userID, authenticated prior to system access, the subject of all access control decisions, and held accountable via the audit reporting system.
Source(s):
NISTIR 5153 under User

  the set of people, both trusted (e.g., administrators) and untrusted, who use the system.
Source(s):
NISTIR 6192 under User

  A consumer of the services offered by an RP.
Source(s):
NISTIR 8149 under User

  A person, team, or organization that accesses or otherwise uses an Online Informative Reference.
Source(s):
NISTIR 8278 under User
NISTIR 8278A under User