U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Security Assurance

Abbreviation(s) and Synonym(s):

Assurance

Definition(s):

  Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.
Source(s):
NIST SP 800-39 under Assurance from CNSSI 4009

  The grounds for confidence that the set of intended security controls in an information system are effective in their application.
Source(s):
NIST SP 800-137 under Assurance

  Grounds for confidence that the set of intended security controls in an information system are effective in their application.
Source(s):
NIST SP 800-39 under Assurance

  Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. “Adequately met” includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass.
Source(s):
NIST SP 800-12 Rev. 1 under Assurance

  Grounds for justified confidence that a [security or privacy] claim has been or will be achieved.
Source(s):
NIST SP 800-53A Rev. 5 under Assurance from ISO/IEC 15026-1:2019 - Adapted

  The grounds for confidence that an entity meets its security objectives.
Source(s):
NISTIR 7316 under Assurance