U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

security service

Definition(s):

  A capability that supports one, or many, of the security goals. Examples of security services are key management, access control, and authentication.
Source(s):
CNSSI 4009-2015 from NIST SP 800-27 Rev. A
NIST SP 800-27 Rev. A [Withdrawn]

  A processing or communication service that is provided by a system to give a specific kind of protection to resources, where said resources may reside with said system or reside with other systems, for example, an authentication service or a PKI-based document attribution and authentication service. A security service is a superset of AAA services. Security services typically implement portions of security policies and are implemented via security mechanisms.
Source(s):
NIST SP 800-95 under Security Service from Web Services Glossary - W3C Working Group Note 11 February 2004

  A security capability of function provided by an entity.
Source(s):
NIST SP 800-160 Vol. 1

  Mechanisms used to provide confidentiality, identity authentication, integrity authentication, source authentication, and/or support the non-repudiation of information.
Source(s):
NIST SP 800-57 Part 1 Rev. 5 under Security services

  A security capability or function provided by an entity that supports one or more security objectives.
Source(s):
NIST SP 800-53 Rev. 5 from NIST SP 800-160 Vol. 1

  A capability that supports one, or more, of the security requirements (Confidentiality, Integrity, Availability). Examples of security services are key management, access control, and authentication.
Source(s):
NIST SP 800-53 Rev. 4 [Superseded] under Security Service from CNSSI 4009

  Mechanisms used to provide confidentiality, data integrity, authentication or non-repudiation of information.
Source(s):
NIST SP 800-57 Part 1 Rev. 3 [Superseded] under Security services
NIST SP 800-57 Part 2 [Superseded] under Security services

  Mechanisms used to provide confidentiality, integrity authentication, source authentication and/or support non-repudiation of information.
Source(s):
NIST SP 800-57 Part 1 Rev. 4 [Superseded] under Security services