Glossary
Object (NIST)
A passive entity that contains or receives information. SOURCE: SP 800-27 Passive information system-related entity (e.g., devices, files, records, tables, processes, programs, domains) containing or receiving information. Access to an object implies access to the information it contains. SOURCE: CNSSI-4009; SP 800-53 |
Off-line Attack (NIST)
An attack where the Attacker obtains some data (typically by eavesdropping on an authentication protocol run, or by penetrating a system and stealing security files) that he/she is able to analyze in a system of his/her own choosing.
SOURCE: SP 800-63
On-Access Scanning (NIST)
Configuring a security tool to perform real-time scans of each file for malware as the file is downloaded, opened or executed.
SOURCE: GUIDE TO MALWARE INCIDENT PREVENTION AND HANDLING FOR DESKTOPS AND LAPTOPS
On-Demand Scanning (NIST)
Allowing users to launch security tool scans for malware on a computer as desired.
SOURCE: GUIDE TO MALWARE INCIDENT PREVENTION AND HANDLING FOR DESKTOPS AND LAPTOPS
One-Way Hash Algorithm (NIST)
Hash algorithms which map arbitrarily long inputs into a fixed-size output such that it is very difficult (computationally infeasible) to find two different hash inputs that produce the same output. Such algorithms are an essential part of the process of producing fixed-size digital signatures that can both authenticate the signer and provide for data integrity checking (detection of input modification after
signature).
SOURCE: SP 800-49; CNSSI-4009
Online Attack (NIST)
An attack against an authentication protocol where the Attacker either assumes the role of a Claimant with a genuine Verifier or actively alters the authentication channel. The goal of the attack may be to gain authenticated access or learn authentication secrets.
SOURCE: SP 800-63
Online Certificate Status Protocol (OCSP) (NIST)
An online protocol used to determine the status of a public key certificate.
SOURCE: FIPS 201
Open Architecture
- The process, overall structure, framework, logical components, and logical interrelationships that are based on open-industry-standards and pervasive industry de facto standards, rather than on closed, proprietary design. Conceptually, an architecture that is open will facilitate interoperability, portability, and scalability as well as provide competitive choices and solutions.
- The layered hierarchical structure, configuration, or model of a communications or distributed data processing system that
(a) enables system description, design, development, installation, operation, improvement, and maintenance to be performed at a given layer or layers in the
hierarchical structure,
(b) allows each layer to provide a set of accessible functions that can be controlled and used by the functions in the layer above it,
(c) enables each layer to be implemented without affecting the implementation of other layers, and
(d) allows the alteration of system performance by the modification of one or more layers without altering the existing equipment, procedures, and protocols at the remaining layers.
Note: Examples of independent alterations include
(a) converting from wire to optical fibers at a physical layer without affecting the data-link layer or the network layer except to provide more traffic capacity, and
(b) altering the operational protocols at the network level without altering the physical layer.
Open Shortest Path First (OSPF)
A link-state routing protocol for Internet Protocol (IP) networks. It uses a link state routing algorithm and falls into the group of interior routing protocols, operating within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4. The updates for IPv6 are specified as OSPF Version 3 in RFC 5340 (2008).
SOURCE: WIKIPEDIA
Open Storage (NIST)
Any storage of classified national security information outside of approved containers. This includes classified information that is resident on information systems media and outside of an approved storage container, regardless of whether or not that media is in use (i.e., unattended operations).
SOURCE: CNSSI-4009
Open Systems Architecture (OSA)
A standard that describes the layered hierarchical structure, configuration, or model of a communications or distributed data processing system.
SOURCE: WIKIPEDIA
Open Systems Interconnection (OSI) Model
A conceptual model that characterizes and standardizes the internal functions of a communication system by partitioning it into abstraction layers. The model is a product of the Open Systems Interconnection project at the International Organization for Standardization (ISO), maintained by the identification ISO/IEC 7498-1.
SOURCE: WIKIPEDIA
Open Web Application Security Project (OWASP)
A non-profit organization focused on improving the security of application software. OWASP maintains a list of critical vulnerabilities for web applications.
SOURCE: PCI DSS GLOSSARY
Organizational Information Security Continuous Monitoring (NIST)
Ongoing monitoring sufficient to ensure and assure effectiveness of security controls related to systems, networks, and cyberspace, by assessing security control implementation and organizational security status in accordance with organizational risk tolerance – and within a reporting structure designed to make real-time, data-driven risk management decisions.
SOURCE: SP 800-137
Outside Threat (NIST)
An unauthorized entity from outside the domain perimeter that has the potential to harm an Information System through destruction, disclosure, modification of data, and/or denial of service.
SOURCE: SP 800-32
Overwrite Procedure (NIST)
A software process that replaces data previously stored on storage media with a predetermined set of meaningless data or random patterns.
SOURCE: CNSSI-4009
