Access Control List (ACL)
Mechanism implementing discretionary and/or mandatory access control between subjects and objects.
Formal declaration by a Designated Accrediting Authority (DAA) that an Information System (IS) is approved to operate at an acceptable level of risk, based on the implementation of an approved set of technical, managerial, and procedural safeguards. (See security safeguards.)
1. (IA) - Identifies the information resources covered by an accreditation decision, as distinguished from separately accredited information resources that are interconnected or with which information is exchanged via messaging. (Synonymous with Security Perimeter)
2. (IC) – For the purposes of identifying the Protection Level for confidentiality of a system to be accredited, the system has a conceptual boundary that extends to all intended users of the system, both directly and indirectly connected, who receive output from the system (DCID 6/3, 5 Jun 99)
American Standard Code for Information Interchange
To verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an IS, or to establish the validity of a transmission.
Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information.
Cryptosystem or process used for authentication.
Means used to confirm the identity of a station, originator, or individual.
Comprehensive evaluation of the technical and nontechnical security safeguards of an IS to support the accreditation process that establishes the extent to which a particular design and implementation meets a set of specified security requirements.
Certification Test and Evaluation (CT&E)
Software and hardware security tests conducted during development of an IS.
Concept of Operations (CONOP)
Document detailing the method, act, process, or effect of using an IS.
Assurance that information is not disclosed to unauthorized individuals, processes, or devices.
Management of security features and assurances through control of changes made to hardware, software, firmware, documentation, test, test fixtures, and test documentation throughout the life cycle of an IS.
Mechanism that facilitates the adjudication of different interconnected system security policies (e.g., controlling the flow of information into or out of an interconnected system).
Cross Domain Solution
Information assurance solution that provides the ability to access or transfer information between two or more security domains. (See multi level security.)
Data Sharing - Data Replication
Database replication can be used on many database management systems, usually with a master/slave relationship between the original and the copies. The master logs the updates, which then ripple through to the slaves. The slave outputs a message stating that it has received the update successfully, thus allowing the sending (and potentially re-sending until successfully applied) of subsequent updates.
Designated Approval Authority (DAA)
Official with the authority to formally assume responsibility for operating a system at an acceptable level of risk. This term is synonymous with authorizing official, designated accrediting authority, and delegated accrediting authority.
Directory File Transfer System (DFTS)
Transfer of files and directory structures in native format.
Discretionary Access Control (DAC)
(1) CNSSI: Means of restricting access to objects based on the identity and need-to-know of users and/or groups to which the object belongs. Controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (directly or indirectly) to any other subject. (See mandatory access control)
DoD Information Technology Security Certification and Accreditation Process
System or group of systems operating under a common security policy.
The core technology driving Owl’s secure data transfer systems is the DualDiode— a robust, hardware enforced data transfer platform. Based on Sandia National Labs’ data diode technology, DualDiode provides a fast (155 Mbps), one-way data stream to safely link discrete networks. Comprised of two specially configured communication cards, and an optical fiber, the DualDiode is literally a physical connection for fail-safe, one-way data transfer. When deploying a DualDiode data transfer system, Owl’s Send-only and Receive-only cards are installed into respective host computer platforms, fitting into standard PCI slots, connected by optical fiber.
Collection of computing environments connected by one or more internal networks under the control of a single authority and security policy, including personnel and physical security.
Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now commonly used in protecting information within many kinds of civilian systems. For example, the Computer Security Institute reported that in 2007, 71% of companies surveyed utilized encryption for some of their data in transit, and 53% utilized encryption for some of their data in storage. Encryption can be used to protect data "at rest", such as files on computers and storage devices (e.g. USB flash drives). In recent years there have been numerous reports of confidential data such as customers' personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should physical security measures fail. Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering (see also copy protection) are another somewhat different example of using encryption on data at rest.
Files and Directory Structures
UNIX/Linux and Microsoft Windows have similar file structures, that is, the way files and directories are organized on a hard disk. They implement a tree-structure, or hierarchical, file system. A directory can contain any number of files. A directory can also contain other directories.
System designed to defend against unauthorized access to or from a private network.
Mathematical argument which verifies that the system satisfies a mathematically described security policy.
Complete and convincing mathematical argument (C.F.D.) presenting the full logical justification for each proof step and for the truth of a theorem or set of theorems.
Formal Security Policy
Mathematically precise statement of a security policy.
Formal Verification (C.F.D.)
Process of using formal proofs to demonstrate the consistency between formal specification of a system and formal security policy model (design verification) or between formal specification and its high-level program implementation (implementation verification).
Front-End Security Filter (C.F.D.)
Security filter logically separated from the remainder of an IS to protect system integrity. Synonymous with firewall.
Segment of security testing in which advertised security mechanisms of an IS are tested under operational conditions.
IEEE is the world’s largest professional association advancing innovation and technological excellence for the benefit of humanity. IEEE and its members inspire a global community to innovate for a better tomorrow through its highly cited publications, conferences, technology standards, and professional and educational activities. IEEE is the trusted “voice” for engineering, computing and technology information around the globe.
Information Assurance (IA)
Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and nonrepudiation. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.
Information Systems Security Manager (ISSM)
Individual responsible for a program, organization, system, or enclave’s information assurance program.
Information Systems Security Officer (ISSO)
Individual responsible to the ISSM for ensuring the appropriate operational IA posture is maintained for a system, program, or enclave.
eDNA is a leading real-time data historian for acquiring, storing, and displaying large amounts of operations and engineering information. eDNA collects data from deep within the enterprise and stores it in a highly compressed format, allowing decades of high-frequency, time-series data to be stored online in its original resolution.
Quality of an IS reflecting the logical correctness and reliability of the operating system; the logical completeness of the hardware and software implementing the protection mechanisms; and the consistency of the data structures and occurrence of the stored data. Note that, in a formal security mode, integrity is interpreted more narrowly to mean protection against unauthorized modification or destruction of information.
Interim approval to operate (IATO)
Temporary authorization granted by a DAA for an IS to process information based on preliminary results of a security evaluation of the system.
Internet Protocol (IP)
Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks.
Principle requiring that each subject be granted the most restrictive set of privileges needed for the performance of authorized tasks. Application of this principle limits the damage that can result from accident, error, or unauthorized use of an IS.
Level of Protection
Extent to which protective measures, techniques, and procedures must be applied to ISs and networks based on risk, threat, vulnerability, system interconnectivity considerations, and Information Assurance Needs. Levels of protection are:
1. Basic: IS and networks requiring implementation of standard minimum security countermeasures.
2. Medium: IS and networks requiring layering of additional safeguards above the standard minimum security countermeasures.
3. High: IS and networks requiring the most stringent protection and rigorous security countermeasures.
Mandatory Access Control (MAC)
(1) CNSSI: Means of restricting access to objects based on the sensitivity of the information contained in the objects and the formal authorization (i.e., clearance, formal access approvals, and need-to-know) of subjects to access information of such sensitivity. (See discretionary access control.)
(2) Wikipedia: mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, etc. Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. With MAC, security policy is centrally controlled by a security policy administrator. Unlike with DAC, users cannot override or modify this policy, either accidentally or intentionally. Historically and traditionally, MAC has been closely associated with multi-level secure (MLS) systems. The Trusted Computer System Evaluation Criteria(TCSEC),
The Modbus Organization is a group of independent users and suppliers of automation devices that seek to drive the adoption of the Modbus communication protocol suite and the evolution to address architectures for distributed automation systems across multiple market segments. The Modbus Organization will also provide the infrastructure to obtain and share information about the protocols, their application and certification to simplify implementation by users resulting in reduced costs
Mode of Operation
Description of the conditions under which an IS operates based on the sensitivity of information processed and the clearance levels, formal access approvals, and need-to-know of its users. Four modes of operation are authorized for processing or transmitting information: dedicated mode, system high mode, compartmented/partitioned mode, and multilevel mode.
Multilevel Security (MLS)
Concept of processing information with different classifications and categories that simultaneously permits access by users with different security clearances and denies access to users who lack authorization. (See cross domain solution.)
National Information Assurance Partnership (NIAP)
Joint initiative between NSA and NIST responsible for security testing needs of both IT consumers and producers and promoting the development of technically sound security requirements for IT products and systems and appropriate measures for evaluating those products and systems. This document presents a menu structure for CDS administration through local console by privileged users wherever possible, users are constrained to execute their tasks through menu options with minimal use of the command line.
National Security System
Any information system (including any telecommunications system) used or operated by an agency or by a contractor of any agency, or other organization on behalf of an agency, the function, operation, or use of which: I. involves intelligence activities; II. Involves cryptologic activities related to national security; III. Involves command and control of military forces; IV. involves equipment that is an integral part of a weapon or weapon system; or V. subject to subparagraph (B), is critical to the direct fulfillment of military or intelligence missions; or is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept classified in the interest of national defense or foreign policy. (B). Does not include a system that is to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications). (Title 44 U.S. Code Section 3542, Federal Information Security Management Act of 2002.)
Network Packet Transfer System (NPTS)
Provides secure one-way transfer for network monitoring or sniffing. NPTS Send-only software “listens for” and processes all raw Ethernet packets on the source network, sending them across the DualDiode one-way path. On the Receive-only server, NPTS restores the traffic to native Ethernet packet format for processing by a client IDS monitoring system.
From automated teller machines and atomic clocks to mammograms and semiconductors, innumerable products and services rely in some way on technology, measurement, and standards provided by the National Institute of Standards and Technology. Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
The National Geospatial-Intelligence Agency (NGA) is an agency of the United States Government with the primary mission of collection, analysis, and distribution of geospatial intelligence (GEOINT) in support of national security. NGA was formerly known as the National Imagery and Mapping Agency (NIMA) and is part of the Department of Defense (DoD). In addition, NGA is a key component of the United States Intelligence Community.
Effective Reliability Standards that are clear, consistent and technically sound, coupled with a strong standards enforcement program, form the foundation of NERC’s efforts to help maintain and improve the reliability of North America’s bulk power system. NERC provides a number of additional programs and services designed to support owners, operators and users of the bulk power system in their efforts to attain operational excellence. These include identifying issues before they have a chance to become critical, sharing best practices, supporting training and education, monitoring the international electric grid, benchmarking performance to provide the industry with an objective lens through which to view itself, and more
Nonrepudiation - Assurance the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender's identity, so neither can later deny having processed the data.
Passive entity containing or receiving information. Access to an object implies access to the information it contains.
Reassignment and re-use of a storage medium containing one or more objects after ensuring no residual data remains on the storage medium.
One-way transfer is achieved through a simplex optical link that has just one light source (at the source computer) and just one photo detector (at the destination computer). No information of any kind, including handshaking protocols, (TCP/IP, SCSI, USB, serial/parallel ports, etc.) will ever travel from the destination computer back to the source computer. Special patented protocols are used to assure this reliable, absolute one-way transfer. One-way transfer is redundantly enforced in the communication hardware and driver software applications to ensure that data residing on the isolated domain is fully protected.
OLE for Process Control (OPC), which stands for Object Linking and Embedding (OLE) for Process Control, is the original name for a standards specification developed in 1996 by an industrial automation industry task force. The standard specifies the communication of real-time plant data between control devices from different manufacturers.
The PI System™ brings all operational data into a single system that can deliver it to users at all levels of the company - from the plant floor to the enterprise level. The PI System keeps business-critical data always online and available in a specialized time-series database
The Open System Interconnection Reference Model (OSI Reference Model or OSI Model) is an abstract description for layered communications and computer network protocol design. It was developed as part of the Open Systems Interconnection (OSI) initiative. In its most basic form, it divides network architecture into seven layers which, from top to bottom, are the Application, Presentation, Session, Transport, Network, Data Link, and Physical Layers.
Owl Performance Management Service (OPMS)
Monitors log files produced by various Owl applications currently supports Owl DFTS and Owl RFTS apps browser-based monitoring system supports IE 6+, Mozilla User Authentication, data encryption supports Apache web-server presents global view of monitored systems & systems’ status Ability to monitor individual systems Real time performance over time/10 minute window displays performance data for Owl applications File transfer performance (file count, average rate, total Bytes, etc.) Errors noted from send-only & receive-only log files ability to display application log file port logs from one system to another.
Owl Release Management System (ORMS)
Designed to support reliable human content-review to ensure safe release of information from high security enclaves in a manner consistent with existing security policies. Operates as a network service permitting multiple, authorized users.
Owl ScanFile Management System (OSMS)
Transfer of files & directory structures from lower security to higher security networks, with in-line, non-bypassable, malware scanning & filtering. Supports operation as a network service permitting multiple, authorized users.
monitors log files produced by various Owl applications currently supports Owl DFTS and Owl RFTS apps browser-based monitoring system supports IE 6+, Mozilla User Authentication, data encryption supports Apache web-server presents global view of monitored systems & systems’ status Ability to monitor individual systems Real time performance over time/10 minute window displays performance data for Owl applications File transfer performance (file count, average rate, total Bytes, etc.) Errors noted from send-only & receive-only log files ability to display application log file port logs from one system to another.
A programmable logic controller (PLC) or programmable controller is a digital computer used for automation of electromechanical processes, such as control of machinery on factory assembly lines, amusement rides, or lighting fixtures. PLCs are used in many industries and machines. Unlike general-purpose computers, the PLC is designed for multiple inputs and output arrangements, extended temperature ranges, immunity to electrical noise, and resistance to vibration and impact.
Individual who has access to system control, monitoring, or administration functions (e.g., system administrator, system ISSO, maintainers, system programmers, etc.)
Remote File Transfer Service (RFTS)
We satisfy the NIST requirements for specialized access, we satisfy the mandatory access control policies for the NIST docs and the way we do that is through the menus.
We satisfy the NIST requirements for specialized access, we satisfy the mandatory access control policies for the NIST docs and the way we do that is through the menus. Risk - Possibility that a particular threat will adversely impact an IS by exploiting a particular vulnerability.
Remote Printing Transfer Service (RPTS)
Application service provides secure user print-services, and efficient administration & maintenance of printer resources.
Process of analyzing threats to and vulnerabilities of an IS, and the potential impact resulting from the loss of information or capabilities of a system. This analysis is used as a basis for identifying appropriate and cost-effective security countermeasures.
The process of managing risks to agency operations (including mission, functions, image, or reputation), agency assets, or individuals resulting from the operation of an information system. It includes risk assessment; cost-benefit analysis; the selection, implementation, and assessment of security controls; and the formal authorization to operate the system. The process considers effectiveness, efficiency, and constraints due to laws, directives, policies, or regulations. (NIST Special Pub 800-53)
Role Based Access Control (RBAC)
Role-based access control (RBAC) is an approach to restricting system access to authorized users. It is a newer alternative approach to mandatory access control (MAC) and discretionary access control (DAC). RBAC is sometimes referred to as role-based security. Three primary rules are defined for RBAC:
1. Role assignment: A subject can execute a transaction only if the subject has selected or been assigned a role.
2. Role authorization: A subject's active role must be authorized for the subject. With rule 1 above, this rule ensures that users can take on only roles for which they are authorized.
3. Transaction authorization: A subject can execute a transaction only if the transaction is authorized for the subject's active role. With rules 1 and 2, this rule ensures that users can execute only transactions for which they are authorized. Additional constraints may be applied as well, and roles can be combined in a hierarchy where higher-level roles subsume permissions owned by sub-roles. In 2000, NIST called for a unified standard for RBAC, and proposed a U.S. national standard for RBAC. In 2004, the standard was adopted as InterNational Committee for Information Technology Standards (INCITS) 359-2004.
An RTU, or Remote Terminal Unit is a microprocessor controlled electronic device which interfaces objects in the physical world to a distributed control system or SCADA system by transmitting telemetry data to the system and/or altering the state of connected objects based on control messages received from the system.
SCADA stands for supervisory control and data acquisition. It generally refers to an industrial control system: a computer system monitoring and controlling a process. The process can be industrial, infrastructure or facility-based
Secure Network Packet Transfer System (SNTS)
Ideal for a mixture of UDP and TCP packets, where data format flexibility is a prime consideration. SNTS includes integration with Remote File Transfer Service RFTS, which provides TCP-based file transfer capability.
Secure Operating Systems
Much of this technology is based on science developed in the 1980s and used to produce what may be some of the most impenetrable operating systems ever. Such ultra-strong secure operating systems are based on operating system kernel technology that can guarantee that certain security policies are absolutely enforced in an operating environment.
Management, operational, and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity, and availability of the system and its information. (NIST Special Pub 800-53)
Types and levels of protection necessary for equipment, data, information, applications, and facilities to meet IS security policy.
Security Requirements Baseline
Description of the minimum requirements necessary for an IS to maintain an acceptable level of security.
Common Criteria specification that represents a set of security requirements to be used as the basis of an evaluation of an identified Target of Evaluation (TOE).
Security Test and Evaluation (ST&E) - Examination and analysis of the safeguards required to protect an IS, as they have been applied in an operational environment, to determine the security posture of that system.
Generally an individual, process, or device causing information to flow among objects or change to the system state.
Subject Security Level
Sensitivity label(s) of the objects to which the subject has both read and write access. Security level of a subject must always be dominated by the clearance level of the user associated with the subject.
System Administrator (SA)
Individual responsible for the installation and maintenance of an IS, providing effective IS utilization, adequate security parameters, and sound implementation of established IA policy and procedures.
Attribute of an IS when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
Target of Evaluation (TOE)
IT product or system and its associated administrator and user guidance documentation that is the subject of an evaluation.
The Internet Protocol Suite (commonly known as TCP/IP) is the set of communications protocols used for the Internet and other similar networks. It is named from two of the most important protocols in it: the Transmission Control Protocol (TCP) and the Internet Protocol (IP), which were the first two networking protocols defined in this standard. Today's IP networking represents a synthesis of several developments that began to evolve in the 1960s and 1970s, namely the Internet and LANs (Local Area Networks), which emerged in the mid- to late-1980s, together with the advent of the World Wide Web in the early 1990s.
TCP Packet Transfer System (TPTS)
TCP/IP socket-based communications, including secure printing. TPTS is also capable of moving files and directories when integrated with Owl Remote File Transfer Service RFTS.
TOE Security Functions (TSF)
Set consisting of all hardware, software, and firmware of the TOE that must be relied upon for the correct enforcement of the TSP.
TOE Security Policy (TSP)
Set of rules that regulate how assets are managed, protected, and distributed within the TOE.
The User Datagram Protocol (UDP) is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network without requiring prior communications to set up special transmission channels or data paths. UDP is sometimes called the Universal Datagram Protocol. The protocol was designed by David P. Reed in 1980 and formally defined in RFC 768
UDP Packet Transfer System (UPTS)
UDP socket-based transfer, including streaming video, syslog, SNMP messages.