External Nist Glossary

[ A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z ]

ADC: Term found but the definition does not exist yet.
agency: Any executive department, military department, government corporation, government controlled corporation, or other establishment in the executive branch of the government (including the Executive Office of the President), or any independent regulatory agency, but does not include: (i) the Government Accountability Office; (ii) the Federal Election Commission; (iii) the governments of the District of Columbia and of the territories and possessions of the United States, and their various subdivisions; or (iv) government-owned contractor-operated facilities, including laboratories engaged in national defense research and production activities.
AID: A globally unique identifier of a card application as defined in ISO/IEC 7816-4.
API: A system access point or library function that has a well-defined syntax and is accessible from application programs or user code to provide well-defined functionality.
authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator
BFT: Term found but the definition does not exist yet.
binding: Process of associating two related elements of information.
CBOR: Term found but the definition does not exist yet.
claim: A true-false statement about the limitations on the values of an unambiguously defined property called the claims property; and limitations on the uncertainty of the propertys values falling within these limitations during the claims duration of applicability under stated conditions.
collision: An event in which two different messages have the same message digest.
credential: Evidence attesting to ones right to credit or authority. In this Standard, it is the PIV Card or derived PIV credential associated with an individual that authoritatively binds an identity (and, optionally, additional attributes) to that individual.
CRUD: Term found but the definition does not exist yet.
CT: A framework for publicly logging the existence of Transport Layer Security (TLS) certificates as they are issued or observed in a manner that allows anyone to audit CA activity and notice the issuance of suspect certificates as well as to audit the certificate logs themselves. (Experimental RFC 6962)
DAG: Term found but the definition does not exist yet.
DAR: Term found but the definition does not exist yet.
DID: Term found but the definition does not exist yet.
domain: A set of elements, data, resources, and functions that share a commonality in combinations of (1) roles supported, (2) rules governing their use, and (3) protection needs.
HSM: Term found but the definition does not exist yet.
IANA: Term found but the definition does not exist yet.
identity: Unique group element \(0\) for which \(x+0=x\) for each group element \(x\), relative to the binary group operator \(+\).
issuer: The organization that is issuing the PIV Card to an applicant. Typically, this is an organization for which the applicant is working.
JOSE: Term found but the definition does not exist yet.
JSON: Term found but the definition does not exist yet.
key: A parameter used in conjunction with a cryptographic algorithm that determines the specific operation of that algorithm.
MFA: Authentication using two or more factors to achieve authentication. Factors include: (i) something you know (e.g., password/personal identification number [PIN]); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric).
NFT: An owned, transferable, and indivisible data record that is a digital representation of a physical or virtual linked asset. The data record is created and managed by a smart contract on a blockchain.
P2P: Term found but the definition does not exist yet.
party: An individual (person), organization, device, or a combination thereof. In this Recommendation, an entity may be a functional unit that executes certain processes.
PGP: Term found but the definition does not exist yet.
PKI: The architecture, organization, techniques, practices, and procedures that collectively support the implementation and operation of a certificate-based public key cryptographic system. Framework established to issue, maintain, and revoke public key certificates.
PRNG: A deterministic computational process that has one or more inputs called "seeds", and it outputs a sequence of values that appears to be random according to specified statistical tests. A cryptographic PRNG has the additional property that the output is unpredictable, given that the seed is not known.
revocation: The process of permanently ending the binding between a certificate and the identity asserted in the certificate from a specified time forward.
RID: Term found but the definition does not exist yet.
SAD: Term found but the definition does not exist yet.
salt: As used in this Recommendation, a byte string (which may be secret or non-secret) that is used as a MAC key by either: 1) a MAC-based auxiliary function H employed in one-step key derivation or 2) a MAC employed in the randomness-extraction step during two-step key derivation.
security: A condition that results from the establishment and maintenance of protective measures that enable an organization to perform its mission or critical functions despite risks posed by threats to its use of systems. Protective measures may involve a combination of deterrence, avoidance, prevention, detection, recovery, and correction that should form part of the organizations risk management approach.
sniffer: See packet sniffer and passive wiretapping.
SSI: Term found but the definition does not exist yet.
TCP: TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees the delivery of data and also guarantees that packets will be delivered in the same order in which they were sent.
TEE: An area or enclave protected by a system processor.
TPM: Term found but the definition does not exist yet.
TSP: Term found but the definition does not exist yet.
UI: The physical or logical means by which users interact with a system, device or process.
URL: A uniform resource locator, or URL, is a short string containing an address which refers to an object in the "web." URLs are a subset of URIs.
VC: Term found but the definition does not exist yet.
VDS: Term found but the definition does not exist yet.
verifier: An entity that verifies the claimants identity by verifying the claimants possession and control of a token using an authentication protocol. To do this, the Verifier may also need to validate credentials that link the token and identity and check their status.
witness: An appropriately cleared (if applicable) and designated individual, other than the COMSEC Account Manager, who observes and testifies to the inventory or destruction of COMSEC material.