Computer security Edit
|“||the basis for confidence that the security measures, both technical and operational, work as intended to protect the system and the information it processes.||”|
|“||[g]rounds for confidence that the set of intended security controls in an information technology (IT) and industrial control system (ICS) are effective in their application.||”|
|“||[the] [m]easure of confidence that the security features, practices procedures and architecture of an IT system accurately mediates and enforces the security policy.||”|
|“||[a] measure of confidence that management, operationa and technical controls are operating as intended and achieving the security requirements for the system.||”|
Assurance is a measure of certainty that a statement or fact is true.
System design Edit
|“||confidence that a system design meets its requirements, or that its implementation meets its specification, or that some specific property is satisfied.||”|
- ↑ NIST Special Publication 800-33, at 3.
- ↑ Electricity Subsector Cybersecurity Risk Management Process, at 61.
- ↑ DoD Instruction 5200.40, at 8 (E2.1.5).
- ↑ Tax Information Security Guidelines For Federal, State and Local Agencies, at 150.
- ↑ ISO/IEC 15408-1.
- ↑ Trust in Cyberspace, at 300; Cryptography’s Role in Securing the Information Society, App. B, Glossary, at 353.