Definitions Edit

Computer security Edit

Assurance is

the basis for confidence that the security measures, both technical and operational, work as intended to protect the system and the information it processes.[1]
[g]rounds for confidence that the set of intended security controls in an information technology (IT) and industrial control system (ICS) are effective in their application.[2]
[the m]easure of confidence that the security features, practices procedures and architecture of an IT system accurately mediates and enforces the security policy.[3]
[a] measure of confidence that management, operationa and technical controls are operating as intended and achieving the security requirements for the system.[4]
(1.) An attribute of an information system that provides grounds for having confidence that the system operates such that the system security policy is enforced. (2.) A procedure that ensures a system is developed and operated as intended by the system's security policy.[5]

Evidence Edit

Assurance is a measure of certainty that a statement or fact is true.

Security Edit

Assurance is "[g]rounds for confidence that a deliverable meets its security objectives."[6]

Software Edit

Assurance is

[t]he level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted during its life cycle, and that the software functions in the intended manner.[7]

System design Edit

Assurance is

confidence that a system design meets its requirements, or that its implementation meets its specification, or that some specific property is satisfied.[8]

References Edit

  1. NIST Special Publication 800-33, at 3.
  2. Electricity Subsector Cybersecurity Risk Management Process, at 61.
  3. DoD Instruction 5200.40, at 8 (E2.1.5).
  4. Tax Information Security Guidelines For Federal, State and Local Agencies, at 150.
  5. Internet Security Glossary, at 11.
  6. ISO/IEC 15408-1.
  7. Framework for Cyber-Physical Systems, at 6.
  8. Trust in Cyberspace, at 300; Cryptography’s Role in Securing the Information Society, App. B, Glossary, at 353.

See also Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.