The IT Law Wiki


32,062pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

General Edit

A capability provides the means to accomplish a mission or function resulting from the performance of one or more critical tasks, under specified conditions, to target levels of performance. A capability may be delivered with any combination of properly planned, organized, equipped, trained, and exercised personnel that achieves the desired outcome.

Security Edit

Capability is

the ability of a suitably organized, trained, and equipped entity to access, penetrate, or alter government or privately owned information or communications systems and/or to disrupt, deny, or destroy all or part of a critical infrastructure.[1]
[a] logically discrete grouping of people, processes, and enabling technologies that produces a discrete output: physical assets, information, relationships, transactions, or knowledge.[2]
[a] protected identifier that both identifies the object and specifies

the access rights to be allowed to the accessor who possesses the capability. In a capability-based system, access to protected objects such as files is granted if the would-be accessor possesses a capability for the object.[3]

References Edit

  1. President's Commission on Critical Infrastructure Protection, Critical Foundations: Protecting America's Infrastructures, Glossary (Oct. 1997) (full-text).
  2. Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise, Glossary, at D-1.
  3. Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).

Also on Fandom

Random Wiki