A capability provides the means to accomplish a mission or function resulting from the performance of one or more critical tasks, under specified conditions, to target levels of performance. A capability may be delivered with any combination of properly planned, organized, equipped, trained, and exercised personnel that achieves the desired outcome.
|“||the ability of a suitably organized, trained, and equipped entity to access, penetrate, or alter government or privately owned information or communications systems and/or to disrupt, deny, or destroy all or part of a critical infrastructure.||”|
|“||[a] logically discrete grouping of people, processes, and enabling technologies that produces a discrete output: physical assets, information, relationships, transactions, or knowledge.||”|
|“|| [a] protected identifier that both identifies the object and specifies
the access rights to be allowed to the accessor who possesses the capability. In a capability-based system, access to protected objects such as files is granted if the would-be accessor possesses a capability for the object.
- ↑ President's Commission on Critical Infrastructure Protection, Critical Foundations: Protecting America's Infrastructures, Glossary (Oct. 1997) (full-text).
- ↑ Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise, Glossary, at D-1.
- ↑ Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).