Dictionary entry for technology

NIST updates, expands glossary of security terms

The National Institute of Standards and Technology is updating its Glossary of Key Information Security terms, and has released a draft of the latest revision of Interagency Report 7298.

The glossary contains more than 200 pages of definitions, from “Access” (the ability to make use of any information system resource) to “Zone of Control” (the three-dimensional space surrounding equipment that processes classified and/or sensitive information). It defines the responsibilities of the chief information officer and describes the Security Content Automation Protocol (SCAP) as well as its specifications and languages.

The glossary was compiled in response to requests for a summary of definitions in NIST and other government documents. The terms have been taken from NIST Federal Information Processing Standards (FIPS), the Special Publication (SP) 800 series, NIST Interagency Reports (NISTIRs), and from the Committee for National Security Systems Instruction 4009 (CNSSI-4009).

“The glossary provides a central resource of terms and definitions most commonly used in NIST information security publications and in CNSS information assurance publications,” the authors write.

The glossary includes almost all of the terms from CNSSI 4009, first published in 2006 and updated in 2010.

Because the field of information security evolves quickly, the glossary is intended to be a living document that will be updated online with new terms and definitions as required. Updates will be posted on the Computer Security Resource Center (CSRC) Web site.

All definitions cite authoritative sources in government documents, and although the draft has been released for public comment, “the editor will correct typos, but the content of the definitions will not be changed in this document,” it says.

Comments should be sent by Jan. 15 to [email protected].

About the Author

William Jackson is a Maryland-based freelance writer.


  • 2020 Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected