UnderGround Information
UnderGround Information
NCSL BULLETIN
SEPTEMBER, 1990
BIBLIOGRAPHY OF COMPUTER SECURITY GLOSSARIES
Many computer security glossaries and dictionaries have been
published since 1976, when NIST issued Federal Information
Processing Standards Publication (FIPS PUB) 39, "Glossary for
Computer Systems Security." Recognizing the need to update FIPS
PUB 39 and taking advantage of the variety of good glossaries
that are now available from federal government agencies,
industry, standards-making bodies, and other organizations within
the computer security community, NIST has compiled a bibliography
of selected material instead of developing another glossary.
This compilation includes work developed by the Department of
Defense (DoD), the American National Standards Institute (ANSI)
Accredited Standards Committee X3K5, and private sector
organizations. The bibliography includes glossaries that cover a
broad spectrum of computer security terminology and concepts.
The terms defined reflect those commonly used, as well as current
specialized terminology and acronyms. Some are amplified by
illustrations.
The bibliography will assist the security practitioner in
becoming familiar with a variety of glossaries, many of which
point to other reference sources. The bibliography is arranged
in alphabetical order by title, indicating the author or work of
an organization and a brief narrative by which the reader may
select the most appropriate glossary.
"Computer Security Terms, Abbreviations, and Acronyms"
AFSSM 5000, Department of the Air Force, Air Force Systems
Security Memoranda, July 31, 1989 (Draft). This glossary
will be released in 1991.
This 84-page glossary was developed for the U.S. Air Force.
Many of its terms and definitions are consistent with those
in use in other defense and civilian federal government
agencies.
"Data & Computer Security - Dictionary of Standards Concepts and
Terms"
Dennis Longley and Michael Shain, Macmillan Publishers Ltd.,
1987. Order copies from CRC Press, Inc., 2000 Corporate
Blvd., N.W., Boca Raton, FL 33431.
This document contains 376 pages and approximately 4,000
terms. The dictionary provides in-depth definitions and
descriptions of computer security terms and concepts.
Extensive cross-referencing of terms allows users to compare
or contrast terms and definitions. The many illustrations,
models, and diagrams further assist users in understanding
more complex computer security concepts. The dictionary
provides multiple definitions for most of its terms.
"Datapro Reports on Information Security"
McGraw-Hill, Datapro Research, October 1989. Send
subscription requests to McGraw-Hill, Datapro Research,
Delran, NJ 08075.
This glossary contains over 1,000 terms and definitions.
Although developed by a private sector organization, the
publication contains many terms and definitions that are
consistent with those used throughout federal government
agencies.
"Glossary of Computer Security Terminology"
National Telecommunications and Information Systems Security
Committee (NTISSC), September 11, 1987. When the draft is
finalized, the document will be available through the
Superintendent of Documents, U.S. Government Printing
Office, Washington, DC 20402.
This 125-page draft glossary is composed largely of terms
and definitions taken from official documents of U.S.
government departments and agencies, although some
definitions have been provided by private sector
organizations. The glossary contains multiple definitions
for most of its terms.
"Glossary of Computer Security Terminology"
Douglass L. Mansur (work performed under the auspices of the
U.S. Department of Energy by the Lawrence Livermore National
Laboratory under Contract No. W-7405-Eng-48) and Maj. Mary
C. Curtis, U.S. Air Force, HQ/SCTT. Requests for copies
should be sent to Douglass L. Mansur, Lawrence Livermore
National Laboratory, L-303, P.O. Box 808, Livermore, CA
94550.
This glossary contains approximately 750 computer security
terms. Its definitions are taken from official documents of
departments and agencies of the U.S. government as well as
private sector organizations. The glossary contains
multiple definitions for most of its terms.
"Glossary of Computer Security Terms"
NCSC-TG-004, Version-1, October 21, 1988, National Computer
Security Center (NCSC). Copies may be ordered from the
Superintendent of Documents, Congressional Sales Office,
U.S. Government Printing Office, Washington, DC 20402.
This glossary contains approximately 300 terms and
definitions and is issued by the National Computer Security
Center. It is intended for use by U.S. government agencies
or contractors that apply the criteria of DoD Directive
5200.28-STD, "DoD Trusted Computer System Evaluation
Criteria" in the use of their computer systems.
"Supplement A: Computer Security - Results of 179th Meeting,
March 16, 1990"
ANSI Accredited Standards Committee X3K5, Computer Security
Supplement (Draft) to the American National Standard
Dictionary for Information Systems.
This document, currently in draft, contains brief
definitions of approximately 250 computer security terms.
The ANSI Accredited Standards Committee X3K5 has yet to
decide if the document will be published separately or will
be included in the "American National Dictionary for
Information Processing Systems."
"Tutorial - Computer and Network Security"
Marshall D. Abrams and Harold J. Podell, IEEE Computer
Society Order Number 756, Library of Congress Number 86-
46217, IEEE Catalog Number EH0255-0, ISBN 0-8186-0756-4,
published by IEEE Computer Society Press. Copies can be
ordered from the IEEE Computer Society, P.O. Box 80452,
Worldway Postal Center, Los Angeles, CA 90080.
This brief glossary is in the form of an index to a tutorial
and provides definitions for approximately 250 network and
computer security terms. The glossary addresses civil
government, military (unclassified but sensitive), and
private sector use of computer security terminology. The
glossary contains multiple definitions for some of its
terms.