Glossary

Access audit: the process to determine what access each individual should have based on the data provided by the Person Registry and the current security policies.

Access control: the act of limiting access to information system resources only to authorized users, programs, processes, or other systems.

Access control models: a description of the availability of resources in a system.

Access control list: a list of permissions attached to specified objects. Often abbreviated as ACL.

Access management system: the policies, procedures and applications which take the data from the Person Registry and the Systems of Record to make decisions on granting access to resources.

Access registry: a utility that provides security administrators with a single view of an individual's accounts and permissions across the entire organization.

Action: the activity performed by the agent in order to affect the confidentiality, integrity, or availability of the asset.

Active Directory: the collection of technologies that provide centralized user management and access control across all computers that are “members” of the domain.

Active Directory Federation Services: a service that extends the Active Directory system to support federated access to local and external resources using SAML and related protocols. Commonly abbreviated as ADFS.

Advanced persistent threat: a sustained, human-intensive attack that leverages the full range of computer intrusion techniques.

Anomaly-based detection: