Wednesday, December 26, 2012

NIST glossary

NIST Updates their IT Security Glossary


The National Institute for Standards and Technology recently updated their glossary in Interagency Report 7298.  The report is great, not only does the document provide a definition of the term, it also provides the source of the term.

A few terms I hadn't seen previously include "No-Lone Zone (NLZ)" which is a term that defines an "area, room or space that, when staffed, must be occupied by two or more appropriately cleared individuals who remain within sight of each other."  The term has to do with information assurance and protection of data.  In a NLZ, two authorized individuals who act as a check and balance system to protect the integrity of data by verifying that tasks are completed appropriately and all safety requirements are completed.  The two people verify that the other person completed the tasks as ordered.

This document may be a great way for people new to the IT Security area to find out what a term means then the individual can refer to the source document to get additional details.  The source document is CNSSI-4009.  I googled CNSSI-4009 and found references to CNSS.gov.  CNSS is the Committee on National Security Systems.  CNSSI-4009 is the National Information Assurance Glossary that was last revised in April of 2010.  The information in this glossary was exactly what was posted in the NIST glossary.  I did a little more research and found this image (source:  http://commons.wikimedia.org/wiki/File:No_lone_zone.jpg)
A little more research provided me with a wikipedia site that told me that the Two-Man rule was used for the protection of nuclear weapons, (as in the Minuteman Missile sites where two people were required to launch a nuclear weapon) and to protect COMSEC materials and manuals.

I bookmarked this website.  This is a nice reference when looking for information or even to learn about something new.

No comments:

Post a Comment