The knowledge base uses many acronyms and abbreviations in the construction of identifiers for environment statements. They are pretty much all listed below.
Abbreviation | Meaning |
A. |
General Assumption |
Ac., AC. | Assumption Category |
AC | Access Control |
Acc, Acs | Access |
Acct, Account | Accountability |
Acnts | Accounts |
Act | Activity |
Adm, Admin | Administrator |
Agg | Aggregate |
Agnst | Against |
AIS | Automated Information System |
Assur | Assurance |
Atk | Attack |
Att, Attr | Attribute |
Aud | Audit |
Auth, Authentic | Authentication, Authorization |
Avl | Availability |
Buff | Buffer |
Chsn | Chosen |
Clr | Clear |
Cntd | Continued |
Col | Collect |
Comm | Communication |
Comp | Component |
Conf, Cnf | Confidentiality |
Config | Configuration |
Coop | Cooperative |
Cor | Corruption |
Crypto | Cryptographic |
Ctrl | Control |
Cy | Cipher |
Da., DA. | Detailed Attack |
DataAps | Data or Applications |
Dect | Detection |
Dev, Devr | Develop |
Disp | Display |
DKOR | Domain Knowledge Observation Report |
Doc, Docs | Documentation |
DOD | Department of Defense |
DoS | Denial of service |
Downld | Download |
Dp., DP. | Detailed Policy |
DS | Distributed System |
Dsgn | Design |
Dstr | Destruction |
EAL | Evaluated Assurance Level |
Eaves | Eavesdropping |
Eman | Emanate |
EMSEC | Emanations security |
Eng | Engineering |
Env | Environment |
Err | Error |
Exam | Examine |
Exch | Exchange |
Exe | Execute |
Exhst | Exhaustion |
Exp | Export |
Ext, Extern | External |
FC | Flawed Code |
Func | Function |
FW | Firmware |
Gen | Generation |
Hack | Hacker (hostile outsider) |
Hi | Hijacker |
Hstl | Hostile |
HW | Hardware |
I&A | Identification and Authentication |
I/O | Input / Output |
ID, Ident | Identification |
IF | Interface |
IFC | Information Flow Control |
Imp | Import |
Impl | Implementation |
Inf, Info | Information |
Int | Internal |
Integ | Integrity |
Intel | Intelligible |
Interfer | Interference |
Interp | Interpretation |
Intrc | Intercept |
ISO | International Standards Organization |
IT | Information Technology |
Loc | Local |
Maint | Maintenance |
Mal | Malicious |
Man, Mng | Manage, Management |
Mark | Marking |
Masq | Masquerade |
Med | Hacker |
Mgt | Management |
Misconfig | Misconfigure |
Mod | Modification |
Msg, Msng | Message |
MsgHdr | Message Header |
MsgMod | Message Modification |
Mult | Multiple |
NIAP | National Information Assurance Partnership |
NIST | National Institute of Standards and Technology |
NSA | National Security Agency |
O., Obj | Objective |
Obst | Obstruct |
Om | Omission |
Oper | Operation |
Out | Outside, Outsider |
Ovld | Overload |
Ovrwrit | Overwritten |
P. | General Policy |
PAA | Profile Author's Assistant |
Parm | Parameter |
Pc., PC. | Policy Category |
Phys | Physical |
Plcy | Policy |
Pln | Plain, Plaintext |
PP | Protection Profile |
Prcsr | Processor |
Pres | Presentation |
Priv, Prvlg | Privileged |
Procs | Procedures |
Prot | Protect |
Prvnt | Prevent |
Pwr | Power |
Rcv | Receive |
Rcvd | Received |
Rcvr | Receiver |
Recd | Received |
Recov | Recover |
Rem | Remote |
Rep | Replication |
Reqs | Requirements |
Res, Resc | Resource |
Resid | Residual |
Sec | Security |
Slf | Self |
Snd | Send |
Snt | Sent |
Soc | Social |
SP | Self-protection |
SQL | Sequel Query Language |
SRI | Stanford Research Institute |
ST | Security Target |
Steg, Sten | Steganography |
Stg | Storage |
Subj | Subject |
SW | Software |
Sys | System |
T. | General Threat |
Tc., TC. | Threat Category |
TCB | Trusted Computing Base (obsolescent) |
TOE | Target of Evaluation |
Trans | Transfer |
TSC | TOE Scope of Control |
TSF | TOE Security Functions |
TSFI | TSF Interface |
TSP | TOE Security Policy |
TOE | Target of Evaluation |
Txt | Text |
Uloc | User (local) |
Unauth | Unauthorized |
Urem | User (remote) |
USB | User-Subject Binding |
Usr | User |
Uwkstn | User Workstation |
Val | Validation |
Vul | Vulnerability |
Wauth | Weak Authentication |
Xpt | Export |