GIST v0.7 ― U
“UDP” to “UTCTime”
U
-
- UDP n.
-
See: User Datagram Protocol.
-
- UID n.
-
See: (secondary definition under) userid.
-
- ultimate SOAP receiver n.
-
OASIS SAML 2.0 (2005)
-
The SOAP receiver that is a final destination of a SOAP message. It is responsible for processing the contents of the SOAP body and any SOAP header blocks targeted at it. In some circumstances, a SOAP message might not reach an ultimate SOAP receiver, for example because of a problem at a SOAP intermediary. An ultimate SOAP receiver cannot also be a SOAP intermediary for the same SOAP message. [WSGloss]
-
- ultra-high frequency (UHF) n.
-
SCA ISCTAG (2007)
-
Radio frequencies (RF) between 300 MHz and 3 GHz. When used in an RF-based identification system, the UHF frequency range is typically from 860 to 960 MHz.
-
- ultrasound adj.
-
iAfB-ICSA 1999
-
A technique for finger image capture that uses acoustic waves to measure the density of a finger image pattern. (See: biometric characteristic.)
-
- unauthorized access n.
-
NIST IR 7298 (2006)
-
SP 800-61
-
A person gains logical or physical access without permission to a network, system, application, data, or other resource.
-
FIPS 191
-
Occurs when a user, legitimate or unauthorized, accesses a resource that the user is not permitted to use.
-
- unauthorized disclosure n.
-
NIST IR 7298 (2006)
-
SP 800-57; CNSSI-4009 Adapted
-
An event involving the exposure of information to entities not authorized access to the information.
-
- unclassified n.
-
RFC 2828 (2000)
-
(I) Not classified.
-
- unencrypted n.
-
RFC 2828 (2000)
-
(I) Not encrypted.
-
- unforgeable n.
-
RFC 2828 (2000)
-
(I) cryptographic usage: The property of a cryptographic data structure (i.e., a data structure that is defined using one or more cryptographic functions) that makes it computationally infeasible to construct (i.e., compute) an unauthorized but correct value of the structure without having knowledge of one of more keys. (e.g., see: digital certificate.)
-
(C) This definition is narrower than general English usage, where unforgeable means unable to be fraudulently created or duplicated. In that broader sense, anyone can forge a digital certificate containing any set of data items whatsoever by generating the to-be-signed certificate and signing it with any private key whatsoever. But for PKI purposes, the forged data structure is invalid if it is not signed with the true private key of the claimed issuer; thus, the forgery will be detected when a certificate user uses the true public key of the claimed issuer to verify the signature.
-
- unidentified biometric data n.
-
JTC 1/SC 37 (2008)
-
Biometric data whose biometric data subject is currently unknown.
-
- uniform resource identifier (URI) n.
-
See also: URI reference.
-
RFC 2828 (2000)
-
(I) A type of formatted identifier that encapsulates the name of an Internet object, and labels it with an identification of the name space, thus producing a member of the universal set of names in registered name spaces and of addresses referring to registered protocols or name spaces. [R1630]
-
(C) URIs are used in HTML to identify the target of hyperlinks. In common practice, URIs include uniform resource locators [R2368] and relative URLs, and may be URNs. [R1808]
-
OASIS SAML 2.0 (2005)
-
A compact string of characters for identifying an abstract or physical resource. [RFC2396] URIs are the universal addressing mechanism for resources on the World Wide Web. Uniform Resource Locators (URLs) are a subset of URIs that use an addressing scheme tied to the resource’s primary access mechanism, for example, their network “location”.
-
- uniform resource locator (URL) n.
-
RFC 2828 (2000)
-
(I) A type of formatted identifier that describes the access method and location of an information resource object on the Internet. [R1738]
-
(C) A URL is a URI that provides explicit instructions on how to access the named object. For example, ftp://bbnarchive.bbn.com/foo/bar/picture/cambridge.zip is a URL. The part before the colon specifies the access scheme or protocol, and the part after the colon is interpreted according to that access method. Usually, two slashes after the colon indicate the host name of a server (written as a domain name). In an FTP or HTTP URL, the host name is followed by the path name of a file on the server. The last (optional) part of a URL may be either a fragment identifier that indicates a position in the file, or a query string.
-
- uniform resource name (URN) n.
-
RFC 2828 (2000)
-
(I) A URI that has an institutional commitment to persistence and availability.
-
- unilateral authentication n.
-
SC 27 SD 6 (2002)
-
ISO/IEC 9798-1: 1997
-
Entity authentication which provides one entity with assurance of the other’s identity but not vice versa.
-
Compare: mutual authentication.
-
- unique identity n.
-
modonisIDM (2005)
-
Definition: A unique identity is a partial identity in which at least a part of the attributes are identifiers.
-
Since at least some of the attributes (or combinations thereof) are identifiers, the entity can be uniquely identified through the unique identity within a certain context. A unique identifier is an identifier such as a unique number or any set of attributes that allows one to determine precisely who or what the entity is.
-
- Universal Serial Bus (USB) n.
-
SCA ISCTAG (2007)
-
. A serial bus standard to interface devices.
-
- unsigned data n.
-
NIST IR 7298 (2006)
-
FIPS 196
-
Data included in an authentication token, in addition to a digital signature.
-
- untrusted process n.
-
RFC 2828 (2000)
-
(I) A system process that is not able to affect the state of system security through incorrect or malicious operation, usually because its operation is confined by a security kernel. (See: trusted process.)
-
- UORA n.
-
See: user-PIN ORA.
-
- update n.
-
See: certificate update and key update.
-
- URI n.
-
See: uniform resource identifier.
-
- URI reference n.
-
OASIS SAML 2.0 (2005)
-
A URI that is allowed to have an appended number sign (#) and fragment identifier. [RFC2396] Fragment identifiers address particular locations or regions within the identified resource.
-
- URL n.
-
See: uniform resource locator.
-
- URN n.
-
See: uniform resource name.
-
- USB n.
-
See: Universal Serial Bus.
-
- user n.
-
iAfB-ICSA 1999
-
The client to any biometric vendor. The user must be differentiated from the end user and is responsible for managing and implementing the biometric application rather than actually interacting with the biometric system.
-
Note that this differs from the sense in other definitions… iAfB-ICSA uses end user for that sense.
-
RFC 2828 (2000)
-
(I) A person, organization entity, or automated process that accesses a system, whether authorized to do so or not. (See: [R2504].)
-
(C) Any ISD that uses this term SHOULD provide an explicit definition, because this term is used in many ways and can easily be misunderstood.
-
BEM 2002
-
A person who requires access to the the portal which is protected by a biometric system.
[≢ biometric data subject]
-
SC 27 SD 6 (2002)
-
ISO/IEC 15408-1: 1999
-
Any entity (human user or external IT entity) outside the TOE that interacts with the TOE.
-
OASIS SAML 2.0 (2005)
-
A natural person who makes use of a system and its resources for any purpose [SAMLAgree]
-
NIST IR 7298 (2006)
-
SP 800-53; FIPS 200; CNSSI-4009
-
Individual or (system) process authorized to access an information system.
-
FIPS 140-2
-
An individual or a process (subject) acting on behalf of the individual that accesses a cryptographic module in order to obtain cryptographic services.
-
JTC 1/SC 37 (2006⇒2008)
-
user (of a biometric system)
-
Any person or organization interacting in any way with a biometric system.
-
Note: When discussing a particular class of persons users involved with biometric systems, the specific term for that class should be used. For example, those persons whose biometric data is being collected should be referred to as biometric capture subjects.
-
- user account n.
-
See: profile.
-
- user account management n.
-
NIST IR 7298 (2006)
-
SP 800-12
-
account management, user
-
Involves:
-
the process of requesting, establishing, issuing, and closing user accounts;
-
tracking users and their respective access authorizations; and
-
managing these functions.
-
See also: identity and access management, identity management.
-
- user data n.
-
SC 27 SD 6 (2002)
-
ISO/IEC 15408-1: 1999
-
Data created by and for the user, that does not affect the operation of the TSF.
-
- user database n.
-
UNIX2:1997
-
A system database of implementation-dependent format that contains at least the following information for each user ID:
-
User name
-
Numerical user ID
-
Initial numerical group ID
-
Initial working directory
-
Initial user program
[more]
-
- User Datagram Protocol (UDP) n.
-
RFC 2828 (2000)
-
(I) An Internet Standard protocol [R0768] that provides a datagram mode of packet-switched computer communication in an internetwork.
-
(C) UDP is a transport layer protocol, and it assumes that IP is the underlying protocol. UDP enables application programs to send transaction-oriented data to other programs with minimal protocol mechanism. UDP does not provide reliable delivery, flow control, sequencing, or other end-to-end services that TCP provides.
-
- userid n., - user ID n., - user identification n., - user identifier n.
-
UNIX2:1997
-
user ID
-
A non-negative integer that is used to identify a system user. When the identity of a user is associated with a process, a user ID value is referred to as a real user ID, an effective user ID or a saved set-user-ID.
-
ISO/IEC 2382-8:1998
-
user ID, user identification
-
A character string or pattern that is used by a data processing system to identify a user.
-
RFC 2828 (2000)
-
userid, user ID, user identifier
-
(I) A character string or symbol that is used in a system to uniquely name a specific user or group of users.
-
(C) Often verified by a password in an authentication process.
-
Some data processing systems and access control services use a single unique identifier for each user. Others use different “external” and “internal” identifiers, the former used by the user to login and the latter used by the system, one or both of which will be unique, and one or both of which can be used to assign resource access, ownership, etc.
-
|
System
|
Common Name
|
External (Login) ID
|
Internal ID
|
|
RACF
|
name, user name (also pgmrname for programmer name)
|
user ID, userid
|
|
CA-ACF2
|
name, user name
|
logonid (LID)
|
user identification string (UID) *
|
|
* A UID is dynamically built from from fields in the logonid record according to customizable rules. CA strongly recommends that a UID ends with the user’s logonid, but this is not mandatory, so a UID may be non-unique. A UID can identify a user or a group of users in CA-ACF2 rules. UID masks containing wildcards allow users with unique UIDs to be grouped.
|
|
CA-Top Secret
|
name
|
accessor identifier (ACID) *
|
|
* Strictly a User ACID (or a Control ACID for an administrator), as ACIDs are also used for groups and other objects.
|
|
Windows NT
|
full name
|
username, user name
|
security identifier (security ID, SID)
|
|
Windows 2000 (Active Directory)
|
full name
|
user logon name pre-Windows 2000 user logon name (security account manager account name) user principal name = user logon name + @ + user principal name suffix
|
security identifier (security ID, SID) globally unique identifier (globally unique ID, GUID)
|
|
Unix OSes
|
full name (for historical reasons, also known as the GECOS or GCOS field)
|
login name, user name
|
user ID (UID) *
|
|
* UID is set with a useradd or a usermod command using the -u uid option. The uid value must be unique unless the -o (override) option is used. Users sharing a UID share ownership of and access to HFS files and directories. In Solaris, UID 0 is root, 1 is daemon, 2 is bin, 3-99 are reserved for other system accounts, 60001 is nobody (any unauthenticated user), and 60002 is noaccess.
|
|
i5/OS (formerly OS/400)
|
text or user description
|
name or user ID
|
user identification number (uid)
|
-
See also: identifier.
-
- user initialization n.
-
NIST IR 7298 (2006)
-
SP 800-57
-
A stage in the lifecycle of keying material; the process whereby a user initializes its cryptographic application (e.g., installing and initializing software and hardware).
-
- user name n., - username n. (may be capitalized)
-
UNIX2:1997
-
A string that is used to identify a user, as described in user database. To be portable across XSI-conformant systems, the value must be composed of characters from the portable filename character set. The hyphen should not be used as the first character of a portable user name.
-
! Either something like a userid (as in the UNIX definition above) or a user’s common name. It would be useful to avoid this ambiguity but user name and/or username in either sense is the established canonical usage in one system or another.
-
- user PIN n.
-
RFC 2828 (2000)
-
(O) MISSI usage: One of two personal identification numbers that control access to the functions and stored data of a FORTEZZA PC card. Knowledge of the user PIN enables the card user to perform the FORTEZZA functions that are intended for use by an end user. (See: SSO PIN.)
-
- user-PIN ORA (UORA) n.
-
RFC 2828 (2000)
-
(O) A MISSI organizational RA that operates in a mode in which the ORA performs only the subset of card management functions that are possible with knowledge of the user PIN for a FORTEZZA PC card.(See: no-PIN ORA, SSO-PIN ORA.)
-
- user profile n.
-
See: profile.
-
- user record n.
-
See: profile.
-
- user registration n.
-
See: registration.
-
- usurpation n.
-
See: (secondary definition under) threat consequence.
-
- UTCTime n.
-
RFC 2828 (2000)
-
(N) The ASN.1 data type UTCTime contains a calendar date (YYMMDD) and a time to a precision of either one minute (HHMM) or one second (HHMMSS), where the time is either (a) Coordinated Universal Time or (b) the local time followed by an offset that enables Coordinated Universal Time to be calculated. Note: UTCTime has the Year 2000 problem. (See: Coordinated Universal Time, GeneralizedTime.)
