The IT Law Wiki
Don't have an account?
Register
Advertisement
Register
in: Security, Definition

Accountability

Revision as of 21:51, 19 April 2011 by Mdscott (talk | contribs)
Edit

Computer security

Accountability is "the requirement that actions of an entity may be traced uniquely to that entity."[1] "Accountability is often an organizational policy requirement and directly supports non-repudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action."[2]

Information technology

Accountability is the process of tracing IT activities to a responsible source.

Security

Accountability is

[t]he security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.[3]
[the] [p]rinciple that an individual is entrusted to safeguard and control equipment, keying material, and information and is answerable to proper authority for the loss or misuse of that equipment or information.[4]

References

  1. NIST Special Publication 800-33.
  2. Id.
  3. NIST Special Publication 800-30.
  4. CNSSI-4009, at 2.
Community content is available under CC-BY-SA unless otherwise noted.
Advertisement