A property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information.

Extended Definition: Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.

Adapted from: CNSSI 4009, NIST SP 800-53 Rev 4, 44 U.S.C., Sec 3542

Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies ( as of 11 November 2015, Global Standards



Property that information is not made available or disclosed to unauthorized individuals, entities, or processes.

Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global Standards



assurance that information is not disclosed to unauthorized individuals, processes, or devices [9].

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standards

Comments are closed.