lattice-based access control model - A mathematical model that allows a system to easily represent the different security levels and control access attempts based on those levels. Every pair of elements has a highest lower bound and a lowest upper bound of access rights. The classes stemmed from military designations.
LBAC - (Lattice-Based Control Model) - A mathematical model that allows a system to easily represent the different security levels and control access attempts based on those levels. Every pair of elements has a highest lower bound and a lowest upper bound of access rights. The classes stemmed from military designations.
LDAP - (Lightweight Directory Access Protocol) - A directory service based on a subset of the X.500 standard that allows users and applications to interact with a directory.
least privilege - The security principle that requires each subject to be granted the most restrictive set of privileges needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use.
lifecycle - Phases that an asset goes through from creation to destruction.
lifecycle assurance - Confidence that a trusted system is designed, developed, and maintained with formal designs and controls. This includes design specification and verification, implementation, testing, configuration management, and distribution.
Lightweight Directory Access Protocol - A directory service based on a subset of the X.500 standard that allows users and applications to interact with a directory.
link encryption - A type of encryption technology that encrypts packets\' headers, trailers, and the data payload. Each network communications node, or hop, must decrypt the packets to read its address and routing information and then re-encrypt the packets. This is different from end-to-end encryption.
log - A record of actions and events that have taken place on a computer system.
logic bomb - A malicious program that is triggered by a specific event or condition.
logical access control system - Non-physical system that allows access based upon pre-determined policies.
loop coverage - This criterion requires sufficient test cases for all program loops to be executed for zero, one, two, and many iterations covering initialization, typical running, and termination (boundary) conditions.
loss potential - The potential losses that can be accrued if a threat agent actually exploits a vulnerability.