Authentication

1. Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system. (SP 800-53; SP 800-53A; SP 800-27; FIPS 200; SP 800-30) (NISTIR). Audit trails may include event logs, paper records, error messages, and reports.

Source: Election Terminology Glossary - Draft, National Institute of Standards and Technology (NIST), https://pages.nist.gov/ElectionGlossary/; The Cyber Glossary, National Security Archive, George Washington University, https://nsarchive.gwu.edu/news/cyber-vault/2018-09-19/cyber-glossary; The State and Local Election Cybersecurity Playbook, Defending Digital Democracy Project, Harvard Kennedy School Belfer Center for Science and International Affairs, https://www.belfercenter.org/sites/default/files/files/publication/StateLocalPlaybook%201.1.pdf

2. The process of identifying a user, usually by means of a username and password combination. Election systems use authentication methods to assure that only those users with appropriate authority are permitted access to the system. Authentication schemes should not permit group logins.

Source: Information Technology Terminology, U.S. Election Assistance Commission, https://www.eac.gov/documents/2017/09/21/information-technology-terminology-security

3. The process whereby a user, information source, or simply information proves they are who they claim to be; the process of determining the identity of a user attempting to access a network and/or computer system. (Newton’s Telecom Dictionary) .

Source: NSTAC Report to the President on a Cybersecurity Moonshot, National Security Telecommunications Advisory Committee (NSTAC), https://www.dhs.gov/sites/default/files/publications/NSTAC_CyberMoonshotReport_508c.pdf

4. Verification of the true source of a message or identity of its sender.

Source: Electronic Voting Glossary Electronic Voting Glossary, Michael I. Shamos, https://collaborate.nist.gov/voting/pub/Voting/Glossary/Shamos-Election-Glossary.pdf

5. The process of verifying the source and integrity of data.

Source: Explore Terms: A Glossary of Common Cybersecurity Terminology, National Initiative for Cybersecurity Careers and Studies (NICCS), https://niccs.us-cert.gov/about-niccs/glossary

6. A security measure designed to protect a communications system against acceptance of a fraudulent transmission or simulation by establishing the validity of a transmission, message, or originator;

7. A means of identifying individuals and verifying their eligibility to receive specific categories of information;

8. Evidence by proper signature or seal that a document is genuine and official;

Source: Terms & Definitions of Interest for DoD Counterintelligence Professionals, Office of the National Counterintelligence, https://www.dni.gov/files/NCSC/documents/ci/CI_Glossary.pdf

9. The process of identifying an individual as an eligible voter (may include confirming whether or not an individual has previously voted in the same election).

Source: Independent Panel on Internet Voting, British Columbia, https://elections.bc.ca/docs/recommendations-report.pdf