domain

An environment or context that (a) includes a set of system resources and a set of system entities that have the right to access the resources and (b) usually is defined by a security policy, security model, or security architecture. (See: CA domain, domain of interpretation, security perimeter. Compare: COI, enclave.)

Tutorial: A "controlled interface" or "guard" is required to transfer information between network domains that operate under different security policies.

A set of users, their information objects, and a common security policy. [DoD6, SP33]

A system or collection of systems that (a) belongs to a community of interest that implements a consistent security policy and (b) is administered by a single authority.

An operating state or mode of a set of computer hardware.

Tutorial: Most computers have at least two hardware operating modes [Gass]:

• "Privileged" mode: a.k.a. "executive", "master", "system", "kernel", or "supervisor" mode. In this mode, software can execute all machine instructions and access all storage locations.
• "Unprivileged" mode: a.k.a. "user", "application", or "problem" mode. In this mode, software is restricted to a subset of the instructions and a subset of the storage locations.

"A distinct scope within which certain common characteristics are exhibited and common rules are observed." [CORBA]

The domain of a MISSI CA is the set of MISSI users whose certificates are signed by the CA.

That part of the tree-structured name space of the DNS that is at or below the name that specifies the domain. A domain is a subdomain of another domain if it is contained within that domain. For example, D.C.B.A is a subdomain of C.B.A

An administrative partition of a complex distributed OSI system.