A capability provides the means to accomplish a mission or function resulting from the performance of one or more critical tasks, under specified conditions, to target levels of performance. A capability may be delivered with any combination of properly planned, organized, equipped, trained, and exercised personnel that achieves the desired outcome.
"[A] capability is the quality of being able to perform a given activity."
|“||the ability of a suitably organized, trained, and equipped entity to access, penetrate, or alter government or privately owned information or communications systems and/or to disrupt, deny, or destroy all or part of a critical infrastructure.||”|
|“||[a] logically discrete grouping of people, processes, and enabling technologies that produces a discrete output: physical assets, information, relationships, transactions, or knowledge.||”|
|“||[a] protected identifier that both identifies the object and specifies
the access rights to be allowed to the accessor who possesses the capability. In a capability-based system, access to protected objects such as files is granted if the would-be accessor possesses a capability for the object.
- Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT), at 4 n.2.
- President's Commission on Critical Infrastructure Protection, Critical Foundations: Protecting America's Infrastructures, Glossary (Oct. 1997) (full-text).
- Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise, Glossary, at D-1.
- Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).