[Data Security] Acronym for Authentication, Authorization, and Accounting.


[Data Security] The opportunity to make use of an information system resource.

access control

[File System] [Data Security] The granting or withholding of a service or access to a resource to a requestor based on the identity of the principal for which the requestor is acting.

Access Control Entry (ACE)

[File System] [Data Security] A single entry in an Access Control List, which either denies or grants access to a given resource by one principal (a user or a group of users and/or groups).

Access Control List (ACL)

[File System] [Data Security] A persistent list, commonly composed of Access Control Entries (ACEs), that enumerates the rights of principals (users and groups of users and/or groups) to access resources.

access control mechanism

[Data Security] Security safeguards (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) designed to detect and deny unauthorized access and permit authorized access to an information system. [CNSSI-4009]

access fairness

[Fibre Channel] A process by which nodes are provided access to a Fibre Channel arbitrated loop independently of other nodes' activity.

access method

1. [Operating System] The means used to access a physical transmission medium in order to transmit data.

2. [Operating System] In IBM Corporation's OS/390 operating system and its precursors, a file organization method, such as sequential, random, indexed, etc., and the operating system software used to implement it.

access path

[Storage System] The combination of adapters, addresses and routes through a switching fabric used by a computer to communicate with a storage device.

Some configurations support multiple access paths to a single device. See multi-path I/O.


[Data Security] An established relationship between a principal and a computer, network or service.


1. [Data Security] The property enabling individuals’ activities on a system to be linked back to them as individuals in such a way that there is little possibility for them to deny responsibility for their activities.

2. [Data Security] The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports non-repudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action. [NIST SP 800-27]


[File System] [Data Security] Acronym for Access Control Entry.


[File System] [Data Security] Acronym for Access Control List.


[Data Recovery] Acronym for Automated Cartridge System.


1. [Fibre Channel] The state of a Fibre Channel Sequence Initiator between the start of transmission of the first data frame of a sequence and the completion of transmission of the last data frame in the sequence.

2. [Fibre Channel] The state of a Fibre Channel Sequence Recipient between the start of reception of the first data frame of a sequence and the completion of reception of the last data frame in the sequence.

active-active (components, controllers)

[Storage System] Synonym for dual active components or controllers.

Active archive

[Long term retention] A long-term data retention system that allows online access to retained file and object data.

active component

[Storage System] A system component that requires electrical power to operate, such as a power supply, fan, or controller.

active data

[Data Management] Data that is immediately accessible to an application without the need to stage it in from a lower tier of storage.

See near-online data.

Active Directory (AD)

[Windows] A Microsoft technology for the central and hierarchical administration of large groups of computers, users and groups.

active-passive (components, controllers)

[Storage System] Synonym for hot standby components or controllers.

active power

[Energy] The power consumption of a system when powered on and under normal workload.


[Windows] Acronym for Active Directory.


[General] A hardware device—typically an add-in card or specialized component on a system board—that converts the timing and protocol of one bus or interface to another, to enable a computer system's processing hardware to access peripheral devices.

A Fibre Channel Host Bus Adapter and an Ethernet Network Interface Card are both kinds of adapters.

adaptive array

[Storage System] A disk array that is capable of changing its virtual-to-physical location mapping algorithm—e.g., from mirrored to parity RAID—while the array is operating.


1. [Hardware] Acronym for Analog Digital Converter.

2. [SCSI] Acronym for the INCITS T10 Automation/Drive Interface – Commands standards family.


1. [Computer System] A fixed length bit pattern that uniquely identifies a block of data stored on a disk or tape.

2. [Computer System] A fixed-length bit pattern that uniquely identifies a location (bit, byte, word, etc.) in a computer memory.

3. [SCSI] An identifier whose value uniquely identifies a SCSI port connected to a SCSI interconnect for purposes of communication.

4. [Network] A bit pattern that uniquely identifies a device on a network.

address identifier

[Fibre Channel] A 24-bit value used to identify the source (S_ID) or destination (D_ID) of a frame, as specified in the FC-FS-2 standard.

The FC-SW-4 standard includes a table of special address identifier values and their meanings. See S_ID, D_ID, FC-FS-2, FC-SW-4.

address resolution

[Network] The process of determining a MAC address, given a more abstract LAN or WAN address.

Address Resolution Protocol (ARP)

1. [Network] Any protocol used to obtain a mapping from a higher layer address to a lower layer address; when abbreviated as ARP, the Ethernet Address Resolution Protocol (see 2) is most often meant.

2. [Network] The protocol used by an IP networking layer to map IP addresses to lower level hardware (i.e., MAC) addresses.


[Computer System] An algorithm by which areas of fixed disk, removable cartridge media, or computer system main memory are uniquely identified.

See block addressing, C-H-S addressing, explicit addressing, implicit addressing.

adequate security

[Data Security] Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information. [NIST SP 800-53]

administration host

[Storage System] A computer that manages one or more storage subsystems (e.g., filers, disk array subsystems, tape subsystems, etc.).


[Storage System] [Data Security] A person charged with the installation, configuration, and management of a computer system, network, storage subsystem, database, or application.

Advanced Encryption Standard (AES)

[Data Security] A cryptographic algorithm designated by NIST as a replacement for DES.

Advanced Technology Attachment (ATA)

[Storage System] A standard designed to connect hard and removable disk drives.

ATA is also the official name for Integrated Drive Electronics (IDE).

adverse inference

[Legal] Inference that destroyed or missing evidence (data) would have been harmful to a party who failed to provide it.


[Data Security] Acronym for Advanced Encryption Standard.


[Storage System] Acronym for All Flash Array.


[General] A program that performs one or more services (such as gathering information from the Internet), acting for or as a principal.


[Network] [Storage System] A process related to consolidation, consisting of combining multiple similar and related objects or operations into a single one.


[Data Security] Acronym for Authentication Header.


[Fibre Channel] Acronym for Augmented ISL.


[Fibre Channel] A set of AISLs that connect the controlling switches that are part of a distributed switch.


[Storage System] Acronym for Advanced Intelligent Tape.

algorithmic mapping

[Computer System] Use of an algorithm to translate from one data addressing domain to another.

If a volume is algorithmically mapped, the physical location of a block of data may be calculated from its virtual volume address using known characteristics of the volume (e.g., stripe depth and number of member disks). See dynamic mapping, tabular mapping.


[General] An alternate name for an entity, sometimes used to create names that are more easily human readable.

alias address identifier

[Fibre Channel] One or more address identifiers that may be recognized by an N_Port in addition to its N_Port Identifier, used to form groups of N_Ports so that frames may be addressed to a group rather than to individual N_Ports.

See multicast group.


[Fibre Channel] Acronym for Arbitrated Loop Physical Address.

All Flash Array

[Storage System] A solid state storage array consisting of only solid state storage.

alternate client restore

[Data Recovery] The process of restoring files to a different client than the one from which they were backed up.

alternate path restore

[Data Recovery] The process of restoring files to a different directory than the one from which they were backed up.

always on

1. [General] The state of always having power applied (systems) or of being continually active (communication links).

2. [Fibre Channel] A state of an operational link of always being powered on and continually transmitting either data frames, idles or fill words, in contrast to bursty transmissions and listening for a quiet line in earlier 10 and 100 Mbit/sec Ethernet.

American National Standards Institute (ANSI)

[Standards] A body that coordinates the development and use of voluntary consensus standards in the United States and represents the needs and views of U.S. stakeholders in international standardization forums around the globe.

ANSI accredits both standards certification organizations and standards development organizations. The IEEE Standards Association (which standardizes Ethernet and many other technologies) and INCITS (which standardizes SCSI, Fibre Channel, MPEG, and many other technologies) are two of over 100 ANSI accredited standards organizations.

Analog Digital Converter (ADC)

[Hardware] A device that converts a continuously valued (analog) input to a discretely valued (digital) output.


[Standards] Acronym for American National Standards Institute.


[Standards] The standards development committee accredited by INCITS to develop SCSI standards for communication between host devices (initiators) and storage device controllers (targets).

The full name of this committee is the INCITS SCSI Storage Interfaces Technical Committee (INCITS TC T10).


[Standards] The standards development committee accredited by INCITS to develop standards related to Fibre Channel, related serial storage interfaces, and certain storage management interfaces.

The full name of this committee is the INCITS Fibre Channel Interfaces (T11) Technical Committee (INCITS TC T11).


[General] Acronym for Application Programming Interface.


[Fibre Channel] A type of port used to communicate within a Fibre Channel distributed switch.

A_PORT Switch Link (ASL)

[Fibre Channel] A link connecting one A_Port to another A_Port.


[General] An intelligent device programmed to perform a single well-defined function, such as providing file, web, network or print services.

Appliances differ from general purpose computers in that their software is normally customized for the function they perform, pre-loaded by the vendor, and not alterable by the user. See filer.


[Storage System] A client of a storage system.

Applications range from desktop productivity applications to enterprise-wide federated applications spanning multiple databases and file systems.

application I/O request

application read request

application write request

[Storage System] I/O requests made by storage clients, as distinguished from I/O requests made by a storage subsystem's own control software.

Application Programming Interface (API)

[General] An interface used by an application program to request services.

The term API is usually used to denote interfaces between applications and the software components that comprise the operating environment (e.g., operating system, file system, volume manager, device drivers, etc.).

Application Response Measurement

[Standards] An Open Group technical standard, being advanced in both The Open Group and the Distributed Management Task Force, which defines function calls for transaction monitoring.

Application Specific Integrated Circuit (ASIC)

[Computer System] An integrated circuit designed for a particular application, such as interfacing to a SCSI interconnect.

arbitrated loop

1. [Fibre Channel] A Fibre Channel interconnect topology in which each port is connected to the next, forming a loop.

At any instant, only one port in a Fibre Channel Arbitrated Loop can transmit data. Before transmitting data, a port in a Fibre Channel Arbitrated Loop must participate with all other ports in the loop in an arbitration to gain the right to transmit data. The arbitration logic is distributed among all of a loop's ports.

2. [Fibre Channel] The version of the Fibre Channel protocol used with the arbitrated loop physical topology.

Arbitrated Loop Physical Address (AL_PA)

[Fibre Channel] An 8-bit value used to identify a participating device in an Arbitrated Loop.


[General] Any process by which a user of a shared resource—such as a port connected to a shared bus—negotiates with other users for the (usually temporary) right to use the resource (in the given example, by transmitting data on the bus).


1. [Data Management] A collection of data objects, perhaps with associated metadata, in a storage system whose primary purpose is the long-term preservation and retention of that data.

2. [Data Management] Synonym for data ingestion.

3. An organization of people and systems that have accepted the responsibility to protect, retain, and preserve information and data and make it available for a Designated Community. (Source: ISO 14721)


1. [General] Acronym for Application Response Measurement.

2. [Computer System] A common microprocessor architecture, as well as the name of the company that created the architecture.


[Network] Acronym for Address Resolution Protocol.


[Storage System] A storage array, i.e., a disk array or tape array.

array configuration

1. [Storage System] Assignment of the disks and operating parameters for a disk array by setting parameters such as stripe depth, RAID model, cache allowance, spare disk assignments, etc. See configuration, physical configuration.

2. [Storage System] The arrangement of disks and operating parameters that results from such an assignment.


[Computer System] Acronym for Application Specific Integrated Circuit.


[Fibre Channel] Acronym for A_Port Switch Link.

assigned capacity

[Storage System] The amount of space on a system or data container which has been allotted to be written by an end user or application.

On thin provisioning systems, an assigned capacity number represents a promise that that amount of space will be provided on demand; usable capacity is allocated as the container is written. On fully provisioned systems, usable capacity must be committed at the same time the container is allocated. See thin provisioning.


[Data Security] A process for demonstrating that the security goals and objectives for an IT product or system are met on a continuing basis.

assurance level

[Data Security] The measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediate and enforce the security policy.

asymmetric cryptosystem

[Data Security] A cryptographic algorithm in which different keys are used to encrypt and decrypt a single message or block of stored information.

One of the keys is kept secret and referred to as a private key; the other key can be freely disclosed and is called a public key.

asymmetric encryption

[Data Security] Synonym for public key cryptography.

asymmetric virtualization

[Computer System] Synonym for out-of-band virtualization.

Out-of-band virtualization is the preferred term.

asynchronous I/O operation

[Storage System] An I/O operation whose initiator does not await its completion before proceeding with other work, enabling an initiator to have multiple concurrent I/O operations in progress.

asynchronous I/O request

[Storage System] A request to perform an asynchronous I/O operation.

asynchronous mirroring

[Storage System] Deprecated synonym for asynchronous replication.

asynchronous replication

[Storage System] A replication technique in which data must be committed to storage at only the primary site and not the secondary site before the write is acknowledged to the host. Data is then forwarded to the secondary site as the network capabilities permit.

Asynchronous Transfer Mode (ATM)

[Network] A connection-oriented data communications technology based on switching 53 byte fixed-length units of data called cells.

ATM transmission rates are multiples of 51.840 Mbits per second. Each cell is dynamically routed. In the United States, a public communications service called SONET uses ATM at transmission rates of 155, 622, 2048, and 9196 Mbits per second. These are called OC-3, OC-12, OC-48, and OC-192 respectively. A similar service called SDH is offered in Europe. ATM is also used as a LAN infrastructure, sometimes with different transmission rates and coding methods than are offered with SONET and SDH.


[Storage System] Acronym for Advanced Technology Attachment.


[Network] Acronym for Asynchronous Transfer Mode.

atomic operation

[General] An operation that, from an external perspective, occurs either in its entirety or not at all.

For example, database management systems that implement the concept of business transactions treat each business transaction as an atomic operation on the database. This means that either all of the database updates that comprise a transaction are performed or none of them are performed; it is never the case that some of them are performed and others not. RAID arrays must implement atomic write operations to properly reproduce single-disk semantics from the perspective of their clients.


[Data Security] Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself. [CNSSI-4009]


[Network] The power loss between an optical or electrical transmitter and a receiver, expressed in units of decibels (dB).


[General] Independent review and examination of records and activities to assess the adequacy of controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures.

audit log

[Data Security] Synonym for audit trail.

audit trail

[Network] [Data Security] A chronological record of system activities that enables the reconstruction and examination of a sequence of events and/or changes in a system such as an information system, a communications system or any transfer of sensitive material and/or information.

Augmented ISL (AISL)

[Fibre Channel] An E_Port to E_Port link used by the FC-SW redundancy protocol.


1. [General] Being genuine, or accurate in representation of facts.

2. [Legal] For evidence, being found by a jury (or trier of fact) to be what it purports to be and thus being worthy of trust, reliance, or belief.


1. [Data Security] The act of verifying the identity claimed by a party to an interaction.

2. [Legal] The act of meeting the threshold level for admissibility, but not necessarily of authenticity, of evidence (e.g., ESI).

authentication header

[Data Security] A component of IPsec, standardized by the IETF, that permits the specification of various authentication mechanisms designed to provide connectionless integrity, data origin authentication, and an optional anti-replay service.


1. [Data Management] Synonym for data integrity.

2. [Data Security] The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. [NIST SP 800-53]

3. [Legal] The property, condition, or quality of being worthy of trust, reliance, or belief because the proponent (offeror) has shown enough corroborating evidence to a jury (or trier of fact) to warrant such.


1. [Network] The process of determining—for example via access control—that a requestor is allowed to receive a service or perform an operation.

2. [Data Security] The limiting of usage of information system resources to authorized users, programs, processes or other systems, formally described as controlling usage by subjects of objects.

Automated Cartridge System

[Data Recovery] Synonym for tape cartridge handling robot.

automated storage tiering

[Storage System] Automatic movement of data between storage tiers based on policy.

The tiers may be within a single storage system or may span storage systems, including a cloud storage tier.

automatic backup

[Data Recovery] A backup triggered by an event (e.g., a schedule point, or a threshold reached) rather than by human action.

automatic failover

[Storage System] Failover that occurs without human intervention.

automatic swap

[Computer System] The substitution of a replacement unit (RU) in a system for a defective one, where the substitution is performed by the system itself while it continues to perform its normal function (possibly at a reduced rate of performance).

Automatic swaps are functional rather than physical substitutions, and do not require human intervention. Ultimately, however, defective components must be replaced in a physical hot, warm, or cold swap operation. See cold swap, hot swap, warm swap, hot spare.

automatic switchover

[Storage System] Deprecated synonym for automatic failover.

autonomic storage management

[Storage System] The ability of a storage system to self-regulate attributes such as capacity, performance, and resiliency based on application demands, without any administrative intervention.


[Computer System] Abbreviation for automatic swap.

See cold swap, hot swap, warm swap.


[Storage System] Synonym for automated storage tiering.


1. [General] The amount of time that a system is available during those time periods when it is expected to be available, often measured as a percentage of an elapsed year.

For example, 99.95% availability equates to 4.38 hours of downtime in a year (0.0005 * 365 * 24 = 4.38) for a system that is expected to be available all the time. See data availability, high availability.

2. [General] The property of being accessible and usable upon demand by an authorized entity.

[ISO/IEC 27000:2009]

available capacity

[Data Management] [Storage System] Synonym for free space.