Ver

·         Lista negra

Relación de elementos que se sabe positivamente que son aceptables en un sistema. Es lo contario de una “lista negra”.

Whitelists refer to defined lists of “known good" items: users, network addresses. applications, and so on. typically for the purpose of exception-based security where any item not explicitly defined as “known good" results in a remediation action (e.g. alert and block}. Whitelists contrast blacklists. which define “known bad” items. [knapp:2014]

Whitelisting refers to the act of comparing an item against a list of approved items for the purpose of assessing whether it is allowed or should be blocked. Typically referred to in the context of Application Whitelisting. which prevents unauthorized applications from executing on a host by comparing all applications against a whitelist of authorized applications. [knapp:2014]

Application Whitelisting (AW) is a form of whitelisting intended to control which executable files [applications] are allowed to operate. AW systems typically work by first establishing the “whitelist” of allowed applications. after which point any attempt to execute code will be compared against that list. If the application is not allowed. it will be prevented from executing. AW often operates at low levels within the kernel of the host operating system. [knapp:2014]

The process of establishing a “whitelist” of known valid user identities and/or accounts. for the purpose of detecting and/or preventing rogue user activities. See also: Application Whitelisting. [knapp:2014]

A list of computers, IP (Internet Protocol) addresses, user names or other identifiers to specifically allow access to a computing resource. Normally combined with a default "no-access" policy.

http://cyber.law.harvard.edu/cybersecurity/Keyword_Index_and_Glossary_of_Core_Ideas