Public Key Infrastructure
The system of digital certificates, certificate authorities, and cryptographic keys used to verify identity and encrypt communications. Federal agencies rely on PKI for CAC-based login, digitally signed documents, and secure email, and contractors working on federal networks often must support or integrate with DoD or federal PKI credentials.
Related terms
Administrative Contracting Officer
ACOAn Administrative Contracting Officer manages a contract after award, handling modifications, cost and schedule oversight, and day-to-day compliance monitoring, while a separate procuring contracting officer typically handles the award itself. An ACO's authority is defined by a written letter of delegation and is limited to the specific functions it grants.
Communications Security
COMSECCommunications Security covers the measures, equipment, and procedures used to protect government voice, data, and message traffic from interception, exploitation, or unauthorized disclosure, including encryption, key management, and transmission security. Contractors working with classified or sensitive communications equipment must follow NSA/CNSS COMSEC policy, often including trained custodians and controlled key material.
Contracting Officer
KOThe Contracting Officer is the government official with legal authority to enter into, administer, modify, or terminate a contract on the agency's behalf. Only the KO can bind the government to contractual commitments; direction from any other government employee, including a program manager or COR, does not carry that authority.
Contracting Officer's Representative
CORA Contracting Officer's Representative is appointed in writing by the KO to monitor day-to-day contract performance, inspect deliverables, and serve as the technical point of contact with the contractor. A COR has no authority to change price, scope, or terms; performance concerns get escalated back to the Contracting Officer for a binding decision.
Controlled Unclassified Information
CUIControlled Unclassified Information is unclassified government information that still requires safeguarding or dissemination controls under law, regulation, or agency policy, such as procurement-sensitive data, export-controlled technical data, or personally identifiable information. Contractors handling CUI must follow specific marking, storage, and access rules, and it is a core driver behind CMMC requirements.
