Non-repudiation is the security property that prevents a party from denying they took a specific action. If an employee sends an email, approves a transaction, or modifies a record, non-repudiation mechanisms ensure they cannot later claim the action never happened or was performed by someone else.
Digital signatures are the primary technical mechanism. When a document is signed with a private key only the signer controls, the signature proves both that the signer created it and that the content was not altered after signing.
CISSP Relevance
Non-repudiation appears in Domain 1 (Security and Risk Management) alongside the CIA Triad and in Domain 3 (Security Architecture and Engineering) in the context of cryptographic mechanisms. CISSP candidates must understand how non-repudiation is achieved technically and why it matters for accountability and legal compliance.
External reference: NIST Glossary Non-Repudiation
Related terms: Digital Signature, Audit Trail