Glossary of Neo-Security Architecture
architect
Terminology¶
- Authenticator
- An identity resource that is set with an authentication method.
- Authentication
- A process through which the Identity Management System verifies who the user or application is.
- Authorization
- A process through which it is determined what access should be granted for the specific request.
- Neo-Security Architecture
- A modular and open-standard-based security architecture for secure, protected and legitimate access to mobile and web applications and their data, such as APIs and services.
- By reference token
- A token that contains reference pointing to the identity data. They are used in external networks, which makes the identity data opaque to external networks. For example, a phantom token.
- By value token
- A token that contains identity data and almost always include a digital signature over that data to ensure the integrity. They are used in internal networks. For example, a JWT.
Abbreviations¶
- ALFA
- Abbreviated Language For Authorization used in formulating access control policies
- AMS
- API Management System
- CRUD
- Create, Read, Update, Delete
- DCR
- Dynamic Client Registration
- DCRM
- Dynamic Client Registration Managment
- EMS
- Entitlement Management System
- FIDO
- Fast IDentity Online, a set of standards for fast, simple, strong authentication
- HOTP
- HMAC-based One-time Password algorithm
- IMS
- Identity Management System
- JOSE
- JSON Object Signing and Encryption
- JWT
- JSON Web Token
- PAP
- Policy Administration Point
- PDP
- Policy Decision Point
- PEP
- Policy Enforcement Point
- PIP
- Policy Information Point
- PRP
- Policy Retrieval Point
- TOTP
- Time-based One-Time Password algorithm, an extension of HOTP
- SAML
- Security Assertion Markup Language
- SP
- Service Provider
- SCIM
- System for Cross-domain Identity Management
Let’s Stay in Touch!
Get the latest on identity management, API Security and authentication straight to your inbox.