Glossary of Neo-Security Architecture

Glossary of Neo-Security Architecture

architect

Terminology

Authenticator
An identity resource that is set with an authentication method.
Authentication
A process through which the Identity Management System verifies who the user or application is.
Authorization
A process through which it is determined what access should be granted for the specific request.
Neo-Security Architecture
A modular and open-standard-based security architecture for secure, protected and legitimate access to mobile and web applications and their data, such as APIs and services.
By reference token
A token that contains reference pointing to the identity data. They are used in external networks, which makes the identity data opaque to external networks. For example, a phantom token.
By value token
A token that contains identity data and almost always include a digital signature over that data to ensure the integrity. They are used in internal networks. For example, a JWT.

Abbreviations

ALFA
Abbreviated Language For Authorization used in formulating access control policies
AMS
API Management System
CRUD
Create, Read, Update, Delete
DCR
Dynamic Client Registration
DCRM
Dynamic Client Registration Managment
EMS
Entitlement Management System
FIDO
Fast IDentity Online, a set of standards for fast, simple, strong authentication
HOTP
HMAC-based One-time Password algorithm
IMS
Identity Management System
JOSE
JSON Object Signing and Encryption
JWT
JSON Web Token
PAP
Policy Administration Point
PDP
Policy Decision Point
PEP
Policy Enforcement Point
PIP
Policy Information Point
PRP
Policy Retrieval Point
TOTP
Time-based One-Time Password algorithm, an extension of HOTP
SAML
Security Assertion Markup Language
SP
Service Provider
SCIM
System for Cross-domain Identity Management

Let’s Stay in Touch!

Get the latest on identity management, API Security and authentication straight to your inbox.

Was this page helpful?