Nexus Glossary


A

Authentication

Authentication is the process of verifying a user’s true identity. This may involve the use of one or more means of proof of identification, also known as factors, such as PIN codes and smart cards.


B

Bring Your Own Device (BYOD)

Bring Your Own Device is an access concept driven by the consumerisation of IT infrastructures. Bring Your Own Device solutions provide secure remote access to company resources from mobile devices. Thus, end-users can conveniently access their workspace from their preferred device, such as their smartphone or tablet, without compromising the security of sensitive date.


C

Card Printer

We offer plastic card printers and printers for paper cards and labels by all leading manufacturers. Manufacturers include, Fargo, Zebra, Magicard, Nisca, INTRAPROC, Intermec, NBS, Evolis, Digital Identification Solutions, and Datacard.

Card Printer Supplies

We offer accessories for our printers in the form of ribbons, cleaning kits, laminating rolls, magstripe encoders, and transfer film. Each of the supplies is tailored to the specific manufacturer or printer type to guarantee high quality printing results.

Card Reader

Card readers are an integral part of any access management system. They are available for a diverse range of identification methods, including RFID technology, biometric data, contact chips, and barcodes.

Cardware

Plastic cards are used for a variety of purposes: as national ID cards, employment badges, customer loyalty cards, etc. Smart cards are available with different types of identification technology, including RFID chips, contact chips, magnetic stripes, or biometric data, and can be printed with any kind of individual design. Card accessories include lanyards, card holders, plastic pockets, clips, yo-yos, and badge reels.

Certificate Management

Electronic certificates are encrypted electronic IDs used to securely authenticate users, devices, and software. Certificate Management is handled as part of Public Key Infrastructures and includes the complete lifecycle management of each certificate (issue, revoke, renew, block, etc.).

Certification authority

A certification authority is a body that issues digital certificates. A digital certificate is employed to assign a public key to a person or organization.

Cloud services

Cloud computing refers to the provisioning of virtualized resources (such as IT infrastructure and software) via a network. It enables the delivery of on-demand and highly cost-effective cloud services – without compromising security, ease of use or functionality.

Common access card (CAC)

A common access card is a smart card that provides access to buildings, controlled areas, networks and computer systems. Usually the same size and shape as a credit card, a CAC employs two-factor authentication.

Compliance

Compliance is a long-term, ongoing process aimed at ensuring that a company’s IT environment meets all relevant legal, internal and contractual requirements. Core tasks include documentation of all key activities and analysis of potential threats.

Computer Crime

Any crime involving a computer and a network. Cybercrime encompasses a broad range of activities such as the distribution of viruses or malware, denial-of-service attacks, fraud and identity theft, as well as cyber terrorism and cyber warfare.

Credential lifecycle management

Credential lifecycle management is the overarching term for all processes involved in the provision, renewal and revocation of credentials.

Credentials

Credentials is the generic term for all means employed to identify, authenticate and authorize users. Credentials determine, for example, who is granted logical or physical access to particular networks or buildings. Common forms include photo ID cards, RFID cards, PKI smart cards, PIN codes, one-time passwords (OTP), security questions and biometric information.

Cybercrime

Any crime involving a computer and a network. Cybercrime encompasses a broad range of activities such as the distribution of viruses or malware, denial-of-service attacks, fraud and identity theft, as well as cyber terrorism and cyber warfare. Also: Computer Crime


D

Digital certificate

A digital certificate is electronic proof of identity provided by an authorized certification authority (CA).

Digital identity

A digital identity is the total sum of unique online characteristics of a subject or object. A digital identity is created by the registration in electronic form of these characteristics.


E

eID

eID is an electronic identification that is a solutions of citizens and organizations, accessing services by banks, government authorities and other companies. Many service providers give users the option to sign electronic documents with a digital signature (non-repudiation). A strong eID is based on PKI and certificates. Common Access Card is one form of eID, which is a physical identity card with a chip that carries the keys and certificates in a secure way and enables the card to be used for online and offline personal identification, authentication or signing. The card may be used for online authentication for e-government applications. An electronic signature, provided by a private company, may also be stored on the chip and act as an eID.

eID Infrastructure

Complete PKI infrastructure services to issue, validate, retrieve and audit digital certificates.

Electronic Signature

Electronic signatures are used as a means to authenticate identities or content in the digital world. They can be used to sign online documents, emails, transactions, and many more. For example, a valid digital signature gives the recipient of a message reason to believe that the message was created by the specified sender (authentication & non-repudiation) and that the message was not altered in transit (integrity).

Entitlement Management

Everything that communicates has an identity – people, devices, software. An identity can be equipped with certain entitlements – for example the right to access a certain building at a specific time, or the right to run certain software on a protected machine. Managing these entitlements in both the physical and the digital world is key to achieving smooth processes in a protected corporate environment.

Entity

In data modeling, an entity is a uniquely identifiable object for which information is processed or stored. Entities can be physical or abstract. Entities are described in terms of their attributes.


I

Identity

Refers to the digital identity of a person, device, process, or any other object that is part of a digital network. The digital identity is the sum of information that uniquely describes the object and contains information about its properties and relationships to other objects, such as rights (entitlements) to perform certain actions in the digital or physical world. In the past, only people have been given digital identities to communicate in the digital world. Today, we are witnessing the rise of the Internet of Things, where most physical objects, machines, and even services around us are going to be connected in a digital infrastructure. All these objects need an identity to be able to establish trustworthy connections and communicate in the digital network.

Identity and Access Management (IAM)

Everything that communicates has an identity – people, devices, software. An identity can be equipped with certain entitlements – for example the right to access a certain building at a specific time – as well as with the credentials to authenticate herself – for example password, certificate, or fingerprint. Managing these diverse groups of identities, the corresponding entitlements, as well as authentication to various access systems is the task of an integrated Identity and Access Management solution.

Identity federation

Identity federation involves creating a trusted identity that is recognized across an organization or a group of organizations. The aim is to streamline processes within and beyond enterprise boundaries, as users do not need separate credentials for individual domains or systems.

Identity Theft

The crime of obtaining someone else’s personally identifying information, such as their name, credit card number, social security number, or similar, in order to assume that person’s identity. Usually committed in order to gain access to resources or obtain credit and other benefits in that person’s name.

Industrial Espionage

The theft of trade secrets such as ideas, techniques and processes, customer data, business strategies, and many more for use by a competitor. Industrial espionage is conducted for commercial purposes rather than national security purposes (espionage). To be differentiated from competitive intelligence – the legal gathering of information to determine a competitor’s activities. Industrial espionage is most commonly associated with technology-heavy industries, particularly the computer and auto sectors, in which a significant amount of money is spent on research and development.

Industry 4.0

Refers to the fourth industrial revolution, following the first (mechanization of production through water and steam power), second (use of electricity for mass production), and third (use of electronics and IT for automation). Experts believe that the fourth revolutionary leap will entail full computerization of traditional industries. A key element of Industry 4.0 is the Smart Factory marked by adaptability, resource efficiency and ergonomics as well as intelligent processes and communication. Technological basis are cyber-physical systems and the Internet of Things.

Information Security Policy

A set of policies issued by an organization to ensure that all IT users within the organization’s domain or its networks comply with rules and guidelines related to the security of the information stored digitally within the organization’s boundaries of authority. A security policy comprises a set of rules defining who is authorized to access what and under which conditions, and the criteria under which such authorization is given or cancelled.

Internet of Things (IoT)

The digital network is soon going to connect physical objects (“things”), persons, machines, devices and processes. It is expected that 50 Billion devices will be connected to the Internet by 2020. Contrary to the Internet as we know it, where only persons have digital identities, the Internet of Things equips physical objects with digital identities. The objects are embedded with software, electronics and sensors that allow them to communicate with other objects or persons in the digital or physical world. IoT will transform all industries – it is expected that the new connectivity will set off automation in almost all fields of business. Establishing secure infrastructures and trustworthy identities is vital for the successful deployment of this new kind of network.


L

LDAP

LDAP (lightweight directory access protocol) is a protocol that allows information in directories, for example on users, to be accessed and shared over the Internet by applications such as email programs.


M

Managed services

Managed services are IT services that are delivered and maintained by external providers. This form of outsourcing allows routine operational and administrative duties to be performed efficiently and cost-effectively.


N

Nexus Online Services (NOS)

Online portal for resellers and system integrators to support their end users in ordering, producing and distributing identity cards and soft tokens.


O

OpenID

OpenID is a security protocol for web services that supports single sign-on (SSO) for authentication and identity management.


P

Physical Access Management (PAM)

IP-based card reader products.

Physical Identity Management (PIM)

Centralized identity and access management for multiple physical access control systems.

Proximity Card

Proximity cards are smart cards which can be read without inserting them into a reader device. They are using radio-frequency identification (RFID) technology to communicate with the reader device over a distance of a few meters. Proximity cards can hold more data than magnetic stripe cards.

Public Key Infrastructure

Public key infrastructure (PKI) is a commonly used technology for safeguarding computer and network access, and for protecting communications. PKI credentials consist of a pair of cryptographic keys and an electronic certificate that are employed to identify and authenticate the user.


R

RFID

Radio-Frequency Identification is a tagging or identification technology. It uses radio-frequency electromagnetic fields to transfer data non-contact for the purposes of automatically identifying and tracking tags attached to objects. Tags may be battery-powered or derive their power from the RF waves coming from the reader. Unlike a barcode, the tag does not necessarily need to be within line of sight of the reader, and may be embedded in any type of object, typically smart cards or transponders.


S

SaaS

Software as a service (SaaS) is a form of cloud computing. It entails the delivery of an application over an IP network. The software is not purchased and then locally installed, but accessed and used remotely, and on demand.

Sambi

Federation for the Swedish health care.

SAML

Security assertion markup language (SAML) is an XML framework for the exchange of authentication and authorization data. It provides functions that describe and transmit security-related information.

Skolfederation

Single Sign-On functionality to promote the use of digital services and textbooks in Swedish schools.

Smartcard

Smart cards are used to authenticate to a variety of systems, for example to access buildings, to pay in the cafeteria, or to use follow-me printing services. They are available with different types of identification technology, including RFID chips, contact chips, magnetic stripes, or biometric data, and can be printed with any kind of individual design.

SSO

Single sign-on (SSO) is a mechanism that allows a user who has been authenticated via a particular device to access all computers and services for which he is locally authorized – without having to log on separately on each occasion.


T

Token

A security token is a hardware component for the identification and authentication of users. The user must be in possession of the token in order to be granted access rights.

Two-factor authentication

This describes the use of two authentication techniques in combination, for example a password and a smart card. It generally comprises something the user possesses, and something the user knows.


V

Virtual Appliance

A virtual appliance is a software appliance that is installed on a virtual machine. Virtual appliances are hosted through remote infrastructure and can be accessed remotely without any locally-installed hardware. Virtual appliances play a significant role in cloud computing’s software as a service (SaaS) model where remote software access is delivered through a Web browser.


W

Web 2.0

Describes a new stage of the World Wide Web where end-users become collaborators and co-creators rather than consumers of web content. Typical Web 2.0 sites include blogs, social networking sites, virtual communities, wikis, and mashups.

Whitelisting

Whitelisting controls which applications are allowed to run on a protected device or system. Based on the “default deny” principle, whitelisting technology blocks any file that is not part of an authorized application, thus providing airtight security. Whitelisting is also much faster than traditional anti-virus software as it only needs to verify each application against a short list of approved applications.