Glossary Terms of info security terms

2FA (Two-Factor Authentication)

APN

Big Data

A collection of data set so large and complex that they are difficult to process with traditional applications.
The term “big data” is commonly used to present new analytical applications leveraging on the power of very large amounts of data sets.
A typical example is CRM (Customer Relationship Management) whereby the analysis of large amounts of past data can provide tools to improve sales forecasts, stocks management, marketing trends and customer behaviors.
Data Analysis is foreseen as an opportunity to monetize such “big data” by improving business intelligence.

Biometrics

Human attributes that are unique to one given individual and can be digitalize to then be compared with a stored reference.
The use of biometrics data such as finger prints can be used for security services such as access control, data encryption or digital signature The challenge of Biometry is to enroll then securely store the reference data for each individual.
Smart Card solutions offer match-on-card applications, removing the need for an online verification via a central database.

Bluetooth

A short range wireless technology that simplifies communication and synchronization between the internet, devices and other computers.
Bluetooth is commonly used for consumers electronics devices such as, for example, headsets for cell phones or MP3 players.
Bluetooth requires first the user to establish a pairing between two devices. Once this pairing is establish, a fast wireless data exchange between the two devices can happen.
Everything about the standard at http://www.bluetooth.com/

Bot (Internet bot)

A type of computer program designed to do automated tasks.

Border Control

The act of controlling Travelers identities and visas when entering a given country (Airports, Sea-ports or roads)

CAC

Common Access Card: a US Department of Defense smart card issued as standard physical and network identification for military and other personnel.
Learn more about the DoD Common Access Card

CDMA (code Division Multiple Access)

A wireless communications technology that uses the spread spectrum communication to provide increased bandwidth.

Cloud Computing

Computing by using servers, storage and applications that are accessed via the internet.
Cloud Computing is the architecture of choice for popular applications such as Web Mail, Social Networks, collaborative applications such as Microsoft office 365 or Google Docs.
The promises of Cloud Computing are no data losses, no backup needed, no software license updates needed. Applications are executed from a web browser or an apps. The application itself and the user data are hosted in a Data Center.
Cloud Computing is often seen as the alternative to client software where a license of a given software is installed and executed on the user’s device.

Contactless

A card that communicates by means of a radio frequency signal, eliminating the need for physical contact with a reader.
Contactless communications includes several technologies aiming at performing short range data transfer between two communicating devices. Operational ranges can vary from 2cm to 10 to 15 meters.
Contactless Cards used for Payment or Transport use very short range technology. Such card’s silicon chip are powered by the proximity of the reader to establish the contactless communication in a secure manner.

Customer Relationship Management (CRM)

A set of tools and techniques using data to enhance sales forecast, supply strategy, pricing strategy and all aspects of products&services strategy.
CRM is foreseen has a key application of Big Data, where large amounts of past data can really enhance current and future business steering and decision making.

DDA (Dynamic Data Authentication)

Authentication technology that allows banks to approce transactions at the terminal in a highly secure way.

DI (Dual Interface)

A device that is both contact and contactless.
Dual-Interface cards, combining contact and contactless transactions are often used for EMV payment. There are also more an more payment + transport cards where a payment card is also used to access to a mass transit network.

Digital identity

Humans can own one or several Digital Identiti(es) – also called avatars – to be used to access various digital services
For secure services, Digital Identities must be issued by a Certificate Authority (CA) capable to establish a link between the actual user and his/her digital Identities.
There is no limit to how many Digital Identities any given user may have.

Digital signature

An electronic signature created using a public-key algorithm that can be used by the recipient to authenticate the identity of the sender.

DNS Cache poisoning

A technique that tricks a Domain Name Server (DNS server) into believing it has received authentic information when in reality it has not.

Dongle

Any small piece of hardware that plugs into a computer. Most popular form-factor are USB keys or Smart Cards that can get inserted into card readers. Related offer: mToken and mOTP solutions

EAC (Extended Access Control)

A mechanism enhancing the security of ePassports whereby only authorized inspection systems can read biometric data.

eBanking

Accessing banking services via the internet

eCommerce

Buying and selling goods via the internet.

Edge

a pre-3G digital mobile phone technology allowing improved data transmission rates.

eGovernment

The use of digital technologies (often via the internet) to provide Government services. Second generation eGov 2.0 programs aim to increase efficiency, lower costs and reduce.

eID

Personal identification using a variety of devices secured by microprocessors, biometrics and other means.

ePassport

An “electronic” passport with high security printing, an inlay including an antenna and a microprocessor, and other security features.

ePurse

A small portable device that contains “electronic money” and is generally used for low-value transactions.

Ethernet

A diverse family of computer networking technologies for local area networks (LANs).

eTicketing

Electronic systems for issuing, checking and paying for tickets predominantly for public transport.

ETSI

European Telecommunications Standards Institute: the EU organization in charge of defining European telecommunications standards.

FCC

The Federal Communications Commission (FCC) is an independent agency of the United States government and with the majority of its commissioners appointed by the current President. The FCC works towards six goals in the areas of broadband, competition, the spectrum, the media, public safety and homeland security, and modernizingthe FCC

 FIPS 140-2

The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to accredit cryptographic modules.

FIPS 140-2 defines four levels of security, simply named “Level 1” to “Level 4”.

Read more about: computer security, telecommunication security, cryptography, cryptographic modules, Federal Information Processing Standard (FIPS) at http://csrc.nist.gov/

The Cryptographic Module Validation Program (CMVP) validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-2 and other cryptography based standards.

The CMVP is a joint effort between NIST and the Communications Security Establishment (CSE) of the Government of Canada. Products validated as conforming to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive information (United States) or Designated Information (Canada). The goal of the CMVP is to promote the use of validated cryptographic modules and provide Federal agencies with a security metric to use in procuring equipment containing validated cryptographic modules.

FIPS 201 (Federal Information Processing Standard)

A US federal government standard that specifies Personal Identity Verification requirements for employees and contractors.

FUMO

Firmware Update Management Object, is an Open Mobile Alliance specification for updating the firmware of mobile devices over the air. FUMO allows mobile operators to update mobile devices across network infrastructure without requiring consumers or network engineers to initiate upgrades through direct contact.
It enables operators and device manufacturers to perform updates over-the-air ranging from the simple ones (e.g.:security patch) to the most complex (e.g.: important parts of the operating system).

GSM (Global System for Mobile Communications)

A European standard for digital cellular phones that has now been widely adopted throughout the world.
Find out more about GSM

GSMA (GSM Association)

The global association for Mobile phone operators
Find out more about GSMA

H

HIPAA

Health Insurance Portability and Accountability Act: the US act that protects health insurance coverage for workers and their families when they change or lose their jobs
HSPD-12 (Homeland Security Presidential Directive 12)
Orders all US Federal Agencies to issue secure and reliable forms of identification to employees and contractors , with a recommendation in favor of smart card technology

HTTP

Hypertext Transfer Protocol. A networking protocol for distributed, collaborative, hypermedia information systems; is the foundation of data communications on the Web.

I

IAM

Identity and Access Management

ICAO (International Civil Aviation Organization)

The United Nations agency which standardizes machine-readable and biometric passports worldwide.

IM

Using text on a mobile handset to communicate in real time

IP (Internet Protocol)

A protocol for communicating data across a network; hence an IP address is a unique computer address using the IP standard.

IMEI

The International Mobile Equipment Identity or IMEI ( /aɪˈmiː/) is a number, usually unique, to identify GSM, WCDMA, and iDEN mobile phones, as well as some satellite phones. It is usually found printed inside the battery compartment of the phone. It can also be displayed on the screen of the phone by entering *#06# into the keypad on most phones.

IPSec

Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.

I²C

Inter-Integrated Circuit; generically referred to as “two-wire interface”) is a multi-master serial single-ended computer bus invented by Philips that is used to attach low-speed peripherals to a motherboard, embedded system, or cellphone or other electronics.

ISO

International Organization for Standardization: an international body that produces the worldwide industrial and commercial “ISO” standards.

J

Java

A network oriented programming language invented by Sun Micro-systems and specifically designed so that programs can be safely downloaded to remote devices.
Java Card helps developers build, test and deploy smart card-based applications quickly and efficiently with an object oriented programming model and off-the-shelf development tools. For smart card issuers, it delivers a secure and interoperable platform that can be used to store and update multiple applications on a single end-user device.

Key (keystroke )logging

A means of capturing a user’s keystrokes on a computer keyboard, sometimes for malicious purposes.

LAWMO

Lock And Wipe Management Object. It is an Open Mobile Alliance specification for locking handsets in case they are lost or stolen or for wiping the handsets’ memory. The handset wipe removes all personal data stored either on the handset memory or on the inserted memory card. As a result, the handset is then totally blank, without any chance to retrieve the data.

LTE (Long Term Evolution)

The standard in advanced mobile network technology, often referred to as 4G.

Malware

Malicious software designed to infiltrate or damage a computer system without the owner’s consent.

Man-in-the-middle attack

An attack in which an outsider is able to read, insert and modify messages between two parties without either of them knowing.

mCommerce

Buying and selling goods and services using a mobile device connected to the internet.

MFS (Mobile Financial Services)

Banking services such as money transfer and payment, available via a mobile device.

Microprocessor (smart) card

A ‘smart” card comprising a module embedded with a chip, a computer with its own processor, memory, operating system and application software.

MicroSD Card

A removable memory card that can also be modified by adding a microprocessor to become a Secure Element, using the SDIO protocol to communicate with the device.
Complementary information about MicroSD Card

MIM (Machine Identification Module)

The equivalent of a SIM with specific features such that it can be used in machines to enable authentification MMS (Multimedia Messaging Service) a standard way of sending messages that include multimedia content (e.g. photographs) to and from mobile phones.

M2M

Machine-to-Machine (M2M) refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability. M2M uses a device (such as a sensor or meter) to capture an event (such as temperature, inventory level, etc.), which is relayed through a network (wireless, wired or hybrid) to an application (software program), that translates the captured event into meaningful information (for example, items need to be restocked). This is accomplished through the use of telemetry, the language machines use when in communication with each other. Such communication was originally accomplished by having a remote network of machines relay information back to a central hub for analysis, which would then be rerouted into a system like a personal computer.

MHealth

mHealth (also written as m-health or mobile health) is a term used for the practice of medical and public health, supported by mobile devices. The term is most commonly used in reference to using mobile communication devices, such as mobile phones and PDAs, for health services and information. The mHealth field has emerged as a sub-segment of eHealth.

MNO

A mobile network operator (MNO), also known as mobile phone operator (or simply mobile operator or mobo ), carrier service provider (CSP), wireless service provider, wireless carrier, or cellular company, is a telephone company that provides services for mobile phone subscribers.

MMS

A standard way of sending messages that include multimedia content (e.g. photographs) to and from mobile phones.

MNO (Mobile Network Operator)

A company that provides services for Mobile devices subscribers.

Mobile Money

Banking and payment services for unbanked users.

Module

The unit formed of a chip and a contact plate.

mPayment

Using a mobile handset to pay for goods and services.

NFC (Near-Field Communication):

A wireless technology that enables communication over short distances (e.g. 4cm), typically between a mobile device and a reader.

OATH

The Initiative for Open Authentication

OS (Operating System)

Software that runs on computers and other smart devices and that manages the way they function.

OTA (Over The Air)

A method of distributing applications and new software updates which are already in use.

OTP (One Time Password)

A password that is valid for only one login session or transaction. More info

Password cracking

The process of recovering secret passwords from data in a computer system.

PDA (Personal Digital Assistant)

A mobile device that functions as a personal information manager, often with the ability to connect to the internet.

PDC Personal Digital Cellular

A2G mobile phone standard used in Japan and South Korea.

Phishing

Sending fraudulent emails requesting someone’s personal and financial details.

PIN (A Personal Identification Number)

A secret code required to confirm a user’s identity.

PKI (Public Key Infrastructure)

Public Key Infrastructure (PKI) is a system that validates a user’s digital identity over a public or private network. It does so by associating a pair of public and private keys with the individual’s identity credentials. These keys are created with a cryptographic algorithm and shared by a certificate authority (CA) that links them to the user’s unique identity. The CA stores this information in a database and issues digital certificates, which include the public key or information about the public keys, in order to verify the user’s identity. Read More

RFID

Short to mid-range wireless communication technology typically used for low end services with no security needs (Tags).

SCOMO

Software Component Management Object. It is an Open Mobile Alliance specification that allows a management authority to perform software management on a remote device, including installation, uninstallation, activation and deactivation of software components.
Related offer: Device Management Solutions

SE (Secure Element)

A secure and personalized physical component added to a system to manage users rights and to host secure apps.
SE typically consist of a Silicon Chip, a secure Operating System, application software and a secure protocol to communicate to the device.

Strong authentication

It refers to any authentication protocol that requires multiple factors to establish identity and privileges.
This contrasts with traditional password authentication which requires only one authentication factor such as knowledge of a password.
Common implementations of strong authentication use ‘something you know’ (a password) as one of the factors, and ‘something you have’ (a physical device) and/or ‘something you are’ (a biometric such as a fingerprint) as the other factors.

TEE (Trusted Execution Environment)

A software and hardware dedicated environment embedded within the core device microprocessor to host and execute secure applications.

Thin client

A computer (client) that depends primarily on a central server for processing activities. By contrast, a fat client does as much local processing as possible.

Trojan

A program that contains or installs a malicious program.

TSM (Trusted Services Manager)

A third party enabling Mobile Operators, Mass Transit Operators, Banks and businesses to offer combined services seamlessly and securely.

UICC (Universal Integrated Circuit Card)

A high capacity smart card used in mobile terminals for GSM, UMTS/3G and now 4G/LTE networks.

USB

Universal Serial Bus (USB) is a specification to establish communication between devices and a host controller (usually a personal computer), which has effectively replaced a variety of earlier interfaces such as serial and parallel ports. USB can connect computer peripherals such as mice, keyboards, digital cameras, printers, personal media players, flash drives, network adapters, and external hard drives. For many of those devices, USB has become the standard connection method.

UMTS

Universal Mobile Telecommunications System (UMTS) is a third generation mobile cellular technology for networks based on the GSM standard. Developed by the 3GPP (3rd Generation Partnership Project), UMTS is a component of the International Telecommunications Union IMT-2000 standard set and compares with the cdma2000 standard set for networks based on the competing cdmaOne technology. UMTS employs wideband code division multiple access (W-CDMA) radio access technology to offer greater spectral efficiency and bandwidth to mobile network operators. UMTS specifies a complete network system, covering the radio access network (UMTS Terrestrial Radio Access Network, or UTRAN), the core network (Mobile Application Part, or MAP) and the authentication of users via SIM cards (Subscriber Identity Module).

VPN (Virtual Private Network)

A private network often used within a company or group of companies to communicate confidentially over a public network. More info

W-CDMA (Wideband Code Division Multiple Access)
A 3G technology for wireless systems based on CDMA technology.

XML

Extensible Markup Language. A set of rules for encoding documents in machine-readable form.

Contact Us Today

Explore and compare Longmai products in our Online Store, and get a price quote from our Sales representatives who are already standing by to answer your questions.
We’re here to help. Send us your sales inquiry and Longmai Sales Specialist will get back to you within one business/working day.
We may be speaking your language, want to talk? Call us Ω Tel: +8610-62323636-632 and speak with our Sales Specialist now.