Skip to end of metadata
Go to start of metadata

Op basis van het verzoek tijdens de 2FA-Requirement meeting van 23-09-2019 een eerste opzet (concept, work-in-progress) van een glossary voor SURFresearch Access Management.


Full Term



Two-Factor Authentication

A type or subset of multi-factor authentication. It is a method of confirming users' claimed identities by using a combination of two different factors; either something they know, something they have, or something they are.


Authenticatie & Autorisatie Infrastructuur

Warranting access to an environment only by people that have the right to use it can be achieved by implementing two distinct processes: authentication of users, and enforcement of authorization rules for users.


Authentication and Authorisation for Research Collaborations

An European initiative launched to address the increased need for federated access and for authentication and authorisation mechanisms by research and e-infrastructures.


Attribute Release Policy

The release policy decides how attributes are to be released for a given service. Each policy has the ability to apply an optional filter.


Application Specific Passwords

A unique password that is valid for only one service or application.


Acceptable Use Policy

An acceptable use policy is a document stating rules, constraints, and practices that a user must agree upon before being allowed to access a service.


BluePrint Architecture

A (global) definition of an architecture, containing all important concepts, elements, (physical) components, their attributes and their interrelationships, which serves as a framework or industry standard.


Collaborative Organization

Overarching structure or group in which researchers can be enlisted, to receive access to required services.


GÉANT DataProtection Code of Conduct

Initiative to meet the requirements of the EU Data Protection Directive in federated identity management, in line with GDPR Codes of Conduct 


Data Processing Agreement

A legally binding document to be agreed upon between the data controller and the data processor in writing or in electronic form. It regulates the particularities of data processing – such as its scope and purpose – as well as the relationship between the controller and the processor.


Electronic IDentification Authentication and trust Services

eIDAS is an EU-defined set of standards for electronic identification and trust services for electronic transactions in the European Single Market.


European Open Science Cloud

Vision of the European Commission for a large infrastructure to support and develop open science and open innovation in Europe and beyond.


Findable, Accessible, Interoperable & Reusable

The FAIR data principles are a set of guiding principles in order to make data findable, accessible, interoperable and reusable. These principles provide guidance for scientific data management and stewardship.


Federative Identity Management

Having a common set of policies, practices and protocols in place to manage the identity and trust into users and devices across organizations.


Hoger Onderwijs Referentie Architectuur

A collection of tools and practices for planning the organization of-, and information provision within-, Dutch institutions for Higher Education.


iDentificeren & INloggen

Service offered by Dutch banks, enabling consumers to use the authentication methods of their own bank for identification, login, or age verification purposes at other organizations.


Identity Provider

An Identity Provider is a system entity that creates, maintains, and manages identity information while providing authentication services to relying applications or services within a federation or distributed network. In practice: an institution has a database with user accounts. Certain software, in the Netherlands often Microsoft Active Directory, is used to allow usage of that user database to enable federated login at connected cloud services.


Lightweight Directory Access Protocol

A software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network environment.


Level of Assurance

Description of the degree of confidence in the processes leading up to and including an authentication. It provides assurance that the entity claiming a particular identity, is the entity to which that identity was assigned.


Multi-Factor Authentication

An authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence (factors) to an authentication mechanism: knowledge, possession, and inherence. Also see 2FA - Two-Factor Authentication


Ontwikkel – Test – Acceptatie - Productie

Methodology for phasing the software development process and software development environments.


Principal Investigator

One or more persons who are in charge of a specific research project.


Privacy Impact Assessment

A tool for identifying and assessing privacy risks throughout the development life cycle of a project. Based on the PIA results, mitigating measures can be taken to prevent or reduce effects for involved stakeholders.


Personally Identifiable Information

Any data that could potentially identify a specific individual. All information that can be used to distinguish one person from another, and can be used for de-anonymizing anonymous data, can be considered PII.


Research & Scholarship Entity Category

Entity category for Service Providers that are operated for the purpose of supporting research and scholarship interaction, collaboration or management, at least in part.


Role-Based Access Control

A policy-neutral access-control mechanism defined around the concept of roles and privileges. The components of RBAC such as role-permissions, user-role and role-role relationships facilitate user assignments.


Research Infrastructure

Facilities that provide the required resources and services for research communities to conduct research and foster innovation.


Service Level Agreement

A Service Level Agreement sets out in detail what a Service Provider is required to provide as part of the agreement and the standard that the services they provide must achieve.


Service Level Specification

A Service Level Specification is part of a Service Level Agreement (SLA), in which the standards required of a service provider are set out. The SLS quantifies the minimum acceptable (technical) standards of service that are required.


Service Provider

A Service Provider is a vendor that provides IT solutions and/or services to end users and organizations.

VOVirtual OrganisationSynonym for CO. See CO.


Where Are You From-screen

A screen where the user selects what their Home Organisation is, so at which IdP they want to authenticate.

  • No labels