Op basis van het verzoek tijdens de 2FA-Requirement meeting van 23-09-2019 een eerste opzet (concept, work-in-progress) van een glossary voor SURFresearch Access Management.
A type or subset of multi-factor authentication. It is a method of confirming users' claimed identities by using a combination of two different factors; either something they know, something they have, or something they are.
Authenticatie & Autorisatie Infrastructuur
Warranting access to an environment only by people that have the right to use it can be achieved by implementing two distinct processes: authentication of users, and enforcement of authorization rules for users.
An European initiative launched to address the increased need for federated access and for authentication and authorisation mechanisms by research and e-infrastructures.
Attribute Release Policy
The release policy decides how attributes are to be released for a given service. Each policy has the ability to apply an optional filter.
Application Specific Passwords
A unique password that is valid for only one service or application.
Acceptable Use Policy
An acceptable use policy is a document stating rules, constraints, and practices that a user must agree upon before being allowed to access a service.
A (global) definition of an architecture, containing all important concepts, elements, (physical) components, their attributes and their interrelationships, which serves as a framework or industry standard.
Overarching structure or group in which researchers can be enlisted, to receive access to required services.
Initiative to meet the requirements of the EU Data Protection Directive in federated identity management, in line with GDPR Codes of Conduct
Data Processing Agreement
A legally binding document to be agreed upon between the data controller and the data processor in writing or in electronic form. It regulates the particularities of data processing – such as its scope and purpose – as well as the relationship between the controller and the processor.
Electronic IDentification Authentication and trust Services
eIDAS is an EU-defined set of standards for electronic identification and trust services for electronic transactions in the European Single Market.
European Open Science Cloud
Vision of the European Commission for a large infrastructure to support and develop open science and open innovation in Europe and beyond.
Findable, Accessible, Interoperable & Reusable
The FAIR data principles are a set of guiding principles in order to make data findable, accessible, interoperable and reusable. These principles provide guidance for scientific data management and stewardship.
Federative Identity Management
Having a common set of policies, practices and protocols in place to manage the identity and trust into users and devices across organizations.
A collection of tools and practices for planning the organization of-, and information provision within-, Dutch institutions for Higher Education.
iDentificeren & INloggen
Service offered by Dutch banks, enabling consumers to use the authentication methods of their own bank for identification, login, or age verification purposes at other organizations.
An Identity Provider is a system entity that creates, maintains, and manages identity information while providing authentication services to relying applications or services within a federation or distributed network. In practice: an institution has a database with user accounts. Certain software, in the Netherlands often Microsoft Active Directory, is used to allow usage of that user database to enable federated login at connected cloud services.
Lightweight Directory Access Protocol
A software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network environment.
Level of Assurance
Description of the degree of confidence in the processes leading up to and including an authentication. It provides assurance that the entity claiming a particular identity, is the entity to which that identity was assigned.
An authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence (factors) to an authentication mechanism: knowledge, possession, and inherence. Also see 2FA - Two-Factor Authentication
Ontwikkel – Test – Acceptatie - Productie
Methodology for phasing the software development process and software development environments.
One or more persons who are in charge of a specific research project.
Privacy Impact Assessment
A tool for identifying and assessing privacy risks throughout the development life cycle of a project. Based on the PIA results, mitigating measures can be taken to prevent or reduce effects for involved stakeholders.
Personally Identifiable Information
Any data that could potentially identify a specific individual. All information that can be used to distinguish one person from another, and can be used for de-anonymizing anonymous data, can be considered PII.
Entity category for Service Providers that are operated for the purpose of supporting research and scholarship interaction, collaboration or management, at least in part.
Role-Based Access Control
A policy-neutral access-control mechanism defined around the concept of roles and privileges. The components of RBAC such as role-permissions, user-role and role-role relationships facilitate user assignments.
Facilities that provide the required resources and services for research communities to conduct research and foster innovation.
Service Level Agreement
A Service Level Agreement sets out in detail what a Service Provider is required to provide as part of the agreement and the standard that the services they provide must achieve.
Service Level Specification
A Service Level Specification is part of a Service Level Agreement (SLA), in which the standards required of a service provider are set out. The SLS quantifies the minimum acceptable (technical) standards of service that are required.
A Service Provider is a vendor that provides IT solutions and/or services to end users and organizations.
|VO||Virtual Organisation||Synonym for CO. See CO.|
Where Are You From-screen
A screen where the user selects what their Home Organisation is, so at which IdP they want to authenticate.